airship/airshipctl
Code Issues Proposed changes

Upgrade capi to v0.3.7 and capm3 to v0.3.2

Browse Source 
* Added v0.3.7 version of capi
* Added v0.3.7 version of cacpk
* Added v0.3.2 version of camp4

Change-Id: I7b574ef8277192be8e5162384287e9e9ec211a1e
This commit is contained in:
Sirajudeen 2020-09-10 23:16:43 +00:00
parent f3af1b8066
commit 4e63c1dda2
130 changed files with 8897 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
manifests/function/cacpk/v0.3.7/certmanager/certificate.yaml Normal file
View File

@ -0,0 +1,25 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes
apiVersion: cert-manager.io/v1alpha2
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

5
manifests/function/cacpk/v0.3.7/certmanager/kustomization.yaml Normal file
View File

@ -0,0 +1,5 @@
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml

19
manifests/function/cacpk/v0.3.7/certmanager/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name
varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName

1165
manifests/function/cacpk/v0.3.7/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

24
manifests/function/cacpk/v0.3.7/crd/kustomization.yaml Normal file
View File

@ -0,0 +1,24 @@
commonLabels:
cluster.x-k8s.io/v1alpha3: v1alpha3
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/
resources:
- bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml
# +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
- patches/webhook_in_kubeadmcontrolplanes.yaml
# +kubebuilder:scaffold:crdkustomizewebhookpatch
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
# patches here are for enabling the CA injection for each CRD
- patches/cainjection_in_kubeadmcontrolplanes.yaml
# +kubebuilder:scaffold:crdkustomizecainjectionpatch
# the following config is for teaching kustomize how to do kustomization for CRDs.
configurations:
- kustomizeconfig.yaml

17
manifests/function/cacpk/v0.3.7/crd/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,17 @@
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/name
namespace:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/namespace
create: false
varReference:
- path: metadata/annotations

8
manifests/function/cacpk/v0.3.7/crd/patches/cainjection_in_kubeadmcontrolplanes.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io

19
manifests/function/cacpk/v0.3.7/crd/patches/webhook_in_kubeadmcontrolplanes.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

11
manifests/function/cacpk/v0.3.7/default/kustomization.yaml Normal file
View File

@ -0,0 +1,11 @@
namespace: capi-kubeadm-control-plane-system
resources:
- namespace.yaml
bases:
- ../rbac
- ../manager
patchesStrategicMerge:
- manager_role_aggregation_patch.yaml

15
manifests/function/cacpk/v0.3.7/default/manager_role_aggregation_patch.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: manager-role
labels:
kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: aggregated-manager-role

6
manifests/function/cacpk/v0.3.7/default/namespace.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system

17
manifests/function/cacpk/v0.3.7/kustomization.yaml Normal file
View File

@ -0,0 +1,17 @@
namePrefix: capi-kubeadm-control-plane-
commonLabels:
cluster.x-k8s.io/provider: "control-plane-kubeadm"
bases:
- crd
- default
- webhook
patchesJson6902:
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml

7
manifests/function/cacpk/v0.3.7/manager/kustomization.yaml Normal file
View File

@ -0,0 +1,7 @@
resources:
- manager.yaml
patchesStrategicMerge:
- manager_pull_policy.yaml
- manager_image_patch.yaml
- manager_auth_proxy_patch.yaml

28
manifests/function/cacpk/v0.3.7/manager/manager.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
spec:
selector:
matchLabels:
control-plane: controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: controller-manager
spec:
containers:
- command:
- /manager
args:
- --enable-leader-election
image: controller:latest
name: manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master

25
manifests/function/cacpk/v0.3.7/manager/manager_auth_proxy_patch.yaml Normal file
View File

@ -0,0 +1,25 @@
# This patch inject a sidecar container which is a HTTP proxy for the controller manager,
# it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: kube-rbac-proxy
image: ${CONTAINER_CACPK_AUTH_PROXY}
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
ports:
- containerPort: 8443
name: https
- name: manager
args:
- "--metrics-addr=127.0.0.1:8080"
- "--enable-leader-election"

11
manifests/function/cacpk/v0.3.7/manager/manager_image_patch.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- image: ${CONTAINER_CACPK_MANAGER}
name: manager

11
manifests/function/cacpk/v0.3.7/manager/manager_pull_policy.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

3
manifests/function/cacpk/v0.3.7/patch_crd_webhook_namespace.yaml Normal file
View File

@ -0,0 +1,3 @@
- op: replace
path: "/spec/conversion/webhook/clientConfig/service/namespace"
value: capi-webhook-system

9
manifests/function/cacpk/v0.3.7/rbac/aggregated_role.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: aggregated-manager-role
aggregationRule:
clusterRoleSelectors:
- matchLabels:
kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true"
rules: []

13
manifests/function/cacpk/v0.3.7/rbac/auth_proxy_role.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: proxy-role
rules:
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs: ["create"]
- apiGroups: ["authorization.k8s.io"]
resources:
- subjectaccessreviews
verbs: ["create"]

12
manifests/function/cacpk/v0.3.7/rbac/auth_proxy_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

14
manifests/function/cacpk/v0.3.7/rbac/auth_proxy_service.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
labels:
control-plane: controller-manager
name: controller-manager-metrics-service
namespace: system
spec:
ports:
- name: https
port: 8443
targetPort: https
selector:
control-plane: controller-manager

12
manifests/function/cacpk/v0.3.7/rbac/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
resources:
- role.yaml
- role_binding.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
# Comment the following 3 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
# which protects your /metrics endpoint.
- auth_proxy_service.yaml
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml
- aggregated_role.yaml

32
manifests/function/cacpk/v0.3.7/rbac/leader_election_role.yaml Normal file
View File

@ -0,0 +1,32 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create

12
manifests/function/cacpk/v0.3.7/rbac/leader_election_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

101
manifests/function/cacpk/v0.3.7/rbac/role.yaml Normal file
View File

@ -0,0 +1,101 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- bootstrap.cluster.x-k8s.io
- controlplane.cluster.x-k8s.io
- infrastructure.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusters/status
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machines
- machines/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: manager-role
namespace: kube-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- get
- list
- watch
- apiGroups:
- rbac
resources:
- rolebindings
verbs:
- create
- get
- list
- watch
- apiGroups:
- rbac
resources:
- roles
verbs:
- create
- get
- list
- watch

12
manifests/function/cacpk/v0.3.7/rbac/role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

43
manifests/function/cacpk/v0.3.7/webhook/kustomization.yaml Normal file
View File

@ -0,0 +1,43 @@
namespace: capi-webhook-system
resources:
- manifests.yaml
- service.yaml
- ../certmanager
- ../manager
configurations:
- kustomizeconfig.yaml
patchesStrategicMerge:
- manager_webhook_patch.yaml
- webhookcainjection_patch.yaml
vars:
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
kind: Service
version: v1
name: webhook-service
fieldref:
fieldpath: metadata.namespace
- name: SERVICE_NAME
objref:
kind: Service
version: v1
name: webhook-service

27
manifests/function/cacpk/v0.3.7/webhook/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,27 @@
# the following config is for teaching kustomize where to look at when substituting vars.
# It requires kustomize v2.1.0 or newer to work properly.
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
namespace:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
varReference:
- path: metadata/annotations
- kind: Deployment
path: spec/template/spec/volumes/secret/secretName

26
manifests/function/cacpk/v0.3.7/webhook/manager_webhook_patch.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
args:
- "--metrics-addr=127.0.0.1:8080"
- "--webhook-port=9443"
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
volumes:
- name: cert
secret:
defaultMode: 420
secretName: $(SERVICE_NAME)-cert

56
manifests/function/cacpk/v0.3.7/webhook/manifests.yaml Normal file
View File

@ -0,0 +1,56 @@
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: mutating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-controlplane-cluster-x-k8s-io-v1alpha3-kubeadmcontrolplane
failurePolicy: Fail
matchPolicy: Equivalent
name: default.kubeadmcontrolplane.controlplane.cluster.x-k8s.io
rules:
- apiGroups:
- controlplane.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- kubeadmcontrolplanes
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-controlplane-cluster-x-k8s-io-v1alpha3-kubeadmcontrolplane
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.kubeadmcontrolplane.controlplane.cluster.x-k8s.io
rules:
- apiGroups:
- controlplane.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- kubeadmcontrolplanes
sideEffects: None

10
manifests/function/cacpk/v0.3.7/webhook/service.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: webhook-service
namespace: system
spec:
ports:
- port: 443
targetPort: webhook-server

15
manifests/function/cacpk/v0.3.7/webhook/webhookcainjection_patch.yaml Normal file
View File

@ -0,0 +1,15 @@
# This patch add annotation to admission webhook config and
# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: mutating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)

24
manifests/function/capi/v0.3.7/certmanager/certificate.yaml Normal file
View File

@ -0,0 +1,24 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1alpha2
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

7
manifests/function/capi/v0.3.7/certmanager/kustomization.yaml Normal file
View File

@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml

19
manifests/function/capi/v0.3.7/certmanager/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name
varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName

19
manifests/function/capi/v0.3.7/ci/kustomization.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Adds namespace to all resources.
namespace: provider-system
# Value of this field is prepended to the
# names of all resources, e.g. a deployment named
# "wordpress" becomes "alices-wordpress".
# Note that it should also match with the prefix (text before '-') of the namespace
# field above.
namePrefix: provider-
patchesStrategicMerge:
- manager_role_aggregation_patch.yaml
resources:
- namespace.yaml
- ./rbac
- ./manager

12
manifests/function/capi/v0.3.7/ci/manager/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Each entry in this list must resolve to an existing
# resource definition in YAML. These are the resource
# files that kustomize reads, modifies and emits as a
# YAML string, with resources separated by document
# markers ("---").
resources:
- manager.yaml
patchesStrategicMerge:
- manager_image_patch.yaml

26
manifests/function/capi/v0.3.7/ci/manager/manager_auth_proxy_patch.yaml Normal file
View File

@ -0,0 +1,26 @@
# This patch inject a sidecar container which is a HTTP proxy for the controller manager,
# it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: kube-rbac-proxy
image: ${CONTAINER_CAPI_AUTH_PROXY}
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
ports:
- containerPort: 8443
name: https
- name: manager
args:
- "--metrics-addr=127.0.0.1:8080"
- "--enable-leader-election"
- "--feature-gates=MachinePool=false,ClusterResourceSet=false"

11
manifests/function/capi/v0.3.7/ci/manager/manager_image_patch.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- image: gcr.io/k8s-staging-cluster-api/cluster-api-controller:v0.3.7
name: manager

11
manifests/function/capi/v0.3.7/ci/manager/manager_pull_policy.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

15
manifests/function/capi/v0.3.7/ci/manager_role_aggregation_patch.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: manager-role
labels:
cluster.x-k8s.io/aggregate-to-manager: "true"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: aggregated-manager-role

6
manifests/function/capi/v0.3.7/ci/namespace.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system

