diff --git a/machineconfiguration/OWNERS b/machineconfiguration/OWNERS new file mode 100644 index 00000000000..5c706092a18 --- /dev/null +++ b/machineconfiguration/OWNERS @@ -0,0 +1,6 @@ +reviewers: + - cgwalters + - sinnykumari + - yuqi-zhang + - cheesesashimi + - jkyros diff --git a/machineconfiguration/install.go b/machineconfiguration/install.go new file mode 100644 index 00000000000..1ecdafb16f3 --- /dev/null +++ b/machineconfiguration/install.go @@ -0,0 +1,25 @@ +package machineconfiguration + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// GroupName defines the API group for machineconfiguration. +const GroupName = "machineconfiguration.openshift.io" + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(machineconfigurationv1.Install) + // Install is a function which adds every version of this group to a scheme + Install = SchemeBuilder.AddToScheme +) + +func Resource(resource string) schema.GroupResource { + return schema.GroupResource{Group: GroupName, Resource: resource} +} + +func Kind(kind string) schema.GroupKind { + return schema.GroupKind{Group: GroupName, Kind: kind} +} diff --git a/machineconfiguration/install_test.go b/machineconfiguration/install_test.go new file mode 100644 index 00000000000..756080cbee3 --- /dev/null +++ b/machineconfiguration/install_test.go @@ -0,0 +1,11 @@ +package machineconfiguration + +import ( + "testing" +) + +func TestGroupName(t *testing.T) { + if got, want := GroupName, "machineconfiguration.openshift.io"; got != want { + t.Fatalf("mismatch group name, got: %s want: %s", got, want) + } +} diff --git a/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml b/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml new file mode 100644 index 00000000000..b315836af6d --- /dev/null +++ b/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml @@ -0,0 +1,140 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: containerruntimeconfigs.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + group: machineconfiguration.openshift.io + names: + kind: ContainerRuntimeConfig + listKind: ContainerRuntimeConfigList + plural: containerruntimeconfigs + singular: containerruntimeconfig + shortNames: + - ctrcfg + scope: Cluster + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: "ContainerRuntimeConfig describes a customized Container Runtime configuration. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig + type: object + required: + - containerRuntimeConfig + properties: + containerRuntimeConfig: + description: ContainerRuntimeConfiguration defines the tuneables of the container runtime + type: object + properties: + defaultRuntime: + description: defaultRuntime is the name of the OCI runtime to be used as the default. + type: string + logLevel: + description: logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug. + type: string + logSizeMax: + description: logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + overlaySize: + description: 'overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + pidsLimit: + description: pidsLimit specifies the maximum number of processes allowed in a container + type: integer + format: int64 + machineConfigPoolSelector: + description: MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. A nil selector will result in no pools being selected. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + status: + description: ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig + type: object + properties: + conditions: + description: conditions represents the latest available observations of current state. + type: array + items: + description: ContainerRuntimeConfigCondition defines the state of the ContainerRuntimeConfig + type: object + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + type: string + format: date-time + nullable: true + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + type: integer + format: int64 diff --git a/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml b/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml new file mode 100644 index 00000000000..ee49210bc54 --- /dev/null +++ b/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml @@ -0,0 +1,1253 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + # name must match the spec fields below, and be in the form: . + name: controllerconfigs.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + # group name to use for REST API: /apis// + group: machineconfiguration.openshift.io + # either Namespaced or Cluster + scope: Cluster + names: + # plural name to be used in the URL: /apis/// + plural: controllerconfigs + # singular name to be used as an alias on the CLI and for display + singular: controllerconfig + # kind is normally the PascalCased singular type. Your resource manifests use this. + kind: ControllerConfig + # list of versions supported by this CustomResourceDefinition + versions: + - name: v1 + # Each version can be enabled/disabled by Served flag. + served: true + # One and only one version must be marked as the storage version. + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: "ControllerConfig describes configuration for MachineConfigController. This is currently only used to drive the MachineConfig objects generated by the TemplateController. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ControllerConfigSpec is the spec for ControllerConfig resource. + type: object + required: + - additionalTrustBundle + - baseOSContainerImage + - cloudProviderCAData + - cloudProviderConfig + - clusterDNSIP + - dns + - images + - infra + - ipFamilies + - kubeAPIServerServingCAData + - network + - proxy + - releaseImage + - rootCAData + properties: + additionalTrustBundle: + description: additionalTrustBundle is a certificate bundle that will be added to the nodes trusted certificate store. + type: string + format: byte + nullable: true + baseOSContainerImage: + description: BaseOSContainerImage is the new-format container image for operating system updates. + type: string + baseOSExtensionsContainerImage: + description: BaseOSExtensionsContainerImage is the matching extensions container for the new-format container + type: string + cloudProviderCAData: + description: cloudProvider specifies the cloud provider CA data + type: string + format: byte + nullable: true + cloudProviderConfig: + description: cloudProviderConfig is the configuration for the given cloud provider + type: string + clusterDNSIP: + description: clusterDNSIP is the cluster DNS IP address + type: string + dns: + description: dns holds the cluster dns details + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + baseDomain: + description: "baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base. \n For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`. \n Once set, this field cannot be changed." + type: string + platform: + description: platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. + type: object + required: + - type + properties: + aws: + description: aws contains DNS configuration specific to the Amazon Web Services cloud provider. + type: object + properties: + privateZoneIAMRole: + description: privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$ + type: + description: "type is the underlying infrastructure provider for the cluster. Allowed values: \"\", \"AWS\". \n Individual components may not support all platforms, and must handle unrecognized platforms with best-effort defaults." + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + x-kubernetes-validations: + - rule: self in ['','AWS'] + message: allowed values are '' and 'AWS' + x-kubernetes-validations: + - rule: 'has(self.type) && self.type == ''AWS'' ? has(self.aws) : !has(self.aws)' + message: aws configuration is required when platform is AWS, and forbidden otherwise + privateZone: + description: "privateZone is the location where all the DNS records that are only available internally to the cluster exist. \n If this field is nil, no private records should be created. \n Once set, this field cannot be changed." + type: object + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + additionalProperties: + type: string + publicZone: + description: "publicZone is the location where all the DNS records that are publicly accessible to the internet exist. \n If this field is nil, no public records should be created. \n Once set, this field cannot be changed." + type: object + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + additionalProperties: + type: string + status: + description: status holds observed values from the cluster. They may not be overridden. + type: object + nullable: true + x-kubernetes-embedded-resource: true + etcdDiscoveryDomain: + description: etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead + type: string + imageRegistryBundleData: + description: imageRegistryBundleData is the ImageRegistryData + type: array + items: + description: ImageRegistryBundle contains information for writing image registry certificates + type: object + required: + - data + - file + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + type: string + format: byte + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + x-kubernetes-list-type: atomic + imageRegistryBundleUserData: + description: imageRegistryBundleUserData is Image Registry Data provided by the user + type: array + items: + description: ImageRegistryBundle contains information for writing image registry certificates + type: object + required: + - data + - file + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + type: string + format: byte + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + x-kubernetes-list-type: atomic + images: + description: images is map of images that are used by the controller to render templates under ./templates/ + type: object + additionalProperties: + type: string + infra: + description: infra holds the infrastructure details + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + cloudConfig: + description: "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. \n cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only." + type: object + properties: + key: + description: Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + type: string + name: + type: string + platformSpec: + description: platformSpec holds desired information specific to the underlying infrastructure provider. + type: object + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + type: object + properties: + serviceEndpoints: + description: serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + type: array + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + type: object + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + pattern: ^https:// + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + external: + description: ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. + type: object + properties: + platformName: + description: PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. + type: string + default: Unknown + x-kubernetes-validations: + - rule: oldSelf == 'Unknown' || self == oldSelf + message: platform name cannot be changed once set + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + type: object + required: + - prismCentral + - prismElements + properties: + prismCentral: + description: prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + type: object + required: + - address + - port + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + type: string + maxLength: 256 + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + type: integer + format: int32 + maximum: 65535 + minimum: 1 + prismElements: + description: prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + type: array + items: + description: NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) + type: object + required: + - endpoint + - name + properties: + endpoint: + description: endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + type: object + required: + - address + - port + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + type: string + maxLength: 256 + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + type: integer + format: int32 + maximum: 65535 + minimum: 1 + name: + description: name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + type: string + maxLength: 256 + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + powervs: + description: PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + type: object + properties: + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + type: array + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + type: object + required: + - name + - url + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + format: uri + pattern: ^https:// + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: + description: type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + type: object + properties: + failureDomains: + description: failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + type: array + items: + description: VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. + type: object + required: + - name + - region + - server + - topology + - zone + properties: + name: + description: name defines the arbitrary but unique name of a failure domain. + type: string + maxLength: 256 + minLength: 1 + region: + description: region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + type: string + maxLength: 80 + minLength: 1 + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + type: string + maxLength: 255 + minLength: 1 + topology: + description: Topology describes a given failure domain using vSphere constructs + type: object + required: + - computeCluster + - datacenter + - datastore + - networks + properties: + computeCluster: + description: computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/host/.*? + datacenter: + description: datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + type: string + maxLength: 80 + datastore: + description: datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/datastore/.*? + folder: + description: folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/vm/.*? + networks: + description: networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + type: array + maxItems: 1 + minItems: 1 + items: + type: string + resourcePool: + description: resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/host/.*?/Resources.* + zone: + description: zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + type: string + maxLength: 80 + minLength: 1 + nodeNetworking: + description: nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + type: object + properties: + external: + description: external represents the network configuration of the node that is externally routable. + type: object + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + type: array + items: + type: string + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + type: array + items: + type: string + internal: + description: internal represents the network configuration of the node that is routable only within the cluster. + type: object + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + type: array + items: + type: string + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + type: array + items: + type: string + vcenters: + description: vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + type: array + maxItems: 1 + minItems: 0 + items: + description: VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. + type: object + required: + - datacenters + - server + properties: + datacenters: + description: The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + type: array + minItems: 1 + items: + type: string + port: + description: port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + type: integer + format: int32 + maximum: 32767 + minimum: 1 + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + type: string + maxLength: 255 + status: + description: status holds observed values from the cluster. They may not be overridden. + type: object + properties: + apiServerInternalURI: + description: apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + type: string + apiServerURL: + description: apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + type: string + controlPlaneTopology: + description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + type: string + default: HighlyAvailable + enum: + - HighlyAvailable + - SingleReplica + - External + cpuPartitioning: + description: cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are "None" and "AllNodes". When omitted, the default value is "None". The default value of "None" indicates that no nodes will be setup with CPU partitioning. The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API. + type: string + default: None + enum: + - None + - AllNodes + etcdDiscoveryDomain: + description: 'etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.' + type: string + infrastructureName: + description: infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + type: string + infrastructureTopology: + description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' + type: string + default: HighlyAvailable + enum: + - HighlyAvailable + - SingleReplica + platform: + description: "platform is the underlying infrastructure provider for the cluster. \n Deprecated: Use platformStatus.type instead." + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + platformStatus: + description: platformStatus holds status information specific to the underlying infrastructure provider. + type: object + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + required: + - region + properties: + region: + description: region specifies the region for Alibaba Cloud resources created for the cluster. + type: string + pattern: ^[0-9A-Za-z-]+$ + resourceGroupID: + description: resourceGroupID is the ID of the resource group for the cluster. + type: string + pattern: ^(rg-[0-9A-Za-z]+)?