From b3fef9189ac714c8d35bb3f028a5b4e689db441d Mon Sep 17 00:00:00 2001 From: Fiachra Corcoran Date: Tue, 20 Aug 2024 21:28:33 +0100 Subject: [PATCH] Update capi pkg to v1.8.1 --- .../cluster-api-infrastructure-docker.yaml | 1692 ++- infra/capi/cluster-capi-kind/README.md | 4 +- infra/capi/cluster-capi-kind/cluster.yaml | 2 +- .../cluster-capi/cluster-api-bootstrap.yaml | 6560 ++++++--- .../cluster-api-control-plane.yaml | 6261 ++++++--- infra/capi/cluster-capi/cluster-api-core.yaml | 11324 ++++++++++------ 6 files changed, 17979 insertions(+), 7864 deletions(-) diff --git a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml index 7715496..09fc598 100644 --- a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml +++ b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml @@ -3,7 +3,6 @@ kind: Namespace metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged @@ -15,20 +14,16 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockerclusters.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -46,6 +41,154 @@ spec: singular: dockercluster scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + DockerCluster is the Schema for the dockerclusters API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: Host is the hostname on which the API server is serving. + type: string + port: + description: Port is the port on which the API server is serving. + type: integer + required: + - host + - port + type: object + failureDomains: + additionalProperties: + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: |- + FailureDomains are not usulaly defined on the spec. + The docker provider is special since failure domains don't mean anything in a local docker environment. + Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API + controllers to do what they will with the defined failure domains. + type: object + type: object + status: + description: DockerClusterStatus defines the observed state of DockerCluster. + properties: + conditions: + description: Conditions defines current service state of the DockerCluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureDomains: + additionalProperties: + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: |- + FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API + will use this if we populate it. + type: object + ready: + description: Ready denotes that the docker cluster (infrastructure) + is ready. + type: boolean + required: + - ready + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of DockerCluster jsonPath: .metadata.creationTimestamp @@ -55,18 +198,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: - This type will be removed in one of the next releases." + description: |- + DockerCluster is the Schema for the dockerclusters API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -89,9 +240,9 @@ spec: type: object failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -104,10 +255,10 @@ spec: is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains are not usulaly defined on the spec. The - docker provider is special since failure domains don't mean anything - in a local docker environment. Instead, the docker cluster controller - will simply copy these into the Status and allow the Cluster API + description: |- + FailureDomains are not usulaly defined on the spec. + The docker provider is special since failure domains don't mean anything in a local docker environment. + Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. type: object loadBalancer: @@ -115,12 +266,14 @@ spec: load balancer. properties: imageRepository: - description: ImageRepository sets the container registry to pull - the haproxy image from. if not set, "kindest" will be used instead. + description: |- + ImageRepository sets the container registry to pull the haproxy image from. + if not set, "kindest" will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the haproxy - image. if not set, "v20210715-a6da3463" will be used instead. + description: |- + ImageTag allows to specify a tag for the haproxy image. + if not set, "v20210715-a6da3463" will be used instead. type: string type: object type: object @@ -134,37 +287,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -173,9 +326,9 @@ spec: type: array failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -188,9 +341,9 @@ spec: is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains don't mean much in CAPD since it's all - local, but we can see how the rest of cluster API will use this - if we populate it. + description: |- + FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API + will use this if we populate it. type: object ready: description: Ready denotes that the docker cluster (infrastructure) @@ -219,14 +372,19 @@ spec: description: DockerCluster is the Schema for the dockerclusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -241,7 +399,8 @@ spec: description: Host is the hostname on which the API server is serving. type: string port: - description: Port is the port on which the API server is serving. + description: |- + Port is the port on which the API server is serving. Defaults to 6443 if not set. type: integer required: @@ -250,9 +409,9 @@ spec: type: object failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -265,10 +424,10 @@ spec: is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains are usually not defined in the spec. The - docker provider is special since failure domains don't mean anything - in a local docker environment. Instead, the docker cluster controller - will simply copy these into the Status and allow the Cluster API + description: |- + FailureDomains are usually not defined in the spec. + The docker provider is special since failure domains don't mean anything in a local docker environment. + Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. type: object loadBalancer: @@ -276,37 +435,38 @@ spec: load balancer. properties: customHAProxyConfigTemplateRef: - description: 'CustomHAProxyConfigTemplateRef allows you to replace - the default HAProxy config file. This field is a reference to - a config map that contains the configuration template. The key - of the config map should be equal to ''value''. The content - of the config map will be processed and will replace the default - HAProxy config file. Please use it with caution, as there are - no checks to ensure the validity of the configuration. This - template will support the following variables that will be passed - by the controller: $IPv6 (bool) indicates if the cluster is - IPv6, $FrontendControlPlanePort (string) indicates the frontend - control plane port, $BackendControlPlanePort (string) indicates - the backend control plane port, $BackendServers (map[string]string) - indicates the backend server where the key is the server name - and the value is the address. This map is dynamic and is updated - every time a new control plane node is added or removed. The - template will also support the JoinHostPort function to join - the host and port of the backend server.' + description: |- + CustomHAProxyConfigTemplateRef allows you to replace the default HAProxy config file. + This field is a reference to a config map that contains the configuration template. The key of the config map should be equal to 'value'. + The content of the config map will be processed and will replace the default HAProxy config file. Please use it with caution, as there are + no checks to ensure the validity of the configuration. This template will support the following variables that will be passed by the controller: + $IPv6 (bool) indicates if the cluster is IPv6, $FrontendControlPlanePort (string) indicates the frontend control plane port, + $BackendControlPlanePort (string) indicates the backend control plane port, $BackendServers (map[string]string) indicates the backend server + where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane + node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic imageRepository: - description: ImageRepository sets the container registry to pull - the haproxy image from. if not set, "kindest" will be used instead. + description: |- + ImageRepository sets the container registry to pull the haproxy image from. + if not set, "kindest" will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the haproxy - image. if not set, "v20210715-a6da3463" will be used instead. + description: |- + ImageTag allows to specify a tag for the haproxy image. + if not set, "v20210715-a6da3463" will be used instead. type: string type: object type: object @@ -320,37 +480,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -360,9 +520,9 @@ spec: type: array failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -375,9 +535,9 @@ spec: is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains don't mean much in CAPD since it's all - local, but we can see how the rest of cluster API will use this - if we populate it. + description: |- + FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API + will use this if we populate it. type: object ready: description: Ready denotes that the docker cluster (infrastructure) @@ -389,32 +549,22 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockerclustertemplates.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -441,18 +591,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "DockerClusterTemplate is the Schema for the dockerclustertemplates - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + DockerClusterTemplate is the Schema for the dockerclustertemplates API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -484,10 +642,9 @@ spec: type: object failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster - API failure domains. It allows controllers to understand - how many failure domains a cluster can optionally span - across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -500,26 +657,25 @@ spec: domain is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains are not usulaly defined on the - spec. The docker provider is special since failure domains - don't mean anything in a local docker environment. Instead, - the docker cluster controller will simply copy these into - the Status and allow the Cluster API controllers to do what - they will with the defined failure domains. + description: |- + FailureDomains are not usulaly defined on the spec. + The docker provider is special since failure domains don't mean anything in a local docker environment. + Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API + controllers to do what they will with the defined failure domains. type: object loadBalancer: description: LoadBalancer allows defining configurations for the cluster load balancer. properties: imageRepository: - description: ImageRepository sets the container registry - to pull the haproxy image from. if not set, "kindest" - will be used instead. + description: |- + ImageRepository sets the container registry to pull the haproxy image from. + if not set, "kindest" will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - haproxy image. if not set, "v20210715-a6da3463" will - be used instead. + description: |- + ImageTag allows to specify a tag for the haproxy image. + if not set, "v20210715-a6da3463" will be used instead. type: string type: object type: object @@ -545,14 +701,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -564,24 +725,27 @@ spec: to create a DockerCluster from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -596,8 +760,9 @@ spec: is serving. type: string port: - description: Port is the port on which the API server - is serving. Defaults to 6443 if not set. + description: |- + Port is the port on which the API server is serving. + Defaults to 6443 if not set. type: integer required: - host @@ -605,10 +770,9 @@ spec: type: object failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster - API failure domains. It allows controllers to understand - how many failure domains a cluster can optionally span - across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -621,54 +785,49 @@ spec: domain is suitable for use by control plane machines. type: boolean type: object - description: FailureDomains are usually not defined in the - spec. The docker provider is special since failure domains - don't mean anything in a local docker environment. Instead, - the docker cluster controller will simply copy these into - the Status and allow the Cluster API controllers to do what - they will with the defined failure domains. + description: |- + FailureDomains are usually not defined in the spec. + The docker provider is special since failure domains don't mean anything in a local docker environment. + Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API + controllers to do what they will with the defined failure domains. type: object loadBalancer: description: LoadBalancer allows defining configurations for the cluster load balancer. properties: customHAProxyConfigTemplateRef: - description: 'CustomHAProxyConfigTemplateRef allows you - to replace the default HAProxy config file. This field - is a reference to a config map that contains the configuration - template. The key of the config map should be equal - to ''value''. The content of the config map will be - processed and will replace the default HAProxy config - file. Please use it with caution, as there are no checks - to ensure the validity of the configuration. This template - will support the following variables that will be passed - by the controller: $IPv6 (bool) indicates if the cluster - is IPv6, $FrontendControlPlanePort (string) indicates - the frontend control plane port, $BackendControlPlanePort - (string) indicates the backend control plane port, $BackendServers - (map[string]string) indicates the backend server where - the key is the server name and the value is the address. - This map is dynamic and is updated every time a new - control plane node is added or removed. The template - will also support the JoinHostPort function to join - the host and port of the backend server.' + description: |- + CustomHAProxyConfigTemplateRef allows you to replace the default HAProxy config file. + This field is a reference to a config map that contains the configuration template. The key of the config map should be equal to 'value'. + The content of the config map will be processed and will replace the default HAProxy config file. Please use it with caution, as there are + no checks to ensure the validity of the configuration. This template will support the following variables that will be passed by the controller: + $IPv6 (bool) indicates if the cluster is IPv6, $FrontendControlPlanePort (string) indicates the frontend control plane port, + $BackendControlPlanePort (string) indicates the backend control plane port, $BackendServers (map[string]string) indicates the backend server + where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane + node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic imageRepository: - description: ImageRepository sets the container registry - to pull the haproxy image from. if not set, "kindest" - will be used instead. + description: |- + ImageRepository sets the container registry to pull the haproxy image from. + if not set, "kindest" will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - haproxy image. if not set, "v20210715-a6da3463" will - be used instead. + description: |- + ImageTag allows to specify a tag for the haproxy image. + if not set, "v20210715-a6da3463" will be used instead. type: string type: object type: object @@ -682,32 +841,22 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockermachinepools.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -725,6 +874,199 @@ spec: singular: dockermachinepool scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + DockerMachinePool is the Schema for the dockermachinepools API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. + properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool + type: string + providerIDList: + description: ProviderIDList is the list of identification IDs of machine + instances managed by this Machine Pool + items: + type: string + type: array + template: + description: Template contains the details used to build a replica + machine within the Machine Pool + properties: + customImage: + description: |- + CustomImage allows customizing the container image that is used for + running the machine + type: string + extraMounts: + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath + items: + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + type: object + type: object + status: + description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. + properties: + conditions: + description: Conditions defines current service state of the DockerMachinePool. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + instances: + description: Instances contains the status for each instance in the + pool + items: + description: DockerMachinePoolInstanceStatus contains status information + about a DockerMachinePool. + properties: + addresses: + description: Addresses contains the associated addresses for + the docker machine. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapped: + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + type: boolean + instanceName: + description: InstanceName is the identification of the Machine + Instance within the Machine Pool + type: string + providerID: + description: ProviderID is the provider identification of the + Machine Pool Instance + type: string + ready: + description: Ready denotes that the machine (docker container) + is ready + type: boolean + version: + description: Version defines the Kubernetes version for the + Machine Instance + type: string + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + ready: + description: Ready denotes that the machine pool is ready + type: boolean + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of DockerMachinePool jsonPath: .metadata.creationTimestamp @@ -734,18 +1076,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "DockerMachinePool is the Schema for the dockermachinepools API. - \n Deprecated: This type will be removed in one of the next releases." + description: |- + DockerMachinePool is the Schema for the dockermachinepools API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -766,24 +1116,27 @@ spec: machine within the Machine Pool properties: customImage: - description: CustomImage allows customizing the container image - that is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points for - the node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into a container. + description: |- + Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the - hostpath is a symbolic link, runtimes should follow the - symlink and mount the real destination to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -791,9 +1144,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a newly - created machine. This can be used to speed up tests by avoiding - e.g. to download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -809,37 +1162,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -873,8 +1226,9 @@ spec: type: object type: array bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine type: boolean instanceName: description: InstanceName is the identification of the Machine @@ -922,14 +1276,19 @@ spec: description: DockerMachinePool is the Schema for the dockermachinepools API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -950,24 +1309,27 @@ spec: machine within the Machine Pool properties: customImage: - description: CustomImage allows customizing the container image - that is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points for - the node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into a container. + description: |- + Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the - hostpath is a symbolic link, runtimes should follow the - symlink and mount the real destination to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -975,9 +1337,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a newly - created machine. This can be used to speed up tests by avoiding - e.g. to download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -993,37 +1355,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1062,10 +1424,13 @@ spec: type: object type: array bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field - will be removed in the next apiVersion. When removing also - remove from staticcheck exclude-rules for SA1019 in golangci.yml" + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + + + Deprecated: This field will be removed in the next apiVersion. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml type: boolean instanceName: description: InstanceName is the identification of the Machine @@ -1102,32 +1467,22 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockermachinepooltemplates.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -1157,14 +1512,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1177,24 +1537,27 @@ spec: needed to create a DockerMachine from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: @@ -1216,26 +1579,27 @@ spec: replica machine within the Machine Pool properties: customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount - into a container. This is a simplified version of - kind v1alpha4.Mount types. + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the - hostPath doesn't exist, then runtimes should report - error. If the hostpath is a symbolic link, runtimes - should follow the symlink and mount the real destination - to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -1243,10 +1607,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in - a newly created machine. This can be used to speed up - tests by avoiding e.g. to download CNI images on all - the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -1262,32 +1625,22 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockermachines.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -1305,6 +1658,162 @@ spec: singular: dockermachine scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + DockerMachine is the Schema for the dockermachines API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DockerMachineSpec defines the desired state of DockerMachine. + properties: + bootstrapped: + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + type: boolean + customImage: + description: |- + CustomImage allows customizing the container image that is used for + running the machine + type: string + extraMounts: + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath + items: + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format + (docker:////) + type: string + type: object + status: + description: DockerMachineStatus defines the observed state of DockerMachine. + properties: + addresses: + description: Addresses contains the associated addresses for the docker + machine. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines current service state of the DockerMachine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + loadBalancerConfigured: + description: |- + LoadBalancerConfigured denotes that the machine has been + added to the load balancer + type: boolean + ready: + description: Ready denotes that the machine (docker container) is + ready + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of DockerMachine jsonPath: .metadata.creationTimestamp @@ -1314,18 +1823,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: - This type will be removed in one of the next releases." + description: |- + DockerMachine is the Schema for the dockermachines API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1333,28 +1850,32 @@ spec: description: DockerMachineSpec defines the desired state of DockerMachine. properties: bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping has - been run against this machine + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine type: boolean customImage: - description: CustomImage allows customizing the container image that - is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points for the - node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into a container. + description: |- + Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the hostpath - is a symbolic link, runtimes should follow the symlink and - mount the real destination to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -1362,9 +1883,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a newly created - machine. This can be used to speed up tests by avoiding e.g. to - download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -1402,37 +1923,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -1440,7 +1961,8 @@ spec: type: object type: array loadBalancerConfigured: - description: LoadBalancerConfigured denotes that the machine has been + description: |- + LoadBalancerConfigured denotes that the machine has been added to the load balancer type: boolean ready: @@ -1480,45 +2002,61 @@ spec: description: DockerMachine is the Schema for the dockermachines API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: DockerMachineSpec defines the desired state of DockerMachine. properties: + bootstrapTimeout: + description: |- + BootstrapTimeout is the total amount of time to wait for the machine to bootstrap before timing out. + The default value is 3m. + type: string bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field will - be removed in the next apiVersion. When removing also remove from - staticcheck exclude-rules for SA1019 in golangci.yml." + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + + + Deprecated: This field will be removed in the next apiVersion. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml. type: boolean customImage: - description: CustomImage allows customizing the container image that - is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points for the - node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into a container. + description: |- + Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the hostpath - is a symbolic link, runtimes should follow the symlink and - mount the real destination to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -1526,9 +2064,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a newly created - machine. This can be used to speed up tests by avoiding e.g. to - download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -1566,37 +2104,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1605,7 +2143,8 @@ spec: type: object type: array loadBalancerConfigured: - description: LoadBalancerConfigured denotes that the machine has been + description: |- + LoadBalancerConfigured denotes that the machine has been added to the load balancer type: boolean ready: @@ -1618,32 +2157,22 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: dockermachinetemplates.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capd-webhook-service namespace: capd-system @@ -1661,6 +2190,98 @@ spec: singular: dockermachinetemplate scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + DockerMachineTemplate is the Schema for the dockermachinetemplates API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. + properties: + template: + description: DockerMachineTemplateResource describes the data needed + to create a DockerMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the machine. + properties: + bootstrapped: + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + type: boolean + customImage: + description: |- + CustomImage allows customizing the container image that is used for + running the machine + type: string + extraMounts: + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath + items: + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID + format (docker:////) + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false - additionalPrinterColumns: - description: Time duration since creation of DockerMachineTemplate jsonPath: .metadata.creationTimestamp @@ -1670,18 +2291,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "DockerMachineTemplate is the Schema for the dockermachinetemplates - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + DockerMachineTemplate is the Schema for the dockermachinetemplates API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1697,30 +2326,32 @@ spec: of the machine. properties: bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine type: boolean customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into - a container. This is a simplified version of kind v1alpha4.Mount - types. + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. - If the hostpath is a symbolic link, runtimes should - follow the symlink and mount the real destination - to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -1728,9 +2359,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a - newly created machine. This can be used to speed up tests - by avoiding e.g. to download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -1761,14 +2392,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1780,57 +2416,69 @@ spec: to create a DockerMachine from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: description: Spec is the specification of the desired behavior of the machine. properties: + bootstrapTimeout: + description: |- + BootstrapTimeout is the total amount of time to wait for the machine to bootstrap before timing out. + The default value is 3m. + type: string bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field - will be removed in the next apiVersion. When removing also - remove from staticcheck exclude-rules for SA1019 in golangci.yml." + description: |- + Bootstrapped is true when the kubeadm bootstrapping has been run + against this machine + + + Deprecated: This field will be removed in the next apiVersion. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml. type: boolean customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + description: |- + CustomImage allows customizing the container image that is used for + running the machine type: string extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath + description: |- + ExtraMounts describes additional mount points for the node container + These may be used to bind a hostPath items: - description: Mount specifies a host volume to mount into - a container. This is a simplified version of kind v1alpha4.Mount - types. + description: |- + Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. properties: containerPath: description: Path of the mount within the container. type: string hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. - If the hostpath is a symbolic link, runtimes should - follow the symlink and mount the real destination - to container. + description: |- + Path of the mount on the host. If the hostPath doesn't exist, then runtimes + should report error. If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination to container. type: string readOnly: description: If set, the mount is read-only. @@ -1838,9 +2486,9 @@ spec: type: object type: array preLoadImages: - description: PreLoadImages allows to pre-load images in a - newly created machine. This can be used to speed up tests - by avoiding e.g. to download CNI images on all the containers. + description: |- + PreLoadImages allows to pre-load images in a newly created machine. This can be used to + speed up tests by avoiding e.g. to download CNI images on all the containers. items: type: string type: array @@ -1859,19 +2507,12 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: v1 kind: ServiceAccount metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-manager namespace: capd-system --- @@ -1880,7 +2521,6 @@ kind: Role metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-leader-election-role namespace: capd-system rules: @@ -1908,7 +2548,6 @@ kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-manager-role rules: - apiGroups: @@ -1982,7 +2621,6 @@ rules: - apiGroups: - infrastructure.cluster.x-k8s.io resources: - - dockerclusters/finalizers - dockerclusters/status verbs: - get @@ -2003,7 +2641,6 @@ rules: - apiGroups: - infrastructure.cluster.x-k8s.io resources: - - dockermachinepools/finalizers - dockermachinepools/status verbs: - get @@ -2024,7 +2661,6 @@ rules: - apiGroups: - infrastructure.cluster.x-k8s.io resources: - - dockermachines/finalizers - dockermachines/status verbs: - get @@ -2034,10 +2670,8 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-leader-election-rolebinding namespace: capd-system roleRef: @@ -2052,10 +2686,8 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -2071,7 +2703,6 @@ kind: Service metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-webhook-service namespace: capd-system spec: @@ -2084,10 +2715,8 @@ spec: apiVersion: apps/v1 kind: Deployment metadata: - labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capd-controller-manager namespace: capd-system @@ -2097,10 +2726,8 @@ spec: matchLabels: cluster.x-k8s.io/provider: infrastructure-docker control-plane: controller-manager - strategy: {} template: metadata: - labels: cluster.x-k8s.io/provider: infrastructure-docker control-plane: controller-manager @@ -2125,7 +2752,7 @@ spec: fieldRef: fieldPath: metadata.uid - name: DOCKER_HOST - image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.0 + image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.8.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -2146,9 +2773,9 @@ spec: httpGet: path: /readyz port: healthz - resources: {} securityContext: privileged: true + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert @@ -2169,14 +2796,12 @@ spec: - hostPath: path: /var/run/docker.sock name: dockersock -status: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-serving-cert namespace: capd-system spec: @@ -2196,7 +2821,6 @@ kind: Issuer metadata: labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-selfsigned-issuer namespace: capd-system spec: @@ -2207,10 +2831,8 @@ kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -2263,10 +2885,8 @@ kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - labels: cluster.x-k8s.io/provider: infrastructure-docker - clusterctl.cluster.x-k8s.io: "" name: capd-validating-webhook-configuration webhooks: - admissionReviewVersions: @@ -2334,4 +2954,4 @@ webhooks: - UPDATE resources: - dockermachinetemplates - sideEffects: None + sideEffects: None \ No newline at end of file diff --git a/infra/capi/cluster-capi-kind/README.md b/infra/capi/cluster-capi-kind/README.md index 226c6d0..8d39cd6 100644 --- a/infra/capi/cluster-capi-kind/README.md +++ b/infra/capi/cluster-capi-kind/README.md @@ -8,5 +8,5 @@ The package contains some defaults but can be changed through the kpt pipeline - pod cidrBlocks: 192.168.0.0/16 - service cidrBlocks: 10.128.0.0/12 - service domain: cluster.local -- kubernetes version: v1.26.3 -- workers: 3 \ No newline at end of file +- kubernetes version: v1.31.0 +- workers: 1 \ No newline at end of file diff --git a/infra/capi/cluster-capi-kind/cluster.yaml b/infra/capi/cluster-capi-kind/cluster.yaml index 23f0da3..1abb58e 100644 --- a/infra/capi/cluster-capi-kind/cluster.yaml +++ b/infra/capi/cluster-capi-kind/cluster.yaml @@ -30,7 +30,7 @@ spec: enabled: true enforce: baseline warn: restricted - version: v1.26.3 + version: v1.31.0 workers: machineDeployments: - class: docker-default-worker diff --git a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml index 2abd069..5452bb3 100644 --- a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml +++ b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml @@ -3,7 +3,6 @@ kind: Namespace metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-kubeadm-bootstrap-system --- @@ -12,20 +11,16 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: kubeadmconfigs.bootstrap.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-kubeadm-bootstrap-webhook-service namespace: capi-kubeadm-bootstrap-system @@ -43,34 +38,37 @@ spec: singular: kubeadmconfig scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmConfig - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 + - deprecated: true + name: v1alpha3 schema: openAPIV3Schema: - description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: - This type will be removed in one of the next releases." + description: |- + KubeadmConfig is the Schema for the kubeadmconfigs API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be defined - or the JoinConfiguration should be defined. + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration are @@ -89,21 +87,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -130,33 +130,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store or look - for all required certificates. NB: if not provided, this will - default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address or - DNS name for the control plane; it can be a valid IP address - or a RFC-1123 DNS subdomain, both with optional TCP port. In - case the ControlPlaneEndpoint is not specified, the AdvertiseAddress - + BindPort are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible usages - are: e.g. In a cluster with more than one control plane instances, - this field should be assigned the address of the external load - balancer in front of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint could - be used for assigning a stable DNS to the control plane. NB: - This value defaults to the first value in the Cluster object - status.apiEndpoints array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings for the @@ -165,21 +166,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -206,33 +209,38 @@ spec: in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry to - pull images from. if not set, the ImageRepository defined - in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the image. - In case this value is set, kubeadm does not change automatically - the version of the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This value - defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority file - used to secure etcd communication. Required if using - a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification file used - to secure etcd communication. Required if using a TLS - connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required for ExternalEtcd. @@ -240,8 +248,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -250,30 +259,31 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided to - the etcd binary when run inside a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -295,44 +305,45 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: ImageRepository sets the container registry to pull - images from. If empty, `registry.k8s.io` will be used by default; - in case of kubernetes version is a CI build (kubernetes version - starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and for - kube-proxy, while `registry.k8s.io` will be used for all the - other images. + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` + will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version of the control - plane. NB: This value defaults to the Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the Cluster - object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. If unset, - the API server will not allocate CIDR ranges for every node. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.services.cidrBlocks if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" - if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -342,21 +353,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -378,6 +391,11 @@ spec: type: object type: array type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should be + used for Kubernetes components instead of their respective separate + images + type: boolean type: object diskSetup: description: DiskSetup specifies options for the creation of partition @@ -406,9 +424,9 @@ spec: used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition to use. @@ -416,10 +434,9 @@ spec: and , where NUM is the actual partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, used for - Microsoft Azure that instructs cloud-init to replace a - file system of . NOTE: unless you define a label, - this requires the use of the ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -437,21 +454,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -525,50 +542,52 @@ spec: the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` time - and describes a set of Bootstrap Tokens to create. This information - IS NOT uploaded to the kubeadm cluster configmap, partly because - of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message why - this token exists and what it's used for, so other administrators - can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when this token - expires. Defaults to being set dynamically at runtime - based on the TTL. Expires and TTL are mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that this - token will authenticate as when/if used for authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which this token - can be used. Can by default be used for establishing bidirectional - trust, but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -577,21 +596,20 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the API - server instance that's deployed on this control plane node In - HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to each - individual API server. This configuration object lets you customize - what IP/DNS name and port the local API server advertises it's - accessible on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in case that process + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: advertiseAddress: @@ -599,72 +617,64 @@ spec: API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API Server - to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer + required: + - advertiseAddress + - bindPort type: object nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -683,21 +693,23 @@ spec: join command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate authority - used to secure comunications between node and control-plane. - Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when - there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no additional - control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint of the @@ -708,58 +720,62 @@ spec: the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer + required: + - advertiseAddress + - bindPort type: object type: object discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when there - is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options for - bootstrap token based discovery BootstrapToken and File - are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of public key - pins to verify when token-based discovery is used. The - root CA found during discovery must match one of these - values. Specifying an empty set disables root CA pinning, - which can be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject Public - Key Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate cluster - information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token + - unsafeSkipCAVerification type: object file: - description: File is used to specify a file or URL to a kubeconfig - file from which to load cluster information BootstrapToken - and File are mutually exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: kubeConfigPath: description: KubeConfigPath is used to specify the actual @@ -773,80 +789,70 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS bootstrapping. - If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain any - other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + TODO: revisit when there is defaulting from k/k type: string type: object kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -893,13 +899,20 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm command - with a shell script with retries for joins. \n This is meant to - be an experimental temporary workaround on some environments where - joins fail due to timing (and other issues). The long term goal - is to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. type: boolean users: description: Users specifies extra users to add @@ -952,7 +965,8 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log level verbosity. + description: |- + Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. format: int32 type: integer @@ -960,6 +974,14 @@ spec: status: description: KubeadmConfigStatus defines the observed state of KubeadmConfig. properties: + bootstrapData: + description: |- + BootstrapData will be a cloud-init script for now. + + + Deprecated: Switch to DataSecretName. + format: byte + type: string conditions: description: Conditions defines current service state of the KubeadmConfig. items: @@ -967,37 +989,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -1030,35 +1052,41 @@ spec: subresources: status: {} - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - description: Time duration since creation of KubeadmConfig jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1beta1 + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: KubeadmConfig is the Schema for the kubeadmconfigs API. + description: |- + KubeadmConfig is the Schema for the kubeadmconfigs API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be defined - or the JoinConfiguration should be defined. + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration are @@ -1077,21 +1105,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -1118,33 +1148,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store or look - for all required certificates. NB: if not provided, this will - default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address or - DNS name for the control plane; it can be a valid IP address - or a RFC-1123 DNS subdomain, both with optional TCP port. In - case the ControlPlaneEndpoint is not specified, the AdvertiseAddress - + BindPort are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible usages - are: e.g. In a cluster with more than one control plane instances, - this field should be assigned the address of the external load - balancer in front of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint could - be used for assigning a stable DNS to the control plane. NB: - This value defaults to the first value in the Cluster object - status.apiEndpoints array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings for the @@ -1153,21 +1184,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -1194,33 +1227,35 @@ spec: in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry to - pull images from. if not set, the ImageRepository defined - in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the image. - In case this value is set, kubeadm does not change automatically - the version of the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This value - defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority file - used to secure etcd communication. Required if using - a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification file used - to secure etcd communication. Required if using a TLS - connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required for ExternalEtcd. @@ -1228,8 +1263,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -1238,30 +1274,31 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided to - the etcd binary when run inside a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -1283,50 +1320,45 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: 'ImageRepository sets the container registry to pull - images from. * If not set, the default registry of kubeadm will - be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, - >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): - all older versions Please note that when imageRepository is - not set we don''t allow upgrades to versions >= v1.22.0 which - use the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead (i.e. >= v1.22.17, >= - v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI - build (kubernetes version starts with `ci/` or `ci-cross/`) - `gcr.io/k8s-staging-ci-images` will be used as a default for - control plane components and for kube-proxy, while `registry.k8s.io` - will be used for all the other images.' + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` + will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version of the control - plane. NB: This value defaults to the Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the Cluster - object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. If unset, - the API server will not allocate CIDR ranges for every node. