--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 creationTimestamp: null name: instancegroups.kops.k8s.io spec: group: kops.k8s.io names: kind: InstanceGroup listKind: InstanceGroupList plural: instancegroups shortNames: - ig singular: instancegroup scope: Namespaced versions: - additionalPrinterColumns: - description: Role jsonPath: .spec.role name: role type: string - description: Machine Type jsonPath: .spec.machineType name: machineType type: string - description: Min jsonPath: .spec.minSize name: min type: integer - description: Max jsonPath: .spec.maxSize name: max type: integer - description: Zones jsonPath: .spec.zones name: zones type: string name: v1alpha2 schema: openAPIV3Schema: description: InstanceGroup represents a group of instances (either nodes or masters) with the same configuration properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: InstanceGroupSpec is the specification for an InstanceGroup properties: additionalSecurityGroups: description: AdditionalSecurityGroups attaches additional security groups (e.g. i-123456) items: type: string type: array additionalUserData: description: AdditionalUserData is any additional user-data to be passed to the host items: description: UserData defines a user-data section properties: content: description: Content is the user-data content type: string name: description: Name is the name of the user-data type: string type: description: Type is the type of user-data type: string type: object type: array associatePublicIp: description: AssociatePublicIP is true if we want instances to have a public IP type: boolean autoscale: description: Autoscale determines if autoscaling will be enabled for this instance group if cluster autoscaler is enabled type: boolean cloudLabels: additionalProperties: type: string description: CloudLabels defines additional tags or labels on cloud provider resources type: object compressUserData: description: CompressUserData compresses parts of the user data to save space type: boolean containerd: description: Containerd specifies override configuration for instance group properties: address: description: Address of containerd's GRPC server (default "/run/containerd/containerd.sock"). type: string configOverride: description: ConfigOverride is the complete containerd config file provided by the user. type: string logLevel: description: LogLevel controls the logging details [trace, debug, info, warn, error, fatal, panic] (default "info"). type: string nvidiaGPU: description: NvidiaGPU configures the Nvidia GPU runtime. properties: dcgmExporter: description: DCGMExporterConfig configures the DCGM exporter properties: enabled: description: Enabled determines if kOps will install the DCGM exporter type: boolean type: object enabled: description: Enabled determines if kOps will install the Nvidia GPU runtime and drivers. They will only be installed on intances that has an Nvidia GPU. type: boolean package: description: Package is the name of the nvidia driver package that will be installed. Default is "nvidia-headless-460-server". type: string type: object packages: description: Packages overrides the URL and hash for the packages. properties: hashAmd64: description: HashAmd64 overrides the hash for the AMD64 package. type: string hashArm64: description: HashArm64 overrides the hash for the ARM64 package. type: string urlAmd64: description: UrlAmd64 overrides the URL for the AMD64 package. type: string urlArm64: description: UrlArm64 overrides the URL for the ARM64 package. type: string type: object registryMirrors: additionalProperties: items: type: string type: array description: RegistryMirrors is list of image registries type: object root: description: Root directory for persistent data (default "/var/lib/containerd"). type: string runc: description: Runc configures the runc runtime. properties: packages: description: Packages overrides the URL and hash for the packages. properties: hashAmd64: description: HashAmd64 overrides the hash for the AMD64 package. type: string hashArm64: description: HashArm64 overrides the hash for the ARM64 package. type: string urlAmd64: description: UrlAmd64 overrides the URL for the AMD64 package. type: string urlArm64: description: UrlArm64 overrides the URL for the ARM64 package. type: string type: object version: description: Version used to pick the runc package. type: string type: object skipInstall: description: SkipInstall prevents kOps from installing and modifying containerd in any way (default "false"). type: boolean state: description: State directory for execution state files (default "/run/containerd"). type: string version: description: Version used to pick the containerd package. type: string type: object cpuCredits: description: CPUCredits is the credit option for CPU Usage on burstable instance types (AWS only) type: string detailedInstanceMonitoring: description: DetailedInstanceMonitoring defines if detailed-monitoring is enabled (AWS only) type: boolean externalLoadBalancers: description: ExternalLoadBalancers define loadbalancers that should be attached to this instance group items: description: LoadBalancer defines a load balancer properties: loadBalancerName: description: LoadBalancerName to associate with this instance group (AWS ELB) type: string targetGroupArn: description: TargetGroupARN to associate with this instance group (AWS ALB/NLB) type: string type: object type: array fileAssets: description: FileAssets is a collection of file assets for this instance group items: description: FileAssetSpec defines the structure for a file asset properties: content: description: Content is the contents of the file type: string isBase64: description: IsBase64 indicates the contents is base64 encoded type: boolean mode: description: Mode is this file's mode and permission bits type: string name: description: Name is a shortened reference to the asset type: string path: description: Path is the location this file