$ + resourceTags: + description: resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + type: array + maxItems: 20 + items: + description: AlibabaCloudResourceTag is the set of tags to add to apply to resources. + type: object + required: + - key + - value + properties: + key: + description: key is the key of the tag. + type: string + maxLength: 128 + minLength: 1 + value: + description: value is the value of the tag. + type: string + maxLength: 128 + minLength: 1 + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + type: object + properties: + region: + description: region holds the default AWS region for new AWS resources created by the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. + type: array + maxItems: 25 + items: + description: AWSResourceTag is a tag to apply to AWS resources created for the cluster. + type: object + required: + - key + - value + properties: + key: + description: key is the key of the tag + type: string + maxLength: 128 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + value: + description: value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + serviceEndpoints: + description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + type: array + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + type: object + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + pattern: ^https:// + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + properties: + armEndpoint: + description: armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. + type: string + enum: + - "" + - AzurePublicCloud + - AzureUSGovernmentCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureStackCloud + networkResourceGroupName: + description: networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + type: string + resourceGroupName: + description: resourceGroupName is the Resource Group for new Azure resources created for the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Azure resources created for the cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + type: array + maxItems: 10 + items: + description: AzureResourceTag is a tag to apply to Azure resources created for the cluster. + type: object + required: + - key + - value + properties: + key: + description: key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric characters and the following special characters `_ . -`. + type: string + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + value: + description: 'value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`.' + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.=+-@]+$ + x-kubernetes-validations: + - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + message: resourceTags are immutable and may only be configured during installation + x-kubernetes-validations: + - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)' + message: resourceTags may only be configured during installation + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + external: + description: External contains settings specific to the generic External infrastructure provider. + type: object + properties: + cloudControllerManager: + description: cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + type: object + properties: + state: + description: "state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager \n Valid values are \"External\", \"None\" and omitted. When set to \"External\", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to \"None\", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected." + type: string + enum: + - "" + - External + - None + x-kubernetes-validations: + - rule: self == oldSelf + message: state is immutable once set + x-kubernetes-validations: + - rule: (has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) && self.state != "External") + message: state may not be added or removed once set + x-kubernetes-validations: + - rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) + message: cloudControllerManager may not be added or removed once set + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + properties: + projectID: + description: resourceGroupName is the Project ID for new GCP resources created for the cluster. + type: string + region: + description: region holds the region for new GCP resources created for the cluster. + type: string + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + location: + description: Location is where the cluster has been deployed + type: string + providerType: + description: ProviderType indicates the type of cluster that was created + type: string + resourceGroupName: + description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + type: string + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of an IBM Cloud service. These endpoints are consumed by components within the cluster to reach the respective IBM Cloud Services. + type: array + items: + description: IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services. + type: object + required: + - name + - url + properties: + name: + description: name is the name of the IBM Cloud service. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` + type: string + maxLength: 32 + pattern: ^[a-zA-Z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + x-kubernetes-validations: + - rule: isURL(self) + message: url must be a valid absolute URL + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + cloudName: + description: cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. + type: object + default: + type: OpenShiftManagedDefault + properties: + type: + description: type defines the type of load balancer used by the cluster on OpenStack platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. + type: string + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + nodeDNSIP: + description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' + type: string + powervs: + description: PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. + type: object + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + region: + description: region holds the default Power VS region for new Power VS resources created by the cluster. + type: string + resourceGroup: + description: 'resourceGroup is the resource group name for new IBMCloud resources created for a cluster. The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. When omitted, the image registry operator won''t be able to configure storage, which results in the image registry cluster operator not being in an available state.' + type: string + maxLength: 40 + pattern: ^[a-zA-Z0-9-_ ]+$ + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: resourceGroup is immutable once set + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + type: array + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + type: object + required: + - name + - url + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + format: uri + pattern: ^https:// + zone: + description: 'zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported' + type: string + x-kubernetes-validations: + - rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' + message: cannot unset resourceGroup once set + type: + description: "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. \n This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set." + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + nullable: true + x-kubernetes-embedded-resource: true + internalRegistryPullSecret: + description: internalRegistryPullSecret is the pull secret for the internal registry, used by rpm-ostree to pull images from the internal registry if present + type: string + format: byte + nullable: true + ipFamilies: + description: ipFamilies indicates the IP families in use by the cluster network + type: string + kubeAPIServerServingCAData: + description: kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically + type: string + format: byte + network: + description: Network contains additional network related information + type: object + required: + - mtuMigration + properties: + mtuMigration: + description: MTUMigration contains the MTU migration configuration. + type: object + properties: + machine: + description: Machine contains MTU migration configuration for the machine's uplink. + type: object + properties: + from: + description: From is the MTU to migrate from. + type: integer + format: int32 + minimum: 0 + to: + description: To is the MTU to migrate to. + type: integer + format: int32 + minimum: 0 + network: + description: Network contains MTU migration configuration for the default network. + type: object + properties: + from: + description: From is the MTU to migrate from. + type: integer + format: int32 + minimum: 0 + to: + description: To is the MTU to migrate to. + type: integer + format: int32 + minimum: 0 + nullable: true + nullable: true + networkType: + description: 'networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes.' + type: string + osImageURL: + description: OSImageURL is the old-format container image that contains the OS update payload. + type: string + platform: + description: platform is deprecated, use Infra.Status.PlatformStatus.Type instead + type: string + proxy: + description: proxy holds the current proxy configuration for the nodes + type: object + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. + type: string + nullable: true + pullSecret: + description: pullSecret is the default pull secret that needs to be installed on all machines. + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + releaseImage: + description: releaseImage is the image used when installing the cluster + type: string + rootCAData: + description: rootCAData specifies the root CA data + type: string + format: byte + status: + description: ControllerConfigStatus is the status for ControllerConfig + type: object + properties: + conditions: + description: conditions represents the latest available observations of current state. + type: array + items: + description: ControllerConfigStatusCondition contains condition information for ControllerConfigStatus + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + type: string + format: date-time + nullable: true + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + x-kubernetes-list-type: atomic + controllerCertificates: + description: controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO. + type: array + items: + description: ControllerCertificate contains info about a specific cert. + type: object + required: + - bundleFile + - notAfter + - notBefore + - signer + - subject + properties: + bundleFile: + description: bundleFile is the larger bundle a cert comes from + type: string + notAfter: + description: notAfter is the upper boundary for validity + type: string + format: date-time + notBefore: + description: notBefore is the lower boundary for validity + type: string + format: date-time + signer: + description: signer is the cert Issuer + type: string + subject: + description: subject is the cert subject + type: string + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + type: integer + format: int64 diff --git a/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml b/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml new file mode 100644 index 00000000000..06c7b22c021 --- /dev/null +++ b/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml @@ -0,0 +1,158 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kubeletconfigs.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + group: machineconfiguration.openshift.io + names: + kind: KubeletConfig + listKind: KubeletConfigList + plural: kubeletconfigs + singular: kubeletconfig + scope: Cluster + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: "KubeletConfig describes a customized Kubelet configuration. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeletConfigSpec defines the desired state of KubeletConfig + type: object + properties: + autoSizingReserved: + type: boolean + kubeletConfig: + description: kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + type: object + x-kubernetes-preserve-unknown-fields: true + logLevel: + type: integer + format: int32 + machineConfigPoolSelector: + description: MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + tlsSecurityProfile: + description: If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. + type: object + properties: + custom: + description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1" + type: object + properties: + ciphers: + description: "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + type: array + items: + type: string + minTLSVersion: + description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12" + type: string + enum: + - VersionTLS10 + - VersionTLS11 + - VersionTLS12 + - VersionTLS13 + nullable: true + intermediate: + description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2" + type: object + nullable: true + modern: + description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." + type: object + nullable: true + old: + description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" + type: object + nullable: true + type: + description: "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations \n The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. \n Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries." + type: string + enum: + - Old + - Intermediate + - Modern + - Custom + status: + description: KubeletConfigStatus defines the observed state of a KubeletConfig + type: object + properties: + conditions: + description: conditions represents the latest available observations of current state. + type: array + items: + description: KubeletConfigCondition defines the state of the KubeletConfig + type: object + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + type: string + format: date-time + nullable: true + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + type: integer + format: int64 diff --git a/machineconfiguration/v1/0000_80_machineconfig.crd.yaml b/machineconfiguration/v1/0000_80_machineconfig.crd.yaml new file mode 100644 index 00000000000..5adf5d387ca --- /dev/null +++ b/machineconfiguration/v1/0000_80_machineconfig.crd.yaml @@ -0,0 +1,93 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + # name must match the spec fields below, and be in the form: . + name: machineconfigs.