From 4e42b50cd01be52c2a5f958a74e5204313ea6222 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Tue, 14 Nov 2023 06:38:16 +0100 Subject: [PATCH] add openshift/api MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- .reuse/dep5 | 4 + code-generator/src/catalog.rs | 12 + .../v1/containerruntimeconfigs.yaml | 140 ++ .../v1/controllerconfigs.args | 1 + .../v1/controllerconfigs.yaml | 1254 +++++++++++++++++ .../v1/kubeletconfigs.yaml | 158 +++ .../v1/machineconfigpools.yaml | 338 +++++ .../v1/machineconfigs.yaml | 82 ++ .../v1alpha1/machineconfignodes.args | 1 + .../v1alpha1/machineconfignodes.yaml | 200 +++ kube-custom-resources-rs/Cargo.toml | 2 + kube-custom-resources-rs/src/lib.rs | 22 + .../containerruntimeconfigs.rs | 97 ++ .../controllerconfigs.rs | 1248 ++++++++++++++++ .../kubeletconfigs.rs | 180 +++ .../machineconfigpools.rs | 254 ++++ .../machineconfigs.rs | 36 + .../mod.rs | 5 + .../machineconfignodes.rs | 99 ++ .../mod.rs | 1 + 20 files changed, 4134 insertions(+) create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/containerruntimeconfigs.yaml create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.args create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.yaml create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigpools.yaml create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigs.yaml create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.args create mode 100644 crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/containerruntimeconfigs.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/controllerconfigs.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/kubeletconfigs.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigpools.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigs.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/mod.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/machineconfignodes.rs create mode 100644 kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/mod.rs diff --git a/.reuse/dep5 b/.reuse/dep5 index b647c6638..13a6cadc1 100644 --- a/.reuse/dep5 +++ b/.reuse/dep5 @@ -675,6 +675,10 @@ Files: crd-catalog/open-telemetry/opentelemetry-operator/* Copyright: The open-telemetry/opentelemetry-operator Authors License: Apache-2.0 +Files: crd-catalog/openshift/api/* +Copyright: The openshift/api Authors +License: Apache-2.0 + Files: crd-catalog/openshift/hive/* Copyright: The openshift/hive Authors License: Apache-2.0 diff --git a/code-generator/src/catalog.rs b/code-generator/src/catalog.rs index 343581140..4fd47bb54 100644 --- a/code-generator/src/catalog.rs +++ b/code-generator/src/catalog.rs @@ -1750,6 +1750,18 @@ pub const CRD_V1_SOURCES: &'static [UpstreamSource] = &[ "https://github.com/open-telemetry/opentelemetry-operator/blob/main/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml", ], }, + UpstreamSource { + project_name: "openshift/api", + license: APACHE_V2, + urls: &[ + "https://github.com/openshift/api/blob/master/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml", + "https://github.com/openshift/api/blob/master/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml", + "https://github.com/openshift/api/blob/master/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml", + "https://github.com/openshift/api/blob/master/machineconfiguration/v1/0000_80_machineconfig.crd.yaml", + "https://github.com/openshift/api/blob/master/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml", + "https://github.com/openshift/api/blob/master/machineconfiguration/v1alpha1/0000_80_machineconfignode-CustomNoUpgrade.crd.yaml", + ], + }, UpstreamSource { project_name: "openshift/hive", license: APACHE_V2, diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/containerruntimeconfigs.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/containerruntimeconfigs.yaml new file mode 100644 index 000000000..42973c02c --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/containerruntimeconfigs.yaml @@ -0,0 +1,140 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + labels: + openshift.io/operator-managed: '' + name: containerruntimeconfigs.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: ContainerRuntimeConfig + listKind: ContainerRuntimeConfigList + plural: containerruntimeconfigs + shortNames: + - ctrcfg + singular: containerruntimeconfig + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ContainerRuntimeConfig describes a customized Container Runtime configuration. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig + properties: + containerRuntimeConfig: + description: ContainerRuntimeConfiguration defines the tuneables of the container runtime + properties: + defaultRuntime: + description: defaultRuntime is the name of the OCI runtime to be used as the default. + type: string + logLevel: + description: logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug. + type: string + logSizeMax: + anyOf: + - type: integer + - type: string + description: logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + overlaySize: + anyOf: + - type: integer + - type: string + description: 'overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + pidsLimit: + description: pidsLimit specifies the maximum number of processes allowed in a container + format: int64 + type: integer + type: object + machineConfigPoolSelector: + description: MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. A nil selector will result in no pools being selected. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - containerRuntimeConfig + type: object + status: + description: ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig + properties: + conditions: + description: conditions represents the latest available observations of current state. + items: + description: ContainerRuntimeConfigCondition defines the state of the ContainerRuntimeConfig + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + format: date-time + nullable: true + type: string + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.args b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.args new file mode 100644 index 000000000..7ab47510b --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.args @@ -0,0 +1 @@ +--derive=PartialEq diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.yaml new file mode 100644 index 000000000..354be952a --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.yaml @@ -0,0 +1,1254 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + labels: + openshift.io/operator-managed: '' + name: controllerconfigs.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: ControllerConfig + plural: controllerconfigs + singular: controllerconfig + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ControllerConfig describes configuration for MachineConfigController. This is currently only used to drive the MachineConfig objects generated by the TemplateController. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ControllerConfigSpec is the spec for ControllerConfig resource. + properties: + additionalTrustBundle: + description: additionalTrustBundle is a certificate bundle that will be added to the nodes trusted certificate store. + format: byte + nullable: true + type: string + baseOSContainerImage: + description: BaseOSContainerImage is the new-format container image for operating system updates. + type: string + baseOSExtensionsContainerImage: + description: BaseOSExtensionsContainerImage is the matching extensions container for the new-format container + type: string + cloudProviderCAData: + description: cloudProvider specifies the cloud provider CA data + format: byte + nullable: true + type: string + cloudProviderConfig: + description: cloudProviderConfig is the configuration for the given cloud provider + type: string + clusterDNSIP: + description: clusterDNSIP is the cluster DNS IP address + type: string + dns: + description: dns holds the cluster dns details + nullable: true + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + properties: + baseDomain: + description: "baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base. \n For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`. \n Once set, this field cannot be changed." + type: string + platform: + description: platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. + properties: + aws: + description: aws contains DNS configuration specific to the Amazon Web Services cloud provider. + properties: + privateZoneIAMRole: + description: privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed. + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$ + type: string + type: object + type: + description: "type is the underlying infrastructure provider for the cluster. Allowed values: \"\", \"AWS\". \n Individual components may not support all platforms, and must handle unrecognized platforms with best-effort defaults." + enum: + - '' + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + x-kubernetes-validations: + - message: allowed values are '' and 'AWS' + rule: self in ['','AWS'] + required: + - type + type: object + x-kubernetes-validations: + - message: aws configuration is required when platform is AWS, and forbidden otherwise + rule: 'has(self.type) && self.type == ''AWS'' ? has(self.aws) : !has(self.aws)' + privateZone: + description: "privateZone is the location where all the DNS records that are only available internally to the cluster exist. \n If this field is nil, no private records should be created. \n Once set, this field cannot be changed." + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + additionalProperties: + type: string + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + type: object + publicZone: + description: "publicZone is the location where all the DNS records that are publicly accessible to the internet exist. \n If this field is nil, no public records should be created. \n Once set, this field cannot be changed." + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + additionalProperties: + type: string + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + type: object + type: object + status: + description: status holds observed values from the cluster. They may not be overridden. + type: object + required: + - spec + type: object + x-kubernetes-embedded-resource: true + etcdDiscoveryDomain: + description: etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead + type: string + imageRegistryBundleData: + description: imageRegistryBundleData is the ImageRegistryData + items: + description: ImageRegistryBundle contains information for writing image registry certificates + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + format: byte + type: string + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + required: + - data + - file + type: object + type: array + x-kubernetes-list-type: atomic + imageRegistryBundleUserData: + description: imageRegistryBundleUserData is Image Registry Data provided by the user + items: + description: ImageRegistryBundle contains information for writing image registry certificates + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + format: byte + type: string + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + required: + - data + - file + type: object + type: array + x-kubernetes-list-type: atomic + images: + additionalProperties: + type: string + description: images is map of images that are used by the controller to render templates under ./templates/ + type: object + infra: + description: infra holds the infrastructure details + nullable: true + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + properties: + cloudConfig: + description: "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. \n cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only." + properties: + key: + description: Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + type: string + name: + type: string + type: object + platformSpec: + description: platformSpec holds desired information specific to the underlying infrastructure provider. + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + properties: + serviceEndpoints: + description: serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pattern: ^https:// + type: string + type: object + type: array + type: object + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + external: + description: ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. + properties: + platformName: + default: Unknown + description: PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. + type: string + x-kubernetes-validations: + - message: platform name cannot be changed once set + rule: oldSelf == 'Unknown' || self == oldSelf + type: object + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + properties: + prismCentral: + description: prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + maxLength: 256 + type: string + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + format: int32 + maximum: 65535.0 + minimum: 1.0 + type: integer + required: + - address + - port + type: object + prismElements: + description: prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + items: + description: NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) + properties: + endpoint: + description: endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + maxLength: 256 + type: string + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + format: int32 + maximum: 65535.0 + minimum: 1.0 + type: integer + required: + - address + - port + type: object + name: + description: name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + maxLength: 256 + type: string + required: + - endpoint + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - prismCentral + - prismElements + type: object + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + powervs: + description: PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + properties: + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + format: uri + pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: + description: type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + enum: + - '' + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + properties: + failureDomains: + description: failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + items: + description: VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. + properties: + name: + description: name defines the arbitrary but unique name of a failure domain. + maxLength: 256 + minLength: 1 + type: string + region: + description: region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + maxLength: 80 + minLength: 1 + type: string + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + minLength: 1 + type: string + topology: + description: Topology describes a given failure domain using vSphere constructs + properties: + computeCluster: + description: computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*? + type: string + datacenter: + description: datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + maxLength: 80 + type: string + datastore: + description: datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/datastore/.