diff --git a/data/data/install.openshift.io_installconfigs.yaml b/data/data/install.openshift.io_installconfigs.yaml index 530e01973e7..eb51ced2897 100644 --- a/data/data/install.openshift.io_installconfigs.yaml +++ b/data/data/install.openshift.io_installconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: installconfigs.install.openshift.io spec: group: install.openshift.io @@ -20,32 +20,37 @@ spec: description: InstallConfig is the configuration for an OpenShift install. properties: additionalTrustBundle: - description: AdditionalTrustBundle is a PEM-encoded X.509 certificate - bundle that will be added to the nodes' trusted certificate store. + description: |- + AdditionalTrustBundle is a PEM-encoded X.509 certificate bundle + that will be added to the nodes' trusted certificate store. type: string additionalTrustBundlePolicy: - description: 'AdditionalTrustBundlePolicy determines when to add the AdditionalTrustBundle - to the nodes'' trusted certificate store. "Proxyonly" is the default. - The field can be set to following specified values. "Proxyonly" : adds - the AdditionalTrustBundle to nodes when http/https proxy is configured. - "Always" : always adds AdditionalTrustBundle.' + description: |- + AdditionalTrustBundlePolicy determines when to add the AdditionalTrustBundle + to the nodes' trusted certificate store. "Proxyonly" is the default. + The field can be set to following specified values. + "Proxyonly" : adds the AdditionalTrustBundle to nodes when http/https proxy is configured. + "Always" : always adds AdditionalTrustBundle. enum: - "" - Proxyonly - Always type: string apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string baseDomain: description: BaseDomain is the base domain to which the cluster should belong. type: string bootstrapInPlace: - description: BootstrapInPlace is the configuration for installing a single - node with bootstrap in place installation. + description: |- + BootstrapInPlace is the configuration for installing a single node + with bootstrap in place installation. properties: installationDisk: description: InstallationDisk is the target disk drive for coreos-installer @@ -58,9 +63,10 @@ spec: cluster components. properties: additionalEnabledCapabilities: - description: additionalEnabledCapabilities extends the set of managed - capabilities beyond the baseline defined in baselineCapabilitySet. - The default is an empty set. + description: |- + additionalEnabledCapabilities extends the set of managed + capabilities beyond the baseline defined in + baselineCapabilitySet. The default is an empty set. items: description: ClusterVersionCapability enumerates optional, core cluster components. @@ -84,9 +90,10 @@ spec: type: string type: array baselineCapabilitySet: - description: baselineCapabilitySet selects an initial set of optional - capabilities to enable, which can be extended via additionalEnabledCapabilities. - The default is vCurrent. + description: |- + baselineCapabilitySet selects an initial set of + optional capabilities to enable, which can be extended via + additionalEnabledCapabilities. The default is vCurrent. enum: - None - v4.11 @@ -99,33 +106,37 @@ spec: type: string type: object compute: - description: Compute is the configuration for the machines that comprise - the compute nodes. + description: |- + Compute is the configuration for the machines that comprise the + compute nodes. items: description: MachinePool is a pool of machines to be installed. properties: architecture: default: amd64 - description: Architecture is the instruction set architecture of - the machine pool. Defaults to amd64. + description: |- + Architecture is the instruction set architecture of the machine pool. + Defaults to amd64. enum: - "" - amd64 type: string hyperthreading: default: Enabled - description: Hyperthreading determines the mode of hyperthreading - that machines in the pool will utilize. Default is for hyperthreading - to be enabled. + description: |- + Hyperthreading determines the mode of hyperthreading that machines in the + pool will utilize. + Default is for hyperthreading to be enabled. enum: - "" - Enabled - Disabled type: string name: - description: Name is the name of the machine pool. For the control - plane machine pool, the name will always be "master". For the - compute machine pools, the only valid name is "worker". + description: |- + Name is the name of the machine pool. + For the control plane machine pool, the name will always be "master". + For the compute machine pools, the only valid name is "worker". type: string platform: description: Platform is configuration for machine pool specific @@ -136,28 +147,28 @@ spec: AWS. properties: additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of - additional security groups for machines, where each ID + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID is presented in the format sg-xxxx. items: type: string maxItems: 10 type: array amiID: - description: AMIID is the AMI that should be used to boot - the ec2 instance. If set, the AMI should belong to the - same region as the cluster. + description: |- + AMIID is the AMI that should be used to boot the ec2 instance. + If set, the AMI should belong to the same region as the cluster. type: string iamProfile: - description: IAMProfile is the name of the IAM instance - profile to use for the machine. Leave unset to have the - installer create the IAM Profile on your behalf. Cannot - be specified together with iamRole. + description: |- + IAMProfile is the name of the IAM instance profile to use for the machine. + Leave unset to have the installer create the IAM Profile on your behalf. + Cannot be specified together with iamRole. type: string iamRole: - description: IAMRole is the name of the IAM Role to use - for the instance profile of the machine. Leave unset to - have the installer create the IAM Role on your behalf. + description: |- + IAMRole is the name of the IAM Role to use for the instance profile of the machine. + Leave unset to have the installer create the IAM Role on your behalf. Cannot be specified together with iamProfile. type: string metadataService: @@ -165,17 +176,13 @@ spec: interaction options for EC2 instances in the machine pool. properties: authentication: - description: Authentication determines whether or not - the host requires the use of authentication when interacting - with the metadata service. When using authentication, - this enforces v2 interaction method (IMDSv2) with - the metadata service. When omitted, this means the - user has no opinion and the value is left to the platform - to choose a good default, which is subject to change - over time. The current default is optional. At this - point this field represents `HttpTokens` parameter - from `InstanceMetadataOptionsRequest` structure in - AWS EC2 API https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html + description: |- + Authentication determines whether or not the host requires the use of authentication when interacting with the metadata service. + When using authentication, this enforces v2 interaction method (IMDSv2) with the metadata service. + When omitted, this means the user has no opinion and the value is left to the platform to choose a good + default, which is subject to change over time. The current default is optional. + At this point this field represents `HttpTokens` parameter from `InstanceMetadataOptionsRequest` structure in AWS EC2 API + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html enum: - Required - Optional @@ -186,15 +193,16 @@ spec: instances in the machine pool. properties: iops: - description: IOPS defines the amount of provisioned - IOPS. (KiB/s). IOPS may only be set for io1, io2, - & gp3 volume types. + description: |- + IOPS defines the amount of provisioned IOPS. (KiB/s). IOPS may only be set for + io1, io2, & gp3 volume types. minimum: 0 type: integer kmsKeyARN: - description: The KMS key that will be used to encrypt - the EBS volume. If no key is provided the default - KMS key for the account will be used. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html + description: |- + The KMS key that will be used to encrypt the EBS volume. + If no key is provided the default KMS key for the account will be used. + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html type: string size: description: Size defines the size of the volume in @@ -209,7 +217,8 @@ spec: - type type: object type: - description: InstanceType defines the ec2 instance type. + description: |- + InstanceType defines the ec2 instance type. eg. m4-large type: string zones: @@ -239,12 +248,14 @@ spec: set. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the disk encryption set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure subscription - the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -258,9 +269,10 @@ spec: minimum: 0 type: integer diskType: - description: DiskType defines the type of disk. For - control plane nodes, the valid values are Premium_LRS - and StandardSSD_LRS. Default is Premium_LRS. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are Premium_LRS and StandardSSD_LRS. + Default is Premium_LRS. enum: - Standard_LRS - Premium_LRS @@ -271,24 +283,24 @@ spec: profile for the managed disk. properties: diskEncryptionSet: - description: DiskEncryptionSet specifies the customer - managed disk encryption set resource id for the - managed disk that is used for Customer Managed - Key encrypted ConfidentialVM OS Disk and VMGuestState - blob. + description: |- + DiskEncryptionSet specifies the customer managed disk encryption set resource id for the + managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + VMGuestState blob. properties: name: description: Name is the name of the disk encryption set. type: string resourceGroup: - description: ResourceGroup defines the Azure - resource group used by the disk encryption - set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure - subscription the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -296,16 +308,13 @@ spec: - subscriptionId type: object securityEncryptionType: - description: SecurityEncryptionType specifies the - encryption type of the managed disk. It is set - to DiskWithVMGuestState to encrypt the managed - disk along with the VMGuestState blob, and to - VMGuestStateOnly to encrypt the VMGuestState blob - only. When set to VMGuestStateOnly, the VTpmEnabled - should be set to true. When set to DiskWithVMGuestState, - both SecureBootEnabled and VTpmEnabled should - be set to true. It can be set only for Confidential - VMs. + description: |- + SecurityEncryptionType specifies the encryption type of the managed disk. + It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + When set to VMGuestStateOnly, the VTpmEnabled should be set to true. + When set to DiskWithVMGuestState, both SecureBootEnabled and VTpmEnabled should be set to true. + It can be set only for Confidential VMs. enum: - VMGuestStateOnly - DiskWithVMGuestState @@ -321,7 +330,8 @@ spec: description: Offer is the offer of the image. type: string plan: - description: Plan is the purchase plan of the image. + description: |- + Plan is the purchase plan of the image. If omitted, it defaults to "WithPurchasePlan". enum: - WithPurchasePlan @@ -343,14 +353,15 @@ spec: - version type: object settings: - description: Settings specify the security type and the - UEFI settings of the virtual machine. This field can be - set for Confidential VMs and Trusted Launch for VMs. + description: |- + Settings specify the security type and the UEFI settings of the virtual machine. This field can + be set for Confidential VMs and Trusted Launch for VMs. properties: confidentialVM: - description: 'ConfidentialVM specifies the security - configuration of the virtual machine. For more information - regarding Confidential VMs, please refer to: https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview' + description: |- + ConfidentialVM specifies the security configuration of the virtual machine. + For more information regarding Confidential VMs, please refer to: + https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview properties: uefiSettings: description: UEFISettings specifies the security @@ -358,32 +369,22 @@ spec: creating the virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature - of all boot components and halts the boot - process if signature verification fails. If - omitted, the platform chooses a default, which - is subject to change over time, currently - that default is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is - used for comparison with measurements from - subsequent VM boots to determine if anything - has changed. This is required to be set to - enabled if the SecurityEncryptionType is defined. - If omitted, the platform chooses a default, - which is subject to change over time, currently - that default is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -391,19 +392,18 @@ spec: type: object type: object securityType: - description: 'SecurityType specifies the SecurityType - of the virtual machine. It has to be set to any specified - value to enable secure boot and vTPM. The default - behavior is: secure boot and vTPM will not be enabled - unless this property is set.' + description: |- + SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + enable secure boot and vTPM. The default behavior is: secure boot and vTPM will not be enabled unless this property is set. enum: - ConfidentialVM - TrustedLaunch type: string trustedLaunch: - description: 'TrustedLaunch specifies the security configuration - of the virtual machine. For more information regarding - TrustedLaunch for VMs, please refer to: https://learn.microsoft.com/azure/virtual-machines/trusted-launch' + description: |- + TrustedLaunch specifies the security configuration of the virtual machine. + For more information regarding TrustedLaunch for VMs, please refer to: + https://learn.microsoft.com/azure/virtual-machines/trusted-launch properties: uefiSettings: description: UEFISettings specifies the security @@ -411,32 +411,22 @@ spec: creating the virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature - of all boot components and halts the boot - process if signature verification fails. If - omitted, the platform chooses a default, which - is subject to change over time, currently - that default is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is - used for comparison with measurements from - subsequent VM boots to determine if anything - has changed. This is required to be set to - enabled if the SecurityEncryptionType is defined. - If omitted, the platform chooses a default, - which is subject to change over time, currently - that default is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -445,7 +435,8 @@ spec: type: object type: object type: - description: InstanceType defines the azure instance type. + description: |- + InstanceType defines the azure instance type. eg. Standard_DS_V2 type: string ultraSSDCapability: @@ -456,18 +447,19 @@ spec: - Disabled type: string vmNetworkingType: - description: 'VMNetworkingType specifies whether to enable - accelerated networking. Accelerated networking enables - single root I/O virtualization (SR-IOV) to a VM, greatly - improving its networking performance. eg. values: "Accelerated", - "Basic"' + description: |- + VMNetworkingType specifies whether to enable accelerated networking. + Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its + networking performance. + eg. values: "Accelerated", "Basic" enum: - Accelerated - Basic type: string zones: - description: Zones is list of availability zones that can - be used. eg. ["1", "2", "3"] + description: |- + Zones is list of availability zones that can be used. + eg. ["1", "2", "3"] items: type: string type: array @@ -482,22 +474,20 @@ spec: properties: confidentialCompute: default: Disabled - description: ConfidentialCompute Defines whether the instance - should have confidential compute enabled. If enabled OnHostMaintenance - is required to be set to "Terminate". If omitted, the - platform chooses a default, which is subject to change - over time, currently that default is false. + description: |- + ConfidentialCompute Defines whether the instance should have confidential compute enabled. + If enabled OnHostMaintenance is required to be set to "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string onHostMaintenance: default: Migrate - description: OnHostMaintenance determines the behavior when - a maintenance event occurs that might cause the instance - to reboot. Allowed values are "Migrate" and "Terminate". - If omitted, the platform chooses a default, which is subject - to change over time, currently that default is "Migrate". + description: |- + OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. + Allowed values are "Migrate" and "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". enum: - Migrate - Terminate @@ -513,9 +503,9 @@ spec: minimum: 16 type: integer diskType: - description: DiskType defines the type of disk. For - control plane nodes, the valid values are pd-balanced, - pd-ssd, and hyperdisk-balanced. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are pd-balanced, pd-ssd, and hyperdisk-balanced. enum: - pd-balanced - pd-ssd @@ -544,9 +534,9 @@ spec: disk encryption. type: string projectID: - description: ProjectID is the ID of the Project - in which the KMS Key Ring exists. Defaults - to the VM ProjectID if not set. + description: |- + ProjectID is the ID of the Project in which the KMS Key Ring exists. + Defaults to the VM ProjectID if not set. type: string required: - keyRing @@ -554,10 +544,11 @@ spec: - name type: object kmsKeyServiceAccount: - description: KMSKeyServiceAccount is the service - account being used for the encryption request - for the given KMS key. If absent, the Compute - Engine default service account is used. See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account + description: |- + KMSKeyServiceAccount is the service account being used for the + encryption request for the given KMS key. If absent, the Compute + Engine default service account is used. + See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account for details on the default service account. type: string type: object @@ -579,22 +570,19 @@ spec: - project type: object secureBoot: - description: SecureBoot Defines whether the instance should - have secure boot enabled. secure boot Verify the digital - signature of all boot components, and halt the boot process - if signature verification fails. If omitted, the platform - chooses a default, which is subject to change over time, - currently that default is false. + description: |- + SecureBoot Defines whether the instance should have secure boot enabled. + secure boot Verify the digital signature of all boot components, and halt the boot process if signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string serviceAccount: - description: ServiceAccount is the email of a gcp service - account to be used during installations. The provided - service account can be attached to both control-plane - nodes and worker nodes in order to provide the permissions - required by the cloud provider. + description: |- + ServiceAccount is the email of a gcp service account to be used during installations. + The provided service account can be attached to both control-plane nodes + and worker nodes in order to provide the permissions required by the cloud provider. type: string tags: description: Tags defines a set of network tags which will @@ -603,7 +591,8 @@ spec: type: string type: array type: - description: InstanceType defines the GCP instance type. + description: |- + InstanceType defines the GCP instance type. eg. n1-standard-4 type: string zones: @@ -622,10 +611,10 @@ spec: boot volume. properties: encryptionKey: - description: EncryptionKey is the CRN referencing a - Key Protect or Hyper Protect Crypto Services key to - use for volume encryption. If not specified, a provider - managed encryption key will be used. + description: |- + EncryptionKey is the CRN referencing a Key Protect or Hyper Protect + Crypto Services key to use for volume encryption. If not specified, a + provider managed encryption key will be used. type: string type: object dedicatedHosts: @@ -636,14 +625,14 @@ spec: the machine's dedicated host platform. properties: name: - description: Name is the name of the dedicated host - to provision the machine on. If specified, machines - will be created on pre-existing dedicated host. + description: |- + Name is the name of the dedicated host to provision the machine on. If + specified, machines will be created on pre-existing dedicated host. type: string profile: - description: Profile is the profile ID for the dedicated - host. If specified, new dedicated host will be created - for machines. + description: |- + Profile is the profile ID for the dedicated host. If specified, new + dedicated host will be created for machines. type: string type: object type: array @@ -662,12 +651,10 @@ spec: on Nutanix. properties: bootType: - description: BootType indicates the boot type (Legacy, UEFI - or SecureBoot) the Machine's VM uses to boot. If this - field is empty or omitted, the VM will use the default - boot type "Legacy" to boot. "SecureBoot" depends on "UEFI" - boot, i.e., enabling "SecureBoot" means that "UEFI" boot - is also enabled. + description: |- + BootType indicates the boot type (Legacy, UEFI or SecureBoot) the Machine's VM uses to boot. + If this field is empty or omitted, the VM will use the default boot type "Legacy" to boot. + "SecureBoot" depends on "UEFI" boot, i.e., enabling "SecureBoot" means that "UEFI" boot is also enabled. enum: - "" - Legacy @@ -675,10 +662,10 @@ spec: - SecureBoot type: string categories: - description: Categories optionally adds one or more prism - categories (each with key and value) for the Machine's - VM to associate with. All the category key and value pairs - specified must already exist in the prism central. + description: |- + Categories optionally adds one or more prism categories (each with key and value) for + the Machine's VM to associate with. All the category key and value pairs specified must + already exist in the prism central. items: description: NutanixCategory identifies a pair of prism category key and value @@ -703,12 +690,12 @@ spec: - key x-kubernetes-list-type: map coresPerSocket: - description: 'NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be - NumCPUs times NumCoresPerSocket. For example: 4 CPUs and - 4 Cores per socket will result in 16 VPUs. The AHV scheduler - treats socket and core allocation exactly the same so - there is no benefit to configuring cores over CPUs.' + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs times NumCoresPerSocket. + For example: 4 CPUs and 4 Cores per socket will result in 16 VPUs. + The AHV scheduler treats socket and core allocation exactly the same + so there is no benefit to configuring cores over CPUs. format: int64 type: integer cpus: @@ -747,12 +734,10 @@ spec: the disk device. properties: adapterType: - description: adapterType is the adapter type of - the disk address. If the deviceType is "Disk", - the valid adapterType can be "SCSI", "IDE", - "PCI", "SATA" or "SPAPR". If the deviceType - is "CDRom", the valid adapterType can be "IDE" - or "SATA". + description: |- + adapterType is the adapter type of the disk address. + If the deviceType is "Disk", the valid adapterType can be "SCSI", "IDE", "PCI", "SATA" or "SPAPR". + If the deviceType is "CDRom", the valid adapterType can be "IDE" or "SATA". enum: - SCSI - IDE @@ -762,25 +747,20 @@ spec: type: string deviceIndex: default: 0 - description: deviceIndex is the index of the disk - address. The valid values are non-negative integers, - with the default value 0. For a Machine VM, - the deviceIndex for the disks with the same - deviceType.adapterType combination should start - from 0 and increase consecutively afterwards. - Note that for each Machine VM, the Disk.SCSI.0 - and CDRom.IDE.0 are reserved to be used by the - VM's system. So for dataDisks of Disk.SCSI and - CDRom.IDE, the deviceIndex should start from - 1. + description: |- + deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. + For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should + start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 + and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, + the deviceIndex should start from 1. format: int32 minimum: 0 type: integer deviceType: default: Disk - description: deviceType specifies the disk device - type. The valid values are "Disk" and "CDRom", - and the default is "Disk". + description: |- + deviceType specifies the disk device type. + The valid values are "Disk" and "CDRom", and the default is "Disk". enum: - Disk - CDRom @@ -794,9 +774,9 @@ spec: anyOf: - type: integer - type: string - description: diskSize is size (in Quantity format) - of the disk to attach to the VM. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format - for the Quantity format and example documentation. + description: |- + diskSize is size (in Quantity format) of the disk to attach to the VM. + See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. The minimum diskSize is 1GB. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true @@ -813,9 +793,9 @@ spec: - Standard - Flash default: Standard - description: diskMode specifies the disk mode. - The valid values are Standard and Flash, and - the default is Standard. + description: |- + diskMode specifies the disk mode. + The valid values are Standard and Flash, and the default is Standard. type: string storageContainer: description: storageContainer refers to the storage_container @@ -846,8 +826,9 @@ spec: type: array x-kubernetes-list-type: set failureDomains: - description: FailureDomains optionally configures a list - of failure domain names that will be applied to the MachinePool + description: |- + FailureDomains optionally configures a list of failure domain names + that will be applied to the MachinePool items: type: string type: array @@ -868,8 +849,9 @@ spec: description: name is the GPU device name type: string type: - description: type is the identifier type of the GPU - device. Valid values are Name and DeviceID. + description: |- + type is the identifier type of the GPU device. + Valid values are Name and DeviceID. enum: - Name - DeviceID @@ -928,45 +910,46 @@ spec: on OpenStack. properties: additionalNetworkIDs: - description: AdditionalNetworkIDs contains IDs of additional - networks for machines, where each ID is presented in UUID - v4 format. Allowed address pairs won't be created for - the additional networks. + description: |- + AdditionalNetworkIDs contains IDs of additional networks for machines, + where each ID is presented in UUID v4 format. + Allowed address pairs won't be created for the additional networks. items: type: string type: array additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of - additional security groups for machines, where each ID - is presented in UUID v4 format. + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, + where each ID is presented in UUID v4 format. items: type: string type: array rootVolume: - description: RootVolume defines the root volume for instances - in the machine pool. The instances use ephemeral disks - if not set. + description: |- + RootVolume defines the root volume for instances in the machine pool. + The instances use ephemeral disks if not set. properties: size: - description: Size defines the size of the volume in - gibibytes (GiB). Required + description: |- + Size defines the size of the volume in gibibytes (GiB). + Required type: integer type: - description: 'Type defines the type of the volume. Deprecated: - Use Types instead.' + description: |- + Type defines the type of the volume. + Deprecated: Use Types instead. type: string types: - description: Types is the list of the volume types of - the root volumes. This is mutually exclusive with - Type. + description: |- + Types is the list of the volume types of the root volumes. + This is mutually exclusive with Type. items: type: string type: array zones: - description: Zones is the list of availability zones - where the root volumes should be deployed. If no zones - are provided, all instances will be deployed on OpenStack - Cinder default availability zone + description: |- + Zones is the list of availability zones where the root volumes should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Cinder default availability zone items: type: string type: array @@ -975,9 +958,9 @@ spec: - types type: object serverGroupPolicy: - description: ServerGroupPolicy will be used to create the - Server Group that will contain all the machines of this - MachinePool. Defaults to "soft-anti-affinity". + description: |- + ServerGroupPolicy will be used to create the Server Group that will contain all the machines of this MachinePool. + Defaults to "soft-anti-affinity". enum: - "" - affinity @@ -986,14 +969,14 @@ spec: - soft-anti-affinity type: string type: - description: FlavorName defines the OpenStack Nova flavor. + description: |- + FlavorName defines the OpenStack Nova flavor. eg. m1.large type: string zones: - description: Zones is the list of availability zones where - the instances should be deployed. If no zones are provided, - all instances will be deployed on OpenStack Nova default - availability zone + description: |- + Zones is the list of availability zones where the instances should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Nova default availability zone items: type: string type: array @@ -1005,42 +988,43 @@ spec: on oVirt. properties: affinityGroupsNames: - description: AffinityGroupsNames contains a list of oVirt - affinity group names that the newly created machines will - join. The affinity groups should exist on the oVirt cluster - or created by the OpenShift installer. + description: |- + AffinityGroupsNames contains a list of oVirt affinity group names that the newly created machines will join. + The affinity groups should exist on the oVirt cluster or created by the OpenShift installer. items: type: string type: array autoPinningPolicy: - description: AutoPinningPolicy defines the policy to automatically - set the CPU and NUMA including pinning to the host for - the instance. When the field is omitted the default will - be "none". + description: |- + AutoPinningPolicy defines the policy to automatically set the CPU + and NUMA including pinning to the host for the instance. + When the field is omitted the default will be "none". enum: - none - resize_and_pin type: string clone: - description: "Clone makes sure that the disks are cloned - from