19
manifests/function/capi/v0.3.7/ci/rbac/kustomization.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Each entry in this list must resolve to an existing
# resource definition in YAML. These are the resource
# files that kustomize reads, modifies and emits as a
# YAML string, with resources separated by document
# markers ("---").
resources:
- role_binding.yaml
- role.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
- aggregated_role.yaml
# Comment the following 3 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
# which protects your /metrics endpoint.
- auth_proxy_service.yaml
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml

33
manifests/function/capi/v0.3.7/ci/rbac/leader_election_role.yaml Normal file
View File

@ -0,0 +1,33 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create

12
manifests/function/capi/v0.3.7/ci/rbac/leader_election_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

109
manifests/function/capi/v0.3.7/crd/bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml Normal file
View File

@ -0,0 +1,109 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: clusterresourcesetbindings.addons.cluster.x-k8s.io
spec:
group: addons.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: ClusterResourceSetBinding
listKind: ClusterResourceSetBindingList
plural: clusterresourcesetbindings
singular: clusterresourcesetbinding
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: ClusterResourceSetBinding lists all matching ClusterResourceSets
with the cluster it belongs to.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterResourceSetBindingSpec defines the desired state of
ClusterResourceSetBinding
properties:
bindings:
description: Bindings is a list of ClusterResourceSets and their resources.
items:
description: ResourceSetBinding keeps info on all of the resources
in a ClusterResourceSet.
properties:
clusterResourceSetName:
description: ClusterResourceSetName is the name of the ClusterResourceSet
that is applied to the owner cluster of the binding.
type: string
resources:
description: Resources is a list of resources that the ClusterResourceSet
has.
items:
description: ResourceBinding shows the status of a resource
that belongs to a ClusterResourceSet matched by the owner
cluster of the ClusterResourceSetBinding object.
properties:
applied:
description: Applied is to track if a resource is applied
to the cluster or not.
type: boolean
hash:
description: Hash is the hash of a resource's data. This
can be used to decide if a resource is changed. For
"ApplyOnce" ClusterResourceSet.spec.strategy, this is
no-op as that strategy does not act on change.
type: string
kind:
description: 'Kind of the resource. Supported kinds are:
Secrets and ConfigMaps.'
enum:
- Secret
- ConfigMap
type: string
lastAppliedTime:
description: LastAppliedTime identifies when this resource
was last applied to the cluster.
format: date-time
type: string
name:
description: Name of the resource that is in the same
namespace with ClusterResourceSet object.
minLength: 1
type: string
required:
- applied
- kind
- name
type: object
type: array
required:
- clusterResourceSetName
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

183
manifests/function/capi/v0.3.7/crd/bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml Normal file
View File

@ -0,0 +1,183 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: clusterresourcesets.addons.cluster.x-k8s.io
spec:
group: addons.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: ClusterResourceSet
listKind: ClusterResourceSetList
plural: clusterresourcesets
singular: clusterresourceset
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: ClusterResourceSet is the Schema for the clusterresourcesets
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet
properties:
clusterSelector:
description: Label selector for Clusters. The Clusters that are selected
by this will be the ones affected by this ClusterResourceSet. It
must match the Cluster labels. This field is immutable.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
resources:
description: Resources is a list of Secrets/ConfigMaps where each
contains 1 or more resources to be applied to remote clusters.
items:
description: ResourceRef specifies a resource.
properties:
kind:
description: 'Kind of the resource. Supported kinds are: Secrets
and ConfigMaps.'
enum:
- Secret
- ConfigMap
type: string
name:
description: Name of the resource that is in the same namespace
with ClusterResourceSet object.
minLength: 1
type: string
required:
- kind
- name
type: object
type: array
strategy:
description: Strategy is the strategy to be used during applying resources.
Defaults to ApplyOnce. This field is immutable.
enum:
- ApplyOnce
type: string
required:
- clusterSelector
type: object
status:
description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet
properties:
conditions:
description: Conditions defines current state of the ClusterResourceSet.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration reflects the generation of the most
recently observed ClusterResourceSet.
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

426
manifests/function/capi/v0.3.7/crd/bases/cluster.x-k8s.io_clusters.yaml Normal file
View File

@ -0,0 +1,426 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: clusters.cluster.x-k8s.io
spec:
group: cluster.x-k8s.io
names:
categories:
- cluster-api
kind: Cluster
listKind: ClusterList
plural: clusters
shortNames:
- cl
singular: cluster
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed
jsonPath: .status.phase
name: Phase
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: Cluster is the Schema for the clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterSpec defines the desired state of Cluster
properties:
clusterNetwork:
description: Cluster network configuration
properties:
apiServerPort:
description: APIServerPort specifies the port the API Server should
bind to. Defaults to 6443.
format: int32
type: integer
pods:
description: The network ranges from which Pod networks are allocated.
properties:
cidrBlocks:
items:
type: string
type: array
required:
- cidrBlocks
type: object
serviceDomain:
description: Domain name for services.
type: string
services:
description: The network ranges from which service VIPs are allocated.
properties:
cidrBlocks:
items:
type: string
type: array
required:
- cidrBlocks
type: object
type: object
infrastructureRef:
description: InfrastructureRef is a reference to a provider-specific
resource that holds the details for provisioning infrastructure
for a cluster in said provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: object
status:
description: ClusterStatus defines the observed state of Cluster
properties:
apiEndpoints:
description: APIEndpoints represents the endpoints to communicate
with the control plane.
items:
description: APIEndpoint represents a reachable Kubernetes API endpoint.
properties:
host:
description: The hostname on which the API server is serving.
type: string
port:
description: The port on which the API server is serving.
type: integer
required:
- host
- port
type: object
type: array
controlPlaneInitialized:
description: ControlPlaneInitialized defines if the control plane
has been initialized.
type: boolean
errorMessage:
description: ErrorMessage indicates that there is a problem reconciling
the state, and will be set to a descriptive error message.
type: string
errorReason:
description: ErrorReason indicates that there is a problem reconciling
the state, and will be set to a token value suitable for programmatic
interpretation.
type: string
infrastructureReady:
description: InfrastructureReady is the state of the infrastructure
provider.
type: boolean
phase:
description: Phase represents the current phase of cluster actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed
jsonPath: .status.phase
name: Phase
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: Cluster is the Schema for the clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterSpec defines the desired state of Cluster
properties:
clusterNetwork:
description: Cluster network configuration.
properties:
apiServerPort:
description: APIServerPort specifies the port the API Server should
bind to. Defaults to 6443.
format: int32
type: integer
pods:
description: The network ranges from which Pod networks are allocated.
properties:
cidrBlocks:
items:
type: string
type: array
required:
- cidrBlocks
type: object
serviceDomain:
description: Domain name for services.
type: string
services:
description: The network ranges from which service VIPs are allocated.
properties:
cidrBlocks:
items:
type: string
type: array
required:
- cidrBlocks
type: object
type: object
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint used to
communicate with the control plane.
properties:
host:
description: The hostname on which the API server is serving.
type: string
port:
description: The port on which the API server is serving.
format: int32
type: integer
required:
- host
- port
type: object
controlPlaneRef:
description: ControlPlaneRef is an optional reference to a provider-specific
resource that holds the details for provisioning the Control Plane
for a Cluster.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
infrastructureRef:
description: InfrastructureRef is a reference to a provider-specific
resource that holds the details for provisioning infrastructure
for a cluster in said provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
paused:
description: Paused can be used to prevent controllers from processing
the Cluster and all its associated objects.
type: boolean
type: object
status:
description: ClusterStatus defines the observed state of Cluster
properties:
conditions:
description: Conditions defines current service state of the cluster.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
controlPlaneInitialized:
description: ControlPlaneInitialized defines if the control plane
has been initialized.
type: boolean
controlPlaneReady:
description: ControlPlaneReady defines if the control plane is ready.
type: boolean
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster API failure
domains. It allows controllers to understand how many failure
domains a cluster can optionally span across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes an
infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure domain
is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains is a slice of failure domain objects synced
from the infrastructure provider.
type: object
failureMessage:
description: FailureMessage indicates that there is a fatal problem
reconciling the state, and will be set to a descriptive error message.
type: string
failureReason:
description: FailureReason indicates that there is a fatal problem
reconciling the state, and will be set to a token value suitable
for programmatic interpretation.
type: string
infrastructureReady:
description: InfrastructureReady is the state of the infrastructure
provider.
type: boolean
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
phase:
description: Phase represents the current phase of cluster actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

1016
manifests/function/capi/v0.3.7/crd/bases/cluster.x-k8s.io_machinedeployments.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

187
manifests/function/capi/v0.3.7/crd/bases/cluster.x-k8s.io_machinehealthchecks.yaml Normal file
View File

@ -0,0 +1,187 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: machinehealthchecks.cluster.x-k8s.io
spec:
group: cluster.x-k8s.io
names:
categories:
- cluster-api
kind: MachineHealthCheck
listKind: MachineHealthCheckList
plural: machinehealthchecks
shortNames:
- mhc
- mhcs
singular: machinehealthcheck
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Maximum number of unhealthy machines allowed
jsonPath: .spec.maxUnhealthy
name: MaxUnhealthy
type: string
- description: Number of machines currently monitored
jsonPath: .status.expectedMachines
name: ExpectedMachines
type: integer
- description: Current observed healthy machines
jsonPath: .status.currentHealthy
name: CurrentHealthy
type: integer
name: v1alpha3
schema:
openAPIV3Schema:
description: MachineHealthCheck is the Schema for the machinehealthchecks
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of machine health check policy
properties:
clusterName:
description: ClusterName is the name of the Cluster this object belongs
to.
minLength: 1
type: string
maxUnhealthy:
anyOf:
- type: integer
- type: string
description: Any further remediation is only allowed if at most "MaxUnhealthy"
machines selected by "selector" are not healthy.
x-kubernetes-int-or-string: true
nodeStartupTimeout:
description: Machines older than this duration without a node will
be considered to have failed and will be remediated.
type: string
selector:
description: Label selector to match machines whose health will be
exercised
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
unhealthyConditions:
description: UnhealthyConditions contains a list of the conditions
that determine whether a node is considered unhealthy. The conditions
are combined in a logical OR, i.e. if any of the conditions is met,
the node is unhealthy.
items:
description: UnhealthyCondition represents a Node condition type
and value with a timeout specified as a duration. When the named
condition has been in the given status for at least the timeout
value, a node is considered unhealthy.
properties:
status:
minLength: 1
type: string
timeout:
type: string
type:
minLength: 1
type: string
required:
- status
- timeout
- type
type: object
minItems: 1
type: array
required:
- clusterName
- selector
- unhealthyConditions
type: object
status:
description: Most recently observed status of MachineHealthCheck resource
properties:
currentHealthy:
description: total number of healthy machines counted by this machine
health check
format: int32
minimum: 0
type: integer
expectedMachines:
description: total number of machines counted by this machine health
check
format: int32
minimum: 0
type: integer
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
targets:
description: Targets shows the current list of machines the machine
health check is watching
items:
type: string
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