*? + type: string + folder: + description: folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/vm/.*? + type: string + networks: + description: networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + items: + type: string + maxItems: 1 + minItems: 1 + type: array + resourcePool: + description: resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*?/Resources.* + type: string + required: + - computeCluster + - datacenter + - datastore + - networks + type: object + zone: + description: zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + maxLength: 80 + minLength: 1 + type: string + required: + - name + - region + - server + - topology + - zone + type: object + type: array + nodeNetworking: + description: nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + properties: + external: + description: external represents the network configuration of the node that is externally routable. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + type: string + type: array + type: object + internal: + description: internal represents the network configuration of the node that is routable only within the cluster. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + type: string + type: array + type: object + type: object + vcenters: + description: vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + items: + description: VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. + properties: + datacenters: + description: The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + items: + type: string + minItems: 1 + type: array + port: + description: port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + format: int32 + maximum: 32767.0 + minimum: 1.0 + type: integer + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + type: string + required: + - datacenters + - server + type: object + maxItems: 1 + minItems: 0 + type: array + type: object + type: object + type: object + status: + description: status holds observed values from the cluster. They may not be overridden. + properties: + apiServerInternalURI: + description: apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + type: string + apiServerURL: + description: apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + type: string + controlPlaneTopology: + default: HighlyAvailable + description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + enum: + - HighlyAvailable + - SingleReplica + - External + type: string + cpuPartitioning: + default: None + description: cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are "None" and "AllNodes". When omitted, the default value is "None". The default value of "None" indicates that no nodes will be setup with CPU partitioning. The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API. + enum: + - None + - AllNodes + type: string + etcdDiscoveryDomain: + description: 'etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.' + type: string + infrastructureName: + description: infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + type: string + infrastructureTopology: + default: HighlyAvailable + description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' + enum: + - HighlyAvailable + - SingleReplica + type: string + platform: + description: "platform is the underlying infrastructure provider for the cluster. \n Deprecated: Use platformStatus.type instead." + enum: + - '' + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + platformStatus: + description: platformStatus holds status information specific to the underlying infrastructure provider. + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + properties: + region: + description: region specifies the region for Alibaba Cloud resources created for the cluster. + pattern: ^[0-9A-Za-z-]+$ + type: string + resourceGroupID: + description: resourceGroupID is the ID of the resource group for the cluster. + pattern: ^(rg-[0-9A-Za-z]+)?$ + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + items: + description: AlibabaCloudResourceTag is the set of tags to add to apply to resources. + properties: + key: + description: key is the key of the tag. + maxLength: 128 + minLength: 1 + type: string + value: + description: value is the value of the tag. + maxLength: 128 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + required: + - region + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + properties: + region: + description: region holds the default AWS region for new AWS resources created by the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. + items: + description: AWSResourceTag is a tag to apply to AWS resources created for the cluster. + properties: + key: + description: key is the key of the tag + maxLength: 128 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string + value: + description: value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string + required: + - key + - value + type: object + maxItems: 25 + type: array + serviceEndpoints: + description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pattern: ^https:// + type: string + type: object + type: array + type: object + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + properties: + armEndpoint: + description: armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. + enum: + - '' + - AzurePublicCloud + - AzureUSGovernmentCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureStackCloud + type: string + networkResourceGroupName: + description: networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + type: string + resourceGroupName: + description: resourceGroupName is the Resource Group for new Azure resources created for the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Azure resources created for the cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + items: + description: AzureResourceTag is a tag to apply to Azure resources created for the cluster. + properties: + key: + description: key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric characters and the following special characters `_ . -`. + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + type: string + value: + description: 'value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`.' + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.=+-@]+$ + type: string + required: + - key + - value + type: object + maxItems: 10 + type: array + x-kubernetes-validations: + - message: resourceTags are immutable and may only be configured during installation + rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + type: object + x-kubernetes-validations: + - message: resourceTags may only be configured during installation + rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)' + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + type: object + external: + description: External contains settings specific to the generic External infrastructure provider. + properties: + cloudControllerManager: + description: cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + properties: + state: + description: "state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager \n Valid values are \"External\", \"None\" and omitted. When set to \"External\", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to \"None\", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected." + enum: + - '' + - External + - None + type: string + x-kubernetes-validations: + - message: state is immutable once set + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: state may not be added or removed once set + rule: (has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) && self.state != "External") + type: object + x-kubernetes-validations: + - message: cloudControllerManager may not be added or removed once set + rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + properties: + projectID: + description: resourceGroupName is the Project ID for new GCP resources created for the cluster. + type: string + region: + description: region holds the region for new GCP resources created for the cluster. + type: string + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + location: + description: Location is where the cluster has been deployed + type: string + providerType: + description: ProviderType indicates the type of cluster that was created + type: string + resourceGroupName: + description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + type: string + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of an IBM Cloud service. These endpoints are consumed by components within the cluster to reach the respective IBM Cloud Services. + items: + description: IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services. + properties: + name: + description: 'name is the name of the IBM Cloud service. Possible values are: CIS, COS, DNSServices, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com`' + enum: + - CIS + - COS + - DNSServices + - GlobalSearch + - GlobalTagging + - HyperProtect + - IAM + - KeyProtect + - ResourceController + - ResourceManager + - VPC + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + x-kubernetes-validations: + - message: url must be a valid absolute URL + rule: isURL(self) + required: + - name + - url + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + type: object + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + cloudName: + description: cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + loadBalancer: + default: + type: OpenShiftManagedDefault + description: loadBalancer defines how the load balancer used by the cluster is configured. + properties: + type: + default: OpenShiftManagedDefault + description: type defines the type of load balancer used by the cluster on OpenStack platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. + enum: + - OpenShiftManagedDefault + - UserManaged + type: string + x-kubernetes-validations: + - message: type is immutable once set + rule: oldSelf == '' || self == oldSelf + type: object + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' + type: string + type: object + powervs: + description: PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + region: + description: region holds the default Power VS region for new Power VS resources created by the cluster. + type: string + resourceGroup: + description: 'resourceGroup is the resource group name for new IBMCloud resources created for a cluster. The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. When omitted, the image registry operator won''t be able to configure storage, which results in the image registry cluster operator not being in an available state.' + maxLength: 40 + pattern: ^[a-zA-Z0-9-_ ]+$ + type: string + x-kubernetes-validations: + - message: resourceGroup is immutable once set + rule: oldSelf == '' || self == oldSelf + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + format: uri + pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array + zone: + description: 'zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported' + type: string + type: object + x-kubernetes-validations: + - message: cannot unset resourceGroup once set + rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' + type: + description: "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. \n This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set." + enum: + - '' + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + type: object + type: object + required: + - spec + type: object + x-kubernetes-embedded-resource: true + internalRegistryPullSecret: + description: internalRegistryPullSecret is the pull secret for the internal registry, used by rpm-ostree to pull images from the internal registry if present + format: byte + nullable: true + type: string + ipFamilies: + description: ipFamilies indicates the IP families in use by the cluster network + type: string + kubeAPIServerServingCAData: + description: kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically + format: byte + type: string + network: + description: Network contains additional network related information + nullable: true + properties: + mtuMigration: + description: MTUMigration contains the MTU migration configuration. + nullable: true + properties: + machine: + description: Machine contains MTU migration configuration for the machine's uplink. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0.0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0.0 + type: integer + type: object + network: + description: Network contains MTU migration configuration for the default network. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0.0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0.0 + type: integer + type: object + type: object + required: + - mtuMigration + type: object + networkType: + description: 'networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes.' + type: string + osImageURL: + description: OSImageURL is the old-format container image that contains the OS update payload. + type: string + platform: + description: platform is deprecated, use Infra.Status.PlatformStatus.Type instead + type: string + proxy: + description: proxy holds the current proxy configuration for the nodes + nullable: true + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. + type: string + type: object + pullSecret: + description: pullSecret is the default pull secret that needs to be installed on all machines. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + releaseImage: + description: releaseImage is the image used when installing the cluster + type: string + rootCAData: + description: rootCAData specifies the root CA data + format: byte + type: string + required: + - additionalTrustBundle + - baseOSContainerImage + - cloudProviderCAData + - cloudProviderConfig + - clusterDNSIP + - dns + - images + - infra + - ipFamilies + - kubeAPIServerServingCAData + - network + - proxy + - releaseImage + - rootCAData + type: object + status: + description: ControllerConfigStatus is the status for ControllerConfig + properties: + conditions: + description: conditions represents the latest available observations of current state. + items: + description: ControllerConfigStatusCondition contains condition information for ControllerConfigStatus + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + format: date-time + nullable: true + type: string + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + controllerCertificates: + description: controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO. + items: + description: ControllerCertificate contains info about a specific cert. + properties: + bundleFile: + description: bundleFile is the larger bundle a cert comes from + type: string + notAfter: + description: notAfter is the upper boundary for validity + format: date-time + type: string + notBefore: + description: notBefore is the lower boundary for validity + format: date-time + type: string + signer: + description: signer is the cert Issuer + type: string + subject: + description: subject is the cert subject + type: string + required: + - bundleFile + - notAfter + - notBefore + - signer + - subject + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml new file mode 100644 index 000000000..86a008465 --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml @@ -0,0 +1,158 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + labels: + openshift.io/operator-managed: '' + name: kubeletconfigs.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: KubeletConfig + listKind: KubeletConfigList + plural: kubeletconfigs + singular: kubeletconfig + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "KubeletConfig describes a customized Kubelet configuration. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeletConfigSpec defines the desired state of KubeletConfig + properties: + autoSizingReserved: + type: boolean + kubeletConfig: + description: kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + type: object + x-kubernetes-preserve-unknown-fields: true + logLevel: + format: int32 + type: integer + machineConfigPoolSelector: + description: MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + tlsSecurityProfile: + description: If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. + properties: + custom: + description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1" + nullable: true + properties: + ciphers: + description: "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + items: + type: string + type: array + minTLSVersion: + description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12" + enum: + - VersionTLS10 + - VersionTLS11 + - VersionTLS12 + - VersionTLS13 + type: string + type: object + intermediate: + description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2" + nullable: true + type: object + modern: + description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." + nullable: true + type: object + old: + description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" + nullable: true + type: object + type: + description: "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations \n The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. \n Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries." + enum: + - Old + - Intermediate + - Modern + - Custom + type: string + type: object + type: object + status: + description: KubeletConfigStatus defines the observed state of a KubeletConfig + properties: + conditions: + description: conditions represents the latest available observations of current state. + items: + description: KubeletConfigCondition defines the state of the KubeletConfig + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + format: date-time + nullable: true + type: string + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + type: object + type: array + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigpools.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigpools.yaml new file mode 100644 index 000000000..cf6998773 --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigpools.yaml @@ -0,0 +1,338 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + labels: + openshift.io/operator-managed: '' + name: machineconfigpools.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: MachineConfigPool + plural: machineconfigpools + shortNames: + - mcp + singular: machineconfigpool + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.configuration.name + name: Config + type: string + - description: When all the machines in the pool are updated to the correct machine config. + jsonPath: .status.conditions[?(@.type=="Updated")].status + name: Updated + type: string + - description: When at least one of machine is not either not updated or is in the process of updating to the desired machine config. + jsonPath: .status.conditions[?(@.type=="Updating")].status + name: Updating + type: string + - description: When progress is blocked on updating one or more nodes, or the pool configuration is failing. + jsonPath: .status.conditions[?(@.type=="Degraded")].status + name: Degraded + type: string + - description: Total number of machines in the machine config pool + jsonPath: .status.machineCount + name: MachineCount + type: number + - description: Total number of ready machines targeted by the pool + jsonPath: .status.readyMachineCount + name: ReadyMachineCount + type: number + - description: Total number of machines targeted by the pool that have the CurrentMachineConfig as their config + jsonPath: .status.updatedMachineCount + name: UpdatedMachineCount + type: number + - description: Total number of machines marked degraded (or unreconcilable) + jsonPath: .status.degradedMachineCount + name: DegradedMachineCount + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: "MachineConfigPool describes a pool of MachineConfigs. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineConfigPoolSpec is the spec for MachineConfigPool resource. + properties: + configuration: + description: The targeted MachineConfig object for the machine config pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + source: + description: source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + machineConfigSelector: + description: machineConfigSelector specifies a label selector for MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + maxUnavailable: + anyOf: + - type: integer + - type: string + description: "maxUnavailable defines either an integer number or percentage of nodes in the pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1. \n A value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one." + x-kubernetes-int-or-string: true + nodeSelector: + description: nodeSelector specifies a label selector for Machines + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + paused: + description: paused specifies whether or not changes to this machine config pool should be stopped. This includes generating new desiredMachineConfig and update of machines. + type: boolean + type: object + status: + description: MachineConfigPoolStatus is the status for MachineConfigPool resource. + properties: + certExpirys: + description: certExpirys keeps track of important certificate expiration data + items: + description: ceryExpiry contains the bundle name and the expiry date + properties: + bundle: + description: bundle is the name of the bundle in which the subject certificate resides + type: string + expiry: + description: expiry is the date after which the certificate will no longer be valid + format: date-time + type: string + subject: + description: subject is the subject of the certificate + type: string + required: + - bundle + - expiry + - subject + type: object + type: array + x-kubernetes-list-type: atomic + conditions: + description: conditions represents the latest available observations of current state. + items: + description: MachineConfigPoolCondition contains condition information for an MachineConfigPool. + properties: + lastTransitionTime: + description: lastTransitionTime is the timestamp corresponding to the last status change of this condition. + format: date-time + nullable: true + type: string + message: + description: message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: status of the condition, one of ('True', 'False', 'Unknown'). + type: string + type: + description: type of the condition, currently ('Done', 'Updating', 'Failed'). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + configuration: + description: configuration represents the current MachineConfig object for the machine config pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + source: + description: source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + degradedMachineCount: + description: degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). A node is marked degraded if applying a configuration failed.. + format: int32 + type: integer + machineCount: + description: machineCount represents the total number of machines in the machine config pool. + format: int32 + type: integer + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + format: int64 + type: integer + readyMachineCount: + description: readyMachineCount represents the total number of ready machines targeted by the pool. + format: int32 + type: integer + unavailableMachineCount: + description: unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. A node is marked unavailable if it is in updating state or NodeReady condition is false. + format: int32 + type: integer + updatedMachineCount: + description: updatedMachineCount represents the total number of machines targeted by the pool that have the CurrentMachineConfig as their config. + format: int32 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigs.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigs.yaml new file mode 100644 index 000000000..d7ad31098 --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigs.yaml @@ -0,0 +1,82 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + labels: + openshift.io/operator-managed: '' + name: machineconfigs.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: MachineConfig + plural: machineconfigs + shortNames: + - mc + singular: machineconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Version of the controller that generated the machineconfig. This will be empty if the machineconfig is not managed by a controller. + jsonPath: .metadata.annotations.machineconfiguration\.openshift\.io/generated-by-controller-version + name: GeneratedByController + type: string + - description: Version of the Ignition Config defined in the machineconfig. + jsonPath: .spec.config.ignition.version + name: IgnitionVersion + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: "MachineConfig defines the configuration for a machine \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineConfigSpec is the spec for MachineConfig + properties: + baseOSExtensionsContainerImage: + description: BaseOSExtensionsContainerImage specifies the remote location that will be used to fetch the extensions container matching a new-format OS image + type: string + config: + description: Config is a Ignition Config object. + type: object + x-kubernetes-preserve-unknown-fields: true + extensions: + description: extensions contains a list of additional features that can be enabled on host + items: + type: string + type: array + x-kubernetes-list-type: atomic + fips: + description: fips controls FIPS mode + type: boolean + kernelArguments: + description: kernelArguments contains a list of kernel arguments to be added + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: atomic + kernelType: + description: kernelType contains which kernel we want to be running like default (traditional), realtime, 64k-pages (aarch64 only). + type: string + osImageURL: + description: OSImageURL specifies the remote location that will be used to fetch the OS. + type: string + type: object + type: object + served: true + storage: true diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.args b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.args new file mode 100644 index 000000000..7ab47510b --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.args @@ -0,0 +1 @@ +--derive=PartialEq diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml new file mode 100644 index 000000000..a4344dbf9 --- /dev/null +++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml @@ -0,0 +1,200 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1596 + include.release.openshift.io/ibm-cloud-managed: 'true' + include.release.openshift.io/self-managed-high-availability: 'true' + include.release.openshift.io/single-node-developer: 'true' + release.openshift.io/feature-set: CustomNoUpgrade + labels: + openshift.io/operator-managed: '' + name: machineconfignodes.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: MachineConfigNode + plural: machineconfignodes + singular: machineconfignode + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Updated")].status + name: Updated + type: string + - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status + name: UpdatePrepared + type: string + - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status + name: UpdateExecuted + type: string + - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status + name: UpdatePostActionComplete + type: string + - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status + name: UpdateComplete + type: string + - jsonPath: .status.conditions[?