the template and are not linked. Defaults to true - for high performance and server VM types, false for desktop - types. \n Note: this option is not documented in the OpenShift - documentation. This is intentional as it has sane defaults - that shouldn't be changed unless needed for debugging - or resolving issues in cooperation with Red Hat support." + description: |- + Clone makes sure that the disks are cloned from the template and are not linked. + Defaults to true for high performance and server VM types, false for desktop types. + + + Note: this option is not documented in the OpenShift documentation. This is intentional as it has sane defaults + that shouldn't be changed unless needed for debugging or resolving issues in cooperation with Red Hat support. type: boolean cpu: description: CPU defines the VM CPU. properties: cores: - description: Cores is the number of cores per socket. + description: |- + Cores is the number of cores per socket. Total CPUs is (Sockets * Cores) format: int32 type: integer sockets: - description: Sockets is the number of sockets for a - VM. Total CPUs is (Sockets * Cores) + description: |- + Sockets is the number of sockets for a VM. + Total CPUs is (Sockets * Cores) format: int32 type: integer threads: @@ -1053,9 +1037,9 @@ spec: - threads type: object format: - description: Format is the disk format that the disks are - in. Can be "cow" or "raw". "raw" disables several features - that may be needed, such as incremental backups. + description: |- + Format is the disk format that the disks are in. Can be "cow" or "raw". "raw" disables several features that + may be needed, such as incremental backups. enum: - "" - raw @@ -1070,10 +1054,10 @@ spec: format: int32 type: integer instanceTypeID: - description: InstanceTypeID defines the VM instance type - and overrides the hardware parameters of the created VM, - including cpu and memory. If InstanceTypeID is passed, - all memory and cpu variables will be ignored. + description: |- + InstanceTypeID defines the VM instance type and overrides + the hardware parameters of the created VM, including cpu and memory. + If InstanceTypeID is passed, all memory and cpu variables will be ignored. type: string memoryMB: description: MemoryMB is the size of a VM's memory in MiBs. @@ -1112,8 +1096,9 @@ spec: format: int32 type: integer procType: - description: ProcType defines the processor sharing model - for the instance. Must be one of {Capped, Dedicated, Shared}. + description: |- + ProcType defines the processor sharing model for the instance. + Must be one of {Capped, Dedicated, Shared}. enum: - Dedicated - Shared @@ -1146,9 +1131,9 @@ spec: on vSphere. properties: coresPerSocket: - description: NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be - NumCPUs/NumCoresPerSocket. + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs/NumCoresPerSocket. format: int32 type: integer cpus: @@ -1170,8 +1155,9 @@ spec: type: integer type: object zones: - description: Zones defines available zones Zones is available - in TechPreview. + description: |- + Zones defines available zones + Zones is available in TechPreview. items: type: string type: array @@ -1187,31 +1173,35 @@ spec: type: object type: array controlPlane: - description: ControlPlane is the configuration for the machines that comprise - the control plane. + description: |- + ControlPlane is the configuration for the machines that comprise the + control plane. properties: architecture: default: amd64 - description: Architecture is the instruction set architecture of the - machine pool. Defaults to amd64. + description: |- + Architecture is the instruction set architecture of the machine pool. + Defaults to amd64. enum: - "" - amd64 type: string hyperthreading: default: Enabled - description: Hyperthreading determines the mode of hyperthreading - that machines in the pool will utilize. Default is for hyperthreading - to be enabled. + description: |- + Hyperthreading determines the mode of hyperthreading that machines in the + pool will utilize. + Default is for hyperthreading to be enabled. enum: - "" - Enabled - Disabled type: string name: - description: Name is the name of the machine pool. For the control - plane machine pool, the name will always be "master". For the compute - machine pools, the only valid name is "worker". + description: |- + Name is the name of the machine pool. + For the control plane machine pool, the name will always be "master". + For the compute machine pools, the only valid name is "worker". type: string platform: description: Platform is configuration for machine pool specific to @@ -1222,46 +1212,42 @@ spec: AWS. properties: additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of additional - security groups for machines, where each ID is presented - in the format sg-xxxx. + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID + is presented in the format sg-xxxx. items: type: string maxItems: 10 type: array amiID: - description: AMIID is the AMI that should be used to boot - the ec2 instance. If set, the AMI should belong to the same - region as the cluster. + description: |- + AMIID is the AMI that should be used to boot the ec2 instance. + If set, the AMI should belong to the same region as the cluster. type: string iamProfile: - description: IAMProfile is the name of the IAM instance profile - to use for the machine. Leave unset to have the installer - create the IAM Profile on your behalf. Cannot be specified - together with iamRole. + description: |- + IAMProfile is the name of the IAM instance profile to use for the machine. + Leave unset to have the installer create the IAM Profile on your behalf. + Cannot be specified together with iamRole. type: string iamRole: - description: IAMRole is the name of the IAM Role to use for - the instance profile of the machine. Leave unset to have - the installer create the IAM Role on your behalf. Cannot - be specified together with iamProfile. + description: |- + IAMRole is the name of the IAM Role to use for the instance profile of the machine. + Leave unset to have the installer create the IAM Role on your behalf. + Cannot be specified together with iamProfile. type: string metadataService: description: EC2MetadataOptions defines metadata service interaction options for EC2 instances in the machine pool. properties: authentication: - description: Authentication determines whether or not - the host requires the use of authentication when interacting - with the metadata service. When using authentication, - this enforces v2 interaction method (IMDSv2) with the - metadata service. When omitted, this means the user - has no opinion and the value is left to the platform - to choose a good default, which is subject to change - over time. The current default is optional. At this - point this field represents `HttpTokens` parameter from - `InstanceMetadataOptionsRequest` structure in AWS EC2 - API https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html + description: |- + Authentication determines whether or not the host requires the use of authentication when interacting with the metadata service. + When using authentication, this enforces v2 interaction method (IMDSv2) with the metadata service. + When omitted, this means the user has no opinion and the value is left to the platform to choose a good + default, which is subject to change over time. The current default is optional. + At this point this field represents `HttpTokens` parameter from `InstanceMetadataOptionsRequest` structure in AWS EC2 API + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html enum: - Required - Optional @@ -1272,15 +1258,16 @@ spec: instances in the machine pool. properties: iops: - description: IOPS defines the amount of provisioned IOPS. - (KiB/s). IOPS may only be set for io1, io2, & gp3 volume - types. + description: |- + IOPS defines the amount of provisioned IOPS. (KiB/s). IOPS may only be set for + io1, io2, & gp3 volume types. minimum: 0 type: integer kmsKeyARN: - description: The KMS key that will be used to encrypt - the EBS volume. If no key is provided the default KMS - key for the account will be used. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html + description: |- + The KMS key that will be used to encrypt the EBS volume. + If no key is provided the default KMS key for the account will be used. + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html type: string size: description: Size defines the size of the volume in gibibytes @@ -1295,8 +1282,9 @@ spec: - type type: object type: - description: InstanceType defines the ec2 instance type. eg. - m4-large + description: |- + InstanceType defines the ec2 instance type. + eg. m4-large type: string zones: description: Zones is list of availability zones that can @@ -1325,12 +1313,14 @@ spec: set. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the disk encryption set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure subscription - the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -1343,8 +1333,9 @@ spec: minimum: 0 type: integer diskType: - description: DiskType defines the type of disk. For control - plane nodes, the valid values are Premium_LRS and StandardSSD_LRS. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are Premium_LRS and StandardSSD_LRS. Default is Premium_LRS. enum: - Standard_LRS @@ -1356,23 +1347,24 @@ spec: for the managed disk. properties: diskEncryptionSet: - description: DiskEncryptionSet specifies the customer - managed disk encryption set resource id for the - managed disk that is used for Customer Managed Key - encrypted ConfidentialVM OS Disk and VMGuestState - blob. + description: |- + DiskEncryptionSet specifies the customer managed disk encryption set resource id for the + managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + VMGuestState blob. properties: name: description: Name is the name of the disk encryption set. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the disk encryption set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure - subscription the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -1380,15 +1372,13 @@ spec: - subscriptionId type: object securityEncryptionType: - description: SecurityEncryptionType specifies the - encryption type of the managed disk. It is set to - DiskWithVMGuestState to encrypt the managed disk - along with the VMGuestState blob, and to VMGuestStateOnly - to encrypt the VMGuestState blob only. When set - to VMGuestStateOnly, the VTpmEnabled should be set - to true. When set to DiskWithVMGuestState, both - SecureBootEnabled and VTpmEnabled should be set - to true. It can be set only for Confidential VMs. + description: |- + SecurityEncryptionType specifies the encryption type of the managed disk. + It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + When set to VMGuestStateOnly, the VTpmEnabled should be set to true. + When set to DiskWithVMGuestState, both SecureBootEnabled and VTpmEnabled should be set to true. + It can be set only for Confidential VMs. enum: - VMGuestStateOnly - DiskWithVMGuestState @@ -1404,8 +1394,9 @@ spec: description: Offer is the offer of the image. type: string plan: - description: Plan is the purchase plan of the image. If - omitted, it defaults to "WithPurchasePlan". + description: |- + Plan is the purchase plan of the image. + If omitted, it defaults to "WithPurchasePlan". enum: - WithPurchasePlan - NoPurchasePlan @@ -1426,14 +1417,15 @@ spec: - version type: object settings: - description: Settings specify the security type and the UEFI - settings of the virtual machine. This field can be set for - Confidential VMs and Trusted Launch for VMs. + description: |- + Settings specify the security type and the UEFI settings of the virtual machine. This field can + be set for Confidential VMs and Trusted Launch for VMs. properties: confidentialVM: - description: 'ConfidentialVM specifies the security configuration - of the virtual machine. For more information regarding - Confidential VMs, please refer to: https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview' + description: |- + ConfidentialVM specifies the security configuration of the virtual machine. + For more information regarding Confidential VMs, please refer to: + https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview properties: uefiSettings: description: UEFISettings specifies the security settings @@ -1441,32 +1433,22 @@ spec: virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature of - all boot components and halts the boot process - if signature verification fails. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is used - for comparison with measurements from subsequent - VM boots to determine if anything has changed. - This is required to be set to enabled if the - SecurityEncryptionType is defined. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -1474,19 +1456,18 @@ spec: type: object type: object securityType: - description: 'SecurityType specifies the SecurityType - of the virtual machine. It has to be set to any specified - value to enable secure boot and vTPM. The default behavior - is: secure boot and vTPM will not be enabled unless - this property is set.' + description: |- + SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + enable secure boot and vTPM. The default behavior is: secure boot and vTPM will not be enabled unless this property is set. enum: - ConfidentialVM - TrustedLaunch type: string trustedLaunch: - description: 'TrustedLaunch specifies the security configuration - of the virtual machine. For more information regarding - TrustedLaunch for VMs, please refer to: https://learn.microsoft.com/azure/virtual-machines/trusted-launch' + description: |- + TrustedLaunch specifies the security configuration of the virtual machine. + For more information regarding TrustedLaunch for VMs, please refer to: + https://learn.microsoft.com/azure/virtual-machines/trusted-launch properties: uefiSettings: description: UEFISettings specifies the security settings @@ -1494,32 +1475,22 @@ spec: virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature of - all boot components and halts the boot process - if signature verification fails. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is used - for comparison with measurements from subsequent - VM boots to determine if anything has changed. - This is required to be set to enabled if the - SecurityEncryptionType is defined. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -1528,7 +1499,8 @@ spec: type: object type: object type: - description: InstanceType defines the azure instance type. + description: |- + InstanceType defines the azure instance type. eg. Standard_DS_V2 type: string ultraSSDCapability: @@ -1539,17 +1511,19 @@ spec: - Disabled type: string vmNetworkingType: - description: 'VMNetworkingType specifies whether to enable - accelerated networking. Accelerated networking enables single - root I/O virtualization (SR-IOV) to a VM, greatly improving - its networking performance. eg. values: "Accelerated", "Basic"' + description: |- + VMNetworkingType specifies whether to enable accelerated networking. + Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its + networking performance. + eg. values: "Accelerated", "Basic" enum: - Accelerated - Basic type: string zones: - description: Zones is list of availability zones that can - be used. eg. ["1", "2", "3"] + description: |- + Zones is list of availability zones that can be used. + eg. ["1", "2", "3"] items: type: string type: array @@ -1564,22 +1538,20 @@ spec: properties: confidentialCompute: default: Disabled - description: ConfidentialCompute Defines whether the instance - should have confidential compute enabled. If enabled OnHostMaintenance - is required to be set to "Terminate". If omitted, the platform - chooses a default, which is subject to change over time, - currently that default is false. + description: |- + ConfidentialCompute Defines whether the instance should have confidential compute enabled. + If enabled OnHostMaintenance is required to be set to "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string onHostMaintenance: default: Migrate - description: OnHostMaintenance determines the behavior when - a maintenance event occurs that might cause the instance - to reboot. Allowed values are "Migrate" and "Terminate". - If omitted, the platform chooses a default, which is subject - to change over time, currently that default is "Migrate". + description: |- + OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. + Allowed values are "Migrate" and "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". enum: - Migrate - Terminate @@ -1594,9 +1566,9 @@ spec: minimum: 16 type: integer diskType: - description: DiskType defines the type of disk. For control - plane nodes, the valid values are pd-balanced, pd-ssd, - and hyperdisk-balanced. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are pd-balanced, pd-ssd, and hyperdisk-balanced. enum: - pd-balanced - pd-ssd @@ -1625,9 +1597,9 @@ spec: encryption. type: string projectID: - description: ProjectID is the ID of the Project - in which the KMS Key Ring exists. Defaults to - the VM ProjectID if not set. + description: |- + ProjectID is the ID of the Project in which the KMS Key Ring exists. + Defaults to the VM ProjectID if not set. type: string required: - keyRing @@ -1635,10 +1607,11 @@ spec: - name type: object kmsKeyServiceAccount: - description: KMSKeyServiceAccount is the service account - being used for the encryption request for the given - KMS key. If absent, the Compute Engine default service - account is used. See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account + description: |- + KMSKeyServiceAccount is the service account being used for the + encryption request for the given KMS key. If absent, the Compute + Engine default service account is used. + See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account for details on the default service account. type: string type: object @@ -1660,22 +1633,19 @@ spec: - project type: object secureBoot: - description: SecureBoot Defines whether the instance should - have secure boot enabled. secure boot Verify the digital - signature of all boot components, and halt the boot process - if signature verification fails. If omitted, the platform - chooses a default, which is subject to change over time, - currently that default is false. + description: |- + SecureBoot Defines whether the instance should have secure boot enabled. + secure boot Verify the digital signature of all boot components, and halt the boot process if signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string serviceAccount: - description: ServiceAccount is the email of a gcp service - account to be used during installations. The provided service - account can be attached to both control-plane nodes and - worker nodes in order to provide the permissions required - by the cloud provider. + description: |- + ServiceAccount is the email of a gcp service account to be used during installations. + The provided service account can be attached to both control-plane nodes + and worker nodes in order to provide the permissions required by the cloud provider. type: string tags: description: Tags defines a set of network tags which will @@ -1684,8 +1654,9 @@ spec: type: string type: array type: - description: InstanceType defines the GCP instance type. eg. - n1-standard-4 + description: |- + InstanceType defines the GCP instance type. + eg. n1-standard-4 type: string zones: description: Zones is list of availability zones that can @@ -1703,10 +1674,10 @@ spec: boot volume. properties: encryptionKey: - description: EncryptionKey is the CRN referencing a Key - Protect or Hyper Protect Crypto Services key to use - for volume encryption. If not specified, a provider - managed encryption key will be used. + description: |- + EncryptionKey is the CRN referencing a Key Protect or Hyper Protect + Crypto Services key to use for volume encryption. If not specified, a + provider managed encryption key will be used. type: string type: object dedicatedHosts: @@ -1717,14 +1688,14 @@ spec: the machine's dedicated host platform. properties: name: - description: Name is the name of the dedicated host - to provision the machine on. If specified, machines - will be created on pre-existing dedicated host. + description: |- + Name is the name of the dedicated host to provision the machine on. If + specified, machines will be created on pre-existing dedicated host. type: string profile: - description: Profile is the profile ID for the dedicated - host. If specified, new dedicated host will be created - for machines. + description: |- + Profile is the profile ID for the dedicated host. If specified, new + dedicated host will be created for machines. type: string type: object type: array @@ -1743,11 +1714,10 @@ spec: on Nutanix. properties: bootType: - description: BootType indicates the boot type (Legacy, UEFI - or SecureBoot) the Machine's VM uses to boot. If this field - is empty or omitted, the VM will use the default boot type - "Legacy" to boot. "SecureBoot" depends on "UEFI" boot, i.e., - enabling "SecureBoot" means that "UEFI" boot is also enabled. + description: |- + BootType indicates the boot type (Legacy, UEFI or SecureBoot) the Machine's VM uses to boot. + If this field is empty or omitted, the VM will use the default boot type "Legacy" to boot. + "SecureBoot" depends on "UEFI" boot, i.e., enabling "SecureBoot" means that "UEFI" boot is also enabled. enum: - "" - Legacy @@ -1755,10 +1725,10 @@ spec: - SecureBoot type: string categories: - description: Categories optionally adds one or more prism - categories (each with key and value) for the Machine's VM - to associate with. All the category key and value pairs - specified must already exist in the prism central. + description: |- + Categories optionally adds one or more prism categories (each with key and value) for + the Machine's VM to associate with. All the category key and value pairs specified must + already exist in the prism central. items: description: NutanixCategory identifies a pair of prism category key and value @@ -1783,12 +1753,12 @@ spec: - key x-kubernetes-list-type: map coresPerSocket: - description: 'NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be NumCPUs - times NumCoresPerSocket. For example: 4 CPUs and 4 Cores - per socket will result in 16 VPUs. The AHV scheduler treats - socket and core allocation exactly the same so there is - no benefit to configuring cores over CPUs.' + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs times NumCoresPerSocket. + For example: 4 CPUs and 4 Cores per socket will result in 16 VPUs. + The AHV scheduler treats socket and core allocation exactly the same + so there is no benefit to configuring cores over CPUs. format: int64 type: integer cpus: @@ -1827,11 +1797,10 @@ spec: the disk device. properties: adapterType: - description: adapterType is the adapter type of - the disk address. If the deviceType is "Disk", - the valid adapterType can be "SCSI", "IDE", "PCI", - "SATA" or "SPAPR". If the deviceType is "CDRom", - the valid adapterType can be "IDE" or "SATA". + description: |- + adapterType is the adapter type of the disk address. + If the deviceType is "Disk", the valid adapterType can be "SCSI", "IDE", "PCI", "SATA" or "SPAPR". + If the deviceType is "CDRom", the valid adapterType can be "IDE" or "SATA". enum: - SCSI - IDE @@ -1841,24 +1810,20 @@ spec: type: string deviceIndex: default: 0 - description: deviceIndex is the index of the disk - address. The valid values are non-negative integers, - with the default value 0. For a Machine VM, the - deviceIndex for the disks with the same deviceType.adapterType - combination should start from 0 and increase consecutively - afterwards. Note that for each Machine VM, the - Disk.SCSI.0 and CDRom.IDE.0 are reserved to be - used by the VM's system. So for dataDisks of Disk.SCSI - and CDRom.IDE, the deviceIndex should start from - 1. + description: |- + deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. + For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should + start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 + and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, + the deviceIndex should start from 1. format: int32 minimum: 0 type: integer deviceType: default: Disk - description: deviceType specifies the disk device - type. The valid values are "Disk" and "CDRom", - and the default is "Disk". + description: |- + deviceType specifies the disk device type. + The valid values are "Disk" and "CDRom", and the default is "Disk". enum: - Disk - CDRom @@ -1872,9 +1837,9 @@ spec: anyOf: - type: integer - type: string - description: diskSize is size (in Quantity format) of - the disk to attach to the VM. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format - for the Quantity format and example documentation. + description: |- + diskSize is size (in Quantity format) of the disk to attach to the VM. + See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. The minimum diskSize is 1GB. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true @@ -1891,9 +1856,9 @@ spec: - Standard - Flash default: Standard - description: diskMode specifies the disk mode. The - valid values are Standard and Flash, and the default - is Standard. + description: |- + diskMode specifies the disk mode. + The valid values are Standard and Flash, and the default is Standard. type: string storageContainer: description: storageContainer refers to the storage_container @@ -1924,8 +1889,9 @@ spec: type: array x-kubernetes-list-type: set failureDomains: - description: FailureDomains optionally configures a list of - failure domain names that will be applied to the MachinePool + description: |- + FailureDomains optionally configures a list of failure domain names + that will be applied to the MachinePool items: type: string type: array @@ -1946,8 +1912,9 @@ spec: description: name is the GPU device name type: string type: - description: type is the identifier type of the GPU - device. Valid values are Name and DeviceID. + description: |- + type is the identifier type of the GPU device. + Valid values are Name and DeviceID. enum: - Name - DeviceID @@ -2004,44 +1971,46 @@ spec: on OpenStack. properties: additionalNetworkIDs: - description: AdditionalNetworkIDs contains IDs of additional - networks for machines, where each ID is presented in UUID - v4 format. Allowed address pairs won't be created for the - additional networks. + description: |- + AdditionalNetworkIDs contains IDs of additional networks for machines, + where each ID is presented in UUID v4 format. + Allowed address pairs won't be created for the additional networks. items: type: string type: array additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of additional - security groups for machines, where each ID is presented - in UUID v4 format. + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, + where each ID is presented in UUID v4 format. items: type: string type: array rootVolume: - description: RootVolume defines the root volume for instances - in the machine pool. The instances use ephemeral disks if - not set. + description: |- + RootVolume defines the root volume for instances in the machine pool. + The instances use ephemeral disks if not set. properties: size: - description: Size defines the size of the volume in gibibytes - (GiB). Required + description: |- + Size defines the size of the volume in gibibytes (GiB). + Required type: integer type: - description: 'Type defines the type of the volume. Deprecated: - Use Types instead.' + description: |- + Type defines the type of the volume. + Deprecated: Use Types instead. type: string types: - description: Types is the list of the volume types of - the root volumes. This is mutually exclusive with Type. + description: |- + Types is the list of the volume types of the root volumes. + This is mutually exclusive with Type. items: type: string type: array zones: - description: Zones is the list of availability zones where - the root volumes should be deployed. If no zones are - provided, all instances will be deployed on OpenStack - Cinder default availability zone + description: |- + Zones is the list of availability zones where the root volumes should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Cinder default availability zone items: type: string type: array @@ -2050,9 +2019,9 @@ spec: - types type: object serverGroupPolicy: - description: ServerGroupPolicy will be used to create the - Server Group that will contain all the machines of this - MachinePool. Defaults to "soft-anti-affinity". + description: |- + ServerGroupPolicy will be used to create the Server Group that will contain all the machines of this MachinePool. + Defaults to "soft-anti-affinity". enum: - "" - affinity @@ -2061,14 +2030,14 @@ spec: - soft-anti-affinity type: string type: - description: FlavorName defines the OpenStack Nova flavor. + description: |- + FlavorName defines the OpenStack Nova flavor. eg. m1.large type: string zones: - description: Zones is the list of availability zones where - the instances should be deployed. If no zones are provided, - all instances will be deployed on OpenStack Nova default - availability zone + description: |- + Zones is the list of availability zones where the instances should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Nova default availability zone items: type: string type: array @@ -2080,41 +2049,42 @@ spec: oVirt. properties: affinityGroupsNames: - description: AffinityGroupsNames contains a list of oVirt - affinity group names that the newly created machines will - join. The affinity groups should exist on the oVirt cluster - or created by the OpenShift installer. + description: |- + AffinityGroupsNames contains a list of oVirt affinity group names that the newly created machines will join. + The affinity groups should exist on the oVirt cluster or created by the OpenShift installer. items: type: string type: array autoPinningPolicy: - description: AutoPinningPolicy defines the policy to automatically - set the CPU and NUMA including pinning to the host for the - instance. When the field is omitted the default will be - "none". + description: |- + AutoPinningPolicy defines the policy to automatically set the CPU + and NUMA including pinning to the host for the instance. + When the field is omitted the default will be "none". enum: - none - resize_and_pin type: string clone: - description: "Clone makes sure that the disks are cloned from - the template and are not linked. Defaults to true for high - performance and server VM types, false for desktop types. - \n Note: this option is not documented in the OpenShift - documentation. This