708
manifests/function/capi/v0.3.7/crd/bases/cluster.x-k8s.io_machines.yaml Normal file
View File

@ -0,0 +1,708 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: machines.cluster.x-k8s.io
spec:
group: cluster.x-k8s.io
names:
categories:
- cluster-api
kind: Machine
listKind: MachineList
plural: machines
shortNames:
- ma
singular: machine
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Provider ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: Machine status such as Terminating/Pending/Running/Failed etc
jsonPath: .status.phase
name: Phase
type: string
- description: Node name associated with this machine
jsonPath: .status.nodeRef.name
name: NodeName
priority: 1
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: Machine is the Schema for the machines API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MachineSpec defines the desired state of Machine
properties:
bootstrap:
description: Bootstrap is a reference to a local struct which encapsulates
fields to configure the Machines bootstrapping mechanism.
properties:
configRef:
description: ConfigRef is a reference to a bootstrap provider-specific
resource that holds configuration details. The reference is
optional to allow users/operators to specify Bootstrap.Data
without the need of a controller.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
data:
description: Data contains the bootstrap data, such as cloud-init
details scripts. If nil, the Machine should remain in the Pending
state.
type: string
type: object
infrastructureRef:
description: InfrastructureRef is a required reference to a custom
resource offered by an infrastructure provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
metadata:
description: 'DEPRECATED: ObjectMeta has no function and isn''t used
anywhere.'
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value map stored
with a resource that may be set by external tools to store and
retrieve arbitrary metadata. They are not queryable and should
be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
generateName:
description: "GenerateName is an optional prefix, used by the
server, to generate a unique name ONLY IF the Name field has
not been provided. If this field is used, the name returned
to the client will be different than the name passed. This value
will also be combined with a unique suffix. The provided value
has the same validation rules as the Name field, and may be
truncated by the length of the suffix required to make the value
unique on the server. \n If this field is specified and the
generated name exists, the server will NOT return a 409 - instead,
it will either return 201 Created or 500 with Reason ServerTimeout
indicating a unique name could not be found in the time allotted,
and the client should retry (optionally after the time indicated
in the Retry-After header). \n Applied only if Name is not specified.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
type: string
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can be used to
organize and categorize (scope and select) objects. May match
selectors of replication controllers and services. More info:
http://kubernetes.io/docs/user-guide/labels'
type: object
name:
description: 'Name must be unique within a namespace. Is required
when creating resources, although some resources may allow a
client to request the generation of an appropriate name automatically.
Name is primarily intended for creation idempotence and configuration
definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
namespace:
description: "Namespace defines the space within each name must
be unique. An empty namespace is equivalent to the \"default\"
namespace, but \"default\" is the canonical representation.
Not all objects are required to be scoped to a namespace - the
value of this field for those objects will be empty. \n Must
be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
ownerReferences:
description: List of objects depended by this object. If ALL objects
in the list have been deleted, this object will be garbage collected.
If this object is managed by a controller, then an entry in
this list will point to this controller, with the controller
field set to true. There cannot be more than one managing controller.
items:
description: OwnerReference contains enough information to let
you identify an owning object. An owning object must be in
the same namespace as the dependent, or be cluster-scoped,
so there is no namespace field.
properties:
apiVersion:
description: API version of the referent.
type: string
blockOwnerDeletion:
description: If true, AND if the owner has the "foregroundDeletion"
finalizer, then the owner cannot be deleted from the key-value
store until this reference is removed. Defaults to false.
To set this field, a user needs "delete" permission of
the owner, otherwise 422 (Unprocessable Entity) will be
returned.
type: boolean
controller:
description: If true, this reference points to the managing
controller.
type: boolean
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
uid:
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
type: string
required:
- apiVersion
- kind
- name
- uid
type: object
type: array
type: object
providerID:
description: ProviderID is the identification ID of the machine provided
by the provider. This field must match the provider ID as seen on
the node object corresponding to this machine. This field is required
by higher level consumers of cluster-api. Example use case is cluster
autoscaler with cluster-api as provider. Clean-up logic in the autoscaler
compares machines to nodes to find out machines at provider which
could not get registered as Kubernetes nodes. With cluster-api as
a generic out-of-tree provider for autoscaler, this field is required
by autoscaler to be able to have a provider view of the list of
machines. Another list of nodes is queried from the k8s apiserver
and then a comparison is done to find out unregistered machines
and are marked for delete. This field will be set by the actuators
and consumed by higher level entities like autoscaler that will
be interfacing with cluster-api as generic provider.
type: string
version:
description: Version defines the desired Kubernetes version. This
field is meant to be optionally used by bootstrap providers.
type: string
required:
- bootstrap
- infrastructureRef
type: object
status:
description: MachineStatus defines the observed state of Machine
properties:
addresses:
description: Addresses is a list of addresses assigned to the machine.
This field is copied from the infrastructure provider reference.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapReady:
description: BootstrapReady is the state of the bootstrap provider.
type: boolean
errorMessage:
description: "ErrorMessage will be set in the event that there is
a terminal problem reconciling the Machine and will contain a more
verbose string suitable for logging and human consumption. \n This
field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the Machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of Machines can be added as events
to the Machine object and/or logged in the controller's output."
type: string
errorReason:
description: "ErrorReason will be set in the event that there is a
terminal problem reconciling the Machine and will contain a succinct
value suitable for machine interpretation. \n This field should
not be set for transitive errors that a controller faces that are
expected to be fixed automatically over time (like service outages),
but instead indicate that something is fundamentally wrong with
the Machine's spec or the configuration of the controller, and that
manual intervention is required. Examples of terminal errors would
be invalid combinations of settings in the spec, values that are
unsupported by the controller, or the responsible controller itself
being critically misconfigured. \n Any transient errors that occur
during the reconciliation of Machines can be added as events to
the Machine object and/or logged in the controller's output."
type: string
infrastructureReady:
description: InfrastructureReady is the state of the infrastructure
provider.
type: boolean
lastUpdated:
description: LastUpdated identifies when this status was last observed.
format: date-time
type: string
nodeRef:
description: NodeRef will point to the corresponding Node if it exists.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
phase:
description: Phase represents the current phase of machine actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
version:
description: Version specifies the current version of Kubernetes running
on the corresponding Node. This is meant to be a means of bubbling
up status from the Node to the Machine. It is entirely optional,
but useful for end-user UX if its present.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- description: Provider ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: Machine status such as Terminating/Pending/Running/Failed etc
jsonPath: .status.phase
name: Phase
type: string
- description: Node name associated with this machine
jsonPath: .status.nodeRef.name
name: NodeName
priority: 1
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: Machine is the Schema for the machines API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MachineSpec defines the desired state of Machine
properties:
bootstrap:
description: Bootstrap is a reference to a local struct which encapsulates
fields to configure the Machines bootstrapping mechanism.
properties:
configRef:
description: ConfigRef is a reference to a bootstrap provider-specific
resource that holds configuration details. The reference is
optional to allow users/operators to specify Bootstrap.Data
without the need of a controller.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
data:
description: "Data contains the bootstrap data, such as cloud-init
details scripts. If nil, the Machine should remain in the Pending
state. \n Deprecated: This field has been deprecated in v1alpha3
and will be removed in a future version. Switch to DataSecretName."
type: string
dataSecretName:
description: DataSecretName is the name of the secret that stores
the bootstrap data script. If nil, the Machine should remain
in the Pending state.
type: string
type: object
clusterName:
description: ClusterName is the name of the Cluster this object belongs
to.
minLength: 1
type: string
failureDomain:
description: FailureDomain is the failure domain the machine will
be created in. Must match a key in the FailureDomains map stored
on the cluster object.
type: string
infrastructureRef:
description: InfrastructureRef is a required reference to a custom
resource offered by an infrastructure provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
providerID:
description: ProviderID is the identification ID of the machine provided
by the provider. This field must match the provider ID as seen on
the node object corresponding to this machine. This field is required
by higher level consumers of cluster-api. Example use case is cluster
autoscaler with cluster-api as provider. Clean-up logic in the autoscaler
compares machines to nodes to find out machines at provider which
could not get registered as Kubernetes nodes. With cluster-api as
a generic out-of-tree provider for autoscaler, this field is required
by autoscaler to be able to have a provider view of the list of
machines. Another list of nodes is queried from the k8s apiserver
and then a comparison is done to find out unregistered machines
and are marked for delete. This field will be set by the actuators
and consumed by higher level entities like autoscaler that will
be interfacing with cluster-api as generic provider.
type: string
version:
description: Version defines the desired Kubernetes version. This
field is meant to be optionally used by bootstrap providers.
type: string
required:
- bootstrap
- clusterName
- infrastructureRef
type: object
status:
description: MachineStatus defines the observed state of Machine
properties:
addresses:
description: Addresses is a list of addresses assigned to the machine.
This field is copied from the infrastructure provider reference.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapReady:
description: BootstrapReady is the state of the bootstrap provider.
type: boolean
conditions:
description: Conditions defines current service state of the Machine.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
failureMessage:
description: "FailureMessage will be set in the event that there is
a terminal problem reconciling the Machine and will contain a more
verbose string suitable for logging and human consumption. \n This
field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the Machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of Machines can be added as events
to the Machine object and/or logged in the controller's output."
type: string
failureReason:
description: "FailureReason will be set in the event that there is
a terminal problem reconciling the Machine and will contain a succinct
value suitable for machine interpretation. \n This field should
not be set for transitive errors that a controller faces that are
expected to be fixed automatically over time (like service outages),
but instead indicate that something is fundamentally wrong with
the Machine's spec or the configuration of the controller, and that
manual intervention is required. Examples of terminal errors would
be invalid combinations of settings in the spec, values that are
unsupported by the controller, or the responsible controller itself
being critically misconfigured. \n Any transient errors that occur
during the reconciliation of Machines can be added as events to
the Machine object and/or logged in the controller's output."
type: string
infrastructureReady:
description: InfrastructureReady is the state of the infrastructure
provider.
type: boolean
lastUpdated:
description: LastUpdated identifies when the phase of the Machine
last transitioned.
format: date-time
type: string
nodeRef:
description: NodeRef will point to the corresponding Node if it exists.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
phase:
description: Phase represents the current phase of machine actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
version:
description: Version specifies the current version of Kubernetes running
on the corresponding Node. This is meant to be a means of bubbling
up status from the Node to the Machine. It is entirely optional,
but useful for end-user UX if its present.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

928
manifests/function/capi/v0.3.7/crd/bases/cluster.x-k8s.io_machinesets.yaml Normal file
View File