(@.type=="Resumed")].status + name: Resumed + type: string + - jsonPath: .status.conditions[?(@.type=="UpdateCompatible")].status + name: UpdateCompatible + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status + name: UpdatedFilesAndOS + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="CordonedNode")].status + name: CordonedNode + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="DrainedNode")].status + name: DrainedNode + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status + name: RebootedNode + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="ReloadedCRIO")].status + name: ReloadedCRIO + priority: 1 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: 'MachineConfigNode describes the health of the Machines on the system Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec describes the configuration of the machine config node. + properties: + configVersion: + description: configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to. This gets set before the machine config operator validates the new machine config against the current machine config. + properties: + desired: + description: desired is the name of the machine config that the the node should be upgraded to. This value is set when the machine config pool generates a new version of its rendered configuration. When this value is changed, the machine config daemon starts the node upgrade process. This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - desired + type: object + node: + description: node contains a reference to the node for this machine config node. + properties: + name: + description: name is the object name. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - name + type: object + pool: + description: pool contains a reference to the machine config pool that this machine config node's referenced node belongs to. + properties: + name: + description: name is the object name. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - name + type: object + required: + - configVersion + - node + - pool + type: object + status: + description: status describes the last observed state of this machine config node. + properties: + conditions: + description: conditions represent the observations of a machine config node's current state. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0.0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - 'True' + - 'False' + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + configVersion: + description: configVersion describes the current and desired machine config for this node. The current version represents the current machine config for the node and is updated after a successful update. The desired version represents the machine config the node will attempt to update to. This desired machine config has been compared to the current machine config and has been validated by the machine config operator as one that is valid and that exists. + properties: + current: + description: current is the name of the machine config currently in use on the node. This value is updated once the machine config daemon has completed the update of the configuration for the node. This value should match the desired version unless an upgrade is in progress. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + desired: + description: desired is the MachineConfig the node wants to upgrade to. This value gets set in the machine config node status once the machine config has been validated against the current machine config. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - desired + type: object + observedGeneration: + description: observedGeneration represents the generation observed by the controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. + format: int64 + type: integer + required: + - configVersion + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: spec.node.name should match metadata.name + rule: self.metadata.name == self.spec.node.name + served: true + storage: true + subresources: + status: {} diff --git a/kube-custom-resources-rs/Cargo.toml b/kube-custom-resources-rs/Cargo.toml index 053af45cf..f7e70da30 100644 --- a/kube-custom-resources-rs/Cargo.toml +++ b/kube-custom-resources-rs/Cargo.toml @@ -213,6 +213,8 @@ logging_extensions_banzaicloud_io_v1alpha1 = [] loki_grafana_com_v1 = [] loki_grafana_com_v1beta1 = [] longhorn_io_v1beta2 = [] +machineconfiguration_openshift_io_v1 = [] +machineconfiguration_openshift_io_v1alpha1 = [] maps_k8s_elastic_co_v1alpha1 = [] mariadb_mmontes_io_v1alpha1 = [] mattermost_com_v1alpha1 = [] diff --git a/kube-custom-resources-rs/src/lib.rs b/kube-custom-resources-rs/src/lib.rs index 784f62b6f..753201679 100644 --- a/kube-custom-resources-rs/src/lib.rs +++ b/kube-custom-resources-rs/src/lib.rs @@ -1797,6 +1797,24 @@ kinds: - `VolumeAttachment` - `Volume` +## machineconfiguration_openshift_io_v1 + +apiVersion: `machineconfiguration.openshift.io/v1` + +kinds: +- `ContainerRuntimeConfig` +- `ControllerConfig` +- `KubeletConfig` +- `MachineConfigPool` +- `MachineConfig` + +## machineconfiguration_openshift_io_v1alpha1 + +apiVersion: `machineconfiguration.openshift.io/v1alpha1` + +kinds: +- `MachineConfigNode` + ## maps_k8s_elastic_co_v1alpha1 apiVersion: `maps.k8s.elastic.co/v1alpha1` @@ -3196,6 +3214,10 @@ pub mod loki_grafana_com_v1; pub mod loki_grafana_com_v1beta1; #[cfg(feature = "longhorn_io_v1beta2")] pub mod longhorn_io_v1beta2; +#[cfg(feature = "machineconfiguration_openshift_io_v1")] +pub mod machineconfiguration_openshift_io_v1; +#[cfg(feature = "machineconfiguration_openshift_io_v1alpha1")] +pub mod machineconfiguration_openshift_io_v1alpha1; #[cfg(feature = "maps_k8s_elastic_co_v1alpha1")] pub mod maps_k8s_elastic_co_v1alpha1; #[cfg(feature = "mariadb_mmontes_io_v1alpha1")] diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/containerruntimeconfigs.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/containerruntimeconfigs.rs new file mode 100644 index 000000000..572356a6d --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/containerruntimeconfigs.rs @@ -0,0 +1,97 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/containerruntimeconfigs.yaml --derive=Default --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; +use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + +/// ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1", kind = "ContainerRuntimeConfig", plural = "containerruntimeconfigs")] +#[kube(status = "ContainerRuntimeConfigStatus")] +#[kube(schema = "disabled")] +pub struct ContainerRuntimeConfigSpec { + /// ContainerRuntimeConfiguration defines the tuneables of the container runtime + #[serde(rename = "containerRuntimeConfig")] + pub container_runtime_config: ContainerRuntimeConfigContainerRuntimeConfig, + /// MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. A nil selector will result in no pools being selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineConfigPoolSelector")] + pub machine_config_pool_selector: Option, +} + +/// ContainerRuntimeConfiguration defines the tuneables of the container runtime +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ContainerRuntimeConfigContainerRuntimeConfig { + /// defaultRuntime is the name of the OCI runtime to be used as the default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultRuntime")] + pub default_runtime: Option, + /// logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] + pub log_level: Option, + /// logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSizeMax")] + pub log_size_max: Option, + /// overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "overlaySize")] + pub overlay_size: Option, + /// pidsLimit specifies the maximum number of processes allowed in a container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pidsLimit")] + pub pids_limit: Option, +} + +/// MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig shoud apply to. A nil selector will result in no pools being selected. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ContainerRuntimeConfigMachineConfigPoolSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ContainerRuntimeConfigMachineConfigPoolSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ContainerRuntimeConfigStatus { + /// conditions represents the latest available observations of current state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// observedGeneration represents the generation observed by the controller. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + +/// ContainerRuntimeConfigCondition defines the state of the ContainerRuntimeConfig +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ContainerRuntimeConfigStatusConditions { + /// lastTransitionTime is the time of the last update to the current status object. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransitionTime")] + pub last_transition_time: Option, + /// message provides additional information about the current condition. This is only to be consumed by humans. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// reason is the reason for the condition's last transition. Reasons are PascalCase + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// status of the condition, one of True, False, Unknown. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, + /// type specifies the state of the operator's reconciliation functionality. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/controllerconfigs.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/controllerconfigs.rs new file mode 100644 index 000000000..3f264c1ad --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/controllerconfigs.rs @@ -0,0 +1,1248 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/controllerconfigs.yaml --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; + +/// ControllerConfigSpec is the spec for ControllerConfig resource. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1", kind = "ControllerConfig", plural = "controllerconfigs")] +#[kube(status = "ControllerConfigStatus")] +#[kube(schema = "disabled")] +pub struct ControllerConfigSpec { + /// additionalTrustBundle is a certificate bundle that will be added to the nodes trusted certificate store. + #[serde(rename = "additionalTrustBundle")] + pub additional_trust_bundle: String, + /// BaseOSContainerImage is the new-format container image for operating system updates. + #[serde(rename = "baseOSContainerImage")] + pub base_os_container_image: String, + /// BaseOSExtensionsContainerImage is the matching extensions container for the new-format container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseOSExtensionsContainerImage")] + pub base_os_extensions_container_image: Option, + /// cloudProvider specifies the cloud provider CA data + #[serde(rename = "cloudProviderCAData")] + pub cloud_provider_ca_data: String, + /// cloudProviderConfig is the configuration for the given cloud provider + #[serde(rename = "cloudProviderConfig")] + pub cloud_provider_config: String, + /// clusterDNSIP is the cluster DNS IP address + #[serde(rename = "clusterDNSIP")] + pub cluster_dnsip: String, + /// dns holds the cluster dns details + pub dns: ControllerConfigDns, + /// etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead + #[serde(default, skip_serializing_if = "Option::is_none", rename = "etcdDiscoveryDomain")] + pub etcd_discovery_domain: Option, + /// imageRegistryBundleData is the ImageRegistryData + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageRegistryBundleData")] + pub image_registry_bundle_data: Option>, + /// imageRegistryBundleUserData is Image Registry Data provided by the user + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageRegistryBundleUserData")] + pub image_registry_bundle_user_data: Option>, + /// images is map of images that are used by the controller to render templates under ./templates/ + pub images: BTreeMap, + /// infra holds the infrastructure details + pub infra: ControllerConfigInfra, + /// internalRegistryPullSecret is the pull secret for the internal registry, used by rpm-ostree to pull images from the internal registry if present + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalRegistryPullSecret")] + pub internal_registry_pull_secret: Option, + /// ipFamilies indicates the IP families in use by the cluster network + #[serde(rename = "ipFamilies")] + pub ip_families: String, + /// kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically + #[serde(rename = "kubeAPIServerServingCAData")] + pub kube_api_server_serving_ca_data: String, + /// Network contains additional network related information + pub network: ControllerConfigNetwork, + /// networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkType")] + pub network_type: Option, + /// OSImageURL is the old-format container image that contains the OS update payload. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osImageURL")] + pub os_image_url: Option, + /// platform is deprecated, use Infra.Status.PlatformStatus.Type instead + #[serde(default, skip_serializing_if = "Option::is_none")] + pub platform: Option, + /// proxy holds the current proxy configuration for the nodes + pub proxy: ControllerConfigProxy, + /// pullSecret is the default pull secret that needs to be installed on all machines. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullSecret")] + pub pull_secret: Option, + /// releaseImage is the image used when installing the cluster + #[serde(rename = "releaseImage")] + pub release_image: String, + /// rootCAData specifies the root CA data + #[serde(rename = "rootCAData")] + pub root_ca_data: String, +} + +/// dns holds the cluster dns details +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDns { + /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// spec holds user settable values for configuration + pub spec: ControllerConfigDnsSpec, + /// status holds observed values from the cluster. They may not be overridden. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, +} + +/// metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsMetadata { +} + +/// spec holds user settable values for configuration +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsSpec { + /// baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base. + /// For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`. + /// Once set, this field cannot be changed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseDomain")] + pub base_domain: Option, + /// platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub platform: Option, + /// privateZone is the location where all the DNS records that are only available internally to the cluster exist. + /// If this field is nil, no private records should be created. + /// Once set, this field cannot be changed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateZone")] + pub private_zone: Option, + /// publicZone is the location where all the DNS records that are publicly accessible to the internet exist. + /// If this field is nil, no public records should be created. + /// Once set, this field cannot be changed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicZone")] + pub public_zone: Option, +} + +/// platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsSpecPlatform { + /// aws contains DNS configuration specific to the Amazon Web Services cloud provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub aws: Option, + /// type is the underlying infrastructure provider for the cluster. Allowed values: "", "AWS". + /// Individual components may not support all platforms, and must handle unrecognized platforms with best-effort defaults. + #[serde(rename = "type")] + pub r#type: ControllerConfigDnsSpecPlatformType, +} + +/// aws contains DNS configuration specific to the Amazon Web Services cloud provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsSpecPlatformAws { + /// privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateZoneIAMRole")] + pub private_zone_iam_role: Option, +} + +/// platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigDnsSpecPlatformType { + #[serde(rename = "")] + KopiumEmpty, + #[serde(rename = "AWS")] + Aws, + Azure, + BareMetal, + #[serde(rename = "GCP")] + Gcp, + Libvirt, + OpenStack, + None, + VSphere, + #[serde(rename = "oVirt")] + OVirt, + #[serde(rename = "IBMCloud")] + IbmCloud, + KubeVirt, + EquinixMetal, + #[serde(rename = "PowerVS")] + PowerVs, + AlibabaCloud, + Nutanix, + External, +} + +/// privateZone is the location where all the DNS records that are only available internally to the cluster exist. +/// If this field is nil, no private records should be created. +/// Once set, this field cannot be changed. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsSpecPrivateZone { + /// id is the identifier that can be used to find the DNS hosted zone. + /// on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + /// [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// tags can be used to query the DNS hosted zone. + /// on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + /// [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tags: Option>, +} + +/// publicZone is the location where all the DNS records that are publicly accessible to the internet exist. +/// If this field is nil, no public records should be created. +/// Once set, this field cannot be changed. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsSpecPublicZone { + /// id is the identifier that can be used to find the DNS hosted zone. + /// on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + /// [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// tags can be used to query the DNS hosted zone. + /// on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + /// [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tags: Option>, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigDnsStatus { +} + +/// ImageRegistryBundle contains information for writing image registry certificates +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigImageRegistryBundleData { + /// data holds the contents of the bundle that will be written to the file location + pub data: String, + /// file holds the name of the file where the bundle will be written to disk + pub file: String, +} + +/// ImageRegistryBundle contains information for writing image registry certificates +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigImageRegistryBundleUserData { + /// data holds the contents of the bundle that will be written to the file location + pub data: String, + /// file holds the name of the file where the bundle will be written to disk + pub file: String, +} + +/// infra holds the infrastructure details +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfra { + /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// spec holds user settable values for configuration + pub spec: ControllerConfigInfraSpec, + /// status holds observed values from the cluster. They may not be overridden. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, +} + +/// metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraMetadata { +} + +/// spec holds user settable values for configuration +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpec { + /// cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. + /// cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudConfig")] + pub cloud_config: Option, + /// platformSpec holds desired information specific to the underlying infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "platformSpec")] + pub platform_spec: Option, +} + +/// cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. +/// cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecCloudConfig { + /// Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// platformSpec holds desired information specific to the underlying infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpec { + /// AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "alibabaCloud")] + pub alibaba_cloud: Option, + /// AWS contains settings specific to the Amazon Web Services infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub aws: Option, + /// Azure contains settings specific to the Azure infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub azure: Option, + /// BareMetal contains settings specific to the BareMetal platform. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub baremetal: Option, + /// EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "equinixMetal")] + pub equinix_metal: Option, + /// ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub external: Option, + /// GCP contains settings specific to the Google Cloud Platform infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, + /// IBMCloud contains settings specific to the IBMCloud infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ibmcloud: Option, + /// Kubevirt contains settings specific to the kubevirt infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubevirt: Option, + /// Nutanix contains settings specific to the Nutanix infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub nutanix: Option, + /// OpenStack contains settings specific to the OpenStack infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub openstack: Option, + /// Ovirt contains settings specific to the oVirt infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ovirt: Option, + /// PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub powervs: Option, + /// type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// VSphere contains settings specific to the VSphere infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub vsphere: Option, +} + +/// AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecAlibabaCloud { +} + +/// AWS contains settings specific to the Amazon Web Services infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecAws { + /// serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceEndpoints")] + pub service_endpoints: Option>, +} + +/// AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecAwsServiceEndpoints { + /// name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, +} + +/// Azure contains settings specific to the Azure infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecAzure { +} + +/// BareMetal contains settings specific to the BareMetal platform. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecBaremetal { +} + +/// EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecEquinixMetal { +} + +/// ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecExternal { + /// PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "platformName")] + pub platform_name: Option, +} + +/// GCP contains settings specific to the Google Cloud Platform infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecGcp { +} + +/// IBMCloud contains settings specific to the IBMCloud infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecIbmcloud { +} + +/// Kubevirt contains settings specific to the kubevirt infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecKubevirt { +} + +/// Nutanix contains settings specific to the Nutanix infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecNutanix { + /// prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + #[serde(rename = "prismCentral")] + pub prism_central: ControllerConfigInfraSpecPlatformSpecNutanixPrismCentral, + /// prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + #[serde(rename = "prismElements")] + pub prism_elements: Vec, +} + +/// prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecNutanixPrismCentral { + /// address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + pub address: String, + /// port is the port number to access the Nutanix Prism Central or Element (cluster) + pub port: i32, +} + +/// NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecNutanixPrismElements { + /// endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + pub endpoint: ControllerConfigInfraSpecPlatformSpecNutanixPrismElementsEndpoint, + /// name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + pub name: String, +} + +/// endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecNutanixPrismElementsEndpoint { + /// address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + pub address: String, + /// port is the port number to access the Nutanix Prism Central or Element (cluster) + pub port: i32, +} + +/// OpenStack contains settings specific to the OpenStack infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecOpenstack { +} + +/// Ovirt contains settings specific to the oVirt infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecOvirt { +} + +/// PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecPowervs { + /// serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceEndpoints")] + pub service_endpoints: Option>, +} + +/// PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecPowervsServiceEndpoints { + /// name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pub name: String, + /// url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pub url: String, +} + +/// platformSpec holds desired information specific to the underlying infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraSpecPlatformSpecType { + #[serde(rename = "")] + KopiumEmpty, + #[serde(rename = "AWS")] + Aws, + Azure, + BareMetal, + #[serde(rename = "GCP")] + Gcp, + Libvirt, + OpenStack, + None, + VSphere, + #[serde(rename = "oVirt")] + OVirt, + #[serde(rename = "IBMCloud")] + IbmCloud, + KubeVirt, + EquinixMetal, + #[serde(rename = "PowerVS")] + PowerVs, + AlibabaCloud, + Nutanix, + External, +} + +/// VSphere contains settings specific to the VSphere infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphere { + /// failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] + pub failure_domains: Option>, + /// nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeNetworking")] + pub node_networking: Option, + /// vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + #[serde(default, skip_serializing_if = "Option::is_none")] + pub vcenters: Option>, +} + +/// VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereFailureDomains { + /// name defines the arbitrary but unique name of a failure domain. + pub name: String, + /// region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + pub region: String, + /// server is the fully-qualified domain name or the IP address of the vCenter server. --- + pub server: String, + /// Topology describes a given failure domain using vSphere constructs + pub topology: ControllerConfigInfraSpecPlatformSpecVsphereFailureDomainsTopology, + /// zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + pub zone: String, +} + +/// Topology describes a given failure domain using vSphere constructs +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereFailureDomainsTopology { + /// computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + #[serde(rename = "computeCluster")] + pub compute_cluster: String, + /// datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + pub datacenter: String, + /// datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + pub datastore: String, + /// folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub folder: Option, + /// networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + pub networks: Vec, + /// resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePool")] + pub resource_pool: Option, +} + +/// nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereNodeNetworking { + /// external represents the network configuration of the node that is externally routable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub external: Option, + /// internal represents the network configuration of the node that is routable only within the cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub internal: Option, +} + +/// external represents the network configuration of the node that is externally routable. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereNodeNetworkingExternal { + /// excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeNetworkSubnetCidr")] + pub exclude_network_subnet_cidr: Option>, + /// network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub network: Option, + /// networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkSubnetCidr")] + pub network_subnet_cidr: Option>, +} + +/// internal represents the network configuration of the node that is routable only within the cluster. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereNodeNetworkingInternal { + /// excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeNetworkSubnetCidr")] + pub exclude_network_subnet_cidr: Option>, + /// network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub network: Option, + /// networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkSubnetCidr")] + pub network_subnet_cidr: Option>, +} + +/// VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraSpecPlatformSpecVsphereVcenters { + /// The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + pub datacenters: Vec, + /// port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// server is the fully-qualified domain name or the IP address of the vCenter server. --- + pub server: String, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatus { + /// apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalURI")] + pub api_server_internal_uri: Option, + /// apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerURL")] + pub api_server_url: Option, + /// controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlaneTopology")] + pub control_plane_topology: Option, + /// cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are "None" and "AllNodes". When omitted, the default value is "None". The default value of "None" indicates that no nodes will be setup with CPU partitioning. The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuPartitioning")] + pub cpu_partitioning: Option, + /// etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "etcdDiscoveryDomain")] + pub etcd_discovery_domain: Option, + /// infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "infrastructureName")] + pub infrastructure_name: Option, + /// infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "infrastructureTopology")] + pub infrastructure_topology: Option, + /// platform is the underlying infrastructure provider for the cluster. + /// Deprecated: Use platformStatus.type instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub platform: Option, + /// platformStatus holds status information specific to the underlying infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "platformStatus")] + pub platform_status: Option, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusControlPlaneTopology { + HighlyAvailable, + SingleReplica, + External, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusCpuPartitioning { + None, + AllNodes, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusInfrastructureTopology { + HighlyAvailable, + SingleReplica, +} + +/// status holds observed values from the cluster. They may not be overridden. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatform { + #[serde(rename = "")] + KopiumEmpty, + #[serde(rename = "AWS")] + Aws, + Azure, + BareMetal, + #[serde(rename = "GCP")] + Gcp, + Libvirt, + OpenStack, + None, + VSphere, + #[serde(rename = "oVirt")] + OVirt, + #[serde(rename = "IBMCloud")] + IbmCloud, + KubeVirt, + EquinixMetal, + #[serde(rename = "PowerVS")] + PowerVs, + AlibabaCloud, + Nutanix, + External, +} + +/// platformStatus holds status information specific to the underlying infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatus { + /// AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "alibabaCloud")] + pub alibaba_cloud: Option, + /// AWS contains settings specific to the Amazon Web Services infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub aws: Option, + /// Azure contains settings specific to the Azure infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub azure: Option, + /// BareMetal contains settings specific to the BareMetal platform. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub baremetal: Option, + /// EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "equinixMetal")] + pub equinix_metal: Option, + /// External contains settings specific to the generic External infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub external: Option, + /// GCP contains settings specific to the Google Cloud Platform infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, + /// IBMCloud contains settings specific to the IBMCloud infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ibmcloud: Option, + /// Kubevirt contains settings specific to the kubevirt infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubevirt: Option, + /// Nutanix contains settings specific to the Nutanix infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub nutanix: Option, + /// OpenStack contains settings specific to the OpenStack infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub openstack: Option, + /// Ovirt contains settings specific to the oVirt infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ovirt: Option, + /// PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub powervs: Option, + /// type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + /// This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// VSphere contains settings specific to the VSphere infrastructure provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub vsphere: Option, +} + +/// AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAlibabaCloud { + /// region specifies the region for Alibaba Cloud resources created for the cluster. + pub region: String, + /// resourceGroupID is the ID of the resource group for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroupID")] + pub resource_group_id: Option, + /// resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceTags")] + pub resource_tags: Option>, +} + +/// AlibabaCloudResourceTag is the set of tags to add to apply to resources. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAlibabaCloudResourceTags { + /// key is the key of the tag. + pub key: String, + /// value is the value of the tag. + pub value: String, +} + +/// AWS contains settings specific to the Amazon Web Services infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAws { + /// region holds the default AWS region for new AWS resources created by the cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceTags")] + pub resource_tags: Option>, + /// ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceEndpoints")] + pub service_endpoints: Option>, +} + +/// AWSResourceTag is a tag to apply to AWS resources created for the cluster. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAwsResourceTags { + /// key is the key of the tag + pub key: String, + /// value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. + pub value: String, +} + +/// AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAwsServiceEndpoints { + /// name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, +} + +/// Azure contains settings specific to the Azure infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAzure { + /// armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "armEndpoint")] + pub arm_endpoint: Option, + /// cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudName")] + pub cloud_name: Option, + /// networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkResourceGroupName")] + pub network_resource_group_name: Option, + /// resourceGroupName is the Resource Group for new Azure resources created for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroupName")] + pub resource_group_name: Option, + /// resourceTags is a list of additional tags to apply to Azure resources created for the cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceTags")] + pub resource_tags: Option>, +} + +/// Azure contains settings specific to the Azure infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatformStatusAzureCloudName { + #[serde(rename = "")] + KopiumEmpty, + AzurePublicCloud, + #[serde(rename = "AzureUSGovernmentCloud")] + AzureUsGovernmentCloud, + AzureChinaCloud, + AzureGermanCloud, + AzureStackCloud, +} + +/// AzureResourceTag is a tag to apply to Azure resources created for the cluster. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusAzureResourceTags { + /// key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric characters and the following special characters `_ . -`. + pub key: String, + /// value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`. + pub value: String, +} + +/// BareMetal contains settings specific to the BareMetal platform. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusBaremetal { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + /// Deprecated: Use APIServerInternalIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIPs")] + pub api_server_internal_i_ps: Option>, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + /// Deprecated: Use IngressIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, + /// ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIPs")] + pub ingress_i_ps: Option>, + /// nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeDNSIP")] + pub node_dnsip: Option, +} + +/// EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusEquinixMetal { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, +} + +/// External contains settings specific to the generic External infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusExternal { + /// cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudControllerManager")] + pub cloud_controller_manager: Option, +} + +/// cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusExternalCloudControllerManager { + /// state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager + /// Valid values are "External", "None" and omitted. When set to "External", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to "None", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub state: Option, +} + +/// cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatformStatusExternalCloudControllerManagerState { + #[serde(rename = "")] + KopiumEmpty, + External, + None, +} + +/// GCP contains settings specific to the Google Cloud Platform infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusGcp { + /// resourceGroupName is the Project ID for new GCP resources created for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] + pub project_id: Option, + /// region holds the region for new GCP resources created for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, +} + +/// IBMCloud contains settings specific to the IBMCloud infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusIbmcloud { + /// CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cisInstanceCRN")] + pub cis_instance_crn: Option, + /// DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsInstanceCRN")] + pub dns_instance_crn: Option, + /// Location is where the cluster has been deployed + #[serde(default, skip_serializing_if = "Option::is_none")] + pub location: Option, + /// ProviderType indicates the type of cluster that was created + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerType")] + pub provider_type: Option, + /// ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroupName")] + pub resource_group_name: Option, + /// serviceEndpoints is a list of custom endpoints which will override the default service endpoints of an IBM Cloud service. These endpoints are consumed by components within the cluster to reach the respective IBM Cloud Services. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceEndpoints")] + pub service_endpoints: Option>, +} + +/// IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusIbmcloudServiceEndpoints { + /// name is the name of the IBM Cloud service. Possible values are: CIS, COS, DNSServices, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` + pub name: ControllerConfigInfraStatusPlatformStatusIbmcloudServiceEndpointsName, + /// url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pub url: String, +} + +/// IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatformStatusIbmcloudServiceEndpointsName { + #[serde(rename = "CIS")] + Cis, + #[serde(rename = "COS")] + Cos, + #[serde(rename = "DNSServices")] + DnsServices, + GlobalSearch, + GlobalTagging, + HyperProtect, + #[serde(rename = "IAM")] + Iam, + KeyProtect, + ResourceController, + ResourceManager, + #[serde(rename = "VPC")] + Vpc, +} + +/// Kubevirt contains settings specific to the kubevirt infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusKubevirt { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, +} + +/// Nutanix contains settings specific to the Nutanix infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusNutanix { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + /// Deprecated: Use APIServerInternalIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIPs")] + pub api_server_internal_i_ps: Option>, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + /// Deprecated: Use IngressIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, + /// ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIPs")] + pub ingress_i_ps: Option>, +} + +/// OpenStack contains settings specific to the OpenStack infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusOpenstack { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + /// Deprecated: Use APIServerInternalIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIPs")] + pub api_server_internal_i_ps: Option>, + /// cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudName")] + pub cloud_name: Option, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + /// Deprecated: Use IngressIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, + /// ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIPs")] + pub ingress_i_ps: Option>, + /// loadBalancer defines how the load balancer used by the cluster is configured. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] + pub load_balancer: Option, + /// nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeDNSIP")] + pub node_dnsip: Option, +} + +/// loadBalancer defines how the load balancer used by the cluster is configured. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusOpenstackLoadBalancer { + /// type defines the type of load balancer used by the cluster on OpenStack platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// loadBalancer defines how the load balancer used by the cluster is configured. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatformStatusOpenstackLoadBalancerType { + OpenShiftManagedDefault, + UserManaged, +} + +/// Ovirt contains settings specific to the oVirt infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusOvirt { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + /// Deprecated: Use APIServerInternalIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIPs")] + pub api_server_internal_i_ps: Option>, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + /// Deprecated: Use IngressIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, + /// ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIPs")] + pub ingress_i_ps: Option>, + /// deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeDNSIP")] + pub node_dnsip: Option, +} + +/// PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusPowervs { + /// CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cisInstanceCRN")] + pub cis_instance_crn: Option, + /// DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsInstanceCRN")] + pub dns_instance_crn: Option, + /// region holds the default Power VS region for new Power VS resources created by the cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// resourceGroup is the resource group name for new IBMCloud resources created for a cluster. The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. When omitted, the image registry operator won't be able to configure storage, which results in the image registry cluster operator not being in an available state. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] + pub resource_group: Option, + /// serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceEndpoints")] + pub service_endpoints: Option>, + /// zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported + #[serde(default, skip_serializing_if = "Option::is_none")] + pub zone: Option, +} + +/// PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusPowervsServiceEndpoints { + /// name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pub name: String, + /// url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pub url: String, +} + +/// platformStatus holds status information specific to the underlying infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ControllerConfigInfraStatusPlatformStatusType { + #[serde(rename = "")] + KopiumEmpty, + #[serde(rename = "AWS")] + Aws, + Azure, + BareMetal, + #[serde(rename = "GCP")] + Gcp, + Libvirt, + OpenStack, + None, + VSphere, + #[serde(rename = "oVirt")] + OVirt, + #[serde(rename = "IBMCloud")] + IbmCloud, + KubeVirt, + EquinixMetal, + #[serde(rename = "PowerVS")] + PowerVs, + AlibabaCloud, + Nutanix, + External, +} + +/// VSphere contains settings specific to the VSphere infrastructure provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigInfraStatusPlatformStatusVsphere { + /// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + /// Deprecated: Use APIServerInternalIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIP")] + pub api_server_internal_ip: Option, + /// apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerInternalIPs")] + pub api_server_internal_i_ps: Option>, + /// ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + /// Deprecated: Use IngressIPs instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIP")] + pub ingress_ip: Option, + /// ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressIPs")] + pub ingress_i_ps: Option>, + /// nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeDNSIP")] + pub node_dnsip: Option, +} + +/// Network contains additional network related information +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigNetwork { + /// MTUMigration contains the MTU migration configuration. + #[serde(rename = "mtuMigration")] + pub mtu_migration: ControllerConfigNetworkMtuMigration, +} + +/// MTUMigration contains the MTU migration configuration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigNetworkMtuMigration { + /// Machine contains MTU migration configuration for the machine's uplink. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub machine: Option, + /// Network contains MTU migration configuration for the default network. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub network: Option, +} + +/// Machine contains MTU migration configuration for the machine's uplink. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigNetworkMtuMigrationMachine { + /// From is the MTU to migrate from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub from: Option, + /// To is the MTU to migrate to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub to: Option, +} + +/// Network contains MTU migration configuration for the default network. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigNetworkMtuMigrationNetwork { + /// From is the MTU to migrate from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub from: Option, + /// To is the MTU to migrate to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub to: Option, +} + +/// proxy holds the current proxy configuration for the nodes +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigProxy { + /// httpProxy is the URL of the proxy for HTTP requests. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] + pub http_proxy: Option, + /// httpsProxy is the URL of the proxy for HTTPS requests. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] + pub https_proxy: Option, + /// noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, +} + +/// pullSecret is the default pull secret that needs to be installed on all machines. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigPullSecret { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + +/// ControllerConfigStatus is the status for ControllerConfig +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigStatus { + /// conditions represents the latest available observations of current state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "controllerCertificates")] + pub controller_certificates: Option>, + /// observedGeneration represents the generation observed by the controller. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + +/// ControllerConfigStatusCondition contains condition information for ControllerConfigStatus +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigStatusConditions { + /// lastTransitionTime is the time of the last update to the current status object. + #[serde(rename = "lastTransitionTime")] + pub last_transition_time: String, + /// message provides additional information about the current condition. This is only to be consumed by humans. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// reason is the reason for the condition's last transition. Reasons are PascalCase + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// status of the condition, one of True, False, Unknown. + pub status: String, + /// type specifies the state of the operator's reconciliation functionality. + #[serde(rename = "type")] + pub r#type: String, +} + +/// ControllerCertificate contains info about a specific cert. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ControllerConfigStatusControllerCertificates { + /// bundleFile is the larger bundle a cert comes from + #[serde(rename = "bundleFile")] + pub bundle_file: String, + /// notAfter is the upper boundary for validity + #[serde(rename = "notAfter")] + pub not_after: String, + /// notBefore is the lower boundary for validity + #[serde(rename = "notBefore")] + pub not_before: String, + /// signer is the cert Issuer + pub signer: String, + /// subject is the cert subject + pub subject: String, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/kubeletconfigs.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/kubeletconfigs.rs new file mode 100644 index 000000000..5f8c044d6 --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/kubeletconfigs.rs @@ -0,0 +1,180 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml --derive=Default --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; + +/// KubeletConfigSpec defines the desired state of KubeletConfig +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1", kind = "KubeletConfig", plural = "kubeletconfigs")] +#[kube(status = "KubeletConfigStatus")] +#[kube(schema = "disabled")] +pub struct KubeletConfigSpec { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoSizingReserved")] + pub auto_sizing_reserved: Option, + /// kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by OpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from upstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes for the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeletConfig")] + pub kubelet_config: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] + pub log_level: Option, + /// MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineConfigPoolSelector")] + pub machine_config_pool_selector: Option, + /// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsSecurityProfile")] + pub tls_security_profile: Option, +} + +/// MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigMachineConfigPoolSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigMachineConfigPoolSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigTlsSecurityProfile { + /// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: + /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub custom: Option, + /// intermediate is a TLS security profile based on: + /// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 + /// and looks like this (yaml): + /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub intermediate: Option, + /// modern is a TLS security profile based on: + /// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + /// and looks like this (yaml): + /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 + /// NOTE: Currently unsupported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub modern: Option, + /// old is a TLS security profile based on: + /// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility + /// and looks like this (yaml): + /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub old: Option, + /// type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: + /// https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + /// The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. + /// Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: +/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigTlsSecurityProfileCustom { + /// ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): + /// ciphers: - DES-CBC3-SHA + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ciphers: Option>, + /// minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): + /// minTLSVersion: TLSv1.1 + /// NOTE: currently the highest minTLSVersion allowed is VersionTLS12 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minTLSVersion")] + pub min_tls_version: Option, +} + +/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: +/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KubeletConfigTlsSecurityProfileCustomMinTlsVersion { + #[serde(rename = "VersionTLS10")] + VersionTls10, + #[serde(rename = "VersionTLS11")] + VersionTls11, + #[serde(rename = "VersionTLS12")] + VersionTls12, + #[serde(rename = "VersionTLS13")] + VersionTls13, +} + +/// intermediate is a TLS security profile based on: +/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 +/// and looks like this (yaml): +/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigTlsSecurityProfileIntermediate { +} + +/// modern is a TLS security profile based on: +/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility +/// and looks like this (yaml): +/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 +/// NOTE: Currently unsupported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigTlsSecurityProfileModern { +} + +/// old is a TLS security profile based on: +/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility +/// and looks like this (yaml): +/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigTlsSecurityProfileOld { +} + +/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KubeletConfigTlsSecurityProfileType { + Old, + Intermediate, + Modern, + Custom, +} + +/// KubeletConfigStatus defines the observed state of a KubeletConfig +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigStatus { + /// conditions represents the latest available observations of current state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// observedGeneration represents the generation observed by the controller. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + +/// KubeletConfigCondition defines the state of the KubeletConfig +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeletConfigStatusConditions { + /// lastTransitionTime is the time of the last update to the current status object. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransitionTime")] + pub last_transition_time: Option, + /// message provides additional information about the current condition. This is only to be consumed by humans. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// reason is the reason for the condition's last transition. Reasons are PascalCase + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// status of the condition, one of True, False, Unknown. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, + /// type specifies the state of the operator's reconciliation functionality. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigpools.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigpools.rs new file mode 100644 index 000000000..818ff7c6f --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigpools.rs @@ -0,0 +1,254 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigpools.yaml --derive=Default --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; +use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + +/// MachineConfigPoolSpec is the spec for MachineConfigPool resource. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1", kind = "MachineConfigPool", plural = "machineconfigpools")] +#[kube(status = "MachineConfigPoolStatus")] +#[kube(schema = "disabled")] +pub struct MachineConfigPoolSpec { + /// The targeted MachineConfig object for the machine config pool. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub configuration: Option, + /// machineConfigSelector specifies a label selector for MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineConfigSelector")] + pub machine_config_selector: Option, + /// maxUnavailable defines either an integer number or percentage of nodes in the pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1. + /// A value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + /// nodeSelector specifies a label selector for Machines + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option, + /// paused specifies whether or not changes to this machine config pool should be stopped. This includes generating new desiredMachineConfig and update of machines. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub paused: Option, +} + +/// The targeted MachineConfig object for the machine config pool. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolConfiguration { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub source: Option>, + /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + +/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. +/// Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolConfigurationSource { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + +/// machineConfigSelector specifies a label selector for MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolMachineConfigSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolMachineConfigSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// nodeSelector specifies a label selector for Machines +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolNodeSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolNodeSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// MachineConfigPoolStatus is the status for MachineConfigPool resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolStatus { + /// certExpirys keeps track of important certificate expiration data + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certExpirys")] + pub cert_expirys: Option>, + /// conditions represents the latest available observations of current state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// configuration represents the current MachineConfig object for the machine config pool. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub configuration: Option, + /// degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). A node is marked degraded if applying a configuration failed.. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "degradedMachineCount")] + pub degraded_machine_count: Option, + /// machineCount represents the total number of machines in the machine config pool. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineCount")] + pub machine_count: Option, + /// observedGeneration represents the generation observed by the controller. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// readyMachineCount represents the total number of ready machines targeted by the pool. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyMachineCount")] + pub ready_machine_count: Option, + /// unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. A node is marked unavailable if it is in updating state or NodeReady condition is false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "unavailableMachineCount")] + pub unavailable_machine_count: Option, + /// updatedMachineCount represents the total number of machines targeted by the pool that have the CurrentMachineConfig as their config. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatedMachineCount")] + pub updated_machine_count: Option, +} + +/// ceryExpiry contains the bundle name and the expiry date +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolStatusCertExpirys { + /// bundle is the name of the bundle in which the subject certificate resides + pub bundle: String, + /// expiry is the date after which the certificate will no longer be valid + pub expiry: String, + /// subject is the subject of the certificate + pub subject: String, +} + +/// MachineConfigPoolCondition contains condition information for an MachineConfigPool. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolStatusConditions { + /// lastTransitionTime is the timestamp corresponding to the last status change of this condition. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransitionTime")] + pub last_transition_time: Option, + /// message is a human readable description of the details of the last transition, complementing reason. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// reason is a brief machine readable explanation for the condition's last transition. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// status of the condition, one of ('True', 'False', 'Unknown'). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, + /// type of the condition, currently ('Done', 'Updating', 'Failed'). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// configuration represents the current MachineConfig object for the machine config pool. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolStatusConfiguration { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// source is the list of MachineConfig objects that were used to generate the single MachineConfig object specified in `content`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub source: Option>, + /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + +/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. +/// Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineConfigPoolStatusConfigurationSource { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigs.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigs.rs new file mode 100644 index 000000000..84daa54d2 --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/machineconfigs.rs @@ -0,0 +1,36 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/machineconfigs.yaml --derive=Default --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; + +/// MachineConfigSpec is the spec for MachineConfig +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1", kind = "MachineConfig", plural = "machineconfigs")] +#[kube(schema = "disabled")] +pub struct MachineConfigSpec { + /// BaseOSExtensionsContainerImage specifies the remote location that will be used to fetch the extensions container matching a new-format OS image + #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseOSExtensionsContainerImage")] + pub base_os_extensions_container_image: Option, + /// Config is a Ignition Config object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub config: Option>, + /// extensions contains a list of additional features that can be enabled on host + #[serde(default, skip_serializing_if = "Option::is_none")] + pub extensions: Option>, + /// fips controls FIPS mode + #[serde(default, skip_serializing_if = "Option::is_none")] + pub fips: Option, + /// kernelArguments contains a list of kernel arguments to be added + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kernelArguments")] + pub kernel_arguments: Option>, + /// kernelType contains which kernel we want to be running like default (traditional), realtime, 64k-pages (aarch64 only). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kernelType")] + pub kernel_type: Option, + /// OSImageURL specifies the remote location that will be used to fetch the OS. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osImageURL")] + pub os_image_url: Option, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/mod.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/mod.rs new file mode 100644 index 000000000..2c272c789 --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1/mod.rs @@ -0,0 +1,5 @@ +pub mod containerruntimeconfigs; +pub mod controllerconfigs; +pub mod kubeletconfigs; +pub mod machineconfigpools; +pub mod machineconfigs; diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/machineconfignodes.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/machineconfignodes.rs new file mode 100644 index 000000000..5a58191a7 --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/machineconfignodes.rs @@ -0,0 +1,99 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml --derive=PartialEq +// kopium version: 0.16.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; + +/// spec describes the configuration of the machine config node. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] +#[kube(group = "machineconfiguration.openshift.io", version = "v1alpha1", kind = "MachineConfigNode", plural = "machineconfignodes")] +#[kube(status = "MachineConfigNodeStatus")] +#[kube(schema = "disabled")] +pub struct MachineConfigNodeSpec { + /// configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to. This gets set before the machine config operator validates the new machine config against the current machine config. + #[serde(rename = "configVersion")] + pub config_version: MachineConfigNodeConfigVersion, + /// node contains a reference to the node for this machine config node. + pub node: MachineConfigNodeNode, + /// pool contains a reference to the machine config pool that this machine config node's referenced node belongs to. + pub pool: MachineConfigNodePool, +} + +/// configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to. This gets set before the machine config operator validates the new machine config against the current machine config. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodeConfigVersion { + /// desired is the name of the machine config that the the node should be upgraded to. This value is set when the machine config pool generates a new version of its rendered configuration. When this value is changed, the machine config daemon starts the node upgrade process. This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + pub desired: String, +} + +/// node contains a reference to the node for this machine config node. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodeNode { + /// name is the object name. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + pub name: String, +} + +/// pool contains a reference to the machine config pool that this machine config node's referenced node belongs to. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodePool { + /// name is the object name. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + pub name: String, +} + +/// status describes the last observed state of this machine config node. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodeStatus { + /// conditions represent the observations of a machine config node's current state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// configVersion describes the current and desired machine config for this node. The current version represents the current machine config for the node and is updated after a successful update. The desired version represents the machine config the node will attempt to update to. This desired machine config has been compared to the current machine config and has been validated by the machine config operator as one that is valid and that exists. + #[serde(rename = "configVersion")] + pub config_version: MachineConfigNodeStatusConfigVersion, + /// observedGeneration represents the generation observed by the controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + +/// Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, +/// type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` +/// // other fields } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodeStatusConditions { + /// lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + #[serde(rename = "lastTransitionTime")] + pub last_transition_time: String, + /// message is a human readable message indicating details about the transition. This may be an empty string. + pub message: String, + /// observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + pub reason: String, + /// status of the condition, one of True, False, Unknown. + pub status: MachineConfigNodeStatusConditionsStatus, + /// type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + #[serde(rename = "type")] + pub r#type: String, +} + +/// Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, +/// type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` +/// // other fields } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum MachineConfigNodeStatusConditionsStatus { + True, + False, + Unknown, +} + +/// configVersion describes the current and desired machine config for this node. The current version represents the current machine config for the node and is updated after a successful update. The desired version represents the machine config the node will attempt to update to. This desired machine config has been compared to the current machine config and has been validated by the machine config operator as one that is valid and that exists. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MachineConfigNodeStatusConfigVersion { + /// current is the name of the machine config currently in use on the node. This value is updated once the machine config daemon has completed the update of the configuration for the node. This value should match the desired version unless an upgrade is in progress. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub current: Option, + /// desired is the MachineConfig the node wants to upgrade to. This value gets set in the machine config node status once the machine config has been validated against the current machine config. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) It may consist of only alphanumeric characters, hyphens (-) and periods (.) and must be at most 253 characters in length. + pub desired: String, +} + diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/mod.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/mod.rs new file mode 100644 index 000000000..c22c04763 --- /dev/null +++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io_v1alpha1/mod.rs @@ -0,0 +1 @@ +pub mod machineconfignodes;