is intentional as it has sane defaults - that shouldn't be changed unless needed for debugging or - resolving issues in cooperation with Red Hat support." + description: |- + Clone makes sure that the disks are cloned from the template and are not linked. + Defaults to true for high performance and server VM types, false for desktop types. + + + Note: this option is not documented in the OpenShift documentation. This is intentional as it has sane defaults + that shouldn't be changed unless needed for debugging or resolving issues in cooperation with Red Hat support. type: boolean cpu: description: CPU defines the VM CPU. properties: cores: - description: Cores is the number of cores per socket. + description: |- + Cores is the number of cores per socket. Total CPUs is (Sockets * Cores) format: int32 type: integer sockets: - description: Sockets is the number of sockets for a VM. + description: |- + Sockets is the number of sockets for a VM. Total CPUs is (Sockets * Cores) format: int32 type: integer @@ -2128,9 +2098,9 @@ spec: - threads type: object format: - description: Format is the disk format that the disks are - in. Can be "cow" or "raw". "raw" disables several features - that may be needed, such as incremental backups. + description: |- + Format is the disk format that the disks are in. Can be "cow" or "raw". "raw" disables several features that + may be needed, such as incremental backups. enum: - "" - raw @@ -2145,10 +2115,10 @@ spec: format: int32 type: integer instanceTypeID: - description: InstanceTypeID defines the VM instance type and - overrides the hardware parameters of the created VM, including - cpu and memory. If InstanceTypeID is passed, all memory - and cpu variables will be ignored. + description: |- + InstanceTypeID defines the VM instance type and overrides + the hardware parameters of the created VM, including cpu and memory. + If InstanceTypeID is passed, all memory and cpu variables will be ignored. type: string memoryMB: description: MemoryMB is the size of a VM's memory in MiBs. @@ -2187,8 +2157,9 @@ spec: format: int32 type: integer procType: - description: ProcType defines the processor sharing model - for the instance. Must be one of {Capped, Dedicated, Shared}. + description: |- + ProcType defines the processor sharing model for the instance. + Must be one of {Capped, Dedicated, Shared}. enum: - Dedicated - Shared @@ -2221,8 +2192,9 @@ spec: on vSphere. properties: coresPerSocket: - description: NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be NumCPUs/NumCoresPerSocket. + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs/NumCoresPerSocket. format: int32 type: integer cpus: @@ -2243,8 +2215,9 @@ spec: type: integer type: object zones: - description: Zones defines available zones Zones is available - in TechPreview. + description: |- + Zones defines available zones + Zones is available in TechPreview. items: type: string type: array @@ -2260,34 +2233,40 @@ spec: type: object cpuPartitioningMode: default: None - description: CPUPartitioning determines if a cluster should be setup for - CPU workload partitioning at install time. When this field is set the - cluster will be flagged for CPU Partitioning allowing users to segregate - workloads to specific CPU Sets. This does not make any decisions on - workloads it only configures the nodes to allow CPU Partitioning. The - "AllNodes" value will setup all nodes for CPU Partitioning, the default - is "None". + description: |- + CPUPartitioning determines if a cluster should be setup for CPU workload partitioning at install time. + When this field is set the cluster will be flagged for CPU Partitioning allowing users to segregate workloads to + specific CPU Sets. This does not make any decisions on workloads it only configures the nodes to allow CPU Partitioning. + The "AllNodes" value will setup all nodes for CPU Partitioning, the default is "None". enum: - None - AllNodes type: string credentialsMode: - description: "CredentialsMode is used to explicitly set the mode with - which CredentialRequests are satisfied. \n If this field is set, then - the installer will not attempt to query the cloud permissions before - attempting installation. If the field is not set or empty, then the - installer will perform its normal verification that the credentials - provided are sufficient to perform an installation. \n There are three - possible values for this field, but the valid values are dependent upon - the platform being used. \"Mint\": create new credentials with a subset - of the overall permissions for each CredentialsRequest \"Passthrough\": - copy the credentials with all of the overall permissions for each CredentialsRequest - \"Manual\": CredentialsRequests must be handled manually by the user - \n For each of the following platforms, the field can set to the specified - values. For all other platforms, the field must not be set. AWS: \"Mint\", - \"Passthrough\", \"Manual\" Azure: \"Passthrough\", \"Manual\" AzureStack: - \"Manual\" GCP: \"Mint\", \"Passthrough\", \"Manual\" IBMCloud: \"Manual\" - PowerVS: \"Manual\" Nutanix: \"Manual\"" + description: |- + CredentialsMode is used to explicitly set the mode with which CredentialRequests are satisfied. + + + If this field is set, then the installer will not attempt to query the cloud permissions before attempting + installation. If the field is not set or empty, then the installer will perform its normal verification that the + credentials provided are sufficient to perform an installation. + + + There are three possible values for this field, but the valid values are dependent upon the platform being used. + "Mint": create new credentials with a subset of the overall permissions for each CredentialsRequest + "Passthrough": copy the credentials with all of the overall permissions for each CredentialsRequest + "Manual": CredentialsRequests must be handled manually by the user + + + For each of the following platforms, the field can set to the specified values. For all other platforms, the + field must not be set. + AWS: "Mint", "Passthrough", "Manual" + Azure: "Passthrough", "Manual" + AzureStack: "Manual" + GCP: "Mint", "Passthrough", "Manual" + IBMCloud: "Manual" + PowerVS: "Manual" + Nutanix: "Manual" enum: - "" - Mint @@ -2295,29 +2274,32 @@ spec: - Manual type: string featureGates: - description: 'FeatureGates enables a set of custom feature gates. May - only be used in conjunction with FeatureSet "CustomNoUpgrade". Features - may be enabled or disabled by providing a true or false value for the - feature gate. E.g. "featureGates": ["FeatureGate1=true", "FeatureGate2=false"].' + description: |- + FeatureGates enables a set of custom feature gates. + May only be used in conjunction with FeatureSet "CustomNoUpgrade". + Features may be enabled or disabled by providing a true or false value for the feature gate. + E.g. "featureGates": ["FeatureGate1=true", "FeatureGate2=false"]. items: type: string type: array featureSet: - description: FeatureSet enables features that are not part of the default - feature set. Valid values are "Default", "TechPreviewNoUpgrade" and - "CustomNoUpgrade". When omitted, the "Default" feature set is used. + description: |- + FeatureSet enables features that are not part of the default feature set. + Valid values are "Default", "TechPreviewNoUpgrade" and "CustomNoUpgrade". + When omitted, the "Default" feature set is used. type: string fips: default: false description: FIPS configures https://www.nist.gov/itl/fips-general-information type: boolean imageContentSources: - description: ImageContentSources lists sources/repositories for the release-image - content. The field is deprecated. Please use imageDigestSources. + description: |- + ImageContentSources lists sources/repositories for the release-image content. + The field is deprecated. Please use imageDigestSources. items: - description: ImageContentSource defines a list of sources/repositories - that can be used to pull content. The field is deprecated. Please - use imageDigestSources. + description: |- + ImageContentSource defines a list of sources/repositories that can be used to pull content. + The field is deprecated. Please use imageDigestSources. properties: mirrors: description: Mirrors is one or more repositories that may also contain @@ -2355,37 +2337,43 @@ spec: type: object type: array kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object networking: - description: Networking is the configuration for the pod network provider - in the cluster. + description: |- + Networking is the configuration for the pod network provider in + the cluster. properties: clusterNetwork: - description: ClusterNetwork is the list of IP address pools for pods. + description: |- + ClusterNetwork is the list of IP address pools for pods. Default is 10.128.0.0/14 and a host prefix of /23. items: - description: ClusterNetworkEntry is a single IP address block for - pod IP blocks. IP blocks are allocated with size 2^HostSubnetLength. + description: |- + ClusterNetworkEntry is a single IP address block for pod IP blocks. IP blocks + are allocated with size 2^HostSubnetLength. properties: cidr: description: CIDR is the IP block address pool. type: string hostPrefix: - description: HostPrefix is the prefix size to allocate to each - node from the CIDR. For example, 24 would allocate 2^8=256 - adresses to each node. If this field is not used by the plugin, - it can be left unset. + description: |- + HostPrefix is the prefix size to allocate to each node from the CIDR. + For example, 24 would allocate 2^8=256 adresses to each node. If this + field is not used by the plugin, it can be left unset. format: int32 type: integer hostSubnetLength: - description: The size of blocks to allocate from the larger - pool. This is the length in bits - so a 9 here will allocate - a /23. + description: |- + The size of blocks to allocate from the larger pool. + This is the length in bits - so a 9 here will allocate a /23. format: int32 type: integer required: @@ -2393,34 +2381,34 @@ spec: type: object type: array clusterNetworkMTU: - description: ClusterNetworkMTU is the Maximum Transmit (MTU) Unit - size in bytes to allocate to the cluster network. For example, 1200 - would set the MTU of the entire overlay network. If the deployment - does not require changes in the network plugin, leave it unset and - the MTU will be calculated automatically based on the host network - MTU. + description: |- + ClusterNetworkMTU is the Maximum Transmit (MTU) Unit size in bytes to allocate to the cluster network. + For example, 1200 would set the MTU of the entire overlay network. If the deployment does + not require changes in the network plugin, leave it unset and the MTU will be calculated + automatically based on the host network MTU. format: int32 type: integer clusterNetworks: description: Deprecated name for ClusterNetwork items: - description: ClusterNetworkEntry is a single IP address block for - pod IP blocks. IP blocks are allocated with size 2^HostSubnetLength. + description: |- + ClusterNetworkEntry is a single IP address block for pod IP blocks. IP blocks + are allocated with size 2^HostSubnetLength. properties: cidr: description: CIDR is the IP block address pool. type: string hostPrefix: - description: HostPrefix is the prefix size to allocate to each - node from the CIDR. For example, 24 would allocate 2^8=256 - adresses to each node. If this field is not used by the plugin, - it can be left unset. + description: |- + HostPrefix is the prefix size to allocate to each node from the CIDR. + For example, 24 would allocate 2^8=256 adresses to each node. If this + field is not used by the plugin, it can be left unset. format: int32 type: integer hostSubnetLength: - description: The size of blocks to allocate from the larger - pool. This is the length in bits - so a 9 here will allocate - a /23. + description: |- + The size of blocks to allocate from the larger pool. + This is the length in bits - so a 9 here will allocate a /23. format: int32 type: integer required: @@ -2428,15 +2416,17 @@ spec: type: object type: array machineCIDR: - description: Deprecated way to configure an IP address pool for machines. + description: |- + Deprecated way to configure an IP address pool for machines. Replaced by MachineNetwork which allows for multiple pools. type: string machineNetwork: - description: MachineNetwork is the list of IP address pools for machines. - This field replaces MachineCIDR, and if set MachineCIDR must be - empty or match the first entry in the list. Default is 10.0.0.0/16 - for all platforms other than Power VS. For Power VS, the default - is 192.168.0.0/24. + description: |- + MachineNetwork is the list of IP address pools for machines. + This field replaces MachineCIDR, and if set MachineCIDR must + be empty or match the first entry in the list. + Default is 10.0.0.0/16 for all platforms other than Power VS. + For Power VS, the default is 192.168.0.0/24. items: description: MachineNetworkEntry is a single IP address block for node IP blocks. @@ -2451,16 +2441,20 @@ spec: type: array networkType: default: OVNKubernetes - description: NetworkType is the type of network to install. The default - value is OVNKubernetes. + description: |- + NetworkType is the type of network to install. + The default value is OVNKubernetes. type: string serviceCIDR: - description: Deprecated way to configure an IP address pool for services. + description: |- + Deprecated way to configure an IP address pool for services. Replaced by ServiceNetwork which allows for multiple pools. type: string serviceNetwork: - description: 'ServiceNetwork is the list of IP address pools for services. - Default is 172.30.0.0/16. NOTE: currently only one entry is supported.' + description: |- + ServiceNetwork is the list of IP address pools for services. + Default is 172.30.0.0/16. + NOTE: currently only one entry is supported. items: type: string maxItems: 1 @@ -2492,71 +2486,68 @@ spec: type: string type: object platform: - description: Platform is the configuration for the specific platform upon - which to perform the installation. + description: |- + Platform is the configuration for the specific platform upon which to + perform the installation. properties: aws: description: AWS is the configuration used when installing on AWS. properties: amiID: - description: The field is deprecated. AMIID is the AMI that should - be used to boot machines for the cluster. If set, the AMI should - belong to the same region as the cluster. + description: |- + The field is deprecated. AMIID is the AMI that should be used to boot + machines for the cluster. If set, the AMI should belong to the same + region as the cluster. type: string bestEffortDeleteIgnition: - description: BestEffortDeleteIgnition is an optional field that - can be used to ignore errors from S3 deletion of ignition objects - during cluster bootstrap. The default behavior is to fail the - installation if ignition objects cannot be deleted. Enable this - functionality when there are known reasons disallowing their - deletion. + description: |- + BestEffortDeleteIgnition is an optional field that can be used to ignore errors from S3 deletion of ignition + objects during cluster bootstrap. The default behavior is to fail the installation if ignition objects cannot be + deleted. Enable this functionality when there are known reasons disallowing their deletion. type: boolean defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on AWS for machine pools which do not define - their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on AWS for machine pools which do not define their own + platform configuration. properties: additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of additional - security groups for machines, where each ID is presented - in the format sg-xxxx. + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID + is presented in the format sg-xxxx. items: type: string maxItems: 10 type: array amiID: - description: AMIID is the AMI that should be used to boot - the ec2 instance. If set, the AMI should belong to the same - region as the cluster. + description: |- + AMIID is the AMI that should be used to boot the ec2 instance. + If set, the AMI should belong to the same region as the cluster. type: string iamProfile: - description: IAMProfile is the name of the IAM instance profile - to use for the machine. Leave unset to have the installer - create the IAM Profile on your behalf. Cannot be specified - together with iamRole. + description: |- + IAMProfile is the name of the IAM instance profile to use for the machine. + Leave unset to have the installer create the IAM Profile on your behalf. + Cannot be specified together with iamRole. type: string iamRole: - description: IAMRole is the name of the IAM Role to use for - the instance profile of the machine. Leave unset to have - the installer create the IAM Role on your behalf. Cannot - be specified together with iamProfile. + description: |- + IAMRole is the name of the IAM Role to use for the instance profile of the machine. + Leave unset to have the installer create the IAM Role on your behalf. + Cannot be specified together with iamProfile. type: string metadataService: description: EC2MetadataOptions defines metadata service interaction options for EC2 instances in the machine pool. properties: authentication: - description: Authentication determines whether or not - the host requires the use of authentication when interacting - with the metadata service. When using authentication, - this enforces v2 interaction method (IMDSv2) with the - metadata service. When omitted, this means the user - has no opinion and the value is left to the platform - to choose a good default, which is subject to change - over time. The current default is optional. At this - point this field represents `HttpTokens` parameter from - `InstanceMetadataOptionsRequest` structure in AWS EC2 - API https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html + description: |- + Authentication determines whether or not the host requires the use of authentication when interacting with the metadata service. + When using authentication, this enforces v2 interaction method (IMDSv2) with the metadata service. + When omitted, this means the user has no opinion and the value is left to the platform to choose a good + default, which is subject to change over time. The current default is optional. + At this point this field represents `HttpTokens` parameter from `InstanceMetadataOptionsRequest` structure in AWS EC2 API + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html enum: - Required - Optional @@ -2567,15 +2558,16 @@ spec: instances in the machine pool. properties: iops: - description: IOPS defines the amount of provisioned IOPS. - (KiB/s). IOPS may only be set for io1, io2, & gp3 volume - types. + description: |- + IOPS defines the amount of provisioned IOPS. (KiB/s). IOPS may only be set for + io1, io2, & gp3 volume types. minimum: 0 type: integer kmsKeyARN: - description: The KMS key that will be used to encrypt - the EBS volume. If no key is provided the default KMS - key for the account will be used. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html + description: |- + The KMS key that will be used to encrypt the EBS volume. + If no key is provided the default KMS key for the account will be used. + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html type: string size: description: Size defines the size of the volume in gibibytes @@ -2590,8 +2582,9 @@ spec: - type type: object type: - description: InstanceType defines the ec2 instance type. eg. - m4-large + description: |- + InstanceType defines the ec2 instance type. + eg. m4-large type: string zones: description: Zones is list of availability zones that can @@ -2601,75 +2594,91 @@ spec: type: array type: object experimentalPropagateUserTags: - description: The field is deprecated. ExperimentalPropagateUserTags - is an experimental flag that directs in-cluster operators to - include the specified user tags in the tags of the AWS resources - that the operators create. + description: |- + The field is deprecated. ExperimentalPropagateUserTags is an experimental + flag that directs in-cluster operators to include the specified + user tags in the tags of the AWS resources that the operators create. type: boolean hostedZone: - description: HostedZone is the ID of an existing hosted zone into - which to add DNS records for the cluster's internal API. An - existing hosted zone can only be used when also using existing - subnets. The hosted zone must be associated with the VPC containing - the subnets. Leave the hosted zone unset to have the installer - create the hosted zone on your behalf. + description: |- + HostedZone is the ID of an existing hosted zone into which to add DNS + records for the cluster's internal API. An existing hosted zone can + only be used when also using existing subnets. The hosted zone must be + associated with the VPC containing the subnets. + Leave the hosted zone unset to have the installer create the hosted zone + on your behalf. type: string hostedZoneRole: - description: HostedZoneRole is the ARN of an IAM role to be assumed - when performing operations on the provided HostedZone. HostedZoneRole - can be used in a shared VPC scenario when the private hosted - zone belongs to a different account than the rest of the cluster - resources. If HostedZoneRole is set, HostedZone must also be - set. + description: |- + HostedZoneRole is the ARN of an IAM role to be assumed when performing + operations on the provided HostedZone. HostedZoneRole can be used + in a shared VPC scenario when the private hosted zone belongs to a + different account than the rest of the cluster resources. + If HostedZoneRole is set, HostedZone must also be set. type: string lbType: - description: "LBType is an optional field to specify a load balancer - type. When this field is specified, all ingresscontrollers (including - the default ingresscontroller) will be created using the specified - load-balancer type by default. \n Following are the accepted - values: \n * \"Classic\": A Classic Load Balancer that makes - routing decisions at either the transport layer (TCP/SSL) or - the application layer (HTTP/HTTPS). See the following for additional - details: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb - \n * \"NLB\": A Network Load Balancer that makes routing decisions - at the transport layer (TCP/SSL). See the following for additional - details: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb - \n If this field is not set explicitly, it defaults to \"Classic\". - \ This default is subject to change over time." + description: |- + LBType is an optional field to specify a load balancer type. + When this field is specified, all ingresscontrollers (including the + default ingresscontroller) will be created using the specified load-balancer + type by default. + + + Following are the accepted values: + + + * "Classic": A Classic Load Balancer that makes routing decisions at + either the transport layer (TCP/SSL) or the application layer + (HTTP/HTTPS). See the following for additional details: + https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb + + + * "NLB": A Network Load Balancer that makes routing decisions at the + transport layer (TCP/SSL). See the following for additional details: + https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb + + + If this field is not set explicitly, it defaults to "Classic". This + default is subject to change over time. type: string preserveBootstrapIgnition: description: PreserveBootstrapIgnition is deprecated. Use bestEffortDeleteIgnition instead. type: boolean propagateUserTags: - description: PropagateUserTags is a flag that directs in-cluster - operators to include the specified user tags in the tags of - the AWS resources that the operators create. + description: |- + PropagateUserTags is a flag that directs in-cluster operators + to include the specified user tags in the tags of the + AWS resources that the operators create. type: boolean publicIpv4Pool: - description: PublicIpv4Pool is an optional field that can be used - to tell the installation process to use Public IPv4 address - that you bring to your AWS account with BYOIP. + description: |- + PublicIpv4Pool is an optional field that can be used to tell the installation process to use + Public IPv4 address that you bring to your AWS account with BYOIP. type: string region: description: Region specifies the AWS region where the cluster will be created. type: string serviceEndpoints: - description: ServiceEndpoints list contains custom endpoints which - will override default service endpoint of AWS Services. There - must be only one ServiceEndpoint for a service. + description: |- + ServiceEndpoints list contains custom endpoints which will override default + service endpoint of AWS Services. + There must be only one ServiceEndpoint for a service. items: - description: ServiceEndpoint store the configuration for services - to override existing defaults of AWS Services. + description: |- + ServiceEndpoint store the configuration for services to + override existing defaults of AWS Services. properties: name: - description: Name is the name of the AWS service. This must - be provided and cannot be empty. + description: |- + Name is the name of the AWS service. + This must be provided and cannot be empty. type: string url: - description: URL is fully qualified URI with scheme https, - that overrides the default generated endpoint for a client. + description: |- + URL is fully qualified URI with scheme https, that overrides the default generated + endpoint for a client. This must be provided and cannot be empty. pattern: ^https:// type: string @@ -2679,18 +2688,20 @@ spec: type: object type: array subnets: - description: Subnets specifies existing subnets (by ID) where - cluster resources will be created. Leave unset to have the - installer create subnets in a new VPC on your behalf. + description: |- + Subnets specifies existing subnets (by ID) where cluster + resources will be created. Leave unset to have the installer + create subnets in a new VPC on your behalf. items: type: string type: array userTags: additionalProperties: type: string - description: UserTags additional keys and values that the installer - will add as tags to all resources that it creates. Resources - created by the cluster itself may not include these tags. + description: |- + UserTags additional keys and values that the installer will add + as tags to all resources that it creates. Resources created by the + cluster itself may not include these tags. type: object required: - region @@ -2709,9 +2720,10 @@ spec: required. type: string cloudName: - description: cloudName is the name of the Azure cloud environment - which can be used to configure the Azure SDK with the appropriate - Azure API endpoints. If empty, the value is equal to "AzurePublicCloud". + description: |- + cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK + with the appropriate Azure API endpoints. + If empty, the value is equal to "AzurePublicCloud". enum: - "" - AzurePublicCloud @@ -2748,8 +2760,9 @@ spec: description: Name is the name of the key vault. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the key vault. + description: |- + ResourceGroup defines the Azure resource group used by the key + vault. type: string required: - keyName @@ -2762,9 +2775,10 @@ spec: type: string type: object defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on Azure for machine pools which do not - define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on Azure for machine pools which do not define their own + platform configuration. properties: encryptionAtHost: description: EncryptionAtHost enables encryption at the VM @@ -2782,12 +2796,14 @@ spec: set. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the disk encryption set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure subscription - the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -2800,8 +2816,9 @@ spec: minimum: 0 type: integer diskType: - description: DiskType defines the type of disk. For control - plane nodes, the valid values are Premium_LRS and StandardSSD_LRS. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are Premium_LRS and StandardSSD_LRS. Default is Premium_LRS. enum: - Standard_LRS @@ -2813,23 +2830,24 @@ spec: for the managed disk. properties: diskEncryptionSet: - description: DiskEncryptionSet specifies the customer - managed disk encryption set resource id for the - managed disk that is used for Customer Managed Key - encrypted ConfidentialVM OS Disk and VMGuestState - blob. + description: |- + DiskEncryptionSet specifies the customer managed disk encryption set resource id for the + managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + VMGuestState blob. properties: name: description: Name is the name of the disk encryption set. type: string resourceGroup: - description: ResourceGroup defines the Azure resource - group used by the disk encryption set. + description: |- + ResourceGroup defines the Azure resource group used by the disk + encryption set. type: string subscriptionId: - description: SubscriptionID defines the Azure - subscription the disk encryption set is in. + description: |- + SubscriptionID defines the Azure subscription the disk encryption + set is in. type: string required: - name @@ -2837,15 +2855,13 @@ spec: - subscriptionId type: object securityEncryptionType: - description: SecurityEncryptionType specifies the - encryption type of the managed disk. It is set to - DiskWithVMGuestState to encrypt the managed disk - along with the VMGuestState blob, and to VMGuestStateOnly - to encrypt the VMGuestState blob only. When set - to VMGuestStateOnly, the VTpmEnabled should be set - to true. When set to DiskWithVMGuestState, both - SecureBootEnabled and VTpmEnabled should be set - to true. It can be set only for Confidential VMs. + description: |- + SecurityEncryptionType specifies the encryption type of the managed disk. + It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + When set to VMGuestStateOnly, the VTpmEnabled should be set to true. + When set to DiskWithVMGuestState, both SecureBootEnabled and VTpmEnabled should be set to true. + It can be set only for Confidential VMs. enum: - VMGuestStateOnly - DiskWithVMGuestState @@ -2861,8 +2877,9 @@ spec: description: Offer is the offer of the image. type: string plan: - description: Plan is the purchase plan of the image. If - omitted, it defaults to "WithPurchasePlan". + description: |- + Plan is the purchase plan of the image. + If omitted, it defaults to "WithPurchasePlan". enum: - WithPurchasePlan - NoPurchasePlan @@ -2883,14 +2900,15 @@ spec: - version type: object settings: - description: Settings specify the security type and the UEFI - settings of the virtual machine. This field can be set for - Confidential VMs and Trusted Launch for VMs. + description: |- + Settings specify the security type and the UEFI settings of the virtual machine. This field can + be set for Confidential VMs and Trusted Launch for VMs. properties: confidentialVM: - description: 'ConfidentialVM specifies the security configuration - of the virtual machine. For more information regarding - Confidential VMs, please refer to: https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview' + description: |- + ConfidentialVM specifies the security configuration of the virtual machine. + For more information regarding Confidential VMs, please refer to: + https://learn.microsoft.com/azure/confidential-computing/confidential-vm-overview properties: uefiSettings: description: UEFISettings specifies the security settings @@ -2898,32 +2916,22 @@ spec: virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature of - all boot components and halts the boot process - if signature verification fails. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is used - for comparison with measurements from subsequent - VM boots to determine if anything has changed. - This is required to be set to enabled if the - SecurityEncryptionType is defined. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -2931,19 +2939,18 @@ spec: type: object type: object securityType: - description: 'SecurityType specifies the SecurityType - of the virtual machine. It has to be set to any specified - value to enable secure boot and vTPM. The default behavior - is: secure boot and vTPM will not be enabled unless - this property is set.' + description: |- + SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + enable secure boot and vTPM. The default behavior is: secure boot and vTPM will not be enabled unless this property is set. enum: - ConfidentialVM - TrustedLaunch type: string trustedLaunch: - description: 'TrustedLaunch specifies the security configuration - of the virtual machine. For more information regarding - TrustedLaunch for VMs, please refer to: https://learn.microsoft.com/azure/virtual-machines/trusted-launch' + description: |- + TrustedLaunch specifies the security configuration of the virtual machine. + For more information regarding TrustedLaunch for VMs, please refer to: + https://learn.microsoft.com/azure/virtual-machines/trusted-launch properties: uefiSettings: description: UEFISettings specifies the security settings @@ -2951,32 +2958,22 @@ spec: virtual machine. properties: secureBoot: - description: SecureBoot specifies whether secure - boot should be enabled on the virtual machine. - Secure Boot verifies the digital signature of - all boot components and halts the boot process - if signature verification fails. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + SecureBoot specifies whether secure boot should be enabled on the virtual machine. + Secure Boot verifies the digital signature of all boot components and halts the boot process if + signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled type: string virtualizedTrustedPlatformModule: - description: VirtualizedTrustedPlatformModule - specifies whether vTPM should be enabled on - the virtual machine. When enabled the virtualized - trusted platform module measurements are used - to create a known good boot integrity policy - baseline. The integrity policy baseline is used - for comparison with measurements from subsequent - VM boots to determine if anything has changed. - This is required to be set to enabled if the - SecurityEncryptionType is defined. If omitted, - the platform chooses a default, which is subject - to change over time, currently that default - is disabled. + description: |- + VirtualizedTrustedPlatformModule specifies whether vTPM should be enabled on the virtual machine. + When enabled the virtualized trusted platform module measurements are used to create a known good boot integrity policy baseline. + The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + This is required to be set to enabled if the SecurityEncryptionType is defined. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is disabled. enum: - Enabled - Disabled @@ -2985,7 +2982,8 @@ spec: type: object type: object type: - description: InstanceType defines the azure instance type. + description: |- + InstanceType defines the azure instance type. eg. Standard_DS_V2 type: string ultraSSDCapability: @@ -2996,17 +2994,19 @@ spec: - Disabled type: string vmNetworkingType: - description: 'VMNetworkingType specifies whether to enable - accelerated networking. Accelerated networking enables single - root I/O virtualization (SR-IOV) to a VM, greatly improving - its networking performance. eg. values: "Accelerated", "Basic"' + description: |- + VMNetworkingType specifies whether to enable accelerated networking. + Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its + networking performance. + eg. values: "Accelerated", "Basic" enum: - Accelerated - Basic type: string zones: - description: Zones is list of availability zones that can - be used. eg. ["1", "2", "3"] + description: |- + Zones is list of availability zones that can be used. + eg. ["1", "2", "3"] items: type: string type: array @@ -3017,9 +3017,9 @@ spec: type: string outboundType: default: Loadbalancer - description: OutboundType is a strategy for how egress from cluster - is achieved. When not specified default is "Loadbalancer". "NatGateway" - is only available in TechPreview. + description: |- + OutboundType is a strategy for how egress from cluster is achieved. When not specified default is "Loadbalancer". + "NatGateway" is only available in TechPreview. enum: - "" - Loadbalancer @@ -3031,23 +3031,21 @@ spec: will be created. type: string resourceGroupName: - description: ResourceGroupName is the name of an already existing - resource group where the cluster should be installed. This resource - group should only be used for this specific cluster and the - cluster components will assume ownership of all resources in - the resource group. Destroying the cluster using installer will - delete this resource group. This resource group must be empty - with no other resources when trying to use it for creating a - cluster. If empty, a new resource group will created for the - cluster. + description: |- + ResourceGroupName is the name of an already existing resource group where the cluster should be installed. + This resource group should only be used for this specific cluster and the cluster components will assume + ownership of all resources in the resource group. Destroying the cluster using installer will delete this + resource group. + This resource group must be empty with no other resources when trying to use it for creating a cluster. + If empty, a new resource group will created for the cluster. type: string userTags: additionalProperties: type: string - description: UserTags has additional keys and values that the - installer will add as tags to all resources that it creates - on AzurePublicCloud alone. Resources created by the cluster - itself may not include these tags. + description: |- + UserTags has additional keys and values that the installer will add + as tags to all resources that it creates on AzurePublicCloud alone. + Resources created by the cluster itself may not include these tags. type: object virtualNetwork: description: VirtualNetwork specifies the name of an existing @@ -3061,14 +3059,16 @@ spec: bare metal. properties: apiVIP: - description: 'DeprecatedAPIVIP is the VIP to use for internal - API communication Deprecated: Use APIVIPs' + description: |- + DeprecatedAPIVIP is the VIP to use for internal API communication + Deprecated: Use APIVIPs format: ip type: string apiVIPs: - description: APIVIPs contains the VIP(s) to use for internal API - communication. In dual stack clusters it contains an IPv4 and - IPv6 address, otherwise only one VIP + description: |- + APIVIPs contains the VIP(s) to use for internal API communication. In + dual stack clusters it contains an IPv4 and IPv6 address, otherwise only + one VIP format: ip items: type: string @@ -3076,58 +3076,63 @@ spec: type: array uniqueItems: true bootstrapExternalStaticDNS: - description: BootstrapExternalStaticDNS is the static network - DNS of the bootstrap node. This can be useful in environments - without a DHCP server. + description: |- + BootstrapExternalStaticDNS is the static network DNS of the bootstrap node. + This can be useful in environments without a DHCP server. format: ip type: string bootstrapExternalStaticGateway: - description: BootstrapExternalStaticGateway is the static network - gateway of the bootstrap node. This can be useful in environments - without a DHCP server. + description: |- + BootstrapExternalStaticGateway is the static network gateway of the bootstrap node. + This can be useful in environments without a DHCP server. format: ip type: string bootstrapExternalStaticIP: - description: BootstrapExternalStaticIP is the static IP address - of the bootstrap node. This can be useful in environments without - a DHCP server. + description: |- + BootstrapExternalStaticIP is the static IP address of the bootstrap node. + This can be useful in environments without a DHCP server. format: ip type: string bootstrapOSImage: - description: BootstrapOSImage is a URL to override the default - OS image for the bootstrap node. The URL must contain a sha256 - hash of the image e.g https://mirror.example.com/images/qemu.qcow2.gz?sha256=a07bd... + description: |- + BootstrapOSImage is a URL to override the default OS image + for the bootstrap node. The URL must contain a sha256 hash of the image + e.g https://mirror.example.com/images/qemu.qcow2.gz?sha256=a07bd... type: string bootstrapProvisioningIP: - description: BootstrapProvisioningIP is the IP used on the bootstrap - VM to bring up provisioning services that are used to create - the control-plane machines + description: |- + BootstrapProvisioningIP is the IP used on the bootstrap VM to + bring up provisioning services that are used to create the + control-plane machines format: ip type: string clusterOSImage: - description: ClusterOSImage is a URL to override the default OS - image for cluster nodes. The URL must contain a sha256 hash - of the image e.g https://mirror.example.com/images/metal.qcow2.gz?sha256=3b5a8... + description: |- + ClusterOSImage is a URL to override the default OS image + for cluster nodes. The URL must contain a sha256 hash of the image + e.g https://mirror.example.com/images/metal.qcow2.gz?sha256=3b5a8... type: string clusterProvisioningIP: - description: ClusterProvisioningIP is the IP on the dedicated - provisioning network where the baremetal-operator pod runs provisioning - services, and an http server to cache some downloaded content - e.g RHCOS/IPA images + description: |- + ClusterProvisioningIP is the IP on the dedicated provisioning network + where the baremetal-operator pod runs provisioning services, + and an http server to cache some downloaded content e.g RHCOS/IPA images type: string defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on bare metal for machine pools which do - not define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on bare metal for machine pools which do not define their own + platform configuration. type: object externalBridge: description: External bridge is used for external communication. type: string externalMACAddress: - description: ExternalMACAddress is used to allow setting a static - unicast MAC address for the bootstrap host on the external network. - Consider using the QEMU vendor prefix `52:54:00`. If left blank, - libvirt will generate one for you. + description: |- + ExternalMACAddress is used to allow setting a static unicast MAC + address for the bootstrap host on the external network. Consider + using the QEMU vendor prefix `52:54:00`. If left blank, libvirt will + generate one for you. type: string hosts: description: Hosts is the information needed to create the objects @@ -3157,10 +3162,10 @@ spec: bootMACAddress: type: string bootMode: - description: BootMode puts the server in legacy (BIOS), - UEFI secure boot or UEFI mode for booting. Secure boot - is only enabled during the final instance boot. The default - is UEFI. + description: |- + BootMode puts the server in legacy (BIOS), UEFI secure boot or UEFI mode for + booting. Secure boot is only enabled during the final instance boot. + The default is UEFI. enum: - "" - UEFI @@ -3176,50 +3181,57 @@ spec: role: type: string rootDeviceHints: - description: RootDeviceHints holds the hints for specifying - the storage location for the root filesystem for the image. + description: |- + RootDeviceHints holds the hints for specifying the storage location + for the root filesystem for the image. properties: deviceName: - description: A Linux device name like "/dev/vda". The - hint must match the actual value exactly. + description: |- + A Linux device name like "/dev/vda". The hint must match the + actual value exactly. type: string hctl: - description: A SCSI bus address like 0:0:0:0. The hint - must match the actual value exactly. + description: |- + A SCSI bus address like 0:0:0:0. The hint must match the actual + value exactly. type: string minSizeGigabytes: description: The minimum size of the device in Gigabytes. minimum: 0 type: integer model: - description: A vendor-specific device identifier. The - hint can be a substring of the actual value. + description: |- + A vendor-specific device identifier. The hint can be a + substring of the actual value. type: string rotational: description: True if the device should use spinning media, false otherwise. type: boolean serialNumber: - description: Device serial number. The hint must match - the actual value exactly. + description: |- + Device serial number. The hint must match the actual value + exactly. type: string vendor: - description: The name of the vendor or manufacturer - of the device. The hint can be a substring of the - actual value. + description: |- + The name of the vendor or manufacturer of the device. The hint + can be a substring of the actual value. type: string wwn: - description: Unique storage identifier. The hint must - match the actual value exactly. + description: |- + Unique storage identifier. The hint must match the actual value + exactly. type: string wwnVendorExtension: - description: Unique vendor storage identifier. The hint - must match the actual value exactly. + description: |- + Unique vendor storage identifier. The hint must match the + actual value exactly. type: string wwnWithExtension: - description: Unique storage identifier with the vendor - extension appended. The hint must match the actual - value exactly. + description: |- + Unique storage identifier with the vendor extension + appended. The hint must match the actual value exactly. type: string type: object required: @@ -3230,14 +3242,15 @@ spec: type: object type: array ingressVIP: - description: 'DeprecatedIngressVIP is the VIP to use for ingress - traffic Deprecated: Use IngressVIPs' + description: |- + DeprecatedIngressVIP is the VIP to use for ingress traffic + Deprecated: Use IngressVIPs format: ip type: string ingressVIPs: - description: IngressVIPs contains the VIP(s) to use for ingress - traffic. In dual stack clusters it contains an IPv4 and IPv6 - address, otherwise only one VIP + description: |- + IngressVIPs contains the VIP(s) to use for ingress traffic. In dual stack + clusters it contains an IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -3246,27 +3259,28 @@ spec: uniqueItems: true libvirtURI: default: qemu:///system - description: LibvirtURI is the identifier for the libvirtd connection. It - must be reachable from the host where the installer is run. + description: |- + LibvirtURI is the identifier for the libvirtd connection. It must be + reachable from the host where the installer is run. Default is qemu:///system type: string loadBalancer: - description: LoadBalancer defines how the load balancer used by - the cluster is configured. LoadBalancer is available in TechPreview. + description: |- + LoadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer is available in TechPreview. properties: type: default: OpenShiftManagedDefault - description: type defines the type of load balancer used by - the cluster on BareMetal platform which can be a user-managed - or openshift-managed load balancer that is to be used for - the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress traffic load-balancing + description: |- + type defines the type of load balancer used by the cluster on BareMetal platform + which can be a user-managed or openshift-managed load balancer + that is to be used for the OpenShift API and Ingress endpoints. + When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means no - opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. + When set to UserManaged these static pods will not be deployed and it is expected that + the load balancer is configured out of band by the deployer. + When omitted, this means no opinion and the platform is left to choose a reasonable default. + The default value is OpenShiftManagedDefault. enum: - OpenShiftManagedDefault - UserManaged @@ -3276,30 +3290,32 @@ spec: rule: oldSelf == '' || self == oldSelf type: object provisioningBridge: - description: Provisioning bridge is used for provisioning nodes, - on the host that will run the bootstrap VM. + description: |- + Provisioning bridge is used for provisioning nodes, on the host that + will run the bootstrap VM. type: string provisioningDHCPExternal: - description: DeprecatedProvisioningDHCPExternal indicates that - DHCP is provided by an external service. This parameter is replaced - by ProvisioningNetwork being set to "Unmanaged". + description: |- + DeprecatedProvisioningDHCPExternal indicates that DHCP is provided by an external service. This parameter is + replaced by ProvisioningNetwork being set to "Unmanaged". type: boolean provisioningDHCPRange: - description: ProvisioningDHCPRange is used to provide DHCP services - to hosts for provisioning. + description: |- + ProvisioningDHCPRange is used to provide DHCP services to hosts + for provisioning. type: string provisioningHostIP: - description: DeprecatedProvisioningHostIP is the deprecated version - of clusterProvisioningIP. When the baremetal platform was initially - added to the installer, the JSON field for ClusterProvisioningIP - was incorrectly set to "provisioningHostIP." This field is - here to allow backwards-compatibility. + description: |- + DeprecatedProvisioningHostIP is the deprecated version of clusterProvisioningIP. When the + baremetal platform was initially added to the installer, the JSON field for ClusterProvisioningIP + was incorrectly set to "provisioningHostIP." This field is here to allow backwards-compatibility. type: string provisioningMACAddress: - description: ProvisioningMACAddress is used to allow setting a - static unicast MAC address for the bootstrap host on the provisioning - network. Consider using the QEMU vendor prefix `52:54:00`. If - left blank, libvirt will generate one for you. + description: |- + ProvisioningMACAddress is used to allow setting a static unicast MAC + address for the bootstrap host on the provisioning network. Consider + using the QEMU vendor prefix `52:54:00`. If left blank, libvirt will + generate one for you. type: string provisioningNetwork: default: Managed @@ -3316,15 +3332,16 @@ spec: for provisioning. type: string provisioningNetworkInterface: - description: ProvisioningNetworkInterface is the name of the network - interface on a control plane baremetal host that is connected - to the provisioning network. + description: |- + ProvisioningNetworkInterface is the name of the network interface on a control plane + baremetal host that is connected to the provisioning network. type: string required: - hosts type: object external: - description: External is the configuration used when installing on + description: |- + External is the configuration used when installing on an external cloud provider. properties: cloudControllerManager: @@ -3337,10 +3354,9 @@ spec: type: string platformName: default: Unknown - description: PlatformName holds the arbitrary string representing - the infrastructure provider name, expected to be set at the - installation time. This field is solely for informational and - reporting purposes and is not expected to be used for decision-making. + description: |- + PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. + This field is solely for informational and reporting purposes and is not expected to be used for decision-making. type: string x-kubernetes-validations: - message: platform name cannot be changed once set @@ -3351,38 +3367,37 @@ spec: Cloud Platform. properties: computeSubnet: - description: ComputeSubnet is an existing subnet where the compute - nodes will be deployed. The value should be the name of the - subnet. + description: |- + ComputeSubnet is an existing subnet where the compute nodes will be deployed. + The value should be the name of the subnet. type: string controlPlaneSubnet: - description: ControlPlaneSubnet is an existing subnet where the - control plane will be deployed. The value should be the name - of the subnet. + description: |- + ControlPlaneSubnet is an existing subnet where the control plane will be deployed. + The value should be the name of the subnet. type: string defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on GCP for machine pools which do not define - their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on GCP for machine pools which do not define their own + platform configuration. properties: confidentialCompute: default: Disabled - description: ConfidentialCompute Defines whether the instance - should have confidential compute enabled. If enabled OnHostMaintenance - is required to be set to "Terminate". If omitted, the platform - chooses a default, which is subject to change over time, - currently that default is false. + description: |- + ConfidentialCompute Defines whether the instance should have confidential compute enabled. + If enabled OnHostMaintenance is required to be set to "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string onHostMaintenance: default: Migrate - description: OnHostMaintenance determines the behavior when - a maintenance event occurs that might cause the instance - to reboot. Allowed values are "Migrate" and "Terminate". - If omitted, the platform chooses a default, which is subject - to change over time, currently that default is "Migrate". + description: |- + OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. + Allowed values are "Migrate" and "Terminate". + If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". enum: - Migrate - Terminate @@ -3397,9 +3412,9 @@ spec: minimum: 16 type: integer diskType: - description: DiskType defines the type of disk. For control - plane nodes, the valid values are pd-balanced, pd-ssd, - and hyperdisk-balanced. + description: |- + DiskType defines the type of disk. + For control plane nodes, the valid values are pd-balanced, pd-ssd, and hyperdisk-balanced. enum: - pd-balanced - pd-ssd @@ -3428,9 +3443,9 @@ spec: encryption. type: string projectID: - description: ProjectID is the ID of the Project - in which the KMS Key Ring exists. Defaults to - the VM ProjectID if not set. + description: |- + ProjectID is the ID of the Project in which the KMS Key Ring exists. + Defaults to the VM ProjectID if not set. type: string required: - keyRing @@ -3438,10 +3453,11 @@ spec: - name type: object kmsKeyServiceAccount: - description: KMSKeyServiceAccount is the service account - being used for the encryption request for the given - KMS key. If absent, the Compute Engine default service - account is used. See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account + description: |- + KMSKeyServiceAccount is the service account being used for the + encryption request for the given KMS key. If absent, the Compute + Engine default service account is used. + See https://cloud.google.com/compute/docs/access/service-accounts#compute_engine_service_account for details on the default service account. type: string type: object @@ -3463,22 +3479,19 @@ spec: - project type: object secureBoot: - description: SecureBoot Defines whether the instance should - have secure boot enabled. secure boot Verify the digital - signature of all boot components, and halt the boot process - if signature verification fails. If omitted, the platform - chooses a default, which is subject to change over time, - currently that default is false. + description: |- + SecureBoot Defines whether the instance should have secure boot enabled. + secure boot Verify the digital signature of all boot components, and halt the boot process if signature verification fails. + If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. enum: - Enabled - Disabled type: string serviceAccount: - description: ServiceAccount is the email of a gcp service - account to be used during installations. The provided service - account can be attached to both control-plane nodes and - worker nodes in order to provide the permissions required - by the cloud provider. + description: |- + ServiceAccount is the email of a gcp service account to be used during installations. + The provided service account can be attached to both control-plane nodes + and worker nodes in order to provide the permissions required by the cloud provider. type: string tags: description: Tags defines a set of network tags which will @@ -3487,8 +3500,9 @@ spec: type: string type: array type: - description: InstanceType defines the GCP instance type. eg. - n1-standard-4 + description: |- + InstanceType defines the GCP instance type. + eg. n1-standard-4 type: string zones: description: Zones is list of availability zones that can @@ -3498,12 +3512,14 @@ spec: type: array type: object network: - description: Network specifies an existing VPC where the cluster - should be created rather than provisioning a new one. + description: |- + Network specifies an existing VPC where the cluster should be created + rather than provisioning a new one. type: string networkProjectID: - description: NetworkProjectID specifies which project the network - and subnets exist in when they are not in the main ProjectID. + description: |- + NetworkProjectID specifies which project the network and subnets exist in when + they are not in the main ProjectID. type: string projectID: description: ProjectID is the the project that will be used for @@ -3514,27 +3530,26 @@ spec: will be created. type: string userLabels: - description: userLabels has additional keys and values that the - installer will add as labels to all resources that it creates - on GCP. Resources created by the cluster itself may not include - these labels. GCPLabelsTags featureGate is defined for managing - this feature and is enabled by default. + description: |- + userLabels has additional keys and values that the installer will add as + labels to all resources that it creates on GCP. Resources created by the + cluster itself may not include these labels. GCPLabelsTags featureGate is + defined for managing this feature and is enabled by default. items: description: UserLabel is a label to apply to GCP resources created for the cluster. properties: key: - description: key is the key part of the label. A label key - can have a maximum of 63 characters and cannot be empty. - Label must begin with a lowercase letter, and must contain - only lowercase letters, numeric characters, and the following - special characters `_-`. + description: |- + key is the key part of the label. A label key can have a maximum of 63 characters + and cannot be empty. Label must begin with a lowercase letter, and must contain + only lowercase letters, numeric characters, and the following special characters `_-`. type: string value: - description: value is the value part of the label. A label - value can have a maximum of 63 characters and cannot be - empty. Value must contain only lowercase letters, numeric - characters, and the following special characters `_-`. + description: |- + value is the value part of the label. A label value can have a maximum of 63 characters + and cannot be empty. Value must contain only lowercase letters, numeric characters, and + the following special characters `_-`. type: string required: - key @@ -3543,50 +3558,47 @@ spec: type: array userProvisionedDNS: default: Disabled - description: UserProvisionedDNS indicates if the customer is providing - their own DNS solution in place of the default provisioned by - the Installer. + description: |- + UserProvisionedDNS indicates if the customer is providing their own DNS solution in place of the default + provisioned by the Installer. enum: - Enabled - Disabled type: string userTags: - description: userTags has additional keys and values that the - installer will add as tags to all resources that it creates - on GCP. Resources created by the cluster itself may not include - these tags. Tag key and tag value should be the shortnames of - the tag key and tag value resource. GCPLabelsTags featureGate + description: |- + userTags has additional keys and values that the installer will add as + tags to all resources that it creates on GCP. Resources created by the + cluster itself may not include these tags. Tag key and tag value should + be the shortnames of the tag key and tag value resource. GCPLabelsTags featureGate is defined for managing this feature and is enabled by default. items: description: UserTag is a tag to apply to GCP resources created for the cluster. properties: key: - description: key is the key part of the tag. A tag key can - have a maximum of 63 characters and cannot be empty. Tag - key must begin and end with an alphanumeric character, - and must contain only uppercase, lowercase alphanumeric - characters, and the following special characters `._-`. + description: |- + key is the key part of the tag. A tag key can have a maximum of 63 characters and + cannot be empty. Tag key must begin and end with an alphanumeric character, and + must contain only uppercase, lowercase alphanumeric characters, and the following + special characters `._-`. type: string parentID: - description: 'parentID is the ID of the hierarchical resource - where the tags are defined, e.g. at the Organization or - the Project level. To find the Organization ID or Project - ID refer to the following pages: https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, + description: |- + parentID is the ID of the hierarchical resource where the tags are defined, + e.g. at the Organization or the Project level. To find the Organization ID or Project ID refer to the following pages: + https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. - An OrganizationID must consist of decimal numbers, and - cannot have leading zeroes. A ProjectID must be 6 to 30 - characters in length, can only contain lowercase letters, - numbers, and hyphens, and must start with a letter, and - cannot end with a hyphen.' + An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. + A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, + numbers, and hyphens, and must start with a letter, and cannot end with a hyphen. type: string value: - description: value is the value part of the tag. A tag value - can have a maximum of 63 characters and cannot be empty. - Tag value must begin and end with an alphanumeric character, - and must contain only uppercase, lowercase alphanumeric - characters, and the following special characters `_-.