@ -0,0 +1,928 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: machinesets.cluster.x-k8s.io
spec:
group: cluster.x-k8s.io
names:
categories:
- cluster-api
kind: MachineSet
listKind: MachineSetList
plural: machinesets
shortNames:
- ms
singular: machineset
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: MachineSet is the Schema for the machinesets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MachineSetSpec defines the desired state of MachineSet
properties:
deletePolicy:
description: DeletePolicy defines the policy used to identify nodes
to delete when downscaling. Defaults to "Random". Valid values
are "Random, "Newest", "Oldest"
enum:
- Random
- Newest
- Oldest
type: string
minReadySeconds:
description: MinReadySeconds is the minimum number of seconds for
which a newly created machine should be ready. Defaults to 0 (machine
will be considered available as soon as it is ready)
format: int32
type: integer
replicas:
description: Replicas is the number of desired replicas. This is a
pointer to distinguish between explicit zero and unspecified. Defaults
to 1.
format: int32
type: integer
selector:
description: 'Selector is a label query over machines that should
match the replica count. Label keys and values that must match in
order to be controlled by this MachineSet. It must match the machine
template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
template:
description: Template is the object that describes the machine that
will be created if insufficient replicas are detected. Object references
to custom resources resources are treated as templates.
properties:
metadata:
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not queryable
and should be preserved when modifying objects. More info:
http://kubernetes.io/docs/user-guide/annotations'
type: object
generateName:
description: "GenerateName is an optional prefix, used by
the server, to generate a unique name ONLY IF the Name field
has not been provided. If this field is used, the name returned
to the client will be different than the name passed. This
value will also be combined with a unique suffix. The provided
value has the same validation rules as the Name field, and
may be truncated by the length of the suffix required to
make the value unique on the server. \n If this field is
specified and the generated name exists, the server will
NOT return a 409 - instead, it will either return 201 Created
or 500 with Reason ServerTimeout indicating a unique name
could not be found in the time allotted, and the client
should retry (optionally after the time indicated in the
Retry-After header). \n Applied only if Name is not specified.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
type: string
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can be used
to organize and categorize (scope and select) objects. May
match selectors of replication controllers and services.
More info: http://kubernetes.io/docs/user-guide/labels'
type: object
name:
description: 'Name must be unique within a namespace. Is required
when creating resources, although some resources may allow
a client to request the generation of an appropriate name
automatically. Name is primarily intended for creation idempotence
and configuration definition. Cannot be updated. More info:
http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
namespace:
description: "Namespace defines the space within each name
must be unique. An empty namespace is equivalent to the
\"default\" namespace, but \"default\" is the canonical
representation. Not all objects are required to be scoped
to a namespace - the value of this field for those objects
will be empty. \n Must be a DNS_LABEL. Cannot be updated.
More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
ownerReferences:
description: List of objects depended by this object. If ALL
objects in the list have been deleted, this object will
be garbage collected. If this object is managed by a controller,
then an entry in this list will point to this controller,
with the controller field set to true. There cannot be more
than one managing controller.
items:
description: OwnerReference contains enough information
to let you identify an owning object. An owning object
must be in the same namespace as the dependent, or be
cluster-scoped, so there is no namespace field.
properties:
apiVersion:
description: API version of the referent.
type: string
blockOwnerDeletion:
description: If true, AND if the owner has the "foregroundDeletion"
finalizer, then the owner cannot be deleted from the
key-value store until this reference is removed. Defaults
to false. To set this field, a user needs "delete"
permission of the owner, otherwise 422 (Unprocessable
Entity) will be returned.
type: boolean
controller:
description: If true, this reference points to the managing
controller.
type: boolean
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
uid:
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
type: string
required:
- apiVersion
- kind
- name
- uid
type: object
type: array
type: object
spec:
description: 'Specification of the desired behavior of the machine.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
bootstrap:
description: Bootstrap is a reference to a local struct which
encapsulates fields to configure the Machines bootstrapping
mechanism.
properties:
configRef:
description: ConfigRef is a reference to a bootstrap provider-specific
resource that holds configuration details. The reference
is optional to allow users/operators to specify Bootstrap.Data
without the need of a controller.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only
to have some well-defined way of referencing a part
of an object. TODO: this design is not final and
this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
data:
description: Data contains the bootstrap data, such as
cloud-init details scripts. If nil, the Machine should
remain in the Pending state.
type: string
type: object
infrastructureRef:
description: InfrastructureRef is a required reference to
a custom resource offered by an infrastructure provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that
triggered the event) or if no container name is specified
"spec.containers[2]" (container with index 2 in this
pod). This syntax is chosen only to have some well-defined
way of referencing a part of an object. TODO: this design
is not final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
metadata:
description: 'DEPRECATED: ObjectMeta has no function and isn''t
used anywhere.'
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value
map stored with a resource that may be set by external
tools to store and retrieve arbitrary metadata. They
are not queryable and should be preserved when modifying
objects. More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
generateName:
description: "GenerateName is an optional prefix, used
by the server, to generate a unique name ONLY IF the
Name field has not been provided. If this field is used,
the name returned to the client will be different than
the name passed. This value will also be combined with
a unique suffix. The provided value has the same validation
rules as the Name field, and may be truncated by the
length of the suffix required to make the value unique
on the server. \n If this field is specified and the
generated name exists, the server will NOT return a
409 - instead, it will either return 201 Created or
500 with Reason ServerTimeout indicating a unique name
could not be found in the time allotted, and the client
should retry (optionally after the time indicated in
the Retry-After header). \n Applied only if Name is
not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
type: string
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can be
used to organize and categorize (scope and select) objects.
May match selectors of replication controllers and services.
More info: http://kubernetes.io/docs/user-guide/labels'
type: object
name:
description: 'Name must be unique within a namespace.
Is required when creating resources, although some resources
may allow a client to request the generation of an appropriate
name automatically. Name is primarily intended for creation
idempotence and configuration definition. Cannot be
updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
namespace:
description: "Namespace defines the space within each
name must be unique. An empty namespace is equivalent
to the \"default\" namespace, but \"default\" is the
canonical representation. Not all objects are required
to be scoped to a namespace - the value of this field
for those objects will be empty. \n Must be a DNS_LABEL.
Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
ownerReferences:
description: List of objects depended by this object.
If ALL objects in the list have been deleted, this object
will be garbage collected. If this object is managed
by a controller, then an entry in this list will point
to this controller, with the controller field set to
true. There cannot be more than one managing controller.
items:
description: OwnerReference contains enough information
to let you identify an owning object. An owning object
must be in the same namespace as the dependent, or
be cluster-scoped, so there is no namespace field.
properties:
apiVersion:
description: API version of the referent.
type: string
blockOwnerDeletion:
description: If true, AND if the owner has the "foregroundDeletion"
finalizer, then the owner cannot be deleted from
the key-value store until this reference is removed.
Defaults to false. To set this field, a user needs
"delete" permission of the owner, otherwise 422
(Unprocessable Entity) will be returned.
type: boolean
controller:
description: If true, this reference points to the
managing controller.
type: boolean
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
uid:
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
type: string
required:
- apiVersion
- kind
- name
- uid
type: object
type: array
type: object
providerID:
description: ProviderID is the identification ID of the machine
provided by the provider. This field must match the provider
ID as seen on the node object corresponding to this machine.
This field is required by higher level consumers of cluster-api.
Example use case is cluster autoscaler with cluster-api
as provider. Clean-up logic in the autoscaler compares machines
to nodes to find out machines at provider which could not
get registered as Kubernetes nodes. With cluster-api as
a generic out-of-tree provider for autoscaler, this field
is required by autoscaler to be able to have a provider
view of the list of machines. Another list of nodes is queried
from the k8s apiserver and then a comparison is done to
find out unregistered machines and are marked for delete.
This field will be set by the actuators and consumed by
higher level entities like autoscaler that will be interfacing
with cluster-api as generic provider.
type: string
version:
description: Version defines the desired Kubernetes version.
This field is meant to be optionally used by bootstrap providers.
type: string
required:
- bootstrap
- infrastructureRef
type: object
type: object
required:
- selector
type: object
status:
description: MachineSetStatus defines the observed state of MachineSet
properties:
availableReplicas:
description: The number of available replicas (ready for at least
minReadySeconds) for this MachineSet.
format: int32
type: integer
errorMessage:
type: string
errorReason:
description: "In the event that there is a terminal problem reconciling
the replicas, both ErrorReason and ErrorMessage will be set. ErrorReason
will be populated with a succinct value suitable for machine interpretation,
while ErrorMessage will contain a more verbose string suitable for
logging and human consumption. \n These fields should not be set
for transitive errors that a controller faces that are expected
to be fixed automatically over time (like service outages), but
instead indicate that something is fundamentally wrong with the
MachineTemplate's spec or the configuration of the machine controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the machine controller, or the responsible machine
controller itself being critically misconfigured. \n Any transient
errors that occur during the reconciliation of Machines can be added
as events to the MachineSet object and/or logged in the controller's
output."
type: string
fullyLabeledReplicas:
description: The number of replicas that have labels matching the
labels of the machine template of the MachineSet.
format: int32
type: integer
observedGeneration:
description: ObservedGeneration reflects the generation of the most
recently observed MachineSet.
format: int64
type: integer
readyReplicas:
description: The number of ready replicas for this MachineSet. A machine
is considered ready when the node has been created and is "Ready".
format: int32
type: integer
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
selector:
description: 'Selector is the same as the label selector but in the
string format to avoid introspection by clients. The string will
be in the same format as the query-param syntax. More info about
label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
type: string
required:
- replicas
type: object
type: object
served: true
storage: false
subresources:
scale:
labelSelectorPath: .status.selector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
- additionalPrinterColumns:
- description: Total number of non-terminated machines targeted by this machineset
jsonPath: .status.replicas
name: Replicas
type: integer
- description: Total number of available machines (ready for at least minReadySeconds)
jsonPath: .status.availableReplicas
name: Available
type: integer
- description: Total number of ready machines targeted by this machineset.
jsonPath: .status.readyReplicas
name: Ready
type: integer
name: v1alpha3
schema:
openAPIV3Schema:
description: MachineSet is the Schema for the machinesets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MachineSetSpec defines the desired state of MachineSet
properties:
clusterName:
description: ClusterName is the name of the Cluster this object belongs
to.
minLength: 1
type: string
deletePolicy:
description: DeletePolicy defines the policy used to identify nodes
to delete when downscaling. Defaults to "Random". Valid values
are "Random, "Newest", "Oldest"
enum:
- Random
- Newest
- Oldest
type: string
minReadySeconds:
description: MinReadySeconds is the minimum number of seconds for
which a newly created machine should be ready. Defaults to 0 (machine
will be considered available as soon as it is ready)
format: int32
type: integer
replicas:
description: Replicas is the number of desired replicas. This is a
pointer to distinguish between explicit zero and unspecified. Defaults
to 1.
format: int32
type: integer
selector:
description: 'Selector is a label query over machines that should
match the replica count. Label keys and values that must match in
order to be controlled by this MachineSet. It must match the machine
template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
template:
description: Template is the object that describes the machine that
will be created if insufficient replicas are detected. Object references
to custom resources resources are treated as templates.
properties:
metadata:
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not queryable
and should be preserved when modifying objects. More info:
http://kubernetes.io/docs/user-guide/annotations'
type: object
generateName:
description: "GenerateName is an optional prefix, used by
the server, to generate a unique name ONLY IF the Name field
has not been provided. If this field is used, the name returned
to the client will be different than the name passed. This
value will also be combined with a unique suffix. The provided
value has the same validation rules as the Name field, and
may be truncated by the length of the suffix required to
make the value unique on the server. \n If this field is
specified and the generated name exists, the server will
NOT return a 409 - instead, it will either return 201 Created
or 500 with Reason ServerTimeout indicating a unique name
could not be found in the time allotted, and the client
should retry (optionally after the time indicated in the
Retry-After header). \n Applied only if Name is not specified.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
type: string
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can be used
to organize and categorize (scope and select) objects. May
match selectors of replication controllers and services.
More info: http://kubernetes.io/docs/user-guide/labels'
type: object
name:
description: 'Name must be unique within a namespace. Is required
when creating resources, although some resources may allow
a client to request the generation of an appropriate name
automatically. Name is primarily intended for creation idempotence
and configuration definition. Cannot be updated. More info:
http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
namespace:
description: "Namespace defines the space within each name
must be unique. An empty namespace is equivalent to the
\"default\" namespace, but \"default\" is the canonical
representation. Not all objects are required to be scoped
to a namespace - the value of this field for those objects
will be empty. \n Must be a DNS_LABEL. Cannot be updated.
More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
ownerReferences:
description: List of objects depended by this object. If ALL
objects in the list have been deleted, this object will
be garbage collected. If this object is managed by a controller,
then an entry in this list will point to this controller,
with the controller field set to true. There cannot be more
than one managing controller.
items:
description: OwnerReference contains enough information
to let you identify an owning object. An owning object
must be in the same namespace as the dependent, or be
cluster-scoped, so there is no namespace field.
properties:
apiVersion:
description: API version of the referent.
type: string
blockOwnerDeletion:
description: If true, AND if the owner has the "foregroundDeletion"
finalizer, then the owner cannot be deleted from the
key-value store until this reference is removed. Defaults
to false. To set this field, a user needs "delete"
permission of the owner, otherwise 422 (Unprocessable
Entity) will be returned.
type: boolean
controller:
description: If true, this reference points to the managing
controller.
type: boolean
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
uid:
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
type: string
required:
- apiVersion
- kind
- name
- uid
type: object
type: array
type: object
spec:
description: 'Specification of the desired behavior of the machine.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
bootstrap:
description: Bootstrap is a reference to a local struct which
encapsulates fields to configure the Machines bootstrapping
mechanism.
properties:
configRef:
description: ConfigRef is a reference to a bootstrap provider-specific
resource that holds configuration details. The reference
is optional to allow users/operators to specify Bootstrap.Data
without the need of a controller.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only
to have some well-defined way of referencing a part
of an object. TODO: this design is not final and
this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
data:
description: "Data contains the bootstrap data, such as
cloud-init details scripts. If nil, the Machine should
remain in the Pending state. \n Deprecated: This field
has been deprecated in v1alpha3 and will be removed
in a future version. Switch to DataSecretName."
type: string
dataSecretName:
description: DataSecretName is the name of the secret
that stores the bootstrap data script. If nil, the Machine
should remain in the Pending state.
type: string
type: object
clusterName:
description: ClusterName is the name of the Cluster this object
belongs to.
minLength: 1
type: string
failureDomain:
description: FailureDomain is the failure domain the machine
will be created in. Must match a key in the FailureDomains
map stored on the cluster object.
type: string
infrastructureRef:
description: InfrastructureRef is a required reference to
a custom resource offered by an infrastructure provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that
triggered the event) or if no container name is specified
"spec.containers[2]" (container with index 2 in this
pod). This syntax is chosen only to have some well-defined
way of referencing a part of an object. TODO: this design
is not final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
providerID:
description: ProviderID is the identification ID of the machine
provided by the provider. This field must match the provider
ID as seen on the node object corresponding to this machine.
This field is required by higher level consumers of cluster-api.
Example use case is cluster autoscaler with cluster-api
as provider. Clean-up logic in the autoscaler compares machines
to nodes to find out machines at provider which could not
get registered as Kubernetes nodes. With cluster-api as
a generic out-of-tree provider for autoscaler, this field
is required by autoscaler to be able to have a provider
view of the list of machines. Another list of nodes is queried
from the k8s apiserver and then a comparison is done to
find out unregistered machines and are marked for delete.
This field will be set by the actuators and consumed by
higher level entities like autoscaler that will be interfacing
with cluster-api as generic provider.
type: string
version:
description: Version defines the desired Kubernetes version.
This field is meant to be optionally used by bootstrap providers.
type: string
required:
- bootstrap
- clusterName
- infrastructureRef
type: object
type: object
required:
- clusterName
- selector
type: object
status:
description: MachineSetStatus defines the observed state of MachineSet
properties:
availableReplicas:
description: The number of available replicas (ready for at least
minReadySeconds) for this MachineSet.
format: int32
type: integer
failureMessage:
type: string
failureReason:
description: "In the event that there is a terminal problem reconciling
the replicas, both FailureReason and FailureMessage will be set.
FailureReason will be populated with a succinct value suitable for
machine interpretation, while FailureMessage will contain a more
verbose string suitable for logging and human consumption. \n These
fields should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the MachineTemplate's spec or the configuration of the
machine controller, and that manual intervention is required. Examples
of terminal errors would be invalid combinations of settings in
the spec, values that are unsupported by the machine controller,
or the responsible machine controller itself being critically misconfigured.
\n Any transient errors that occur during the reconciliation of
Machines can be added as events to the MachineSet object and/or
logged in the controller's output."
type: string
fullyLabeledReplicas:
description: The number of replicas that have labels matching the
labels of the machine template of the MachineSet.
format: int32
type: integer
observedGeneration:
description: ObservedGeneration reflects the generation of the most
recently observed MachineSet.
format: int64
type: integer
readyReplicas:
description: The number of ready replicas for this MachineSet. A machine
is considered ready when the node has been created and is "Ready".
format: int32
type: integer
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
selector:
description: 'Selector is the same as the label selector but in the
string format to avoid introspection by clients. The string will
be in the same format as the query-param syntax. More info about
label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
type: string
type: object
type: object
served: true
storage: true
subresources:
scale:
labelSelectorPath: .status.selector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