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + # group name to use for REST API: /apis// + group: machineconfiguration.openshift.io + # either Namespaced or Cluster + scope: Cluster + names: + # plural name to be used in the URL: /apis/// + plural: machineconfigs + # singular name to be used as an alias on the CLI and for display + singular: machineconfig + # kind is normally the PascalCased singular type. Your resource manifests use this. + kind: MachineConfig + # shortNames allow shorter string to match your resource on the CLI + shortNames: + - mc + # list of versions supported by this CustomResourceDefinition + versions: + - name: v1 + # Each version can be enabled/disabled by Served flag. + served: true + # One and only one version must be marked as the storage version. + storage: true + additionalPrinterColumns: + - jsonPath: .metadata.annotations.machineconfiguration\.openshift\.io/generated-by-controller-version + description: Version of the controller that generated the machineconfig. This will be empty if the machineconfig is not managed by a controller. + name: GeneratedByController + type: string + - jsonPath: .spec.config.ignition.version + description: Version of the Ignition Config defined in the machineconfig. + name: IgnitionVersion + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + # openAPIV3Schema has been hand modified. Do not overwrite directly with generated crd fields as we do not allow all config fields. + schema: + openAPIV3Schema: + description: "MachineConfig defines the configuration for a machine \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineConfigSpec is the spec for MachineConfig + type: object + properties: + baseOSExtensionsContainerImage: + description: BaseOSExtensionsContainerImage specifies the remote location that will be used to fetch the extensions container matching a new-format OS image + type: string + config: + description: Config is a Ignition Config object. + type: object + x-kubernetes-preserve-unknown-fields: true + extensions: + description: extensions contains a list of additional features that can be enabled on host + type: array + items: + type: string + x-kubernetes-list-type: atomic + fips: + description: fips controls FIPS mode + type: boolean + kernelArguments: + description: kernelArguments contains a list of kernel arguments to be added + type: array + items: + type: string + nullable: true + x-kubernetes-list-type: atomic + kernelType: + description: kernelType contains which kernel we want to be running like default (traditional), realtime. + type: string + osImageURL: + description: OSImageURL specifies the remote location that will be used to fetch the OS. + type: string diff --git a/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml b/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml new file mode 100644 index 00000000000..3d6b81934b0 --- /dev/null +++ b/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml @@ -0,0 +1,348 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + # name must match the spec fields below, and be in the form: . + name: machineconfigpools.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" +spec: + # group name to use for REST API: /apis// + group: machineconfiguration.openshift.io + # either Namespaced or Cluster + scope: Cluster + names: + # plural name to be used in the URL: /apis/// + plural: machineconfigpools + # singular name to be used as an alias on the CLI and for display + singular: machineconfigpool + # kind is normally the PascalCased singular type. Your resource manifests use this. + kind: MachineConfigPool + # shortNames allow shorter string to match your resource on the CLI + shortNames: + - mcp + # list of versions supported by this CustomResourceDefinition + versions: + - name: v1 + # Each version can be enabled/disabled by Served flag. + served: true + # One and only one version must be marked as the storage version. + storage: true + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.configuration.name + name: Config + type: string + - jsonPath: .status.conditions[?(@.type=="Updated")].status + description: When all the machines in the pool are updated to the correct machine config. + name: Updated + type: string + - jsonPath: .status.conditions[?(@.type=="Updating")].status + description: When at least one of machine is not either not updated or is in the process of updating to the desired machine config. + name: Updating + type: string + - jsonPath: .status.conditions[?(@.type=="Degraded")].status + description: When progress is blocked on updating one or more nodes, or the pool configuration is failing. + name: Degraded + type: string + - jsonPath: .status.machineCount + description: Total number of machines in the machine config pool + name: MachineCount + type: number + - jsonPath: .status.readyMachineCount + description: Total number of ready machines targeted by the pool + name: ReadyMachineCount + type: number + - jsonPath: .status.updatedMachineCount + description: Total number of machines targeted by the pool that have the CurrentMachineConfig as their config + name: UpdatedMachineCount + type: number + - jsonPath: .status.degradedMachineCount + description: Total number of machines marked degraded (or unreconcilable) + name: DegradedMachineCount + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + schema: + openAPIV3Schema: + description: "MachineConfigPool describes a pool of MachineConfigs. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineConfigPoolSpec is the spec for MachineConfigPool resource. + type: object + properties: + configuration: + description: The targeted MachineConfig object for the machine config pool. + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + source: + description: source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + type: array + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + x-kubernetes-list-type: atomic + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + machineConfigSelector: + description: machineConfigSelector specifies a label selector for MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + maxUnavailable: + description: "maxUnavailable defines either an integer number or percentage of nodes in the pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1. \n A value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one." + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + nodeSelector: + description: nodeSelector specifies a label selector for Machines + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + paused: + description: paused specifies whether or not changes to this machine config pool should be stopped. This includes generating new desiredMachineConfig and update of machines. + type: boolean + status: + description: MachineConfigPoolStatus is the status for MachineConfigPool resource. + type: object + properties: + certExpirys: + description: certExpirys keeps track of important certificate expiration data + type: array + items: + description: ceryExpiry contains the bundle name and the expiry date + type: object + required: + - bundle + - expiry + - subject + properties: + bundle: + description: bundle is the name of the bundle in which the subject certificate resides + type: string + expiry: + description: expiry is the date after which the certificate will no longer be valid + type: string + format: date-time + subject: + description: subject is the subject of the certificate + type: string + x-kubernetes-list-type: atomic + conditions: + description: conditions represents the latest available observations of current state. + type: array + items: + description: MachineConfigPoolCondition contains condition information for an MachineConfigPool. + type: object + properties: + lastTransitionTime: + description: lastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + nullable: true + message: + description: message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: status of the condition, one of ('True', 'False', 'Unknown'). + type: string + type: + description: type of the condition, currently ('Done', 'Updating', 'Failed'). + type: string + x-kubernetes-list-type: atomic + configuration: + description: configuration represents the current MachineConfig object for the machine config pool. + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + source: + description: source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + type: array + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + x-kubernetes-list-type: atomic + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + degradedMachineCount: + description: degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). A node is marked degraded if applying a configuration failed.. + type: integer + format: int32 + machineCount: + description: machineCount represents the total number of machines in the machine config pool. + type: integer + format: int32 + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + type: integer + format: int64 + readyMachineCount: + description: readyMachineCount represents the total number of ready machines targeted by the pool. + type: integer + format: int32 + unavailableMachineCount: + description: unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. A node is marked unavailable if it is in updating state or NodeReady condition is false. + type: integer + format: int32 + updatedMachineCount: + description: updatedMachineCount represents the total number of machines targeted by the pool that have the CurrentMachineConfig as their config. + type: integer + format: int32 diff --git a/machineconfiguration/v1/doc.go b/machineconfiguration/v1/doc.go new file mode 100644 index 00000000000..c3b273145d4 --- /dev/null +++ b/machineconfiguration/v1/doc.go @@ -0,0 +1,6 @@ +// +k8s:deepcopy-gen=package,register +// +groupName=machineconfiguration.openshift.io + +// +kubebuilder:validation:Optional +// Package v1 is the v1 version of the API. +package v1 diff --git a/machineconfiguration/v1/register.go b/machineconfiguration/v1/register.go new file mode 100644 index 00000000000..bbafc28dea3 --- /dev/null +++ b/machineconfiguration/v1/register.go @@ -0,0 +1,52 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +var ( + // GroupName is the group name of this api + GroupName = "machineconfiguration.openshift.io" + // GroupVersion is the version of this api group + GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} + schemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // Install is a function which adds this version to a scheme + Install = schemeBuilder.AddToScheme + + // SchemeGroupVersion is DEPRECATED + SchemeGroupVersion = GroupVersion + // AddToScheme is DEPRECATED + AddToScheme = Install +) + +// addKnownTypes adds types to API group +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(GroupVersion, + &ContainerRuntimeConfig{}, + &ContainerRuntimeConfigList{}, + &ControllerConfig{}, + &ControllerConfigList{}, + &KubeletConfig{}, + &KubeletConfigList{}, + &MachineConfig{}, + &MachineConfigList{}, + &MachineConfigPool{}, + &MachineConfigPoolList{}, + ) + + metav1.AddToGroupVersion(scheme, GroupVersion) + + return nil +} + +// Resource is used to validate existence of a resource in this API group +func Resource(resource string) schema.GroupResource { + return schema.GroupResource{Group: GroupName, Resource: resource} +} + +// Kind is used to validate existence of a resource kind in this API group +func Kind(kind string) schema.GroupKind { + return schema.GroupKind{Group: GroupName, Kind: kind} +} diff --git a/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml b/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml new file mode 100644 index 00000000000..5a901bfebed --- /dev/null +++ b/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] ContainerRuntimeConfig" +crd: 0000_80_containerruntimeconfig.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal ContainerRuntimeConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: {} + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: {} diff --git a/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml b/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml new file mode 100644 index 00000000000..8e179797c95 --- /dev/null +++ b/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml @@ -0,0 +1,102 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] ControllerConfig" +crd: 0000_80_controllerconfig.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal ControllerConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ControllerConfig + spec: + additionalTrustBundle: Y2VydGlmaWNhdGUK + baseOSContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e + baseOSExtensionsContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e + cloudProviderCAData: null + cloudProviderConfig: "" + clusterDNSIP: fd02::a + dns: + apiVersion: config.openshift.io/v1 + kind: DNS + spec: + baseDomain: fake.redhat.com + images: + machineConfigOperator: rexample.com/example/openshift-release-dev@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306 + infra: + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + cloudConfig: + name: "" + platformSpec: + type: None + status: + apiServerInternalURI: https://api-int.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 + apiServerURL: https://api.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 + cpuPartitioning: "None" + controlPlaneTopology: SingleReplica + etcdDiscoveryDomain: "" + infrastructureName: cnfde4-sxhr7 + infrastructureTopology: SingleReplica + platform: None + platformStatus: + type: None + ipFamilies: IPv6 + kubeAPIServerServingCAData: Y2VydGlmaWNhdGUK + network: null + networkType: OVNKubernetes + osImageURL: example.com/example/openshift-release-dev@sha256:eacdc37aec78fdbf8caa9601e4012ab31453cf59b086474901900e853e803ea8 + platform: none + proxy: null + pullSecret: + name: pull-secret + namespace: openshift-config + releaseImage: "" + rootCAData: Y2VydGlmaWNhdGUK + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ControllerConfig + spec: + additionalTrustBundle: Y2VydGlmaWNhdGUK + baseOSContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e + baseOSExtensionsContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e + cloudProviderCAData: null + cloudProviderConfig: "" + clusterDNSIP: fd02::a + dns: + apiVersion: config.openshift.io/v1 + kind: DNS + spec: + baseDomain: fake.redhat.com + images: + machineConfigOperator: rexample.com/example/openshift-release-dev@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306 + infra: + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + cloudConfig: + name: "" + platformSpec: + type: None + status: + apiServerInternalURI: https://api-int.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 + apiServerURL: https://api.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 + cpuPartitioning: "None" + controlPlaneTopology: SingleReplica + etcdDiscoveryDomain: "" + infrastructureName: cnfde4-sxhr7 + infrastructureTopology: SingleReplica + platform: None + platformStatus: + type: None + ipFamilies: IPv6 + kubeAPIServerServingCAData: Y2VydGlmaWNhdGUK + network: null + networkType: OVNKubernetes + osImageURL: example.com/example/openshift-release-dev@sha256:eacdc37aec78fdbf8caa9601e4012ab31453cf59b086474901900e853e803ea8 + platform: none + proxy: null + pullSecret: + name: pull-secret + namespace: openshift-config + releaseImage: "" + rootCAData: Y2VydGlmaWNhdGUK diff --git a/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml b/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml new file mode 100644 index 00000000000..c4456ce82b0 --- /dev/null +++ b/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml @@ -0,0 +1,14 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] KubeletConfig" +crd: 0000_80_kubeletconfig.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal KubeletConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: KubeletConfig + spec: {} # No spec is required for a KubeletConfig + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: KubeletConfig + spec: {} diff --git a/machineconfiguration/v1/stable.machineconfig.testsuite.yaml b/machineconfiguration/v1/stable.machineconfig.testsuite.yaml new file mode 100644 index 00000000000..26db0e8aed4 --- /dev/null +++ b/machineconfiguration/v1/stable.machineconfig.testsuite.yaml @@ -0,0 +1,14 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] MachineConfig" +crd: 0000_80_machineconfig.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal MachineConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + spec: {} # No spec is required for a MachineConfig + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + spec: {} diff --git a/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml b/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml new file mode 100644 index 00000000000..37fb01e7333 --- /dev/null +++ b/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml @@ -0,0 +1,14 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] MachineConfigPool" +crd: 0000_80_machineconfigpool.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal MachineConfigPool + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfigPool + spec: {} # No spec is required for a MachineConfigPool + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfigPool + spec: {} diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go new file mode 100644 index 00000000000..1c79d5f1d44 --- /dev/null +++ b/machineconfiguration/v1/types.go @@ -0,0 +1,761 @@ +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" +) + +// MachineConfigRoleLabelKey is metadata key in the MachineConfig. Specifies the node role that config should be applied to. +// For example: `master` or `worker` +const MachineConfigRoleLabelKey = "machineconfiguration.openshift.io/role" + +// KubeletConfigRoleLabelPrefix is the label that must be present in the KubeletConfig CR +const KubeletConfigRoleLabelPrefix = "pools.operator.machineconfiguration.openshift.io/" + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ControllerConfig describes configuration for MachineConfigController. +// This is currently only used to drive the MachineConfig objects generated by the TemplateController. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type ControllerConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // TODO(jkyros): inconsistent historical generation resulted in the controllerconfig CRD being + // generated with all fields required, while everything else was generated with optional + + // +kubebuilder:validation:Required + Spec ControllerConfigSpec `json:"spec"` + // +optional + Status ControllerConfigStatus `json:"status"` +} + +// ControllerConfigSpec is the spec for ControllerConfig resource. +type ControllerConfigSpec struct { + // clusterDNSIP is the cluster DNS IP address + // +kubebuilder:validation:Required + ClusterDNSIP string `json:"clusterDNSIP"` + + // cloudProviderConfig is the configuration for the given cloud provider + // +kubebuilder:validation:Required + CloudProviderConfig string `json:"cloudProviderConfig"` + + // platform is deprecated, use Infra.Status.PlatformStatus.Type instead + // +optional + Platform string `json:"platform,omitempty"` + + // etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead + // +optional + EtcdDiscoveryDomain string `json:"etcdDiscoveryDomain,omitempty"` + + // TODO: Use string for CA data + + // kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically + // +kubebuilder:validation:Required + KubeAPIServerServingCAData []byte `json:"kubeAPIServerServingCAData"` + + // rootCAData specifies the root CA data + // +kubebuilder:validation:Required + RootCAData []byte `json:"rootCAData"` + + // cloudProvider specifies the cloud provider CA data + // +kubebuilder:validation:Required + // +nullable + CloudProviderCAData []byte `json:"cloudProviderCAData"` + + // additionalTrustBundle is a certificate bundle that will be added to the nodes + // trusted certificate store. + // +kubebuilder:validation:Required + // +nullable + AdditionalTrustBundle []byte `json:"additionalTrustBundle"` + + // imageRegistryBundleUserData is Image Registry Data provided by the user + // +listType=atomic + // +optional + ImageRegistryBundleUserData []ImageRegistryBundle `json:"imageRegistryBundleUserData"` + + // imageRegistryBundleData is the ImageRegistryData + // +listType=atomic + // +optional + ImageRegistryBundleData []ImageRegistryBundle `json:"imageRegistryBundleData"` + + // TODO: Investigate using a ConfigMapNameReference for the PullSecret and OSImageURL + + // pullSecret is the default pull secret that needs to be installed + // on all machines. + // +optional + PullSecret *corev1.ObjectReference `json:"pullSecret,omitempty"` + + // internalRegistryPullSecret is the pull secret for the internal registry, used by + // rpm-ostree to pull images from the internal registry if present + // +optional + // +nullable + InternalRegistryPullSecret []byte `json:"internalRegistryPullSecret"` + + // images is map of images that are used by the controller to render templates under ./templates/ + // +kubebuilder:validation:Required + Images map[string]string `json:"images"` + + // BaseOSContainerImage is the new-format container image for operating system updates. + // +kubebuilder:validation:Required + BaseOSContainerImage string `json:"baseOSContainerImage"` + + // BaseOSExtensionsContainerImage is the matching extensions container for the new-format container + // +optional + BaseOSExtensionsContainerImage string `json:"baseOSExtensionsContainerImage"` + + // OSImageURL is the old-format container image that contains the OS update payload. + // +optional + OSImageURL string `json:"osImageURL"` + + // releaseImage is the image used when installing the cluster + // +kubebuilder:validation:Required + ReleaseImage string `json:"releaseImage"` + + // proxy holds the current proxy configuration for the nodes + // +kubebuilder:validation:Required + // +nullable + Proxy *configv1.ProxyStatus `json:"proxy"` + + // infra holds the infrastructure details + // +kubebuilder:validation:EmbeddedResource + // +kubebuilder:validation:Required + // +nullable + Infra *configv1.Infrastructure `json:"infra"` + + // dns holds the cluster dns details + // +kubebuilder:validation:EmbeddedResource + // +kubebuilder:validation:Required + // +nullable + DNS *configv1.DNS `json:"dns"` + + // ipFamilies indicates the IP families in use by the cluster network + // +kubebuilder:validation:Required + IPFamilies IPFamiliesType `json:"ipFamilies"` + + // networkType holds the type of network the cluster is using + // XXX: this is temporary and will be dropped as soon as possible in favor of a better support + // to start network related services the proper way. + // Nobody is also changing this once the cluster is up and running the first time, so, disallow + // regeneration if this changes. + // +optional + NetworkType string `json:"networkType,omitempty"` + + // Network contains additional network related information + // +kubebuilder:validation:Required + // +nullable + Network *NetworkInfo `json:"network"` +} + +// ImageRegistryBundle contains information for writing image registry certificates +type ImageRegistryBundle struct { + // file holds the name of the file where the bundle will be written to disk + // +kubebuilder:validation:Required + File string `json:"file"` + // data holds the contents of the bundle that will be written to the file location + // +kubebuilder:validation:Required + Data []byte `json:"data"` +} + +// IPFamiliesType indicates whether the cluster network is IPv4-only, IPv6-only, or dual-stack +type IPFamiliesType string + +const ( + IPFamiliesIPv4 IPFamiliesType = "IPv4" + IPFamiliesIPv6 IPFamiliesType = "IPv6" + IPFamiliesDualStack IPFamiliesType = "DualStack" + IPFamiliesDualStackIPv6Primary IPFamiliesType = "DualStackIPv6Primary" +) + +// Network contains network related configuration +type NetworkInfo struct { + // MTUMigration contains the MTU migration configuration. + // +kubebuilder:validation:Required + // +nullable + MTUMigration *configv1.MTUMigration `json:"mtuMigration"` +} + +// ControllerConfigStatus is the status for ControllerConfig +type ControllerConfigStatus struct { + // observedGeneration represents the generation observed by the controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // conditions represents the latest available observations of current state. + // +listType=atomic + // +optional + Conditions []ControllerConfigStatusCondition `json:"conditions"` + // controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO. + // +listType=atomic + // +optional + ControllerCertificates []ControllerCertificate `json:"controllerCertificates"` +} + +// ControllerCertificate contains info about a specific cert. +type ControllerCertificate struct { + // subject is the cert subject + // +kubebuilder:validation:Required + Subject string `json:"subject"` + + // signer is the cert Issuer + // +kubebuilder:validation:Required + Signer string `json:"signer"` + + // notBefore is the lower boundary for validity + // +kubebuilder:validation:Required + NotBefore *metav1.Time `json:"notBefore"` + + // notAfter is the upper boundary for validity + // +kubebuilder:validation:Required + NotAfter *metav1.Time `json:"notAfter"` + + // bundleFile is the larger bundle a cert comes from + // +kubebuilder:validation:Required + BundleFile string `json:"bundleFile"` +} + +// ControllerConfigStatusCondition contains condition information for ControllerConfigStatus +type ControllerConfigStatusCondition struct { + // type specifies the state of the operator's reconciliation functionality. + // +kubebuilder:validation:Required + Type ControllerConfigStatusConditionType `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +kubebuilder:validation:Required + Status corev1.ConditionStatus `json:"status"` + + // lastTransitionTime is the time of the last update to the current status object. + // +kubebuilder:validation:Required + // +nullable + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason is the reason for the condition's last transition. Reasons are PascalCase + // +optional + Reason string `json:"reason,omitempty"` + + // message provides additional information about the current condition. + // This is only to be consumed by humans. + // +optional + Message string `json:"message,omitempty"` +} + +// ControllerConfigStatusConditionType valid conditions of a ControllerConfigStatus +type ControllerConfigStatusConditionType string + +const ( + // TemplateControllerRunning means the template controller is currently running. + TemplateControllerRunning ControllerConfigStatusConditionType = "TemplateControllerRunning" + + // TemplateControllerCompleted means the template controller has completed reconciliation. + TemplateControllerCompleted ControllerConfigStatusConditionType = "TemplateControllerCompleted" + + // TemplateControllerFailing means the template controller is failing. + TemplateControllerFailing ControllerConfigStatusConditionType = "TemplateControllerFailing" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ControllerConfigList is a list of ControllerConfig resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type ControllerConfigList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []ControllerConfig `json:"items"` +} + +// +genclient +// +genclient:noStatus +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfig defines the configuration for a machine +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + // +optional + Spec MachineConfigSpec `json:"spec"` +} + +// MachineConfigSpec is the spec for MachineConfig +type MachineConfigSpec struct { + // OSImageURL specifies the remote location that will be used to + // fetch the OS. + // +optional + OSImageURL string `json:"osImageURL"` + + // BaseOSExtensionsContainerImage specifies the remote location that will be used + // to fetch the extensions container matching a new-format OS image + // +optional + BaseOSExtensionsContainerImage string `json:"baseOSExtensionsContainerImage"` + + // Config is a Ignition Config object. + // +optional + Config runtime.RawExtension `json:"config"` + + // kernelArguments contains a list of kernel arguments to be added + // +listType=atomic + // +nullable + // +optional + KernelArguments []string `json:"kernelArguments"` + + // extensions contains a list of additional features that can be enabled on host + // +listType=atomic + // +optional + Extensions []string `json:"extensions"` + + // fips controls FIPS mode + // +optional + FIPS bool `json:"fips"` + + // kernelType contains which kernel we want to be running like default + // (traditional), realtime. + // +optional + KernelType string `json:"kernelType"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfigList is a list of MachineConfig resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfigList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []MachineConfig `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfigPool describes a pool of MachineConfigs. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfigPool struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +kubebuilder:validation:Required + Spec MachineConfigPoolSpec `json:"spec"` + // +optional + Status MachineConfigPoolStatus `json:"status"` +} + +// MachineConfigPoolSpec is the spec for MachineConfigPool resource. +type MachineConfigPoolSpec struct { + // machineConfigSelector specifies a label selector for MachineConfigs. + // Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + // +optional + MachineConfigSelector *metav1.LabelSelector `json:"machineConfigSelector,omitempty"` + + // nodeSelector specifies a label selector for Machines + // +optional + NodeSelector *metav1.LabelSelector `json:"nodeSelector,omitempty"` + + // paused specifies whether or not changes to this machine config pool should be stopped. + // This includes generating new desiredMachineConfig and update of machines. + // +optional + Paused bool `json:"paused"` + + // maxUnavailable defines either an integer number or percentage + // of nodes in the pool that can go Unavailable during an update. + // This includes nodes Unavailable for any reason, including user + // initiated cordons, failing nodes, etc. The default value is 1. + // + // A value larger than 1 will mean multiple nodes going unavailable during + // the update, which may affect your workload stress on the remaining nodes. + // You cannot set this value to 0 to stop updates (it will default back to 1); + // to stop updates, use the 'paused' property instead. Drain will respect + // Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if + // maxUnavailable is greater than one. + // +optional + MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty"` + + // The targeted MachineConfig object for the machine config pool. + // +optional + Configuration MachineConfigPoolStatusConfiguration `json:"configuration"` +} + +// MachineConfigPoolStatus is the status for MachineConfigPool resource. +type MachineConfigPoolStatus struct { + // observedGeneration represents the generation observed by the controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // configuration represents the current MachineConfig object for the machine config pool. + // +optional + Configuration MachineConfigPoolStatusConfiguration `json:"configuration"` + + // machineCount represents the total number of machines in the machine config pool. + // +optional + MachineCount int32 `json:"machineCount"` + + // updatedMachineCount represents the total number of machines targeted by the pool that have the CurrentMachineConfig as their config. + // +optional + UpdatedMachineCount int32 `json:"updatedMachineCount"` + + // readyMachineCount represents the total number of ready machines targeted by the pool. + // +optional + ReadyMachineCount int32 `json:"readyMachineCount"` + + // unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. + // A node is marked unavailable if it is in updating state or NodeReady condition is false. + // +optional + UnavailableMachineCount int32 `json:"unavailableMachineCount"` + + // degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). + // A node is marked degraded if applying a configuration failed.. + // +optional + DegradedMachineCount int32 `json:"degradedMachineCount"` + + // conditions represents the latest available observations of current state. + // +listType=atomic + // +optional + Conditions []MachineConfigPoolCondition `json:"conditions"` + + // certExpirys keeps track of important certificate expiration data + // +listType=atomic + // +optional + CertExpirys []CertExpiry `json:"certExpirys"` +} + +// ceryExpiry contains the bundle name and the expiry date +type CertExpiry struct { + // bundle is the name of the bundle in which the subject certificate resides + // +kubebuilder:validation:Required + Bundle string `json:"bundle"` + // subject is the subject of the certificate + // +kubebuilder:validation:Required + Subject string `json:"subject"` + // expiry is the date after which the certificate will no longer be valid + // +kubebuilder:validation:Required + Expiry *metav1.Time `json:"expiry"` +} + +// MachineConfigPoolStatusConfiguration stores the current configuration for the pool, and +// optionally also stores the list of MachineConfig objects used to generate the configuration. +type MachineConfigPoolStatusConfiguration struct { + corev1.ObjectReference `json:",inline"` + + // source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + // +listType=atomic + // +optional + Source []corev1.ObjectReference `json:"source,omitempty"` +} + +// MachineConfigPoolCondition contains condition information for an MachineConfigPool. +type MachineConfigPoolCondition struct { + // type of the condition, currently ('Done', 'Updating', 'Failed'). + // +optional + Type MachineConfigPoolConditionType `json:"type"` + + // status of the condition, one of ('True', 'False', 'Unknown'). + // +optional + Status corev1.ConditionStatus `json:"status"` + + // lastTransitionTime is the timestamp corresponding to the last status + // change of this condition. + // +nullable + // +optional + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason is a brief machine readable explanation for the condition's last + // transition. + // +optional + Reason string `json:"reason"` + + // message is a human readable description of the details of the last + // transition, complementing reason. + // +optional + Message string `json:"message"` +} + +// MachineConfigPoolConditionType valid conditions of a MachineConfigPool +type MachineConfigPoolConditionType string + +const ( + // MachineConfigPoolUpdated means MachineConfigPool is updated completely. + // When the all the machines in the pool are updated to the correct machine config. + MachineConfigPoolUpdated MachineConfigPoolConditionType = "Updated" + + // MachineConfigPoolUpdating means MachineConfigPool is updating. + // When at least one of machine is not either not updated or is in the process of updating + // to the desired machine config. + MachineConfigPoolUpdating MachineConfigPoolConditionType = "Updating" + + // MachineConfigPoolNodeDegraded means the update for one of the machine is not progressing + MachineConfigPoolNodeDegraded MachineConfigPoolConditionType = "NodeDegraded" + + // MachineConfigPoolRenderDegraded means the rendered configuration for the pool cannot be generated because of an error + MachineConfigPoolRenderDegraded MachineConfigPoolConditionType = "RenderDegraded" + + // MachineConfigPoolDegraded is the overall status of the pool based, today, on whether we fail with NodeDegraded or RenderDegraded + MachineConfigPoolDegraded MachineConfigPoolConditionType = "Degraded" + + MachineConfigPoolBuildPending MachineConfigPoolConditionType = "BuildPending" + + MachineConfigPoolBuilding MachineConfigPoolConditionType = "Building" + + MachineConfigPoolBuildSuccess MachineConfigPoolConditionType = "BuildSuccess" + + MachineConfigPoolBuildFailed MachineConfigPoolConditionType = "BuildFailed" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfigPoolList is a list of MachineConfigPool resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfigPoolList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []MachineConfigPool `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// KubeletConfig describes a customized Kubelet configuration. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type KubeletConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +kubebuilder:validation:Required + Spec KubeletConfigSpec `json:"spec"` + // +optional + Status KubeletConfigStatus `json:"status"` +} + +// KubeletConfigSpec defines the desired state of KubeletConfig +type KubeletConfigSpec struct { + // +optional + AutoSizingReserved *bool `json:"autoSizingReserved,omitempty"` + // +optional + LogLevel *int32 `json:"logLevel,omitempty"` + + // MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. + // A nil selector will result in no pools being selected. + // +optional + MachineConfigPoolSelector *metav1.LabelSelector `json:"machineConfigPoolSelector,omitempty"` + // kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by + // OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from + // upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes + // for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + // +optional + KubeletConfig *runtime.RawExtension `json:"kubeletConfig,omitempty"` + + // If unset, the default is based on the apiservers.config.openshift.io/cluster resource. + // Note that only Old and Intermediate profiles are currently supported, and + // the maximum available MinTLSVersions is VersionTLS12. + // +optional + TLSSecurityProfile *configv1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` +} + +// KubeletConfigStatus defines the observed state of a KubeletConfig +type KubeletConfigStatus struct { + // observedGeneration represents the generation observed by the controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // conditions represents the latest available observations of current state. + // +optional + Conditions []KubeletConfigCondition `json:"conditions"` +} + +// KubeletConfigCondition defines the state of the KubeletConfig +type KubeletConfigCondition struct { + // type specifies the state of the operator's reconciliation functionality. + // +optional + Type KubeletConfigStatusConditionType `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +optional + Status corev1.ConditionStatus `json:"status"` + + // lastTransitionTime is the time of the last update to the current status object. + // +optional + // +nullable + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason is the reason for the condition's last transition. Reasons are PascalCase + // +optional + Reason string `json:"reason,omitempty"` + + // message provides additional information about the current condition. + // This is only to be consumed by humans. + // +optional + Message string `json:"message,omitempty"` +} + +// KubeletConfigStatusConditionType is the state of the operator's reconciliation functionality. +type KubeletConfigStatusConditionType string + +const ( + // KubeletConfigSuccess designates a successful application of a KubeletConfig CR. + KubeletConfigSuccess KubeletConfigStatusConditionType = "Success" + + // KubeletConfigFailure designates a failure applying a KubeletConfig CR. + KubeletConfigFailure KubeletConfigStatusConditionType = "Failure" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// KubeletConfigList is a list of KubeletConfig resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type KubeletConfigList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []KubeletConfig `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ContainerRuntimeConfig describes a customized Container Runtime configuration. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type ContainerRuntimeConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +kubebuilder:validation:Required + Spec ContainerRuntimeConfigSpec `json:"spec"` + // +optional + Status ContainerRuntimeConfigStatus `json:"status"` +} + +// ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig +type ContainerRuntimeConfigSpec struct { + // MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. + // A nil selector will result in no pools being selected. + // +optional + MachineConfigPoolSelector *metav1.LabelSelector `json:"machineConfigPoolSelector,omitempty"` + + // +kubebuilder:validation:Required + ContainerRuntimeConfig *ContainerRuntimeConfiguration `json:"containerRuntimeConfig,omitempty"` +} + +// ContainerRuntimeConfiguration defines the tuneables of the container runtime +type ContainerRuntimeConfiguration struct { + // pidsLimit specifies the maximum number of processes allowed in a container + // +optional + PidsLimit *int64 `json:"pidsLimit,omitempty"` + + // logLevel specifies the verbosity of the logs based on the level it is set to. + // Options are fatal, panic, error, warn, info, and debug. + // +optional + LogLevel string `json:"logLevel,omitempty"` + + // logSizeMax specifies the Maximum size allowed for the container log file. + // Negative numbers indicate that no size limit is imposed. + // If it is positive, it must be >= 8192 to match/exceed conmon's read buffer. + // +optional + LogSizeMax resource.Quantity `json:"logSizeMax,omitempty"` + + // overlaySize specifies the maximum size of a container image. + // This flag can be used to set quota on the size of container images. (default: 10GB) + // +optional + OverlaySize resource.Quantity `json:"overlaySize,omitempty"` + + // defaultRuntime is the name of the OCI runtime to be used as the default. + // +optional + DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` +} + +type ContainerRuntimeDefaultRuntime string + +const ( + ContainerRuntimeDefaultRuntimeEmpty = "" + ContainerRuntimeDefaultRuntimeRunc = "runc" + ContainerRuntimeDefaultRuntimeCrun = "crun" + ContainerRuntimeDefaultRuntimeDefault = ContainerRuntimeDefaultRuntimeRunc +) + +// ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig +type ContainerRuntimeConfigStatus struct { + // observedGeneration represents the generation observed by the controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // conditions represents the latest available observations of current state. + // +listType=atomic + // +optional + Conditions []ContainerRuntimeConfigCondition `json:"conditions"` +} + +// ContainerRuntimeConfigCondition defines the state of the ContainerRuntimeConfig +type ContainerRuntimeConfigCondition struct { + // type specifies the state of the operator's reconciliation functionality. + // +optional + Type ContainerRuntimeConfigStatusConditionType `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +optional + Status corev1.ConditionStatus `json:"status"` + + // lastTransitionTime is the time of the last update to the current status object. + // +nullable + // +optional + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason is the reason for the condition's last transition. Reasons are PascalCase + // +optional + Reason string `json:"reason,omitempty"` + + // message provides additional information about the current condition. + // This is only to be consumed by humans. + // +optional + Message string `json:"message,omitempty"` +} + +// ContainerRuntimeConfigStatusConditionType is the state of the operator's reconciliation functionality. +type ContainerRuntimeConfigStatusConditionType string + +const ( + // ContainerRuntimeConfigSuccess designates a successful application of a ContainerRuntimeConfig CR. + ContainerRuntimeConfigSuccess ContainerRuntimeConfigStatusConditionType = "Success" + + // ContainerRuntimeConfigFailure designates a failure applying a ContainerRuntimeConfig CR. + ContainerRuntimeConfigFailure ContainerRuntimeConfigStatusConditionType = "Failure" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ContainerRuntimeConfigList is a list of ContainerRuntimeConfig resources +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type ContainerRuntimeConfigList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []ContainerRuntimeConfig `json:"items"` +} diff --git a/machineconfiguration/v1/zz_generated.deepcopy.go b/machineconfiguration/v1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..25fc281146f --- /dev/null +++ b/machineconfiguration/v1/zz_generated.deepcopy.go @@ -0,0 +1,837 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + intstr "k8s.io/apimachinery/pkg/util/intstr" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertExpiry) DeepCopyInto(out *CertExpiry) { + *out = *in + if in.Expiry != nil { + in, out := &in.Expiry, &out.Expiry + *out = (*in).DeepCopy() + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertExpiry. +func (in *CertExpiry) DeepCopy() *CertExpiry { + if in == nil { + return nil + } + out := new(CertExpiry) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfig) DeepCopyInto(out *ContainerRuntimeConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfig. +func (in *ContainerRuntimeConfig) DeepCopy() *ContainerRuntimeConfig { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ContainerRuntimeConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfigCondition) DeepCopyInto(out *ContainerRuntimeConfigCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfigCondition. +func (in *ContainerRuntimeConfigCondition) DeepCopy() *ContainerRuntimeConfigCondition { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfigCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfigList) DeepCopyInto(out *ContainerRuntimeConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ContainerRuntimeConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfigList. +func (in *ContainerRuntimeConfigList) DeepCopy() *ContainerRuntimeConfigList { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ContainerRuntimeConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfigSpec) DeepCopyInto(out *ContainerRuntimeConfigSpec) { + *out = *in + if in.MachineConfigPoolSelector != nil { + in, out := &in.MachineConfigPoolSelector, &out.MachineConfigPoolSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.ContainerRuntimeConfig != nil { + in, out := &in.ContainerRuntimeConfig, &out.ContainerRuntimeConfig + *out = new(ContainerRuntimeConfiguration) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfigSpec. +func (in *ContainerRuntimeConfigSpec) DeepCopy() *ContainerRuntimeConfigSpec { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfigStatus) DeepCopyInto(out *ContainerRuntimeConfigStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]ContainerRuntimeConfigCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfigStatus. +func (in *ContainerRuntimeConfigStatus) DeepCopy() *ContainerRuntimeConfigStatus { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContainerRuntimeConfiguration) DeepCopyInto(out *ContainerRuntimeConfiguration) { + *out = *in + if in.PidsLimit != nil { + in, out := &in.PidsLimit, &out.PidsLimit + *out = new(int64) + **out = **in + } + out.LogSizeMax = in.LogSizeMax.DeepCopy() + out.OverlaySize = in.OverlaySize.DeepCopy() + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRuntimeConfiguration. +func (in *ContainerRuntimeConfiguration) DeepCopy() *ContainerRuntimeConfiguration { + if in == nil { + return nil + } + out := new(ContainerRuntimeConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerCertificate) DeepCopyInto(out *ControllerCertificate) { + *out = *in + if in.NotBefore != nil { + in, out := &in.NotBefore, &out.NotBefore + *out = (*in).DeepCopy() + } + if in.NotAfter != nil { + in, out := &in.NotAfter, &out.NotAfter + *out = (*in).DeepCopy() + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerCertificate. +func (in *ControllerCertificate) DeepCopy() *ControllerCertificate { + if in == nil { + return nil + } + out := new(ControllerCertificate) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerConfig) DeepCopyInto(out *ControllerConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerConfig. +func (in *ControllerConfig) DeepCopy() *ControllerConfig { + if in == nil { + return nil + } + out := new(ControllerConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ControllerConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerConfigList) DeepCopyInto(out *ControllerConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ControllerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerConfigList. +func (in *ControllerConfigList) DeepCopy() *ControllerConfigList { + if in == nil { + return nil + } + out := new(ControllerConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ControllerConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerConfigSpec) DeepCopyInto(out *ControllerConfigSpec) { + *out = *in + if in.KubeAPIServerServingCAData != nil { + in, out := &in.KubeAPIServerServingCAData, &out.KubeAPIServerServingCAData + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.RootCAData != nil { + in, out := &in.RootCAData, &out.RootCAData + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.CloudProviderCAData != nil { + in, out := &in.CloudProviderCAData, &out.CloudProviderCAData + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.AdditionalTrustBundle != nil { + in, out := &in.AdditionalTrustBundle, &out.AdditionalTrustBundle + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.ImageRegistryBundleUserData != nil { + in, out := &in.ImageRegistryBundleUserData, &out.ImageRegistryBundleUserData + *out = make([]ImageRegistryBundle, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ImageRegistryBundleData != nil { + in, out := &in.ImageRegistryBundleData, &out.ImageRegistryBundleData + *out = make([]ImageRegistryBundle, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PullSecret != nil { + in, out := &in.PullSecret, &out.PullSecret + *out = new(corev1.ObjectReference) + **out = **in + } + if in.InternalRegistryPullSecret != nil { + in, out := &in.InternalRegistryPullSecret, &out.InternalRegistryPullSecret + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.Images != nil { + in, out := &in.Images, &out.Images + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Proxy != nil { + in, out := &in.Proxy, &out.Proxy + *out = new(configv1.ProxyStatus) + **out = **in + } + if in.Infra != nil { + in, out := &in.Infra, &out.Infra + *out = new(configv1.Infrastructure) + (*in).DeepCopyInto(*out) + } + if in.DNS != nil { + in, out := &in.DNS, &out.DNS + *out = new(configv1.DNS) + (*in).DeepCopyInto(*out) + } + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = new(NetworkInfo) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerConfigSpec. +func (in *ControllerConfigSpec) DeepCopy() *ControllerConfigSpec { + if in == nil { + return nil + } + out := new(ControllerConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerConfigStatus) DeepCopyInto(out *ControllerConfigStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]ControllerConfigStatusCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ControllerCertificates != nil { + in, out := &in.ControllerCertificates, &out.ControllerCertificates + *out = make([]ControllerCertificate, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerConfigStatus. +func (in *ControllerConfigStatus) DeepCopy() *ControllerConfigStatus { + if in == nil { + return nil + } + out := new(ControllerConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerConfigStatusCondition) DeepCopyInto(out *ControllerConfigStatusCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerConfigStatusCondition. +func (in *ControllerConfigStatusCondition) DeepCopy() *ControllerConfigStatusCondition { + if in == nil { + return nil + } + out := new(ControllerConfigStatusCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImageRegistryBundle) DeepCopyInto(out *ImageRegistryBundle) { + *out = *in + if in.Data != nil { + in, out := &in.Data, &out.Data + *out = make([]byte, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageRegistryBundle. +func (in *ImageRegistryBundle) DeepCopy() *ImageRegistryBundle { + if in == nil { + return nil + } + out := new(ImageRegistryBundle) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeletConfig) DeepCopyInto(out *KubeletConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfig. +func (in *KubeletConfig) DeepCopy() *KubeletConfig { + if in == nil { + return nil + } + out := new(KubeletConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubeletConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeletConfigCondition) DeepCopyInto(out *KubeletConfigCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfigCondition. +func (in *KubeletConfigCondition) DeepCopy() *KubeletConfigCondition { + if in == nil { + return nil + } + out := new(KubeletConfigCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeletConfigList) DeepCopyInto(out *KubeletConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]KubeletConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfigList. +func (in *KubeletConfigList) DeepCopy() *KubeletConfigList { + if in == nil { + return nil + } + out := new(KubeletConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubeletConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeletConfigSpec) DeepCopyInto(out *KubeletConfigSpec) { + *out = *in + if in.AutoSizingReserved != nil { + in, out := &in.AutoSizingReserved, &out.AutoSizingReserved + *out = new(bool) + **out = **in + } + if in.LogLevel != nil { + in, out := &in.LogLevel, &out.LogLevel + *out = new(int32) + **out = **in + } + if in.MachineConfigPoolSelector != nil { + in, out := &in.MachineConfigPoolSelector, &out.MachineConfigPoolSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.KubeletConfig != nil { + in, out := &in.KubeletConfig, &out.KubeletConfig + *out = new(runtime.RawExtension) + (*in).DeepCopyInto(*out) + } + if in.TLSSecurityProfile != nil { + in, out := &in.TLSSecurityProfile, &out.TLSSecurityProfile + *out = new(configv1.TLSSecurityProfile) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfigSpec. +func (in *KubeletConfigSpec) DeepCopy() *KubeletConfigSpec { + if in == nil { + return nil + } + out := new(KubeletConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeletConfigStatus) DeepCopyInto(out *KubeletConfigStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]KubeletConfigCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfigStatus. +func (in *KubeletConfigStatus) DeepCopy() *KubeletConfigStatus { + if in == nil { + return nil + } + out := new(KubeletConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfig) DeepCopyInto(out *MachineConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfig. +func (in *MachineConfig) DeepCopy() *MachineConfig { + if in == nil { + return nil + } + out := new(MachineConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigList) DeepCopyInto(out *MachineConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MachineConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigList. +func (in *MachineConfigList) DeepCopy() *MachineConfigList { + if in == nil { + return nil + } + out := new(MachineConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPool) DeepCopyInto(out *MachineConfigPool) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPool. +func (in *MachineConfigPool) DeepCopy() *MachineConfigPool { + if in == nil { + return nil + } + out := new(MachineConfigPool) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfigPool) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolCondition) DeepCopyInto(out *MachineConfigPoolCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolCondition. +func (in *MachineConfigPoolCondition) DeepCopy() *MachineConfigPoolCondition { + if in == nil { + return nil + } + out := new(MachineConfigPoolCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolList) DeepCopyInto(out *MachineConfigPoolList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MachineConfigPool, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolList. +func (in *MachineConfigPoolList) DeepCopy() *MachineConfigPoolList { + if in == nil { + return nil + } + out := new(MachineConfigPoolList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfigPoolList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolSpec) DeepCopyInto(out *MachineConfigPoolSpec) { + *out = *in + if in.MachineConfigSelector != nil { + in, out := &in.MachineConfigSelector, &out.MachineConfigSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.MaxUnavailable != nil { + in, out := &in.MaxUnavailable, &out.MaxUnavailable + *out = new(intstr.IntOrString) + **out = **in + } + in.Configuration.DeepCopyInto(&out.Configuration) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolSpec. +func (in *MachineConfigPoolSpec) DeepCopy() *MachineConfigPoolSpec { + if in == nil { + return nil + } + out := new(MachineConfigPoolSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolStatus) DeepCopyInto(out *MachineConfigPoolStatus) { + *out = *in + in.Configuration.DeepCopyInto(&out.Configuration) + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]MachineConfigPoolCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CertExpirys != nil { + in, out := &in.CertExpirys, &out.CertExpirys + *out = make([]CertExpiry, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolStatus. +func (in *MachineConfigPoolStatus) DeepCopy() *MachineConfigPoolStatus { + if in == nil { + return nil + } + out := new(MachineConfigPoolStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolStatusConfiguration) DeepCopyInto(out *MachineConfigPoolStatusConfiguration) { + *out = *in + out.ObjectReference = in.ObjectReference + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = make([]corev1.ObjectReference, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolStatusConfiguration. +func (in *MachineConfigPoolStatusConfiguration) DeepCopy() *MachineConfigPoolStatusConfiguration { + if in == nil { + return nil + } + out := new(MachineConfigPoolStatusConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigSpec) DeepCopyInto(out *MachineConfigSpec) { + *out = *in + in.Config.DeepCopyInto(&out.Config) + if in.KernelArguments != nil { + in, out := &in.KernelArguments, &out.KernelArguments + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extensions != nil { + in, out := &in.Extensions, &out.Extensions + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigSpec. +func (in *MachineConfigSpec) DeepCopy() *MachineConfigSpec { + if in == nil { + return nil + } + out := new(MachineConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkInfo) DeepCopyInto(out *NetworkInfo) { + *out = *in + if in.MTUMigration != nil { + in, out := &in.MTUMigration, &out.MTUMigration + *out = new(configv1.MTUMigration) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkInfo. +func (in *NetworkInfo) DeepCopy() *NetworkInfo { + if in == nil { + return nil + } + out := new(NetworkInfo) + in.DeepCopyInto(out) + return out +} diff --git a/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go new file mode 100644 index 00000000000..a4cff0c49ea --- /dev/null +++ b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -0,0 +1,338 @@ +package v1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE +var map_CertExpiry = map[string]string{ + "": "ceryExpiry contains the bundle name and the expiry date", + "bundle": "bundle is the name of the bundle in which the subject certificate resides", + "subject": "subject is the subject of the certificate", + "expiry": "expiry is the date after which the certificate will no longer be valid", +} + +func (CertExpiry) SwaggerDoc() map[string]string { + return map_CertExpiry +} + +var map_ContainerRuntimeConfig = map[string]string{ + "": "ContainerRuntimeConfig describes a customized Container Runtime configuration.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (ContainerRuntimeConfig) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfig +} + +var map_ContainerRuntimeConfigCondition = map[string]string{ + "": "ContainerRuntimeConfigCondition defines the state of the ContainerRuntimeConfig", + "type": "type specifies the state of the operator's reconciliation functionality.", + "status": "status of the condition, one of True, False, Unknown.", + "lastTransitionTime": "lastTransitionTime is the time of the last update to the current status object.", + "reason": "reason is the reason for the condition's last transition. Reasons are PascalCase", + "message": "message provides additional information about the current condition. This is only to be consumed by humans.", +} + +func (ContainerRuntimeConfigCondition) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfigCondition +} + +var map_ContainerRuntimeConfigList = map[string]string{ + "": "ContainerRuntimeConfigList is a list of ContainerRuntimeConfig resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (ContainerRuntimeConfigList) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfigList +} + +var map_ContainerRuntimeConfigSpec = map[string]string{ + "": "ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig", + "machineConfigPoolSelector": "MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. A nil selector will result in no pools being selected.", +} + +func (ContainerRuntimeConfigSpec) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfigSpec +} + +var map_ContainerRuntimeConfigStatus = map[string]string{ + "": "ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig", + "observedGeneration": "observedGeneration represents the generation observed by the controller.", + "conditions": "conditions represents the latest available observations of current state.", +} + +func (ContainerRuntimeConfigStatus) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfigStatus +} + +var map_ContainerRuntimeConfiguration = map[string]string{ + "": "ContainerRuntimeConfiguration defines the tuneables of the container runtime", + "pidsLimit": "pidsLimit specifies the maximum number of processes allowed in a container", + "logLevel": "logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug.", + "logSizeMax": "logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer.", + "overlaySize": "overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)", + "defaultRuntime": "defaultRuntime is the name of the OCI runtime to be used as the default.", +} + +func (ContainerRuntimeConfiguration) SwaggerDoc() map[string]string { + return map_ContainerRuntimeConfiguration +} + +var map_ControllerCertificate = map[string]string{ + "": "ControllerCertificate contains info about a specific cert.", + "subject": "subject is the cert subject", + "signer": "signer is the cert Issuer", + "notBefore": "notBefore is the lower boundary for validity", + "notAfter": "notAfter is the upper boundary for validity", + "bundleFile": "bundleFile is the larger bundle a cert comes from", +} + +func (ControllerCertificate) SwaggerDoc() map[string]string { + return map_ControllerCertificate +} + +var map_ControllerConfig = map[string]string{ + "": "ControllerConfig describes configuration for MachineConfigController. This is currently only used to drive the MachineConfig objects generated by the TemplateController.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (ControllerConfig) SwaggerDoc() map[string]string { + return map_ControllerConfig +} + +var map_ControllerConfigList = map[string]string{ + "": "ControllerConfigList is a list of ControllerConfig resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (ControllerConfigList) SwaggerDoc() map[string]string { + return map_ControllerConfigList +} + +var map_ControllerConfigSpec = map[string]string{ + "": "ControllerConfigSpec is the spec for ControllerConfig resource.", + "clusterDNSIP": "clusterDNSIP is the cluster DNS IP address", + "cloudProviderConfig": "cloudProviderConfig is the configuration for the given cloud provider", + "platform": "platform is deprecated, use Infra.Status.PlatformStatus.Type instead", + "etcdDiscoveryDomain": "etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead", + "kubeAPIServerServingCAData": "kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically", + "rootCAData": "rootCAData specifies the root CA data", + "cloudProviderCAData": "cloudProvider specifies the cloud provider CA data", + "additionalTrustBundle": "additionalTrustBundle is a certificate bundle that will be added to the nodes trusted certificate store.", + "imageRegistryBundleUserData": "imageRegistryBundleUserData is Image Registry Data provided by the user", + "imageRegistryBundleData": "imageRegistryBundleData is the ImageRegistryData", + "pullSecret": "pullSecret is the default pull secret that needs to be installed on all machines.", + "internalRegistryPullSecret": "internalRegistryPullSecret is the pull secret for the internal registry, used by rpm-ostree to pull images from the internal registry if present", + "images": "images is map of images that are used by the controller to render templates under ./templates/", + "baseOSContainerImage": "BaseOSContainerImage is the new-format container image for operating system updates.", + "baseOSExtensionsContainerImage": "BaseOSExtensionsContainerImage is the matching extensions container for the new-format container", + "osImageURL": "OSImageURL is the old-format container image that contains the OS update payload.", + "releaseImage": "releaseImage is the image used when installing the cluster", + "proxy": "proxy holds the current proxy configuration for the nodes", + "infra": "infra holds the infrastructure details", + "dns": "dns holds the cluster dns details", + "ipFamilies": "ipFamilies indicates the IP families in use by the cluster network", + "networkType": "networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes.", + "network": "Network contains additional network related information", +} + +func (ControllerConfigSpec) SwaggerDoc() map[string]string { + return map_ControllerConfigSpec +} + +var map_ControllerConfigStatus = map[string]string{ + "": "ControllerConfigStatus is the status for ControllerConfig", + "observedGeneration": "observedGeneration represents the generation observed by the controller.", + "conditions": "conditions represents the latest available observations of current state.", + "controllerCertificates": "controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO.", +} + +func (ControllerConfigStatus) SwaggerDoc() map[string]string { + return map_ControllerConfigStatus +} + +var map_ControllerConfigStatusCondition = map[string]string{ + "": "ControllerConfigStatusCondition contains condition information for ControllerConfigStatus", + "type": "type specifies the state of the operator's reconciliation functionality.", + "status": "status of the condition, one of True, False, Unknown.", + "lastTransitionTime": "lastTransitionTime is the time of the last update to the current status object.", + "reason": "reason is the reason for the condition's last transition. Reasons are PascalCase", + "message": "message provides additional information about the current condition. This is only to be consumed by humans.", +} + +func (ControllerConfigStatusCondition) SwaggerDoc() map[string]string { + return map_ControllerConfigStatusCondition +} + +var map_ImageRegistryBundle = map[string]string{ + "": "ImageRegistryBundle contains information for writing image registry certificates", + "file": "file holds the name of the file where the bundle will be written to disk", + "data": "data holds the contents of the bundle that will be written to the file location", +} + +func (ImageRegistryBundle) SwaggerDoc() map[string]string { + return map_ImageRegistryBundle +} + +var map_KubeletConfig = map[string]string{ + "": "KubeletConfig describes a customized Kubelet configuration.