@%=+:,*#&(){}[]` - and spaces. + description: |- + value is the value part of the tag. A tag value can have a maximum of 63 characters + and cannot be empty. Tag value must begin and end with an alphanumeric character, and + must contain only uppercase, lowercase alphanumeric characters, and the following + special characters `_-.@%=+:,*#&(){}[]` and spaces. type: string required: - key @@ -3603,31 +3615,34 @@ spec: IBM Cloud. properties: computeSubnets: - description: ComputeSubnets are the names of already existing - subnets where the cluster compute nodes should be created. + description: |- + ComputeSubnets are the names of already existing subnets where the cluster + compute nodes should be created. items: type: string type: array controlPlaneSubnets: - description: ControlPlaneSubnets are the names of already existing - subnets where the cluster control plane nodes should be created. + description: |- + ControlPlaneSubnets are the names of already existing subnets where the + cluster control plane nodes should be created. items: type: string type: array defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on IBM Cloud for machine pools which do - not define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when installing + on IBM Cloud for machine pools which do not define their own platform + configuration. properties: bootVolume: description: BootVolume is the configuration for the machine's boot volume. properties: encryptionKey: - description: EncryptionKey is the CRN referencing a Key - Protect or Hyper Protect Crypto Services key to use - for volume encryption. If not specified, a provider - managed encryption key will be used. + description: |- + EncryptionKey is the CRN referencing a Key Protect or Hyper Protect + Crypto Services key to use for volume encryption. If not specified, a + provider managed encryption key will be used. type: string type: object dedicatedHosts: @@ -3638,14 +3653,14 @@ spec: the machine's dedicated host platform. properties: name: - description: Name is the name of the dedicated host - to provision the machine on. If specified, machines - will be created on pre-existing dedicated host. + description: |- + Name is the name of the dedicated host to provision the machine on. If + specified, machines will be created on pre-existing dedicated host. type: string profile: - description: Profile is the profile ID for the dedicated - host. If specified, new dedicated host will be created - for machines. + description: |- + Profile is the profile ID for the dedicated host. If specified, new + dedicated host will be created for machines. type: string type: object type: array @@ -3660,40 +3675,40 @@ spec: type: array type: object networkResourceGroupName: - description: NetworkResourceGroupName is the name of an already - existing resource group where an existing VPC and set of Subnets - exist, to be used during cluster creation. + description: |- + NetworkResourceGroupName is the name of an already existing resource group + where an existing VPC and set of Subnets exist, to be used during cluster + creation. type: string region: - description: Region specifies the IBM Cloud region where the cluster - will be created. + description: |- + Region specifies the IBM Cloud region where the cluster will be + created. type: string resourceGroupName: - description: ResourceGroupName is the name of an already existing - resource group where the cluster should be installed. If empty, - a new resource group will be created for the cluster. + description: |- + ResourceGroupName is the name of an already existing resource group where the + cluster should be installed. If empty, a new resource group will be created + for the cluster. type: string serviceEndpoints: - description: ServiceEndpoints is a list which contains custom - endpoints to override default service endpoints of IBM Cloud - Services. There must only be one ServiceEndpoint for a service - (no duplicates). + description: |- + ServiceEndpoints is a list which contains custom endpoints to override default + service endpoints of IBM Cloud Services. + There must only be one ServiceEndpoint for a service (no duplicates). items: - description: IBMCloudServiceEndpoint stores the configuration - of a custom url to override existing defaults of IBM Cloud - Services. + description: |- + IBMCloudServiceEndpoint stores the configuration of a custom url to + override existing defaults of IBM Cloud Services. properties: name: - description: 'name is the name of the IBM Cloud service. - Possible values are: CIS, COS, COSConfig, DNSServices, - GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, - IAM, KeyProtect, ResourceController, ResourceManager, - or VPC. For example, the IBM Cloud Private IAM service - could be configured with the service `name` of `IAM` and - `url` of `https://private.iam.cloud.ibm.com` Whereas the - IBM Cloud Private VPC service for US South (Dallas) could - be configured with the service `name` of `VPC` and `url` - of `https://us.south.private.iaas.cloud.ibm.com`' + description: |- + name is the name of the IBM Cloud service. + Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. + For example, the IBM Cloud Private IAM service could be configured with the + service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` + Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured + with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` enum: - CIS - COS @@ -3710,8 +3725,9 @@ spec: - VPC type: string url: - description: url is fully qualified URI with scheme https, - that overrides the default generated endpoint for a client. + description: |- + url is fully qualified URI with scheme https, that overrides the default generated + endpoint for a client. This must be provided and cannot be empty. type: string x-kubernetes-validations: @@ -3723,28 +3739,31 @@ spec: type: object type: array vpcName: - description: VPCName is the name of an already existing VPC to - be used during cluster creation. + description: |- + VPCName is the name of an already existing VPC to be used during cluster + creation. type: string required: - region type: object none: - description: None is the empty configuration used when installing - on an unsupported platform. + description: |- + None is the empty configuration used when installing on an unsupported + platform. type: object nutanix: description: Nutanix is the configuration used when installing on Nutanix. properties: apiVIP: - description: 'DeprecatedAPIVIP is the virtual IP address for the - api endpoint Deprecated: use APIVIPs' + description: |- + DeprecatedAPIVIP is the virtual IP address for the api endpoint + Deprecated: use APIVIPs type: string apiVIPs: - description: APIVIPs contains the VIP(s) for the api endpoint. - In dual stack clusters it contains an IPv4 and IPv6 address, - otherwise only one VIP + description: |- + APIVIPs contains the VIP(s) for the api endpoint. In dual stack clusters + it contains an IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -3756,16 +3775,16 @@ spec: to download the RHCOS Image. type: string defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on Nutanix for machine pools which do not - define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on Nutanix for machine pools which do not define their own + platform configuration. properties: bootType: - description: BootType indicates the boot type (Legacy, UEFI - or SecureBoot) the Machine's VM uses to boot. If this field - is empty or omitted, the VM will use the default boot type - "Legacy" to boot. "SecureBoot" depends on "UEFI" boot, i.e., - enabling "SecureBoot" means that "UEFI" boot is also enabled. + description: |- + BootType indicates the boot type (Legacy, UEFI or SecureBoot) the Machine's VM uses to boot. + If this field is empty or omitted, the VM will use the default boot type "Legacy" to boot. + "SecureBoot" depends on "UEFI" boot, i.e., enabling "SecureBoot" means that "UEFI" boot is also enabled. enum: - "" - Legacy @@ -3773,10 +3792,10 @@ spec: - SecureBoot type: string categories: - description: Categories optionally adds one or more prism - categories (each with key and value) for the Machine's VM - to associate with. All the category key and value pairs - specified must already exist in the prism central. + description: |- + Categories optionally adds one or more prism categories (each with key and value) for + the Machine's VM to associate with. All the category key and value pairs specified must + already exist in the prism central. items: description: NutanixCategory identifies a pair of prism category key and value @@ -3801,12 +3820,12 @@ spec: - key x-kubernetes-list-type: map coresPerSocket: - description: 'NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be NumCPUs - times NumCoresPerSocket. For example: 4 CPUs and 4 Cores - per socket will result in 16 VPUs. The AHV scheduler treats - socket and core allocation exactly the same so there is - no benefit to configuring cores over CPUs.' + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs times NumCoresPerSocket. + For example: 4 CPUs and 4 Cores per socket will result in 16 VPUs. + The AHV scheduler treats socket and core allocation exactly the same + so there is no benefit to configuring cores over CPUs. format: int64 type: integer cpus: @@ -3845,11 +3864,10 @@ spec: the disk device. properties: adapterType: - description: adapterType is the adapter type of - the disk address. If the deviceType is "Disk", - the valid adapterType can be "SCSI", "IDE", "PCI", - "SATA" or "SPAPR". If the deviceType is "CDRom", - the valid adapterType can be "IDE" or "SATA". + description: |- + adapterType is the adapter type of the disk address. + If the deviceType is "Disk", the valid adapterType can be "SCSI", "IDE", "PCI", "SATA" or "SPAPR". + If the deviceType is "CDRom", the valid adapterType can be "IDE" or "SATA". enum: - SCSI - IDE @@ -3859,24 +3877,20 @@ spec: type: string deviceIndex: default: 0 - description: deviceIndex is the index of the disk - address. The valid values are non-negative integers, - with the default value 0. For a Machine VM, the - deviceIndex for the disks with the same deviceType.adapterType - combination should start from 0 and increase consecutively - afterwards. Note that for each Machine VM, the - Disk.SCSI.0 and CDRom.IDE.0 are reserved to be - used by the VM's system. So for dataDisks of Disk.SCSI - and CDRom.IDE, the deviceIndex should start from - 1. + description: |- + deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. + For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should + start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 + and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, + the deviceIndex should start from 1. format: int32 minimum: 0 type: integer deviceType: default: Disk - description: deviceType specifies the disk device - type. The valid values are "Disk" and "CDRom", - and the default is "Disk". + description: |- + deviceType specifies the disk device type. + The valid values are "Disk" and "CDRom", and the default is "Disk". enum: - Disk - CDRom @@ -3890,9 +3904,9 @@ spec: anyOf: - type: integer - type: string - description: diskSize is size (in Quantity format) of - the disk to attach to the VM. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format - for the Quantity format and example documentation. + description: |- + diskSize is size (in Quantity format) of the disk to attach to the VM. + See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. The minimum diskSize is 1GB. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true @@ -3909,9 +3923,9 @@ spec: - Standard - Flash default: Standard - description: diskMode specifies the disk mode. The - valid values are Standard and Flash, and the default - is Standard. + description: |- + diskMode specifies the disk mode. + The valid values are Standard and Flash, and the default is Standard. type: string storageContainer: description: storageContainer refers to the storage_container @@ -3942,8 +3956,9 @@ spec: type: array x-kubernetes-list-type: set failureDomains: - description: FailureDomains optionally configures a list of - failure domain names that will be applied to the MachinePool + description: |- + FailureDomains optionally configures a list of failure domain names + that will be applied to the MachinePool items: type: string type: array @@ -3964,8 +3979,9 @@ spec: description: name is the GPU device name type: string type: - description: type is the identifier type of the GPU - device. Valid values are Name and DeviceID. + description: |- + type is the identifier type of the GPU device. + Valid values are Name and DeviceID. enum: - Name - DeviceID @@ -4055,13 +4071,11 @@ spec: pattern: ^[0-9A-Za-z_.-@/]+$ type: string prismElement: - description: prismElement holds the identification (name, - uuid) and the optional endpoint address and port of the - Nutanix Prism Element. When a cluster-wide proxy is installed, - by default, this endpoint will be accessed via the proxy. - Should you wish for communication with this endpoint not - to be proxied, please add the endpoint to the proxy spec.noProxy - list. + description: |- + prismElement holds the identification (name, uuid) and the optional endpoint address and port of the Nutanix Prism Element. + When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. + Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the + proxy spec.noProxy list. properties: endpoint: description: Endpoint holds the address and port of @@ -4115,9 +4129,9 @@ spec: type: object type: array subnetUUIDs: - description: SubnetUUIDs identifies the network subnets - of the Prism Element. Currently we only support one subnet - for a failure domain. + description: |- + SubnetUUIDs identifies the network subnets of the Prism Element. + Currently we only support one subnet for a failure domain. items: type: string minItems: 1 @@ -4130,13 +4144,14 @@ spec: type: object type: array ingressVIP: - description: 'DeprecatedIngressVIP is the virtual IP address for - ingress Deprecated: use IngressVIPs' + description: |- + DeprecatedIngressVIP is the virtual IP address for ingress + Deprecated: use IngressVIPs type: string ingressVIPs: - description: IngressVIPs contains the VIP(s) for ingress. In dual - stack clusters it contains an IPv4 and IPv6 address, otherwise - only one VIP + description: |- + IngressVIPs contains the VIP(s) for ingress. In dual stack clusters + it contains an IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -4144,22 +4159,22 @@ spec: type: array uniqueItems: true loadBalancer: - description: LoadBalancer defines how the load balancer used by - the cluster is configured. LoadBalancer is available in TechPreview. + description: |- + LoadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer is available in TechPreview. properties: type: default: OpenShiftManagedDefault - description: type defines the type of load balancer used by - the cluster on Nutanix platform which can be a user-managed - or openshift-managed load balancer that is to be used for - the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress traffic load-balancing + description: |- + type defines the type of load balancer used by the cluster on Nutanix platform + which can be a user-managed or openshift-managed load balancer + that is to be used for the OpenShift API and Ingress endpoints. + When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means no - opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. + When set to UserManaged these static pods will not be deployed and it is expected that + the load balancer is configured out of band by the deployer. + When omitted, this means no opinion and the platform is left to choose a reasonable default. + The default value is OpenShiftManagedDefault. enum: - OpenShiftManagedDefault - UserManaged @@ -4169,9 +4184,10 @@ spec: rule: oldSelf == '' || self == oldSelf type: object prismCentral: - description: PrismCentral is the endpoint (address and port) and - credentials to connect to the Prism Central. This serves as - the default Prism-Central. + description: |- + PrismCentral is the endpoint (address and port) and credentials to + connect to the Prism Central. + This serves as the default Prism-Central. properties: endpoint: description: Endpoint holds the address and port of the Prism @@ -4205,10 +4221,10 @@ spec: - username type: object prismElements: - description: PrismElements holds a list of Prism Elements (clusters). - A Prism Element encompasses all Nutanix resources (VMs, subnets, - etc.) used to host the OpenShift cluster. Currently only a single - Prism Element may be defined. This serves as the default Prism-Element. + description: |- + PrismElements holds a list of Prism Elements (clusters). A Prism Element encompasses all Nutanix resources (VMs, subnets, etc.) + used to host the OpenShift cluster. Currently only a single Prism Element may be defined. + This serves as the default Prism-Element. items: description: PrismElement holds the uuid, endpoint of the Prism Element (cluster) @@ -4242,9 +4258,9 @@ spec: type: object type: array subnetUUIDs: - description: SubnetUUIDs identifies the network subnets to be - used by the cluster. Currently we only support one subnet for - an OpenShift cluster. + description: |- + SubnetUUIDs identifies the network subnets to be used by the cluster. + Currently we only support one subnet for an OpenShift cluster. items: type: string type: array @@ -4258,23 +4274,24 @@ spec: OpenStack. properties: apiFloatingIP: - description: APIFloatingIP is the IP address of an available floating - IP in your OpenStack cluster to associate with the OpenShift - API load balancer. + description: |- + APIFloatingIP is the IP address of an available floating IP in your OpenStack cluster + to associate with the OpenShift API load balancer. type: string apiVIP: - description: 'DeprecatedAPIVIP is the static IP on the nodes subnet - that the api port for openshift will be assigned Default: will - be set to the 5 on the first entry in the machineNetwork CIDR - Deprecated: Use APIVIPs' + description: |- + DeprecatedAPIVIP is the static IP on the nodes subnet that the api port for openshift will be assigned + Default: will be set to the 5 on the first entry in the machineNetwork CIDR + Deprecated: Use APIVIPs format: ip type: string apiVIPs: - description: 'APIVIPs contains the VIP(s) on the nodes subnet - that the api port for openshift will be assigned. In dual stack - clusters it contains an IPv4 and IPv6 address, otherwise only - one VIP Default: will be set to the 5 on the first entry in - the machineNetwork CIDR' + description: |- + APIVIPs contains the VIP(s) on the nodes subnet that the api port for + openshift will be assigned. In dual stack clusters it contains an IPv4 + and IPv6 address, otherwise only one VIP + Default: will be set to the 5 on the first entry in the machineNetwork + CIDR format: ip items: type: string @@ -4286,30 +4303,27 @@ spec: clouds.yaml. type: string clusterOSImage: - description: ClusterOSImage is either a URL with `http(s)` or - `file` scheme to override the default OS image for cluster nodes, - or an existing Glance image name. + description: |- + ClusterOSImage is either a URL with `http(s)` or `file` scheme to override + the default OS image for cluster nodes, or an existing Glance image name. type: string clusterOSImageProperties: additionalProperties: type: string - description: 'ClusterOSImageProperties is a list of properties - to be added to the metadata of the uploaded Glance ClusterOSImage. - Default: the default is to not set any properties.' + description: |- + ClusterOSImageProperties is a list of properties to be added to the metadata of the uploaded Glance ClusterOSImage. + Default: the default is to not set any properties. type: object computeFlavor: - description: 'DeprecatedFlavorName is the name of the flavor to - use for instances in this cluster. Deprecated: use FlavorName - in DefaultMachinePlatform to define default flavor.' + description: |- + DeprecatedFlavorName is the name of the flavor to use for instances in this cluster. + Deprecated: use FlavorName in DefaultMachinePlatform to define default flavor. type: string controlPlanePort: - description: ControlPlanePort contains details of the network - attached to the control plane port, with the network either - containing one openstack subnet for IPv4 or two openstack subnets - for dualstack clusters. Providing this configuration will prevent - OpenShift from managing or updating this network and its subnets. - The network and its subnets will be used during creation of - all nodes. + description: |- + ControlPlanePort contains details of the network attached to the control plane port, with the network either containing one openstack + subnet for IPv4 or two openstack subnets for dualstack clusters. Providing this configuration will prevent OpenShift from managing + or updating this network and its subnets. The network and its subnets will be used during creation of all nodes. properties: fixedIPs: description: Specify subnets of the network where control @@ -4332,9 +4346,9 @@ spec: type: object type: array network: - description: Network is a query for an openstack network that - the port will be discovered on. This will fail if the query - returns more than one network. + description: |- + Network is a query for an openstack network that the port will be discovered on. + This will fail if the query returns more than one network. properties: id: type: string @@ -4345,49 +4359,52 @@ spec: - fixedIPs type: object defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on OpenStack for machine pools which do - not define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on OpenStack for machine pools which do not define their own + platform configuration. properties: additionalNetworkIDs: - description: AdditionalNetworkIDs contains IDs of additional - networks for machines, where each ID is presented in UUID - v4 format. Allowed address pairs won't be created for the - additional networks. + description: |- + AdditionalNetworkIDs contains IDs of additional networks for machines, + where each ID is presented in UUID v4 format. + Allowed address pairs won't be created for the additional networks. items: type: string type: array additionalSecurityGroupIDs: - description: AdditionalSecurityGroupIDs contains IDs of additional - security groups for machines, where each ID is presented - in UUID v4 format. + description: |- + AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, + where each ID is presented in UUID v4 format. items: type: string type: array rootVolume: - description: RootVolume defines the root volume for instances - in the machine pool. The instances use ephemeral disks if - not set. + description: |- + RootVolume defines the root volume for instances in the machine pool. + The instances use ephemeral disks if not set. properties: size: - description: Size defines the size of the volume in gibibytes - (GiB). Required + description: |- + Size defines the size of the volume in gibibytes (GiB). + Required type: integer type: - description: 'Type defines the type of the volume. Deprecated: - Use Types instead.' + description: |- + Type defines the type of the volume. + Deprecated: Use Types instead. type: string types: - description: Types is the list of the volume types of - the root volumes. This is mutually exclusive with Type. + description: |- + Types is the list of the volume types of the root volumes. + This is mutually exclusive with Type. items: type: string type: array zones: - description: Zones is the list of availability zones where - the root volumes should be deployed. If no zones are - provided, all instances will be deployed on OpenStack - Cinder default availability zone + description: |- + Zones is the list of availability zones where the root volumes should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Cinder default availability zone items: type: string type: array @@ -4396,9 +4413,9 @@ spec: - types type: object serverGroupPolicy: - description: ServerGroupPolicy will be used to create the - Server Group that will contain all the machines of this - MachinePool. Defaults to "soft-anti-affinity". + description: |- + ServerGroupPolicy will be used to create the Server Group that will contain all the machines of this MachinePool. + Defaults to "soft-anti-affinity". enum: - "" - affinity @@ -4407,14 +4424,14 @@ spec: - soft-anti-affinity type: string type: - description: FlavorName defines the OpenStack Nova flavor. + description: |- + FlavorName defines the OpenStack Nova flavor. eg. m1.large type: string zones: - description: Zones is the list of availability zones where - the instances should be deployed. If no zones are provided, - all instances will be deployed on OpenStack Nova default - availability zone + description: |- + Zones is the list of availability zones where the instances should be deployed. + If no zones are provided, all instances will be deployed on OpenStack Nova default availability zone items: type: string type: array @@ -4422,9 +4439,9 @@ spec: - type type: object externalDNS: - description: ExternalDNS holds the IP addresses of dns servers - that will be added to the dns resolution of all instances in - the cluster. + description: |- + ExternalDNS holds the IP addresses of dns servers that will + be added to the dns resolution of all instances in the cluster. items: type: string type: array @@ -4433,23 +4450,24 @@ spec: your OpenStack cluster. type: string ingressFloatingIP: - description: IngressFloatingIP is the ID of an available floating - IP in your OpenStack cluster that will be associated with the - OpenShift ingress port + description: |- + IngressFloatingIP is the ID of an available floating IP in your OpenStack cluster + that will be associated with the OpenShift ingress port type: string ingressVIP: - description: 'DeprecatedIngressVIP is the static IP on the nodes - subnet that the apps port for openshift will be assigned Default: - will be set to the 7 on the first entry in the machineNetwork - CIDR Deprecated: Use IngressVIPs' + description: |- + DeprecatedIngressVIP is the static IP on the nodes subnet that the apps port for openshift will be assigned + Default: will be set to the 7 on the first entry in the machineNetwork CIDR + Deprecated: Use IngressVIPs format: ip type: string ingressVIPs: - description: 'IngressVIPs contains the VIP(s) on the nodes subnet - that the apps port for openshift will be assigned. In dual stack - clusters it contains an IPv4 and IPv6 address, otherwise only - one VIP Default: will be set to the 7 on the first entry in - the machineNetwork CIDR' + description: |- + IngressVIPs contains the VIP(s) on the nodes subnet that the apps port + for openshift will be assigned. In dual stack clusters it contains an + IPv4 and IPv6 address, otherwise only one VIP + Default: will be set to the 7 on the first entry in the machineNetwork + CIDR format: ip items: type: string @@ -4457,9 +4475,10 @@ spec: type: array uniqueItems: true lbFloatingIP: - description: 'LbFloatingIP is the IP address of an available floating - IP in your OpenStack cluster to associate with the OpenShift - load balancer. Deprecated: this value has been renamed to apiFloatingIP.' + description: |- + LbFloatingIP is the IP address of an available floating IP in your OpenStack cluster + to associate with the OpenShift load balancer. + Deprecated: this value has been renamed to apiFloatingIP. type: string loadBalancer: description: LoadBalancer defines how the load balancer used by @@ -4467,17 +4486,16 @@ spec: properties: type: default: OpenShiftManagedDefault - description: type defines the type of load balancer used by - the cluster on OpenStack platform which can be a user-managed - or openshift-managed load balancer that is to be used for - the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress traffic load-balancing + description: |- + type defines the type of load balancer used by the cluster on OpenStack platform + which can be a user-managed or openshift-managed load balancer + that is to be used for the OpenShift API and Ingress endpoints. + When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means no - opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. + When set to UserManaged these static pods will not be deployed and it is expected that + the load balancer is configured out of band by the deployer. + When omitted, this means no opinion and the platform is left to choose a reasonable default. + The default value is OpenShiftManagedDefault. enum: - OpenShiftManagedDefault - UserManaged @@ -4487,28 +4505,28 @@ spec: rule: oldSelf == '' || self == oldSelf type: object machinesSubnet: - description: 'DeprecatedMachinesSubnet is a string of the UUIDv4 - of an openstack subnet. This subnet will be used by all nodes - created by the installer. By setting this, the installer will - no longer create a network and subnet. The subnet and network - specified in MachinesSubnet will not be deleted or modified - by the installer. Deprecated: Use ControlPlanePort' + description: |- + DeprecatedMachinesSubnet is a string of the UUIDv4 of an openstack subnet. This subnet will be used by all nodes created by the installer. + By setting this, the installer will no longer create a network and subnet. + The subnet and network specified in MachinesSubnet will not be deleted or modified by the installer. + Deprecated: Use ControlPlanePort type: string octaviaSupport: - description: 'OctaviaSupport holds a `0` or `1` value that indicates - whether your OpenStack cluster supports Octavia Loadbalancing. - Deprecated: this value is set by the installer automatically.' + description: |- + OctaviaSupport holds a `0` or `1` value that indicates whether your OpenStack + cluster supports Octavia Loadbalancing. + Deprecated: this value is set by the installer automatically. type: string region: - description: 'Region specifies the OpenStack region where the - cluster will be created. Deprecated: this value is not used - by the installer.' + description: |- + Region specifies the OpenStack region where the cluster will be created. + Deprecated: this value is not used by the installer. type: string trunkSupport: - description: 'TrunkSupport holds a `0` or `1` value that indicates - whether or not to use trunk ports in your OpenShift cluster. - Deprecated: the machine manifest should be used to specify that - trunk should be used.' + description: |- + TrunkSupport holds a `0` or `1` value that indicates whether or not to use trunk ports + in your OpenShift cluster. + Deprecated: the machine manifest should be used to specify that trunk should be used. type: string required: - cloud @@ -4543,16 +4561,16 @@ spec: type: object type: array api_vip: - description: 'DeprecatedAPIVIP is an IP which will be served by - bootstrap and then pivoted masters, using keepalived Deprecated: - Use APIVIPs' + description: |- + DeprecatedAPIVIP is an IP which will be served by bootstrap and then pivoted masters, using keepalived + Deprecated: Use APIVIPs format: ip type: string api_vips: - description: APIVIPs contains the VIP(s) which will be served - by bootstrap and then pivoted masters, using keepalived. In - dual stack clusters it contains an IPv4 and IPv6 address, otherwise - only one VIP + description: |- + APIVIPs contains the VIP(s) which will be served by bootstrap and then + pivoted masters, using keepalived. In dual stack clusters it contains an + IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -4560,47 +4578,49 @@ spec: type: array uniqueItems: true defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on ovirt for machine pools which do not - define their own platform configuration. Default will set the - image field to the latest RHCOS image. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on ovirt for machine pools which do not define their + own platform configuration. + Default will set the image field to the latest RHCOS image. properties: affinityGroupsNames: - description: AffinityGroupsNames contains a list of oVirt - affinity group names that the newly created machines will - join. The affinity groups should exist on the oVirt cluster - or created by the OpenShift installer. + description: |- + AffinityGroupsNames contains a list of oVirt affinity group names that the newly created machines will join. + The affinity groups should exist on the oVirt cluster or created by the OpenShift installer. items: type: string type: array autoPinningPolicy: - description: AutoPinningPolicy defines the policy to automatically - set the CPU and NUMA including pinning to the host for the - instance. When the field is omitted the default will be - "none". + description: |- + AutoPinningPolicy defines the policy to automatically set the CPU + and NUMA including pinning to the host for the instance. + When the field is omitted the default will be "none". enum: - none - resize_and_pin type: string clone: - description: "Clone makes sure that the disks are cloned from - the template and are not linked. Defaults to true for high - performance and server VM types, false for desktop types. - \n Note: this option is not documented in the OpenShift - documentation. This is intentional as it has sane defaults - that shouldn't be changed unless needed for debugging or - resolving issues in cooperation with Red Hat support." + description: |- + Clone makes sure that the disks are cloned from the template and are not linked. + Defaults to true for high performance and server VM types, false for desktop types. + + + Note: this option is not documented in the OpenShift documentation. This is intentional as it has sane defaults + that shouldn't be changed unless needed for debugging or resolving issues in cooperation with Red Hat support. type: boolean cpu: description: CPU defines the VM CPU. properties: cores: - description: Cores is the number of cores per socket. + description: |- + Cores is the number of cores per socket. Total CPUs is (Sockets * Cores) format: int32 type: integer sockets: - description: Sockets is the number of sockets for a VM. + description: |- + Sockets is the number of sockets for a VM. Total CPUs is (Sockets * Cores) format: int32 type: integer @@ -4614,9 +4634,9 @@ spec: - threads type: object format: - description: Format is the disk format that the disks are - in. Can be "cow" or "raw". "raw" disables several features - that may be needed, such as incremental backups. + description: |- + Format is the disk format that the disks are in. Can be "cow" or "raw". "raw" disables several features that + may be needed, such as incremental backups. enum: - "" - raw @@ -4631,10 +4651,10 @@ spec: format: int32 type: integer instanceTypeID: - description: InstanceTypeID defines the VM instance type and - overrides the hardware parameters of the created VM, including - cpu and memory. If InstanceTypeID is passed, all memory - and cpu variables will be ignored. + description: |- + InstanceTypeID defines the VM instance type and overrides + the hardware parameters of the created VM, including cpu and memory. + If InstanceTypeID is passed, all memory and cpu variables will be ignored. type: string memoryMB: description: MemoryMB is the size of a VM's memory in MiBs. @@ -4664,18 +4684,18 @@ spec: type: string type: object ingress_vip: - description: 'IngressIP is an external IP which routes to the - default ingress controller. The IP is a suitable target of a - wildcard DNS record used to resolve default route host names. - Deprecated: Use IngressVIPs' + description: |- + IngressIP is an external IP which routes to the default ingress controller. + The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + Deprecated: Use IngressVIPs format: ip type: string ingress_vips: - description: IngressVIPs are external IP(s) which route to the - default ingress controller. The VIPs are suitable targets of - wildcard DNS records used to resolve default route host names. - In dual stack clusters it contains an IPv4 and IPv6 address, - otherwise only one VIP + description: |- + IngressVIPs are external IP(s) which route to the default ingress + controller. The VIPs are suitable targets of wildcard DNS records used to + resolve default route host names. In dual stack clusters it contains an + IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -4683,22 +4703,22 @@ spec: type: array uniqueItems: true loadBalancer: - description: LoadBalancer defines how the load balancer used by - the cluster is configured. LoadBalancer is available in TechPreview. + description: |- + LoadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer is available in TechPreview. properties: type: default: OpenShiftManagedDefault - description: type defines the type of load balancer used by - the cluster on Ovirt platform which can be a user-managed - or openshift-managed load balancer that is to be used for - the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress traffic load-balancing + description: |- + type defines the type of load balancer used by the cluster on Ovirt platform + which can be a user-managed or openshift-managed load balancer + that is to be used for the OpenShift API and Ingress endpoints. + When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means no - opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. + When set to UserManaged these static pods will not be deployed and it is expected that + the load balancer is configured out of band by the deployer. + When omitted, this means no opinion and the platform is left to choose a reasonable default. + The default value is OpenShiftManagedDefault. enum: - OpenShiftManagedDefault - UserManaged @@ -4711,21 +4731,19 @@ spec: description: The target cluster under which all VMs will run type: string ovirt_network_name: - description: NetworkName is the target network of all the network - interfaces of the nodes. When no ovirt_network_name is provided - it defaults to `ovirtmgmt` network, which is a default network - for every ovirt cluster. + description: |- + NetworkName is the target network of all the network interfaces of the nodes. + When no ovirt_network_name is provided it defaults to `ovirtmgmt` network, which is a default network for every ovirt cluster. type: string ovirt_storage_domain_id: description: The target storage domain under which all VM disk would be created. type: string vnicProfileID: - description: VNICProfileID defines the VNIC profile ID to use - the the VM network interfaces. When no vnicProfileID is provided - it will be set to the profile of the network. If there are multiple - profiles for the network, the installer requires you to explicitly - set the vnicProfileID. + description: |- + VNICProfileID defines the VNIC profile ID to use the the VM network interfaces. + When no vnicProfileID is provided it will be set to the profile of the network. If there are multiple + profiles for the network, the installer requires you to explicitly set the vnicProfileID. type: string required: - ovirt_cluster_id @@ -4736,13 +4754,15 @@ spec: Power VS. properties: clusterOSImage: - description: ClusterOSImage is a pre-created Power VS boot image - that overrides the default image for cluster nodes. + description: |- + ClusterOSImage is a pre-created Power VS boot image that overrides the + default image for cluster nodes. type: string defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on Power VS for machine pools which do - not define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on Power VS for machine pools which do not define their own + platform configuration. properties: memoryGiB: description: memoryGiB is the size of a virtual machine's @@ -4750,8 +4770,9 @@ spec: format: int32 type: integer procType: - description: ProcType defines the processor sharing model - for the instance. Must be one of {Capped, Dedicated, Shared}. + description: |- + ProcType defines the processor sharing model for the instance. + Must be one of {Capped, Dedicated, Shared}. enum: - Dedicated - Shared @@ -4788,24 +4809,28 @@ spec: the cluster will be created. type: string serviceEndpoints: - description: ServiceEndpoints is a list which contains custom - endpoints to override default service endpoints of IBM Cloud - Services. There must only be one ServiceEndpoint for a service - (no duplicates). + description: |- + ServiceEndpoints is a list which contains custom endpoints to override default + service endpoints of IBM Cloud Services. + There must only be one ServiceEndpoint for a service (no duplicates). items: - description: PowervsServiceEndpoint stores the configuration - of a custom url to override existing defaults of PowerVS Services. + description: |- + PowervsServiceEndpoint stores the configuration of a custom url to + override existing defaults of PowerVS Services. properties: name: - description: name is the name of the Power VS service. Few - of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api + description: |- + name is the name of the Power VS service. + Few of the services are + IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud pattern: ^[a-z0-9-]+$ type: string url: - description: url is fully qualified URI with scheme https, - that overrides the default generated endpoint for a client. + description: |- + url is fully qualified URI with scheme https, that overrides the default generated + endpoint for a client. This must be provided and cannot be empty. format: uri pattern: ^https:// @@ -4816,10 +4841,10 @@ spec: type: object type: array serviceInstanceGUID: - description: ServiceInstanceGUID is the GUID of the Power IAAS - instance created from the IBM Cloud Catalog before the cluster - is completed. Leave unset to allow the installer to create - a service instance during cluster creation. + description: |- + ServiceInstanceGUID is the GUID of the Power IAAS instance created from the IBM Cloud Catalog + before the cluster is completed. Leave unset to allow the installer to create a service + instance during cluster creation. type: string tgName: description: TGName is the name of a pre-created TransitGateway @@ -4833,21 +4858,22 @@ spec: Cloud. type: string vpcRegion: - description: VPCRegion specifies the IBM Cloud region in which - to create VPC resources. Leave unset to allow installer to select - the closest VPC region. + description: |- + VPCRegion specifies the IBM Cloud region in which to create VPC resources. + Leave unset to allow installer to select the closest VPC region. type: string vpcSubnets: - description: VPCSubnets specifies existing subnets (by ID) where - cluster resources will be created. Leave unset to have the - installer create subnets in a new VPC on your behalf. + description: |- + VPCSubnets specifies existing subnets (by ID) where cluster + resources will be created. Leave unset to have the installer + create subnets in a new VPC on your behalf. items: type: string type: array zone: - description: Zone specifies the IBM Cloud colo region where the - cluster will be created. At this time, only single-zone clusters - are supported. + description: |- + Zone specifies the IBM Cloud colo region where the cluster will be created. + At this time, only single-zone clusters are supported. type: string required: - powervsResourceGroup @@ -4859,13 +4885,14 @@ spec: vSphere. properties: apiVIP: - description: 'DeprecatedAPIVIP is the virtual IP address for the - api endpoint Deprecated: Use APIVIPs' + description: |- + DeprecatedAPIVIP is the virtual IP address for the api endpoint + Deprecated: Use APIVIPs type: string apiVIPs: - description: APIVIPs contains the VIP(s) for the api endpoint. - In dual stack clusters it contains an IPv4 and IPv6 address, - otherwise only one VIP + description: |- + APIVIPs contains the VIP(s) for the api endpoint. In dual stack clusters + it contains an IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -4873,29 +4900,34 @@ spec: type: array uniqueItems: true cluster: - description: 'Cluster is the name of the cluster virtual machines - will be cloned into. Deprecated: Use FailureDomains.Topology.Cluster' + description: |- + Cluster is the name of the cluster virtual machines will be cloned into. + Deprecated: Use FailureDomains.Topology.Cluster type: string clusterOSImage: description: ClusterOSImage overrides the url provided in rhcos.json to download the RHCOS OVA type: string datacenter: - description: 'Datacenter is the name of the datacenter to use - in the vCenter. Deprecated: Use FailureDomains.Topology.Datacenter' + description: |- + Datacenter is the name of the datacenter to use in the vCenter. + Deprecated: Use FailureDomains.Topology.Datacenter type: string defaultDatastore: - description: 'DefaultDatastore is the default datastore to use - for provisioning volumes. Deprecated: Use FailureDomains.Topology.Datastore' + description: |- + DefaultDatastore is the default datastore to use for provisioning volumes. + Deprecated: Use FailureDomains.Topology.Datastore type: string defaultMachinePlatform: - description: DefaultMachinePlatform is the default configuration - used when installing on VSphere for machine pools which do not - define their own platform configuration. + description: |- + DefaultMachinePlatform is the default configuration used when + installing on VSphere for machine pools which do not define their own + platform configuration. properties: coresPerSocket: - description: NumCoresPerSocket is the number of cores per - socket in a vm. The number of vCPUs on the vm will be NumCPUs/NumCoresPerSocket. + description: |- + NumCoresPerSocket is the number of cores per socket in a vm. The number + of vCPUs on the vm will be NumCPUs/NumCoresPerSocket. format: int32 type: integer cpus: @@ -4916,14 +4948,16 @@ spec: type: integer type: object zones: - description: Zones defines available zones Zones is available - in TechPreview. + description: |- + Zones defines available zones + Zones is available in TechPreview. items: type: string type: array type: object diskType: - description: DiskType is the name of the disk provisioning type, + description: |- + DiskType is the name of the disk provisioning type, valid values are thin, thick, and eagerZeroedThick. When not specified, it will be set according to the default storage policy of vsphere. @@ -4934,25 +4968,28 @@ spec: - eagerZeroedThick type: string failureDomains: - description: FailureDomains holds the VSpherePlatformFailureDomainSpec - which contains the definition of region, zone and the vCenter - topology. If this is omitted failure domains (regions and zones) - will not be used. + description: |- + FailureDomains holds the VSpherePlatformFailureDomainSpec which contains + the definition of region, zone and the vCenter topology. + If this is omitted failure domains (regions and zones) will not be used. items: - description: FailureDomain holds the region and zone failure - domain and the vCenter topology of that failure domain. + description: |- + FailureDomain holds the region and zone failure domain and + the vCenter topology of that failure domain. properties: name: - description: name defines the name of the FailureDomain - This name is arbitrary but will be used in VSpherePlatformDeploymentZone - for association. + description: |- + name defines the name of the FailureDomain + This name is arbitrary but will be used + in VSpherePlatformDeploymentZone for association. maxLength: 256 minLength: 1 type: string region: - description: region defines a FailureDomainCoordinate which - includes the name of the vCenter tag, the failure domain - type and the name of the vCenter tag category. + description: |- + region defines a FailureDomainCoordinate which + includes the name of the vCenter tag, the failure domain type + and the name of the vCenter tag category. type: string server: description: server is the fully-qualified domain name or @@ -4965,27 +5002,30 @@ spec: vSphere constructs properties: computeCluster: - description: computeCluster as the failure domain This - is required to be a path + description: |- + computeCluster as the failure domain + This is required to be a path maxLength: 2048 minLength: 1 type: string datacenter: - description: datacenter is the vCenter datacenter in - which virtual machines will be located and defined - as the failure domain. + description: |- + datacenter is the vCenter datacenter in which virtual machines will be located + and defined as the failure domain. maxLength: 80 minLength: 1 type: string datastore: - description: datastore is the name or inventory path - of the datastore in which the virtual machine is created/located. + description: |- + datastore is the name or inventory path of the datastore in which the + virtual machine is created/located. maxLength: 2048 minLength: 1 type: string folder: - description: folder is the inventory path of the folder - in which the virtual machine is created/located. + description: |- + folder is the inventory path of the folder in which the + virtual machine is created/located. maxLength: 2048 minLength: 1 pattern: ^/.*?/vm/.*? @@ -4997,25 +5037,25 @@ spec: type: string type: array resourcePool: - description: resourcePool is the absolute path of the - resource pool where virtual machines will be created. - The absolute path is of the form //host//Resources/. + description: |- + resourcePool is the absolute path of the resource pool where virtual machines will be + created. The absolute path is of the form //host//Resources/. maxLength: 2048 minLength: 1 pattern: ^/.*?/host/.*?/Resources.* type: string tagIDs: - description: tagIDs is an optional set of tags to add - to an instance. Specified tagIDs must use URN-notation - instead of display names. A maximum of 10 tag IDs - may be specified. + description: |- + tagIDs is an optional set of tags to add to an instance. Specified tagIDs + must use URN-notation instead of display names. A maximum of 10 tag IDs may be specified. example: urn:vmomi:InventoryServiceTag:5736bf56-49f5-4667-b38c-b97e09dc9578:GLOBAL items: type: string type: array template: - description: template is the inventory path of the virtual - machine or template that will be used for cloning. + description: |- + template is the inventory path of the virtual machine or template + that will be used for cloning. maxLength: 2048 minLength: 1 pattern: ^/.*?/vm/.*? @@ -5026,9 +5066,10 @@ spec: - datastore type: object zone: - description: zone defines a VSpherePlatformFailureDomain - which includes the name of the vCenter tag, the failure - domain type and the name of the vCenter tag category. + description: |- + zone defines a VSpherePlatformFailureDomain which + includes the name of the vCenter tag, the failure domain type + and the name of the vCenter tag category. type: string required: - name @@ -5039,10 +5080,10 @@ spec: type: object type: array folder: - description: 'Folder is the absolute path of the folder that will - be used and/or created for virtual machines. The absolute path - is of the form //vm//. Deprecated: - Use FailureDomains.Topology.Folder' + description: |- + Folder is the absolute path of the folder that will be used and/or created for + virtual machines. The absolute path is of the form //vm//. + Deprecated: Use FailureDomains.Topology.Folder pattern: ^/.*?/vm/.*? type: string hosts: @@ -5060,28 +5101,26 @@ spec: description: NetworkDeviceSpec to be applied to the host properties: gateway: - description: gateway is an IPv4 or IPv6 address which - represents the subnet gateway, for example, 192.168.1.1. + description: |- + gateway is an IPv4 or IPv6 address which represents the subnet gateway, + for example, 192.168.1.1. format: ipv6 type: string ipAddrs: - description: ipAddrs is a list of one or more IPv4 and/or - IPv6 addresses and CIDR to assign to this device, - for example, 192.168.1.100/24. IP addresses provided - via ipAddrs are intended to allow explicit assignment - of a machine's IP address. + description: |- + ipAddrs is a list of one or more IPv4 and/or IPv6 addresses and CIDR to assign to + this device, for example, 192.168.1.100/24. IP addresses provided via ipAddrs are + intended to allow explicit assignment of a machine's IP address. example: 2001:DB8:0000:0000:244:17FF:FEB6:D37D/64 format: ipv6 items: type: string type: array nameservers: - description: nameservers is a list of IPv4 and/or IPv6 - addresses used as DNS nameservers, for example, 8.8.8.8. - a nameserver is not provided by a fulfilled IPAddressClaim. - If DHCP is not the source of IP addresses for this - network device, nameservers should include a valid - nameserver. + description: |- + nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers, for example, + 8.8.8.8. a nameserver is not provided by a fulfilled IPAddressClaim. If DHCP is not the + source of IP addresses for this network device, nameservers should include a valid nameserver. example: 8.8.8.8 format: ipv6 items: @@ -5104,13 +5143,14 @@ spec: type: object type: array ingressVIP: - description: 'DeprecatedIngressVIP is the virtual IP address for - ingress Deprecated: Use IngressVIPs' + description: |- + DeprecatedIngressVIP is the virtual IP address for ingress + Deprecated: Use IngressVIPs type: string ingressVIPs: - description: IngressVIPs contains the VIP(s) for ingress. In dual - stack clusters it contains an IPv4 and IPv6 address, otherwise - only one VIP + description: |- + IngressVIPs contains the VIP(s) for ingress. In dual stack clusters it + contains an IPv4 and IPv6 address, otherwise only one VIP format: ip items: type: string @@ -5118,22 +5158,22 @@ spec: type: array uniqueItems: true loadBalancer: - description: LoadBalancer defines how the load balancer used by - the cluster is configured. LoadBalancer is available in TechPreview. + description: |- + LoadBalancer defines how the load balancer used by the cluster is configured. + LoadBalancer is available in TechPreview. properties: type: default: OpenShiftManagedDefault - description: type defines the type of load balancer used by - the cluster on VSphere platform which can be a user-managed - or openshift-managed load balancer that is to be used for - the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress traffic load-balancing + description: |- + type defines the type of load balancer used by the cluster on VSphere platform + which can be a user-managed or openshift-managed load balancer + that is to be used for the OpenShift API and Ingress endpoints. + When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means no - opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. + When set to UserManaged these static pods will not be deployed and it is expected that + the load balancer is configured out of band by the deployer. + When omitted, this means no opinion and the platform is left to choose a reasonable default. + The default value is OpenShiftManagedDefault. enum: - OpenShiftManagedDefault - UserManaged @@ -5143,33 +5183,39 @@ spec: rule: oldSelf == '' || self == oldSelf type: object network: - description: 'Network specifies the name of the network to be - used by the cluster. Deprecated: Use FailureDomains.Topology.Network' + description: |- + Network specifies the name of the network to be used by the cluster. + Deprecated: Use FailureDomains.Topology.Network type: string password: - description: 'Password is the password for the user to use to - connect to the vCenter. Deprecated: Use VCenters.Password' + description: |- + Password is the password for the user to use to connect to the vCenter. + Deprecated: Use VCenters.Password type: string resourcePool: - description: 'ResourcePool is the absolute path of the resource - pool where virtual machines will be created. The absolute path - is of the form //host//Resources/. - Deprecated: Use FailureDomains.Topology.ResourcePool' + description: |- + ResourcePool is the absolute path of the resource pool where virtual machines will be + created. The absolute path is of the form //host//Resources/. + Deprecated: Use FailureDomains.Topology.ResourcePool type: string username: - description: 'Username is the name of the user to use to connect - to the vCenter. Deprecated: Use VCenters.Username' + description: |- + Username is the name of the user to use to connect to the vCenter. + Deprecated: Use VCenters.Username type: string vCenter: - description: 'VCenter is the domain name or IP address of the - vCenter. Deprecated: Use VCenters.Server' + description: |- + VCenter is the domain name or IP address of the vCenter. + Deprecated: Use VCenters.Server type: string vcenters: - description: VCenters holds the connection details for services - to communicate with vCenter. Currently only a single vCenter - is supported. + description: |- + VCenters holds the connection details for services to communicate with vCenter. + Currently only a single vCenter is supported. items: - description: VCenter stores the vCenter connection fields https://github.com/kubernetes/cloud-provider-vsphere/blob/master/pkg/common/config/types_yaml.go + description: |- + VCenter stores the vCenter connection fields + https://github.com/kubernetes/cloud-provider-vsphere/blob/master/pkg/common/config/types_yaml.go properties: datacenters: description: Datacenter in which VMs are located. @@ -5183,8 +5229,9 @@ spec: type: string port: default: 443 - description: port is the TCP port that will be used to communicate - to the vCenter endpoint. This is typically unchanged from + description: |- + port is the TCP port that will be used to communicate to + the vCenter endpoint. This is typically unchanged from the default of HTTPS TCP/443. format: int32 maximum: 32767 @@ -5211,8 +5258,9 @@ spec: type: object type: object proxy: - description: Proxy defines the proxy settings for the cluster. If unset, - the cluster will not be configured to use a proxy. + description: |- + Proxy defines the proxy settings for the cluster. + If unset, the cluster will not be configured to use a proxy. properties: httpProxy: description: HTTPProxy is the URL of the proxy for HTTP requests. @@ -5227,9 +5275,9 @@ spec: type: object publish: default: External - description: Publish controls how the user facing endpoints of the cluster - like the Kubernetes API, OpenShift routes etc. are exposed. When no - strategy is specified, the strategy is "External". + description: |- + Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. + When no strategy is specified, the strategy is "External". enum: - "" - External diff --git a/go.mod b/go.mod index 6b7c76e97fd..7f53e7967d4 100644 --- a/go.mod +++ b/go.mod @@ -82,7 +82,7 @@ require ( github.com/openshift/cluster-api-provider-ovirt v0.1.1-0.20220323121149-e3f2850dd519 github.com/openshift/hive/apis v0.0.0-20220222213051-def9088fdb5a github.com/openshift/library-go v0.0.0-20240207105404-126b47137408 - github.com/openshift/machine-api-provider-gcp v0.0.1-0.20231014045125-6096cc86f3ba + github.com/openshift/machine-api-provider-gcp v0.0.1-0.20241024094404-0d6fbdb09401 github.com/openshift/machine-api-provider-ibmcloud v0.0.0-20231207164151-6b0b8ea7b16d github.com/ovirt/go-ovirt v0.0.0-20210809163552-d4276e35d3db github.com/pborman/uuid v1.2.0 @@ -128,7 +128,7 @@ require ( sigs.k8s.io/cluster-api-provider-openstack v0.10.3 sigs.k8s.io/cluster-api-provider-vsphere v1.9.3 sigs.k8s.io/controller-runtime v0.18.5 - sigs.k8s.io/controller-tools v0.12.0 + sigs.k8s.io/controller-tools v0.14.0 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 8226f84a4f4..0304ddfc2d6 100644 --- a/go.sum +++ b/go.sum @@ -800,8 +800,8 @@ github.com/openshift/library-go v0.0.0-20240207105404-126b47137408 h1:Evg6GEvEuy github.com/openshift/library-go v0.0.0-20240207105404-126b47137408/go.mod h1:ePlaOqUiPplRc++6aYdMe+2FmXb2xTNS9Nz5laG2YmI= github.com/openshift/machine-api-operator v0.2.1-0.20240722145313-3a817c78946a h1:0TwU3J28sQTGy/ZMVSvi3sUolH92BwlIWcf+wCJLWKE= github.com/openshift/machine-api-operator v0.2.1-0.20240722145313-3a817c78946a/go.mod h1:2TUb0+EfkIj5fWhGy+oR3QiANCzHTWzkyNDEknxrQJI= -github.com/openshift/machine-api-provider-gcp v0.0.1-0.20231014045125-6096cc86f3ba h1:q9VMvYHgKq1v+3E57HIdbR9hJPNSmHDfZpOHsXC27Nk= -github.com/openshift/machine-api-provider-gcp v0.0.1-0.20231014045125-6096cc86f3ba/go.mod h1:G1BYMrC49dMOkCEjG+LPoe0rRXFRv8o/jqLuN4fgfGM= +github.com/openshift/machine-api-provider-gcp v0.0.1-0.20241024094404-0d6fbdb09401 h1:adlUJqvMzPbDPSUo/TIN8olPN5x0w/71plhxj6YIq9I= +github.com/openshift/machine-api-provider-gcp v0.0.1-0.20241024094404-0d6fbdb09401/go.mod h1:5peyDQD9BPqSVTlZeGpd8cP46M50G+JEjrhRWcGb7HA= github.com/openshift/machine-api-provider-ibmcloud v0.0.0-20231207164151-6b0b8ea7b16d h1:ELypg5zkw9jXCbp2jZ6iwYWTCtSqZVrxcKBQqwIgd2Y= github.com/openshift/machine-api-provider-ibmcloud v0.0.0-20231207164151-6b0b8ea7b16d/go.mod h1:cF2vIryKLoYmkUAFsvFHTlChMAtMEuRDVYMiH+uFe3E= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= @@ -1557,8 +1557,8 @@ sigs.k8s.io/cluster-api-provider-vsphere v1.9.3 h1:Kgo9XQYZyZVUYwzUWr351h1OJf8LY sigs.k8s.io/cluster-api-provider-vsphere v1.9.3/go.mod h1:t0z1hU7lR5olxrwNv9C3j5UJsjQ2KLdnQ1RaZiPkQ2A= sigs.k8s.io/controller-runtime v0.18.5 h1:nTHio/W+Q4aBlQMgbnC5hZb4IjIidyrizMai9P6n4Rk= sigs.k8s.io/controller-runtime v0.18.5/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= -sigs.k8s.io/controller-tools v0.12.0 h1:TY6CGE6+6hzO7hhJFte65ud3cFmmZW947jajXkuDfBw= -sigs.k8s.io/controller-tools v0.12.0/go.mod h1:rXlpTfFHZMpZA8aGq9ejArgZiieHd+fkk/fTatY8A2M= +sigs.k8s.io/controller-tools v0.14.0 h1:rnNoCC5wSXlrNoBKKzL70LNJKIQKEzT6lloG6/LF73A= +sigs.k8s.io/controller-tools v0.14.0/go.mod h1:TV7uOtNNnnR72SpzhStvPkoS/U5ir0nMudrkrC4M9Sc= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/pkg/asset/installconfig/gcp/validation.go b/pkg/asset/installconfig/gcp/validation.go index 92d2f9a1f78..57595a63361 100644 --- a/pkg/asset/installconfig/gcp/validation.go +++ b/pkg/asset/installconfig/gcp/validation.go @@ -88,7 +88,7 @@ func validateInstanceAndDiskType(fldPath *field.Path, diskType, instanceType, ar return field.NotFound(fldPath.Child("type"), family) } - acceptedArmFamilies := sets.New("t2a") + acceptedArmFamilies := sets.New("c4a", "t2a") if arch == types.ArchitectureARM64 && !acceptedArmFamilies.Has(family) { return field.NotSupported(fldPath.Child("type"), family, sets.List(acceptedArmFamilies)) } diff --git a/pkg/explain/fields_lookup_test.go b/pkg/explain/fields_lookup_test.go index f5e240b8c97..d814e952224 100644 --- a/pkg/explain/fields_lookup_test.go +++ b/pkg/explain/fields_lookup_test.go @@ -19,13 +19,15 @@ func Test_lookup(t *testing.T) { desc: `InstallConfig is the configuration for an OpenShift install.