484
manifests/function/capi/v0.3.7/crd/bases/exp.cluster.x-k8s.io_machinepools.yaml Normal file
View File

@ -0,0 +1,484 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: machinepools.exp.cluster.x-k8s.io
spec:
group: exp.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: MachinePool
listKind: MachinePoolList
plural: machinepools
shortNames:
- mp
singular: machinepool
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: MachinePool replicas count
jsonPath: .status.replicas
name: Replicas
type: string
- description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed
etc
jsonPath: .status.phase
name: Phase
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: MachinePool is the Schema for the machinepools API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MachinePoolSpec defines the desired state of MachinePool
properties:
clusterName:
description: ClusterName is the name of the Cluster this object belongs
to.
minLength: 1
type: string
failureDomains:
description: FailureDomains is the list of failure domains this MachinePool
should be attached to.
items:
type: string
type: array
minReadySeconds:
description: Minimum number of seconds for which a newly created machine
instances should be ready. Defaults to 0 (machine instance will
be considered available as soon as it is ready)
format: int32
type: integer
providerIDList:
description: ProviderIDList are the identification IDs of machine
instances provided by the provider. This field must match the provider
IDs as seen on the node objects corresponding to a machine pool's
machine instances.
items:
type: string
type: array
replicas:
description: Number of desired machines. Defaults to 1. This is a
pointer to distinguish between explicit zero and not specified.
format: int32
type: integer
strategy:
description: The deployment strategy to use to replace existing machine
instances with new ones.
properties:
rollingUpdate:
description: Rolling update config params. Present only if MachineDeploymentStrategyType
= RollingUpdate.
properties:
maxSurge:
anyOf:
- type: integer
- type: string
description: 'The maximum number of machines that can be scheduled
above the desired number of machines. Value can be an absolute
number (ex: 5) or a percentage of desired machines (ex:
10%). This can not be 0 if MaxUnavailable is 0. Absolute
number is calculated from percentage by rounding up. Defaults
to 1. Example: when this is set to 30%, the new MachineSet
can be scaled up immediately when the rolling update starts,
such that the total number of old and new machines do not
exceed 130% of desired machines. Once old machines have
been killed, new MachineSet can be scaled up further, ensuring
that total number of machines running at any time during
the update is at most 130% of desired machines.'
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: 'The maximum number of machines that can be unavailable
during the update. Value can be an absolute number (ex:
5) or a percentage of desired machines (ex: 10%). Absolute
number is calculated from percentage by rounding down. This
can not be 0 if MaxSurge is 0. Defaults to 0. Example: when
this is set to 30%, the old MachineSet can be scaled down
to 70% of desired machines immediately when the rolling
update starts. Once new machines are ready, old MachineSet
can be scaled down further, followed by scaling up the new
MachineSet, ensuring that the total number of machines available
at all times during the update is at least 70% of desired
machines.'
x-kubernetes-int-or-string: true
type: object
type:
description: Type of deployment. Currently the only supported
strategy is "RollingUpdate". Default is RollingUpdate.
type: string
type: object
template:
description: Template describes the machines that will be created.
properties:
metadata:
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not queryable
and should be preserved when modifying objects. More info:
http://kubernetes.io/docs/user-guide/annotations'
type: object
generateName:
description: "GenerateName is an optional prefix, used by
the server, to generate a unique name ONLY IF the Name field
has not been provided. If this field is used, the name returned
to the client will be different than the name passed. This
value will also be combined with a unique suffix. The provided
value has the same validation rules as the Name field, and
may be truncated by the length of the suffix required to
make the value unique on the server. \n If this field is
specified and the generated name exists, the server will
NOT return a 409 - instead, it will either return 201 Created
or 500 with Reason ServerTimeout indicating a unique name
could not be found in the time allotted, and the client
should retry (optionally after the time indicated in the
Retry-After header). \n Applied only if Name is not specified.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
type: string
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can be used
to organize and categorize (scope and select) objects. May
match selectors of replication controllers and services.
More info: http://kubernetes.io/docs/user-guide/labels'
type: object
name:
description: 'Name must be unique within a namespace. Is required
when creating resources, although some resources may allow
a client to request the generation of an appropriate name
automatically. Name is primarily intended for creation idempotence
and configuration definition. Cannot be updated. More info:
http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
namespace:
description: "Namespace defines the space within each name
must be unique. An empty namespace is equivalent to the
\"default\" namespace, but \"default\" is the canonical
representation. Not all objects are required to be scoped
to a namespace - the value of this field for those objects
will be empty. \n Must be a DNS_LABEL. Cannot be updated.
More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
ownerReferences:
description: List of objects depended by this object. If ALL
objects in the list have been deleted, this object will
be garbage collected. If this object is managed by a controller,
then an entry in this list will point to this controller,
with the controller field set to true. There cannot be more
than one managing controller.
items:
description: OwnerReference contains enough information
to let you identify an owning object. An owning object
must be in the same namespace as the dependent, or be
cluster-scoped, so there is no namespace field.
properties:
apiVersion:
description: API version of the referent.
type: string
blockOwnerDeletion:
description: If true, AND if the owner has the "foregroundDeletion"
finalizer, then the owner cannot be deleted from the
key-value store until this reference is removed. Defaults
to false. To set this field, a user needs "delete"
permission of the owner, otherwise 422 (Unprocessable
Entity) will be returned.
type: boolean
controller:
description: If true, this reference points to the managing
controller.
type: boolean
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
uid:
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
type: string
required:
- apiVersion
- kind
- name
- uid
type: object
type: array
type: object
spec:
description: 'Specification of the desired behavior of the machine.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
bootstrap:
description: Bootstrap is a reference to a local struct which
encapsulates fields to configure the Machines bootstrapping
mechanism.
properties:
configRef:
description: ConfigRef is a reference to a bootstrap provider-specific
resource that holds configuration details. The reference
is optional to allow users/operators to specify Bootstrap.Data
without the need of a controller.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only
to have some well-defined way of referencing a part
of an object. TODO: this design is not final and
this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
data:
description: "Data contains the bootstrap data, such as
cloud-init details scripts. If nil, the Machine should
remain in the Pending state. \n Deprecated: This field
has been deprecated in v1alpha3 and will be removed
in a future version. Switch to DataSecretName."
type: string
dataSecretName:
description: DataSecretName is the name of the secret
that stores the bootstrap data script. If nil, the Machine
should remain in the Pending state.
type: string
type: object
clusterName:
description: ClusterName is the name of the Cluster this object
belongs to.
minLength: 1
type: string
failureDomain:
description: FailureDomain is the failure domain the machine
will be created in. Must match a key in the FailureDomains
map stored on the cluster object.
type: string
infrastructureRef:
description: InfrastructureRef is a required reference to
a custom resource offered by an infrastructure provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that
triggered the event) or if no container name is specified
"spec.containers[2]" (container with index 2 in this
pod). This syntax is chosen only to have some well-defined
way of referencing a part of an object. TODO: this design
is not final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
providerID:
description: ProviderID is the identification ID of the machine
provided by the provider. This field must match the provider
ID as seen on the node object corresponding to this machine.
This field is required by higher level consumers of cluster-api.
Example use case is cluster autoscaler with cluster-api
as provider. Clean-up logic in the autoscaler compares machines
to nodes to find out machines at provider which could not
get registered as Kubernetes nodes. With cluster-api as
a generic out-of-tree provider for autoscaler, this field
is required by autoscaler to be able to have a provider
view of the list of machines. Another list of nodes is queried
from the k8s apiserver and then a comparison is done to
find out unregistered machines and are marked for delete.
This field will be set by the actuators and consumed by
higher level entities like autoscaler that will be interfacing
with cluster-api as generic provider.
type: string
version:
description: Version defines the desired Kubernetes version.
This field is meant to be optionally used by bootstrap providers.
type: string
required:
- bootstrap
- clusterName
- infrastructureRef
type: object
type: object
required:
- clusterName
- template
type: object
status:
description: MachinePoolStatus defines the observed state of MachinePool
properties:
availableReplicas:
description: The number of available replicas (ready for at least
minReadySeconds) for this MachinePool.
format: int32
type: integer
bootstrapReady:
description: BootstrapReady is the state of the bootstrap provider.
type: boolean
failureMessage:
description: FailureMessage indicates that there is a problem reconciling
the state, and will be set to a descriptive error message.
type: string
failureReason:
description: FailureReason indicates that there is a problem reconciling
the state, and will be set to a token value suitable for programmatic
interpretation.
type: string
infrastructureReady:
description: InfrastructureReady is the state of the infrastructure
provider.
type: boolean
nodeRefs:
description: NodeRefs will point to the corresponding Nodes if it
they exist.
items:
description: ObjectReference contains enough information to let
you inspect or modify the referred object.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
phase:
description: Phase represents the current phase of cluster actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
readyReplicas:
description: The number of ready replicas for this MachinePool. A
machine is considered ready when the node has been created and is
"Ready".
format: int32
type: integer
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
unavailableReplicas:
description: Total number of unavailable machine instances targeted
by this machine pool. This is the total number of machine instances
that are still required for the machine pool to have 100% available
capacity. They may either be machine instances that are running
but not yet available or machine instances that still have not been
created.
format: int32
type: integer
type: object
type: object
served: true
storage: true
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