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (KubeletConfig) SwaggerDoc() map[string]string { + return map_KubeletConfig +} + +var map_KubeletConfigCondition = map[string]string{ + "": "KubeletConfigCondition defines the state of the KubeletConfig", + "type": "type specifies the state of the operator's reconciliation functionality.", + "status": "status of the condition, one of True, False, Unknown.", + "lastTransitionTime": "lastTransitionTime is the time of the last update to the current status object.", + "reason": "reason is the reason for the condition's last transition. Reasons are PascalCase", + "message": "message provides additional information about the current condition. This is only to be consumed by humans.", +} + +func (KubeletConfigCondition) SwaggerDoc() map[string]string { + return map_KubeletConfigCondition +} + +var map_KubeletConfigList = map[string]string{ + "": "KubeletConfigList is a list of KubeletConfig resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (KubeletConfigList) SwaggerDoc() map[string]string { + return map_KubeletConfigList +} + +var map_KubeletConfigSpec = map[string]string{ + "": "KubeletConfigSpec defines the desired state of KubeletConfig", + "machineConfigPoolSelector": "MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected.", + "kubeletConfig": "kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable.", + "tlsSecurityProfile": "If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.", +} + +func (KubeletConfigSpec) SwaggerDoc() map[string]string { + return map_KubeletConfigSpec +} + +var map_KubeletConfigStatus = map[string]string{ + "": "KubeletConfigStatus defines the observed state of a KubeletConfig", + "observedGeneration": "observedGeneration represents the generation observed by the controller.", + "conditions": "conditions represents the latest available observations of current state.", +} + +func (KubeletConfigStatus) SwaggerDoc() map[string]string { + return map_KubeletConfigStatus +} + +var map_MachineConfig = map[string]string{ + "": "MachineConfig defines the configuration for a machine\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (MachineConfig) SwaggerDoc() map[string]string { + return map_MachineConfig +} + +var map_MachineConfigList = map[string]string{ + "": "MachineConfigList is a list of MachineConfig resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (MachineConfigList) SwaggerDoc() map[string]string { + return map_MachineConfigList +} + +var map_MachineConfigPool = map[string]string{ + "": "MachineConfigPool describes a pool of MachineConfigs.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (MachineConfigPool) SwaggerDoc() map[string]string { + return map_MachineConfigPool +} + +var map_MachineConfigPoolCondition = map[string]string{ + "": "MachineConfigPoolCondition contains condition information for an MachineConfigPool.", + "type": "type of the condition, currently ('Done', 'Updating', 'Failed').", + "status": "status of the condition, one of ('True', 'False', 'Unknown').", + "lastTransitionTime": "lastTransitionTime is the timestamp corresponding to the last status change of this condition.", + "reason": "reason is a brief machine readable explanation for the condition's last transition.", + "message": "message is a human readable description of the details of the last transition, complementing reason.", +} + +func (MachineConfigPoolCondition) SwaggerDoc() map[string]string { + return map_MachineConfigPoolCondition +} + +var map_MachineConfigPoolList = map[string]string{ + "": "MachineConfigPoolList is a list of MachineConfigPool resources\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", +} + +func (MachineConfigPoolList) SwaggerDoc() map[string]string { + return map_MachineConfigPoolList +} + +var map_MachineConfigPoolSpec = map[string]string{ + "": "MachineConfigPoolSpec is the spec for MachineConfigPool resource.", + "machineConfigSelector": "machineConfigSelector specifies a label selector for MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work.", + "nodeSelector": "nodeSelector specifies a label selector for Machines", + "paused": "paused specifies whether or not changes to this machine config pool should be stopped. This includes generating new desiredMachineConfig and update of machines.", + "maxUnavailable": "maxUnavailable defines either an integer number or percentage of nodes in the pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1.\n\nA value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one.", + "configuration": "The targeted MachineConfig object for the machine config pool.", +} + +func (MachineConfigPoolSpec) SwaggerDoc() map[string]string { + return map_MachineConfigPoolSpec +} + +var map_MachineConfigPoolStatus = map[string]string{ + "": "MachineConfigPoolStatus is the status for MachineConfigPool resource.", + "observedGeneration": "observedGeneration represents the generation observed by the controller.", + "configuration": "configuration represents the current MachineConfig object for the machine config pool.", + "machineCount": "machineCount represents the total number of machines in the machine config pool.", + "updatedMachineCount": "updatedMachineCount represents the total number of machines targeted by the pool that have the CurrentMachineConfig as their config.", + "readyMachineCount": "readyMachineCount represents the total number of ready machines targeted by the pool.", + "unavailableMachineCount": "unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. A node is marked unavailable if it is in updating state or NodeReady condition is false.", + "degradedMachineCount": "degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). A node is marked degraded if applying a configuration failed..", + "conditions": "conditions represents the latest available observations of current state.", + "certExpirys": "certExpirys keeps track of important certificate expiration data", +} + +func (MachineConfigPoolStatus) SwaggerDoc() map[string]string { + return map_MachineConfigPoolStatus +} + +var map_MachineConfigPoolStatusConfiguration = map[string]string{ + "": "MachineConfigPoolStatusConfiguration stores the current configuration for the pool, and optionally also stores the list of MachineConfig objects used to generate the configuration.", + "source": "source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`.", +} + +func (MachineConfigPoolStatusConfiguration) SwaggerDoc() map[string]string { + return map_MachineConfigPoolStatusConfiguration +} + +var map_MachineConfigSpec = map[string]string{ + "": "MachineConfigSpec is the spec for MachineConfig", + "osImageURL": "OSImageURL specifies the remote location that will be used to fetch the OS.", + "baseOSExtensionsContainerImage": "BaseOSExtensionsContainerImage specifies the remote location that will be used to fetch the extensions container matching a new-format OS image", + "config": "Config is a Ignition Config object.", + "kernelArguments": "kernelArguments contains a list of kernel arguments to be added", + "extensions": "extensions contains a list of additional features that can be enabled on host", + "fips": "fips controls FIPS mode", + "kernelType": "kernelType contains which kernel we want to be running like default (traditional), realtime.", +} + +func (MachineConfigSpec) SwaggerDoc() map[string]string { + return map_MachineConfigSpec +} + +var map_NetworkInfo = map[string]string{ + "": "Network contains network related configuration", + "mtuMigration": "MTUMigration contains the MTU migration configuration.", +} + +func (NetworkInfo) SwaggerDoc() map[string]string { + return map_NetworkInfo +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 080881954da..40e00d13982 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -906,6 +906,10 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/operator/v1.LoggingDestination": schema_openshift_api_operator_v1_LoggingDestination(ref), "github.com/openshift/api/operator/v1.MTUMigration": schema_openshift_api_operator_v1_MTUMigration(ref), "github.com/openshift/api/operator/v1.MTUMigrationValues": schema_openshift_api_operator_v1_MTUMigrationValues(ref), + "github.com/openshift/api/operator/v1.MachineConfiguration": schema_openshift_api_operator_v1_MachineConfiguration(ref), + "github.com/openshift/api/operator/v1.MachineConfigurationList": schema_openshift_api_operator_v1_MachineConfigurationList(ref), + "github.com/openshift/api/operator/v1.MachineConfigurationSpec": schema_openshift_api_operator_v1_MachineConfigurationSpec(ref), + "github.com/openshift/api/operator/v1.MachineConfigurationStatus": schema_openshift_api_operator_v1_MachineConfigurationStatus(ref), "github.com/openshift/api/operator/v1.MyOperatorResource": schema_openshift_api_operator_v1_MyOperatorResource(ref), "github.com/openshift/api/operator/v1.MyOperatorResourceSpec": schema_openshift_api_operator_v1_MyOperatorResourceSpec(ref), "github.com/openshift/api/operator/v1.MyOperatorResourceStatus": schema_openshift_api_operator_v1_MyOperatorResourceStatus(ref), @@ -42896,7 +42900,6 @@ func schema_openshift_api_operator_v1_EtcdStatus(ref common.ReferenceCallback) c "latestAvailableRevision": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevision is the deploymentID of the most recent deployment", - Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -42904,7 +42907,6 @@ func schema_openshift_api_operator_v1_EtcdStatus(ref common.ReferenceCallback) c "latestAvailableRevisionReason": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - Default: "", Type: []string{"string"}, Format: "", }, @@ -44970,7 +44972,6 @@ func schema_openshift_api_operator_v1_KubeAPIServerStatus(ref common.ReferenceCa "latestAvailableRevision": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevision is the deploymentID of the most recent deployment", - Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -44978,7 +44979,6 @@ func schema_openshift_api_operator_v1_KubeAPIServerStatus(ref common.ReferenceCa "latestAvailableRevisionReason": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - Default: "", Type: []string{"string"}, Format: "", }, @@ -45262,7 +45262,6 @@ func schema_openshift_api_operator_v1_KubeControllerManagerStatus(ref common.Ref "latestAvailableRevision": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevision is the deploymentID of the most recent deployment", - Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -45270,7 +45269,6 @@ func schema_openshift_api_operator_v1_KubeControllerManagerStatus(ref common.Ref "latestAvailableRevisionReason": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - Default: "", Type: []string{"string"}, Format: "", }, @@ -45532,7 +45530,6 @@ func schema_openshift_api_operator_v1_KubeSchedulerStatus(ref common.ReferenceCa "latestAvailableRevision": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevision is the deploymentID of the most recent deployment", - Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -45540,7 +45537,6 @@ func schema_openshift_api_operator_v1_KubeSchedulerStatus(ref common.ReferenceCa "latestAvailableRevisionReason": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - Default: "", Type: []string{"string"}, Format: "", }, @@ -46010,6 +46006,274 @@ func schema_openshift_api_operator_v1_MTUMigrationValues(ref common.ReferenceCal } } +func schema_openshift_api_operator_v1_MachineConfiguration(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "MachineConfiguration provides information to configure an operator to manage Machine Configuration.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "spec is the specification of the desired behavior of the Machine Config Operator", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.MachineConfigurationSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status is the most recently observed status of the Machine Config Operator", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.MachineConfigurationStatus"), + }, + }, + }, + Required: []string{"metadata", "spec"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1.MachineConfigurationSpec", "github.com/openshift/api/operator/v1.MachineConfigurationStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_openshift_api_operator_v1_MachineConfigurationList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "MachineConfigurationList is a collection of items\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "Items contains the items", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.MachineConfiguration"), + }, + }, + }, + }, + }, + }, + Required: []string{"metadata", "items"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1.MachineConfiguration", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_openshift_api_operator_v1_MachineConfigurationSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "managementState": { + SchemaProps: spec.SchemaProps{ + Description: "managementState indicates whether and how the operator should manage the component", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "logLevel": { + SchemaProps: spec.SchemaProps{ + Description: "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + Type: []string{"string"}, + Format: "", + }, + }, + "operatorLogLevel": { + SchemaProps: spec.SchemaProps{ + Description: "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + Type: []string{"string"}, + Format: "", + }, + }, + "unsupportedConfigOverrides": { + SchemaProps: spec.SchemaProps{ + Description: "unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + }, + }, + "observedConfig": { + SchemaProps: spec.SchemaProps{ + Description: "observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + }, + }, + "forceRedeploymentReason": { + SchemaProps: spec.SchemaProps{ + Description: "forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "failedRevisionLimit": { + SchemaProps: spec.SchemaProps{ + Description: "failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "succeededRevisionLimit": { + SchemaProps: spec.SchemaProps{ + Description: "succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"managementState", "forceRedeploymentReason"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + } +} + +func schema_openshift_api_operator_v1_MachineConfigurationStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "observedGeneration is the last generation change you've dealt with", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "conditions": { + SchemaProps: spec.SchemaProps{ + Description: "conditions is a list of conditions and their status", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.OperatorCondition"), + }, + }, + }, + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "version is the level this availability applies to", + Type: []string{"string"}, + Format: "", + }, + }, + "readyReplicas": { + SchemaProps: spec.SchemaProps{ + Description: "readyReplicas indicates how many replicas are ready and at the desired state", + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + "generations": { + SchemaProps: spec.SchemaProps{ + Description: "generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.GenerationStatus"), + }, + }, + }, + }, + }, + "latestAvailableRevision": { + SchemaProps: spec.SchemaProps{ + Description: "latestAvailableRevision is the deploymentID of the most recent deployment", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "latestAvailableRevisionReason": { + SchemaProps: spec.SchemaProps{ + Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", + Type: []string{"string"}, + Format: "", + }, + }, + "nodeStatuses": { + SchemaProps: spec.SchemaProps{ + Description: "nodeStatuses track the deployment values and errors across individual nodes", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.NodeStatus"), + }, + }, + }, + }, + }, + }, + Required: []string{"readyReplicas"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/operator/v1.GenerationStatus", "github.com/openshift/api/operator/v1.NodeStatus", "github.com/openshift/api/operator/v1.OperatorCondition"}, + } +} + func schema_openshift_api_operator_v1_MyOperatorResource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -48949,7 +49213,6 @@ func schema_openshift_api_operator_v1_StaticPodOperatorStatus(ref common.Referen "latestAvailableRevision": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevision is the deploymentID of the most recent deployment", - Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -48957,7 +49220,6 @@ func schema_openshift_api_operator_v1_StaticPodOperatorStatus(ref common.Referen "latestAvailableRevisionReason": { SchemaProps: spec.SchemaProps{ Description: "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - Default: "", Type: []string{"string"}, Format: "", }, diff --git a/openapi/openapi.json b/openapi/openapi.json index 6e85cae1c21..b917b309f2b 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -25086,13 +25086,11 @@ "latestAvailableRevision": { "description": "latestAvailableRevision is the deploymentID of the most recent deployment", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "latestAvailableRevisionReason": { "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - "type": "string", - "default": "" + "type": "string" }, "nodeStatuses": { "description": "nodeStatuses track the deployment values and errors across individual nodes", @@ -26318,13 +26316,11 @@ "latestAvailableRevision": { "description": "latestAvailableRevision is the deploymentID of the most recent deployment", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "latestAvailableRevisionReason": { "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - "type": "string", - "default": "" + "type": "string" }, "nodeStatuses": { "description": "nodeStatuses track the deployment values and errors across individual nodes", @@ -26501,13 +26497,11 @@ "latestAvailableRevision": { "description": "latestAvailableRevision is the deploymentID of the most recent deployment", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "latestAvailableRevisionReason": { "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - "type": "string", - "default": "" + "type": "string" }, "nodeStatuses": { "description": "nodeStatuses track the deployment values and errors across individual nodes", @@ -26670,13 +26664,11 @@ "latestAvailableRevision": { "description": "latestAvailableRevision is the deploymentID of the most recent deployment", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "latestAvailableRevisionReason": { "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - "type": "string", - "default": "" + "type": "string" }, "nodeStatuses": { "description": "nodeStatuses track the deployment values and errors across individual nodes", @@ -26974,6 +26966,173 @@ } } }, + "com.github.openshift.api.operator.v1.MachineConfiguration": { + "description": "MachineConfiguration provides information to configure an operator to manage Machine Configuration.