`, }, { path: []string{"publish"}, - desc: `Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. When no strategy is specified, the strategy is "External".`, + desc: `Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. +When no strategy is specified, the strategy is "External".`, }, { path: []string{"publish", "unknown"}, err: `invalid field unknown, no such property found`, }, { path: []string{"platform"}, - desc: `Platform is the configuration for the specific platform upon which to perform the installation.`, + desc: `Platform is the configuration for the specific platform upon which to +perform the installation.`, }, { path: []string{"platform", "aws"}, desc: `AWS is the configuration used when installing on AWS.`, @@ -37,16 +39,24 @@ func Test_lookup(t *testing.T) { desc: `Region specifies the AWS region where the cluster will be created.`, }, { path: []string{"platform", "aws", "subnets"}, - desc: `Subnets specifies existing subnets (by ID) where cluster resources will be created. Leave unset to have the installer create subnets in a new VPC on your behalf.`, + desc: `Subnets specifies existing subnets (by ID) where cluster +resources will be created. Leave unset to have the installer +create subnets in a new VPC on your behalf.`, }, { path: []string{"platform", "aws", "userTags"}, - desc: `UserTags additional keys and values that the installer will add as tags to all resources that it creates. Resources created by the cluster itself may not include these tags.`, + desc: `UserTags additional keys and values that the installer will add +as tags to all resources that it creates. Resources created by the +cluster itself may not include these tags.`, }, { path: []string{"platform", "aws", "serviceEndpoints"}, - desc: `ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service.`, + desc: `ServiceEndpoints list contains custom endpoints which will override default +service endpoint of AWS Services. +There must be only one ServiceEndpoint for a service.`, }, { path: []string{"platform", "aws", "serviceEndpoints", "url"}, - desc: `URL is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty.`, + desc: `URL is fully qualified URI with scheme https, that overrides the default generated +endpoint for a client. +This must be provided and cannot be empty.`, }} for _, test := range cases { t.Run("", func(t *testing.T) { diff --git a/pkg/explain/printer_test.go b/pkg/explain/printer_test.go index 269b6792478..90c5aa327e7 100644 --- a/pkg/explain/printer_test.go +++ b/pkg/explain/printer_test.go @@ -20,83 +20,131 @@ func Test_PrintFields(t *testing.T) { }{{ desc: `FIELDS: additionalTrustBundle - AdditionalTrustBundle is a PEM-encoded X.509 certificate bundle that will be added to the nodes' trusted certificate store. + AdditionalTrustBundle is a PEM-encoded X.509 certificate bundle +that will be added to the nodes' trusted certificate store. additionalTrustBundlePolicy Valid Values: "","Proxyonly","Always" - AdditionalTrustBundlePolicy determines when to add the AdditionalTrustBundle to the nodes' trusted certificate store. "Proxyonly" is the default. The field can be set to following specified values. "Proxyonly" : adds the AdditionalTrustBundle to nodes when http/https proxy is configured. "Always" : always adds AdditionalTrustBundle. + AdditionalTrustBundlePolicy determines when to add the AdditionalTrustBundle +to the nodes' trusted certificate store. "Proxyonly" is the default. +The field can be set to following specified values. +"Proxyonly" : adds the AdditionalTrustBundle to nodes when http/https proxy is configured. +"Always" : always adds AdditionalTrustBundle. apiVersion - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + APIVersion defines the versioned schema of this representation of an object. +Servers should convert recognized schemas to the latest internal value, and +may reject unrecognized values. +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources baseDomain -required- BaseDomain is the base domain to which the cluster should belong. bootstrapInPlace - BootstrapInPlace is the configuration for installing a single node with bootstrap in place installation. + BootstrapInPlace is the configuration for installing a single node +with bootstrap in place installation. capabilities Capabilities configures the installation of optional core cluster components. compute <[]object> - Compute is the configuration for the machines that comprise the compute nodes. + Compute is the configuration for the machines that comprise the +compute nodes. MachinePool is a pool of machines to be installed. controlPlane - ControlPlane is the configuration for the machines that comprise the control plane. + ControlPlane is the configuration for the machines that comprise the +control plane. cpuPartitioningMode Default: "None" Valid Values: "None","AllNodes" - CPUPartitioning determines if a cluster should be setup for CPU workload partitioning at install time. When this field is set the cluster will be flagged for CPU Partitioning allowing users to segregate workloads to specific CPU Sets. This does not make any decisions on workloads it only configures the nodes to allow CPU Partitioning. The "AllNodes" value will setup all nodes for CPU Partitioning, the default is "None". + CPUPartitioning determines if a cluster should be setup for CPU workload partitioning at install time. +When this field is set the cluster will be flagged for CPU Partitioning allowing users to segregate workloads to +specific CPU Sets. This does not make any decisions on workloads it only configures the nodes to allow CPU Partitioning. +The "AllNodes" value will setup all nodes for CPU Partitioning, the default is "None". credentialsMode Valid Values: "","Mint","Passthrough","Manual" - CredentialsMode is used to explicitly set the mode with which CredentialRequests are satisfied. - If this field is set, then the installer will not attempt to query the cloud permissions before attempting installation. If the field is not set or empty, then the installer will perform its normal verification that the credentials provided are sufficient to perform an installation. - There are three possible values for this field, but the valid values are dependent upon the platform being used. "Mint": create new credentials with a subset of the overall permissions for each CredentialsRequest "Passthrough": copy the credentials with all of the overall permissions for each CredentialsRequest "Manual": CredentialsRequests must be handled manually by the user - For each of the following platforms, the field can set to the specified values. For all other platforms, the field must not be set. AWS: "Mint", "Passthrough", "Manual" Azure: "Passthrough", "Manual" AzureStack: "Manual" GCP: "Mint", "Passthrough", "Manual" IBMCloud: "Manual" PowerVS: "Manual" Nutanix: "Manual" + CredentialsMode is used to explicitly set the mode with which CredentialRequests are satisfied. + + +If this field is set, then the installer will not attempt to query the cloud permissions before attempting +installation. If the field is not set or empty, then the installer will perform its normal verification that the +credentials provided are sufficient to perform an installation. + + +There are three possible values for this field, but the valid values are dependent upon the platform being used. +"Mint": create new credentials with a subset of the overall permissions for each CredentialsRequest +"Passthrough": copy the credentials with all of the overall permissions for each CredentialsRequest +"Manual": CredentialsRequests must be handled manually by the user + + +For each of the following platforms, the field can set to the specified values. For all other platforms, the +field must not be set. +AWS: "Mint", "Passthrough", "Manual" +Azure: "Passthrough", "Manual" +AzureStack: "Manual" +GCP: "Mint", "Passthrough", "Manual" +IBMCloud: "Manual" +PowerVS: "Manual" +Nutanix: "Manual" featureGates <[]string> - FeatureGates enables a set of custom feature gates. May only be used in conjunction with FeatureSet "CustomNoUpgrade". Features may be enabled or disabled by providing a true or false value for the feature gate. E.g. "featureGates": ["FeatureGate1=true", "FeatureGate2=false"]. + FeatureGates enables a set of custom feature gates. +May only be used in conjunction with FeatureSet "CustomNoUpgrade". +Features may be enabled or disabled by providing a true or false value for the feature gate. +E.g. "featureGates": ["FeatureGate1=true", "FeatureGate2=false"]. featureSet - FeatureSet enables features that are not part of the default feature set. Valid values are "Default", "TechPreviewNoUpgrade" and "CustomNoUpgrade". When omitted, the "Default" feature set is used. + FeatureSet enables features that are not part of the default feature set. +Valid values are "Default", "TechPreviewNoUpgrade" and "CustomNoUpgrade". +When omitted, the "Default" feature set is used. fips Default: false FIPS configures https://www.nist.gov/itl/fips-general-information imageContentSources <[]object> - ImageContentSources lists sources/repositories for the release-image content. The field is deprecated. Please use imageDigestSources. - ImageContentSource defines a list of sources/repositories that can be used to pull content. The field is deprecated. Please use imageDigestSources. + ImageContentSources lists sources/repositories for the release-image content. +The field is deprecated. Please use imageDigestSources. + ImageContentSource defines a list of sources/repositories that can be used to pull content. +The field is deprecated. Please use imageDigestSources. imageDigestSources <[]object> ImageDigestSources lists sources/repositories for the release-image content. ImageDigestSource defines a list of sources/repositories that can be used to pull content. kind - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + Kind is a string value representing the REST resource this object represents. +Servers may infer this from the endpoint the client submits requests to. +Cannot be updated. +In CamelCase. +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds metadata -required- networking - Networking is the configuration for the pod network provider in the cluster. + Networking is the configuration for the pod network provider in +the cluster. operatorPublishingStrategy OperatorPublishingStrategy controls the visibility of ingress and apiserver. Defaults to public. platform -required- - Platform is the configuration for the specific platform upon which to perform the installation. + Platform is the configuration for the specific platform upon which to +perform the installation. proxy - Proxy defines the proxy settings for the cluster. If unset, the cluster will not be configured to use a proxy. + Proxy defines the proxy settings for the cluster. +If unset, the cluster will not be configured to use a proxy. publish Default: "External" Valid Values: "","External","Internal" - Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. When no strategy is specified, the strategy is "External". + Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. +When no strategy is specified, the strategy is "External". pullSecret -required- PullSecret is the secret to use when pulling images. @@ -119,7 +167,8 @@ func Test_PrintFields(t *testing.T) { BareMetal is the configuration used when installing on bare metal. external - External is the configuration used when installing on an external cloud provider. + External is the configuration used when installing on +an external cloud provider. gcp GCP is the configuration used when installing on Google Cloud Platform. @@ -128,7 +177,8 @@ func Test_PrintFields(t *testing.T) { IBMCloud is the configuration used when installing on IBM Cloud. none - None is the empty configuration used when installing on an unsupported platform. + None is the empty configuration used when installing on an unsupported +platform. nutanix Nutanix is the configuration used when installing on Nutanix. @@ -148,51 +198,95 @@ func Test_PrintFields(t *testing.T) { path: []string{"platform", "aws"}, desc: `FIELDS: amiID - The field is deprecated. AMIID is the AMI that should be used to boot machines for the cluster. If set, the AMI should belong to the same region as the cluster. + The field is deprecated. AMIID is the AMI that should be used to boot +machines for the cluster. If set, the AMI should belong to the same +region as the cluster. bestEffortDeleteIgnition - BestEffortDeleteIgnition is an optional field that can be used to ignore errors from S3 deletion of ignition objects during cluster bootstrap. The default behavior is to fail the installation if ignition objects cannot be deleted. Enable this functionality when there are known reasons disallowing their deletion. + BestEffortDeleteIgnition is an optional field that can be used to ignore errors from S3 deletion of ignition +objects during cluster bootstrap. The default behavior is to fail the installation if ignition objects cannot be +deleted. Enable this functionality when there are known reasons disallowing their deletion. defaultMachinePlatform - DefaultMachinePlatform is the default configuration used when installing on AWS for machine pools which do not define their own platform configuration. + DefaultMachinePlatform is the default configuration used when +installing on AWS for machine pools which do not define their own +platform configuration. experimentalPropagateUserTags - The field is deprecated. ExperimentalPropagateUserTags is an experimental flag that directs in-cluster operators to include the specified user tags in the tags of the AWS resources that the operators create. + The field is deprecated. ExperimentalPropagateUserTags is an experimental +flag that directs in-cluster operators to include the specified +user tags in the tags of the AWS resources that the operators create. hostedZone - HostedZone is the ID of an existing hosted zone into which to add DNS records for the cluster's internal API. An existing hosted zone can only be used when also using existing subnets. The hosted zone must be associated with the VPC containing the subnets. Leave the hosted zone unset to have the installer create the hosted zone on your behalf. + HostedZone is the ID of an existing hosted zone into which to add DNS +records for the cluster's internal API. An existing hosted zone can +only be used when also using existing subnets. The hosted zone must be +associated with the VPC containing the subnets. +Leave the hosted zone unset to have the installer create the hosted zone +on your behalf. hostedZoneRole - HostedZoneRole is the ARN of an IAM role to be assumed when performing operations on the provided HostedZone. HostedZoneRole can be used in a shared VPC scenario when the private hosted zone belongs to a different account than the rest of the cluster resources. If HostedZoneRole is set, HostedZone must also be set. + HostedZoneRole is the ARN of an IAM role to be assumed when performing +operations on the provided HostedZone. HostedZoneRole can be used +in a shared VPC scenario when the private hosted zone belongs to a +different account than the rest of the cluster resources. +If HostedZoneRole is set, HostedZone must also be set. lbType - LBType is an optional field to specify a load balancer type. When this field is specified, all ingresscontrollers (including the default ingresscontroller) will be created using the specified load-balancer type by default. - Following are the accepted values: - * "Classic": A Classic Load Balancer that makes routing decisions at either the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See the following for additional details: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb - * "NLB": A Network Load Balancer that makes routing decisions at the transport layer (TCP/SSL). See the following for additional details: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb - If this field is not set explicitly, it defaults to "Classic". This default is subject to change over time. + LBType is an optional field to specify a load balancer type. +When this field is specified, all ingresscontrollers (including the +default ingresscontroller) will be created using the specified load-balancer +type by default. + + +Following are the accepted values: + + +* "Classic": A Classic Load Balancer that makes routing decisions at +either the transport layer (TCP/SSL) or the application layer +(HTTP/HTTPS). See the following for additional details: +https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb + + +* "NLB": A Network Load Balancer that makes routing decisions at the +transport layer (TCP/SSL). See the following for additional details: +https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb + + +If this field is not set explicitly, it defaults to "Classic". This +default is subject to change over time. preserveBootstrapIgnition PreserveBootstrapIgnition is deprecated. Use bestEffortDeleteIgnition instead. propagateUserTags - PropagateUserTags is a flag that directs in-cluster operators to include the specified user tags in the tags of the AWS resources that the operators create. + PropagateUserTags is a flag that directs in-cluster operators +to include the specified user tags in the tags of the +AWS resources that the operators create. publicIpv4Pool - PublicIpv4Pool is an optional field that can be used to tell the installation process to use Public IPv4 address that you bring to your AWS account with BYOIP. + PublicIpv4Pool is an optional field that can be used to tell the installation process to use +Public IPv4 address that you bring to your AWS account with BYOIP. region -required- Region specifies the AWS region where the cluster will be created. serviceEndpoints <[]object> - ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. - ServiceEndpoint store the configuration for services to override existing defaults of AWS Services. + ServiceEndpoints list contains custom endpoints which will override default +service endpoint of AWS Services. +There must be only one ServiceEndpoint for a service. + ServiceEndpoint store the configuration for services to +override existing defaults of AWS Services. subnets <[]string> - Subnets specifies existing subnets (by ID) where cluster resources will be created. Leave unset to have the installer create subnets in a new VPC on your behalf. + Subnets specifies existing subnets (by ID) where cluster +resources will be created. Leave unset to have the installer +create subnets in a new VPC on your behalf. userTags - UserTags additional keys and values that the installer will add as tags to all resources that it creates. Resources created by the cluster itself may not include these tags.`, + UserTags additional keys and values that the installer will add +as tags to all resources that it creates. Resources created by the +cluster itself may not include these tags.`, }, { path: []string{"platform", "azure"}, desc: `FIELDS: @@ -204,7 +298,9 @@ func Test_PrintFields(t *testing.T) { cloudName Valid Values: "","AzurePublicCloud","AzureUSGovernmentCloud","AzureChinaCloud","AzureGermanCloud","AzureStackCloud" - cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to "AzurePublicCloud". + cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK +with the appropriate Azure API endpoints. +If empty, the value is equal to "AzurePublicCloud". clusterOSImage ClusterOSImage is the url of a storage blob in the Azure Stack environment containing an RHCOS VHD. This field is required for Azure Stack and not applicable to Azure. @@ -219,7 +315,9 @@ func Test_PrintFields(t *testing.T) { CustomerManagedKey has the keys needed to encrypt the storage account. defaultMachinePlatform - DefaultMachinePlatform is the default configuration used when installing on Azure for machine pools which do not define their own platform configuration. + DefaultMachinePlatform is the default configuration used when +installing on Azure for machine pools which do not define their own +platform configuration. networkResourceGroupName NetworkResourceGroupName specifies the network resource group that contains an existing VNet @@ -227,16 +325,24 @@ func Test_PrintFields(t *testing.T) { outboundType Default: "Loadbalancer" Valid Values: "","Loadbalancer","NatGateway","UserDefinedRouting" - OutboundType is a strategy for how egress from cluster is achieved. When not specified default is "Loadbalancer". "NatGateway" is only available in TechPreview. + OutboundType is a strategy for how egress from cluster is achieved. When not specified default is "Loadbalancer". +"NatGateway" is only available in TechPreview. region -required- Region specifies the Azure region where the cluster will be created. resourceGroupName - ResourceGroupName is the name of an already existing resource group where the cluster should be installed. This resource group should only be used for this specific cluster and the cluster components will assume ownership of all resources in the resource group. Destroying the cluster using installer will delete this resource group. This resource group must be empty with no other resources when trying to use it for creating a cluster. If empty, a new resource group will created for the cluster. + ResourceGroupName is the name of an already existing resource group where the cluster should be installed. +This resource group should only be used for this specific cluster and the cluster components will assume +ownership of all resources in the resource group. Destroying the cluster using installer will delete this +resource group. +This resource group must be empty with no other resources when trying to use it for creating a cluster. +If empty, a new resource group will created for the cluster. userTags - UserTags has additional keys and values that the installer will add as tags to all resources that it creates on AzurePublicCloud alone. Resources created by the cluster itself may not include these tags. + UserTags has additional keys and values that the installer will add +as tags to all resources that it creates on AzurePublicCloud alone. +Resources created by the cluster itself may not include these tags. virtualNetwork VirtualNetwork specifies the name of an existing VNet for the installer to use`, @@ -253,10 +359,13 @@ func Test_PrintFields(t *testing.T) { path: []string{"platform", "aws", "serviceEndpoints"}, desc: `FIELDS: name -required- - Name is the name of the AWS service. This must be provided and cannot be empty. + Name is the name of the AWS service. +This must be provided and cannot be empty. url -required- - URL is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty.`, + URL is fully qualified URI with scheme https, that overrides the default generated +endpoint for a client. +This must be provided and cannot be empty.`, }, { path: []string{"platform", "aws", "serviceEndpoints", "url"}, desc: ``, @@ -298,7 +407,8 @@ VERSION: v1 RESOURCE: Default: "External" Valid Values: "","External","Internal" - Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. When no strategy is specified, the strategy is "External". + Publish controls how the user facing endpoints of the cluster like the Kubernetes API, OpenShift routes etc. are exposed. +When no strategy is specified, the strategy is "External". `, }, { path: []string{"platform"}, @@ -307,7 +417,8 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - Platform is the configuration for the specific platform upon which to perform the installation. + Platform is the configuration for the specific platform upon which to +perform the installation. `, }, { path: []string{"platform", "aws"}, @@ -343,7 +454,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: <[]string> - Subnets specifies existing subnets (by ID) where cluster resources will be created. Leave unset to have the installer create subnets in a new VPC on your behalf. + Subnets specifies existing subnets (by ID) where cluster +resources will be created. Leave unset to have the installer +create subnets in a new VPC on your behalf. `, }, { path: []string{"platform", "aws", "userTags"}, @@ -352,7 +465,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - UserTags additional keys and values that the installer will add as tags to all resources that it creates. Resources created by the cluster itself may not include these tags. + UserTags additional keys and values that the installer will add +as tags to all resources that it creates. Resources created by the +cluster itself may not include these tags. `, }, { path: []string{"platform", "aws", "serviceEndpoints"}, @@ -361,7 +476,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: <[]object> - ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + ServiceEndpoints list contains custom endpoints which will override default +service endpoint of AWS Services. +There must be only one ServiceEndpoint for a service. `, }, { path: []string{"platform", "aws", "serviceEndpoints", "url"}, @@ -370,7 +487,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - URL is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + URL is fully qualified URI with scheme https, that overrides the default generated +endpoint for a client. +This must be provided and cannot be empty. `, }, { path: []string{"compute", "platform", "aws", "iamRole"}, @@ -379,7 +498,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMRole is the name of the IAM Role to use for the instance profile of the machine. Leave unset to have the installer create the IAM Role on your behalf. Cannot be specified together with iamProfile. + IAMRole is the name of the IAM Role to use for the instance profile of the machine. +Leave unset to have the installer create the IAM Role on your behalf. +Cannot be specified together with iamProfile. `, }, { path: []string{"controlPlane", "platform", "aws", "iamRole"}, @@ -388,7 +509,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMRole is the name of the IAM Role to use for the instance profile of the machine. Leave unset to have the installer create the IAM Role on your behalf. Cannot be specified together with iamProfile. + IAMRole is the name of the IAM Role to use for the instance profile of the machine. +Leave unset to have the installer create the IAM Role on your behalf. +Cannot be specified together with iamProfile. `, }, { path: []string{"platform", "aws", "defaultMachinePlatform", "iamRole"}, @@ -397,7 +520,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMRole is the name of the IAM Role to use for the instance profile of the machine. Leave unset to have the installer create the IAM Role on your behalf. Cannot be specified together with iamProfile. + IAMRole is the name of the IAM Role to use for the instance profile of the machine. +Leave unset to have the installer create the IAM Role on your behalf. +Cannot be specified together with iamProfile. `, }, { path: []string{"compute", "platform", "aws", "iamProfile"}, @@ -406,7 +531,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMProfile is the name of the IAM instance profile to use for the machine. Leave unset to have the installer create the IAM Profile on your behalf. Cannot be specified together with iamRole. + IAMProfile is the name of the IAM instance profile to use for the machine. +Leave unset to have the installer create the IAM Profile on your behalf. +Cannot be specified together with iamRole. `, }, { path: []string{"controlPlane", "platform", "aws", "iamProfile"}, @@ -415,7 +542,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMProfile is the name of the IAM instance profile to use for the machine. Leave unset to have the installer create the IAM Profile on your behalf. Cannot be specified together with iamRole. + IAMProfile is the name of the IAM instance profile to use for the machine. +Leave unset to have the installer create the IAM Profile on your behalf. +Cannot be specified together with iamRole. `, }, { path: []string{"platform", "aws", "defaultMachinePlatform", "iamProfile"}, @@ -424,7 +553,9 @@ KIND: InstallConfig VERSION: v1 RESOURCE: - IAMProfile is the name of the IAM instance profile to use for the machine. Leave unset to have the installer create the IAM Profile on your behalf. Cannot be specified together with iamRole. + IAMProfile is the name of the IAM instance profile to use for the machine. +Leave unset to have the installer create the IAM Profile on your behalf. +Cannot be specified together with iamRole. `, }} for _, test := range cases { diff --git a/pkg/types/gcp/machinepools.go