36
manifests/function/capi/v0.3.7/crd/kustomization.yaml Normal file
View File

@ -0,0 +1,36 @@
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/
resources:
- bases/cluster.x-k8s.io_clusters.yaml
- bases/cluster.x-k8s.io_machines.yaml
- bases/cluster.x-k8s.io_machinesets.yaml
- bases/cluster.x-k8s.io_machinedeployments.yaml
- bases/exp.cluster.x-k8s.io_machinepools.yaml
- bases/addons.cluster.x-k8s.io_clusterresourcesets.yaml
- bases/addons.cluster.x-k8s.io_clusterresourcesetbindings.yaml
- bases/cluster.x-k8s.io_machinehealthchecks.yaml
# +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
- patches/webhook_in_clusters.yaml
- patches/webhook_in_machines.yaml
- patches/webhook_in_machinesets.yaml
- patches/webhook_in_machinedeployments.yaml
- patches/webhook_in_machinehealthchecks.yaml
# +kubebuilder:scaffold:crdkustomizewebhookpatch
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
# patches here are for enabling the CA injection for each CRD
- patches/cainjection_in_clusters.yaml
- patches/cainjection_in_machines.yaml
- patches/cainjection_in_machinesets.yaml
- patches/cainjection_in_machinedeployments.yaml
- patches/cainjection_in_machinehealthchecks.yaml
# +kubebuilder:scaffold:crdkustomizecainjectionpatch
# the following config is for teaching kustomize how to do kustomization for CRDs.
configurations:
- kustomizeconfig.yaml

17
manifests/function/capi/v0.3.7/crd/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,17 @@
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/name
namespace:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/namespace
create: false
varReference:
- path: metadata/annotations

8
manifests/function/capi/v0.3.7/crd/patches/cainjection_in_clusters.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: clusters.cluster.x-k8s.io

8
manifests/function/capi/v0.3.7/crd/patches/cainjection_in_machinedeployments.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: machinedeployments.cluster.x-k8s.io

8
manifests/function/capi/v0.3.7/crd/patches/cainjection_in_machinehealthchecks.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: machinehealthchecks.cluster.x-k8s.io

8
manifests/function/capi/v0.3.7/crd/patches/cainjection_in_machines.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: machines.cluster.x-k8s.io

8
manifests/function/capi/v0.3.7/crd/patches/cainjection_in_machinesets.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: machinesets.cluster.x-k8s.io

19
manifests/function/capi/v0.3.7/crd/patches/webhook_in_clusters.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clusters.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capi/v0.3.7/crd/patches/webhook_in_machinedeployments.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: machinedeployments.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capi/v0.3.7/crd/patches/webhook_in_machinehealthchecks.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: machinehealthchecks.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capi/v0.3.7/crd/patches/webhook_in_machines.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: machines.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capi/v0.3.7/crd/patches/webhook_in_machinesets.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: machinesets.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

11
manifests/function/capi/v0.3.7/default/kustomization.yaml Normal file
View File

@ -0,0 +1,11 @@
namespace: capi-system
resources:
- namespace.yaml
bases:
- ../rbac
- ../manager
patchesStrategicMerge:
- manager_role_aggregation_patch.yaml

15
manifests/function/capi/v0.3.7/default/manager_role_aggregation_patch.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: manager-role
labels:
cluster.x-k8s.io/aggregate-to-manager: "true"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: aggregated-manager-role

6
manifests/function/capi/v0.3.7/default/namespace.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system

41
manifests/function/capi/v0.3.7/kustomization.yaml Normal file
View File

@ -0,0 +1,41 @@
namePrefix: capi-
commonLabels:
cluster.x-k8s.io/provider: "cluster-api"
bases:
- crd
- webhook
- default
patchesJson6902:
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: clusters.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: machinedeployments.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: machines.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: machinesets.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml
- target:
group: apiextensions.k8s.io
version: v1
kind: CustomResourceDefinition
name: machinehealthchecks.cluster.x-k8s.io
path: patch_crd_webhook_namespace.yaml

9
manifests/function/capi/v0.3.7/manager/kustomization.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- manager.yaml
patchesStrategicMerge:
- manager_pull_policy.yaml
- manager_image_patch.yaml
- manager_auth_proxy_patch.yaml

42
manifests/function/capi/v0.3.7/manager/manager.yaml Normal file
View File

@ -0,0 +1,42 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
spec:
selector:
matchLabels:
control-plane: controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: controller-manager
spec:
containers:
- command:
- /manager
args:
- --enable-leader-election
- --feature-gates=MachinePool=false,ClusterResourceSet=false
image: controller:latest
name: manager
ports:
- containerPort: 9440
name: healthz
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: healthz
livenessProbe:
httpGet:
path: /healthz
port: healthz
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master

26
manifests/function/capi/v0.3.7/manager/manager_auth_proxy_patch.yaml Normal file
View File

@ -0,0 +1,26 @@
# This patch inject a sidecar container which is a HTTP proxy for the controller manager,
# it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: kube-rbac-proxy
image: ${CONTAINER_CAPI_AUTH_PROXY}
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
ports:
- containerPort: 8443
name: https
- name: manager
args:
- "--metrics-addr=127.0.0.1:8080"
- "--enable-leader-election"
- "--feature-gates=MachinePool=false,ClusterResourceSet=false"

11
manifests/function/capi/v0.3.7/manager/manager_image_patch.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- image: ${CONTAINER_CAPI_MANAGER}
name: manager

11
manifests/function/capi/v0.3.7/manager/manager_pull_policy.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

3
manifests/function/capi/v0.3.7/patch_crd_webhook_namespace.yaml Normal file
View File

@ -0,0 +1,3 @@
- op: replace
path: "/spec/conversion/webhook/clientConfig/service/namespace"
value: capi-webhook-system

9
manifests/function/capi/v0.3.7/rbac/aggregated_role.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: aggregated-manager-role
aggregationRule:
clusterRoleSelectors:
- matchLabels:
cluster.x-k8s.io/aggregate-to-manager: "true"
rules: []

13
manifests/function/capi/v0.3.7/rbac/auth_proxy_role.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: proxy-role
rules:
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs: ["create"]
- apiGroups: ["authorization.k8s.io"]
resources:
- subjectaccessreviews
verbs: ["create"]

12
manifests/function/capi/v0.3.7/rbac/auth_proxy_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

14
manifests/function/capi/v0.3.7/rbac/auth_proxy_service.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
labels:
control-plane: controller-manager
name: controller-manager-metrics-service
namespace: system
spec:
ports:
- name: https
port: 8443
targetPort: https
selector:
control-plane: controller-manager