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.services.cidrBlocks if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" - if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -1336,21 +1368,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod where @@ -1400,9 +1434,9 @@ spec: used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition to use. @@ -1410,10 +1444,9 @@ spec: and , where NUM is the actual partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, used for - Microsoft Azure that instructs cloud-init to replace a - file system of . NOTE: unless you define a label, - this requires the use of the ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -1431,21 +1464,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -1460,10 +1493,6 @@ spec: description: File defines the input for generating write_files in cloud-init. properties: - append: - description: Append specifies whether to append Content to existing - file if Path exists. - type: boolean content: description: Content is the actual content of the file. type: string @@ -1517,75 +1546,58 @@ spec: description: Format specifies the output format of the bootstrap data enum: - cloud-config - - ignition type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional configuration - to be merged with the Ignition configuration generated by - the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig should be - strictly parsed. If so, warnings are treated as errors. - type: boolean - type: object - type: object initConfiguration: description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` time - and describes a set of Bootstrap Tokens to create. This information - IS NOT uploaded to the kubeadm cluster configmap, partly because - of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message why - this token exists and what it's used for, so other administrators - can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when this token - expires. Defaults to being set dynamically at runtime - based on the TTL. Expires and TTL are mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that this - token will authenticate as when/if used for authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which this token - can be used. Can by default be used for establishing bidirectional - trust, but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -1594,21 +1606,20 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the API - server instance that's deployed on this control plane node In - HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to each - individual API server. This configuration object lets you customize - what IP/DNS name and port the local API server advertises it's - accessible on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in case that process + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: advertiseAddress: @@ -1616,16 +1627,17 @@ spec: API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API Server - to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -1638,61 +1650,44 @@ spec: items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never - type: string kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. - This field is solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -1705,56 +1700,29 @@ spec: type: object type: array type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm init". The - minimum kubernetes version needed to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. - type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array type: object joinConfiguration: description: JoinConfiguration is the kubeadm configuration for the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate authority - used to secure comunications between node and control-plane. - Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when - there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no additional - control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint of the @@ -1765,58 +1733,58 @@ spec: the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when there - is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options for - bootstrap token based discovery BootstrapToken and File - are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of public key - pins to verify when token-based discovery is used. The - root CA found during discovery must match one of these - values. Specifying an empty set disables root CA pinning, - which can be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject Public - Key Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate cluster - information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or URL to a kubeconfig - file from which to load cluster information BootstrapToken - and File are mutually exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: kubeConfigPath: description: KubeConfigPath is used to specify the actual @@ -1830,24 +1798,25 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS bootstrapping. - If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain any - other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -1860,61 +1829,44 @@ spec: items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never - type: string kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. - This field is solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -1927,35 +1879,6 @@ spec: type: object type: array type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm join". The - minimum kubernetes version needed to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. - type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array type: object mounts: description: Mounts specifies a list of mount points to be setup. @@ -1990,16 +1913,20 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm command - with a shell script with retries for joins. \n This is meant to - be an experimental temporary workaround on some environments where - joins fail due to timing (and other issues). The long term goal - is to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed and this - field will be removed in a future release. When removing also remove - from staticcheck exclude-rules for SA1019 in golangci.yml" + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. type: boolean users: description: Users specifies extra users to add @@ -2031,171 +1958,2901 @@ spec: passwd: description: Passwd specifies a hashed password for the user type: string - passwdFrom: - description: PasswdFrom is a referenced source of passwd to - populate the passwd. - properties: - secret: - description: Secret represents a secret that should populate - this password. + primaryGroup: + description: PrimaryGroup specifies the primary group for the + user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized + keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + conditions: + description: Conditions defines current service state of the KubeadmConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors + type: string + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: Time duration since creation of KubeadmConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmConfig is the Schema for the kubeadmconfigs API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are + the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server + control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names + for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that + we use for API server to appear + type: string + type: object + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + certificatesDir: + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + type: string + controllerManager: + description: ControllerManager contains extra settings for the + controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed + in the cluster. + properties: + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: object + etcd: + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd + properties: + external: + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive + properties: + caFile: + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. + type: string + certFile: + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. + type: string + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive + properties: + dataDir: + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. + type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative + Names for the etcd server signing cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + * If not set, the default registry of kubeadm will be used, i.e. + * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 + * k8s.gcr.io (old registry): all older versions + Please note that when imageRepository is not set we don't allow upgrades to + versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use + a newer patch version with the new registry instead (i.e. >= v1.22.17, + >= v1.23.15, >= v1.24.9, >= v1.25.0). + * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components + and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + kubernetesVersion: + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version + type: string + networking: + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. + Defaults to "cluster.local". + type: string + podSubnet: + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler + control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition + tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to + setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to add to the + command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be + used. If set to None, no label is used. + type: string + overwrite: + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. + The valid options are: "auto|any", "auto", "any", "none", + and , where NUM is the actual partition number.' + type: string + replaceFS: + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions to + setup. + items: + description: Partition defines how to create and layout a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. + type: boolean + tableType: + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files in + cloud-init. + properties: + append: + description: Append specifies whether to append Content to existing + file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to + populate the file. + properties: + secret: + description: Secret represents a secret that should populate + this file. + properties: + key: + description: Key is the key in the secret's data map + for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. + "root:root". + type: string + path: + description: Path specifies the full path on disk where to store + the file. + type: string + permissions: + description: Permissions specifies the permissions to assign + to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: |- + AdditionalConfig contains additional configuration to be merged with the Ignition + configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging + + + The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ + type: string + strict: + description: Strict controls if AdditionalConfig should be + strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are + the configurations necessary for the init command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + bootstrapTokens: + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored + as a Secret in the cluster. + properties: + description: + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. + type: string + expires: + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication + items: + type: string + type: array + token: + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. + type: string + ttl: + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. + type: string + usages: + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + localAPIEndpoint: + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the + API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node API + object, for later re-use + type: string + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight + errors to be ignored when the current node is registered. + items: + type: string + type: array + imagePullPolicy: + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never + type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to + a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint + key. + type: string + required: + - effect + - key + type: object + type: array + type: object + patches: + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. + type: string + type: object + skipPhases: + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the + join command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + caCertPath: + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k + type: string + controlPlane: + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the + API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for + the API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k + properties: + bootstrapToken: + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name + to the API server from which info will be fetched. + type: string + caCertHashes: + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex + items: + type: string + type: array + token: + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + type: object + file: + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive + properties: + kubeConfig: + description: |- + KubeConfig is used (optionally) to generate a KubeConfig based on the KubeadmConfig's information. + The file is generated at the path specified in KubeConfigPath. + + + Host address (server field) information is automatically populated based on the Cluster's ControlPlaneEndpoint. + Certificate Authority (certificate-authority-data field) is gathered from the cluster's CA secret. + properties: + cluster: + description: |- + Cluster contains information about how to communicate with the kubernetes cluster. + + + By default the following fields are automatically populated: + - Server with the Cluster's ControlPlaneEndpoint. + - CertificateAuthorityData with the Cluster's CA certificate. + properties: + certificateAuthorityData: + description: |- + CertificateAuthorityData contains PEM-encoded certificate authority certificates. + + + Defaults to the Cluster's CA certificate if empty. + format: byte + type: string + insecureSkipTLSVerify: + description: InsecureSkipTLSVerify skips the validity + check for the server's certificate. This will + make your HTTPS connections insecure. + type: boolean + proxyURL: + description: |- + ProxyURL is the URL to the proxy to be used for all requests made by this + client. URLs with "http", "https", and "socks5" schemes are supported. If + this configuration is not provided or the empty string, the client + attempts to construct a proxy configuration from http_proxy and + https_proxy environment variables. If these environment variables are not + set, the client does not attempt to proxy requests. + + + socks5 proxying does not currently support spdy streaming endpoints (exec, + attach, port forward). + type: string + server: + description: |- + Server is the address of the kubernetes cluster (https://hostname:port). + + + Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + type: string + tlsServerName: + description: TLSServerName is used to check server + certificate. If TLSServerName is empty, the + hostname used to contact the server is used. + type: string + type: object + user: + description: |- + User contains information that describes identity information. + This is used to tell the kubernetes cluster who you are. + properties: + authProvider: + description: AuthProvider specifies a custom authentication + plugin for the kubernetes cluster. + properties: + config: + additionalProperties: + type: string + description: Config holds the parameters for + the authentication plugin. + type: object + name: + description: Name is the name of the authentication + plugin. + type: string + required: + - name + type: object + exec: + description: Exec specifies a custom exec-based + authentication plugin for the kubernetes cluster. + properties: + apiVersion: + description: |- + Preferred input version of the ExecInfo. The returned ExecCredentials MUST use + the same encoding version as the input. + Defaults to client.authentication.k8s.io/v1 if not set. + type: string + args: + description: Arguments to pass to the command + when executing it. + items: + type: string + type: array + command: + description: Command to execute. + type: string + env: + description: |- + Env defines additional environment variables to expose to the process. These + are unioned with the host's environment, as well as variables client-go uses + to pass argument to the plugin. + items: + description: |- + KubeConfigAuthExecEnv is used for setting environment variables when executing an exec-based + credential plugin. + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + provideClusterInfo: + description: |- + ProvideClusterInfo determines whether or not to provide cluster information, + which could potentially contain very large CA data, to this exec plugin as a + part of the KUBERNETES_EXEC_INFO environment variable. By default, it is set + to false. Package k8s.io/client-go/tools/auth/exec provides helper methods for + reading this environment variable. + type: boolean + required: + - command + type: object + type: object + required: + - user + type: object + kubeConfigPath: + description: KubeConfigPath is used to specify the actual + file path or URL to the kubeconfig file from which to + load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string + type: object + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node API + object, for later re-use + type: string + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight + errors to be ignored when the current node is registered. + items: + type: string + type: array + imagePullPolicy: + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never + type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to + a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint + key. + type: string + required: + - effect + - key + type: object + type: array + type: object + patches: + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. + type: string + type: object + skipPhases: + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after + kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before + kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + + + Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. + properties: + gecos: + description: Gecos specifies the gecos to use for the user + type: string + groups: + description: Groups specifies the additional groups for the + user + type: string + homeDir: + description: HomeDir specifies the home directory to use for + the user + type: string + inactive: + description: Inactive specifies whether to mark the user as + inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should + be disabled + type: boolean + name: + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user + type: string + passwdFrom: + description: PasswdFrom is a referenced source of passwd to + populate the passwd. + properties: + secret: + description: Secret represents a secret that should populate + this password. + properties: + key: + description: Key is the key in the secret's data map + for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + primaryGroup: + description: PrimaryGroup specifies the primary group for the + user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized + keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + conditions: + description: Conditions defines current service state of the KubeadmConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors + type: string + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + cluster.x-k8s.io/provider: bootstrap-kubeadm + cluster.x-k8s.io/v1beta1: v1beta1 + name: kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: bootstrap.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: KubeadmConfigTemplate + listKind: KubeadmConfigTemplateList + plural: kubeadmconfigtemplates + singular: kubeadmconfigtemplate + scope: Namespaced + versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. + properties: + template: + description: KubeadmConfigTemplateResource defines the Template structure. + properties: + spec: + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration + are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the + API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative + Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout + that we use for API server to appear + type: string + type: object + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + certificatesDir: + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + type: string + controllerManager: + description: ControllerManager contains extra settings + for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on + installed in the cluster. + properties: + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd + properties: + external: + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive + properties: + caFile: + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. + type: string + certFile: + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. + type: string + endpoints: + description: Endpoints of etcd members. Required + for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive + properties: + dataDir: + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. + type: object + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject + Alternative Names for the etcd server signing + cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` + will be used for all the other images. + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + kubernetesVersion: + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version + type: string + networking: + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s + services. Defaults to "cluster.local". + type: string + podSubnet: + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the + scheduler control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should + be used for Kubernetes components instead of their respective + separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation + of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems + to setup. + items: + description: Filesystem defines the file systems to + be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to + add to the command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system + type. + type: string + label: + description: Label specifies the file system label + to be used. If set to None, no label is used. + type: string + overwrite: + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition + to use. The valid options are: "auto|any", "auto", + "any", "none", and , where NUM is the actual + partition number.' + type: string + replaceFS: + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions + to setup. + items: + description: Partition defines how to create and layout + a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. + type: boolean + tableType: + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files + in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content + to populate the file. + properties: + secret: + description: Secret represents a secret that should + populate this file. + properties: + key: + description: Key is the key in the secret's + data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the + file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, + e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where + to store the file. + type: string + permissions: + description: Permissions specifies the permissions to + assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap + data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration + are the configurations necessary for the init command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + bootstrapTokens: + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap + token, stored as a Secret in the cluster. + properties: + description: + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. + type: string + expires: + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication + items: + type: string + type: array + token: + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. + type: string + ttl: + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. + type: string + usages: + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + localAPIEndpoint: + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container + runtime info. This information will be annotated + to the Node API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to + the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration + for the join command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + caCertPath: + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k + type: string + controlPlane: + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint + of the API server instance to be deployed on this + node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k + properties: + bootstrapToken: + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain + name to the API server from which info will + be fetched. + type: string + caCertHashes: + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex + items: + type: string + type: array + token: + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + - unsafeSkipCAVerification + type: object + file: + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify + the actual file path or URL to the kubeconfig + file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + TODO: revisit when there is defaulting from k/k + type: string + type: object + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container + runtime info. This information will be annotated + to the Node API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to + the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be + setup. + items: + description: MountPoints defines input for generated mounts + in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands + to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to + run before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user + in cloud-init. properties: - key: - description: Key is the key in the secret's data map - for this value. + gecos: + description: Gecos specifies the gecos to use for the + user + type: string + groups: + description: Groups specifies the additional groups + for the user + type: string + homeDir: + description: HomeDir specifies the home directory to + use for the user type: string + inactive: + description: Inactive specifies whether to mark the + user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login + should be disabled + type: boolean name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for + the user + type: string + primaryGroup: + description: PrimaryGroup specifies the primary group + for the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh + authorized keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user type: string required: - - key - name type: object - required: - - secret - type: object - primaryGroup: - description: PrimaryGroup specifies the primary group for the - user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level verbosity. - It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - status: - description: KubeadmConfigStatus defines the observed state of KubeadmConfig. - properties: - conditions: - description: Conditions defines current service state of the KubeadmConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. - type: string - failureMessage: - description: FailureMessage will be set on non-retryable errors - type: string - failureReason: - description: FailureReason will be set on non-retryable errors - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready indicates the BootstrapData field is ready to be - consumed - type: boolean + type: array + verbosity: + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + type: object + required: + - template type: object type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - - labels: - cluster.x-k8s.io/provider: bootstrap-kubeadm - cluster.x-k8s.io/v1alpha4: v1alpha4 - cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" - name: kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: bootstrap.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: KubeadmConfigTemplate - listKind: KubeadmConfigTemplateList - plural: kubeadmconfigtemplates - singular: kubeadmconfigtemplate - scope: Namespaced - versions: + served: false + storage: false - additionalPrinterColumns: - description: Time duration since creation of KubeadmConfigTemplate jsonPath: .metadata.creationTimestamp @@ -2205,18 +4862,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2227,9 +4892,9 @@ spec: description: KubeadmConfigTemplateResource defines the Template structure. properties: spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be - defined or the JoinConfiguration should be defined. + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -2248,21 +4913,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -2291,35 +4958,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid - IP address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the - ControlPlaneEndpoint is specified but without a TCP - port, the BindPort is used. Possible usages are: e.g. - In a cluster with more than one control plane instances, - this field should be assigned the address of the external - load balancer in front of the control plane instances. - e.g. in environments with enforced node recycling, - the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings @@ -2328,21 +4994,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -2371,35 +5039,35 @@ spec: installed in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to - an external etcd cluster Local and External are - mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required @@ -2408,9 +5076,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to - secure etcd communication. Required if using - a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -2419,32 +5087,31 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for - configuring the local etcd instance Local and External - are mutually exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will - place its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static - pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -2467,47 +5134,45 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: ImageRepository sets the container registry - to pull images from. If empty, `registry.k8s.io` will - be used by default; in case of kubernetes version is - a CI build (kubernetes version starts with `ci/` or - `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be - used as a default for control plane components and for - kube-proxy, while `registry.k8s.io` will be used for - all the other images. + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` + will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to the - Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to - the Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s - services. Defaults to a comma-delimited string of - the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -2517,21 +5182,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -2585,10 +5252,9 @@ spec: to be used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition @@ -2597,11 +5263,9 @@ spec: partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: unless - you define a label, this requires the use of the - ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -2620,22 +5284,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -2711,54 +5374,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens to - create. This information IS NOT uploaded to the kubeadm - cluster configmap, partly because of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message - why this token exists and what it's used for, - so other administrators can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when - this token expires. Defaults to being set dynamically - at runtime based on the TTL. Expires and TTL are - mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for - authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for - joining nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this - token. Defaults to 24h. Expires and TTL are mutually - exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which - this token can be used. Can by default be used - for establishing bidirectional trust, but that - can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -2767,22 +5428,20 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this control - plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global - endpoint for the cluster, which then loadbalances the - requests to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible on. - By default, kubeadm tries to auto-detect the IP of the - default interface and use that, but in case that process + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: advertiseAddress: @@ -2790,17 +5449,17 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container @@ -2817,51 +5476,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -2880,21 +5529,23 @@ spec: for the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. If - nil, no additional control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -2906,21 +5557,22 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for the - kubelet to use during the TLS Bootstrap process TODO: - revisit when there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken - and File are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain @@ -2928,40 +5580,36 @@ spec: be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of - public key pins to verify when token-based discovery - is used. The root CA found during discovery - must match one of these values. Specifying an - empty set disables root CA pinning, which can - be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject - Public Key Info (SPKI) object in DER-encoded - ASN.1. These hashes can be calculated using, - for example, OpenSSL: openssl x509 -pubkey -in - ca.crt openssl rsa -pubin -outform der 2>&/dev/null - | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate - cluster information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since - other nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or URL - to a kubeconfig file from which to load cluster - information BootstrapToken and File are mutually - exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: kubeConfigPath: description: KubeConfigPath is used to specify @@ -2975,26 +5623,25 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for - TLS bootstrapping. If .BootstrapToken is set, this - field is defaulted to .BootstrapToken.Token, but - can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain - any other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container @@ -3011,51 +5658,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -3104,13 +5741,20 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and - use that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. type: boolean users: description: Users specifies extra users to add @@ -3166,8 +5810,9 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object @@ -3191,14 +5836,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3209,30 +5859,33 @@ spec: description: KubeadmConfigTemplateResource defines the Template structure. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be - defined or the JoinConfiguration should be defined. + description: |- + KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -3251,21 +5904,154 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -3294,35 +6080,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid - IP address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the - ControlPlaneEndpoint is specified but without a TCP - port, the BindPort is used. Possible usages are: e.g. - In a cluster with more than one control plane instances, - this field should be assigned the address of the external - load balancer in front of the control plane instances. - e.g. in environments with enforced node recycling, - the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings @@ -3331,21 +6116,154 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -3374,35 +6292,35 @@ spec: installed in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to - an external etcd cluster Local and External are - mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required @@ -3411,9 +6329,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to - secure etcd communication. Required if using - a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -3422,32 +6340,164 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for - configuring the local etcd instance Local and External - are mutually exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will - place its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static - pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if value + is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -3470,54 +6520,52 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io (new - registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= - v1.25.0 * k8s.gcr.io (old registry): all older versions - Please note that when imageRepository is not set we - don''t allow upgrades to versions >= v1.22.0 which use - the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead (i.e. >= v1.22.17, - >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version - is a CI build (kubernetes version starts with `ci/` - or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will - be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used - for all the other images.' + description: |- + ImageRepository sets the container registry to pull images from. + * If not set, the default registry of kubeadm will be used, i.e. + * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 + * k8s.gcr.io (old registry): all older versions + Please note that when imageRepository is not set we don't allow upgrades to + versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use + a newer patch version with the new registry instead (i.e. >= v1.22.17, + >= v1.23.15, >= v1.24.9, >= v1.25.0). + * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components + and for kube-proxy, while `registry.k8s.io` will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to the - Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to - the Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s - services. Defaults to a comma-delimited string of - the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -3527,21 +6575,154 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the @@ -3595,10 +6776,9 @@ spec: to be used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition @@ -3607,11 +6787,9 @@ spec: partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: unless - you define a label, this requires the use of the - ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -3630,22 +6808,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -3729,11 +6906,12 @@ spec: configuration. properties: additionalConfig: - description: "AdditionalConfig contains additional - configuration to be merged with the Ignition configuration - generated by the bootstrapper controller. More info: - https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + description: |- + AdditionalConfig contains additional configuration to be merged with the Ignition + configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging + + + The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ type: string strict: description: Strict controls if AdditionalConfig should @@ -3747,54 +6925,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens to - create. This information IS NOT uploaded to the kubeadm - cluster configmap, partly because of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message - why this token exists and what it's used for, - so other administrators can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when - this token expires. Defaults to being set dynamically - at runtime based on the TTL. Expires and TTL are - mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for - authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for - joining nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this - token. Defaults to 24h. Expires and TTL are mutually - exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which - this token can be used. Can by default be used - for establishing bidirectional trust, but that - can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -3803,22 +6979,20 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this control - plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global - endpoint for the cluster, which then loadbalances the - requests to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible on. - By default, kubeadm tries to auto-detect the IP of the - default interface and use that, but in case that process + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: advertiseAddress: @@ -3826,17 +7000,17 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container @@ -3851,65 +7025,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and "join" - operations. The value of this field must be one - of "Always", "IfNotPresent" or "Never". Defaults - to "IfNotPresent". This can be used only with Kubernetes - version equal to 1.22 and later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - []` in the YAML file. This field is solely used - for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -3923,34 +7093,29 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - init". The minimum kubernetes version needed to support - Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory that - contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just - "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", "etcd". - "patchtype" can be one of "strategic" "merge" or - "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". - "extension" must be either "json" or "yaml". "suffix" - is an optional string that can be used to determine - which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional - files to be created on the machine, either with - content inline or by referencing a secret. + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained - with the "kubeadm init --help" command. This option - takes effect only on Kubernetes >=1.22.0. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. items: type: string type: array @@ -3960,21 +7125,23 @@ spec: for the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. If - nil, no additional control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -3986,21 +7153,22 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for the - kubelet to use during the TLS Bootstrap process TODO: - revisit when there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken - and File are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain @@ -4008,41 +7176,173 @@ spec: be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of - public key pins to verify when token-based discovery - is used. The root CA found during discovery - must match one of these values. Specifying an - empty set disables root CA pinning, which can - be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject - Public Key Info (SPKI) object in DER-encoded - ASN.1. These hashes can be calculated using, - for example, OpenSSL: openssl x509 -pubkey -in - ca.crt openssl rsa -pubin -outform der 2>&/dev/null - | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate - cluster information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since - other nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or URL - to a kubeconfig file from which to load cluster - information BootstrapToken and File are mutually - exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: + kubeConfig: + description: |- + KubeConfig is used (optionally) to generate a KubeConfig based on the KubeadmConfig's information. + The file is generated at the path specified in KubeConfigPath. + + + Host address (server field) information is automatically populated based on the Cluster's ControlPlaneEndpoint. + Certificate Authority (certificate-authority-data field) is gathered from the cluster's CA secret. + properties: + cluster: + description: |- + Cluster contains information about how to communicate with the kubernetes cluster. + + + By default the following fields are automatically populated: + - Server with the Cluster's ControlPlaneEndpoint. + - CertificateAuthorityData with the Cluster's CA certificate. + properties: + certificateAuthorityData: + description: |- + CertificateAuthorityData contains PEM-encoded certificate authority certificates. + + + Defaults to the Cluster's CA certificate if empty. + format: byte + type: string + insecureSkipTLSVerify: + description: InsecureSkipTLSVerify skips + the validity check for the server's + certificate. This will make your HTTPS + connections insecure. + type: boolean + proxyURL: + description: |- + ProxyURL is the URL to the proxy to be used for all requests made by this + client. URLs with "http", "https", and "socks5" schemes are supported. If + this configuration is not provided or the empty string, the client + attempts to construct a proxy configuration from http_proxy and + https_proxy environment variables. If these environment variables are not + set, the client does not attempt to proxy requests. + + + socks5 proxying does not currently support spdy streaming endpoints (exec, + attach, port forward). + type: string + server: + description: |- + Server is the address of the kubernetes cluster (https://hostname:port). + + + Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + type: string + tlsServerName: + description: TLSServerName is used to + check server certificate. If TLSServerName + is empty, the hostname used to contact + the server is used. + type: string + type: object + user: + description: |- + User contains information that describes identity information. + This is used to tell the kubernetes cluster who you are. + properties: + authProvider: + description: AuthProvider specifies a + custom authentication plugin for the + kubernetes cluster. + properties: + config: + additionalProperties: + type: string + description: Config holds the parameters + for the authentication plugin. + type: object + name: + description: Name is the name of the + authentication plugin. + type: string + required: + - name + type: object + exec: + description: Exec specifies a custom exec-based + authentication plugin for the kubernetes + cluster. + properties: + apiVersion: + description: |- + Preferred input version of the ExecInfo. The returned ExecCredentials MUST use + the same encoding version as the input. + Defaults to client.authentication.k8s.io/v1 if not set. + type: string + args: + description: Arguments to pass to + the command when executing it. + items: + type: string + type: array + command: + description: Command to execute. + type: string + env: + description: |- + Env defines additional environment variables to expose to the process. These + are unioned with the host's environment, as well as variables client-go uses + to pass argument to the plugin. + items: + description: |- + KubeConfigAuthExecEnv is used for setting environment variables when executing an exec-based + credential plugin. + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + provideClusterInfo: + description: |- + ProvideClusterInfo determines whether or not to provide cluster information, + which could potentially contain very large CA data, to this exec plugin as a + part of the KUBERNETES_EXEC_INFO environment variable. By default, it is set + to false. Package k8s.io/client-go/tools/auth/exec provides helper methods for + reading this environment variable. + type: boolean + required: + - command + type: object + type: object + required: + - user + type: object kubeConfigPath: description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig @@ -4055,26 +7355,25 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for - TLS bootstrapping. If .BootstrapToken is set, this - field is defaulted to .BootstrapToken.Token, but - can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain - any other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container @@ -4089,65 +7388,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and "join" - operations. The value of this field must be one - of "Always", "IfNotPresent" or "Never". Defaults - to "IfNotPresent". This can be used only with Kubernetes - version equal to 1.22 and later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - []` in the YAML file. This field is solely used - for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -4161,34 +7456,29 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - join". The minimum kubernetes version needed to support - Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory that - contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just - "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", "etcd". - "patchtype" can be one of "strategic" "merge" or - "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". - "extension" must be either "json" or "yaml". "suffix" - is an optional string that can be used to determine - which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional - files to be created on the machine, either with - content inline or by referencing a secret. + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained - with the "kubeadm init --help" command. This option - takes effect only on Kubernetes >=1.22.0. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. items: type: string type: array @@ -4228,17 +7518,24 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and - use that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed - and this field will be removed in a future release. When - removing also remove from staticcheck exclude-rules for - SA1019 in golangci.yml" + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + + + Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml type: boolean users: description: Users specifies extra users to add @@ -4317,8 +7614,9 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object @@ -4330,19 +7628,12 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: v1 kind: ServiceAccount metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-manager namespace: capi-kubeadm-bootstrap-system --- @@ -4351,7 +7642,6 @@ kind: Role metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-leader-election-role namespace: capi-kubeadm-bootstrap-system rules: @@ -4379,14 +7669,12 @@ kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-manager-role rules: - apiGroups: - "" resources: - configmaps - - events - secrets verbs: - create @@ -4412,7 +7700,6 @@ rules: - bootstrap.cluster.x-k8s.io resources: - kubeadmconfigs - - kubeadmconfigs/finalizers - kubeadmconfigs/status verbs: - create @@ -4436,14 +7723,19 @@ rules: - get - list - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-leader-election-rolebinding namespace: capi-kubeadm-bootstrap-system roleRef: @@ -4458,10 +7750,8 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -4477,7 +7767,6 @@ kind: Service metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-webhook-service namespace: capi-kubeadm-bootstrap-system spec: @@ -4490,10 +7779,8 @@ spec: apiVersion: apps/v1 kind: Deployment metadata: - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-kubeadm-bootstrap-controller-manager namespace: capi-kubeadm-bootstrap-system @@ -4503,10 +7790,8 @@ spec: matchLabels: cluster.x-k8s.io/provider: bootstrap-kubeadm control-plane: controller-manager - strategy: {} template: metadata: - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm control-plane: controller-manager @@ -4520,7 +7805,7 @@ spec: - --bootstrap-token-ttl=15m command: - /manager - image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.0 + image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.8.