b/pkg/types/gcp/machinepools.go index 3c3cf6df606..47fb7f18112 100644 --- a/pkg/types/gcp/machinepools.go +++ b/pkg/types/gcp/machinepools.go @@ -41,6 +41,7 @@ var ( "c3": {PDSSD, PDBalanced, HyperDiskBalanced}, "c3d": {PDSSD, PDBalanced, HyperDiskBalanced}, "c4": {HyperDiskBalanced}, + "c4a": {HyperDiskBalanced}, "e2": {PDStandard, PDSSD, PDBalanced}, "m1": {PDSSD, PDBalanced, HyperDiskBalanced}, "n1": {PDStandard, PDSSD, PDBalanced}, diff --git a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice.go b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice.go new file mode 100644 index 00000000000..4b212d296fb --- /dev/null +++ b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice.go @@ -0,0 +1,43 @@ +package tagservice + +import ( + "context" + "fmt" + + tags "google.golang.org/api/cloudresourcemanager/v3" + "google.golang.org/api/option" +) + +// TagService is a pass through wrapper for google.golang.org/api/cloudresourcemanager/v3 +// to enable tests to mock this struct and control behavior. +type TagService interface { + GetNamespacedName(context.Context, string) (*tags.TagValue, error) +} + +// tagService implements TagService interface. +type tagService struct { + tagValuesService *tags.TagValuesService +} + +// BuilderFuncType is function type for building GCP tag client. +type BuilderFuncType func(ctx context.Context, serviceAccountJSON string) (TagService, error) + +// NewTagService return a new tagService. +func NewTagService(ctx context.Context, serviceAccountJSON string) (TagService, error) { + service, err := tags.NewService(ctx, option.WithCredentialsJSON([]byte(serviceAccountJSON))) + if err != nil { + return nil, fmt.Errorf("could not create new tag service: %w", err) + } + + return &tagService{ + tagValuesService: tags.NewTagValuesService(service), + }, nil +} + +// GetNamespacedName returns the tag's metadata fetched using its namespaced name. +func (t *tagService) GetNamespacedName(ctx context.Context, namespacedName string) (*tags.TagValue, error) { + return t.tagValuesService.GetNamespaced(). + Context(ctx). + Name(namespacedName). + Do() +} diff --git a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice_mock.go b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice_mock.go new file mode 100644 index 00000000000..30700b7847e --- /dev/null +++ b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags/tagservice_mock.go @@ -0,0 +1,30 @@ +package tagservice + +import ( + "context" + + tags "google.golang.org/api/cloudresourcemanager/v3" +) + +// MockTagService mocks TagService interface for tests. +type MockTagService struct { + MockGetNamespacedName func(context.Context, string) (*tags.TagValue, error) +} + +// NewMockTagService returns new mock of tagService. +func NewMockTagService() *MockTagService { + return &MockTagService{} +} + +// NewMockTagServiceBuilder returns new mock for creating GCP tag client. +func NewMockTagServiceBuilder(ctx context.Context, serviceAccountJSON string) (TagService, error) { + return NewMockTagService(), nil +} + +// GetNamespacedName returns mock metadata of the requested tag. +func (m *MockTagService) GetNamespacedName(ctx context.Context, name string) (*tags.TagValue, error) { + if m.MockGetNamespacedName == nil { + return nil, nil + } + return m.MockGetNamespacedName(ctx, name) +} diff --git a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_machine_architecture.go b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_machine_architecture.go index 95db9c66b16..b9d62e15b29 100644 --- a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_machine_architecture.go +++ b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_machine_architecture.go @@ -26,6 +26,7 @@ const ( // machineTypePrefixArchitectureMap contains a map of (machineTypePrefix, architecture) tuples var machineTypePrefixArchitectureMap = map[string]NormalizedArch{ + "c4a": ArchitectureArm64, "t2a": ArchitectureArm64, } diff --git a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_tags_labels.go b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_tags_labels.go index 7c2b4604028..ef0cd8bb058 100644 --- a/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_tags_labels.go +++ b/vendor/github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util/gcp_tags_labels.go @@ -15,13 +15,27 @@ package util import ( "context" + "errors" "fmt" + "net/http" + + machinecontroller "github.com/openshift/machine-api-operator/pkg/controller/machine" + tagservice "github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags" configv1 "github.com/openshift/api/config/v1" + machinev1 "github.com/openshift/api/machine/v1beta1" + + "github.com/googleapis/gax-go/v2/apierror" + + "k8s.io/klog/v2" controllerclient "sigs.k8s.io/controller-runtime/pkg/client" ) const ( + // maxUserTagLimit is the maximum userTags that can be configured as defined in openshift/api. + // https://github.com/openshift/api/blob/master/machine/v1beta1/types_gcpprovider.go#L153-L160 + maxUserTagLimit = 50 + // globalInfrastructureName is the default name of the Infrastructure object globalInfrastructureName = "cluster" @@ -39,7 +53,6 @@ func GetInfrastructure(client controllerclient.Client) (*configv1.Infrastructure if err := client.Get(context.Background(), infraName, infra); err != nil { return nil, fmt.Errorf("failed to get infrastructure: %w", err) } - return infra, nil } @@ -119,3 +132,115 @@ func GetLabelsList(userLabelsAllowed bool, client controllerclient.Client, machi return labels, nil } + +// getInfraResourceTagsList returns the user-defined tags present in the +// status sub-resource of Infrastructure. +func getInfraResourceTagsList(platformStatus *configv1.PlatformStatus) []machinev1.ResourceManagerTag { + if platformStatus == nil || platformStatus.GCP == nil || platformStatus.GCP.ResourceTags == nil { + return nil + } + + tags := make([]machinev1.ResourceManagerTag, len(platformStatus.GCP.ResourceTags)) + for i, tag := range platformStatus.GCP.ResourceTags { + tags[i] = machinev1.ResourceManagerTag{ + ParentID: tag.ParentID, + Key: tag.Key, + Value: tag.Value, + } + } + + return tags +} + +// getTagValuesNames returns the list of tags in Compute APIs required format, which +// is a map containing keys of the form Key(`tagKeys/{tag_key_id}`) and values in the +// form (`tagValues/{tag_value_id}`). +func getTagValuesNames(ctx context.Context, tagService tagservice.TagService, tagList []machinev1.ResourceManagerTag) (map[string]string, error) { + // identify tags which are inaccessible due to permissions issues + // or does not exist and report back to user to fix in one go. + inaccessibleTags := make([]string, 0) + tagValueList := make(map[string]string, len(tagList)) + + for _, tag := range tagList { + name := fmt.Sprintf("%s/%s/%s", tag.ParentID, tag.Key, tag.Value) + value, err := tagService.GetNamespacedName(ctx, name) + if err != nil { + var gErr *apierror.APIError + // google API returns StatusForbidden or StatusNotFound when the tag + // does not exist, since it could be because of permission issues + // or genuinely tag does not exist. + if errors.As(err, &gErr) && (gErr.HTTPCode() == http.StatusNotFound || + gErr.HTTPCode() == http.StatusForbidden) { + klog.Errorf("does not have permission to access %s tag or tag does not exist", name) + inaccessibleTags = append(inaccessibleTags, name) + continue + } + // fetching tag's metadata could fail due to errors like timeout, server + // internal errors, permission issues among others. Since tag's key and + // value names are required for binding tag to compute resource, will + // return error and retry during next reconciliation. + return nil, fmt.Errorf("failed to fetch %s tag details: %w", name, err) + } + tagValueList[value.Parent] = value.Name + } + + if len(inaccessibleTags) != 0 { + return nil, machinecontroller.InvalidMachineConfiguration("%v tag(s) do not exist or does not have required permission to access", inaccessibleTags) + } + + return tagValueList, nil +} + +// mergeInfraProviderSpecTags merges user-defined tags in Infrastructure.Status and +// GCPMachineProviderSpec, with precedence given to those in GCPMachineProviderSpec +// for new or updated tags. +func mergeInfraProviderSpecTags(infraTags []machinev1.ResourceManagerTag, providerSpecTags []machinev1.ResourceManagerTag) []machinev1.ResourceManagerTag { + mergedTags := make([]machinev1.ResourceManagerTag, 0, len(infraTags)) + + for _, tag := range providerSpecTags { + mergedTags = append(mergedTags, tag) + } + + for _, iTag := range infraTags { + appendTag := true + for _, pTag := range providerSpecTags { + if iTag.ParentID == pTag.ParentID && iTag.Key == pTag.Key { + appendTag = false + break + } + } + if appendTag { + mergedTags = append(mergedTags, iTag) + } + } + + return mergedTags +} + +// GetResourceManagerTags returns the merged list of user-defined tags in Infrastructure.Status +// and GCPMachineProviderSpec to apply on the resources. +func GetResourceManagerTags(ctx context.Context, + client controllerclient.Client, + tagService tagservice.TagService, + providerSpecTags []machinev1.ResourceManagerTag) (map[string]string, error) { + infra, err := GetInfrastructure(client) + if err != nil { + return nil, fmt.Errorf("failed to get cluster infrastructure: %w", err) + } + userTags := getInfraResourceTagsList(infra.Status.PlatformStatus) + + if len(userTags) == 0 && len(providerSpecTags) == 0 { + klog.V(3).Infof("user-defined tags in infrastructure and machineProviderSpec is empty") + return nil, nil + } + + mergedTags := mergeInfraProviderSpecTags(userTags, providerSpecTags) + + if len(mergedTags) > maxUserTagLimit { + return nil, fmt.Errorf("maximum of %d tags can be added to a compute instance, "+ + "infrastructure.status.resourceTags and machines.spec.providerSpec.resourceManagerTags "+ + "combined tag count is %d", maxUserTagLimit, len(mergedTags)) + } + + return getTagValuesNames(ctx, tagService, mergedTags) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index d57f033479a..685f6b6161e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1153,8 +1153,9 @@ github.com/openshift/machine-api-operator/pkg/controller/machine github.com/openshift/machine-api-operator/pkg/metrics github.com/openshift/machine-api-operator/pkg/util github.com/openshift/machine-api-operator/pkg/util/conditions -# github.com/openshift/machine-api-provider-gcp v0.0.1-0.20231014045125-6096cc86f3ba -## explicit; go 1.20 +# github.com/openshift/machine-api-provider-gcp v0.0.1-0.20241024094404-0d6fbdb09401 +## explicit; go 1.22.0 +github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/services/tags github.com/openshift/machine-api-provider-gcp/pkg/cloud/gcp/actuators/util # github.com/openshift/machine-api-provider-ibmcloud v0.0.0-20231207164151-6b0b8ea7b16d ## explicit; go 1.19 @@ -2261,7 +2262,7 @@ sigs.k8s.io/controller-runtime/pkg/webhook sigs.k8s.io/controller-runtime/pkg/webhook/admission sigs.k8s.io/controller-runtime/pkg/webhook/conversion sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics -# sigs.k8s.io/controller-tools v0.12.0 +# sigs.k8s.io/controller-tools v0.14.0 ## explicit; go 1.20 sigs.k8s.io/controller-tools/cmd/controller-gen sigs.k8s.io/controller-tools/pkg/crd diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/validation.go b/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/validation.go index 80344dd3a9d..40aec5f9423 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/validation.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/validation.go @@ -477,6 +477,9 @@ func (m Default) ApplyToSchema(schema *apiext.JSONSchemaProps) error { if err != nil { return err } + if schema.Type == "array" && string(marshalledDefault) == "{}" { + marshalledDefault = []byte("[]") + } schema.Default = &apiext.JSON{Raw: marshalledDefault} return nil } diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/zz_generated.markerhelp.go index fbd681aa679..d8a910824db 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/crd/markers/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/crd/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/crd/zz_generated.markerhelp.go index 15f2a85c377..68b7619ad3f 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/crd/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/crd/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/gen.go b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/gen.go index 7e674a80aab..c1d3b708c73 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/gen.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/gen.go @@ -176,7 +176,6 @@ type ObjectGenCtx struct { func writeHeader(pkg *loader.Package, out io.Writer, packageName string, imports *importsList, headerText string) { // NB(directxman12): blank line after build tags to distinguish them from comments _, err := fmt.Fprintf(out, `//go:build !ignore_autogenerated -// +build !ignore_autogenerated %[3]s diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/traverse.go b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/traverse.go index 9658e105242..8634088735d 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/traverse.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/traverse.go @@ -374,7 +374,8 @@ func (c *copyMethodMaker) genMapDeepCopy(actualName *namingInfo, mapType *types. c.IfElse("val == nil", func() { c.Line("(*out)[key] = nil") }, func() { - c.Line("in, out := &val, &outVal") + c.Line("inVal := (*in)[key]") + c.Line("in, out := &inVal, &outVal") c.genDeepCopyIntoBlock(&namingInfo{typeInfo: mapType.Elem()}, mapType.Elem()) }) c.Line("(*out)[key] = outVal") diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/zz_generated.markerhelp.go index 913bc1fb7f7..55df3bfabd6 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/deepcopy/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/genall/genall.go b/vendor/sigs.k8s.io/controller-tools/pkg/genall/genall.go index bed7ec60392..b553db14c75 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/genall/genall.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/genall/genall.go @@ -20,7 +20,6 @@ import ( "encoding/json" "fmt" "io" - "io/ioutil" "os" "golang.org/x/tools/go/packages" @@ -214,7 +213,7 @@ func (g GenerationContext) ReadFile(path string) ([]byte, error) { return nil, err } defer file.Close() - return ioutil.ReadAll(file) + return io.ReadAll(file) } // ForRoots produces a Runtime to run the given generators against the diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/genall/options.go b/vendor/sigs.k8s.io/controller-tools/pkg/genall/options.go index 836b1617e66..658b96bb35b 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/genall/options.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/genall/options.go @@ -136,6 +136,9 @@ func protoFromOptions(optionsRegistry *markers.Registry, options []string) (prot switch val := val.(type) { case Generator: gens = append(gens, &val) + if _, alreadyExists := gensByName[defn.Name]; alreadyExists { + return protoRuntime{}, fmt.Errorf("multiple instances of '%s' generator specified", defn.Name) + } gensByName[defn.Name] = &val case OutputRule: _, genName := splitOutputRuleOption(defn.Name) diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/genall/output.go b/vendor/sigs.k8s.io/controller-tools/pkg/genall/output.go index 4cd29f49605..3eb43b0c206 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/genall/output.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/genall/output.go @@ -19,7 +19,6 @@ package genall import ( "fmt" "io" - "io/ioutil" "os" "path/filepath" @@ -92,7 +91,7 @@ var OutputToNothing = outputToNothing{} type outputToNothing struct{} func (o outputToNothing) Open(_ *loader.Package, _ string) (io.WriteCloser, error) { - return nopCloser{ioutil.Discard}, nil + return nopCloser{io.Discard}, nil } // +controllertools:marker:generateHelp:category="" diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/genall/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/genall/zz_generated.markerhelp.go index 6428f0ce287..6f58013b225 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/genall/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/genall/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/loader/loader.go b/vendor/sigs.k8s.io/controller-tools/pkg/loader/loader.go index 2efa94c7d94..7762e53e733 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/loader/loader.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/loader/loader.go @@ -23,7 +23,6 @@ import ( "go/scanner" "go/token" "go/types" - "io/ioutil" "os" "path/filepath" "regexp" @@ -111,7 +110,7 @@ func (p *Package) NeedSyntax() { for i, filename := range p.CompiledGoFiles { go func(i int, filename string) { defer wg.Done() - src, err := ioutil.ReadFile(filename) + src, err := os.ReadFile(filename) if err != nil { p.AddError(err) return diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/markers/collect.go b/vendor/sigs.k8s.io/controller-tools/pkg/markers/collect.go index b2f8219914e..63aa7344b2f 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/markers/collect.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/markers/collect.go @@ -31,7 +31,7 @@ import ( type Collector struct { *Registry - byPackage map[string]map[ast.Node]MarkerValues + byPackage map[*loader.Package]map[ast.Node]MarkerValues mu sync.Mutex } @@ -53,7 +53,7 @@ func (c *Collector) init() { c.Registry = &Registry{} } if c.byPackage == nil { - c.byPackage = make(map[string]map[ast.Node]MarkerValues) + c.byPackage = make(map[*loader.Package]map[ast.Node]MarkerValues) } } @@ -75,7 +75,7 @@ func (c *Collector) init() { func (c *Collector) MarkersInPackage(pkg *loader.Package) (map[ast.Node]MarkerValues, error) { c.mu.Lock() c.init() - if markers, exist := c.byPackage[pkg.ID]; exist { + if markers, exist := c.byPackage[pkg]; exist { c.mu.Unlock() return markers, nil } @@ -91,8 +91,7 @@ func (c *Collector) MarkersInPackage(pkg *loader.Package) (map[ast.Node]MarkerVa c.mu.Lock() defer c.mu.Unlock() - c.byPackage[pkg.ID] = markers - + c.byPackage[pkg] = markers return markers, nil } diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/markers/parse.go b/vendor/sigs.k8s.io/controller-tools/pkg/markers/parse.go index d84b70eb746..259bff027cf 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/markers/parse.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/markers/parse.go @@ -310,6 +310,7 @@ func guessType(scanner *sc.Scanner, raw string, allowSlice bool) *Argument { // We'll cross that bridge when we get there. // look ahead till we can figure out if this is a map or a slice + hint = peekNoSpace(subScanner) firstElemType := guessType(subScanner, subRaw, false) if firstElemType.Type == StringType { // might be a map or slice, parse the string and check for colon @@ -317,8 +318,9 @@ func guessType(scanner *sc.Scanner, raw string, allowSlice bool) *Argument { var keyVal string // just ignore this (&Argument{Type: StringType}).parseString(subScanner, raw, reflect.Indirect(reflect.ValueOf(&keyVal))) - if subScanner.Scan() == ':' { + if token := subScanner.Scan(); token == ':' || hint == '}' { // it's got a string followed by a colon -- it's a map + // or an empty map in case of {} return &Argument{ Type: MapType, ItemType: &Argument{Type: AnyType}, diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/markers/zip.go b/vendor/sigs.k8s.io/controller-tools/pkg/markers/zip.go index b352ededc71..fd5b0035a08 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/markers/zip.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/markers/zip.go @@ -58,6 +58,13 @@ func extractDoc(node ast.Node, decl *ast.GenDecl) string { } outGroup.List = append(outGroup.List, comment) } + isAsteriskComment := false + for _, l := range outGroup.List { + if strings.HasPrefix(l.Text, "/*") { + isAsteriskComment = true + break + } + } // split lines, and re-join together as a single // paragraph, respecting double-newlines as @@ -69,10 +76,12 @@ func extractDoc(node ast.Node, decl *ast.GenDecl) string { } for i, line := range outLines { - // Trim any extranous whitespace, - // for handling /*…*/-style comments, - // which have whitespace preserved in go/ast: - line = strings.TrimSpace(line) + if isAsteriskComment { + // Trim any extranous whitespace, + // for handling /*…*/-style comments, + // which have whitespace preserved in go/ast: + line = strings.TrimSpace(line) + } // Respect that double-newline means // actual newline: @@ -82,8 +91,7 @@ func extractDoc(node ast.Node, decl *ast.GenDecl) string { outLines[i] = line } } - - return strings.Join(outLines, " ") + return strings.Join(outLines, "\n") } // PackageMarkers collects all the package-level marker values for the given package. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/rbac/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/rbac/zz_generated.markerhelp.go index 5b6d9c48753..5a83941c38e 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/rbac/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/rbac/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/gen.go b/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/gen.go index e33ec11ff56..8080aeae720 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/gen.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/gen.go @@ -18,7 +18,7 @@ package schemapatcher import ( "fmt" - "io/ioutil" + "os" "path/filepath" "gopkg.in/yaml.v3" @@ -335,7 +335,7 @@ func (e *partialCRD) setVersionedSchemata(newSchemata map[string]apiext.JSONSche // minimally invasive. Returned CRDs are mapped by group-kind. func crdsFromDirectory(ctx *genall.GenerationContext, dir string) (map[schema.GroupKind]*partialCRDSet, error) { res := map[schema.GroupKind]*partialCRDSet{} - dirEntries, err := ioutil.ReadDir(dir) + dirEntries, err := os.ReadDir(dir) if err != nil { return nil, err } diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/zz_generated.markerhelp.go index db9745d767a..6e1d5a18c03 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/schemapatcher/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/webhook/parser.go b/vendor/sigs.k8s.io/controller-tools/pkg/webhook/parser.go index 1075f842504..26d07292036 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/webhook/parser.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/webhook/parser.go @@ -19,7 +19,7 @@ limitations under the License. // // The markers take the form: // -// +kubebuilder:webhook:webhookVersions=<[]string>,failurePolicy=,matchPolicy=,groups=<[]string>,resources=<[]string>,verbs=<[]string>,versions=<[]string>,name=,path=,mutating=,sideEffects=,admissionReviewVersions=<[]string>,reinvocationPolicy= +// +kubebuilder:webhook:webhookVersions=<[]string>,failurePolicy=,matchPolicy=,groups=<[]string>,resources=<[]string>,verbs=<[]string>,versions=<[]string>,name=,path=,mutating=,sideEffects=,timeoutSeconds=,admissionReviewVersions=<[]string>,reinvocationPolicy= package webhook import ( @@ -81,6 +81,11 @@ type Config struct { // If the value is "NoneOnDryRun", then the webhook is responsible for inspecting the "dryRun" property of the // AdmissionReview sent in the request, and avoiding side effects if that value is "true." SideEffects string `marker:",optional"` + // TimeoutSeconds allows configuring how long the API server should wait for a webhook to respond before treating the call as a failure. + // If the timeout expires before the webhook responds, the webhook call will be ignored or the API call will be rejected based on the failure policy. + // The timeout value must be between 1 and 30 seconds. + // The timeout for an admission webhook defaults to 10 seconds. + TimeoutSeconds int `marker:",optional"` // Groups specifies the API groups that this webhook receives requests for. Groups []string @@ -103,7 +108,7 @@ type Config struct { // are substituted for hyphens. For example, a validating webhook path for type // batch.tutorial.kubebuilder.io/v1,Kind=CronJob would be // /validate-batch-tutorial-kubebuilder-io-v1-cronjob - Path string + Path string `marker:"path,optional"` // WebhookVersions specifies the target API versions of the {Mutating,Validating}WebhookConfiguration objects // itself to generate. The only supported value is v1. Defaults to v1. @@ -120,6 +125,14 @@ type Config struct { // an object, and mutating webhooks can specify a reinvocationPolicy to control // whether they are reinvoked as well. ReinvocationPolicy string `marker:"reinvocationPolicy,optional"` + + // URL allows mutating webhooks configuration to specify an external URL when generating + // the manifests, instead of using the internal service communication. Should be in format of + // https://address:port/path + // When this option is specified, the serviceConfig.Service is removed from webhook the manifest. + // The URL configuration should be between quotes. + // `url` cannot be specified when `path` is specified. + URL string `marker:"url,optional"` } // verbToAPIVariant converts a marker's verb to the proper value for the API. @@ -152,13 +165,19 @@ func (c Config) ToMutatingWebhook() (admissionregv1.MutatingWebhook, error) { return admissionregv1.MutatingWebhook{}, err } + clientConfig, err := c.clientConfig() + if err != nil { + return admissionregv1.MutatingWebhook{}, err + } + return admissionregv1.MutatingWebhook{ Name: c.Name, Rules: c.rules(), FailurePolicy: c.failurePolicy(), MatchPolicy: matchPolicy, - ClientConfig: c.clientConfig(), + ClientConfig: clientConfig, SideEffects: c.sideEffects(), + TimeoutSeconds: c.timeoutSeconds(), AdmissionReviewVersions: c.AdmissionReviewVersions, ReinvocationPolicy: c.reinvocationPolicy(), }, nil @@ -175,13 +194,19 @@ func (c Config) ToValidatingWebhook() (admissionregv1.ValidatingWebhook, error) return admissionregv1.ValidatingWebhook{}, err } + clientConfig, err := c.clientConfig() + if err != nil { + return admissionregv1.ValidatingWebhook{}, err + } + return admissionregv1.ValidatingWebhook{ Name: c.Name, Rules: c.rules(), FailurePolicy: c.failurePolicy(), MatchPolicy: matchPolicy, - ClientConfig: c.clientConfig(), + ClientConfig: clientConfig, SideEffects: c.sideEffects(), + TimeoutSeconds: c.timeoutSeconds(), AdmissionReviewVersions: c.AdmissionReviewVersions, }, nil } @@ -244,15 +269,27 @@ func (c Config) matchPolicy() (*admissionregv1.MatchPolicyType, error) { } // clientConfig returns the client config for a webhook. -func (c Config) clientConfig() admissionregv1.WebhookClientConfig { +func (c Config) clientConfig() (admissionregv1.WebhookClientConfig, error) { + if (c.Path != "" && c.URL != "") || (c.Path == "" && c.URL == "") { + return admissionregv1.WebhookClientConfig{}, fmt.Errorf("`url` or `path` markers are required and mutually exclusive") + } + path := c.Path - return admissionregv1.WebhookClientConfig{ - Service: &admissionregv1.ServiceReference{ - Name: "webhook-service", - Namespace: "system", - Path: &path, - }, + if path != "" { + return admissionregv1.WebhookClientConfig{ + Service: &admissionregv1.ServiceReference{ + Name: "webhook-service", + Namespace: "system", + Path: &path, + }, + }, nil } + + url := c.URL + return admissionregv1.WebhookClientConfig{ + URL: &url, + }, nil + } // sideEffects returns the sideEffects config for a webhook. @@ -273,6 +310,15 @@ func (c Config) sideEffects() *admissionregv1.SideEffectClass { return &sideEffects } +// timeoutSeconds returns the timeoutSeconds config for a webhook. +func (c Config) timeoutSeconds() *int32 { + if c.TimeoutSeconds != 0 { + timeoutSeconds := int32(c.TimeoutSeconds) + return &timeoutSeconds + } + return nil +} + // reinvocationPolicy returns the reinvocationPolicy config for a mutating webhook. func (c Config) reinvocationPolicy() *admissionregv1.ReinvocationPolicyType { var reinvocationPolicy admissionregv1.ReinvocationPolicyType @@ -381,6 +427,11 @@ func (g Generator) Generate(ctx *genall.GenerationContext) error { if err := checkSideEffectsForV1(objRaw.Webhooks[i].SideEffects); err != nil { return err } + // TimeoutSeconds must be nil or between 1 and 30 seconds, otherwise, + // return an error + if err := checkTimeoutSeconds(objRaw.Webhooks[i].TimeoutSeconds); err != nil { + return err + } // AdmissionReviewVersions is required in admissionregistration/v1, if this is not set, // return an error if len(objRaw.Webhooks[i].AdmissionReviewVersions) == 0 { @@ -407,6 +458,11 @@ func (g Generator) Generate(ctx *genall.GenerationContext) error { if err := checkSideEffectsForV1(objRaw.Webhooks[i].SideEffects); err != nil { return err } + // TimeoutSeconds must be nil or between 1 and 30 seconds, otherwise, + // return an error + if err := checkTimeoutSeconds(objRaw.Webhooks[i].TimeoutSeconds); err != nil { + return err + } // AdmissionReviewVersions is required in admissionregistration/v1, if this is not set, // return an error if len(objRaw.Webhooks[i].AdmissionReviewVersions) == 0 { @@ -451,3 +507,10 @@ func checkSideEffectsForV1(sideEffects *admissionregv1.SideEffectClass) error { } return nil } + +func checkTimeoutSeconds(timeoutSeconds *int32) error { + if timeoutSeconds != nil && (*timeoutSeconds < 1 || *timeoutSeconds > 30) { + return fmt.Errorf("TimeoutSeconds must be between 1 and 30 seconds") + } + return nil +} diff --git a/vendor/sigs.k8s.io/controller-tools/pkg/webhook/zz_generated.markerhelp.go b/vendor/sigs.k8s.io/controller-tools/pkg/webhook/zz_generated.markerhelp.go index 8e1ef419d9d..4dae8604675 100644 --- a/vendor/sigs.k8s.io/controller-tools/pkg/webhook/zz_generated.markerhelp.go +++ b/vendor/sigs.k8s.io/controller-tools/pkg/webhook/zz_generated.markerhelp.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright2019 The Kubernetes Authors. @@ -49,6 +48,10 @@ func (Config) Help() *markers.DefinitionHelp { Summary: "specify whether calling the webhook will have side effects. This has an impact on dry runs and `kubectl diff`: if the sideEffect is \"Unknown\" (the default) or \"Some\", then the API server will not call the webhook on a dry-run request and fails instead. If the value is \"None\", then the webhook has no side effects and the API server will call it on dry-run. If the value is \"NoneOnDryRun\", then the webhook is responsible for inspecting the \"dryRun\" property of the AdmissionReview sent in the request, and avoiding side effects if that value is \"true.\"", Details: "", }, + "TimeoutSeconds": { + Summary: "allows configuring how long the API server should wait for a webhook to respond before treating the call as a failure. If the timeout expires before the webhook responds, the webhook call will be ignored or the API call will be rejected based on the failure policy. The timeout value must be between 1 and 30 seconds. The timeout for an admission webhook defaults to 10 seconds.", + Details: "", + }, "Groups": { Summary: "specifies the API groups that this webhook receives requests for.", Details: "",