19
manifests/function/capi/v0.3.7/rbac/kustomization.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Each entry in this list must resolve to an existing
# resource definition in YAML. These are the resource
# files that kustomize reads, modifies and emits as a
# YAML string, with resources separated by document
# markers ("---").
resources:
- role_binding.yaml
- role.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
- aggregated_role.yaml
# Comment the following 3 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
# which protects your /metrics endpoint.
- auth_proxy_service.yaml
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml

33
manifests/function/capi/v0.3.7/rbac/leader_election_role.yaml Normal file
View File

@ -0,0 +1,33 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create

12
manifests/function/capi/v0.3.7/rbac/leader_election_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

206
manifests/function/capi/v0.3.7/rbac/role.yaml Normal file
View File

@ -0,0 +1,206 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- addons.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- addons.cluster.x-k8s.io
resources:
- clusterresourcesets/status
verbs:
- get
- patch
- update
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- watch
- apiGroups:
- bootstrap.cluster.x-k8s.io
- controlplane.cluster.x-k8s.io
- infrastructure.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- bootstrap.cluster.x-k8s.io
- exp.infrastructure.cluster.x-k8s.io
- infrastructure.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- bootstrap.cluster.x-k8s.io
- infrastructure.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusters/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machinedeployments
- machinedeployments/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machinehealthchecks
- machinehealthchecks/status
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machines
- machines/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machinesets
- machinesets/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- exp.cluster.x-k8s.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- exp.cluster.x-k8s.io
resources:
- machinepools
- machinepools/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch

13
manifests/function/capi/v0.3.7/rbac/role_binding.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

43
manifests/function/capi/v0.3.7/webhook/kustomization.yaml Normal file
View File

@ -0,0 +1,43 @@
namespace: capi-webhook-system
resources:
- namespace.yaml
- manifests.yaml
- service.yaml
- ../certmanager
- ../manager
configurations:
- kustomizeconfig.yaml
patchesStrategicMerge:
- manager_webhook_patch.yaml
- webhookcainjection_patch.yaml
vars:
- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
kind: Service
version: v1
name: webhook-service
fieldref:
fieldpath: metadata.namespace
- name: SERVICE_NAME
objref:
kind: Service
version: v1
name: webhook-service

27
manifests/function/capi/v0.3.7/webhook/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,27 @@
# the following config is for teaching kustomize where to look at when substituting vars.
# It requires kustomize v2.1.0 or newer to work properly.
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
namespace:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
varReference:
- path: metadata/annotations
- kind: Deployment
path: spec/template/spec/volumes/secret/secretName

27
manifests/function/capi/v0.3.7/webhook/manager_webhook_patch.yaml Normal file
View File

@ -0,0 +1,27 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
args:
- "--metrics-addr=127.0.0.1:8080"
- "--webhook-port=9443"
- "--feature-gates=MachinePool=false,ClusterResourceSet=false"
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
volumes:
- name: cert
secret:
defaultMode: 420
secretName: $(SERVICE_NAME)-cert

296
manifests/function/capi/v0.3.7/webhook/manifests.yaml Normal file
View File

@ -0,0 +1,296 @@
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: mutating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-cluster-x-k8s-io-v1alpha3-cluster
failurePolicy: Fail
matchPolicy: Equivalent
name: default.cluster.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- clusters
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-cluster-x-k8s-io-v1alpha3-machine
failurePolicy: Fail
matchPolicy: Equivalent
name: default.machine.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machines
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-cluster-x-k8s-io-v1alpha3-machinedeployment
failurePolicy: Fail
matchPolicy: Equivalent
name: default.machinedeployment.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinedeployments
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-cluster-x-k8s-io-v1alpha3-machinehealthcheck
failurePolicy: Fail
matchPolicy: Equivalent
name: default.machinehealthcheck.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinehealthchecks
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-cluster-x-k8s-io-v1alpha3-machineset
failurePolicy: Fail
matchPolicy: Equivalent
name: default.machineset.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinesets
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-exp-cluster-x-k8s-io-v1alpha3-machinepool
failurePolicy: Fail
matchPolicy: Equivalent
name: default.exp.machinepool.cluster.x-k8s.io
rules:
- apiGroups:
- exp.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinepools
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /mutate-addons-cluster-x-k8s-io-v1alpha3-clusterresourceset
failurePolicy: Fail
matchPolicy: Equivalent
name: default.clusterresourceset.addons.cluster.x-k8s.io
rules:
- apiGroups:
- addons.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- clusterresourcesets
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-cluster-x-k8s-io-v1alpha3-cluster
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.cluster.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- clusters
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-cluster-x-k8s-io-v1alpha3-machine
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.machine.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machines
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-cluster-x-k8s-io-v1alpha3-machinedeployment
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.machinedeployment.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinedeployments
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-cluster-x-k8s-io-v1alpha3-machinehealthcheck
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.machinehealthcheck.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinehealthchecks
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-cluster-x-k8s-io-v1alpha3-machineset
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.machineset.cluster.x-k8s.io
rules:
- apiGroups:
- cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinesets
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-exp-cluster-x-k8s-io-v1alpha3-machinepool
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.exp.machinepool.cluster.x-k8s.io
rules:
- apiGroups:
- exp.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- machinepools
sideEffects: None
- clientConfig:
caBundle: Cg==
service:
name: webhook-service
namespace: system
path: /validate-addons-cluster-x-k8s-io-v1alpha3-clusterresourceset
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.clusterresourceset.addons.cluster.x-k8s.io
rules:
- apiGroups:
- addons.cluster.x-k8s.io
apiVersions:
- v1alpha3
operations:
- CREATE
- UPDATE
resources:
- clusterresourcesets
sideEffects: None

6
manifests/function/capi/v0.3.7/webhook/namespace.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: webhook-system

9
manifests/function/capi/v0.3.7/webhook/service.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: webhook-service
namespace: system
spec:
ports:
- port: 443
targetPort: webhook-server

16
manifests/function/capi/v0.3.7/webhook/webhookcainjection_patch.yaml Normal file
View File

@ -0,0 +1,16 @@
# This patch add annotation to admission webhook config and
# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
# uncomment the following lines to enable mutating webhook
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: mutating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)

24
manifests/function/capm3/v0.3.2/certmanager/certificate.yaml Normal file
View File

@ -0,0 +1,24 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1alpha2
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

7
manifests/function/capm3/v0.3.2/certmanager/kustomization.yaml Normal file
View File

@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml

19
manifests/function/capm3/v0.3.2/certmanager/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name
varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName

225
manifests/function/capm3/v0.3.2/crd/bases/infrastructure.cluster.x-k8s.io_metal3clusters.yaml Normal file
View File

@ -0,0 +1,225 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.8
creationTimestamp: null
name: metal3clusters.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: Metal3Cluster
listKind: Metal3ClusterList
plural: metal3clusters
shortNames:
- m3c
- m3cluster
singular: metal3cluster
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: metal3Cluster is Ready
jsonPath: .status.ready
name: Ready
type: string
- description: Most recent error
jsonPath: .status.errorReason
name: Error
type: string
- description: API endpoints
jsonPath: .status.apiEndpoints
name: APIEndpoints
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: Metal3Cluster is the Schema for the metal3clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3ClusterSpec defines the desired state of Metal3Cluster.
properties:
apiEndpoint:
type: string
noCloudProvider:
type: boolean
required:
- apiEndpoint
type: object
status:
description: Metal3ClusterStatus defines the observed state of Metal3Cluster.
properties:
apiEndpoints:
description: APIEndpoints represents the endpoints to communicate
with the control plane.
items:
description: APIEndpoint represents a reachable Kubernetes API endpoint.
properties:
host:
description: Host is the hostname on which the API server is
serving.
type: string
port:
description: Port is the port on which the API server is serving.
type: integer
required:
- host
- port
type: object
type: array
errorMessage:
description: "ErrorMessage will be set in the event that there is
a terminal problem reconciling the metal3machine and will contain
a more verbose string suitable for logging and human consumption.
\n This field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the metal3machine's spec or the configuration of the
controller, and that manual intervention is required. Examples of
terminal errors would be invalid combinations of settings in the
spec, values that are unsupported by the controller, or the responsible
controller itself being critically misconfigured. \n Any transient
errors that occur during the reconciliation of Machines can be added
as events to the metal3machine object and/or logged in the controller's
output."
type: string
errorReason:
description: "ErrorReason will be set in the event that there is a
terminal problem reconciling the metal3machine and will contain
a succinct value suitable for machine interpretation. \n This field
should not be set for transitive errors that a controller faces
that are expected to be fixed automatically over time (like service
outages), but instead indicate that something is fundamentally wrong
with the metal3machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of Machines can be added as events
to the metal3machine object and/or logged in the controller's output."
type: string
lastUpdated:
description: LastUpdated identifies when this status was last observed.
format: date-time
type: string
ready:
description: Ready denotes that the Metal3 cluster (infrastructure)
is ready. In Baremetal case, it does not mean anything for now as
no infrastructure steps need to be performed. Required by Cluster
API. Set to True by the metal3Cluster controller after creation.
type: boolean
required:
- ready
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- description: metal3Cluster is Ready
jsonPath: .status.ready
name: Ready
type: string
- description: Most recent error
jsonPath: .status.failureReason
name: Error
type: string
- description: Cluster to which this BMCluster belongs
jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
name: Cluster
type: string
- description: Control plane endpoint
jsonPath: .spec.controlPlaneEndpoint
name: Endpoint
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: Metal3Cluster is the Schema for the metal3clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3ClusterSpec defines the desired state of Metal3Cluster.
properties:
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint used to
communicate with the control plane.
properties:
host:
description: Host is the hostname on which the API server is serving.
type: string
port:
description: Port is the port on which the API server is serving.
type: integer
required:
- host
- port
type: object
noCloudProvider:
type: boolean
required:
- controlPlaneEndpoint
type: object
status:
description: Metal3ClusterStatus defines the observed state of Metal3Cluster.
properties:
failureMessage:
description: FailureMessage indicates that there is a fatal problem
reconciling the state, and will be set to a descriptive error message.
type: string
failureReason:
description: FailureReason indicates that there is a fatal problem
reconciling the state, and will be set to a token value suitable
for programmatic interpretation.
type: string
lastUpdated:
description: LastUpdated identifies when this status was last observed.
format: date-time
type: string
ready:
description: Ready denotes that the Metal3 cluster (infrastructure)
is ready. In Baremetal case, it does not mean anything for now as
no infrastructure steps need to be performed. Required by Cluster
API. Set to True by the metal3Cluster controller after creation.
type: boolean
required:
- ready
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

388
manifests/function/capm3/v0.3.2/crd/bases/infrastructure.cluster.x-k8s.io_metal3machines.yaml Normal file
View File