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4541,7 +7826,6 @@ spec: httpGet: path: /readyz port: healthz - resources: {} securityContext: allowPrivilegeEscalation: false capabilities: @@ -4550,6 +7834,7 @@ spec: privileged: false runAsGroup: 65532 runAsUser: 65532 + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert @@ -4569,14 +7854,12 @@ spec: - name: cert secret: secretName: capi-kubeadm-bootstrap-webhook-service-cert -status: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-serving-cert namespace: capi-kubeadm-bootstrap-system spec: @@ -4596,7 +7879,6 @@ kind: Issuer metadata: labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-selfsigned-issuer namespace: capi-kubeadm-bootstrap-system spec: @@ -4607,10 +7889,8 @@ kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -4661,10 +7941,8 @@ kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert - labels: cluster.x-k8s.io/provider: bootstrap-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-validating-webhook-configuration webhooks: - admissionReviewVersions: @@ -4710,4 +7988,4 @@ webhooks: - UPDATE resources: - kubeadmconfigtemplates - sideEffects: None + sideEffects: None \ No newline at end of file diff --git a/infra/capi/cluster-capi/cluster-api-control-plane.yaml b/infra/capi/cluster-capi/cluster-api-control-plane.yaml index 5cdf1c1..ae45468 100644 --- a/infra/capi/cluster-capi/cluster-api-control-plane.yaml +++ b/infra/capi/cluster-capi/cluster-api-control-plane.yaml @@ -3,7 +3,6 @@ kind: Namespace metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-kubeadm-control-plane-system --- @@ -12,20 +11,16 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: control-plane-kubeadm - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-kubeadm-control-plane-webhook-service namespace: capi-kubeadm-control-plane-system @@ -45,6 +40,1206 @@ spec: singular: kubeadmcontrolplane scope: Namespaced versions: + - additionalPrinterColumns: + - description: This denotes whether or not the control plane has the uploaded + kubeadm-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: KubeadmControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: API Server Available + type: boolean + - description: Kubernetes version associated with this control plane + jsonPath: .spec.version + name: Version + type: string + - description: Total number of non-terminated machines targeted by this control + plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this control + plane that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + KubeadmControlPlane is the Schema for the KubeadmControlPlane API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + infrastructureTemplate: + description: |- + InfrastructureTemplate is a required reference to a custom resource + offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + kubeadmConfigSpec: + description: |- + KubeadmConfigSpec is a KubeadmConfigSpec + to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration + are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API + server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names + for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout + that we use for API server to appear + type: string + type: object + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + certificatesDir: + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. + type: string + controllerManager: + description: ControllerManager contains extra settings for + the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed + in the cluster. + properties: + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd + properties: + external: + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive + properties: + caFile: + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. + type: string + certFile: + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. + type: string + endpoints: + description: Endpoints of etcd members. Required for + ExternalEtcd. + items: + type: string + type: array + keyFile: + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive + properties: + dataDir: + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. + type: object + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative + Names for the etcd server signing cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` + will be used for all the other images. + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + kubernetesVersion: + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version + type: string + networking: + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. + Defaults to "cluster.local". + type: string + podSubnet: + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler + control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. + properties: + hostPath: + description: |- + HostPath is the path in the host that will be mounted inside + the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should + be used for Kubernetes components instead of their respective + separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition + tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems + to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to add + to the command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to + be used. If set to None, no label is used. + type: string + overwrite: + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. + The valid options are: "auto|any", "auto", "any", + "none", and , where NUM is the actual partition + number.' + type: string + replaceFS: + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions + to setup. + items: + description: Partition defines how to create and layout + a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. + type: boolean + tableType: + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files + in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content + to populate the file. + properties: + secret: + description: Secret represents a secret that should + populate this file. + properties: + key: + description: Key is the key in the secret's data + map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file + contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, + e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where + to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign + to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap + data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration + are the configurations necessary for the init command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + bootstrapTokens: + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, + stored as a Secret in the cluster. + properties: + description: + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. + type: string + expires: + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication + items: + type: string + type: array + token: + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. + type: string + ttl: + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. + type: string + usages: + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + localAPIEndpoint: + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for + the API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node + API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the + taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for + the join command + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + caCertPath: + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k + type: string + controlPlane: + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint + of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k + properties: + bootstrapToken: + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain + name to the API server from which info will be fetched. + type: string + caCertHashes: + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex + items: + type: string + type: array + token: + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + - unsafeSkipCAVerification + type: object + file: + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the + actual file path or URL to the kubeconfig file from + which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + TODO: revisit when there is defaulting from k/k + type: string + type: object + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + nodeRegistration: + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node + API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. + items: + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. + properties: + effect: + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the + taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts + in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run + after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run + before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in + cloud-init. + properties: + gecos: + description: Gecos specifies the gecos to use for the user + type: string + groups: + description: Groups specifies the additional groups for + the user + type: string + homeDir: + description: HomeDir specifies the home directory to use + for the user + type: string + inactive: + description: Inactive specifies whether to mark the user + as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should + be disabled + type: boolean + name: + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the + user + type: string + primaryGroup: + description: PrimaryGroup specifies the primary group for + the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized + keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + nodeDrainTimeout: + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + type: string + replicas: + description: |- + Number of desired machines. Defaults to 1. When stacked etcd is used only + odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutStrategy: + description: |- + The RolloutStrategy to use to replace control plane machines with + new ones. + properties: + rollingUpdate: + description: |- + Rolling update config params. Present only if + RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of control planes that can be scheduled above or under the + desired number of control planes. + Value can be an absolute number 1 or 0. + Defaults to 1. + Example: when this is set to 1, the control plane can be scaled + up immediately when the rolling update starts. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + Type of rollout. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. + type: string + type: object + upgradeAfter: + description: |- + UpgradeAfter is a field to indicate an upgrade should be performed + after the specified time even if no changes have been made to the + KubeadmControlPlane + format: date-time + type: string + version: + description: Version defines the desired Kubernetes version. + type: string + required: + - infrastructureTemplate + - kubeadmConfigSpec + - version + type: object + status: + description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. + properties: + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: |- + ErrorMessage indicates that there is a terminal problem reconciling the + state, and will be set to a descriptive error message. + type: string + failureReason: + description: |- + FailureReason indicates that there is a terminal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. + type: string + initialized: + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubeadm-config configmap. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: |- + Ready denotes that the KubeadmControlPlane API Server is ready to + receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane + machines. + format: int32 + type: integer + replicas: + description: |- + Total number of non-terminated machines targeted by this control plane + (their labels match the selector). + format: int32 + type: integer + selector: + description: |- + Selector is the label selector in string format to avoid introspection + by clients, and is used to provide the CRD-based integration for the + scale subresource and additional integrations for things like kubectl + describe.. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors + type: string + unavailableReplicas: + description: |- + Total number of unavailable machines targeted by this control plane. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet ready or machines + that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: |- + Total number of non-terminated machines targeted by this control plane + that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} - additionalPrinterColumns: - description: Time duration since creation of KubeadmControlPlane jsonPath: .metadata.creationTimestamp @@ -85,18 +1280,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + KubeadmControlPlane is the Schema for the KubeadmControlPlane API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -104,8 +1307,9 @@ spec: description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. properties: kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing - and joining machines to the control plane. + description: |- + KubeadmConfigSpec is a KubeadmConfigSpec + to use for initializing and joining machines to the control plane. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -124,21 +1328,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -166,34 +1372,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store or - look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid IP - address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint - is specified but without a TCP port, the BindPort is used. - Possible usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned the - address of the external load balancer in front of the control - plane instances. e.g. in environments with enforced node - recycling, the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings for @@ -202,21 +1408,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -244,34 +1452,35 @@ spec: in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification file - used to secure etcd communication. Required if using - a TLS connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required for @@ -280,8 +1489,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -290,30 +1500,31 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -335,46 +1546,45 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: ImageRepository sets the container registry to - pull images from. If empty, `registry.k8s.io` will be used - by default; in case of kubernetes version is a CI build - (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used for - all the other images. + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` + will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version of the - control plane. NB: This value defaults to the Machine object - spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the - Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. If - unset, the API server will not allocate CIDR ranges - for every node. Defaults to a comma-delimited string - of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster - object's spec.clusterNetwork.pods.cidrBlocks, or to - "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -384,21 +1594,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -449,9 +1661,9 @@ spec: be used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing - file system will be destroyed. Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition to use. @@ -460,11 +1672,9 @@ spec: number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, used - for Microsoft Azure that instructs cloud-init to replace - a file system of . NOTE: unless you define - a label, this requires the use of the ''any'' partition - directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -483,22 +1693,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. If - it is true, a single partition will be created for - the entire device. When layout is false, it means - don't partition or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default - is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -574,51 +1783,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` - time and describes a set of Bootstrap Tokens to create. - This information IS NOT uploaded to the kubeadm cluster - configmap, partly because of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message - why this token exists and what it's used for, so other - administrators can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when this - token expires. Defaults to being set dynamically at - runtime based on the TTL. Expires and TTL are mutually - exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which this - token can be used. Can by default be used for establishing - bidirectional trust, but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -627,40 +1837,38 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance that's deployed on this control plane - node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to - each individual API server. This configuration object lets - you customize what IP/DNS name and port the local API server - advertises it's accessible on. By default, kubeadm tries - to auto-detect the IP of the default interface and use that, - but in case that process fails you may set the desired value - here. + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. properties: advertiseAddress: description: AdvertiseAddress sets the IP address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -677,50 +1885,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -739,21 +1938,23 @@ spec: the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node and - control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no - additional control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -764,58 +1965,57 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when - there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken and - File are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of public - key pins to verify when token-based discovery is - used. The root CA found during discovery must match - one of these values. Specifying an empty set disables - root CA pinning, which can be unsafe. Each hash - is specified as ":", where the only - currently supported type is "sha256". This is a - hex-encoded SHA-256 hash of the Subject Public Key - Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate cluster - information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or URL to - a kubeconfig file from which to load cluster information + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive properties: kubeConfigPath: @@ -830,26 +2030,25 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS - bootstrapping. If .BootstrapToken is set, this field - is defaulted to .BootstrapToken.Token, but can be overridden. - If .File is set, this field **must be set** in case - the KubeConfigFile does not contain any other authentication - information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -866,50 +2065,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -957,13 +2147,20 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and use - that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. type: boolean users: description: Users specifies extra users to add @@ -1018,94 +2215,108 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object machineTemplate: - description: MachineTemplate contains information about how machines + description: |- + MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. properties: infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a controlplane node The - default value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different from - `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string required: - infrastructureRef type: object replicas: - description: Number of desired machines. Defaults to 1. When stacked - etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + description: |- + Number of desired machines. Defaults to 1. When stacked etcd is used only + odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer rolloutAfter: - description: RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the KubeadmControlPlane. + description: |- + RolloutAfter is a field to indicate a rollout should be performed + after the specified time even if no changes have been made to the + KubeadmControlPlane. format: date-time type: string rolloutStrategy: @@ -1113,27 +2324,33 @@ spec: rollingUpdate: maxSurge: 1 type: RollingUpdate - description: The RolloutStrategy to use to replace control plane machines - with new ones. + description: |- + The RolloutStrategy to use to replace control plane machines with + new ones. properties: rollingUpdate: - description: Rolling update config params. Present only if RolloutStrategyType - = RollingUpdate. + description: |- + Rolling update config params. Present only if + RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string - description: 'The maximum number of control planes that can - be scheduled above or under the desired number of control - planes. Value can be an absolute number 1 or 0. Defaults - to 1. Example: when this is set to 1, the control plane - can be scaled up immediately when the rolling update starts.' + description: |- + The maximum number of control planes that can be scheduled above or under the + desired number of control planes. + Value can be an absolute number 1 or 0. + Defaults to 1. + Example: when this is set to 1, the control plane can be scaled + up immediately when the rolling update starts. x-kubernetes-int-or-string: true type: object type: - description: Type of rollout. Currently the only supported strategy - is "RollingUpdate". Default is RollingUpdate. + description: |- + Type of rollout. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. type: string type: object version: @@ -1154,37 +2371,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -1192,17 +2409,20 @@ spec: type: object type: array failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + ErrorMessage indicates that there is a terminal problem reconciling the + state, and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a terminal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. + description: |- + FailureReason indicates that there is a terminal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. type: string initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubeadm-config configmap. + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubeadm-config configmap. type: boolean observedGeneration: description: ObservedGeneration is the latest generation observed @@ -1210,8 +2430,9 @@ spec: format: int64 type: integer ready: - description: Ready denotes that the KubeadmControlPlane API Server - is ready to receive requests. + description: |- + Ready denotes that the KubeadmControlPlane API Server is ready to + receive requests. type: boolean readyReplicas: description: Total number of fully running and ready control plane @@ -1219,33 +2440,38 @@ spec: format: int32 type: integer replicas: - description: Total number of non-terminated machines targeted by this - control plane (their labels match the selector). + description: |- + Total number of non-terminated machines targeted by this control plane + (their labels match the selector). format: int32 type: integer selector: - description: 'Selector is the label selector in string format to avoid - introspection by clients, and is used to provide the CRD-based integration - for the scale subresource and additional integrations for things - like kubectl describe.. The string will be in the same format as - the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the label selector in string format to avoid introspection + by clients, and is used to provide the CRD-based integration for the + scale subresource and additional integrations for things like kubectl + describe.. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string unavailableReplicas: - description: Total number of unavailable machines targeted by this - control plane. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet ready or machines + description: |- + Total number of unavailable machines targeted by this control plane. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet ready or machines that still have not been created. format: int32 type: integer updatedReplicas: - description: Total number of non-terminated machines targeted by this - control plane that have the desired template spec. + description: |- + Total number of non-terminated machines targeted by this control plane + that have the desired template spec. format: int32 type: integer version: - description: Version represents the minimum Kubernetes version for - the control plane machines in the cluster. + description: |- + Version represents the minimum Kubernetes version for the control plane machines + in the cluster. type: string type: object type: object @@ -1309,14 +2535,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1324,8 +2555,9 @@ spec: description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. properties: kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing - and joining machines to the control plane. + description: |- + KubeadmConfigSpec is a KubeadmConfigSpec + to use for initializing and joining machines to the control plane. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -1344,21 +2576,151 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -1386,34 +2748,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store or - look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid IP - address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint - is specified but without a TCP port, the BindPort is used. - Possible usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned the - address of the external load balancer in front of the control - plane instances. e.g. in environments with enforced node - recycling, the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings for @@ -1422,21 +2784,151 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -1464,34 +2956,35 @@ spec: in the cluster. properties: imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. + Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification file - used to secure etcd communication. Required if using - a TLS connection. + description: |- + CertFile is an SSL certification file used to secure etcd communication. + Required if using a TLS connection. type: string endpoints: description: Endpoints of etcd members. Required for @@ -1500,8 +2993,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -1510,30 +3004,162 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject Alternative @@ -1555,53 +3181,52 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io (new registry): - >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io - (old registry): all older versions Please note that when - imageRepository is not set we don''t allow upgrades to versions - >= v1.22.0 which use the old registry (k8s.gcr.io). Please - use a newer patch version with the new registry instead - (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). - * If the version is a CI build (kubernetes version starts - with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used for - all the other images.' + description: |- + ImageRepository sets the container registry to pull images from. + * If not set, the default registry of kubeadm will be used, i.e. + * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 + * k8s.gcr.io (old registry): all older versions + Please note that when imageRepository is not set we don't allow upgrades to + versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use + a newer patch version with the new registry instead (i.e. >= v1.22.17, + >= v1.23.15, >= v1.24.9, >= v1.25.0). + * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components + and for kube-proxy, while `registry.k8s.io` will be used for all the other images. type: string kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version of the - control plane. NB: This value defaults to the Machine object - spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the - Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. If - unset, the API server will not allocate CIDR ranges - for every node. Defaults to a comma-delimited string - of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster - object's spec.clusterNetwork.pods.cidrBlocks, or to - "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -1611,21 +3236,151 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + description: |- + HostPathMount contains elements describing volumes that are mounted from the + host. properties: hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside the pod @@ -1676,9 +3431,9 @@ spec: be used. If set to None, no label is used. type: string overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing - file system will be destroyed. Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition to use. @@ -1687,11 +3442,9 @@ spec: number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, used - for Microsoft Azure that instructs cloud-init to replace - a file system of . NOTE: unless you define - a label, this requires the use of the ''any'' partition - directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -1710,22 +3463,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. If - it is true, a single partition will be created for - the entire device. When layout is false, it means - don't partition or ignore existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default - is 'false'. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. + Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -1808,10 +3560,12 @@ spec: description: ContainerLinuxConfig contains CLC specific configuration. properties: additionalConfig: - description: "AdditionalConfig contains additional configuration - to be merged with the Ignition configuration generated - by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + description: |- + AdditionalConfig contains additional configuration to be merged with the Ignition + configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging + + + The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ type: string strict: description: Strict controls if AdditionalConfig should @@ -1824,51 +3578,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` - time and describes a set of Bootstrap Tokens to create. - This information IS NOT uploaded to the kubeadm cluster - configmap, partly because of its sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly message - why this token exists and what it's used for, so other - administrators can know its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp when this - token expires. Defaults to being set dynamically at - runtime based on the TTL. Expires and TTL are mutually - exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for authentication + description: |- + Groups specifies the extra groups that this token will authenticate as when/if + used for authentication items: type: string type: array token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. + Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which this - token can be used. Can by default be used for establishing - bidirectional trust, but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -1877,40 +3632,38 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance that's deployed on this control plane - node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to - each individual API server. This configuration object lets - you customize what IP/DNS name and port the local API server - advertises it's accessible on. By default, kubeadm tries - to auto-detect the IP of the default interface and use that, - but in case that process fails you may set the desired value - here. + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. properties: advertiseAddress: description: AdvertiseAddress sets the IP address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -1925,64 +3678,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy for - image pulling during kubeadm "init" and "join" operations. - The value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be - used only with Kubernetes version equal to 1.22 and - later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: []` - in the YAML file. This field is solely used for Node - registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -1996,33 +3746,29 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - init". The minimum kubernetes version needed to support - Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of - "strategic" "merge" or "json" and they match the patch - formats supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" or - "yaml". "suffix" is an optional string that can be used - to determine which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional files - to be created on the machine, either with content inline - or by referencing a secret. + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained with - the "kubeadm init --help" command. This option takes effect - only on Kubernetes >=1.22.0. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. items: type: string type: array @@ -2032,21 +3778,23 @@ spec: the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node and - control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no - additional control plane instance will be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -2057,60 +3805,194 @@ spec: for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when - there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken and - File are mutually exclusive + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery + BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set of public - key pins to verify when token-based discovery is - used. The root CA found during discovery must match - one of these values. Specifying an empty set disables - root CA pinning, which can be unsafe. Each hash - is specified as ":", where the only - currently supported type is "sha256". This is a - hex-encoded SHA-256 hash of the Subject Public Key - Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate cluster - information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or URL to - a kubeconfig file from which to load cluster information + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive properties: + kubeConfig: + description: |- + KubeConfig is used (optionally) to generate a KubeConfig based on the KubeadmConfig's information. + The file is generated at the path specified in KubeConfigPath. + + + Host address (server field) information is automatically populated based on the Cluster's ControlPlaneEndpoint. + Certificate Authority (certificate-authority-data field) is gathered from the cluster's CA secret. + properties: + cluster: + description: |- + Cluster contains information about how to communicate with the kubernetes cluster. + + + By default the following fields are automatically populated: + - Server with the Cluster's ControlPlaneEndpoint. + - CertificateAuthorityData with the Cluster's CA certificate. + properties: + certificateAuthorityData: + description: |- + CertificateAuthorityData contains PEM-encoded certificate authority certificates. + + + Defaults to the Cluster's CA certificate if empty. + format: byte + type: string + insecureSkipTLSVerify: + description: InsecureSkipTLSVerify skips the + validity check for the server's certificate. + This will make your HTTPS connections insecure. + type: boolean + proxyURL: + description: |- + ProxyURL is the URL to the proxy to be used for all requests made by this + client. URLs with "http", "https", and "socks5" schemes are supported. If + this configuration is not provided or the empty string, the client + attempts to construct a proxy configuration from http_proxy and + https_proxy environment variables. If these environment variables are not + set, the client does not attempt to proxy requests. + + + socks5 proxying does not currently support spdy streaming endpoints (exec, + attach, port forward). + type: string + server: + description: |- + Server is the address of the kubernetes cluster (https://hostname:port). + + + Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + type: string + tlsServerName: + description: TLSServerName is used to check + server certificate. If TLSServerName is + empty, the hostname used to contact the + server is used. + type: string + type: object + user: + description: |- + User contains information that describes identity information. + This is used to tell the kubernetes cluster who you are. + properties: + authProvider: + description: AuthProvider specifies a custom + authentication plugin for the kubernetes + cluster. + properties: + config: + additionalProperties: + type: string + description: Config holds the parameters + for the authentication plugin. + type: object + name: + description: Name is the name of the authentication + plugin. + type: string + required: + - name + type: object + exec: + description: Exec specifies a custom exec-based + authentication plugin for the kubernetes + cluster. + properties: + apiVersion: + description: |- + Preferred input version of the ExecInfo. The returned ExecCredentials MUST use + the same encoding version as the input. + Defaults to client.authentication.k8s.io/v1 if not set. + type: string + args: + description: Arguments to pass to the + command when executing it. + items: + type: string + type: array + command: + description: Command to execute. + type: string + env: + description: |- + Env defines additional environment variables to expose to the process. These + are unioned with the host's environment, as well as variables client-go uses + to pass argument to the plugin. + items: + description: |- + KubeConfigAuthExecEnv is used for setting environment variables when executing an exec-based + credential plugin. + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + provideClusterInfo: + description: |- + ProvideClusterInfo determines whether or not to provide cluster information, + which could potentially contain very large CA data, to this exec plugin as a + part of the KUBERNETES_EXEC_INFO environment variable. By default, it is set + to false. Package k8s.io/client-go/tools/auth/exec provides helper methods for + reading this environment variable. + type: boolean + required: + - command + type: object + type: object + required: + - user + type: object kubeConfigPath: description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from @@ -2123,26 +4005,25 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS - bootstrapping. If .BootstrapToken is set, this field - is defaulted to .BootstrapToken.Token, but can be overridden. - If .File is set, this field **must be set** in case - the KubeConfigFile does not contain any other authentication - information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent + across both InitConfiguration and JoinConfiguration properties: criSocket: description: CRISocket is used to retrieve container runtime @@ -2157,64 +4038,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy for - image pulling during kubeadm "init" and "join" operations. - The value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be - used only with Kubernetes version equal to 1.22 and - later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: []` - in the YAML file. This field is solely used for Node - registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -2228,33 +4106,29 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - join". The minimum kubernetes version needed to support - Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of - "strategic" "merge" or "json" and they match the patch - formats supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" or - "yaml". "suffix" is an optional string that can be used - to determine which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional files - to be created on the machine, either with content inline - or by referencing a secret. + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or + by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained with - the "kubeadm init --help" command. This option takes effect - only on Kubernetes >=1.22.0. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. + This option takes effect only on Kubernetes >=1.22.0. items: type: string type: array @@ -2293,16 +4167,24 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and use - that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed and - this field will be removed in a future release. When removing - also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + + + Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml type: boolean users: description: Users specifies extra users to add @@ -2380,94 +4262,103 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object machineTemplate: - description: MachineTemplate contains information about how machines + description: |- + MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. properties: infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the machine - controller will attempt to delete the Node that the Machine - hosts after the Machine is marked for deletion. A duration of - 0 will retry deletion indefinitely. If no value is provided, - the default value for this property of the Machine resource - will be used. + description: |- + NodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + If no value is provided, the default value for this property of the Machine resource will be used. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a controlplane node The - default value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different from - `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of time - that the controller will spend on waiting for all volumes to - be detached. The default value is 0, meaning that the volumes - can be detached without any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string required: - infrastructureRef @@ -2478,67 +4369,75 @@ spec: properties: maxRetry: description: "MaxRetry is the Max number of retries while attempting - to remediate an unhealthy machine. A retry happens when a machine + to remediate an unhealthy machine.\nA retry happens when a machine that was created as a replacement for an unhealthy machine also - fails. For example, given a control plane with three machines - M1, M2, M3: \n M1 become unhealthy; remediation happens, and - M1-1 is created as a replacement. If M1-1 (replacement of M1) - has problems while bootstrapping it will become unhealthy, and - then be remediated; such operation is considered a retry, remediation-retry - #1. If M1-2 (replacement of M1-1) becomes unhealthy, remediation-retry - #2 will happen, etc. \n A retry could happen only after RetryPeriod - from the previous retry. If a machine is marked as unhealthy - after MinHealthyPeriod from the previous remediation expired, - this is not considered a retry anymore because the new issue - is assumed unrelated from the previous one. \n If not set, the - remedation will be retried infinitely." + fails.\nFor example, given a control plane with three machines + M1, M2, M3:\n\n\n\tM1 become unhealthy; remediation happens, + and M1-1 is created as a replacement.\n\tIf M1-1 (replacement + of M1) has problems while bootstrapping it will become unhealthy, + and then be\n\tremediated; such operation is considered a retry, + remediation-retry #1.\n\tIf M1-2 (replacement of M1-1) becomes + unhealthy, remediation-retry #2 will happen, etc.\n\n\nA retry + could happen only after RetryPeriod from the previous retry.\nIf + a machine is marked as unhealthy after MinHealthyPeriod from + the previous remediation expired,\nthis is not considered a + retry anymore because the new issue is assumed unrelated from + the previous one.\n\n\nIf not set, the remedation will be retried + infinitely." format: int32 type: integer minHealthyPeriod: description: "MinHealthyPeriod defines the duration after which - KCP will consider any failure to a machine unrelated from the + KCP will consider any failure to a machine unrelated\nfrom the previous one. In this case the remediation is not considered - a retry anymore, and thus the retry counter restarts from 0. - For example, assuming MinHealthyPeriod is set to 1h (default) - \n M1 become unhealthy; remediation happens, and M1-1 is created - as a replacement. If M1-1 (replacement of M1) has problems within - the 1hr after the creation, also this machine will be remediated - and this operation is considered a retry - a problem related - to the original issue happened to M1 -. \n If instead the problem + a retry anymore, and thus the retry\ncounter restarts from 0. + For example, assuming MinHealthyPeriod is set to 1h (default)\n\n\n\tM1 + become unhealthy; remediation happens, and M1-1 is created as + a replacement.\n\tIf M1-1 (replacement of M1) has problems within + the 1hr after the creation, also\n\tthis machine will be remediated + and this operation is considered a retry - a problem related\n\tto + the original issue happened to M1 -.\n\n\n\tIf instead the problem on M1-1 is happening after MinHealthyPeriod expired, e.g. four - days after m1-1 has been created as a remediation of M1, the - problem on M1-1 is considered unrelated to the original issue - happened to M1. \n If not set, this value is defaulted to 1h." + days after\n\tm1-1 has been created as a remediation of M1, + the problem on M1-1 is considered unrelated to\n\tthe original + issue happened to M1.\n\n\nIf not set, this value is defaulted + to 1h." type: string retryPeriod: - description: "RetryPeriod is the duration that KCP should wait - before remediating a machine being created as a replacement - for an unhealthy machine (a retry). \n If not set, a retry will - happen immediately." + description: |- + RetryPeriod is the duration that KCP should wait before remediating a machine being created as a replacement + for an unhealthy machine (a retry). + + + If not set, a retry will happen immediately. type: string type: object replicas: - description: Number of desired machines. Defaults to 1. When stacked - etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + description: |- + Number of desired machines. Defaults to 1. When stacked etcd is used only + odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer rolloutAfter: - description: 'RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the KubeadmControlPlane. Example: In the YAML the time can - be specified in the RFC3339 format. To specify the rolloutAfter - target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + description: |- + RolloutAfter is a field to indicate a rollout should be performed + after the specified time even if no changes have been made to the + KubeadmControlPlane. + Example: In the YAML the time can be specified in the RFC3339 format. + To specify the rolloutAfter target as March 9, 2023, at 9 am UTC + use "2023-03-09T09:00:00Z". format: date-time type: string rolloutBefore: - description: RolloutBefore is a field to indicate a rollout should - be performed if the specified criteria is met. + description: |- + RolloutBefore is a field to indicate a rollout should be performed + if the specified criteria is met. properties: certificatesExpiryDays: - description: CertificatesExpiryDays indicates a rollout needs - to be performed if the certificates of the machine will expire - within the specified days. + description: |- + CertificatesExpiryDays indicates a rollout needs to be performed if the + certificates of the machine will expire within the specified days. format: int32 type: integer type: object @@ -2547,37 +4446,43 @@ spec: rollingUpdate: maxSurge: 1 type: RollingUpdate - description: The RolloutStrategy to use to replace control plane machines - with new ones. + description: |- + The RolloutStrategy to use to replace control plane machines with + new ones. properties: rollingUpdate: - description: Rolling update config params. Present only if RolloutStrategyType - = RollingUpdate. + description: |- + Rolling update config params. Present only if + RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string - description: 'The maximum number of control planes that can - be scheduled above or under the desired number of control - planes. Value can be an absolute number 1 or 0. Defaults - to 1. Example: when this is set to 1, the control plane - can be scaled up immediately when the rolling update starts.' + description: |- + The maximum number of control planes that can be scheduled above or under the + desired number of control planes. + Value can be an absolute number 1 or 0. + Defaults to 1. + Example: when this is set to 1, the control plane can be scaled + up immediately when the rolling update starts. x-kubernetes-int-or-string: true type: object type: - description: Type of rollout. Currently the only supported strategy - is "RollingUpdate". Default is RollingUpdate. + description: |- + Type of rollout. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. type: string type: object version: - description: 'Version defines the desired Kubernetes version. Please - note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository - is not set we don''t allow upgrades to versions >= v1.22.0 for which - kubeadm uses the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead. The default registries of - kubeadm are: * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, - >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions' + description: |- + Version defines the desired Kubernetes version. + Please note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository is not set + we don't allow upgrades to versions >= v1.22.0 for which kubeadm uses the old registry (k8s.gcr.io). + Please use a newer patch version with the new registry instead. The default registries of kubeadm are: + * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 + * k8s.gcr.io (old registry): all older versions type: string required: - kubeadmConfigSpec @@ -2594,37 +4499,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -2633,17 +4538,20 @@ spec: type: object type: array failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + ErrorMessage indicates that there is a terminal problem reconciling the + state, and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a terminal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. + description: |- + FailureReason indicates that there is a terminal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. type: string initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubeadm-config configmap. + description: |- + Initialized denotes whether or not the control plane has the + uploaded kubeadm-config configmap. type: boolean lastRemediation: description: LastRemediation stores info about last remediation performed. @@ -2653,10 +4561,9 @@ spec: being remediated. type: string retryCount: - description: RetryCount used to keep track of remediation retry - for the last remediated machine. A retry happens when a machine - that was created as a replacement for an unhealthy machine also - fails. + description: |- + RetryCount used to keep track of remediation retry for the last remediated machine. + A retry happens when a machine that was created as a replacement for an unhealthy machine also fails. format: int32 type: integer timestamp: @@ -2675,8 +4582,12 @@ spec: format: int64 type: integer ready: - description: Ready denotes that the KubeadmControlPlane API Server - is ready to receive requests. + description: |- + Ready denotes that the KubeadmControlPlane API Server became ready during initial provisioning + to receive requests. + NOTE: this field is part of the Cluster API contract and it is used to orchestrate provisioning. + The value of this field is never updated after provisioning is completed. Please use conditions + to check the operational state of the control plane. type: boolean readyReplicas: description: Total number of fully running and ready control plane @@ -2684,33 +4595,38 @@ spec: format: int32 type: integer replicas: - description: Total number of non-terminated machines targeted by this - control plane (their labels match the selector). + description: |- + Total number of non-terminated machines targeted by this control plane + (their labels match the selector). format: int32 type: integer selector: - description: 'Selector is the label selector in string format to avoid - introspection by clients, and is used to provide the CRD-based integration - for the scale subresource and additional integrations for things - like kubectl describe.. The string will be in the same format as - the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the label selector in string format to avoid introspection + by clients, and is used to provide the CRD-based integration for the + scale subresource and additional integrations for things like kubectl + describe.. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string unavailableReplicas: - description: Total number of unavailable machines targeted by this - control plane. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet ready or machines + description: |- + Total number of unavailable machines targeted by this control plane. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet ready or machines that still have not been created. format: int32 type: integer updatedReplicas: - description: Total number of non-terminated machines targeted by this - control plane that have the desired template spec. + description: |- + Total number of non-terminated machines targeted by this control plane + that have the desired template spec. format: int32 type: integer version: - description: Version represents the minimum Kubernetes version for - the control plane machines in the cluster. + description: |- + Version represents the minimum Kubernetes version for the control plane machines + in the cluster. type: string type: object type: object @@ -2722,32 +4638,22 @@ spec: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: control-plane-kubeadm - cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" name: kubeadmcontrolplanetemplates.controlplane.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-kubeadm-control-plane-webhook-service namespace: capi-kubeadm-control-plane-system @@ -2774,18 +4680,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2802,8 +4716,9 @@ spec: of KubeadmControlPlane. properties: kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use - for initializing and joining machines to the control plane. + description: |- + KubeadmConfigSpec is a KubeadmConfigSpec + to use for initializing and joining machines to the control plane. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -2822,23 +4737,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -2868,37 +4783,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not - provided, this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP - address or DNS name for the control plane; it can - be a valid IP address or a RFC-1123 DNS subdomain, - both with optional TCP port. In case the ControlPlaneEndpoint - is not specified, the AdvertiseAddress + BindPort - are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible - usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned - the address of the external load balancer in front - of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint - could be used for assigning a stable DNS to the - control plane. NB: This value defaults to the first - value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings @@ -2907,23 +4819,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -2953,35 +4865,34 @@ spec: installed in the cluster. properties: imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: - This value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect - to an external etcd cluster Local and External - are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate - Authority file used to secure etcd communication. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. + description: |- + CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string endpoints: @@ -2991,9 +4902,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used - to secure etcd communication. Required if - using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -3002,33 +4913,31 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs - for configuring the local etcd instance Local - and External are mutually exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd - will place its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments - provided to the etcd binary when run inside - a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, - the ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a - tag for the image. In case this value is - set, kubeadm does not change automatically - the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject @@ -3052,48 +4961,45 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: ImageRepository sets the container registry - to pull images from. If empty, `registry.k8s.io` - will be used by default; in case of kubernetes version - is a CI build (kubernetes version starts with `ci/` - or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will - be used as a default for control plane components - and for kube-proxy, while `registry.k8s.io` will - be used for all the other images. + description: |- + ImageRepository sets the container registry to pull images from. + If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` + will be used for all the other images. type: string kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to - the Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the - networking topology of the cluster. NB: This value - defaults to the Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used - by k8s services. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -3103,23 +5009,23 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -3176,10 +5082,9 @@ spec: is used. type: string overwrite: - description: Overwrite defines whether or not - to overwrite any existing filesystem. If true, - any pre-existing file system will be destroyed. - Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition @@ -3188,11 +5093,9 @@ spec: is the actual partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: - unless you define a label, this requires the - use of the ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -3211,23 +5114,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. - If it is true, a single partition will be - created for the entire device. When layout - is false, it means don't partition or ignore - existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to - skip checks and create the partition if a - partition or filesystem is found on the device. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of - partition table. The following are supported: - ''mbr'': default and setups a MS-DOS partition - table ''gpt'': setups a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -3304,57 +5205,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens - to create. This information IS NOT uploaded to the - kubeadm cluster configmap, partly because of its - sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly - message why this token exists and what it's - used for, so other administrators can know - its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp - when this token expires. Defaults to being - set dynamically at runtime based on the TTL. - Expires and TTL are mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups - that this token will authenticate as when/if + description: |- + Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array token: - description: Token is used for establishing - bidirectional trust between nodes and control-planes. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for - this token. Defaults to 24h. Expires and TTL - are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which - this token can be used. Can by default be - used for establishing bidirectional trust, - but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -3363,42 +5259,37 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this - control plane node In HA setups, this differs from - ClusterConfiguration.ControlPlaneEndpoint in the - sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests - to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible - on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in - case that process fails you may set the desired - value here. + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. properties: advertiseAddress: description: AdvertiseAddress sets the IP address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: criSocket: @@ -3416,53 +5307,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: {}` in the YAML file. This field is - solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -3481,23 +5360,23 @@ spec: for the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. - If nil, no additional control plane instance will - be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -3509,21 +5388,21 @@ spec: address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port - for the API Server to bind to. Defaults - to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for - the kubelet to use during the TLS Bootstrap process - TODO: revisit when there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the - options for bootstrap token based discovery + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: @@ -3532,43 +5411,36 @@ spec: info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set - of public key pins to verify when token-based - discovery is used. The root CA found during - discovery must match one of these values. - Specifying an empty set disables root CA - pinning, which can be unsafe. Each hash - is specified as ":", where - the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the - Subject Public Key Info (SPKI) object in - DER-encoded ASN.1. These hashes can be calculated - using, for example, OpenSSL: openssl x509 - -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 - -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate - cluster information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows - token-based discovery without CA verification - via CACertHashes. This can weaken the security - of kubeadm since other nodes can impersonate - the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or - URL to a kubeconfig file from which to load - cluster information BootstrapToken and File - are mutually exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: kubeConfigPath: description: KubeConfigPath is used to specify @@ -3582,26 +5454,24 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used - for TLS bootstrapping. If .BootstrapToken is - set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this - field **must be set** in case the KubeConfigFile - does not contain any other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: criSocket: @@ -3619,53 +5489,41 @@ spec: kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: {}` in the YAML file. This field is - solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -3716,14 +5574,20 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic - kubeadm command with a shell script with retries for - joins. \n This is meant to be an experimental temporary - workaround on some environments where joins fail due - to timing (and other issues). The long term goal is - to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more - information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. type: boolean users: description: Users specifies extra users to add @@ -3780,102 +5644,108 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log - level verbosity. It overrides the `--v` flag in kubeadm - commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object machineTemplate: - description: MachineTemplate contains information about how - machines should be shaped when creating or updating a control - plane. + description: |- + MachineTemplate contains information about how machines + should be shaped when creating or updating a control plane. properties: infrastructureRef: - description: InfrastructureRef is a required reference - to a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when - modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a controlplane - node The default value is 0, meaning that the node can - be drained without any time limitations. NOTE: NodeDrainTimeout - is different from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string required: - infrastructureRef type: object replicas: - description: Number of desired machines. Defaults to 1. When - stacked etcd is used only odd numbers are permitted, as - per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). - This is a pointer to distinguish between explicit zero and - not specified. + description: |- + Number of desired machines. Defaults to 1. When stacked etcd is used only + odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer rolloutAfter: - description: RolloutAfter is a field to indicate a rollout - should be performed after the specified time even if no - changes have been made to the KubeadmControlPlane. + description: |- + RolloutAfter is a field to indicate a rollout should be performed + after the specified time even if no changes have been made to the + KubeadmControlPlane. format: date-time type: string rolloutStrategy: @@ -3883,28 +5753,33 @@ spec: rollingUpdate: maxSurge: 1 type: RollingUpdate - description: The RolloutStrategy to use to replace control - plane machines with new ones. + description: |- + The RolloutStrategy to use to replace control plane machines with + new ones. properties: rollingUpdate: - description: Rolling update config params. Present only - if RolloutStrategyType = RollingUpdate. + description: |- + Rolling update config params. Present only if + RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string - description: 'The maximum number of control planes - that can be scheduled above or under the desired - number of control planes. Value can be an absolute - number 1 or 0. Defaults to 1. Example: when this - is set to 1, the control plane can be scaled up - immediately when the rolling update starts.' + description: |- + The maximum number of control planes that can be scheduled above or under the + desired number of control planes. + Value can be an absolute number 1 or 0. + Defaults to 1. + Example: when this is set to 1, the control plane can be scaled + up immediately when the rolling update starts. x-kubernetes-int-or-string: true type: object type: - description: Type of rollout. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. + description: |- + Type of rollout. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. type: string type: object version: @@ -3937,14 +5812,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3957,37 +5837,41 @@ spec: needed to create a KubeadmControlPlane from a template. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: 'KubeadmControlPlaneTemplateResourceSpec defines - the desired state of KubeadmControlPlane. NOTE: KubeadmControlPlaneTemplateResourceSpec - is similar to KubeadmControlPlaneSpec but omits Replicas and - Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate, - because they are calculated by the Cluster topology reconciler - during reconciliation and thus cannot be configured on the KubeadmControlPlaneTemplate.' + description: |- + KubeadmControlPlaneTemplateResourceSpec defines the desired state of KubeadmControlPlane. + NOTE: KubeadmControlPlaneTemplateResourceSpec is similar to KubeadmControlPlaneSpec but + omits Replicas and Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate, + because they are calculated by the Cluster topology reconciler during reconciliation and thus cannot + be configured on the KubeadmControlPlaneTemplate. properties: kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use - for initializing and joining machines to the control plane. + description: |- + KubeadmConfigSpec is a KubeadmConfigSpec + to use for initializing and joining machines to the control plane. properties: clusterConfiguration: description: ClusterConfiguration along with InitConfiguration @@ -4006,23 +5890,156 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if value + is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -4052,37 +6069,34 @@ spec: type: string type: object apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not - provided, this will default to `/etc/kubernetes/pki`' + description: |- + CertificatesDir specifies where to store or look for all required certificates. + NB: if not provided, this will default to `/etc/kubernetes/pki` type: string clusterName: description: The cluster name type: string controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP - address or DNS name for the control plane; it can - be a valid IP address or a RFC-1123 DNS subdomain, - both with optional TCP port. In case the ControlPlaneEndpoint - is not specified, the AdvertiseAddress + BindPort - are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible - usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned - the address of the external load balancer in front - of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint - could be used for assigning a stable DNS to the - control plane. NB: This value defaults to the first - value in the Cluster object status.apiEndpoints - array.' + description: |- + ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it + can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. + In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort + are used; in case the ControlPlaneEndpoint is specified but without a TCP port, + the BindPort is used. + Possible usages are: + e.g. In a cluster with more than one control plane instances, this field should be + assigned the address of the external load balancer in front of the + control plane instances. + e.g. in environments with enforced node recycling, the ControlPlaneEndpoint + could be used for assigning a stable DNS to the control plane. + NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. type: string controllerManager: description: ControllerManager contains extra settings @@ -4091,23 +6105,156 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if value + is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -4137,35 +6284,34 @@ spec: installed in the cluster. properties: imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string type: object etcd: - description: 'Etcd holds configuration for etcd. NB: - This value defaults to a Local (stacked) etcd' + description: |- + Etcd holds configuration for etcd. + NB: This value defaults to a Local (stacked) etcd properties: external: - description: External describes how to connect - to an external etcd cluster Local and External - are mutually exclusive + description: |- + External describes how to connect to an external etcd cluster + Local and External are mutually exclusive properties: caFile: - description: CAFile is an SSL Certificate - Authority file used to secure etcd communication. + description: |- + CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. + description: |- + CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string endpoints: @@ -4175,9 +6321,9 @@ spec: type: string type: array keyFile: - description: KeyFile is an SSL key file used - to secure etcd communication. Required if - using a TLS connection. + description: |- + KeyFile is an SSL key file used to secure etcd communication. + Required if using a TLS connection. type: string required: - caFile @@ -4186,33 +6332,168 @@ spec: - keyFile type: object local: - description: Local provides configuration knobs - for configuring the local etcd instance Local - and External are mutually exclusive + description: |- + Local provides configuration knobs for configuring the local etcd instance + Local and External are mutually exclusive properties: dataDir: - description: DataDir is the directory etcd - will place its data. Defaults to "/var/lib/etcd". + description: |- + DataDir is the directory etcd will place its data. + Defaults to "/var/lib/etcd". type: string extraArgs: additionalProperties: type: string - description: ExtraArgs are extra arguments - provided to the etcd binary when run inside - a static pod. + description: |- + ExtraArgs are extra arguments provided to the etcd binary + when run inside a static pod. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment + variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a + ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether + the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a + secret in the pod's namespace + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, - the ImageRepository defined in ClusterConfiguration - will be used instead. + description: |- + ImageRepository sets the container registry to pull images from. + if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string imageTag: - description: ImageTag allows to specify a - tag for the image. In case this value is - set, kubeadm does not change automatically - the version of the above components during - upgrades. + description: |- + ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string peerCertSANs: description: PeerCertSANs sets extra Subject @@ -4236,55 +6517,52 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io - (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, - >= v1.25.0 * k8s.gcr.io (old registry): all older - versions Please note that when imageRepository is - not set we don''t allow upgrades to versions >= - v1.22.0 which use the old registry (k8s.gcr.io). - Please use a newer patch version with the new registry - instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, - >= v1.25.0). * If the version is a CI build (kubernetes - version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components - and for kube-proxy, while `registry.k8s.io` will - be used for all the other images.' + description: |- + ImageRepository sets the container registry to pull images from. + * If not set, the default registry of kubeadm will be used, i.e. + * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 + * k8s.gcr.io (old registry): all older versions + Please note that when imageRepository is not set we don't allow upgrades to + versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use + a newer patch version with the new registry instead (i.e. >= v1.22.17, + >= v1.23.15, >= v1.24.9, >= v1.25.0). + * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components + and for kube-proxy, while `registry.k8s.io` will be used for all the other images. type: string kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to - the Machine object spec.version' + description: |- + KubernetesVersion is the target version of the control plane. + NB: This value defaults to the Machine object spec.version type: string networking: - description: 'Networking holds configuration for the - networking topology of the cluster. NB: This value - defaults to the Cluster object spec.clusterNetwork.' + description: |- + Networking holds configuration for the networking topology of the cluster. + NB: This value defaults to the Cluster object spec.clusterNetwork. properties: dnsDomain: description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". type: string podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + description: |- + PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set type: string serviceSubnet: - description: ServiceSubnet is the subnet used - by k8s services. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + description: |- + ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or + to "10.96.0.0/12" if that's unset. type: string type: object scheduler: @@ -4294,23 +6572,156 @@ spec: extraArgs: additionalProperties: type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' + description: |- + ExtraArgs is an extra set of flags to pass to the control plane component. + TODO: This is temporary and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps. type: object + extraEnvs: + description: |- + ExtraEnvs is an extra set of environment variables to pass to the control plane component. + Environment variables passed using ExtraEnvs will override any existing environment variables, or *_proxy environment variables that kubeadm adds by default. + This option takes effect only on Kubernetes >=1.31.0. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if value + is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array extraVolumes: description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. items: - description: HostPathMount contains elements - describing volumes that are mounted from the + description: |- + HostPathMount contains elements describing volumes that are mounted from the host. properties: hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + description: |- + HostPath is the path in the host that will be mounted inside + the pod. type: string mountPath: description: MountPath is the path inside @@ -4367,10 +6778,9 @@ spec: is used. type: string overwrite: - description: Overwrite defines whether or not - to overwrite any existing filesystem. If true, - any pre-existing file system will be destroyed. - Use with Caution. + description: |- + Overwrite defines whether or not to overwrite any existing filesystem. + If true, any pre-existing file system will be destroyed. Use with Caution. type: boolean partition: description: 'Partition specifies the partition @@ -4379,11 +6789,9 @@ spec: is the actual partition number.' type: string replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: - unless you define a label, this requires the - use of the ''any'' partition directive.' + description: |- + ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . + NOTE: unless you define a label, this requires the use of the 'any' partition directive. type: string required: - device @@ -4402,23 +6810,21 @@ spec: description: Device is the name of the device. type: string layout: - description: Layout specifies the device layout. - If it is true, a single partition will be - created for the entire device. When layout - is false, it means don't partition or ignore - existing partitioning. + description: |- + Layout specifies the device layout. + If it is true, a single partition will be created for the entire device. + When layout is false, it means don't partition or ignore existing partitioning. type: boolean overwrite: - description: Overwrite describes whether to - skip checks and create the partition if a - partition or filesystem is found on the device. + description: |- + Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. type: boolean tableType: - description: 'TableType specifies the tupe of - partition table. The following are supported: - ''mbr'': default and setups a MS-DOS partition - table ''gpt'': setups a GPT partition table' + description: |- + TableType specifies the tupe of partition table. The following are supported: + 'mbr': default and setups a MS-DOS partition table + 'gpt': setups a GPT partition table type: string required: - device @@ -4503,11 +6909,12 @@ spec: configuration. properties: additionalConfig: - description: "AdditionalConfig contains additional - configuration to be merged with the Ignition - configuration generated by the bootstrapper - controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + description: |- + AdditionalConfig contains additional configuration to be merged with the Ignition + configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging + + + The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ type: string strict: description: Strict controls if AdditionalConfig @@ -4521,57 +6928,52 @@ spec: are the configurations necessary for the init command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens - to create. This information IS NOT uploaded to the - kubeadm cluster configmap, partly because of its - sensitive nature + description: |- + BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature items: description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. properties: description: - description: Description sets a human-friendly - message why this token exists and what it's - used for, so other administrators can know - its purpose. + description: |- + Description sets a human-friendly message why this token exists and what it's used + for, so other administrators can know its purpose. type: string expires: - description: Expires specifies the timestamp - when this token expires. Defaults to being - set dynamically at runtime based on the TTL. - Expires and TTL are mutually exclusive. + description: |- + Expires specifies the timestamp when this token expires. Defaults to being set + dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. format: date-time type: string groups: - description: Groups specifies the extra groups - that this token will authenticate as when/if + description: |- + Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array token: - description: Token is used for establishing - bidirectional trust between nodes and control-planes. + description: |- + Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. type: string ttl: - description: TTL defines the time to live for - this token. Defaults to 24h. Expires and TTL - are mutually exclusive. + description: |- + TTL defines the time to live for this token. Defaults to 24h. + Expires and TTL are mutually exclusive. type: string usages: - description: Usages describes the ways in which - this token can be used. Can by default be - used for establishing bidirectional trust, - but that can be changed here. + description: |- + Usages describes the ways in which this token can be used. Can by default be used + for establishing bidirectional trust, but that can be changed here. items: type: string type: array @@ -4580,42 +6982,37 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this - control plane node In HA setups, this differs from - ClusterConfiguration.ControlPlaneEndpoint in the - sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests - to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible - on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in - case that process fails you may set the desired - value here. + description: |- + LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node + In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint + is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This + configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible + on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process + fails you may set the desired value here. properties: advertiseAddress: description: AdvertiseAddress sets the IP address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: criSocket: @@ -4631,68 +7028,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and - "join" operations. The value of this field must - be one of "Always", "IfNotPresent" or "Never". - Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and - later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: []` in the YAML file. This field is - solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -4706,34 +7096,28 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during - "kubeadm init". The minimum kubernetes version needed - to support Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory - that contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or - just "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", - "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats - supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" - or "yaml". "suffix" is an optional string that - can be used to determine which patches are applied - first alpha-numerically. These files can be - written into the target directory via KubeadmConfig.Files - which specifies additional files to be created - on the machine, either with content inline or + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip - during command execution. The list of phases can - be obtained with the "kubeadm init --help" command. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: type: string @@ -4744,23 +7128,23 @@ spec: for the join command properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + description: |- + CACertPath is the path to the SSL certificate authority used to + secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k type: string controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. - If nil, no additional control plane instance will - be deployed. + description: |- + ControlPlane defines the additional control plane instance to be deployed on the joining node. + If nil, no additional control plane instance will be deployed. properties: localAPIEndpoint: description: LocalAPIEndpoint represents the endpoint @@ -4772,21 +7156,21 @@ spec: address for the API server to advertise. type: string bindPort: - description: BindPort sets the secure port - for the API Server to bind to. Defaults - to 6443. + description: |- + BindPort sets the secure port for the API Server to bind to. + Defaults to 6443. format: int32 type: integer type: object type: object discovery: - description: 'Discovery specifies the options for - the kubelet to use during the TLS Bootstrap process - TODO: revisit when there is defaulting from k/k' + description: |- + Discovery specifies the options for the kubelet to use during the TLS Bootstrap process + TODO: revisit when there is defaulting from k/k properties: bootstrapToken: - description: BootstrapToken is used to set the - options for bootstrap token based discovery + description: |- + BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: apiServerEndpoint: @@ -4795,44 +7179,175 @@ spec: info will be fetched. type: string caCertHashes: - description: 'CACertHashes specifies a set - of public key pins to verify when token-based - discovery is used. The root CA found during - discovery must match one of these values. - Specifying an empty set disables root CA - pinning, which can be unsafe. Each hash - is specified as ":", where - the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the - Subject Public Key Info (SPKI) object in - DER-encoded ASN.1. These hashes can be calculated - using, for example, OpenSSL: openssl x509 - -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 - -hex' + description: |- + CACertHashes specifies a set of public key pins to verify + when token-based discovery is used. The root CA found during discovery + must match one of these values. Specifying an empty set disables root CA + pinning, which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". This is a hex-encoded + SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, for example, OpenSSL: + openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex items: type: string type: array token: - description: Token is a token used to validate - cluster information fetched from the control-plane. + description: |- + Token is a token used to validate cluster information + fetched from the control-plane. type: string unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows - token-based discovery without CA verification - via CACertHashes. This can weaken the security - of kubeadm since other nodes can impersonate - the control-plane. + description: |- + UnsafeSkipCAVerification allows token-based discovery + without CA verification via CACertHashes. This can weaken + the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - token type: object file: - description: File is used to specify a file or - URL to a kubeconfig file from which to load - cluster information BootstrapToken and File - are mutually exclusive + description: |- + File is used to specify a file or URL to a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive properties: + kubeConfig: + description: |- + KubeConfig is used (optionally) to generate a KubeConfig based on the KubeadmConfig's information. + The file is generated at the path specified in KubeConfigPath. + + + Host address (server field) information is automatically populated based on the Cluster's ControlPlaneEndpoint. + Certificate Authority (certificate-authority-data field) is gathered from the cluster's CA secret. + properties: + cluster: + description: |- + Cluster contains information about how to communicate with the kubernetes cluster. + + + By default the following fields are automatically populated: + - Server with the Cluster's ControlPlaneEndpoint. + - CertificateAuthorityData with the Cluster's CA certificate. + properties: + certificateAuthorityData: + description: |- + CertificateAuthorityData contains PEM-encoded certificate authority certificates. + + + Defaults to the Cluster's CA certificate if empty. + format: byte + type: string + insecureSkipTLSVerify: + description: InsecureSkipTLSVerify + skips the validity check for the + server's certificate. This will + make your HTTPS connections insecure. + type: boolean + proxyURL: + description: |- + ProxyURL is the URL to the proxy to be used for all requests made by this + client. URLs with "http", "https", and "socks5" schemes are supported. If + this configuration is not provided or the empty string, the client + attempts to construct a proxy configuration from http_proxy and + https_proxy environment variables. If these environment variables are not + set, the client does not attempt to proxy requests. + + + socks5 proxying does not currently support spdy streaming endpoints (exec, + attach, port forward). + type: string + server: + description: |- + Server is the address of the kubernetes cluster (https://hostname:port). + + + Defaults to https:// + Cluster.Spec.ControlPlaneEndpoint. + type: string + tlsServerName: + description: TLSServerName is used + to check server certificate. If + TLSServerName is empty, the hostname + used to contact the server is used. + type: string + type: object + user: + description: |- + User contains information that describes identity information. + This is used to tell the kubernetes cluster who you are. + properties: + authProvider: + description: AuthProvider specifies + a custom authentication plugin for + the kubernetes cluster. + properties: + config: + additionalProperties: + type: string + description: Config holds the + parameters for the authentication + plugin. + type: object + name: + description: Name is the name + of the authentication plugin. + type: string + required: + - name + type: object + exec: + description: Exec specifies a custom + exec-based authentication plugin + for the kubernetes cluster. + properties: + apiVersion: + description: |- + Preferred input version of the ExecInfo. The returned ExecCredentials MUST use + the same encoding version as the input. + Defaults to client.authentication.k8s.io/v1 if not set. + type: string + args: + description: Arguments to pass + to the command when executing + it. + items: + type: string + type: array + command: + description: Command to execute. + type: string + env: + description: |- + Env defines additional environment variables to expose to the process. These + are unioned with the host's environment, as well as variables client-go uses + to pass argument to the plugin. + items: + description: |- + KubeConfigAuthExecEnv is used for setting environment variables when executing an exec-based + credential plugin. + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + provideClusterInfo: + description: |- + ProvideClusterInfo determines whether or not to provide cluster information, + which could potentially contain very large CA data, to this exec plugin as a + part of the KUBERNETES_EXEC_INFO environment variable. By default, it is set + to false. Package k8s.io/client-go/tools/auth/exec provides helper methods for + reading this environment variable. + type: boolean + required: + - command + type: object + type: object + required: + - user + type: object kubeConfigPath: description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig @@ -4845,26 +7360,24 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used - for TLS bootstrapping. If .BootstrapToken is - set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this - field **must be set** in case the KubeConfigFile - does not contain any other authentication information + description: |- + TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information type: string type: object kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent + description: |- + NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: criSocket: @@ -4880,68 +7393,61 @@ spec: type: string type: array imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and - "join" operations. The value of this field must - be one of "Always", "IfNotPresent" or "Never". - Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and - later. + description: |- + ImagePullPolicy specifies the policy for image pulling + during kubeadm "init" and "join" operations. The value of + this field must be one of "Always", "IfNotPresent" or + "Never". Defaults to "IfNotPresent". This can be used only + with Kubernetes version equal to 1.22 and later. enum: - Always - IfNotPresent - Never type: string + imagePullSerial: + description: |- + ImagePullSerial specifies if image pulling performed by kubeadm must be done serially or in parallel. + This option takes effect only on Kubernetes >=1.31.0. + Default: true (defaulted in kubeadm) + type: boolean kubeletExtraArgs: additionalProperties: type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. + description: |- + KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file + kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. type: object name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: |- + Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. + This field is also used in the CommonName field of the kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. type: string taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: []` in the YAML file. This field is - solely used for Node registration.' + description: |- + Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an + empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. + description: |- + The node this Taint is attached to has the "effect" on + any pod that does not tolerate the Taint. properties: effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + Required. The effect of the taint on pods + that do not tolerate the taint. + Valid effects are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Required. The taint key to be applied to a node. type: string timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. + description: |- + TimeAdded represents the time at which the taint was added. + It is only written for NoExecute taints. format: date-time type: string value: @@ -4955,34 +7461,28 @@ spec: type: array type: object patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during - "kubeadm join". The minimum kubernetes version needed - to support Patches is v1.22 + description: |- + Patches contains options related to applying patches to components deployed by kubeadm during + "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 properties: directory: - description: Directory is a path to a directory - that contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or - just "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", - "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats - supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" - or "yaml". "suffix" is an optional string that - can be used to determine which patches are applied - first alpha-numerically. These files can be - written into the target directory via KubeadmConfig.Files - which specifies additional files to be created - on the machine, either with content inline or + description: |- + Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". + For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of + "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one + of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. + The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". + "suffix" is an optional string that can be used to determine which patches are applied + first alpha-numerically. + These files can be written into the target directory via KubeadmConfig.Files which + specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string type: object skipPhases: - description: SkipPhases is a list of phases to skip - during command execution. The list of phases can - be obtained with the "kubeadm init --help" command. + description: |- + SkipPhases is a list of phases to skip during command execution. + The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. items: type: string @@ -5025,18 +7525,24 @@ spec: type: string type: array useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic - kubeadm command with a shell script with retries for - joins. \n This is meant to be an experimental temporary - workaround on some environments where joins fail due - to timing (and other issues). The long term goal is - to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more - information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed - and this field will be removed in a future release. - When removing also remove from staticcheck exclude-rules - for SA1019 in golangci.yml" + description: |- + UseExperimentalRetryJoin replaces a basic kubeadm command with a shell + script with retries for joins. + + + This is meant to be an experimental temporary workaround on some environments + where joins fail due to timing (and other issues). The long term goal is to add retries to + kubeadm proper and use that functionality. + + + This will add about 40KB to userdata + + + For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + + + Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. + When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml type: boolean users: description: Users specifies extra users to add @@ -5116,60 +7622,57 @@ spec: type: object type: array verbosity: - description: Verbosity is the number for the kubeadm log - level verbosity. It overrides the `--v` flag in kubeadm - commands. + description: |- + Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. format: int32 type: integer type: object machineTemplate: - description: MachineTemplate contains information about how - machines should be shaped when creating or updating a control - plane. + description: |- + MachineTemplate contains information about how machines + should be shaped when creating or updating a control plane. properties: metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when - modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - machine controller will attempt to delete the Node that - the Machine hosts after the Machine is marked for deletion. - A duration of 0 will retry deletion indefinitely. If - no value is provided, the default value for this property - of the Machine resource will be used. + description: |- + NodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + If no value is provided, the default value for this property of the Machine resource will be used. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a controlplane - node The default value is 0, meaning that the node can - be drained without any time limitations. NOTE: NodeDrainTimeout - is different from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, - meaning that the volumes can be detached without any - time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string type: object remediationStrategy: @@ -5178,63 +7681,68 @@ spec: properties: maxRetry: description: "MaxRetry is the Max number of retries while - attempting to remediate an unhealthy machine. A retry + attempting to remediate an unhealthy machine.\nA retry happens when a machine that was created as a replacement - for an unhealthy machine also fails. For example, given - a control plane with three machines M1, M2, M3: \n M1 + for an unhealthy machine also fails.\nFor example, given + a control plane with three machines M1, M2, M3:\n\n\n\tM1 become unhealthy; remediation happens, and M1-1 is created - as a replacement. If M1-1 (replacement of M1) has problems - while bootstrapping it will become unhealthy, and then - be remediated; such operation is considered a retry, - remediation-retry #1. If M1-2 (replacement of M1-1) - becomes unhealthy, remediation-retry #2 will happen, - etc. \n A retry could happen only after RetryPeriod - from the previous retry. If a machine is marked as unhealthy - after MinHealthyPeriod from the previous remediation - expired, this is not considered a retry anymore because + as a replacement.\n\tIf M1-1 (replacement of M1) has + problems while bootstrapping it will become unhealthy, + and then be\n\tremediated; such operation is considered + a retry, remediation-retry #1.\n\tIf M1-2 (replacement + of M1-1) becomes unhealthy, remediation-retry #2 will + happen, etc.\n\n\nA retry could happen only after RetryPeriod + from the previous retry.\nIf a machine is marked as + unhealthy after MinHealthyPeriod from the previous remediation + expired,\nthis is not considered a retry anymore because the new issue is assumed unrelated from the previous - one. \n If not set, the remedation will be retried infinitely." + one.\n\n\nIf not set, the remedation will be retried + infinitely." format: int32 type: integer minHealthyPeriod: description: "MinHealthyPeriod defines the duration after - which KCP will consider any failure to a machine unrelated - from the previous one. In this case the remediation - is not considered a retry anymore, and thus the retry - counter restarts from 0. For example, assuming MinHealthyPeriod - is set to 1h (default) \n M1 become unhealthy; remediation - happens, and M1-1 is created as a replacement. If M1-1 - (replacement of M1) has problems within the 1hr after - the creation, also this machine will be remediated and - this operation is considered a retry - a problem related - to the original issue happened to M1 -. \n If instead - the problem on M1-1 is happening after MinHealthyPeriod - expired, e.g. four days after m1-1 has been created + which KCP will consider any failure to a machine unrelated\nfrom + the previous one. In this case the remediation is not + considered a retry anymore, and thus the retry\ncounter + restarts from 0. For example, assuming MinHealthyPeriod + is set to 1h (default)\n\n\n\tM1 become unhealthy; remediation + happens, and M1-1 is created as a replacement.\n\tIf + M1-1 (replacement of M1) has problems within the 1hr + after the creation, also\n\tthis machine will be remediated + and this operation is considered a retry - a problem + related\n\tto the original issue happened to M1 -.\n\n\n\tIf + instead the problem on M1-1 is happening after MinHealthyPeriod + expired, e.g. four days after\n\tm1-1 has been created as a remediation of M1, the problem on M1-1 is considered - unrelated to the original issue happened to M1. \n If + unrelated to\n\tthe original issue happened to M1.