apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-webhook-system/ipam-serving-cert controller-gen.kubebuilder.io/version: v0.2.8 creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 cluster.x-k8s.io/v1alpha2: v1alpha2 cluster.x-k8s.io/v1alpha3: v1alpha3_v1alpha4 name: ipaddresses.ipam.metal3.io spec: conversion: strategy: Webhook webhook: clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /convert conversionReviewVersions: - v1 - v1beta1 group: ipam.metal3.io names: categories: - metal3 kind: IPAddress listKind: IPAddressList plural: ipaddresses shortNames: - ipa - ipaddress - ipaddress singular: ipaddress scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: IPAddress is the Schema for the ipaddresses API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: IPAddressSpec defines the desired state of IPAddress. properties: address: description: Address contains the IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string claim: description: Claim points to the object the IPClaim was created for. properties: apiVersion: description: API version of the referent. type: string fieldPath: description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object dnsServers: description: DNSServers is the list of dns servers items: description: IPAddress is used for validation of an IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string type: array gateway: description: Gateway is the gateway ip address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string pool: description: Pool is the IPPool this was generated from. properties: apiVersion: description: API version of the referent. type: string fieldPath: description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object prefix: description: Prefix is the mask of the network as integer (max 128) maximum: 128 type: integer required: - address - claim - pool type: object type: object served: true storage: true status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-webhook-system/ipam-serving-cert controller-gen.kubebuilder.io/version: v0.2.8 creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 cluster.x-k8s.io/v1alpha2: v1alpha2 cluster.x-k8s.io/v1alpha3: v1alpha3_v1alpha4 name: ipclaims.ipam.metal3.io spec: conversion: strategy: Webhook webhook: clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /convert conversionReviewVersions: - v1 - v1beta1 group: ipam.metal3.io names: categories: - cluster-api kind: IPClaim listKind: IPClaimList plural: ipclaims shortNames: - m3ipc - m3ipclaim - ipclaim singular: ipclaim scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: IPClaim is the Schema for the ipclaims API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: IPClaimSpec defines the desired state of IPClaim. properties: pool: description: Pool is the IPPool this was generated from. properties: apiVersion: description: API version of the referent. type: string fieldPath: description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object required: - pool type: object status: description: IPClaimStatus defines the observed state of IPClaim. properties: address: description: Address is the IPAddress that was generated for this claim. properties: apiVersion: description: API version of the referent. type: string fieldPath: description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object errorMessage: description: ErrorMessage contains the error message type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-webhook-system/ipam-serving-cert controller-gen.kubebuilder.io/version: v0.2.8 creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 cluster.x-k8s.io/v1alpha2: v1alpha2 cluster.x-k8s.io/v1alpha3: v1alpha3_v1alpha4 name: ippools.ipam.metal3.io spec: conversion: strategy: Webhook webhook: clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /convert conversionReviewVersions: - v1 - v1beta1 group: ipam.metal3.io names: categories: - cluster-api kind: IPPool listKind: IPPoolList plural: ippools shortNames: - m3ipp - m3ippool singular: ippool scope: Namespaced versions: - additionalPrinterColumns: - description: Cluster to which this template belongs jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name name: Cluster type: string name: v1alpha1 schema: openAPIV3Schema: description: IPPool is the Schema for the ippools API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: IPPoolSpec defines the desired state of IPPool. properties: clusterName: description: ClusterName is the name of the Cluster this object belongs to. type: string dnsServers: description: DNSServers is the list of dns servers items: description: IPAddress is used for validation of an IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string type: array gateway: description: Gateway is the gateway ip address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string namePrefix: description: namePrefix is the prefix used to generate the IPAddress object names minLength: 1 type: string pools: description: Pools contains the list of IP addresses pools items: description: MetaDataIPAddress contains the info to render th ip address. It is IP-version agnostic properties: dnsServers: description: DNSServers is the list of dns servers items: description: IPAddress is used for validation of an IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string type: array end: description: End is the last IP address that can be rendered. It is used as a validation that the rendered IP is in bound. pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string gateway: description: Gateway is the gateway ip address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string prefix: description: Prefix is the mask of the network as integer (max 128) maximum: 128 type: integer start: description: Start is the first ip address that can be rendered pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string subnet: description: Subnet is used to validate that the rendered IP is in bounds. In case the Start value is not given, it is derived from the subnet ip incremented by 1 (`192.168.0.1` for `192.168.0.0/24`) pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))/([0-9]|[1-2][0-9]|3[0-2])$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))/([0-9]|[0-9][0-9]|1[0-1][0-9]|12[0-8])$)) type: string type: object type: array preAllocations: additionalProperties: description: IPAddress is used for validation of an IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string description: PreAllocations contains the preallocated IP addresses type: object prefix: description: Prefix is the mask of the network as integer (max 128) maximum: 128 type: integer required: - namePrefix type: object status: description: IPPoolStatus defines the observed state of IPPool. properties: indexes: additionalProperties: description: IPAddress is used for validation of an IP address pattern: ((^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$)|(^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))$)) type: string description: Allocations contains the map of objects and IP addresses they have type: object lastUpdated: description: LastUpdated identifies when this status was last observed. format: date-time type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: admissionregistration.k8s.io/v1beta1 kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-webhook-system/ipam-serving-cert creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-mutating-webhook-configuration webhooks: - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /mutate-ipam-metal3-io-v1alpha4-ipaddress failurePolicy: Fail matchPolicy: Equivalent name: default.ipaddress.