@ -0,0 +1,388 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.8
creationTimestamp: null
name: metal3machines.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: Metal3Machine
listKind: Metal3MachineList
plural: metal3machines
shortNames:
- m3m
- m3machine
singular: metal3machine
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Provider ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: Machines current phase
jsonPath: .status.phase
name: Phase
type: string
- description: metal3machine is Ready
jsonPath: .status.ready
name: Ready
type: string
- description: Most recent error
jsonPath: .status.errorReason
name: Error
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: Metal3Machine is the Schema for the metal3machines API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3MachineSpec defines the desired state of Metal3Machine
properties:
hostSelector:
description: HostSelector specifies matching criteria for labels on
BareMetalHosts. This is used to limit the set of BareMetalHost objects
considered for claiming for a metal3machine.
properties:
matchExpressions:
description: Label match expressions that must be true on a chosen
BareMetalHost
items:
description: HostSelectorRequirement struct
properties:
key:
type: string
operator:
description: Operator represents a key/field's relationship
to value(s). See labels.Requirement and fields.Requirement
for more details.
type: string
values:
items:
type: string
type: array
required:
- key
- operator
- values
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: Key/value pairs of labels that must exist on a chosen
BareMetalHost
type: object
type: object
image:
description: Image is the image to be provisioned.
properties:
checksum:
description: Checksum is a md5sum value or a URL to retrieve one.
type: string
url:
description: URL is a location of an image to deploy.
type: string
required:
- checksum
- url
type: object
providerID:
description: ProviderID will be the Metal3 machine in ProviderID format
(baremetal:////<machinename>)
type: string
userData:
description: UserData references the Secret that holds user data needed
by the bare metal operator. The Namespace is optional; it will default
to the metal3machine's namespace if not specified.
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
required:
- image
type: object
status:
description: Metal3MachineStatus defines the observed state of Metal3Machine
properties:
addresses:
description: Addresses is a list of addresses assigned to the machine.
This field is copied from the infrastructure provider reference.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
errorMessage:
description: "ErrorMessage will be set in the event that there is
a terminal problem reconciling the metal3machine and will contain
a more verbose string suitable for logging and human consumption.
\n This field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the metal3machine's spec or the configuration of the
controller, and that manual intervention is required. Examples of
terminal errors would be invalid combinations of settings in the
spec, values that are unsupported by the controller, or the responsible
controller itself being critically misconfigured. \n Any transient
errors that occur during the reconciliation of metal3machines can
be added as events to the metal3machine object and/or logged in
the controller's output."
type: string
errorReason:
description: "ErrorReason will be set in the event that there is a
terminal problem reconciling the metal3machine and will contain
a succinct value suitable for machine interpretation. \n This field
should not be set for transitive errors that a controller faces
that are expected to be fixed automatically over time (like service
outages), but instead indicate that something is fundamentally wrong
with the metal3machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of metal3machines can be added as
events to the metal3machine object and/or logged in the controller's
output."
type: string
lastUpdated:
description: LastUpdated identifies when this status was last observed.
format: date-time
type: string
phase:
description: Phase represents the current phase of machine actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
ready:
description: 'Ready is the state of the metal3. TODO : Document the
variable : mhrivnak: " it would be good to document what this means,
how to interpret it, under what circumstances the value changes,
etc."'
type: boolean
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- description: Provider ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: metal3machine is Ready
jsonPath: .status.ready
name: Ready
type: string
- description: Cluster to which this BMMachine belongs
jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
name: Cluster
type: string
- description: metal3machine current phase
jsonPath: .status.phase
name: Phase
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: Metal3Machine is the Schema for the metal3machines API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3MachineSpec defines the desired state of Metal3Machine
properties:
hostSelector:
description: HostSelector specifies matching criteria for labels on
BareMetalHosts. This is used to limit the set of BareMetalHost objects
considered for claiming for a metal3machine.
properties:
matchExpressions:
description: Label match expressions that must be true on a chosen
BareMetalHost
items:
properties:
key:
type: string
operator:
description: Operator represents a key/field's relationship
to value(s). See labels.Requirement and fields.Requirement
for more details.
type: string
values:
items:
type: string
type: array
required:
- key
- operator
- values
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: Key/value pairs of labels that must exist on a chosen
BareMetalHost
type: object
type: object
image:
description: Image is the image to be provisioned.
properties:
checksum:
description: Checksum is a md5sum value or a URL to retrieve one.
type: string
url:
description: URL is a location of an image to deploy.
type: string
required:
- checksum
- url
type: object
providerID:
description: ProviderID will be the Metal3 machine in ProviderID format
(baremetal:////<machinename>)
type: string
userData:
description: UserData references the Secret that holds user data needed
by the bare metal operator. The Namespace is optional; it will default
to the metal3machine's namespace if not specified.
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
required:
- image
type: object
status:
description: Metal3MachineStatus defines the observed state of Metal3Machine
properties:
addresses:
description: Addresses is a list of addresses assigned to the machine.
This field is copied from the infrastructure provider reference.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
failureMessage:
description: "FailureMessage will be set in the event that there is
a terminal problem reconciling the metal3machine and will contain
a more verbose string suitable for logging and human consumption.
\n This field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the metal3machine's spec or the configuration of the
controller, and that manual intervention is required. Examples of
terminal errors would be invalid combinations of settings in the
spec, values that are unsupported by the controller, or the responsible
controller itself being critically misconfigured. \n Any transient
errors that occur during the reconciliation of metal3machines can
be added as events to the metal3machine object and/or logged in
the controller's output."
type: string
failureReason:
description: "FailureReason will be set in the event that there is
a terminal problem reconciling the metal3machine and will contain
a succinct value suitable for machine interpretation. \n This field
should not be set for transitive errors that a controller faces
that are expected to be fixed automatically over time (like service
outages), but instead indicate that something is fundamentally wrong
with the metal3machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of metal3machines can be added as
events to the metal3machine object and/or logged in the controller's
output."
type: string
lastUpdated:
description: LastUpdated identifies when this status was last observed.
format: date-time
type: string
phase:
description: Phase represents the current phase of machine actuation.
E.g. Pending, Running, Terminating, Failed etc.
type: string
ready:
description: 'Ready is the state of the metal3. TODO : Document the
variable : mhrivnak: " it would be good to document what this means,
how to interpret it, under what circumstances the value changes,
etc."'
type: boolean
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

243
manifests/function/capm3/v0.3.2/crd/bases/infrastructure.cluster.x-k8s.io_metal3machinetemplates.yaml Normal file
View File

@ -0,0 +1,243 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.8
creationTimestamp: null
name: metal3machinetemplates.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: Metal3MachineTemplate
listKind: Metal3MachineTemplateList
plural: metal3machinetemplates
singular: metal3machinetemplate
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: Metal3MachineTemplate is the Schema for the metal3machinetemplates
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3MachineTemplateSpec defines the desired state of Metal3MachineTemplate
properties:
template:
description: Metal3MachineTemplateResource describes the data needed
to create a Metal3Machine from a template
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
hostSelector:
description: HostSelector specifies matching criteria for
labels on BareMetalHosts. This is used to limit the set
of BareMetalHost objects considered for claiming for a metal3machine.
properties:
matchExpressions:
description: Label match expressions that must be true
on a chosen BareMetalHost
items:
description: HostSelectorRequirement struct
properties:
key:
type: string
operator:
description: Operator represents a key/field's relationship
to value(s). See labels.Requirement and fields.Requirement
for more details.
type: string
values:
items:
type: string
type: array
required:
- key
- operator
- values
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: Key/value pairs of labels that must exist
on a chosen BareMetalHost
type: object
type: object
image:
description: Image is the image to be provisioned.
properties:
checksum:
description: Checksum is a md5sum value or a URL to retrieve
one.
type: string
url:
description: URL is a location of an image to deploy.
type: string
required:
- checksum
- url
type: object
providerID:
description: ProviderID will be the Metal3 machine in ProviderID
format (baremetal:////<machinename>)
type: string
userData:
description: UserData references the Secret that holds user
data needed by the bare metal operator. The Namespace is
optional; it will default to the metal3machine's namespace
if not specified.
properties:
name:
description: Name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: Namespace defines the space within which
the secret name must be unique.
type: string
type: object
required:
- image
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: false
- name: v1alpha3
schema:
openAPIV3Schema:
description: Metal3MachineTemplate is the Schema for the metal3machinetemplates
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Metal3MachineTemplateSpec defines the desired state of Metal3MachineTemplate
properties:
template:
description: Metal3MachineTemplateResource describes the data needed
to create a Metal3Machine from a template
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
hostSelector:
description: HostSelector specifies matching criteria for
labels on BareMetalHosts. This is used to limit the set
of BareMetalHost objects considered for claiming for a metal3machine.
properties:
matchExpressions:
description: Label match expressions that must be true
on a chosen BareMetalHost
items:
properties:
key:
type: string
operator:
description: Operator represents a key/field's relationship
to value(s). See labels.Requirement and fields.Requirement
for more details.
type: string
values:
items:
type: string
type: array
required:
- key
- operator
- values
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: Key/value pairs of labels that must exist
on a chosen BareMetalHost
type: object
type: object
image:
description: Image is the image to be provisioned.
properties:
checksum:
description: Checksum is a md5sum value or a URL to retrieve
one.
type: string
url:
description: URL is a location of an image to deploy.
type: string
required:
- checksum
- url
type: object
providerID:
description: ProviderID will be the Metal3 machine in ProviderID
format (baremetal:////<machinename>)
type: string
userData:
description: UserData references the Secret that holds user
data needed by the bare metal operator. The Namespace is
optional; it will default to the metal3machine's namespace
if not specified.
properties:
name:
description: Name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: Namespace defines the space within which
the secret name must be unique.
type: string
type: object
required:
- image
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

34
manifests/function/capm3/v0.3.2/crd/kustomization.yaml Normal file
View File

@ -0,0 +1,34 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/default
commonLabels:
cluster.x-k8s.io/v1alpha2: v1alpha2
cluster.x-k8s.io/v1alpha3: v1alpha3
resources:
- bases/infrastructure.cluster.x-k8s.io_metal3clusters.yaml
- bases/infrastructure.cluster.x-k8s.io_metal3machines.yaml
- bases/infrastructure.cluster.x-k8s.io_metal3machinetemplates.yaml
# +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
- patches/webhook_in_metal3machines.yaml
- patches/webhook_in_metal3clusters.yaml
- patches/webhook_in_metal3machinetemplates.yaml
# +kubebuilder:scaffold:crdkustomizewebhookpatch
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
# patches here are for enabling the CA injection for each CRD
- patches/cainjection_in_metal3machines.yaml
- patches/cainjection_in_metal3clusters.yaml
- patches/cainjection_in_metal3machinetemplates.yaml
# +kubebuilder:scaffold:crdkustomizecainjectionpatch
# the following config is for teaching kustomize how to do kustomization for CRDs.
configurations:
- kustomizeconfig.yaml

17
manifests/function/capm3/v0.3.2/crd/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,17 @@
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/name
namespace:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/namespace
create: false
varReference:
- path: metadata/annotations

Some files were not shown because too many files have changed in this diff Show More