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "type": "object", + "required": [ + "metadata", + "spec" + ], + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "default": {}, + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "description": "spec is the specification of the desired behavior of the Machine Config Operator", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.MachineConfigurationSpec" + }, + "status": { + "description": "status is the most recently observed status of the Machine Config Operator", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.MachineConfigurationStatus" + } + } + }, + "com.github.openshift.api.operator.v1.MachineConfigurationList": { + "description": "MachineConfigurationList is a collection of items\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "type": "object", + "required": [ + "metadata", + "items" + ], + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items contains the items", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.MachineConfiguration" + } + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "default": {}, + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + } + }, + "com.github.openshift.api.operator.v1.MachineConfigurationSpec": { + "type": "object", + "required": [ + "managementState", + "forceRedeploymentReason" + ], + "properties": { + "failedRevisionLimit": { + "description": "failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", + "type": "integer", + "format": "int32" + }, + "forceRedeploymentReason": { + "description": "forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config.", + "type": "string", + "default": "" + }, + "logLevel": { + "description": "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + "type": "string" + }, + "managementState": { + "description": "managementState indicates whether and how the operator should manage the component", + "type": "string", + "default": "" + }, + "observedConfig": { + "description": "observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator", + "default": {}, + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" + }, + "operatorLogLevel": { + "description": "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", + "type": "string" + }, + "succeededRevisionLimit": { + "description": "succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", + "type": "integer", + "format": "int32" + }, + "unsupportedConfigOverrides": { + "description": "unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster.", + "default": {}, + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" + } + } + }, + "com.github.openshift.api.operator.v1.MachineConfigurationStatus": { + "type": "object", + "required": [ + "readyReplicas" + ], + "properties": { + "conditions": { + "description": "conditions is a list of conditions and their status", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.OperatorCondition" + } + }, + "generations": { + "description": "generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.GenerationStatus" + } + }, + "latestAvailableRevision": { + "description": "latestAvailableRevision is the deploymentID of the most recent deployment", + "type": "integer", + "format": "int32" + }, + "latestAvailableRevisionReason": { + "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", + "type": "string" + }, + "nodeStatuses": { + "description": "nodeStatuses track the deployment values and errors across individual nodes", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.NodeStatus" + } + }, + "observedGeneration": { + "description": "observedGeneration is the last generation change you've dealt with", + "type": "integer", + "format": "int64" + }, + "readyReplicas": { + "description": "readyReplicas indicates how many replicas are ready and at the desired state", + "type": "integer", + "format": "int32", + "default": 0 + }, + "version": { + "description": "version is the level this availability applies to", + "type": "string" + } + } + }, "com.github.openshift.api.operator.v1.MyOperatorResource": { "description": "MyOperatorResource is an example operator configuration type\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "type": "object", @@ -28719,13 +28878,11 @@ "latestAvailableRevision": { "description": "latestAvailableRevision is the deploymentID of the most recent deployment", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "latestAvailableRevisionReason": { "description": "latestAvailableRevisionReason describe the detailed reason for the most recent deployment", - "type": "string", - "default": "" + "type": "string" }, "nodeStatuses": { "description": "nodeStatuses track the deployment values and errors across individual nodes", diff --git a/operator/v1/0000_80_machine-config-operator_01_config.crd.yaml b/operator/v1/0000_80_machine-config-operator_01_config.crd.yaml new file mode 100644 index 00000000000..61ef7740e7a --- /dev/null +++ b/operator/v1/0000_80_machine-config-operator_01_config.crd.yaml @@ -0,0 +1,192 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: machineconfigurations.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: MachineConfiguration + plural: machineconfigurations + singular: machineconfiguration + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "MachineConfiguration provides information to configure an operator to manage Machine Configuration. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the Machine Config Operator + type: object + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + type: integer + format: int32 + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config. + type: string + logLevel: + description: "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + managementState: + description: managementState indicates whether and how the operator should manage the component + type: string + pattern: ^(Managed|Unmanaged|Force|Removed)$ + observedConfig: + description: observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + type: object + nullable: true + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + type: integer + format: int32 + unsupportedConfigOverrides: + description: unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + type: object + nullable: true + x-kubernetes-preserve-unknown-fields: true + status: + description: status is the most recently observed status of the Machine Config Operator + type: object + properties: + conditions: + description: conditions is a list of conditions and their status + type: array + items: + description: OperatorCondition is just the standard condition fields. + type: object + properties: + lastTransitionTime: + type: string + format: date-time + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + generations: + description: generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + type: array + items: + description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + type: object + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload controller involved + type: integer + format: int64 + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're tracking + type: string + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most recent deployment + type: integer + format: int32 + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across individual nodes + type: array + items: + description: NodeStatus provides information about the current state of a particular node managed by this operator. + type: object + properties: + currentRevision: + description: currentRevision is the generation of the most recently successful deployment + type: integer + format: int32 + lastFailedCount: + description: lastFailedCount is how often the installer pod of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment we tried and failed to deploy. + type: integer + format: int32 + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable errors during the failed deployment referenced in lastFailedRevision. + type: array + items: + type: string + lastFailedTime: + description: lastFailedTime is the time the last failed revision failed the last time. + type: string + format: date-time + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment we're trying to apply + type: integer + format: int32 + observedGeneration: + description: observedGeneration is the last generation change you've dealt with + type: integer + format: int64 + readyReplicas: + description: readyReplicas indicates how many replicas are ready and at the desired state + type: integer + format: int32 + version: + description: version is the level this availability applies to + type: string + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/register.go b/operator/v1/register.go index bd3dc420b82..21919f9a8be 100644 --- a/operator/v1/register.go +++ b/operator/v1/register.go @@ -54,6 +54,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &KubeSchedulerList{}, &KubeStorageVersionMigrator{}, &KubeStorageVersionMigratorList{}, + &MachineConfiguration{}, + &MachineConfigurationList{}, &Network{}, &NetworkList{}, &OpenShiftAPIServer{}, diff --git a/operator/v1/stable.machineconfiguration.testsuite.yaml b/operator/v1/stable.machineconfiguration.testsuite.yaml new file mode 100644 index 00000000000..6992a8eaa93 --- /dev/null +++ b/operator/v1/stable.machineconfiguration.testsuite.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[Stable] MachineConfiguration" +crd: 0000_80_machine-config-operator_01_config.crd.yaml +tests: + onCreate: + - name: Should be able to create a minimal MachineConfiguration + initial: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: {} # No spec is required for a MachineConfiguration + expected: | + apiVersion: operator.openshift.io/v1 + kind: MachineConfiguration + spec: + logLevel: Normal + operatorLogLevel: Normal diff --git a/operator/v1/types.go b/operator/v1/types.go index 8b650f32903..40037e1fe91 100644 --- a/operator/v1/types.go +++ b/operator/v1/types.go @@ -201,11 +201,11 @@ type StaticPodOperatorStatus struct { // latestAvailableRevision is the deploymentID of the most recent deployment // +optional - LatestAvailableRevision int32 `json:"latestAvailableRevision,omitEmpty"` + LatestAvailableRevision int32 `json:"latestAvailableRevision,omitempty"` // latestAvailableRevisionReason describe the detailed reason for the most recent deployment // +optional - LatestAvailableRevisionReason string `json:"latestAvailableRevisionReason,omitEmpty"` + LatestAvailableRevisionReason string `json:"latestAvailableRevisionReason,omitempty"` // nodeStatuses track the deployment values and errors across individual nodes // +optional diff --git a/operator/v1/types_machineconfiguration.go b/operator/v1/types_machineconfiguration.go new file mode 100644 index 00000000000..8651e89a725 --- /dev/null +++ b/operator/v1/types_machineconfiguration.go @@ -0,0 +1,58 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfiguration provides information to configure an operator to manage Machine Configuration. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfiguration struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata"` + + // spec is the specification of the desired behavior of the Machine Config Operator + // +kubebuilder:validation:Required + Spec MachineConfigurationSpec `json:"spec"` + + // status is the most recently observed status of the Machine Config Operator + // +optional + Status MachineConfigurationStatus `json:"status"` +} + +type MachineConfigurationSpec struct { + StaticPodOperatorSpec `json:",inline"` + + // TODO(jkyros): This is where we put our knobs and dials +} + +type MachineConfigurationStatus struct { + StaticPodOperatorStatus `json:",inline"` + + // TODO(jkyros): This is where we can put additional bespoke status fields +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineConfigurationList is a collection of items +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineConfigurationList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata"` + + // Items contains the items + Items []MachineConfiguration `json:"items"` +} diff --git a/operator/v1/zz_generated.deepcopy.go b/operator/v1/zz_generated.deepcopy.go index a0f4c1a8975..f93762e4a0e 100644 --- a/operator/v1/zz_generated.deepcopy.go +++ b/operator/v1/zz_generated.deepcopy.go @@ -2890,6 +2890,101 @@ func (in *MTUMigrationValues) DeepCopy() *MTUMigrationValues { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfiguration) DeepCopyInto(out *MachineConfiguration) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfiguration. +func (in *MachineConfiguration) DeepCopy() *MachineConfiguration { + if in == nil { + return nil + } + out := new(MachineConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfiguration) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigurationList) DeepCopyInto(out *MachineConfigurationList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MachineConfiguration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigurationList. +func (in *MachineConfigurationList) DeepCopy() *MachineConfigurationList { + if in == nil { + return nil + } + out := new(MachineConfigurationList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineConfigurationList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigurationSpec) DeepCopyInto(out *MachineConfigurationSpec) { + *out = *in + in.StaticPodOperatorSpec.DeepCopyInto(&out.StaticPodOperatorSpec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigurationSpec. +func (in *MachineConfigurationSpec) DeepCopy() *MachineConfigurationSpec { + if in == nil { + return nil + } + out := new(MachineConfigurationSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigurationStatus) DeepCopyInto(out *MachineConfigurationStatus) { + *out = *in + in.StaticPodOperatorStatus.DeepCopyInto(&out.StaticPodOperatorStatus) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigurationStatus. +func (in *MachineConfigurationStatus) DeepCopy() *MachineConfigurationStatus { + if in == nil { + return nil + } + out := new(MachineConfigurationStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MyOperatorResource) DeepCopyInto(out *MyOperatorResource) { *out = *in diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index f0becd86101..adf062fd28a 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -1243,6 +1243,27 @@ func (KubeStorageVersionMigratorList) SwaggerDoc() map[string]string { return map_KubeStorageVersionMigratorList } +var map_MachineConfiguration = map[string]string{ + "": "MachineConfiguration provides information to configure an operator to manage Machine Configuration.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec is the specification of the desired behavior of the Machine Config Operator", + "status": "status is the most recently observed status of the Machine Config Operator", +} + +func (MachineConfiguration) SwaggerDoc() map[string]string { + return map_MachineConfiguration +} + +var map_MachineConfigurationList = map[string]string{ + "": "MachineConfigurationList is a collection of items\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "items": "Items contains the items", +} + +func (MachineConfigurationList) SwaggerDoc() map[string]string { + return map_MachineConfigurationList +} + var map_AdditionalNetworkDefinition = map[string]string{ "": "AdditionalNetworkDefinition configures an extra network that is available but not created by default. Instead, pods must request them by name. type must be specified, along with exactly one \"Config\" that matches the type.", "type": "type is the type of network The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan",