From 0481a472785ddc58bf253c9ce0577b8569a3f1bc Mon Sep 17 00:00:00 2001 From: Mihaela Balutoiu Date: Tue, 7 Mar 2023 11:37:24 +0200 Subject: [PATCH] add config files for capi --- config-releases/cluster-template.yaml | 129 ++ .../infrastructure-components.yaml | 1156 +++++++++++++++++ config-releases/metadata.yaml | 16 + 3 files changed, 1301 insertions(+) create mode 100644 config-releases/cluster-template.yaml create mode 100644 config-releases/infrastructure-components.yaml create mode 100644 config-releases/metadata.yaml diff --git a/config-releases/cluster-template.yaml b/config-releases/cluster-template.yaml new file mode 100644 index 0000000..b29dcf6 --- /dev/null +++ b/config-releases/cluster-template.yaml @@ -0,0 +1,129 @@ +kind: KubeadmControlPlane +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +metadata: + name: "${CLUSTER_NAME}-control-plane" +spec: + version: ${KUBERNETES_VERSION} + replicas: ${CONTROL_PLANE_MACHINE_COUNT} + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: TinkerbellMachineTemplate + name: ${CLUSTER_NAME}-control-plane + kubeadmConfigSpec: + preKubeadmCommands: + - mkdir -p /etc/kubernetes/manifests && ctr images pull ghcr.io/kube-vip/kube-vip:v0.3.8 && ctr run --rm --net-host ghcr.io/kube-vip/kube-vip:v0.3.8 vip /kube-vip manifest pod --arp --interface $(ip -4 -j route list default | jq -r .[0].dev) --address ${CONTROL_PLANE_VIP} --controlplane --leaderElection > /etc/kubernetes/manifests/kube-vip.yaml + # initConfiguration and joinConfiguration must be in sync to have the same features + # for both cluster bootstrapping and new controller nodes joining. + # + # This is not super important at the moment, as Tinkerbell provider only supports + # single controller node. + initConfiguration: + nodeRegistration: + kubeletExtraArgs: + # This field is replaced by controller when rendering cloud-init config + # until we have Tinkerbell CCM. + provider-id: "PROVIDER_ID" + # This key is required by 'kubeadm init'. + clusterConfiguration: {} + joinConfiguration: + nodeRegistration: + ignorePreflightErrors: + - DirAvailable--etc-kubernetes-manifests + kubeletExtraArgs: + # This field is replaced by controller when rendering cloud-init config + # until we have Tinkerbell CCM. + provider-id: "PROVIDER_ID" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: TinkerbellMachineTemplate +metadata: + name: "${CLUSTER_NAME}-control-plane" +spec: + template: + spec: {} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: "${CLUSTER_NAME}" +spec: + controlPlaneEndpoint: + host: "${CONTROL_PLANE_VIP}" + port: 6443 + clusterNetwork: + pods: + cidrBlocks: + - ${POD_CIDR:=192.168.0.0/16} + services: + cidrBlocks: + - ${SERVICE_CIDR:=172.26.0.0/16} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: TinkerbellCluster + name: "${CLUSTER_NAME}" + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlane + name: "${CLUSTER_NAME}-control-plane" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: TinkerbellCluster +metadata: + name: "${CLUSTER_NAME}" +spec: + imageLookupBaseRegistry: ${BASE_REGISTRY_URL:=""} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: ${CLUSTER_NAME}-worker-a + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + pool: worker-a +spec: + replicas: ${WORKER_MACHINE_COUNT} + clusterName: ${CLUSTER_NAME} + selector: + matchLabels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + pool: worker-a + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + pool: worker-a + spec: + version: ${KUBERNETES_VERSION} + clusterName: ${CLUSTER_NAME} + bootstrap: + configRef: + name: ${CLUSTER_NAME}-worker-a + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + infrastructureRef: + name: ${CLUSTER_NAME}-worker-a + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: TinkerbellMachineTemplate +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: TinkerbellMachineTemplate +metadata: + name: ${CLUSTER_NAME}-worker-a +spec: + template: + spec: {} +--- +kind: KubeadmConfigTemplate +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +metadata: + name: "${CLUSTER_NAME}-worker-a" +spec: + template: + spec: + joinConfiguration: + nodeRegistration: + kubeletExtraArgs: + # This field is replaced by controller when rendering cloud-init config + # until we have Tinkerbell CCM. + provider-id: "PROVIDER_ID" diff --git a/config-releases/infrastructure-components.yaml b/config-releases/infrastructure-components.yaml new file mode 100644 index 0000000..7eaf2ef --- /dev/null +++ b/config-releases/infrastructure-components.yaml @@ -0,0 +1,1156 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + control-plane: controller-manager + name: capt-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capt-system/capt-serving-cert + controller-gen.kubebuilder.io/version: v0.8.0 + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + cluster.x-k8s.io/v1beta1: v1beta1 + name: tinkerbellclusters.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: webhook-service + namespace: capt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TinkerbellCluster + listKind: TinkerbellClusterList + plural: tinkerbellclusters + singular: tinkerbellcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster to which this TinkerbellCluster belongs + jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name + name: Cluster + type: string + - description: TinkerbellCluster ready status + jsonPath: .status.ready + name: Ready + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: TinkerbellCluster is the Schema for the tinkerbellclusters API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TinkerbellClusterSpec defines the desired state of TinkerbellCluster. + properties: + controlPlaneEndpoint: + description: "ControlPlaneEndpoint is a required field by ClusterAPI + v1beta1. \n See https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html + for more details." + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + imageLookupBaseRegistry: + default: tinkerbell.azurecr.io/cluster-api-provider-tinkerbell + description: ImageLookupBaseRegistry is the base Registry URL that + is used for pulling images, if not set, the default will be to use + ghcr.io/tinkerbell/cluster-api-provider-tinkerbell. + type: string + imageLookupFormat: + description: 'ImageLookupFormat is the URL naming format to use for + machine images when a machine does not specify. When set, this will + be used for all cluster machines unless a machine specifies a different + ImageLookupFormat. Supports substitutions for {{.BaseRegistry}}, + {{.OSDistro}}, {{.OSVersion}} and {{.KubernetesVersion}} with the + basse URL, OS distribution, OS version, and kubernetes version, + respectively. BaseRegistry will be the value in ImageLookupBaseRegistry + or ghcr.io/tinkerbell/cluster-api-provider-tinkerbell (the default), + OSDistro will be the value in ImageLookupOSDistro or ubuntu (the + default), OSVersion will be the value in ImageLookupOSVersion or + default based on the OSDistro (if known), and the kubernetes version + as defined by the packages produced by kubernetes/release: v1.13.0, + v1.12.5-mybuild.1, or v1.17.3. For example, the default image format + of {{.BaseRegistry}}/{{.OSDistro}}-{{.OSVersion}}:{{.KubernetesVersion}}.gz + will attempt to pull the image from that location. See also: https://golang.org/pkg/text/template/' + type: string + imageLookupOSDistro: + default: ubuntu + description: ImageLookupOSDistro is the name of the OS distro to use + when fetching machine images, if not set it will default to ubuntu. + type: string + imageLookupOSVersion: + description: ImageLookupOSVersion is the version of the OS distribution + to use when fetching machine images. If not set it will default + based on ImageLookupOSDistro. + type: string + type: object + status: + description: TinkerbellClusterStatus defines the observed state of TinkerbellCluster. + properties: + ready: + description: Ready denotes that the cluster (infrastructure) is ready. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capt-system/capt-serving-cert + controller-gen.kubebuilder.io/version: v0.8.0 + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + cluster.x-k8s.io/v1beta1: v1beta1 + name: tinkerbellmachines.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: webhook-service + namespace: capt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TinkerbellMachine + listKind: TinkerbellMachineList + plural: tinkerbellmachines + singular: tinkerbellmachine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster to which this TinkerbellMachine belongs + jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name + name: Cluster + type: string + - description: Tinkerbell instance state + jsonPath: .status.instanceState + name: State + type: string + - description: Machine ready status + jsonPath: .status.ready + name: Ready + type: string + - description: Tinkerbell instance ID + jsonPath: .spec.providerID + name: InstanceID + type: string + - description: Machine object which owns with this TinkerbellMachine + jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name + name: Machine + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: TinkerbellMachine is the Schema for the tinkerbellmachines API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TinkerbellMachineSpec defines the desired state of TinkerbellMachine. + properties: + hardwareAffinity: + description: HardwareAffinity allows filtering for hardware. + properties: + preferred: + description: Preferred are the preferred hardware affinity terms. + Hardware matching these terms are preferred according to the + weights provided, but are not required. + items: + description: WeightedHardwareAffinityTerm is a HardwareAffinityTerm + with an associated weight. The weights of all the matched + WeightedHardwareAffinityTerm fields are added per-hardware + to find the most preferred hardware. + properties: + hardwareAffinityTerm: + description: HardwareAffinityTerm is the term associated + with the corresponding weight. + properties: + labelSelector: + description: LabelSelector is used to select for particular + hardware by label. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + required: + - labelSelector + type: object + weight: + description: Weight associated with matching the corresponding + hardwareAffinityTerm, in the range 1-100. + format: int32 + maximum: 100 + minimum: 1 + type: integer + required: + - hardwareAffinityTerm + - weight + type: object + type: array + required: + description: Required are the required hardware affinity terms. The + terms are OR'd together, hardware must match one term to be + considered. + items: + description: HardwareAffinityTerm is used to select for a particular + existing hardware resource. + properties: + labelSelector: + description: LabelSelector is used to select for particular + hardware by label. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + required: + - labelSelector + type: object + type: array + type: object + hardwareName: + description: Those fields are set programmatically, but they cannot + be re-constructed from "state of the world", so we put them in spec + instead of status. + type: string + imageLookupBaseRegistry: + default: tinkerbell.azurecr.io/cluster-api-provider-tinkerbell + description: ImageLookupBaseRegistry is the base Registry URL that + is used for pulling images, if not set, the default will be to use + ghcr.io/tinkerbell/cluster-api-provider-tinkerbell. + type: string + imageLookupFormat: + description: 'ImageLookupFormat is the URL naming format to use for + machine images when a machine does not specify. When set, this will + be used for all cluster machines unless a machine specifies a different + ImageLookupFormat. Supports substitutions for {{.BaseRegistry}}, + {{.OSDistro}}, {{.OSVersion}} and {{.KubernetesVersion}} with the + basse URL, OS distribution, OS version, and kubernetes version, + respectively. BaseRegistry will be the value in ImageLookupBaseRegistry + or ghcr.io/tinkerbell/cluster-api-provider-tinkerbell (the default), + OSDistro will be the value in ImageLookupOSDistro or ubuntu (the + default), OSVersion will be the value in ImageLookupOSVersion or + default based on the OSDistro (if known), and the kubernetes version + as defined by the packages produced by kubernetes/release: v1.13.0, + v1.12.5-mybuild.1, or v1.17.3. For example, the default image format + of {{.BaseRegistry}}/{{.OSDistro}}-{{.OSVersion}}:{{.KubernetesVersion}}.gz + will attempt to pull the image from that location. See also: https://golang.org/pkg/text/template/' + type: string + imageLookupOSDistro: + description: ImageLookupOSDistro is the name of the OS distro to use + when fetching machine images, if not set it will default to ubuntu. + type: string + imageLookupOSVersion: + description: ImageLookupOSVersion is the version of the OS distribution + to use when fetching machine images. If not set it will default + based on ImageLookupOSDistro. + type: string + providerID: + type: string + templateOverride: + description: 'TemplateOverride overrides the default Tinkerbell template + used by CAPT. You can learn more about Tinkerbell templates here: + https://docs.tinkerbell.org/templates/' + type: string + type: object + status: + description: TinkerbellMachineStatus defines the observed state of TinkerbellMachine. + properties: + addresses: + description: Addresses contains the Tinkerbell device associated addresses. + items: + description: NodeAddress contains information for the node's address. + properties: + address: + description: The node address. + type: string + type: + description: Node address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + errorMessage: + description: "ErrorMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." + type: string + errorReason: + description: Any transient errors that occur during the reconciliation + of Machines can be added as events to the Machine object and/or + logged in the controller's output. + type: string + instanceStatus: + description: InstanceStatus is the status of the Tinkerbell device + instance for this machine. + type: integer + ready: + description: Ready is true when the provider resource is ready. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capt-system/capt-serving-cert + controller-gen.kubebuilder.io/version: v0.8.0 + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + cluster.x-k8s.io/v1beta1: v1beta1 + name: tinkerbellmachinetemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: webhook-service + namespace: capt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TinkerbellMachineTemplate + listKind: TinkerbellMachineTemplateList + plural: tinkerbellmachinetemplates + singular: tinkerbellmachinetemplate + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: TinkerbellMachineTemplate is the Schema for the tinkerbellmachinetemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TinkerbellMachineTemplateSpec defines the desired state of + TinkerbellMachineTemplate. + properties: + template: + description: TinkerbellMachineTemplateResource describes the data + needed to create am TinkerbellMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the machine. + properties: + hardwareAffinity: + description: HardwareAffinity allows filtering for hardware. + properties: + preferred: + description: Preferred are the preferred hardware affinity + terms. Hardware matching these terms are preferred according + to the weights provided, but are not required. + items: + description: WeightedHardwareAffinityTerm is a HardwareAffinityTerm + with an associated weight. The weights of all the + matched WeightedHardwareAffinityTerm fields are added + per-hardware to find the most preferred hardware. + properties: + hardwareAffinityTerm: + description: HardwareAffinityTerm is the term associated + with the corresponding weight. + properties: + labelSelector: + description: LabelSelector is used to select + for particular hardware by label. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + required: + - labelSelector + type: object + weight: + description: Weight associated with matching the + corresponding hardwareAffinityTerm, in the range + 1-100. + format: int32 + maximum: 100 + minimum: 1 + type: integer + required: + - hardwareAffinityTerm + - weight + type: object + type: array + required: + description: Required are the required hardware affinity + terms. The terms are OR'd together, hardware must match + one term to be considered. + items: + description: HardwareAffinityTerm is used to select + for a particular existing hardware resource. + properties: + labelSelector: + description: LabelSelector is used to select for + particular hardware by label. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + required: + - labelSelector + type: object + type: array + type: object + hardwareName: + description: Those fields are set programmatically, but they + cannot be re-constructed from "state of the world", so we + put them in spec instead of status. + type: string + imageLookupBaseRegistry: + default: tinkerbell.azurecr.io/cluster-api-provider-tinkerbell + description: ImageLookupBaseRegistry is the base Registry + URL that is used for pulling images, if not set, the default + will be to use ghcr.io/tinkerbell/cluster-api-provider-tinkerbell. + type: string + imageLookupFormat: + description: 'ImageLookupFormat is the URL naming format to + use for machine images when a machine does not specify. + When set, this will be used for all cluster machines unless + a machine specifies a different ImageLookupFormat. Supports + substitutions for {{.BaseRegistry}}, {{.OSDistro}}, {{.OSVersion}} + and {{.KubernetesVersion}} with the basse URL, OS distribution, + OS version, and kubernetes version, respectively. BaseRegistry + will be the value in ImageLookupBaseRegistry or ghcr.io/tinkerbell/cluster-api-provider-tinkerbell + (the default), OSDistro will be the value in ImageLookupOSDistro + or ubuntu (the default), OSVersion will be the value in + ImageLookupOSVersion or default based on the OSDistro (if + known), and the kubernetes version as defined by the packages + produced by kubernetes/release: v1.13.0, v1.12.5-mybuild.1, + or v1.17.3. For example, the default image format of {{.BaseRegistry}}/{{.OSDistro}}-{{.OSVersion}}:{{.KubernetesVersion}}.gz + will attempt to pull the image from that location. See also: + https://golang.org/pkg/text/template/' + type: string + imageLookupOSDistro: + description: ImageLookupOSDistro is the name of the OS distro + to use when fetching machine images, if not set it will + default to ubuntu. + type: string + imageLookupOSVersion: + description: ImageLookupOSVersion is the version of the OS + distribution to use when fetching machine images. If not + set it will default based on ImageLookupOSDistro. + type: string + providerID: + type: string + templateOverride: + description: 'TemplateOverride overrides the default Tinkerbell + template used by CAPT. You can learn more about Tinkerbell + templates here: https://docs.tinkerbell.org/templates/' + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + control-plane: controller-manager + name: capt-controller-manager + namespace: capt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-leader-election-role + namespace: capt-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-manager-role +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - bmc.tinkerbell.org + resources: + - jobs + verbs: + - create + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - get + - list + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - tinkerbellclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - tinkerbellclusters/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - tinkerbellmachines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - tinkerbellmachines/status + verbs: + - get + - patch + - update +- apiGroups: + - tinkerbell.org + resources: + - hardware + - hardware/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - tinkerbell.org + resources: + - templates + - templates/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - tinkerbell.org + resources: + - workflows + - workflows/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-leader-election-rolebinding + namespace: capt-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: capt-leader-election-role +subjects: +- kind: ServiceAccount + name: capt-controller-manager + namespace: capt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: capt-manager-role +subjects: +- kind: ServiceAccount + name: capt-controller-manager + namespace: capt-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-webhook-service + namespace: capt-system +spec: + ports: + - port: 443 + targetPort: webhook-server + selector: + cluster.x-k8s.io/provider: infrastructure-tinkerbell +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + control-plane: controller-manager + name: capt-controller-manager + namespace: capt-system +spec: + replicas: 1 + selector: + matchLabels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + control-plane: controller-manager + template: + metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: TINKERBELL_IP + value: ${TINKERBELL_IP} + image: tinkerbell.azurecr.io/cluster-api-provider-tinkerbell:v0.4.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 100m + memory: 20Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + serviceAccountName: capt-controller-manager + terminationGracePeriodSeconds: 10 + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: capt-webhook-service-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-serving-cert + namespace: capt-system +spec: + dnsNames: + - capt-webhook-service.capt-system.svc + - capt-webhook-service.capt-system.svc.cluster.local + issuerRef: + kind: Issuer + name: capt-selfsigned-issuer + secretName: capt-webhook-service-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-selfsigned-issuer + namespace: capt-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: capt-system/capt-serving-cert + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capt-webhook-service + namespace: capt-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-tinkerbellcluster + failurePolicy: Fail + matchPolicy: Equivalent + name: default.tinkerbellcluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - tinkerbellclusters + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: capt-system/capt-serving-cert + labels: + cluster.x-k8s.io/provider: infrastructure-tinkerbell + name: capt-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capt-webhook-service + namespace: capt-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-tinkerbellcluster + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.tinkerbellcluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - tinkerbellclusters + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capt-webhook-service + namespace: capt-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-tinkerbellmachine + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.tinkerbellmachine.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - tinkerbellmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capt-webhook-service + namespace: capt-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-tinkerbellmachinetemplate + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.tinkerbellmachinetemplate.infrastructure.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - tinkerbellmachinetemplates + sideEffects: None diff --git a/config-releases/metadata.yaml b/config-releases/metadata.yaml new file mode 100644 index 0000000..b4cd57a --- /dev/null +++ b/config-releases/metadata.yaml @@ -0,0 +1,16 @@ +# maps release series of major.minor to cluster-api contract version +# the contract version may change between minor or major versions, but *not* +# between patch versions. +# +# update this file only when a new major or minor version is released +apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 +releaseSeries: + - major: 0 + minor: 4 + contract: v1beta1 + - major: 0 + minor: 3 + contract: v1beta1 + - major: 0 + minor: 1 + contract: v1beta1