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ipaddresses - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /mutate-ipam-metal3-io-v1alpha4-ipclaim failurePolicy: Fail matchPolicy: Equivalent name: default.ipclaim.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ipclaims - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /mutate-ipam-metal3-io-v1alpha4-ippool failurePolicy: Fail matchPolicy: Equivalent name: default.ippool.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ippools --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-leader-election-role namespace: capm3-system rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - configmaps/status verbs: - get - update - patch - apiGroups: - "" resources: - events verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-manager-role rules: - apiGroups: - "" resources: - events verbs: - create - get - list - patch - update - watch - apiGroups: - "" resources: - secrets verbs: - create - delete - get - list - patch - update - watch - apiGroups: - cluster.x-k8s.io resources: - clusters verbs: - get - list - watch - apiGroups: - cluster.x-k8s.io resources: - clusters/status verbs: - get - apiGroups: - ipam.metal3.io resources: - ipaddresses verbs: - create - delete - get - list - patch - update - watch - apiGroups: - ipam.metal3.io resources: - ipaddresses/status verbs: - get - patch - update - apiGroups: - ipam.metal3.io resources: - ipclaims verbs: - create - delete - get - list - patch - update - watch - apiGroups: - ipam.metal3.io resources: - ipclaims/status verbs: - get - patch - update - apiGroups: - ipam.metal3.io resources: - ippools verbs: - create - delete - get - list - patch - update - watch - apiGroups: - ipam.metal3.io resources: - ippools/status verbs: - get - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-leader-election-rolebinding namespace: capm3-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: ipam-leader-election-role subjects: - kind: ServiceAccount name: default namespace: capm3-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: ipam-manager-role subjects: - kind: ServiceAccount name: default namespace: capm3-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: ipam-proxy-role subjects: - kind: ServiceAccount name: default namespace: capm3-system --- apiVersion: v1 kind: Service metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-webhook-service namespace: capi-webhook-system spec: ports: - port: 443 targetPort: ipam-webhook selector: cluster.x-k8s.io/provider: infrastructure-metal3 --- apiVersion: v1 kind: Service metadata: annotations: prometheus.io/port: "8443" prometheus.io/scheme: https prometheus.io/scrape: "true" labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager name: ipam-controller-metrics-service namespace: capm3-system spec: ports: - name: https port: 8443 targetPort: https selector: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" name: ipam-controller-manager namespace: capi-webhook-system spec: selector: matchLabels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" template: metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=10 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https - args: - --metrics-addr=127.0.0.1:8080 - --webhook-port=9443 command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: quay.io/metal3-io/ip-address-manager:v0.0.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz port: healthz name: manager ports: - containerPort: 9443 name: ipam-webhook protocol: TCP - containerPort: 9440 name: healthz protocol: TCP readinessProbe: httpGet: path: /readyz port: healthz volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master volumes: - name: cert secret: defaultMode: 420 secretName: ipam-webhook-service-cert --- apiVersion: apps/v1 kind: Deployment metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" name: ipam-controller-manager namespace: capm3-system spec: selector: matchLabels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" template: metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=10 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https - args: - --metrics-addr=127.0.0.1:8080 - --enable-leader-election command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: quay.io/metal3-io/ip-address-manager:v0.0.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz port: healthz name: manager ports: - containerPort: 9440 name: healthz protocol: TCP readinessProbe: httpGet: path: /readyz port: healthz terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master --- apiVersion: cert-manager.io/v1alpha2 kind: Certificate metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-serving-cert namespace: capi-webhook-system spec: dnsNames: - ipam-webhook-service.capi-webhook-system.svc - ipam-webhook-service.capi-webhook-system.svc.cluster.local issuerRef: kind: Issuer name: ipam-selfsigned-issuer secretName: ipam-webhook-service-cert --- apiVersion: cert-manager.io/v1alpha2 kind: Issuer metadata: labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-selfsigned-issuer namespace: capi-webhook-system spec: selfSigned: {} --- apiVersion: admissionregistration.k8s.io/v1beta1 kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-webhook-system/ipam-serving-cert creationTimestamp: null labels: cluster.x-k8s.io/provider: infrastructure-metal3 name: ipam-validating-webhook-configuration webhooks: - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /validate-ipam-metal3-io-v1alpha4-ipaddress failurePolicy: Fail matchPolicy: Equivalent name: validation.ipaddress.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ipaddresses - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /validate-ipam-metal3-io-v1alpha4-ipclaim failurePolicy: Fail matchPolicy: Equivalent name: validation.ipclaim.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ipclaims - clientConfig: caBundle: Cg== service: name: ipam-webhook-service namespace: capi-webhook-system path: /validate-ipam-metal3-io-v1alpha4-ippool failurePolicy: Fail matchPolicy: Equivalent name: validation.ippool.ipam.metal3.io rules: - apiGroups: - ipam.metal3.io apiVersions: - v1alpha4 operations: - CREATE - UPDATE resources: - ippools