\n\n\nIf not set, this value is defaulted to 1h." type: string retryPeriod: - description: "RetryPeriod is the duration that KCP should - wait before remediating a machine being created as a - replacement for an unhealthy machine (a retry). \n If - not set, a retry will happen immediately." + description: |- + RetryPeriod is the duration that KCP should wait before remediating a machine being created as a replacement + for an unhealthy machine (a retry). + + + If not set, a retry will happen immediately. type: string type: object rolloutAfter: - description: RolloutAfter is a field to indicate a rollout - should be performed after the specified time even if no - changes have been made to the KubeadmControlPlane. + description: |- + RolloutAfter is a field to indicate a rollout should be performed + after the specified time even if no changes have been made to the + KubeadmControlPlane. format: date-time type: string rolloutBefore: - description: RolloutBefore is a field to indicate a rollout - should be performed if the specified criteria is met. + description: |- + RolloutBefore is a field to indicate a rollout should be performed + if the specified criteria is met. properties: certificatesExpiryDays: - description: CertificatesExpiryDays indicates a rollout - needs to be performed if the certificates of the machine - will expire within the specified days. + description: |- + CertificatesExpiryDays indicates a rollout needs to be performed if the + certificates of the machine will expire within the specified days. format: int32 type: integer type: object @@ -5243,28 +7751,33 @@ spec: rollingUpdate: maxSurge: 1 type: RollingUpdate - description: The RolloutStrategy to use to replace control - plane machines with new ones. + description: |- + The RolloutStrategy to use to replace control plane machines with + new ones. properties: rollingUpdate: - description: Rolling update config params. Present only - if RolloutStrategyType = RollingUpdate. + description: |- + Rolling update config params. Present only if + RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string - description: 'The maximum number of control planes - that can be scheduled above or under the desired - number of control planes. Value can be an absolute - number 1 or 0. Defaults to 1. Example: when this - is set to 1, the control plane can be scaled up - immediately when the rolling update starts.' + description: |- + The maximum number of control planes that can be scheduled above or under the + desired number of control planes. + Value can be an absolute number 1 or 0. + Defaults to 1. + Example: when this is set to 1, the control plane can be scaled + up immediately when the rolling update starts. x-kubernetes-int-or-string: true type: object type: - description: Type of rollout. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. + description: |- + Type of rollout. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. type: string type: object required: @@ -5280,19 +7793,12 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: v1 kind: ServiceAccount metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-manager namespace: capi-kubeadm-control-plane-system --- @@ -5301,7 +7807,6 @@ kind: Role metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-leader-election-role namespace: capi-kubeadm-control-plane-system rules: @@ -5333,7 +7838,6 @@ kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-aggregated-manager-role rules: [] --- @@ -5342,7 +7846,6 @@ kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true" name: capi-kubeadm-control-plane-manager-role rules: @@ -5389,6 +7892,14 @@ rules: - get - list - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + verbs: + - get + - list + - watch - apiGroups: - cluster.x-k8s.io resources: @@ -5408,10 +7919,7 @@ rules: - events verbs: - create - - get - - list - patch - - watch - apiGroups: - "" resources: @@ -5427,10 +7935,8 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-leader-election-rolebinding namespace: capi-kubeadm-control-plane-system roleRef: @@ -5445,10 +7951,8 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -5464,7 +7968,6 @@ kind: Service metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-webhook-service namespace: capi-kubeadm-control-plane-system spec: @@ -5477,10 +7980,8 @@ spec: apiVersion: apps/v1 kind: Deployment metadata: - labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-kubeadm-control-plane-controller-manager namespace: capi-kubeadm-control-plane-system @@ -5490,10 +7991,8 @@ spec: matchLabels: cluster.x-k8s.io/provider: control-plane-kubeadm control-plane: controller-manager - strategy: {} template: metadata: - labels: cluster.x-k8s.io/provider: control-plane-kubeadm control-plane: controller-manager @@ -5503,6 +8002,7 @@ spec: - --leader-elect - --diagnostics-address=:8443 - --insecure-diagnostics=false + - --use-deprecated-infra-machine-naming=false - --feature-gates=ClusterTopology=true,KubeadmBootstrapFormatIgnition=false command: - /manager @@ -5519,7 +8019,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.0 + image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.8.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5540,7 +8040,6 @@ spec: httpGet: path: /readyz port: healthz - resources: {} securityContext: allowPrivilegeEscalation: false capabilities: @@ -5549,6 +8048,7 @@ spec: privileged: false runAsGroup: 65532 runAsUser: 65532 + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert @@ -5568,14 +8068,12 @@ spec: - name: cert secret: secretName: capi-kubeadm-control-plane-webhook-service-cert -status: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-serving-cert namespace: capi-kubeadm-control-plane-system spec: @@ -5595,7 +8093,6 @@ kind: Issuer metadata: labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-selfsigned-issuer namespace: capi-kubeadm-control-plane-system spec: @@ -5606,10 +8103,8 @@ kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert - labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -5661,10 +8156,8 @@ kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert - labels: cluster.x-k8s.io/provider: control-plane-kubeadm - clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-validating-webhook-configuration webhooks: - admissionReviewVersions: @@ -5730,4 +8223,4 @@ webhooks: - UPDATE resources: - kubeadmcontrolplanetemplates - sideEffects: None + sideEffects: None \ No newline at end of file diff --git a/infra/capi/cluster-capi/cluster-api-core.yaml b/infra/capi/cluster-capi/cluster-api-core.yaml index 449fa72..f50c7ed 100644 --- a/infra/capi/cluster-capi/cluster-api-core.yaml +++ b/infra/capi/cluster-capi/cluster-api-core.yaml @@ -3,7 +3,6 @@ kind: Namespace metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-system --- @@ -12,18 +11,15 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: clusterclasses.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -52,19 +48,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "ClusterClass is a template which can be used to create managed - topologies. \n Deprecated: This type will be removed in one of the next - releases." + description: |- + ClusterClass is a template which can be used to create managed topologies. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -72,51 +75,62 @@ spec: description: ClusterClassSpec describes the desired state of the ClusterClass. properties: controlPlane: - description: ControlPlane is a reference to a local struct that holds - the details for provisioning the Control Plane for the Cluster. + description: |- + ControlPlane is a reference to a local struct that holds the details + for provisioning the Control Plane for the Cluster. properties: machineInfrastructure: - description: "MachineTemplate defines the metadata and infrastructure - information for control plane machines. \n This field is supported - if and only if the control plane provider template referenced - above is Machine based and supports setting replicas." + description: |- + MachineTemplate defines the metadata and infrastructure information + for control plane machines. + + + This field is supported if and only if the control plane provider template + referenced above is Machine based and supports setting replicas. properties: ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -124,65 +138,76 @@ spec: - ref type: object metadata: - description: "Metadata is the metadata applied to the machines - of the ControlPlane. At runtime this metadata is merged with - the corresponding metadata from the topology. \n This field - is supported if and only if the control plane provider template - referenced is Machine based." + description: |- + Metadata is the metadata applied to the machines of the ControlPlane. + At runtime this metadata is merged with the corresponding metadata from the topology. + + + This field is supported if and only if the control plane provider template + referenced is Machine based. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -190,47 +215,56 @@ spec: - ref type: object infrastructure: - description: Infrastructure is a reference to a provider-specific - template that holds the details for provisioning infrastructure - specific cluster for the underlying provider. The underlying provider - is responsible for the implementation of the template to an infrastructure - cluster. + description: |- + Infrastructure is a reference to a provider-specific template that holds + the details for provisioning infrastructure specific cluster + for the underlying provider. + The underlying provider is responsible for the implementation + of the template to an infrastructure cluster. properties: ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -238,77 +272,79 @@ spec: - ref type: object workers: - description: Workers describes the worker nodes for the cluster. It - is a collection of node types which can be used to create the worker - nodes of the cluster. + description: |- + Workers describes the worker nodes for the cluster. + It is a collection of node types which can be used to create + the worker nodes of the cluster. properties: machineDeployments: - description: MachineDeployments is a list of machine deployment - classes that can be used to create a set of worker nodes. + description: |- + MachineDeployments is a list of machine deployment classes that can be used to create + a set of worker nodes. items: - description: MachineDeploymentClass serves as a template to - define a set of worker nodes of the cluster provisioned using - the `ClusterClass`. + description: |- + MachineDeploymentClass serves as a template to define a set of worker nodes of the cluster + provisioned using the `ClusterClass`. properties: class: - description: Class denotes a type of worker node present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachineDeployment. + description: |- + Class denotes a type of worker node present in the cluster, + this name MUST be unique within a ClusterClass and can be referenced + in the Cluster to create a managed MachineDeployment. type: string template: - description: Template is a local struct containing a collection - of templates for creation of MachineDeployment objects - representing a set of worker nodes. + description: |- + Template is a local struct containing a collection of templates for creation of + MachineDeployment objects representing a set of worker nodes. properties: bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of worker Machines. + description: |- + Bootstrap contains the bootstrap template reference to be used + for the creation of worker Machines. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -316,54 +352,53 @@ spec: - ref type: object infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - worker Machines. + description: |- + Infrastructure contains the infrastructure template reference to be used + for the creation of worker Machines. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -371,27 +406,27 @@ spec: - ref type: object metadata: - description: Metadata is the metadata applied to the - machines of the MachineDeployment. At runtime this - metadata is merged with the corresponding metadata - from the topology. + description: |- + Metadata is the metadata applied to the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding metadata from the topology. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object required: @@ -421,14 +456,19 @@ spec: topologies. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -436,82 +476,102 @@ spec: description: ClusterClassSpec describes the desired state of the ClusterClass. properties: controlPlane: - description: ControlPlane is a reference to a local struct that holds - the details for provisioning the Control Plane for the Cluster. + description: |- + ControlPlane is a reference to a local struct that holds the details + for provisioning the Control Plane for the Cluster. properties: machineHealthCheck: - description: MachineHealthCheck defines a MachineHealthCheck for - this ControlPlaneClass. This field is supported if and only - if the ControlPlane provider template referenced above is Machine - based and supports setting replicas. + description: |- + MachineHealthCheck defines a MachineHealthCheck for this ControlPlaneClass. + This field is supported if and only if the ControlPlane provider template + referenced above is Machine based and supports setting replicas. properties: maxUnhealthy: anyOf: - type: integer - type: string - description: Any further remediation is only allowed if at - most "MaxUnhealthy" machines selected by "selector" are - not healthy. + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without a node - will be considered to have failed and will be remediated. - If you wish to disable this feature, set the value explicitly - to 0. + description: |- + NodeStartupTimeout allows to set the maximum time for MachineHealthCheck + to consider a Machine unhealthy if a corresponding Node isn't associated + through a `Spec.ProviderID` field. + + + The duration set in this field is compared to the greatest of: + - Cluster's infrastructure ready condition timestamp (if and when available) + - Control Plane's initialized condition timestamp (if and when available) + - Machine's infrastructure ready condition timestamp (if and when available) + - Machine's metadata creation timestamp + + + Defaults to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This - field is completely optional, when filled, the MachineHealthCheck - controller creates a new object from the template referenced - and hands off remediation of the machine to a controller - that lives outside of Cluster API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The - conditions are combined in a logical OR, i.e. if any of - the conditions is met, the node is unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node condition - type and value with a timeout specified as a duration. When - the named condition has been in the given status for at - least the timeout value, a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -528,57 +588,67 @@ spec: type: object type: array unhealthyRange: - description: 'Any further remediation is only allowed if the - number of machines selected by "selector" as not healthy - is within the range of "UnhealthyRange". Takes precedence - over MaxUnhealthy. Eg. "[3-5]" - This means that remediation - will be allowed only when: (a) there are at least 3 unhealthy - machines (and) (b) there are at most 5 unhealthy machines' + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object machineInfrastructure: - description: "MachineInfrastructure defines the metadata and infrastructure - information for control plane machines. \n This field is supported - if and only if the control plane provider template referenced - above is Machine based and supports setting replicas." + description: |- + MachineInfrastructure defines the metadata and infrastructure information + for control plane machines. + + + This field is supported if and only if the control plane provider template + referenced above is Machine based and supports setting replicas. properties: ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -586,30 +656,33 @@ spec: - ref type: object metadata: - description: "Metadata is the metadata applied to the ControlPlane - and the Machines of the ControlPlane if the ControlPlaneTemplate - referenced is machine based. If not, it is applied only to the - ControlPlane. At runtime this metadata is merged with the corresponding - metadata from the topology. \n This field is supported if and - only if the control plane provider template referenced is Machine - based." + description: |- + Metadata is the metadata applied to the ControlPlane and the Machines of the ControlPlane + if the ControlPlaneTemplate referenced is machine based. If not, it is applied only to the + ControlPlane. + At runtime this metadata is merged with the corresponding metadata from the topology. + + + This field is supported if and only if the control plane provider template + referenced is Machine based. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object namingStrategy: @@ -617,74 +690,79 @@ spec: used when creating the control plane provider object. properties: template: - description: 'Template defines the template to use for generating - the name of the ControlPlane object. If not defined, it - will fallback to `{{ .cluster.name }}-{{ .random }}`. If - the templated string exceeds 63 characters, it will be trimmed - to 58 characters and will get concatenated with a random - suffix of length 5. The templating mechanism provides the - following arguments: * `.cluster.name`: The name of the - cluster object. * `.random`: A random alphanumeric string, - without vowels, of length 5.' + description: |- + Template defines the template to use for generating the name of the ControlPlane object. + If not defined, it will fallback to `{{ .cluster.name }}-{{ .random }}`. + If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will + get concatenated with a random suffix of length 5. + The templating mechanism provides the following arguments: + * `.cluster.name`: The name of the cluster object. + * `.random`: A random alphanumeric string, without vowels, of length 5. type: string type: object nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will retry - deletion indefinitely. Defaults to 10 seconds. NOTE: This value - can be overridden while defining a Cluster.Topology.' + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + NOTE: This value can be overridden while defining a Cluster.Topology. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a node. The default value - is 0, meaning that the node can be drained without any time - limitations. NOTE: NodeDrainTimeout is different from `kubectl - drain --timeout` NOTE: This value can be overridden while defining - a Cluster.Topology.' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + NOTE: This value can be overridden while defining a Cluster.Topology. type: string nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount of time - that the controller will spend on waiting for all volumes to - be detached. The default value is 0, meaning that the volumes - can be detached without any time limitations. NOTE: This value - can be overridden while defining a Cluster.Topology.' + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + NOTE: This value can be overridden while defining a Cluster.Topology. type: string ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -692,47 +770,56 @@ spec: - ref type: object infrastructure: - description: Infrastructure is a reference to a provider-specific - template that holds the details for provisioning infrastructure - specific cluster for the underlying provider. The underlying provider - is responsible for the implementation of the template to an infrastructure - cluster. + description: |- + Infrastructure is a reference to a provider-specific template that holds + the details for provisioning infrastructure specific cluster + for the underlying provider. + The underlying provider is responsible for the implementation + of the template to an infrastructure cluster. properties: ref: - description: Ref is a required reference to a custom resource + description: |- + Ref is a required reference to a custom resource offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -740,71 +827,70 @@ spec: - ref type: object patches: - description: 'Patches defines the patches which are applied to customize - referenced templates of a ClusterClass. Note: Patches will be applied - in the order of the array.' + description: |- + Patches defines the patches which are applied to customize + referenced templates of a ClusterClass. + Note: Patches will be applied in the order of the array. items: description: ClusterClassPatch defines a patch which is applied to customize the referenced templates. properties: definitions: - description: 'Definitions define inline patches. Note: Patches - will be applied in the order of the array. Note: Exactly one - of Definitions or External must be set.' + description: |- + Definitions define inline patches. + Note: Patches will be applied in the order of the array. + Note: Exactly one of Definitions or External must be set. items: description: PatchDefinition defines a patch which is applied to customize the referenced templates. properties: jsonPatches: - description: 'JSONPatches defines the patches which should - be applied on the templates matching the selector. Note: - Patches will be applied in the order of the array.' + description: |- + JSONPatches defines the patches which should be applied on the templates + matching the selector. + Note: Patches will be applied in the order of the array. items: description: JSONPatch defines a JSON patch. properties: op: - description: 'Op defines the operation of the patch. - Note: Only `add`, `replace` and `remove` are supported.' + description: |- + Op defines the operation of the patch. + Note: Only `add`, `replace` and `remove` are supported. type: string path: - description: 'Path defines the path of the patch. - Note: Only the spec of a template can be patched, - thus the path has to start with /spec/. Note: - For now the only allowed array modifications are - `append` and `prepend`, i.e.: * for op: `add`: - only index 0 (prepend) and - (append) are allowed - * for op: `replace` or `remove`: no indexes are - allowed' + description: |- + Path defines the path of the patch. + Note: Only the spec of a template can be patched, thus the path has to start with /spec/. + Note: For now the only allowed array modifications are `append` and `prepend`, i.e.: + * for op: `add`: only index 0 (prepend) and - (append) are allowed + * for op: `replace` or `remove`: no indexes are allowed type: string value: - description: 'Value defines the value of the patch. - Note: Either Value or ValueFrom is required for - add and replace operations. Only one of them is - allowed to be set at the same time. Note: We have - to use apiextensionsv1.JSON instead of our JSON - type, because controller-tools has a hard-coded - schema for apiextensionsv1.JSON which cannot be - produced by another type (unset type field). Ref: - https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + description: |- + Value defines the value of the patch. + Note: Either Value or ValueFrom is required for add and replace + operations. Only one of them is allowed to be set at the same time. + Note: We have to use apiextensionsv1.JSON instead of our JSON type, + because controller-tools has a hard-coded schema for apiextensionsv1.JSON + which cannot be produced by another type (unset type field). + Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111 x-kubernetes-preserve-unknown-fields: true valueFrom: - description: 'ValueFrom defines the value of the - patch. Note: Either Value or ValueFrom is required - for add and replace operations. Only one of them - is allowed to be set at the same time.' + description: |- + ValueFrom defines the value of the patch. + Note: Either Value or ValueFrom is required for add and replace + operations. Only one of them is allowed to be set at the same time. properties: template: - description: 'Template is the Go template to - be used to calculate the value. A template - can reference variables defined in .spec.variables - and builtin variables. Note: The template - must evaluate to a valid YAML or JSON value.' + description: |- + Template is the Go template to be used to calculate the value. + A template can reference variables defined in .spec.variables and builtin variables. + Note: The template must evaluate to a valid YAML or JSON value. type: string variable: - description: Variable is the variable to be - used as value. Variable can be one of the - variables defined in .spec.variables or a - builtin variable. + description: |- + Variable is the variable to be used as value. + Variable can be one of the variables defined in .spec.variables or a builtin variable. type: string type: object required: @@ -827,19 +913,19 @@ spec: on where they are referenced. properties: controlPlane: - description: 'ControlPlane selects templates referenced - in .spec.ControlPlane. Note: this will match - the controlPlane and also the controlPlane machineInfrastructure - (depending on the kind and apiVersion).' + description: |- + ControlPlane selects templates referenced in .spec.ControlPlane. + Note: this will match the controlPlane and also the controlPlane + machineInfrastructure (depending on the kind and apiVersion). type: boolean infrastructureCluster: description: InfrastructureCluster selects templates referenced in .spec.infrastructure. type: boolean machineDeploymentClass: - description: MachineDeploymentClass selects templates - referenced in specific MachineDeploymentClasses - in .spec.workers.machineDeployments. + description: |- + MachineDeploymentClass selects templates referenced in specific MachineDeploymentClasses in + .spec.workers.machineDeployments. properties: names: description: Names selects templates by class @@ -849,8 +935,8 @@ spec: type: array type: object machinePoolClass: - description: MachinePoolClass selects templates - referenced in specific MachinePoolClasses in + description: |- + MachinePoolClass selects templates referenced in specific MachinePoolClasses in .spec.workers.machinePools. properties: names: @@ -876,16 +962,17 @@ spec: this patch. type: string enabledIf: - description: EnabledIf is a Go template to be used to calculate - if a patch should be enabled. It can reference variables defined - in .spec.variables and builtin variables. The patch will be - enabled if the template evaluates to `true`, otherwise it - will be disabled. If EnabledIf is not set, the patch will - be enabled per default. + description: |- + EnabledIf is a Go template to be used to calculate if a patch should be enabled. + It can reference variables defined in .spec.variables and builtin variables. + The patch will be enabled if the template evaluates to `true`, otherwise it will + be disabled. + If EnabledIf is not set, the patch will be enabled per default. type: string external: - description: 'External defines an external patch. Note: Exactly - one of Definitions or External must be set.' + description: |- + External defines an external patch. + Note: Exactly one of Definitions or External must be set. properties: discoverVariablesExtension: description: DiscoverVariablesExtension references an extension @@ -898,9 +985,10 @@ spec: settings: additionalProperties: type: string - description: Settings defines key value pairs to be passed - to the extensions. Values defined here take precedence - over the values defined in the corresponding ExtensionConfig. + description: |- + Settings defines key value pairs to be passed to the extensions. + Values defined here take precedence over the values defined in the + corresponding ExtensionConfig. type: object validateExtension: description: ValidateExtension references an extension which @@ -915,48 +1003,79 @@ spec: type: object type: array variables: - description: Variables defines the variables which can be configured + description: |- + Variables defines the variables which can be configured in the Cluster topology and are then used in patches. items: - description: ClusterClassVariable defines a variable which can be - configured in the Cluster topology and used in patches. + description: |- + ClusterClassVariable defines a variable which can + be configured in the Cluster topology and used in patches. properties: + metadata: + description: |- + Metadata is the metadata of a variable. + It can be used to add additional data for higher level tools to + a ClusterClassVariable. + + + Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please use XMetadata in JSONSchemaProps instead. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map that can be used to store and + retrieve arbitrary metadata. + They are not queryable. + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) variables. + type: object + type: object name: description: Name of the variable. type: string required: - description: 'Required specifies if the variable is required. + description: |- + Required specifies if the variable is required. Note: this applies to the variable as a whole and thus the top-level object defined in the schema. If nested fields are - required, this will be specified inside the schema.' + required, this will be specified inside the schema. type: boolean schema: description: Schema defines the schema of the variable. properties: openAPIV3Schema: - description: OpenAPIV3Schema defines the schema of a variable - via OpenAPI v3 schema. The schema is a subset of the schema - used in Kubernetes CRDs. + description: |- + OpenAPIV3Schema defines the schema of a variable via OpenAPI v3 + schema. The schema is a subset of the schema used in + Kubernetes CRDs. properties: additionalProperties: - description: 'AdditionalProperties specifies the schema - of values in a map (keys are always strings). NOTE: - Can only be set if type is object. NOTE: AdditionalProperties - is mutually exclusive with Properties. NOTE: This - field uses PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' + description: |- + AdditionalProperties specifies the schema of values in a map (keys are always strings). + NOTE: Can only be set if type is object. + NOTE: AdditionalProperties is mutually exclusive with Properties. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true default: - description: 'Default is the default value of the variable. - NOTE: Can be set for all types.' + description: |- + Default is the default value of the variable. + NOTE: Can be set for all types. x-kubernetes-preserve-unknown-fields: true description: description: Description is a human-readable description of this variable. type: string enum: - description: 'Enum is the list of valid values of the - variable. NOTE: Can be set for all types.' + description: |- + Enum is the list of valid values of the variable. + NOTE: Can be set for all types. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -964,102 +1083,258 @@ spec: description: Example is an example for this variable. x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: - description: 'ExclusiveMaximum specifies if the Maximum - is exclusive. NOTE: Can only be set if type is integer - or number.' + description: |- + ExclusiveMaximum specifies if the Maximum is exclusive. + NOTE: Can only be set if type is integer or number. type: boolean exclusiveMinimum: - description: 'ExclusiveMinimum specifies if the Minimum - is exclusive. NOTE: Can only be set if type is integer - or number.' + description: |- + ExclusiveMinimum specifies if the Minimum is exclusive. + NOTE: Can only be set if type is integer or number. type: boolean format: - description: 'Format is an OpenAPI v3 format string. - Unknown formats are ignored. For a list of supported - formats please see: (of the k8s.io/apiextensions-apiserver - version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go - NOTE: Can only be set if type is string.' + description: |- + Format is an OpenAPI v3 format string. Unknown formats are ignored. + For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we're currently using) + https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go + NOTE: Can only be set if type is string. type: string items: - description: 'Items specifies fields of an array. NOTE: - Can only be set if type is array. NOTE: This field - uses PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' + description: |- + Items specifies fields of an array. + NOTE: Can only be set if type is array. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true maxItems: - description: 'MaxItems is the max length of an array - variable. NOTE: Can only be set if type is array.' + description: |- + MaxItems is the max length of an array variable. + NOTE: Can only be set if type is array. format: int64 type: integer maxLength: - description: 'MaxLength is the max length of a string - variable. NOTE: Can only be set if type is string.' + description: |- + MaxLength is the max length of a string variable. + NOTE: Can only be set if type is string. + format: int64 + type: integer + maxProperties: + description: |- + MaxProperties is the maximum amount of entries in a map or properties in an object. + NOTE: Can only be set if type is object. format: int64 type: integer maximum: - description: 'Maximum is the maximum of an integer or - number variable. If ExclusiveMaximum is false, the - variable is valid if it is lower than, or equal to, - the value of Maximum. If ExclusiveMaximum is true, - the variable is valid if it is strictly lower than - the value of Maximum. NOTE: Can only be set if type - is integer or number.' + description: |- + Maximum is the maximum of an integer or number variable. + If ExclusiveMaximum is false, the variable is valid if it is lower than, or equal to, the value of Maximum. + If ExclusiveMaximum is true, the variable is valid if it is strictly lower than the value of Maximum. + NOTE: Can only be set if type is integer or number. format: int64 type: integer minItems: - description: 'MinItems is the min length of an array - variable. NOTE: Can only be set if type is array.' + description: |- + MinItems is the min length of an array variable. + NOTE: Can only be set if type is array. format: int64 type: integer minLength: - description: 'MinLength is the min length of a string - variable. NOTE: Can only be set if type is string.' + description: |- + MinLength is the min length of a string variable. + NOTE: Can only be set if type is string. + format: int64 + type: integer + minProperties: + description: |- + MinProperties is the minimum amount of entries in a map or properties in an object. + NOTE: Can only be set if type is object. format: int64 type: integer minimum: - description: 'Minimum is the minimum of an integer or - number variable. If ExclusiveMinimum is false, the - variable is valid if it is greater than, or equal - to, the value of Minimum. If ExclusiveMinimum is true, - the variable is valid if it is strictly greater than - the value of Minimum. NOTE: Can only be set if type - is integer or number.' + description: |- + Minimum is the minimum of an integer or number variable. + If ExclusiveMinimum is false, the variable is valid if it is greater than, or equal to, the value of Minimum. + If ExclusiveMinimum is true, the variable is valid if it is strictly greater than the value of Minimum. + NOTE: Can only be set if type is integer or number. format: int64 type: integer pattern: - description: 'Pattern is the regex which a string variable - must match. NOTE: Can only be set if type is string.' + description: |- + Pattern is the regex which a string variable must match. + NOTE: Can only be set if type is string. type: string properties: - description: 'Properties specifies fields of an object. - NOTE: Can only be set if type is object. NOTE: Properties - is mutually exclusive with AdditionalProperties. NOTE: - This field uses PreserveUnknownFields and Schemaless, - because recursive validation is not possible.' + description: |- + Properties specifies fields of an object. + NOTE: Can only be set if type is object. + NOTE: Properties is mutually exclusive with AdditionalProperties. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true required: - description: 'Required specifies which fields of an - object are required. NOTE: Can only be set if type - is object.' + description: |- + Required specifies which fields of an object are required. + NOTE: Can only be set if type is object. items: type: string type: array type: - description: 'Type is the type of the variable. Valid - values are: object, array, string, integer, number - or boolean.' + description: |- + Type is the type of the variable. + Valid values are: object, array, string, integer, number or boolean. type: string uniqueItems: - description: 'UniqueItems specifies if items in an array - must be unique. NOTE: Can only be set if type is array.' + description: |- + UniqueItems specifies if items in an array must be unique. + NOTE: Can only be set if type is array. type: boolean x-kubernetes-preserve-unknown-fields: - description: XPreserveUnknownFields allows setting fields - in a variable object which are not defined in the - variable schema. This affects fields recursively, - except if nested properties or additionalProperties - are specified in the schema. + description: |- + XPreserveUnknownFields allows setting fields in a variable object + which are not defined in the variable schema. This affects fields recursively, + except if nested properties or additionalProperties are specified in the schema. type: boolean + x-kubernetes-validations: + description: XValidations describes a list of validation + rules written in the CEL expression language. + items: + description: ValidationRule describes a validation + rule written in the CEL expression language. + properties: + fieldPath: + description: |- + FieldPath represents the field path returned when the validation fails. + It must be a relative JSON path (i.e. with array notation) scoped to the location of this x-kubernetes-validations extension in the schema and refer to an existing field. + e.g. when validation checks if a specific attribute `foo` under a map `testMap`, the fieldPath could be set to `.testMap.foo` + If the validation checks two lists must have unique attributes, the fieldPath could be set to either of the list: e.g. `.testList` + It does not support list numeric index. + It supports child operation to refer to an existing field currently. Refer to [JSONPath support in Kubernetes](https://kubernetes.io/docs/reference/kubectl/jsonpath/) for more info. + Numeric index of array is not supported. + For field name which contains special characters, use `['specialName']` to refer the field name. + e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']` + type: string + message: + description: |- + Message represents the message displayed when validation fails. The message is required if the Rule contains + line breaks. The message must not contain line breaks. + If unset, the message is "failed rule: {Rule}". + e.g. "must be a URL with the host matching spec.host" + type: string + messageExpression: + description: |- + MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. + Since messageExpression is used as a failure message, it must evaluate to a string. + If both message and messageExpression are present on a rule, then messageExpression will be used if validation + fails. If messageExpression results in a runtime error, the validation failure message is produced + as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string + that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset. + messageExpression has access to all the same variables as the rule; the only difference is the return type. + Example: + "x must be less than max ("+string(self.max)+")" + type: string + reason: + default: FieldValueInvalid + description: |- + Reason provides a machine-readable validation failure reason that is returned to the caller when a request fails this validation rule. + The currently supported reasons are: "FieldValueInvalid", "FieldValueForbidden", "FieldValueRequired", "FieldValueDuplicate". + If not set, default to use "FieldValueInvalid". + All future added reasons must be accepted by clients when reading this value and unknown reasons should be treated as FieldValueInvalid. + enum: + - FieldValueInvalid + - FieldValueForbidden + - FieldValueRequired + - FieldValueDuplicate + type: string + rule: + description: "Rule represents the expression which + will be evaluated by CEL.\nref: https://github.com/google/cel-spec\nThe + Rule is scoped to the location of the x-kubernetes-validations + extension in the schema.\nThe `self` variable + in the CEL expression is bound to the scoped + value.\nIf the Rule is scoped to an object with + properties, the accessible properties of the + object are field selectable\nvia `self.field` + and field presence can be checked via `has(self.field)`.\nIf + the Rule is scoped to an object with additionalProperties + (i.e. a map) the value of the map\nare accessible + via `self[mapKey]`, map containment can be checked + via `mapKey in self` and all entries of the + map\nare accessible via CEL macros and functions + such as `self.all(...)`.\nIf the Rule is scoped + to an array, the elements of the array are accessible + via `self[i]` and also by macros and\nfunctions.\nIf + the Rule is scoped to a scalar, `self` is bound + to the scalar value.\nExamples:\n- Rule scoped + to a map of objects: {\"rule\": \"self.components['Widget'].priority + < 10\"}\n- Rule scoped to a list of integers: + {\"rule\": \"self.values.all(value, value >= + 0 && value < 100)\"}\n- Rule scoped to a string + value: {\"rule\": \"self.startsWith('kube')\"}\n\n\nUnknown + data preserved in custom resources via x-kubernetes-preserve-unknown-fields + is not accessible in CEL\nexpressions. This + includes:\n- Unknown field values that are preserved + by object schemas with x-kubernetes-preserve-unknown-fields.\n- + Object properties where the property schema + is of an \"unknown type\". An \"unknown type\" + is recursively defined as:\n - A schema with + no type and x-kubernetes-preserve-unknown-fields + set to true\n - An array where the items schema + is of an \"unknown type\"\n - An object where + the additionalProperties schema is of an \"unknown + type\"\n\n\nOnly property names of the form + `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible.\nAccessible + property names are escaped according to the + following rules when accessed in the expression:\n- + '__' escapes to '__underscores__'\n- '.' escapes + to '__dot__'\n- '-' escapes to '__dash__'\n- + '/' escapes to '__slash__'\n- Property names + that exactly match a CEL RESERVED keyword escape + to '__{keyword}__'. The keywords are:\n\t \"true\", + \"false\", \"null\", \"in\", \"as\", \"break\", + \"const\", \"continue\", \"else\", \"for\", + \"function\", \"if\",\n\t \"import\", \"let\", + \"loop\", \"package\", \"namespace\", \"return\".\nExamples:\n + \ - Rule accessing a property named \"namespace\": + {\"rule\": \"self.__namespace__ > 0\"}\n - + Rule accessing a property named \"x-prop\": + {\"rule\": \"self.x__dash__prop > 0\"}\n - + Rule accessing a property named \"redact__d\": + {\"rule\": \"self.redact__underscores__d > 0\"}\n\n\nIf + `rule` makes use of the `oldSelf` variable it + is implicitly a\n`transition rule`.\n\n\nBy + default, the `oldSelf` variable is the same + type as `self`.\n\n\nTransition rules by default + are applied only on UPDATE requests and are\nskipped + if an old value could not be found." + type: string + required: + - rule + type: object + type: array + x-kubernetes-list-map-keys: + - rule + x-kubernetes-list-type: map + x-metadata: + description: |- + XMetadata is the metadata of a variable or a nested field within a variable. + It can be used to add additional data for higher level tools. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map that can be used to store and + retrieve arbitrary metadata. + They are not queryable. + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) variables. + type: object + type: object required: - type type: object @@ -1073,30 +1348,31 @@ spec: type: object type: array workers: - description: Workers describes the worker nodes for the cluster. It - is a collection of node types which can be used to create the worker - nodes of the cluster. + description: |- + Workers describes the worker nodes for the cluster. + It is a collection of node types which can be used to create + the worker nodes of the cluster. properties: machineDeployments: - description: MachineDeployments is a list of machine deployment - classes that can be used to create a set of worker nodes. + description: |- + MachineDeployments is a list of machine deployment classes that can be used to create + a set of worker nodes. items: - description: MachineDeploymentClass serves as a template to - define a set of worker nodes of the cluster provisioned using - the `ClusterClass`. + description: |- + MachineDeploymentClass serves as a template to define a set of worker nodes of the cluster + provisioned using the `ClusterClass`. properties: class: - description: Class denotes a type of worker node present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachineDeployment. + description: |- + Class denotes a type of worker node present in the cluster, + this name MUST be unique within a ClusterClass and can be referenced + in the Cluster to create a managed MachineDeployment. type: string failureDomain: - description: 'FailureDomain is the failure domain the machines - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. NOTE: This value can - be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' + description: |- + FailureDomain is the failure domain the machines will be created in. + Must match a key in the FailureDomains map stored on the cluster object. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. type: string machineHealthCheck: description: MachineHealthCheck defines a MachineHealthCheck @@ -1106,75 +1382,88 @@ spec: anyOf: - type: integer - type: string - description: Any further remediation is only allowed - if at most "MaxUnhealthy" machines selected by "selector" - are not healthy. + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will - be remediated. If you wish to disable this feature, - set the value explicitly to 0. + description: |- + NodeStartupTimeout allows to set the maximum time for MachineHealthCheck + to consider a Machine unhealthy if a corresponding Node isn't associated + through a `Spec.ProviderID` field. + + + The duration set in this field is compared to the greatest of: + - Cluster's infrastructure ready condition timestamp (if and when available) + - Control Plane's initialized condition timestamp (if and when available) + - Machine's infrastructure ready condition timestamp (if and when available) + - Machine's metadata creation timestamp + + + Defaults to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference to - a remediation template provided by an infrastructure - provider. \n This field is completely optional, when - filled, the MachineHealthCheck controller creates - a new object from the template referenced and hands - off remediation of the machine to a controller that - lives outside of Cluster API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to - the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax - is chosen only to have some well-defined way of - referencing a part of an object. TODO: this design - is not final and this field is subject to change - in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list of - the conditions that determine whether a node is considered - unhealthy. The conditions are combined in a logical - OR, i.e. if any of the conditions is met, the node - is unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node - condition type and value with a timeout specified - as a duration. When the named condition has been - in the given status for at least the timeout value, - a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -1191,22 +1480,22 @@ spec: type: object type: array unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" as - not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - - This means that remediation will be allowed only when: + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) - (b) there are at most 5 unhealthy machines' + (b) there are at most 5 unhealthy machines pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object minReadySeconds: - description: 'Minimum number of seconds for which a newly - created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) NOTE: - This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' + description: |- + Minimum number of seconds for which a newly created machine should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. format: int32 type: integer namingStrategy: @@ -1214,61 +1503,83 @@ spec: used when creating the MachineDeployment. properties: template: - description: 'Template defines the template to use for - generating the name of the MachineDeployment object. - If not defined, it will fallback to `{{ .cluster.name - }}-{{ .machineDeployment.topologyName }}-{{ .random - }}`. If the templated string exceeds 63 characters, - it will be trimmed to 58 characters and will get concatenated - with a random suffix of length 5. The templating mechanism - provides the following arguments: * `.cluster.name`: - The name of the cluster object. * `.random`: A random - alphanumeric string, without vowels, of length 5. - * `.machineDeployment.topologyName`: The name of the - MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name).' + description: |- + Template defines the template to use for generating the name of the MachineDeployment object. + If not defined, it will fallback to `{{ .cluster.name }}-{{ .machineDeployment.topologyName }}-{{ .random }}`. + If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will + get concatenated with a random suffix of length 5. + The templating mechanism provides the following arguments: + * `.cluster.name`: The name of the cluster object. + * `.random`: A random alphanumeric string, without vowels, of length 5. + * `.machineDeployment.topologyName`: The name of the MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name). type: string type: object nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts - after the Machine is marked for deletion. A duration of - 0 will retry deletion indefinitely. Defaults to 10 seconds. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The - default value is 0, meaning that the node can be drained - without any time limitations. NOTE: NodeDrainTimeout is - different from `kubectl drain --timeout` NOTE: This value - can be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. type: string nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, meaning - that the volumes can be detached without any time limitations. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. type: string strategy: - description: 'The deployment strategy to use to replace - existing machines with new ones. NOTE: This value can - be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' + description: |- + The deployment strategy to use to replace existing machines with + new ones. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. properties: + remediation: + description: |- + Remediation controls the strategy of remediating unhealthy machines + and how remediating operations should occur during the lifecycle of the dependant MachineSets. + properties: + maxInFlight: + anyOf: + - type: integer + - type: string + description: |- + MaxInFlight determines how many in flight remediations should happen at the same time. + + + Remediation only happens on the MachineSet with the most current revision, while + older MachineSets (usually present during rollout operations) aren't allowed to remediate. + + + Note: In general (independent of remediations), unhealthy machines are always + prioritized during scale down operations over healthy ones. + + + MaxInFlight can be set to a fixed number or a percentage. + Example: when this is set to 20%, the MachineSet controller deletes at most 20% of + the desired replicas. + + + If not set, remediation is limited to all machines (bounded by replicas) + under the active MachineSet's management. + x-kubernetes-int-or-string: true + type: object rollingUpdate: - description: Rolling update config params. Present only - if MachineDeploymentStrategyType = RollingUpdate. + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. properties: deletePolicy: - description: DeletePolicy defines the policy used - by the MachineDeployment to identify nodes to - delete when downscaling. Valid values are "Random, - "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used + description: |- + DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. + Valid values are "Random, "Newest", "Oldest" + When no value is supplied, the default DeletePolicy of MachineSet is used enum: - Random - Newest @@ -1278,102 +1589,102 @@ spec: anyOf: - type: integer - type: string - description: 'The maximum number of machines that - can be scheduled above the desired number of machines. - Value can be an absolute number (ex: 5) or a percentage - of desired machines (ex: 10%). This can not be - 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 1. - Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling - update starts, such that the total number of old - and new machines do not exceed 130% of desired - machines. Once old machines have been killed, - new MachineSet can be scaled up further, ensuring - that total number of machines running at any time - during the update is at most 130% of desired machines.' + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string - description: 'The maximum number of machines that - can be unavailable during the update. Value can - be an absolute number (ex: 5) or a percentage - of desired machines (ex: 10%). Absolute number - is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. Defaults to - 0. Example: when this is set to 30%, the old MachineSet - can be scaled down to 70% of desired machines - immediately when the rolling update starts. Once - new machines are ready, old MachineSet can be - scaled down further, followed by scaling up the - new MachineSet, ensuring that the total number - of machines available at all times during the - update is at least 70% of desired machines.' + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Allowed values are - RollingUpdate and OnDelete. The default is RollingUpdate. + description: |- + Type of deployment. Allowed values are RollingUpdate and OnDelete. + The default is RollingUpdate. enum: - RollingUpdate - OnDelete type: string type: object template: - description: Template is a local struct containing a collection - of templates for creation of MachineDeployment objects - representing a set of worker nodes. + description: |- + Template is a local struct containing a collection of templates for creation of + MachineDeployment objects representing a set of worker nodes. properties: bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of worker Machines. + description: |- + Bootstrap contains the bootstrap template reference to be used + for the creation of worker Machines. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -1381,54 +1692,53 @@ spec: - ref type: object infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - worker Machines. + description: |- + Infrastructure contains the infrastructure template reference to be used + for the creation of worker Machines. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -1436,27 +1746,27 @@ spec: - ref type: object metadata: - description: Metadata is the metadata applied to the - MachineDeployment and the machines of the MachineDeployment. - At runtime this metadata is merged with the corresponding - metadata from the topology. + description: |- + Metadata is the metadata applied to the MachineDeployment and the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding metadata from the topology. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object required: @@ -1468,34 +1778,39 @@ spec: - template type: object type: array + x-kubernetes-list-map-keys: + - class + x-kubernetes-list-type: map machinePools: - description: MachinePools is a list of machine pool classes that - can be used to create a set of worker nodes. + description: |- + MachinePools is a list of machine pool classes that can be used to create + a set of worker nodes. items: - description: MachinePoolClass serves as a template to define - a pool of worker nodes of the cluster provisioned using `ClusterClass`. + description: |- + MachinePoolClass serves as a template to define a pool of worker nodes of the cluster + provisioned using `ClusterClass`. properties: class: - description: Class denotes a type of machine pool present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachinePool. + description: |- + Class denotes a type of machine pool present in the cluster, + this name MUST be unique within a ClusterClass and can be referenced + in the Cluster to create a managed MachinePool. type: string failureDomains: - description: 'FailureDomains is the list of failure domains - the MachinePool should be attached to. Must match a key - in the FailureDomains map stored on the cluster object. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' + description: |- + FailureDomains is the list of failure domains the MachinePool should be attached to. + Must match a key in the FailureDomains map stored on the cluster object. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. items: type: string type: array minReadySeconds: - description: 'Minimum number of seconds for which a newly - created machine pool should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) NOTE: - This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' + description: |- + Minimum number of seconds for which a newly created machine pool should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) + NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. format: int32 type: integer namingStrategy: @@ -1503,99 +1818,90 @@ spec: used when creating the MachinePool. properties: template: - description: 'Template defines the template to use for - generating the name of the MachinePool object. If - not defined, it will fallback to `{{ .cluster.name - }}-{{ .machinePool.topologyName }}-{{ .random }}`. - If the templated string exceeds 63 characters, it - will be trimmed to 58 characters and will get concatenated - with a random suffix of length 5. The templating mechanism - provides the following arguments: * `.cluster.name`: - The name of the cluster object. * `.random`: A random - alphanumeric string, without vowels, of length 5. - * `.machinePool.topologyName`: The name of the MachinePool - topology (Cluster.spec.topology.workers.machinePools[].name).' + description: |- + Template defines the template to use for generating the name of the MachinePool object. + If not defined, it will fallback to `{{ .cluster.name }}-{{ .machinePool.topologyName }}-{{ .random }}`. + If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will + get concatenated with a random suffix of length 5. + The templating mechanism provides the following arguments: + * `.cluster.name`: The name of the cluster object. + * `.random`: A random alphanumeric string, without vowels, of length 5. + * `.machinePool.topologyName`: The name of the MachinePool topology (Cluster.spec.topology.workers.machinePools[].name). type: string type: object nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts - after the Machine Pool is marked for deletion. A duration - of 0 will retry deletion indefinitely. Defaults to 10 - seconds. NOTE: This value can be overridden while defining - a Cluster.Topology using this MachinePoolClass.' + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine Pool is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The - default value is 0, meaning that the node can be drained - without any time limitations. NOTE: NodeDrainTimeout is - different from `kubectl drain --timeout` NOTE: This value - can be overridden while defining a Cluster.Topology using - this MachinePoolClass.' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. type: string nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, meaning - that the volumes can be detached without any time limitations. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. type: string template: - description: Template is a local struct containing a collection - of templates for creation of MachinePools objects representing - a pool of worker nodes. + description: |- + Template is a local struct containing a collection of templates for creation of + MachinePools objects representing a pool of worker nodes. properties: bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of the Machines - in the MachinePool. + description: |- + Bootstrap contains the bootstrap template reference to be used + for the creation of the Machines in the MachinePool. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -1603,54 +1909,53 @@ spec: - ref type: object infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - the MachinePool. + description: |- + Infrastructure contains the infrastructure template reference to be used + for the creation of the MachinePool. properties: ref: - description: Ref is a required reference to a custom - resource offered by a provider. + description: |- + Ref is a required reference to a custom resource + offered by a provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -1658,26 +1963,27 @@ spec: - ref type: object metadata: - description: Metadata is the metadata applied to the - MachinePool. At runtime this metadata is merged with - the corresponding metadata from the topology. + description: |- + Metadata is the metadata applied to the MachinePool. + At runtime this metadata is merged with the corresponding metadata from the topology. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object required: @@ -1689,6 +1995,9 @@ spec: - template type: object type: array + x-kubernetes-list-map-keys: + - class + x-kubernetes-list-type: map type: object type: object status: @@ -1701,37 +2010,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1758,47 +2067,73 @@ spec: a variable which appears in the status of a ClusterClass. properties: from: - description: From specifies the origin of the variable - definition. This will be `inline` for variables defined - in the ClusterClass or the name of a patch defined in - the ClusterClass for variables discovered from a DiscoverVariables - runtime extensions. + description: |- + From specifies the origin of the variable definition. + This will be `inline` for variables defined in the ClusterClass or the name of a patch defined in the ClusterClass + for variables discovered from a DiscoverVariables runtime extensions. type: string + metadata: + description: |- + Metadata is the metadata of a variable. + It can be used to add additional data for higher level tools to + a ClusterClassVariable. + + + Deprecated: This field is deprecated and is going to be removed in the next apiVersion. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map that can be used to store and + retrieve arbitrary metadata. + They are not queryable. + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) variables. + type: object + type: object required: - description: 'Required specifies if the variable is required. - Note: this applies to the variable as a whole and thus - the top-level object defined in the schema. If nested - fields are required, this will be specified inside the - schema.' + description: |- + Required specifies if the variable is required. + Note: this applies to the variable as a whole and thus the + top-level object defined in the schema. If nested fields are + required, this will be specified inside the schema. type: boolean schema: description: Schema defines the schema of the variable. properties: openAPIV3Schema: - description: OpenAPIV3Schema defines the schema of - a variable via OpenAPI v3 schema. The schema is - a subset of the schema used in Kubernetes CRDs. + description: |- + OpenAPIV3Schema defines the schema of a variable via OpenAPI v3 + schema. The schema is a subset of the schema used in + Kubernetes CRDs. properties: additionalProperties: - description: 'AdditionalProperties specifies the - schema of values in a map (keys are always strings). - NOTE: Can only be set if type is object. NOTE: - AdditionalProperties is mutually exclusive with - Properties. NOTE: This field uses PreserveUnknownFields - and Schemaless, because recursive validation - is not possible.' + description: |- + AdditionalProperties specifies the schema of values in a map (keys are always strings). + NOTE: Can only be set if type is object. + NOTE: AdditionalProperties is mutually exclusive with Properties. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true default: - description: 'Default is the default value of - the variable. NOTE: Can be set for all types.' + description: |- + Default is the default value of the variable. + NOTE: Can be set for all types. x-kubernetes-preserve-unknown-fields: true description: description: Description is a human-readable description of this variable. type: string enum: - description: 'Enum is the list of valid values - of the variable. NOTE: Can be set for all types.' + description: |- + Enum is the list of valid values of the variable. + NOTE: Can be set for all types. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -1806,109 +2141,268 @@ spec: description: Example is an example for this variable. x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: - description: 'ExclusiveMaximum specifies if the - Maximum is exclusive. NOTE: Can only be set - if type is integer or number.' + description: |- + ExclusiveMaximum specifies if the Maximum is exclusive. + NOTE: Can only be set if type is integer or number. type: boolean exclusiveMinimum: - description: 'ExclusiveMinimum specifies if the - Minimum is exclusive. NOTE: Can only be set - if type is integer or number.' + description: |- + ExclusiveMinimum specifies if the Minimum is exclusive. + NOTE: Can only be set if type is integer or number. type: boolean format: - description: 'Format is an OpenAPI v3 format string. - Unknown formats are ignored. For a list of supported - formats please see: (of the k8s.io/apiextensions-apiserver - version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go - NOTE: Can only be set if type is string.' + description: |- + Format is an OpenAPI v3 format string. Unknown formats are ignored. + For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we're currently using) + https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go + NOTE: Can only be set if type is string. type: string items: - description: 'Items specifies fields of an array. - NOTE: Can only be set if type is array. NOTE: - This field uses PreserveUnknownFields and Schemaless, - because recursive validation is not possible.' + description: |- + Items specifies fields of an array. + NOTE: Can only be set if type is array. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true maxItems: - description: 'MaxItems is the max length of an - array variable. NOTE: Can only be set if type - is array.' + description: |- + MaxItems is the max length of an array variable. + NOTE: Can only be set if type is array. format: int64 type: integer maxLength: - description: 'MaxLength is the max length of a - string variable. NOTE: Can only be set if type - is string.' + description: |- + MaxLength is the max length of a string variable. + NOTE: Can only be set if type is string. + format: int64 + type: integer + maxProperties: + description: |- + MaxProperties is the maximum amount of entries in a map or properties in an object. + NOTE: Can only be set if type is object. format: int64 type: integer maximum: - description: 'Maximum is the maximum of an integer - or number variable. If ExclusiveMaximum is false, - the variable is valid if it is lower than, or - equal to, the value of Maximum. If ExclusiveMaximum - is true, the variable is valid if it is strictly - lower than the value of Maximum. NOTE: Can only - be set if type is integer or number.' + description: |- + Maximum is the maximum of an integer or number variable. + If ExclusiveMaximum is false, the variable is valid if it is lower than, or equal to, the value of Maximum. + If ExclusiveMaximum is true, the variable is valid if it is strictly lower than the value of Maximum. + NOTE: Can only be set if type is integer or number. format: int64 type: integer minItems: - description: 'MinItems is the min length of an - array variable. NOTE: Can only be set if type - is array.' + description: |- + MinItems is the min length of an array variable. + NOTE: Can only be set if type is array. format: int64 type: integer minLength: - description: 'MinLength is the min length of a - string variable. NOTE: Can only be set if type - is string.' + description: |- + MinLength is the min length of a string variable. + NOTE: Can only be set if type is string. + format: int64 + type: integer + minProperties: + description: |- + MinProperties is the minimum amount of entries in a map or properties in an object. + NOTE: Can only be set if type is object. format: int64 type: integer minimum: - description: 'Minimum is the minimum of an integer - or number variable. If ExclusiveMinimum is false, - the variable is valid if it is greater than, - or equal to, the value of Minimum. If ExclusiveMinimum - is true, the variable is valid if it is strictly - greater than the value of Minimum. NOTE: Can - only be set if type is integer or number.' + description: |- + Minimum is the minimum of an integer or number variable. + If ExclusiveMinimum is false, the variable is valid if it is greater than, or equal to, the value of Minimum. + If ExclusiveMinimum is true, the variable is valid if it is strictly greater than the value of Minimum. + NOTE: Can only be set if type is integer or number. format: int64 type: integer pattern: - description: 'Pattern is the regex which a string - variable must match. NOTE: Can only be set if - type is string.' + description: |- + Pattern is the regex which a string variable must match. + NOTE: Can only be set if type is string. type: string properties: - description: 'Properties specifies fields of an - object. NOTE: Can only be set if type is object. - NOTE: Properties is mutually exclusive with - AdditionalProperties. NOTE: This field uses - PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' + description: |- + Properties specifies fields of an object. + NOTE: Can only be set if type is object. + NOTE: Properties is mutually exclusive with AdditionalProperties. + NOTE: This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible. x-kubernetes-preserve-unknown-fields: true required: - description: 'Required specifies which fields - of an object are required. NOTE: Can only be - set if type is object.' + description: |- + Required specifies which fields of an object are required. + NOTE: Can only be set if type is object. items: type: string type: array type: - description: 'Type is the type of the variable. - Valid values are: object, array, string, integer, - number or boolean.' + description: |- + Type is the type of the variable. + Valid values are: object, array, string, integer, number or boolean. type: string uniqueItems: - description: 'UniqueItems specifies if items in - an array must be unique. NOTE: Can only be set - if type is array.' + description: |- + UniqueItems specifies if items in an array must be unique. + NOTE: Can only be set if type is array. type: boolean x-kubernetes-preserve-unknown-fields: - description: XPreserveUnknownFields allows setting - fields in a variable object which are not defined - in the variable schema. This affects fields - recursively, except if nested properties or - additionalProperties are specified in the schema. + description: |- + XPreserveUnknownFields allows setting fields in a variable object + which are not defined in the variable schema. This affects fields recursively, + except if nested properties or additionalProperties are specified in the schema. type: boolean + x-kubernetes-validations: + description: XValidations describes a list of + validation rules written in the CEL expression + language. + items: + description: ValidationRule describes a validation + rule written in the CEL expression language. + properties: + fieldPath: + description: |- + FieldPath represents the field path returned when the validation fails. + It must be a relative JSON path (i.e. with array notation) scoped to the location of this x-kubernetes-validations extension in the schema and refer to an existing field. + e.g. when validation checks if a specific attribute `foo` under a map `testMap`, the fieldPath could be set to `.testMap.foo` + If the validation checks two lists must have unique attributes, the fieldPath could be set to either of the list: e.g. `.testList` + It does not support list numeric index. + It supports child operation to refer to an existing field currently. Refer to [JSONPath support in Kubernetes](https://kubernetes.io/docs/reference/kubectl/jsonpath/) for more info. + Numeric index of array is not supported. + For field name which contains special characters, use `['specialName']` to refer the field name. + e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']` + type: string + message: + description: |- + Message represents the message displayed when validation fails. The message is required if the Rule contains + line breaks. The message must not contain line breaks. + If unset, the message is "failed rule: {Rule}". + e.g. "must be a URL with the host matching spec.host" + type: string + messageExpression: + description: |- + MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. + Since messageExpression is used as a failure message, it must evaluate to a string. + If both message and messageExpression are present on a rule, then messageExpression will be used if validation + fails. If messageExpression results in a runtime error, the validation failure message is produced + as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string + that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset. + messageExpression has access to all the same variables as the rule; the only difference is the return type. + Example: + "x must be less than max ("+string(self.max)+")" + type: string + reason: + default: FieldValueInvalid + description: |- + Reason provides a machine-readable validation failure reason that is returned to the caller when a request fails this validation rule. + The currently supported reasons are: "FieldValueInvalid", "FieldValueForbidden", "FieldValueRequired", "FieldValueDuplicate". + If not set, default to use "FieldValueInvalid". + All future added reasons must be accepted by clients when reading this value and unknown reasons should be treated as FieldValueInvalid. + enum: + - FieldValueInvalid + - FieldValueForbidden + - FieldValueRequired + - FieldValueDuplicate + type: string + rule: + description: "Rule represents the expression + which will be evaluated by CEL.\nref: + https://github.com/google/cel-spec\nThe + Rule is scoped to the location of the + x-kubernetes-validations extension in + the schema.\nThe `self` variable in the + CEL expression is bound to the scoped + value.\nIf the Rule is scoped to an object + with properties, the accessible properties + of the object are field selectable\nvia + `self.field` and field presence can be + checked via `has(self.field)`.\nIf the + Rule is scoped to an object with additionalProperties + (i.e. a map) the value of the map\nare + accessible via `self[mapKey]`, map containment + can be checked via `mapKey in self` and + all entries of the map\nare accessible + via CEL macros and functions such as `self.all(...)`.\nIf + the Rule is scoped to an array, the elements + of the array are accessible via `self[i]` + and also by macros and\nfunctions.\nIf + the Rule is scoped to a scalar, `self` + is bound to the scalar value.\nExamples:\n- + Rule scoped to a map of objects: {\"rule\": + \"self.components['Widget'].priority < + 10\"}\n- Rule scoped to a list of integers: + {\"rule\": \"self.values.all(value, value + >= 0 && value < 100)\"}\n- Rule scoped + to a string value: {\"rule\": \"self.startsWith('kube')\"}\n\n\nUnknown + data preserved in custom resources via + x-kubernetes-preserve-unknown-fields is + not accessible in CEL\nexpressions. This + includes:\n- Unknown field values that + are preserved by object schemas with x-kubernetes-preserve-unknown-fields.\n- + Object properties where the property schema + is of an \"unknown type\". An \"unknown + type\" is recursively defined as:\n - + A schema with no type and x-kubernetes-preserve-unknown-fields + set to true\n - An array where the items + schema is of an \"unknown type\"\n - + An object where the additionalProperties + schema is of an \"unknown type\"\n\n\nOnly + property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` + are accessible.\nAccessible property names + are escaped according to the following + rules when accessed in the expression:\n- + '__' escapes to '__underscores__'\n- '.' + escapes to '__dot__'\n- '-' escapes to + '__dash__'\n- '/' escapes to '__slash__'\n- + Property names that exactly match a CEL + RESERVED keyword escape to '__{keyword}__'. + The keywords are:\n\t \"true\", \"false\", + \"null\", \"in\", \"as\", \"break\", \"const\", + \"continue\", \"else\", \"for\", \"function\", + \"if\",\n\t \"import\", \"let\", \"loop\", + \"package\", \"namespace\", \"return\".\nExamples:\n + \ - Rule accessing a property named \"namespace\": + {\"rule\": \"self.__namespace__ > 0\"}\n + \ - Rule accessing a property named \"x-prop\": + {\"rule\": \"self.x__dash__prop > 0\"}\n + \ - Rule accessing a property named \"redact__d\": + {\"rule\": \"self.redact__underscores__d + > 0\"}\n\n\nIf `rule` makes use of the + `oldSelf` variable it is implicitly a\n`transition + rule`.\n\n\nBy default, the `oldSelf` + variable is the same type as `self`.\n\n\nTransition + rules by default are applied only on UPDATE + requests and are\nskipped if an old value + could not be found." + type: string + required: + - rule + type: object + type: array + x-kubernetes-list-map-keys: + - rule + x-kubernetes-list-type: map + x-metadata: + description: |- + XMetadata is the metadata of a variable or a nested field within a variable. + It can be used to add additional data for higher level tools. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map that can be used to store and + retrieve arbitrary metadata. + They are not queryable. + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) variables. + type: object + type: object required: - type type: object @@ -1939,30 +2433,21 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: clusterresourcesetbindings.addons.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -1980,6 +2465,97 @@ spec: singular: clusterresourcesetbinding scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + ClusterResourceSetBinding lists all matching ClusterResourceSets with the cluster it belongs to. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of + ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources + in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet + that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet + has. + items: + description: ResourceBinding shows the status of a resource + that belongs to a ClusterResourceSet matched by the owner + cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied + to the cluster or not. + type: boolean + hash: + description: |- + Hash is the hash of a resource's data. This can be used to decide if a resource is changed. + For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: + Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource + was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same + namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName + type: object + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of ClusterResourceSetBinding jsonPath: .metadata.creationTimestamp @@ -1989,19 +2565,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "ClusterResourceSetBinding lists all matching ClusterResourceSets - with the cluster it belongs to. \n Deprecated: This type will be removed - in one of the next releases." + description: |- + ClusterResourceSetBinding lists all matching ClusterResourceSets with the cluster it belongs to. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2032,10 +2615,9 @@ spec: to the cluster or not. type: boolean hash: - description: Hash is the hash of a resource's data. This - can be used to decide if a resource is changed. For - "ApplyOnce" ClusterResourceSet.spec.strategy, this is - no-op as that strategy does not act on change. + description: |- + Hash is the hash of a resource's data. This can be used to decide if a resource is changed. + For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. type: string kind: description: 'Kind of the resource. Supported kinds are: @@ -2082,14 +2664,19 @@ spec: with the cluster it belongs to. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2120,10 +2707,9 @@ spec: to the cluster or not. type: boolean hash: - description: Hash is the hash of a resource's data. This - can be used to decide if a resource is changed. For - "ApplyOnce" ClusterResourceSet.spec.strategy, this is - no-op as that strategy does not act on change. + description: |- + Hash is the hash of a resource's data. This can be used to decide if a resource is changed. + For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. type: string kind: description: 'Kind of the resource. Supported kinds are: @@ -2153,8 +2739,9 @@ spec: type: object type: array clusterName: - description: 'ClusterName is the name of the Cluster this binding - applies to. Note: this field mandatory in v1beta2.' + description: |- + ClusterName is the name of the Cluster this binding applies to. + Note: this field mandatory in v1beta2. type: string type: object type: object @@ -2162,30 +2749,21 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: clusterresourcesets.addons.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -2203,6 +2781,175 @@ spec: singular: clusterresourceset scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + ClusterResourceSet is the Schema for the clusterresourcesets API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: |- + Label selector for Clusters. The Clusters that are + selected by this will be the ones affected by this ClusterResourceSet. + It must match the Cluster labels. This field is immutable. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each + contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. + properties: + kind: + description: 'Kind of the resource. Supported kinds are: Secrets + and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace + with ClusterResourceSet object. + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. + Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of ClusterResourceSet jsonPath: .metadata.creationTimestamp @@ -2212,18 +2959,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "ClusterResourceSet is the Schema for the clusterresourcesets - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + ClusterResourceSet is the Schema for the clusterresourcesets API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2231,50 +2986,52 @@ spec: description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. properties: clusterSelector: - description: Label selector for Clusters. The Clusters that are selected - by this will be the ones affected by this ClusterResourceSet. It - must match the Cluster labels. This field is immutable. Label selector - cannot be empty. + description: |- + Label selector for Clusters. The Clusters that are + selected by this will be the ones affected by this ClusterResourceSet. + It must match the Cluster labels. This field is immutable. + Label selector cannot be empty. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -2320,37 +3077,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -2380,14 +3137,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2395,50 +3157,52 @@ spec: description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. properties: clusterSelector: - description: Label selector for Clusters. The Clusters that are selected - by this will be the ones affected by this ClusterResourceSet. It - must match the Cluster labels. This field is immutable. Label selector - cannot be empty. + description: |- + Label selector for Clusters. The Clusters that are + selected by this will be the ones affected by this ClusterResourceSet. + It must match the Cluster labels. This field is immutable. + Label selector cannot be empty. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -2485,37 +3249,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -2534,30 +3298,21 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: clusters.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -2578,30 +3333,30 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - description: Time duration since creation of Cluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed jsonPath: .status.phase name: Phase type: string deprecated: true - name: v1alpha4 + name: v1alpha3 schema: openAPIV3Schema: - description: "Cluster is the Schema for the clusters API. \n Deprecated: This - type will be removed in one of the next releases." + description: Cluster is the Schema for the clusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2612,8 +3367,9 @@ spec: description: Cluster network configuration. properties: apiServerPort: - description: APIServerPort specifies the port the API Server should - bind to. Defaults to 6443. + description: |- + APIServerPort specifies the port the API Server should bind to. + Defaults to 6443. format: int32 type: integer pods: @@ -2656,80 +3412,94 @@ spec: - port type: object controlPlaneRef: - description: ControlPlaneRef is an optional reference to a provider-specific - resource that holds the details for provisioning the Control Plane - for a Cluster. + description: |- + ControlPlaneRef is an optional reference to a provider-specific resource that holds + the details for provisioning the Control Plane for a Cluster. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic infrastructureRef: - description: InfrastructureRef is a reference to a provider-specific - resource that holds the details for provisioning infrastructure - for a cluster in said provider. + description: |- + InfrastructureRef is a reference to a provider-specific resource that holds the details + for provisioning infrastructure for a cluster in said provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -2737,122 +3507,410 @@ spec: description: Paused can be used to prevent controllers from processing the Cluster and all its associated objects. type: boolean - topology: - description: 'This encapsulates the topology for the cluster. NOTE: - It is required to enable the ClusterTopology feature gate flag to - activate managed topologies support; this feature is highly experimental, - and parts of it might still be not implemented.' - properties: - class: - description: The name of the ClusterClass object to create the - topology. - type: string - controlPlane: - description: ControlPlane describes the cluster control plane. - properties: + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + controlPlaneInitialized: + description: ControlPlaneInitialized defines if the control plane + has been initialized. + type: boolean + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced + from the infrastructure provider. + type: object + failureMessage: + description: |- + FailureMessage indicates that there is a fatal problem reconciling the + state, and will be set to a descriptive error message. + type: string + failureReason: + description: |- + FailureReason indicates that there is a fatal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: |- + Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of Cluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: |- + Cluster is the Schema for the clusters API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. + properties: + apiServerPort: + description: |- + APIServerPort specifies the port the API Server should bind to. + Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. + type: string + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: |- + ControlPlaneRef is an optional reference to a provider-specific resource that holds + the details for provisioning the Control Plane for a Cluster. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + infrastructureRef: + description: |- + InfrastructureRef is a reference to a provider-specific resource that holds the details + for provisioning infrastructure for a cluster in said provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing + the Cluster and all its associated objects. + type: boolean + topology: + description: |- + This encapsulates the topology for the cluster. + NOTE: It is required to enable the ClusterTopology + feature gate flag to activate managed topologies support; + this feature is highly experimental, and parts of it might still be not implemented. + properties: + class: + description: The name of the ClusterClass object to create the + topology. + type: string + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: metadata: - description: "Metadata is the metadata applied to the machines - of the ControlPlane. At runtime this metadata is merged - with the corresponding metadata from the ClusterClass. \n - This field is supported if and only if the control plane - provider template referenced in the ClusterClass is Machine - based." + description: |- + Metadata is the metadata applied to the machines of the ControlPlane. + At runtime this metadata is merged with the corresponding metadata from the ClusterClass. + + + This field is supported if and only if the control plane provider template + referenced in the ClusterClass is Machine based. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object replicas: - description: Replicas is the number of control plane nodes. - If the value is nil, the ControlPlane object is created - without the number of Replicas and it's assumed that the - control plane controller does not implement support for - this field. When specified against a control plane provider - that lacks support for this field, this value will be ignored. + description: |- + Replicas is the number of control plane nodes. + If the value is nil, the ControlPlane object is created without the number of Replicas + and it's assumed that the control plane controller does not implement support for this field. + When specified against a control plane provider that lacks support for this field, this value will be ignored. format: int32 type: integer type: object rolloutAfter: - description: RolloutAfter performs a rollout of the entire cluster - one component at a time, control plane first and then machine - deployments. + description: |- + RolloutAfter performs a rollout of the entire cluster one component at a time, + control plane first and then machine deployments. format: date-time type: string version: description: The Kubernetes version of the cluster. type: string workers: - description: Workers encapsulates the different constructs that - form the worker nodes for the cluster. + description: |- + Workers encapsulates the different constructs that form the worker nodes + for the cluster. properties: machineDeployments: description: MachineDeployments is a list of machine deployments in the cluster. items: - description: MachineDeploymentTopology specifies the different - parameters for a set of worker nodes in the topology. - This set of nodes is managed by a MachineDeployment object - whose lifecycle is managed by the Cluster controller. + description: |- + MachineDeploymentTopology specifies the different parameters for a set of worker nodes in the topology. + This set of nodes is managed by a MachineDeployment object whose lifecycle is managed by the Cluster controller. properties: class: - description: Class is the name of the MachineDeploymentClass - used to create the set of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. + description: |- + Class is the name of the MachineDeploymentClass used to create the set of worker nodes. + This should match one of the deployment classes defined in the ClusterClass object + mentioned in the `Cluster.Spec.Class` field. type: string metadata: - description: Metadata is the metadata applied to the - machines of the MachineDeployment. At runtime this - metadata is merged with the corresponding metadata - from the ClusterClass. + description: |- + Metadata is the metadata applied to the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding metadata from the ClusterClass. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object name: - description: Name is the unique identifier for this - MachineDeploymentTopology. The value is used with - other unique identifiers to create a MachineDeployment's - Name (e.g. cluster's name, etc). In case the name - is greater than the allowed maximum length, the values - are hashed together. + description: |- + Name is the unique identifier for this MachineDeploymentTopology. + The value is used with other unique identifiers to create a MachineDeployment's Name + (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, + the values are hashed together. type: string replicas: - description: Replicas is the number of worker nodes - belonging to this set. If the value is nil, the MachineDeployment - is created without the number of Replicas (defaulting - to zero) and it's assumed that an external entity - (like cluster autoscaler) is responsible for the management + description: |- + Replicas is the number of worker nodes belonging to this set. + If the value is nil, the MachineDeployment is created without the number of Replicas (defaulting to zero) + and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. format: int32 type: integer @@ -2877,37 +3935,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -2919,9 +3977,9 @@ spec: type: boolean failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -2938,13 +3996,15 @@ spec: from the infrastructure provider. type: object failureMessage: - description: FailureMessage indicates that there is a fatal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + FailureMessage indicates that there is a fatal problem reconciling the + state, and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a fatal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. + description: |- + FailureReason indicates that there is a fatal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure @@ -2956,7 +4016,8 @@ spec: format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: |- + Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. type: string type: object @@ -2989,14 +4050,19 @@ spec: description: Cluster is the Schema for the clusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3007,8 +4073,9 @@ spec: description: Cluster network configuration. properties: apiServerPort: - description: APIServerPort specifies the port the API Server should - bind to. Defaults to 6443. + description: |- + APIServerPort specifies the port the API Server should bind to. + Defaults to 6443. format: int32 type: integer pods: @@ -3051,80 +4118,94 @@ spec: - port type: object controlPlaneRef: - description: ControlPlaneRef is an optional reference to a provider-specific - resource that holds the details for provisioning the Control Plane - for a Cluster. + description: |- + ControlPlaneRef is an optional reference to a provider-specific resource that holds + the details for provisioning the Control Plane for a Cluster. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic infrastructureRef: - description: InfrastructureRef is a reference to a provider-specific - resource that holds the details for provisioning infrastructure - for a cluster in said provider. + description: |- + InfrastructureRef is a reference to a provider-specific resource that holds the details + for provisioning infrastructure for a cluster in said provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -3133,10 +4214,11 @@ spec: the Cluster and all its associated objects. type: boolean topology: - description: 'This encapsulates the topology for the cluster. NOTE: - It is required to enable the ClusterTopology feature gate flag to - activate managed topologies support; this feature is highly experimental, - and parts of it might still be not implemented.' + description: |- + This encapsulates the topology for the cluster. + NOTE: It is required to enable the ClusterTopology + feature gate flag to activate managed topologies support; + this feature is highly experimental, and parts of it might still be not implemented. properties: class: description: The name of the ClusterClass object to create the @@ -3146,92 +4228,111 @@ spec: description: ControlPlane describes the cluster control plane. properties: machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration in the - ClusterClass for this control plane. + description: |- + MachineHealthCheck allows to enable, disable and override + the MachineHealthCheck configuration in the ClusterClass for this control plane. properties: enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n If false: - No MachineHealthCheck will be created. \n If not set(default): - A MachineHealthCheck will be created if it is defined - here or in the associated ClusterClass. If no MachineHealthCheck - is defined then none will be created. \n If true: A - MachineHealthCheck is guaranteed to be created. Cluster - validation will block if `enable` is true and no MachineHealthCheck - definition is available." + description: |- + Enable controls if a MachineHealthCheck should be created for the target machines. + + + If false: No MachineHealthCheck will be created. + + + If not set(default): A MachineHealthCheck will be created if it is defined here or + in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created. + + + If true: A MachineHealthCheck is guaranteed to be created. Cluster validation will + block if `enable` is true and no MachineHealthCheck definition is available. type: boolean maxUnhealthy: anyOf: - type: integer - type: string - description: Any further remediation is only allowed if - at most "MaxUnhealthy" machines selected by "selector" - are not healthy. + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will be - remediated. If you wish to disable this feature, set - the value explicitly to 0. + description: |- + NodeStartupTimeout allows to set the maximum time for MachineHealthCheck + to consider a Machine unhealthy if a corresponding Node isn't associated + through a `Spec.ProviderID` field. + + + The duration set in this field is compared to the greatest of: + - Cluster's infrastructure ready condition timestamp (if and when available) + - Control Plane's initialized condition timestamp (if and when available) + - Machine's infrastructure ready condition timestamp (if and when available) + - Machine's metadata creation timestamp + + + Defaults to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference to a - remediation template provided by an infrastructure provider. - \n This field is completely optional, when filled, the - MachineHealthCheck controller creates a new object from - the template referenced and hands off remediation of - the machine to a controller that lives outside of Cluster - API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list of the - conditions that determine whether a node is considered - unhealthy. The conditions are combined in a logical - OR, i.e. if any of the conditions is met, the node is - unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node condition - type and value with a timeout specified as a duration. When - the named condition has been in the given status for - at least the timeout value, a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -3248,236 +4349,288 @@ spec: type: object type: array unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" as - not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This - means that remediation will be allowed only when: (a) - there are at least 3 unhealthy machines (and) (b) there - are at most 5 unhealthy machines' + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object metadata: - description: Metadata is the metadata applied to the ControlPlane - and the Machines of the ControlPlane if the ControlPlaneTemplate - referenced by the ClusterClass is machine based. If not, - it is applied only to the ControlPlane. At runtime this - metadata is merged with the corresponding metadata from - the ClusterClass. + description: |- + Metadata is the metadata applied to the ControlPlane and the Machines of the ControlPlane + if the ControlPlaneTemplate referenced by the ClusterClass is machine based. If not, it + is applied only to the ControlPlane. + At runtime this metadata is merged with the corresponding metadata from the ClusterClass. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string replicas: - description: Replicas is the number of control plane nodes. - If the value is nil, the ControlPlane object is created - without the number of Replicas and it's assumed that the - control plane controller does not implement support for - this field. When specified against a control plane provider - that lacks support for this field, this value will be ignored. + description: |- + Replicas is the number of control plane nodes. + If the value is nil, the ControlPlane object is created without the number of Replicas + and it's assumed that the control plane controller does not implement support for this field. + When specified against a control plane provider that lacks support for this field, this value will be ignored. format: int32 type: integer + variables: + description: Variables can be used to customize the ControlPlane + through patches. + properties: + overrides: + description: Overrides can be used to override Cluster + level variables. + items: + description: |- + ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a + Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: |- + DefinitionFrom specifies where the definition of this Variable is from. + + + Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. + type: string + name: + description: Name of the variable. + type: string + value: + description: |- + Value of the variable. + Note: the value will be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. + Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a + hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. + Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111 + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object type: object rolloutAfter: - description: "RolloutAfter performs a rollout of the entire cluster - one component at a time, control plane first and then machine - deployments. \n Deprecated: This field has no function and is - going to be removed in the next apiVersion." + description: |- + RolloutAfter performs a rollout of the entire cluster one component at a time, + control plane first and then machine deployments. + + + Deprecated: This field has no function and is going to be removed in the next apiVersion. format: date-time type: string variables: - description: Variables can be used to customize the Cluster through - patches. They must comply to the corresponding VariableClasses - defined in the ClusterClass. + description: |- + Variables can be used to customize the Cluster through + patches. They must comply to the corresponding + VariableClasses defined in the ClusterClass. items: - description: ClusterVariable can be used to customize the Cluster - through patches. Each ClusterVariable is associated with a + description: |- + ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a Variable definition in the ClusterClass `status` variables. properties: definitionFrom: - description: 'DefinitionFrom specifies where the definition - of this Variable is from. DefinitionFrom is `inline` when - the definition is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass `.spec.patches` - where the patch is external and provides external variables. - This field is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' + description: |- + DefinitionFrom specifies where the definition of this Variable is from. + + + Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. type: string name: description: Name of the variable. type: string value: - description: 'Value of the variable. Note: the value will - be validated against the schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to use apiextensionsv1.JSON - instead of a custom JSON type, because controller-tools - has a hard-coded schema for apiextensionsv1.JSON which - cannot be produced by another type via controller-tools, - i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + description: |- + Value of the variable. + Note: the value will be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. + Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a + hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. + Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111 x-kubernetes-preserve-unknown-fields: true required: - name - value type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map version: description: The Kubernetes version of the cluster. type: string workers: - description: Workers encapsulates the different constructs that - form the worker nodes for the cluster. + description: |- + Workers encapsulates the different constructs that form the worker nodes + for the cluster. properties: machineDeployments: description: MachineDeployments is a list of machine deployments in the cluster. items: - description: MachineDeploymentTopology specifies the different - parameters for a set of worker nodes in the topology. - This set of nodes is managed by a MachineDeployment object - whose lifecycle is managed by the Cluster controller. + description: |- + MachineDeploymentTopology specifies the different parameters for a set of worker nodes in the topology. + This set of nodes is managed by a MachineDeployment object whose lifecycle is managed by the Cluster controller. properties: class: - description: Class is the name of the MachineDeploymentClass - used to create the set of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. + description: |- + Class is the name of the MachineDeploymentClass used to create the set of worker nodes. + This should match one of the deployment classes defined in the ClusterClass object + mentioned in the `Cluster.Spec.Class` field. type: string failureDomain: - description: FailureDomain is the failure domain the - machines will be created in. Must match a key in the - FailureDomains map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machines will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration - in the ClusterClass for this MachineDeployment. + description: |- + MachineHealthCheck allows to enable, disable and override + the MachineHealthCheck configuration in the ClusterClass for this MachineDeployment. properties: enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n + description: |- + Enable controls if a MachineHealthCheck should be created for the target machines. + + If false: No MachineHealthCheck will be created. - \n If not set(default): A MachineHealthCheck will - be created if it is defined here or in the associated - ClusterClass. If no MachineHealthCheck is defined - then none will be created. \n If true: A MachineHealthCheck - is guaranteed to be created. Cluster validation - will block if `enable` is true and no MachineHealthCheck - definition is available." + + + If not set(default): A MachineHealthCheck will be created if it is defined here or + in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created. + + + If true: A MachineHealthCheck is guaranteed to be created. Cluster validation will + block if `enable` is true and no MachineHealthCheck definition is available. type: boolean maxUnhealthy: anyOf: - type: integer - type: string - description: Any further remediation is only allowed - if at most "MaxUnhealthy" machines selected by + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will - be remediated. If you wish to disable this feature, - set the value explicitly to 0. + description: |- + NodeStartupTimeout allows to set the maximum time for MachineHealthCheck + to consider a Machine unhealthy if a corresponding Node isn't associated + through a `Spec.ProviderID` field. + + + The duration set in this field is compared to the greatest of: + - Cluster's infrastructure ready condition timestamp (if and when available) + - Control Plane's initialized condition timestamp (if and when available) + - Machine's infrastructure ready condition timestamp (if and when available) + - Machine's metadata creation timestamp + + + Defaults to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference - to a remediation template provided by an infrastructure - provider. \n This field is completely optional, - when filled, the MachineHealthCheck controller - creates a new object from the template referenced - and hands off remediation of the machine to a - controller that lives outside of Cluster API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list - of the conditions that determine whether a node - is considered unhealthy. The conditions are combined - in a logical OR, i.e. if any of the conditions - is met, the node is unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node - condition type and value with a timeout specified - as a duration. When the named condition has - been in the given status for at least the timeout - value, a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -3494,101 +4647,124 @@ spec: type: object type: array unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" - as not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - - This means that remediation will be allowed - only when: (a) there are at least 3 unhealthy - machines (and) (b) there are at most 5 unhealthy - machines' + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object metadata: - description: Metadata is the metadata applied to the - MachineDeployment and the machines of the MachineDeployment. - At runtime this metadata is merged with the corresponding - metadata from the ClusterClass. + description: |- + Metadata is the metadata applied to the MachineDeployment and the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding metadata from the ClusterClass. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object minReadySeconds: - description: Minimum number of seconds for which a newly - created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) + description: |- + Minimum number of seconds for which a newly created machine should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) format: int32 type: integer name: - description: Name is the unique identifier for this - MachineDeploymentTopology. The value is used with - other unique identifiers to create a MachineDeployment's - Name (e.g. cluster's name, etc). In case the name - is greater than the allowed maximum length, the values - are hashed together. + description: |- + Name is the unique identifier for this MachineDeploymentTopology. + The value is used with other unique identifiers to create a MachineDeployment's Name + (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, + the values are hashed together. type: string nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - Machine hosts after the Machine is marked for deletion. - A duration of 0 will retry deletion indefinitely. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string replicas: - description: Replicas is the number of worker nodes - belonging to this set. If the value is nil, the MachineDeployment - is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management + description: |- + Replicas is the number of worker nodes belonging to this set. + If the value is nil, the MachineDeployment is created without the number of Replicas (defaulting to 1) + and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. format: int32 type: integer strategy: - description: The deployment strategy to use to replace - existing machines with new ones. + description: |- + The deployment strategy to use to replace existing machines with + new ones. properties: + remediation: + description: |- + Remediation controls the strategy of remediating unhealthy machines + and how remediating operations should occur during the lifecycle of the dependant MachineSets. + properties: + maxInFlight: + anyOf: + - type: integer + - type: string + description: |- + MaxInFlight determines how many in flight remediations should happen at the same time. + + + Remediation only happens on the MachineSet with the most current revision, while + older MachineSets (usually present during rollout operations) aren't allowed to remediate. + + + Note: In general (independent of remediations), unhealthy machines are always + prioritized during scale down operations over healthy ones. + + + MaxInFlight can be set to a fixed number or a percentage. + Example: when this is set to 20%, the MachineSet controller deletes at most 20% of + the desired replicas. + + + If not set, remediation is limited to all machines (bounded by replicas) + under the active MachineSet's management. + x-kubernetes-int-or-string: true + type: object rollingUpdate: - description: Rolling update config params. Present - only if MachineDeploymentStrategyType = RollingUpdate. + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. properties: deletePolicy: - description: DeletePolicy defines the policy - used by the MachineDeployment to identify - nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value - is supplied, the default DeletePolicy of MachineSet - is used + description: |- + DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. + Valid values are "Random, "Newest", "Oldest" + When no value is supplied, the default DeletePolicy of MachineSet is used enum: - Random - Newest @@ -3598,48 +4774,44 @@ spec: anyOf: - type: integer - type: string - description: 'The maximum number of machines - that can be scheduled above the desired number - of machines. Value can be an absolute number - (ex: 5) or a percentage of desired machines - (ex: 10%). This can not be 0 if MaxUnavailable - is 0. Absolute number is calculated from percentage - by rounding up. Defaults to 1. Example: when - this is set to 30%, the new MachineSet can - be scaled up immediately when the rolling - update starts, such that the total number - of old and new machines do not exceed 130% - of desired machines. Once old machines have - been killed, new MachineSet can be scaled - up further, ensuring that total number of - machines running at any time during the update - is at most 130% of desired machines.' + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string - description: 'The maximum number of machines - that can be unavailable during the update. - Value can be an absolute number (ex: 5) or - a percentage of desired machines (ex: 10%). - Absolute number is calculated from percentage - by rounding down. This can not be 0 if MaxSurge - is 0. Defaults to 0. Example: when this is - set to 30%, the old MachineSet can be scaled - down to 70% of desired machines immediately - when the rolling update starts. Once new machines - are ready, old MachineSet can be scaled down - further, followed by scaling up the new MachineSet, - ensuring that the total number of machines - available at all times during the update is - at least 70% of desired machines.' + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Allowed values - are RollingUpdate and OnDelete. The default is - RollingUpdate. + description: |- + Type of deployment. Allowed values are RollingUpdate and OnDelete. + The default is RollingUpdate. enum: - RollingUpdate - OnDelete @@ -3653,138 +4825,129 @@ spec: description: Overrides can be used to override Cluster level variables. items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. + description: |- + ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a + Variable definition in the ClusterClass `status` variables. properties: definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' + description: |- + DefinitionFrom specifies where the definition of this Variable is from. + + + Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. type: string name: description: Name of the variable. type: string value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + description: |- + Value of the variable. + Note: the value will be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. + Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a + hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. + Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111 x-kubernetes-preserve-unknown-fields: true required: - name - value type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map type: object required: - class - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map machinePools: description: MachinePools is a list of machine pools in the cluster. items: - description: MachinePoolTopology specifies the different - parameters for a pool of worker nodes in the topology. - This pool of nodes is managed by a MachinePool object - whose lifecycle is managed by the Cluster controller. + description: |- + MachinePoolTopology specifies the different parameters for a pool of worker nodes in the topology. + This pool of nodes is managed by a MachinePool object whose lifecycle is managed by the Cluster controller. properties: class: - description: Class is the name of the MachinePoolClass - used to create the pool of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. + description: |- + Class is the name of the MachinePoolClass used to create the pool of worker nodes. + This should match one of the deployment classes defined in the ClusterClass object + mentioned in the `Cluster.Spec.Class` field. type: string failureDomains: - description: FailureDomains is the list of failure domains - the machine pool will be created in. Must match a - key in the FailureDomains map stored on the cluster - object. + description: |- + FailureDomains is the list of failure domains the machine pool will be created in. + Must match a key in the FailureDomains map stored on the cluster object. items: type: string type: array metadata: - description: Metadata is the metadata applied to the - MachinePool. At runtime this metadata is merged with - the corresponding metadata from the ClusterClass. + description: |- + Metadata is the metadata applied to the MachinePool. + At runtime this metadata is merged with the corresponding metadata from the ClusterClass. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object minReadySeconds: - description: Minimum number of seconds for which a newly - created machine pool should be ready. Defaults to - 0 (machine will be considered available as soon as - it is ready) + description: |- + Minimum number of seconds for which a newly created machine pool should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) format: int32 type: integer name: - description: Name is the unique identifier for this - MachinePoolTopology. The value is used with other - unique identifiers to create a MachinePool's Name - (e.g. cluster's name, etc). In case the name is greater - than the allowed maximum length, the values are hashed - together. + description: |- + Name is the unique identifier for this MachinePoolTopology. + The value is used with other unique identifiers to create a MachinePool's Name + (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, + the values are hashed together. type: string nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - MachinePool hosts after the MachinePool is marked - for deletion. A duration of 0 will retry deletion - indefinitely. Defaults to 10 seconds. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the MachinePool + hosts after the MachinePool is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string replicas: - description: Replicas is the number of nodes belonging - to this pool. If the value is nil, the MachinePool - is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management + description: |- + Replicas is the number of nodes belonging to this pool. + If the value is nil, the MachinePool is created without the number of Replicas (defaulting to 1) + and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. format: int32 type: integer @@ -3796,48 +4959,47 @@ spec: description: Overrides can be used to override Cluster level variables. items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. + description: |- + ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a + Variable definition in the ClusterClass `status` variables. properties: definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' + description: |- + DefinitionFrom specifies where the definition of this Variable is from. + + + Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. type: string name: description: Name of the variable. type: string value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + description: |- + Value of the variable. + Note: the value will be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. + Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a + hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. + Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111 x-kubernetes-preserve-unknown-fields: true required: - name - value type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map type: object required: - class - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map type: object required: - class @@ -3854,37 +5016,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -3893,13 +5055,18 @@ spec: type: object type: array controlPlaneReady: - description: ControlPlaneReady defines if the control plane is ready. + description: |- + ControlPlaneReady denotes if the control plane became ready during initial provisioning + to receive requests. + NOTE: this field is part of the Cluster API contract and it is used to orchestrate provisioning. + The value of this field is never updated after provisioning is completed. Please use conditions + to check the operational state of the control plane. type: boolean failureDomains: additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + description: |- + FailureDomainSpec is the Schema for Cluster API failure domains. + It allows controllers to understand how many failure domains a cluster can optionally span across. properties: attributes: additionalProperties: @@ -3916,13 +5083,15 @@ spec: from the infrastructure provider. type: object failureMessage: - description: FailureMessage indicates that there is a fatal problem - reconciling the state, and will be set to a descriptive error message. + description: |- + FailureMessage indicates that there is a fatal problem reconciling the + state, and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a fatal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. + description: |- + FailureReason indicates that there is a fatal problem reconciling the + state, and will be set to a token value suitable for + programmatic interpretation. type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure @@ -3934,7 +5103,8 @@ spec: format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: |- + Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. type: string type: object @@ -3943,22 +5113,14 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: extensionconfigs.runtime.cluster.x-k8s.io spec: group: runtime.cluster.x-k8s.io @@ -3984,14 +5146,19 @@ spec: description: ExtensionConfig is the Schema for the ExtensionConfig API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4008,10 +5175,12 @@ spec: format: byte type: string service: - description: "Service is a reference to the Kubernetes service - for the Extension server. Note: Exactly one of `url` or `service` - must be specified. \n If the Extension server is running within - a cluster, then you should use `service`." + description: |- + Service is a reference to the Kubernetes service for the Extension server. + Note: Exactly one of `url` or `service` must be specified. + + + If the Extension server is running within a cluster, then you should use `service`. properties: name: description: Name is the name of the service. @@ -4020,14 +5189,15 @@ spec: description: Namespace is the namespace of the service. type: string path: - description: Path is an optional URL path and if present may - be any string permissible in a URL. If a path is set it - will be used as prefix to the hook-specific path. + description: |- + Path is an optional URL path and if present may be any string permissible in + a URL. If a path is set it will be used as prefix to the hook-specific path. type: string port: - description: Port is the port on the service that's hosting - the Extension server. Defaults to 443. Port should be a - valid port number (1-65535, inclusive). + description: |- + Port is the port on the service that's hosting the Extension server. + Defaults to 443. + Port should be a valid port number (1-65535, inclusive). format: int32 type: integer required: @@ -4035,72 +5205,84 @@ spec: - namespace type: object url: - description: "URL gives the location of the Extension server, - in standard URL form (`scheme://host:port/path`). Note: Exactly - one of `url` or `service` must be specified. \n The scheme must - be \"https\". \n The `host` should not refer to a service running - in the cluster; use the `service` field instead. \n A path is - optional, and if present may be any string permissible in a - URL. If a path is set it will be used as prefix to the hook-specific - path. \n Attempting to use a user or basic auth e.g. \"user:password@\" - is not allowed. Fragments (\"#...\") and query parameters (\"?...\") - are not allowed either." + description: |- + URL gives the location of the Extension server, in standard URL form + (`scheme://host:port/path`). + Note: Exactly one of `url` or `service` must be specified. + + + The scheme must be "https". + + + The `host` should not refer to a service running in the cluster; use + the `service` field instead. + + + A path is optional, and if present may be any string permissible in + a URL. If a path is set it will be used as prefix to the hook-specific path. + + + Attempting to use a user or basic auth e.g. "user:password@" is not + allowed. Fragments ("#...") and query parameters ("?...") are not + allowed either. type: string type: object namespaceSelector: - description: NamespaceSelector decides whether to call the hook for - an object based on whether the namespace for that object matches - the selector. Defaults to the empty LabelSelector, which matches - all objects. + description: |- + NamespaceSelector decides whether to call the hook for an object based + on whether the namespace for that object matches the selector. + Defaults to the empty LabelSelector, which matches all objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic settings: additionalProperties: type: string - description: 'Settings defines key value pairs to be passed to all - calls to all supported RuntimeExtensions. Note: Settings can be - overridden on the ClusterClass.' + description: |- + Settings defines key value pairs to be passed to all calls + to all supported RuntimeExtensions. + Note: Settings can be overridden on the ClusterClass. type: object required: - clientConfig @@ -4115,37 +5297,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -4161,9 +5343,9 @@ spec: for a particular runtime hook registered by an Extension server. properties: failurePolicy: - description: FailurePolicy defines how failures in calls to - the ExtensionHandler should be handled by a client. Defaults - to Fail if not set. + description: |- + FailurePolicy defines how failures in calls to the ExtensionHandler should be handled by a client. + Defaults to Fail if not set. type: string name: description: Name is the unique name of the ExtensionHandler. @@ -4184,9 +5366,9 @@ spec: - hook type: object timeoutSeconds: - description: TimeoutSeconds defines the timeout duration for - client calls to the ExtensionHandler. Defaults to 10 is not - set. + description: |- + TimeoutSeconds defines the timeout duration for client calls to the ExtensionHandler. + Defaults to 10 is not set. format: int32 type: integer required: @@ -4203,22 +5385,14 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: ipaddressclaims.ipam.cluster.x-k8s.io spec: group: ipam.cluster.x-k8s.io @@ -4250,14 +5424,19 @@ spec: description: IPAddressClaim is the Schema for the ipaddressclaim API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4269,10 +5448,10 @@ spec: should be created. properties: apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -4296,8 +5475,15 @@ spec: for this claim. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -4308,37 +5494,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -4371,29 +5557,38 @@ spec: description: IPAddressClaim is the Schema for the ipaddressclaim API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: IPAddressClaimSpec is the desired state of an IPAddressClaim. properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + type: string poolRef: description: PoolRef is a reference to the pool from which an IP address should be created. properties: apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -4417,8 +5612,15 @@ spec: for this claim. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -4429,37 +5631,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -4473,22 +5675,14 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: ipaddresses.ipam.cluster.x-k8s.io spec: group: ipam.cluster.x-k8s.io @@ -4524,14 +5718,19 @@ spec: description: IPAddress is the Schema for the ipaddress API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4546,8 +5745,15 @@ spec: created for. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -4560,10 +5766,10 @@ spec: was created from. properties: apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -4612,14 +5818,19 @@ spec: description: IPAddress is the Schema for the ipaddress API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4634,8 +5845,15 @@ spec: created for. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -4648,10 +5866,10 @@ spec: was created from. properties: apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -4677,30 +5895,21 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: machinedeployments.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -4721,14 +5930,6 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of MachineDeployment - jsonPath: .metadata.creationTimestamp - name: Age - type: date - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown jsonPath: .status.phase name: Phase @@ -4751,21 +5952,29 @@ spec: name: Unavailable type: integer deprecated: true - name: v1alpha4 + name: v1alpha3 schema: openAPIV3Schema: - description: "MachineDeployment is the Schema for the machinedeployments API. - \n Deprecated: This type will be removed in one of the next releases." + description: |- + MachineDeployment is the Schema for the machinedeployments API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4778,222 +5987,800 @@ spec: minLength: 1 type: string minReadySeconds: - description: Minimum number of seconds for which a newly created machine - should be ready. Defaults to 0 (machine will be considered available - as soon as it is ready) + description: |- + Minimum number of seconds for which a newly created machine should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) format: int32 type: integer paused: description: Indicates that the deployment is paused. type: boolean progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. + description: |- + The maximum time in seconds for a deployment to make progress before it + is considered to be failed. The deployment controller will continue to + process failed deployments and a condition with a ProgressDeadlineExceeded + reason will be surfaced in the deployment status. Note that progress will + not be estimated during the time a deployment is paused. Defaults to 600s. format: int32 type: integer replicas: - default: 1 - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. + description: |- + Number of desired machines. Defaults to 1. + This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. + description: |- + The number of old MachineSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. format: int32 type: integer selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. + description: |- + Label selector for machines. Existing MachineSets whose machines are + selected by this will be the ones affected by this deployment. + It must match the machine template's labels. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic strategy: - description: The deployment strategy to use to replace existing machines - with new ones. + description: |- + The deployment strategy to use to replace existing machines with + new ones. properties: rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. properties: - deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest - type: string maxSurge: anyOf: - type: integer - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete + description: |- + Type of deployment. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. type: string type: object template: description: Template describes the machines that will be created. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique + name ONLY IF the Name field has not been provided. + If this field is used, the name returned to the client will be different + than the name passed. This value will also be combined with a unique suffix. + The provided value has the same validation rules as the Name field, + and may be truncated by the length of the suffix required to make the value + unique on the server. + + + If this field is specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created or 500 with Reason + ServerTimeout indicating a unique name could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the Retry-After header). + + + Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is + equivalent to the "default" namespace, but "default" is the canonical representation. + Not all objects are required to be scoped to a namespace - the value of this field for + those objects will be empty. + + + Must be a DNS_LABEL. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + ownerReferences: + description: |- + List of objects depended by this object. If ALL objects in the list have + been deleted, this object will be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + + + Deprecated: This field has no function and is going to be removed in a next release. + items: + description: |- + OwnerReference contains enough information to let you identify an owning + object. An owning object must be in the same namespace as the dependent, or + be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: |- + If true, AND if the owner has the "foregroundDeletion" finalizer, then + the owner cannot be deleted from the key-value store until this + reference is removed. + See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this field and enforces the foreground deletion. + Defaults to false. + To set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.Data without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: |- + Data contains the bootstrap data, such as cloud-init details scripts. + If nil, the Machine should remain in the Pending state. + + + Deprecated: Switch to DataSecretName. + type: string + dataSecretName: + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + type: string + providerID: + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: |- + Total number of available machines (ready for at least minReadySeconds) + targeted by this deployment. + format: int32 + type: integer + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: |- + Total number of non-terminated machines targeted by this deployment + (their labels match the selector). + format: int32 + type: integer + selector: + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors + type: string + unavailableReplicas: + description: |- + Total number of unavailable machines targeted by this deployment. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet available or machines + that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: |- + Total number of non-terminated machines targeted by this deployment + that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: |- + MachineDeployment is the Schema for the machinedeployments API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: |- + Minimum number of seconds for which a newly created machine should + be ready. + Defaults to 0 (machine will be considered available as soon as it + is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for a deployment to make progress before it + is considered to be failed. The deployment controller will continue to + process failed deployments and a condition with a ProgressDeadlineExceeded + reason will be surfaced in the deployment status. Note that progress will + not be estimated during the time a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + default: 1 + description: |- + Number of desired machines. Defaults to 1. + This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: |- + The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + selector: + description: |- + Label selector for machines. Existing MachineSets whose machines are + selected by this will be the ones affected by this deployment. + It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: |- + The deployment strategy to use to replace existing machines with + new ones. + properties: + rollingUpdate: + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: |- + DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. + Valid values are "Random, "Newest", "Oldest" + When no value is supplied, the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + Type of deployment. + Default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels + type: object + type: object + spec: + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bootstrap: + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -5002,76 +6789,78 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -5089,8 +6878,9 @@ spec: description: MachineDeploymentStatus defines the observed state of MachineDeployment. properties: availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. + description: |- + Total number of available machines (ready for at least minReadySeconds) + targeted by this deployment. format: int32 type: integer conditions: @@ -5100,37 +6890,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -5150,27 +6940,30 @@ spec: format: int32 type: integer replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). + description: |- + Total number of non-terminated machines targeted by this deployment + (their labels match the selector). format: int32 type: integer selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. + description: |- + Total number of unavailable machines targeted by this deployment. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet available or machines + that still have not been created. format: int32 type: integer updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. + description: |- + Total number of non-terminated machines targeted by this deployment + that have the desired template spec. format: int32 type: integer type: object @@ -5228,14 +7021,19 @@ spec: description: MachineDeployment is the Schema for the machinedeployments API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -5248,117 +7046,159 @@ spec: minLength: 1 type: string minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a Node for a newly created machine should be ready before - considering the replica available. Defaults to 0 (machine will be - considered available as soon as the Node is ready) + description: |- + MinReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. + Defaults to 0 (machine will be considered available as soon as the Node is ready) format: int32 type: integer paused: description: Indicates that the deployment is paused. type: boolean progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. + description: |- + The maximum time in seconds for a deployment to make progress before it + is considered to be failed. The deployment controller will continue to + process failed deployments and a condition with a ProgressDeadlineExceeded + reason will be surfaced in the deployment status. Note that progress will + not be estimated during the time a deployment is paused. Defaults to 600s. format: int32 type: integer replicas: - description: "Number of desired machines. This is a pointer to distinguish - between explicit zero and not specified. \n Defaults to: * if the - Kubernetes autoscaler min size and max size annotations are set: - - if it's a new MachineDeployment, use min size - if the replicas - field of the old MachineDeployment is < min size, use min size - - if the replicas field of the old MachineDeployment is > max size, - use max size - if the replicas field of the old MachineDeployment - is in the (min size, max size) range, keep the value from the oldMD - * otherwise use 1 Note: Defaulting will be run whenever the replicas - field is not set: * A new MachineDeployment is created with replicas - not set. * On an existing MachineDeployment the replicas field was - first set and is now unset. Those cases are especially relevant - for the following Kubernetes autoscaler use cases: * A new MachineDeployment - is created and replicas should be managed by the autoscaler * An - existing MachineDeployment which initially wasn't controlled by - the autoscaler should be later controlled by the autoscaler" + description: |- + Number of desired machines. + This is a pointer to distinguish between explicit zero and not specified. + + + Defaults to: + * if the Kubernetes autoscaler min size and max size annotations are set: + - if it's a new MachineDeployment, use min size + - if the replicas field of the old MachineDeployment is < min size, use min size + - if the replicas field of the old MachineDeployment is > max size, use max size + - if the replicas field of the old MachineDeployment is in the (min size, max size) range, keep the value from the oldMD + * otherwise use 1 + Note: Defaulting will be run whenever the replicas field is not set: + * A new MachineDeployment is created with replicas not set. + * On an existing MachineDeployment the replicas field was first set and is now unset. + Those cases are especially relevant for the following Kubernetes autoscaler use cases: + * A new MachineDeployment is created and replicas should be managed by the autoscaler + * An existing MachineDeployment which initially wasn't controlled by the autoscaler + should be later controlled by the autoscaler format: int32 type: integer revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. + description: |- + The number of old MachineSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + + + Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10479 for more details. format: int32 type: integer rolloutAfter: - description: 'RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the MachineDeployment. Example: In the YAML the time can - be specified in the RFC3339 format. To specify the rolloutAfter - target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + description: |- + RolloutAfter is a field to indicate a rollout should be performed + after the specified time even if no changes have been made to the + MachineDeployment. + Example: In the YAML the time can be specified in the RFC3339 format. + To specify the rolloutAfter target as March 9, 2023, at 9 am UTC + use "2023-03-09T09:00:00Z". format: date-time type: string selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. + description: |- + Label selector for machines. Existing MachineSets whose machines are + selected by this will be the ones affected by this deployment. + It must match the machine template's labels. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic strategy: - description: The deployment strategy to use to replace existing machines - with new ones. + description: |- + The deployment strategy to use to replace existing machines with + new ones. properties: + remediation: + description: |- + Remediation controls the strategy of remediating unhealthy machines + and how remediating operations should occur during the lifecycle of the dependant MachineSets. + properties: + maxInFlight: + anyOf: + - type: integer + - type: string + description: |- + MaxInFlight determines how many in flight remediations should happen at the same time. + + + Remediation only happens on the MachineSet with the most current revision, while + older MachineSets (usually present during rollout operations) aren't allowed to remediate. + + + Note: In general (independent of remediations), unhealthy machines are always + prioritized during scale down operations over healthy ones. + + + MaxInFlight can be set to a fixed number or a percentage. + Example: when this is set to 20%, the MachineSet controller deletes at most 20% of + the desired replicas. + + + If not set, remediation is limited to all machines (bounded by replicas) + under the active MachineSet's management. + x-kubernetes-int-or-string: true + type: object rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. properties: deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used + description: |- + DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. + Valid values are "Random, "Newest", "Oldest" + When no value is supplied, the default DeletePolicy of MachineSet is used enum: - Random - Newest @@ -5368,40 +7208,44 @@ spec: anyOf: - type: integer - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Allowed values are RollingUpdate - and OnDelete. The default is RollingUpdate. + description: |- + Type of deployment. Allowed values are RollingUpdate and OnDelete. + The default is RollingUpdate. enum: - RollingUpdate - OnDelete @@ -5411,82 +7255,91 @@ spec: description: Template describes the machines that will be created. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -5495,88 +7348,89 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -5594,8 +7448,9 @@ spec: description: MachineDeploymentStatus defines the observed state of MachineDeployment. properties: availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. + description: |- + Total number of available machines (ready for at least minReadySeconds) + targeted by this deployment. format: int32 type: integer conditions: @@ -5605,37 +7460,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -5656,27 +7511,30 @@ spec: format: int32 type: integer replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). + description: |- + Total number of non-terminated machines targeted by this deployment + (their labels match the selector). format: int32 type: integer selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. + description: |- + Total number of unavailable machines targeted by this deployment. + This is the total number of machines that are still required for + the deployment to have 100% available capacity. They may either + be machines that are running but not yet available or machines + that still have not been created. format: int32 type: integer updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. + description: |- + Total number of non-terminated machines targeted by this deployment + that have the desired template spec. format: int32 type: integer type: object @@ -5689,30 +7547,21 @@ spec: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: machinehealthchecks.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -5734,7 +7583,280 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - description: Cluster + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + MachineHealthCheck is the Schema for the machinehealthchecks API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: |- + Machines older than this duration without a node will be considered to have + failed and will be remediated. + type: string + remediationTemplate: + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + currentHealthy: + description: total number of healthy machines counted by this machine + health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + remediationsAllowed: + description: |- + RemediationsAllowed is the number of further remediations allowed by this machine health check before + maxUnhealthy short circuiting will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster jsonPath: .spec.clusterName name: Cluster type: string @@ -5758,18 +7880,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "MachineHealthCheck is the Schema for the machinehealthchecks - API. \n Deprecated: This type will be removed in one of the next releases." + description: |- + MachineHealthCheck is the Schema for the machinehealthchecks API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -5785,54 +7915,65 @@ spec: anyOf: - type: integer - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. + description: |- + Machines older than this duration without a node will be considered to have + failed and will be remediated. + If not set, this value is defaulted to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -5844,54 +7985,55 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -5909,12 +8051,12 @@ spec: minItems: 1 type: array unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines pattern: ^\[[0-9]+-[0-9]+\]$ type: string required: @@ -5932,37 +8074,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -5987,9 +8129,9 @@ spec: format: int64 type: integer remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied + description: |- + RemediationsAllowed is the number of further remediations allowed by this machine health check before + maxUnhealthy short circuiting will be applied format: int32 minimum: 0 type: integer @@ -6033,14 +8175,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6056,54 +8203,78 @@ spec: anyOf: - type: integer - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. + description: |- + Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. + + + Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. x-kubernetes-int-or-string: true nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. + description: |- + NodeStartupTimeout allows to set the maximum time for MachineHealthCheck + to consider a Machine unhealthy if a corresponding Node isn't associated + through a `Spec.ProviderID` field. + + + The duration set in this field is compared to the greatest of: + - Cluster's infrastructure ready condition timestamp (if and when available) + - Control Plane's initialized condition timestamp (if and when available) + - Machine's infrastructure ready condition timestamp (if and when available) + - Machine's metadata creation timestamp + + + Defaults to 10 minutes. + If you wish to disable this feature, set the value explicitly to 0. type: string remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." + description: |- + RemediationTemplate is a reference to a remediation template + provided by an infrastructure provider. + + + This field is completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off remediation of the machine to + a controller that lives outside of Cluster API. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -6115,54 +8286,55 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. + description: |- + UnhealthyConditions contains a list of the conditions that determine + whether a node is considered unhealthy. The conditions are combined in a + logical OR, i.e. if any of the conditions is met, the node is unhealthy. items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. + description: |- + UnhealthyCondition represents a Node condition type and value with a timeout + specified as a duration. When the named condition has been in the given + status for at least the timeout value, a node is considered unhealthy. properties: status: minLength: 1 @@ -6177,21 +8349,22 @@ spec: - timeout - type type: object - minItems: 1 type: array unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' + description: |- + Any further remediation is only allowed if the number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + Eg. "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines + + + Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. pattern: ^\[[0-9]+-[0-9]+\]$ type: string required: - clusterName - selector - - unhealthyConditions type: object status: description: Most recently observed status of MachineHealthCheck resource @@ -6203,37 +8376,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -6259,9 +8432,9 @@ spec: format: int64 type: integer remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied + description: |- + RemediationsAllowed is the number of further remediations allowed by this machine health check before + maxUnhealthy short circuiting will be applied format: int32 minimum: 0 type: integer @@ -6277,30 +8450,21 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - + controller-gen.kubebuilder.io/version: v0.15.0 labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: machinepools.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -6321,10 +8485,6 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - description: MachinePool replicas count jsonPath: .status.replicas name: Replicas @@ -6339,21 +8499,29 @@ spec: name: Version type: string deprecated: true - name: v1alpha4 + name: v1alpha3 schema: openAPIV3Schema: - description: "MachinePool is the Schema for the machinepools API. \n Deprecated: - This type will be removed in one of the next releases." + description: |- + MachinePool is the Schema for the machinepools API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6372,104 +8540,284 @@ spec: type: string type: array minReadySeconds: - description: Minimum number of seconds for which a newly created machine - instances should be ready. Defaults to 0 (machine instance will - be considered available as soon as it is ready) + description: |- + Minimum number of seconds for which a newly created machine instances should + be ready. + Defaults to 0 (machine instance will be considered available as soon as it + is ready) format: int32 type: integer providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. + description: |- + ProviderIDList are the identification IDs of machine instances provided by the provider. + This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. items: type: string type: array replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. + description: |- + Number of desired machines. Defaults to 1. + This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer + strategy: + description: |- + The deployment strategy to use to replace existing machine instances with + new ones. + properties: + rollingUpdate: + description: |- + Rolling update config params. Present only if + MachineDeploymentStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of machines that can be scheduled above the + desired number of machines. + Value can be an absolute number (ex: 5) or a percentage of + desired machines (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 1. + Example: when this is set to 30%, the new MachineSet can be scaled + up immediately when the rolling update starts, such that the total + number of old and new machines do not exceed 130% of desired + machines. Once old machines have been killed, new MachineSet can + be scaled up further, ensuring that total number of machines running + at any time during the update is at most 130% of desired machines. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of machines that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired + machines (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 0. + Example: when this is set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately when the rolling update + starts. Once new machines are ready, old MachineSet can be scaled + down further, followed by scaling up the new MachineSet, ensuring + that the total number of machines available at all times + during the update is at least 70% of desired machines. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + Type of deployment. Currently the only supported strategy is + "RollingUpdate". + Default is RollingUpdate. + type: string + type: object template: description: Template describes the machines that will be created. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique + name ONLY IF the Name field has not been provided. + If this field is used, the name returned to the client will be different + than the name passed. This value will also be combined with a unique suffix. + The provided value has the same validation rules as the Name field, + and may be truncated by the length of the suffix required to make the value + unique on the server. + + + If this field is specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created or 500 with Reason + ServerTimeout indicating a unique name could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the Retry-After header). + + + Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is + equivalent to the "default" namespace, but "default" is the canonical representation. + Not all objects are required to be scoped to a namespace - the value of this field for + those objects will be empty. + + + Must be a DNS_LABEL. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + ownerReferences: + description: |- + List of objects depended by this object. If ALL objects in the list have + been deleted, this object will be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + + + Deprecated: This field has no function and is going to be removed in a next release. + items: + description: |- + OwnerReference contains enough information to let you identify an owning + object. An owning object must be in the same namespace as the dependent, or + be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: |- + If true, AND if the owner has the "foregroundDeletion" finalizer, then + the owner cannot be deleted from the key-value store until this + reference is removed. + See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this field and enforces the foreground deletion. + Defaults to false. + To set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.Data without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic + data: + description: |- + Data contains the bootstrap data, such as cloud-init details scripts. + If nil, the Machine should remain in the Pending state. + + + Deprecated: Switch to DataSecretName. + type: string dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -6478,76 +8826,78 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -6578,37 +8928,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -6616,13 +8966,14 @@ spec: type: object type: array failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. + description: |- + FailureMessage indicates that there is a problem reconciling the state, + and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. + description: |- + FailureReason indicates that there is a problem reconciling the state, and + will be set to a token value suitable for programmatic interpretation. type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure @@ -6632,63 +8983,63 @@ spec: description: NodeRefs will point to the corresponding Nodes if it they exist. items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + description: |- + ObjectReference contains enough information to let you inspect or modify the referred object. + --- + New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. + 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. + 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular + restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". + Those cannot be well described when embedded. + 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. + 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity + during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple + and the version of the actual struct is irrelevant. + 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type + will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. + + + Instead of using this type, create a locally provided and used type that is well-focused on your reference. + For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -6699,7 +9050,8 @@ spec: format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: |- + Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. type: string readyReplicas: @@ -6713,12 +9065,12 @@ spec: format: int32 type: integer unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. + description: |- + Total number of unavailable machine instances targeted by this machine pool. + This is the total number of machine instances that are still required for + the machine pool to have 100% available capacity. They may either + be machine instances that are running but not yet available or machine instances + that still have not been created. format: int32 type: integer type: object @@ -6731,15 +9083,10 @@ spec: statusReplicasPath: .status.replicas status: {} - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Total number of machines desired by this MachinePool - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date - description: MachinePool replicas count jsonPath: .status.replicas name: Replicas @@ -6749,28 +9096,34 @@ spec: jsonPath: .status.phase name: Phase type: string - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - description: Kubernetes version associated with this MachinePool jsonPath: .spec.template.spec.version name: Version type: string - name: v1beta1 + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: MachinePool is the Schema for the machinepools API. + description: |- + MachinePool is the Schema for the machinepools API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6789,105 +9142,115 @@ spec: type: string type: array minReadySeconds: - description: 'Minimum number of seconds for which a newly created - machine instances should be ready. Defaults to 0 (machine instance - will be considered available as soon as it is ready) NOTE: No logic - is implemented for this field and it currently has no behaviour.' + description: |- + Minimum number of seconds for which a newly created machine instances should + be ready. + Defaults to 0 (machine instance will be considered available as soon as it + is ready) format: int32 type: integer providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. + description: |- + ProviderIDList are the identification IDs of machine instances provided by the provider. + This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. items: type: string type: array replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. + description: |- + Number of desired machines. Defaults to 1. + This is a pointer to distinguish between explicit zero and not specified. format: int32 type: integer template: description: Template describes the machines that will be created. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -6896,88 +9259,78 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -7008,52 +9361,52 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - lastTransitionTime - status - type type: object type: array failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. + description: |- + FailureMessage indicates that there is a problem reconciling the state, + and will be set to a descriptive error message. type: string failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. + description: |- + FailureReason indicates that there is a problem reconciling the state, and + will be set to a token value suitable for programmatic interpretation. type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure @@ -7063,63 +9416,63 @@ spec: description: NodeRefs will point to the corresponding Nodes if it they exist. items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + description: |- + ObjectReference contains enough information to let you inspect or modify the referred object. + --- + New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. + 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. + 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular + restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". + Those cannot be well described when embedded. + 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. + 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity + during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple + and the version of the actual struct is irrelevant. + 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type + will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. + + + Instead of using this type, create a locally provided and used type that is well-focused on your reference. + For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -7130,7 +9483,8 @@ spec: format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: |- + Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. type: string readyReplicas: @@ -7144,47 +9498,487 @@ spec: format: int32 type: integer unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. + description: |- + Total number of unavailable machine instances targeted by this machine pool. + This is the total number of machine instances that are still required for + the machine pool to have 100% available capacity. They may either + be machine instances that are running but not yet available or machine instances + that still have not been created. format: int32 type: integer type: object type: object - served: true - storage: true + served: false + storage: false subresources: scale: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - - labels: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachinePool + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachinePool is the Schema for the machinepools API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: |- + Minimum number of seconds for which a newly created machine instances should + be ready. + Defaults to 0 (machine instance will be considered available as soon as it + is ready) + format: int32 + type: integer + providerIDList: + description: |- + ProviderIDList are the identification IDs of machine instances provided by the provider. + This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + items: + type: string + type: array + replicas: + description: |- + Number of desired machines. Defaults to 1. + This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels + type: object + type: object + spec: + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bootstrap: + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + type: string + nodeVolumeDetachTimeout: + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + providerID: + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: |- + FailureMessage indicates that there is a problem reconciling the state, + and will be set to a descriptive error message. + type: string + failureReason: + description: |- + FailureReason indicates that there is a problem reconciling the state, and + will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: |- + ObjectReference contains enough information to let you inspect or modify the referred object. + --- + New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. + 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. + 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular + restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". + Those cannot be well described when embedded. + 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. + 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity + during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple + and the version of the actual struct is irrelevant. + 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type + will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. + + + Instead of using this type, create a locally provided and used type that is well-focused on your reference. + For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: |- + Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: |- + Total number of unavailable machine instances targeted by this machine pool. + This is the total number of machine instances that are still required for + the machine pool to have 100% available capacity. They may either + be machine instances that are running but not yet available or machine instances + that still have not been created. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.15.0 + labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: machines.cluster.x-k8s.io spec: conversion: strategy: Webhook webhook: clientConfig: - caBundle: Cg== service: name: capi-webhook-service namespace: capi-system @@ -7204,6 +9998,394 @@ spec: singular: machine scope: Namespaced versions: + - additionalPrinterColumns: + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + Machine is the Schema for the machines API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.Data without + the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: |- + Data contains the bootstrap data, such as cloud-init details scripts. + If nil, the Machine should remain in the Pending state. + + + Deprecated: Switch to DataSecretName. + type: string + dataSecretName: + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomain: + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + type: string + providerID: + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: |- + Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + A human readable message indicating details about the transition. + This field may be empty. + type: string + reason: + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. + type: string + severity: + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. + type: string + failureReason: + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: |- + Phase represents the current phase of machine actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + version: + description: |- + Version specifies the current version of Kubernetes running + on the corresponding Node. This is meant to be a means of bubbling + up status from the Node to the Machine. + It is entirely optional, but useful for end-user UX if it’s present. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName @@ -7234,18 +10416,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "Machine is the Schema for the machines API. \n Deprecated: This - type will be removed in one of the next releases." + description: |- + Machine is the Schema for the machines API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -7253,53 +10443,62 @@ spec: description: MachineSpec defines the desired state of Machine. properties: bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates + description: |- + Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -7308,73 +10507,79 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. type: string required: - bootstrap @@ -7385,7 +10590,8 @@ spec: description: MachineStatus defines the observed state of Machine. properties: addresses: - description: Addresses is a list of addresses assigned to the machine. + description: |- + Addresses is a list of addresses assigned to the machine. This field is copied from the infrastructure provider reference. items: description: MachineAddress contains information for the node's @@ -7413,37 +10619,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -7451,34 +10657,46 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure @@ -7490,8 +10708,9 @@ spec: format: date-time type: string nodeInfo: - description: 'NodeInfo is a set of ids/uuids to uniquely identify - the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' + description: |- + NodeInfo is a set of ids/uuids to uniquely identify the node. + More info: https://kubernetes.io/docs/concepts/nodes/node/#info properties: architecture: description: The Architecture reported by the node @@ -7514,9 +10733,10 @@ spec: description: Kubelet Version reported by the node. type: string machineID: - description: 'MachineID reported by the node. For unique machine - identification in the cluster this field is preferred. Learn - more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' + description: |- + MachineID reported by the node. For unique machine identification + in the cluster this field is preferred. Learn more from man(5) + machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html type: string operatingSystem: description: The Operating System reported by the node @@ -7526,9 +10746,10 @@ spec: (e.g. Debian GNU/Linux 7 (wheezy)). type: string systemUUID: - description: SystemUUID reported by the node. For unique machine - identification MachineID is preferred. This field is specific - to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid + description: |- + SystemUUID reported by the node. For unique machine identification + MachineID is preferred. This field is specific to Red Hat hosts + https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid type: string required: - architecture @@ -7549,33 +10770,40 @@ spec: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic @@ -7585,14 +10813,16 @@ spec: format: int64 type: integer phase: - description: Phase represents the current phase of machine actuation. + description: |- + Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. type: string version: - description: Version specifies the current version of Kubernetes running + description: |- + Version specifies the current version of Kubernetes running on the corresponding Node. This is meant to be a means of bubbling - up status from the Node to the Machine. It is entirely optional, - but useful for end-user UX if it’s present. + up status from the Node to the Machine. + It is entirely optional, but useful for end-user UX if it’s present. type: string type: object type: object @@ -7631,14 +10861,19 @@ spec: description: Machine is the Schema for the machines API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -7646,53 +10881,62 @@ spec: description: MachineSpec defines the desired state of Machine. properties: bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates + description: |- + Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -7701,85 +10945,90 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller will - attempt to delete the Node that the Machine hosts after the Machine - is marked for deletion. A duration of 0 will retry deletion indefinitely. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of time that - the controller will spend on waiting for all volumes to be detached. - The default value is 0, meaning that the volumes can be detached - without any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. type: string required: - bootstrap @@ -7790,7 +11039,8 @@ spec: description: MachineStatus defines the observed state of Machine. properties: addresses: - description: Addresses is a list of addresses assigned to the machine. + description: |- + Addresses is a list of addresses assigned to the machine. This field is copied from the infrastructure provider reference. items: description: MachineAddress contains information for the node's @@ -7812,8 +11062,9 @@ spec: description: BootstrapReady is the state of the bootstrap provider. type: boolean certificatesExpiryDate: - description: CertificatesExpiryDate is the expiry date of the machine - certificates. This value is only set for control plane machines. + description: |- + CertificatesExpiryDate is the expiry date of the machine certificates. + This value is only set for control plane machines. format: date-time type: string conditions: @@ -7823,37 +11074,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -7862,192 +11113,692 @@ spec: type: object type: array failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." + description: |- + FailureMessage will be set in the event that there is a terminal problem + reconciling the Machine and will contain a more verbose string suitable + for logging and human consumption. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. + type: string + failureReason: + description: |- + FailureReason will be set in the event that there is a terminal problem + reconciling the Machine and will contain a succinct value suitable + for machine interpretation. + + + This field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the Machine's spec or the configuration of + the controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the controller, or the + responsible controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the Machine object and/or logged in the + controller's output. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeInfo: + description: |- + NodeInfo is a set of ids/uuids to uniquely identify the node. + More info: https://kubernetes.io/docs/concepts/nodes/node/#info + properties: + architecture: + description: The Architecture reported by the node + type: string + bootID: + description: Boot ID reported by the node. + type: string + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through + runtime remote API (e.g. containerd://1.4.2). + type: string + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' + (e.g. 3.16.0-0.bpo.4-amd64). + type: string + kubeProxyVersion: + description: KubeProxy Version reported by the node. + type: string + kubeletVersion: + description: Kubelet Version reported by the node. + type: string + machineID: + description: |- + MachineID reported by the node. For unique machine identification + in the cluster this field is preferred. Learn more from man(5) + machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html + type: string + operatingSystem: + description: The Operating System reported by the node + type: string + osImage: + description: OS Image reported by the node from /etc/os-release + (e.g. Debian GNU/Linux 7 (wheezy)). + type: string + systemUUID: + description: |- + SystemUUID reported by the node. For unique machine identification + MachineID is preferred. This field is specific to Red Hat hosts + https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid + type: string + required: + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID + type: object + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: |- + Phase represents the current phase of machine actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + cluster.x-k8s.io/provider: cluster-api + name: machinesets.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineSet + listKind: MachineSetList + plural: machinesets + shortNames: + - ms + singular: machineset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: |- + MachineSet is the Schema for the machinesets API. + + + Deprecated: This type will be removed in one of the next releases. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + deletePolicy: + description: |- + DeletePolicy defines the policy used to identify nodes to delete when downscaling. + Defaults to "Random". Valid values are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: |- + MinReadySeconds is the minimum number of seconds for which a newly created machine should be ready. + Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + description: |- + Replicas is the number of desired replicas. + This is a pointer to distinguish between explicit zero and unspecified. + Defaults to 1. + format: int32 + type: integer + selector: + description: |- + Selector is a label query over machines that should match the replica count. + Label keys and values that must match in order to be controlled by this MachineSet. + It must match the machine template's labels. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: |- + Template is the object that describes the machine that will be created if + insufficient replicas are detected. + Object references to custom resources are treated as templates. + properties: + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations + type: object + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique + name ONLY IF the Name field has not been provided. + If this field is used, the name returned to the client will be different + than the name passed. This value will also be combined with a unique suffix. + The provided value has the same validation rules as the Name field, + and may be truncated by the length of the suffix required to make the value + unique on the server. + + + If this field is specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created or 500 with Reason + ServerTimeout indicating a unique name could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the Retry-After header). + + + Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is + equivalent to the "default" namespace, but "default" is the canonical representation. + Not all objects are required to be scoped to a namespace - the value of this field for + those objects will be empty. + + + Must be a DNS_LABEL. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + + + Deprecated: This field has no function and is going to be removed in a next release. + type: string + ownerReferences: + description: |- + List of objects depended by this object. If ALL objects in the list have + been deleted, this object will be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + + + Deprecated: This field has no function and is going to be removed in a next release. + items: + description: |- + OwnerReference contains enough information to let you identify an owning + object. An owning object must be in the same namespace as the dependent, or + be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: |- + If true, AND if the owner has the "foregroundDeletion" finalizer, then + the owner cannot be deleted from the key-value store until this + reference is removed. + See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this field and enforces the foreground deletion. + Defaults to false. + To set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + spec: + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bootstrap: + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.Data without + the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: |- + Data contains the bootstrap data, such as cloud-init details scripts. + If nil, the Machine should remain in the Pending state. + + + Deprecated: Switch to DataSecretName. + type: string + dataSecretName: + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` + type: string + providerID: + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: |- + Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachineSet. + format: int32 + type: integer + failureMessage: type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - lastUpdated: - description: LastUpdated identifies when the phase of the Machine - last transitioned. - format: date-time + description: |- + In the event that there is a terminal problem reconciling the + replicas, both FailureReason and FailureMessage will be set. FailureReason + will be populated with a succinct value suitable for machine + interpretation, while FailureMessage will contain a more verbose + string suitable for logging and human consumption. + + + These fields should not be set for transitive errors that a + controller faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the MachineTemplate's spec or the configuration of + the machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the machine controller, or the + responsible machine controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the MachineSet object and/or logged in the + controller's output. type: string - nodeInfo: - description: 'NodeInfo is a set of ids/uuids to uniquely identify - the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' - properties: - architecture: - description: The Architecture reported by the node - type: string - bootID: - description: Boot ID reported by the node. - type: string - containerRuntimeVersion: - description: ContainerRuntime Version reported by the node through - runtime remote API (e.g. containerd://1.4.2). - type: string - kernelVersion: - description: Kernel Version reported by the node from 'uname -r' - (e.g. 3.16.0-0.bpo.4-amd64). - type: string - kubeProxyVersion: - description: KubeProxy Version reported by the node. - type: string - kubeletVersion: - description: Kubelet Version reported by the node. - type: string - machineID: - description: 'MachineID reported by the node. For unique machine - identification in the cluster this field is preferred. Learn - more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' - type: string - operatingSystem: - description: The Operating System reported by the node - type: string - osImage: - description: OS Image reported by the node from /etc/os-release - (e.g. Debian GNU/Linux 7 (wheezy)). - type: string - systemUUID: - description: SystemUUID reported by the node. For unique machine - identification MachineID is preferred. This field is specific - to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - type: string - required: - - architecture - - bootID - - containerRuntimeVersion - - kernelVersion - - kubeProxyVersion - - kubeletVersion - - machineID - - operatingSystem - - osImage - - systemUUID - type: object - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic + fullyLabeledReplicas: + description: The number of replicas that have labels matching the + labels of the machine template of the MachineSet. + format: int32 + type: integer observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. + description: ObservedGeneration reflects the generation of the most + recently observed MachineSet. format: int64 type: integer - phase: - description: Phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine + is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string type: object type: object - served: true - storage: true + served: false + storage: false subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machinesets.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: MachineSet - listKind: MachineSetList - plural: machinesets - shortNames: - - ms - singular: machineset - scope: Namespaced - versions: - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName @@ -8073,18 +11824,26 @@ spec: name: v1alpha4 schema: openAPIV3Schema: - description: "MachineSet is the Schema for the machinesets API. \n Deprecated: - This type will be removed in one of the next releases." + description: |- + MachineSet is the Schema for the machinesets API. + + + Deprecated: This type will be removed in one of the next releases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -8097,157 +11856,170 @@ spec: minLength: 1 type: string deletePolicy: - description: DeletePolicy defines the policy used to identify nodes - to delete when downscaling. Defaults to "Random". Valid values - are "Random, "Newest", "Oldest" + description: |- + DeletePolicy defines the policy used to identify nodes to delete when downscaling. + Defaults to "Random". Valid values are "Random, "Newest", "Oldest" enum: - Random - Newest - Oldest type: string minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a newly created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) + description: |- + MinReadySeconds is the minimum number of seconds for which a newly created machine should be ready. + Defaults to 0 (machine will be considered available as soon as it is ready) format: int32 type: integer replicas: default: 1 - description: Replicas is the number of desired replicas. This is a - pointer to distinguish between explicit zero and unspecified. Defaults - to 1. + description: |- + Replicas is the number of desired replicas. + This is a pointer to distinguish between explicit zero and unspecified. + Defaults to 1. format: int32 type: integer selector: - description: 'Selector is a label query over machines that should - match the replica count. Label keys and values that must match in - order to be controlled by this MachineSet. It must match the machine - template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + description: |- + Selector is a label query over machines that should match the replica count. + Label keys and values that must match in order to be controlled by this MachineSet. + It must match the machine template's labels. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic template: - description: Template is the object that describes the machine that - will be created if insufficient replicas are detected. Object references - to custom resources are treated as templates. + description: |- + Template is the object that describes the machine that will be created if + insufficient replicas are detected. + Object references to custom resources are treated as templates. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -8256,76 +12028,78 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -8353,37 +12127,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - status @@ -8393,22 +12167,27 @@ spec: failureMessage: type: string failureReason: - description: "In the event that there is a terminal problem reconciling - the replicas, both FailureReason and FailureMessage will be set. - FailureReason will be populated with a succinct value suitable for - machine interpretation, while FailureMessage will contain a more - verbose string suitable for logging and human consumption. \n These - fields should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachineTemplate's spec or the configuration of the - machine controller, and that manual intervention is required. Examples - of terminal errors would be invalid combinations of settings in - the spec, values that are unsupported by the machine controller, - or the responsible machine controller itself being critically misconfigured. - \n Any transient errors that occur during the reconciliation of - Machines can be added as events to the MachineSet object and/or - logged in the controller's output." + description: |- + In the event that there is a terminal problem reconciling the + replicas, both FailureReason and FailureMessage will be set. FailureReason + will be populated with a succinct value suitable for machine + interpretation, while FailureMessage will contain a more verbose + string suitable for logging and human consumption. + + + These fields should not be set for transitive errors that a + controller faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the MachineTemplate's spec or the configuration of + the machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the machine controller, or the + responsible machine controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the MachineSet object and/or logged in the + controller's output. type: string fullyLabeledReplicas: description: The number of replicas that have labels matching the @@ -8430,10 +12209,10 @@ spec: format: int32 type: integer selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string type: object type: object @@ -8481,14 +12260,19 @@ spec: description: MachineSet is the Schema for the machinesets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -8501,158 +12285,184 @@ spec: minLength: 1 type: string deletePolicy: - description: DeletePolicy defines the policy used to identify nodes - to delete when downscaling. Defaults to "Random". Valid values - are "Random, "Newest", "Oldest" + description: |- + DeletePolicy defines the policy used to identify nodes to delete when downscaling. + Defaults to "Random". Valid values are "Random, "Newest", "Oldest" enum: - Random - Newest - Oldest type: string minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a Node for a newly created machine should be ready before - considering the replica available. Defaults to 0 (machine will be - considered available as soon as the Node is ready) + description: |- + MinReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. + Defaults to 0 (machine will be considered available as soon as the Node is ready) format: int32 type: integer replicas: - default: 1 - description: Replicas is the number of desired replicas. This is a - pointer to distinguish between explicit zero and unspecified. Defaults - to 1. + description: |- + Replicas is the number of desired replicas. + This is a pointer to distinguish between explicit zero and unspecified. + + + Defaults to: + * if the Kubernetes autoscaler min size and max size annotations are set: + - if it's a new MachineSet, use min size + - if the replicas field of the old MachineSet is < min size, use min size + - if the replicas field of the old MachineSet is > max size, use max size + - if the replicas field of the old MachineSet is in the (min size, max size) range, keep the value from the oldMS + * otherwise use 1 + Note: Defaulting will be run whenever the replicas field is not set: + * A new MachineSet is created with replicas not set. + * On an existing MachineSet the replicas field was first set and is now unset. + Those cases are especially relevant for the following Kubernetes autoscaler use cases: + * A new MachineSet is created and replicas should be managed by the autoscaler + * An existing MachineSet which initially wasn't controlled by the autoscaler + should be later controlled by the autoscaler format: int32 type: integer selector: - description: 'Selector is a label query over machines that should - match the replica count. Label keys and values that must match in - order to be controlled by this MachineSet. It must match the machine - template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + description: |- + Selector is a label query over machines that should match the replica count. + Label keys and values that must match in order to be controlled by this MachineSet. + It must match the machine template's labels. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic template: - description: Template is the object that describes the machine that - will be created if insufficient replicas are detected. Object references - to custom resources are treated as templates. + description: |- + Template is the object that describes the machine that will be created if + insufficient replicas are detected. + Object references to custom resources are treated as templates. properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object type: object spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + description: |- + Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + description: |- + ConfigRef is a reference to a bootstrap provider-specific resource + that holds configuration details. The reference is optional to + allow users/operators to specify Bootstrap.DataSecretName without + the need of a controller. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + description: |- + DataSecretName is the name of the secret that stores the bootstrap data script. + If nil, the Machine should remain in the Pending state. type: string type: object clusterName: @@ -8661,88 +12471,89 @@ spec: minLength: 1 type: string failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + description: |- + FailureDomain is the failure domain the machine will be created in. + Must match a key in the FailureDomains map stored on the cluster object. type: string infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + description: |- + InfrastructureRef is a required reference to a custom resource + offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. + description: |- + NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine + hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. type: string nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + description: |- + NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. + The default value is 0, meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` type: string nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. + description: |- + NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. type: string providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + description: |- + ProviderID is the identification ID of the machine provided by the provider. + This field must match the provider ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler + with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out + machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a + generic out-of-tree provider for autoscaler, this field is required by autoscaler to be + able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. type: string version: - description: Version defines the desired Kubernetes version. + description: |- + Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string required: @@ -8770,37 +12581,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -8811,22 +12622,27 @@ spec: failureMessage: type: string failureReason: - description: "In the event that there is a terminal problem reconciling - the replicas, both FailureReason and FailureMessage will be set. - FailureReason will be populated with a succinct value suitable for - machine interpretation, while FailureMessage will contain a more - verbose string suitable for logging and human consumption. \n These - fields should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachineTemplate's spec or the configuration of the - machine controller, and that manual intervention is required. Examples - of terminal errors would be invalid combinations of settings in - the spec, values that are unsupported by the machine controller, - or the responsible machine controller itself being critically misconfigured. - \n Any transient errors that occur during the reconciliation of - Machines can be added as events to the MachineSet object and/or - logged in the controller's output." + description: |- + In the event that there is a terminal problem reconciling the + replicas, both FailureReason and FailureMessage will be set. FailureReason + will be populated with a succinct value suitable for machine + interpretation, while FailureMessage will contain a more verbose + string suitable for logging and human consumption. + + + These fields should not be set for transitive errors that a + controller faces that are expected to be fixed automatically over + time (like service outages), but instead indicate that something is + fundamentally wrong with the MachineTemplate's spec or the configuration of + the machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in the + spec, values that are unsupported by the machine controller, or the + responsible machine controller itself being critically misconfigured. + + + Any transient errors that occur during the reconciliation of Machines + can be added as events to the MachineSet object and/or logged in the + controller's output. type: string fullyLabeledReplicas: description: The number of replicas that have labels matching the @@ -8848,10 +12664,10 @@ spec: format: int32 type: integer selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + description: |- + Selector is the same as the label selector but in the string format to avoid introspection + by clients. The string will be in the same format as the query-param syntax. + More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors type: string type: object type: object @@ -8863,19 +12679,12 @@ spec: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null --- apiVersion: v1 kind: ServiceAccount metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-manager namespace: capi-system --- @@ -8884,7 +12693,6 @@ kind: Role metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-leader-election-role namespace: capi-system rules: @@ -8916,7 +12724,6 @@ kind: ClusterRole metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-aggregated-manager-role rules: [] --- @@ -8926,7 +12733,6 @@ metadata: labels: cluster.x-k8s.io/aggregate-to-manager: "true" cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-manager-role rules: - apiGroups: @@ -8952,7 +12758,6 @@ rules: - apiGroups: - addons.cluster.x-k8s.io resources: - - clusterresourcesets/finalizers - clusterresourcesets/status verbs: - get @@ -9010,8 +12815,6 @@ rules: resources: - clusterclasses verbs: - - create - - delete - get - list - patch @@ -9040,24 +12843,8 @@ rules: - cluster.x-k8s.io resources: - clusters - - clusters/finalizers - clusters/status verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - clusters/status - verbs: - - create - - delete - get - list - patch @@ -9079,18 +12866,6 @@ rules: - cluster.x-k8s.io resources: - machinedeployments - - machinedeployments/finalizers - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinedeployments - - machinedeployments/finalizers - machinedeployments/status verbs: - create @@ -9116,7 +12891,6 @@ rules: - cluster.x-k8s.io resources: - machinehealthchecks - - machinehealthchecks/finalizers - machinehealthchecks/status verbs: - get @@ -9140,7 +12914,6 @@ rules: - cluster.x-k8s.io resources: - machinepools - - machinepools/finalizers - machinepools/status verbs: - create @@ -9154,7 +12927,6 @@ rules: - cluster.x-k8s.io resources: - machines - - machines/finalizers - machines/status verbs: - create @@ -9164,29 +12936,10 @@ rules: - patch - update - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - - machines/status - verbs: - - delete - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinesets - verbs: - - get - - list - - watch - apiGroups: - cluster.x-k8s.io resources: - machinesets - - machinesets/finalizers verbs: - get - list @@ -9197,7 +12950,6 @@ rules: - cluster.x-k8s.io resources: - machinesets - - machinesets/finalizers - machinesets/status verbs: - create @@ -9215,6 +12967,7 @@ rules: - get - list - patch + - update - watch - apiGroups: - "" @@ -9222,22 +12975,7 @@ rules: - events verbs: - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - create - - delete - - get - - list - patch - - update - - watch - apiGroups: - "" resources: @@ -9248,6 +12986,7 @@ rules: - get - list - patch + - update - watch - apiGroups: - ipam.cluster.x-k8s.io @@ -9272,10 +13011,8 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-leader-election-rolebinding namespace: capi-system roleRef: @@ -9290,10 +13027,8 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -9309,7 +13044,6 @@ kind: Service metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-webhook-service namespace: capi-system spec: @@ -9322,10 +13056,8 @@ spec: apiVersion: apps/v1 kind: Deployment metadata: - labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" control-plane: controller-manager name: capi-controller-manager namespace: capi-system @@ -9335,10 +13067,8 @@ spec: matchLabels: cluster.x-k8s.io/provider: cluster-api control-plane: controller-manager - strategy: {} template: metadata: - labels: cluster.x-k8s.io/provider: cluster-api control-plane: controller-manager @@ -9349,6 +13079,7 @@ spec: - --diagnostics-address=:8443 - --insecure-diagnostics=false - --feature-gates=MachinePool=false,ClusterResourceSet=false,ClusterTopology=true,RuntimeSDK=false,MachineSetPreflightChecks=false + - --use-deprecated-infra-machine-naming=false command: - /manager env: @@ -9364,7 +13095,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.0 + image: registry.k8s.io/cluster-api/cluster-api-controller:v1.8.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -9385,7 +13116,6 @@ spec: httpGet: path: /readyz port: healthz - resources: {} securityContext: allowPrivilegeEscalation: false capabilities: @@ -9394,6 +13124,7 @@ spec: privileged: false runAsGroup: 65532 runAsUser: 65532 + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert @@ -9413,14 +13144,12 @@ spec: - name: cert secret: secretName: capi-webhook-service-cert -status: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-serving-cert namespace: capi-system spec: @@ -9440,7 +13169,6 @@ kind: Issuer metadata: labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-selfsigned-issuer namespace: capi-system spec: @@ -9451,10 +13179,8 @@ kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -9661,10 +13387,8 @@ kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - labels: cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" name: capi-validating-webhook-configuration webhooks: - admissionReviewVersions: @@ -9896,7 +13620,7 @@ webhooks: service: name: capi-webhook-service namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddress + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddress failurePolicy: Fail matchPolicy: Equivalent name: validation.ipaddress.ipam.cluster.x-k8s.io @@ -9904,7 +13628,7 @@ webhooks: - apiGroups: - ipam.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE - UPDATE @@ -9919,7 +13643,7 @@ webhooks: service: name: capi-webhook-service namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddressclaim + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddressclaim failurePolicy: Fail matchPolicy: Equivalent name: validation.ipaddressclaim.ipam.cluster.x-k8s.io @@ -9927,11 +13651,11 @@ webhooks: - apiGroups: - ipam.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE - UPDATE - DELETE resources: - ipaddressclaims - sideEffects: None + sideEffects: None \ No newline at end of file