should reside type: string roles: description: Roles is a list of roles the file asset should be applied, defaults to all items: description: InstanceGroupRole string describes the roles of the nodes in this InstanceGroup (master or nodes) type: string type: array type: object type: array gcpProvisioningModel: description: 'GCPProvisioningModel: Specifies the provisioning model of the GCP instance. Valid values: ''STANDARD'': (default) standard provisioning with user controlled run time, no discounts ''SPOT'': heavily discounted, no guaranteed run time.' type: string guestAccelerators: description: GuestAccelerators configures additional accelerators items: description: AcceleratorConfig defines an accelerator config properties: acceleratorCount: format: int64 type: integer acceleratorType: type: string type: object type: array hooks: description: 'Hooks is a list of hooks for this instanceGroup, note: these can override the cluster wide ones if required' items: description: HookSpec is a definition hook properties: before: description: Before is a series of systemd units which this hook must run before items: type: string type: array disabled: description: Disabled indicates if you want the unit switched off type: boolean execContainer: description: ExecContainer is the image itself properties: command: description: Command is the command supplied to the above image items: type: string type: array environment: additionalProperties: type: string description: Environment is a map of environment variables added to the hook type: object image: description: Image is the docker image type: string type: object manifest: description: Manifest is a raw systemd unit file type: string name: description: Name is an optional name for the hook, otherwise the name is kops-hook- type: string requires: description: Requires is a series of systemd units the action requires items: type: string type: array roles: description: Roles is an optional list of roles the hook should be rolled out to, defaults to all items: description: InstanceGroupRole string describes the roles of the nodes in this InstanceGroup (master or nodes) type: string type: array useRawManifest: description: UseRawManifest indicates that the contents of Manifest should be used as the contents of the systemd unit, unmodified. Before and Requires are ignored when used together with this value (and validation shouldn't allow them to be set) type: boolean type: object type: array iam: description: IAMProfileSpec defines the identity of the cloud group IAM profile (AWS only). properties: profile: description: Profile of the cloud group IAM profile. In aws this is the arn for the iam instance profile type: string type: object image: description: Image is the instance (ami etc) we should use type: string instanceInterruptionBehavior: description: InstanceInterruptionBehavior defines if a spot instance should be terminated, hibernated, or stopped after interruption type: string instanceMetadata: description: InstanceMetadata defines the EC2 instance metadata service options (AWS Only) properties: httpPutResponseHopLimit: description: HTTPPutResponseHopLimit is the desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. The default value is 1. format: int64 type: integer httpTokens: description: HTTPTokens is the state of token usage for the instance metadata requests. If the parameter is not specified in the request, the default state is "required". type: string type: object instanceProtection: description: InstanceProtection makes new instances in an autoscaling group protected from scale in type: boolean kubelet: description: Kubelet overrides kubelet config from the ClusterSpec properties: allowPrivileged: description: AllowPrivileged enables containers to request privileged mode (defaults to false) type: boolean allowedUnsafeSysctls: description: AllowedUnsafeSysctls are passed to the kubelet config to whitelist allowable sysctls items: type: string type: array anonymousAuth: description: AnonymousAuth permits you to control auth to the kubelet api type: boolean apiServers: description: APIServers is not used for clusters version 1.6 and later - flag removed type: string authenticationTokenWebhook: description: AuthenticationTokenWebhook uses the TokenReview API to determine authentication for bearer tokens. type: boolean authenticationTokenWebhookCacheTtl: description: AuthenticationTokenWebhook sets the duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s) type: string authorizationMode: description: AuthorizationMode is the authorization mode the kubelet is running in type: string babysitDaemons: description: The node has babysitter process monitoring docker and kubelet. Removed as of 1.7 type: boolean bootstrapKubeconfig: description: BootstrapKubeconfig is the path to a kubeconfig file that will be used to get client certificate for kubelet type: string cgroupDriver: description: CgroupDriver allows the explicit setting of the kubelet cgroup driver. If omitted, defaults to cgroupfs. type: string cgroupRoot: description: cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis. type: string clientCaFile: description: ClientCAFile is the path to a CA certificate type: string cloudProvider: description: CloudProvider is the provider for cloud services. type: string clusterDNS: description: ClusterDNS is the IP address for a cluster DNS server type: string clusterDomain: description: ClusterDomain is the DNS domain for this cluster type: string configureCbr0: description: configureCBR0 enables the kubelet to configure cbr0 based on Node.Spec.PodCIDR. type: boolean containerLogMaxFiles: description: ContainerLogMaxFiles is the maximum number of container log files that can be present for a container. The number must be >= 2. format: int32 type: integer containerLogMaxSize: description: ContainerLogMaxSize is the maximum size (e.g. 10Mi) of container log file before it is rotated. type: string cpuCFSQuota: description: CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits type: boolean cpuCFSQuotaPeriod: description: CPUCFSQuotaPeriod sets CPU CFS quota period value, cpu.cfs_period_us, defaults to Linux Kernel default type: string cpuManagerPolicy: description: CpuManagerPolicy allows for changing the default policy of None to static type: string dockerDisableSharedPID: description: DockerDisableSharedPID uses a shared PID namespace for containers in a pod. type: boolean enableCadvisorJsonEndpoints: description: EnableCadvisorJsonEndpoints enables cAdvisor json `/spec` and `/stats/*` endpoints. Defaults to False. type: boolean enableCustomMetrics: description: Enable gathering custom metrics. type: boolean enableDebuggingHandlers: description: EnableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands type: boolean enforceNodeAllocatable: description: Enforce Allocatable across pods whenever the overall usage across all pods exceeds Allocatable. type: string eventBurst: description: EventBurst temporarily allows event records to burst to this number, while still not exceeding EventQPS. Only used if EventQPS > 0. format: int32 type: integer eventQPS: description: EventQPS if > 0, limit event creations per second to this value. If 0, unlimited. format: int32 type: integer evictionHard: description: Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'. type: string evictionMaxPodGracePeriod: description: Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. format: int32 type: integer evictionMinimumReclaim: description: Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure. type: string evictionPressureTransitionPeriod: description: Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. type: string evictionSoft: description: Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'. type: string evictionSoftGracePeriod: description: Comma-delimited list of grace periods for each soft eviction signal. For example, 'memory.available=30s'. type: string experimentalAllowedUnsafeSysctls: description: ExperimentalAllowedUnsafeSysctls are passed to the kubelet config to whitelist allowable sysctls Was promoted to beta and renamed. https://github.com/kubernetes/kubernetes/pull/63717 items: type: string type: array failSwapOn: description: Tells the Kubelet to fail to start if swap is enabled on the node. type: boolean featureGates: additionalProperties: type: string description: FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features. type: object hairpinMode: description: 'How should the kubelet configure the container bridge for hairpin packets. Setting this flag allows endpoints in a Service to loadbalance back to themselves if they should try to access their own Service. Values: "promiscuous-bridge": make the container bridge promiscuous. "hairpin-veth": set the hairpin flag on container veth interfaces. "none": do nothing. Setting --configure-cbr0 to false implies that to achieve hairpin NAT one must set --hairpin-mode=veth-flag, because bridge assumes the existence of a container bridge named cbr0.' type: string hostnameOverride: description: HostnameOverride is the hostname used to identify the kubelet instead of the actual hostname. type: string housekeepingInterval: description: HousekeepingInterval allows to specify interval between container housekeepings. type: string imageGCHighThresholdPercent: description: ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. format: int32 type: integer imageGCLowThresholdPercent: description: ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. format: int32 type: integer imagePullProgressDeadline: description: ImagePullProgressDeadline is the timeout for image pulls If no pulling progress is made before this deadline, the image pulling will be cancelled. (default 1m0s) type: string kernelMemcgNotification: description: Integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling. type: boolean kubeReserved: additionalProperties: type: string description: Resource reservation for kubernetes system daemons like the kubelet, container runtime, node problem detector, etc. type: object kubeReservedCgroup: description: Control group for kube daemons. type: string kubeconfigPath: description: KubeconfigPath is the path of kubeconfig for the kubelet type: string kubeletCgroups: description: KubeletCgroups is the absolute name of cgroups to isolate the kubelet in. type: string logFormat: description: 'LogFormat is the logging format of the kubelet. Supported values: text, json. Default: text' type: string logLevel: description: LogLevel is the logging level of the kubelet format: int32 type: integer maxPods: description: MaxPods is the number of pods that can run on this Kubelet. format: int32 type: integer networkPluginMTU: description: NetworkPluginMTU is the MTU to be passed to the network plugin, and overrides the default MTU for cases where it cannot be automatically computed (such as IPSEC). format: int32 type: integer networkPluginName: description: NetworkPluginName is the name of the network plugin to be invoked for various events in kubelet/pod lifecycle type: string nodeLabels: additionalProperties: type: string description: NodeLabels to add when registering the node in the cluster. type: object nodeStatusUpdateFrequency: description: NodeStatusUpdateFrequency Specifies how often kubelet posts node status to master (default 10s) must work with nodeMonitorGracePeriod in KubeControllerManagerConfig. type: string nonMasqueradeCIDR: description: 'NonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.' type: string nvidiaGPUs: description: NvidiaGPUs is the number of NVIDIA GPU devices on this node. format: int32 type: integer podCIDR: description: PodCIDR is the CIDR to use for pod IP addresses, only used in standalone mode. In cluster mode, this is obtained from the master. type: string podInfraContainerImage: description: PodInfraContainerImage is the image whose network/ipc containers in each pod will use. type: string podManifestPath: description: config is the path to the config file or directory of files type: string podPidsLimit: description: PodPidsLimit is the maximum number of pids in any pod. format: int64 type: integer protectKernelDefaults: description: 'Default kubelet behaviour for kernel tuning. If set, kubelet errors if any of kernel tunables is different than kubelet defaults. (DEPRECATED: This parameter should be set via the config file specified by the Kubelet''s --config flag.' type: boolean readOnlyPort: description: ReadOnlyPort is the port used by the kubelet api for read-only access (default 10255) format: int32 type: integer reconcileCIDR: description: ReconcileCIDR is Reconcile node CIDR with the CIDR specified by the API server. No-op if register-node or configure-cbr0 is false. type: boolean registerNode: description: RegisterNode enables automatic registration with the apiserver. type: boolean registerSchedulable: description: registerSchedulable tells the kubelet to register the node as schedulable. No-op if register-node is false. type: boolean registryBurst: description: RegistryBurst Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0 (default 10) format: int32 type: integer registryPullQPS: description: RegistryPullQPS if > 0, limit registry pull QPS to this value. If 0, unlimited. (default 5) format: int32 type: integer requireKubeconfig: description: RequireKubeconfig indicates a kubeconfig is required type: boolean resolvConf: description: ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration."), [] type: string rootDir: description: RootDir is the directory path for managing kubelet files (volume mounts,etc) type: string rotateCertificates: description: rotateCertificates enables client certificate rotation. type: boolean runtimeCgroups: description: Cgroups that container runtime is expected to be isolated in. type: string runtimeRequestTimeout: description: RuntimeRequestTimeout is timeout for runtime requests on - pull, logs, exec and attach type: string seccompProfileRoot: description: SeccompProfileRoot is the directory path for seccomp profiles. type: string serializeImagePulls: description: '// SerializeImagePulls when enabled, tells the Kubelet to pull images one // at a time. We recommend *not* changing the default value on nodes that // run docker daemon with version < 1.9 or an Aufs storage backend. // Issue #10959 has more details.' type: boolean shutdownGracePeriod: description: 'ShutdownGracePeriod specifies the total duration that the node should delay the shutdown by. Default: 30s' type: string shutdownGracePeriodCriticalPods: description: 'ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. Default: 10s' type: string streamingConnectionIdleTimeout: description: StreamingConnectionIdleTimeout is the maximum time a streaming connection can be idle before the connection is automatically closed type: string systemCgroups: description: SystemCgroups is absolute name of cgroups in which to place all non-kernel processes that are not already in a container. Empty for no container. Rolling back the flag requires a reboot. type: string systemReserved: additionalProperties: type: string description: Capture resource reservation for OS system daemons like sshd, udev, etc. type: object systemReservedCgroup: description: Parent control group for OS system daemons. type: string taints: description: Taints to add when registering a node in the cluster items: type: string type: array tlsCertFile: description: 'TODO: Remove unused TLSCertFile' type: string tlsCipherSuites: description: TLSCipherSuites indicates the allowed TLS cipher suite items: type: string type: array tlsMinVersion: description: TLSMinVersion indicates the minimum TLS version allowed type: string tlsPrivateKeyFile: description: 'TODO: Remove unused TLSPrivateKeyFile' type: string topologyManagerPolicy: description: TopologyManagerPolicy determines the allocation policy for the topology manager. type: string volumePluginDirectory: description: The full path of the directory in which to search for additional third party volume plugins (this path must be writeable, dependent on your choice of OS) type: string volumeStatsAggPeriod: description: VolumeStatsAggPeriod is the interval for kubelet to calculate and cache the volume disk usage for all pods and volumes type: string type: object machineType: description: MachineType is the instance class type: string manager: description: Manager determines what is managing the node lifecycle type: string maxInstanceLifetime: description: MaxInstanceLifetime to the maximum amount of time, in seconds, that an instance can be in service. Value expected must be in form of duration ("ms", "s", "m", "h") type: string maxPrice: description: MaxPrice indicates this is a spot-pricing group, with the specified value as our max-price bid type: string maxSize: description: MaxSize is the maximum size of the pool format: int32 type: integer minSize: description: MinSize is the minimum size of the pool format: int32 type: integer mixedInstancesPolicy: description: MixedInstancesPolicy defined a optional backing of an AWS ASG by a EC2 Fleet (AWS Only) properties: instanceRequirements: description: InstanceRequirements is a list of requirements for any instance type we are willing to run in the EC2 fleet. properties: cpu: properties: max: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true min: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object memory: properties: max: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true min: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object instances: description: Instances is a list of instance types which we are willing to run in the EC2 fleet items: type: string type: array onDemandAboveBase: description: OnDemandAboveBase controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond OnDemandBase. The range is 0–100. The default value is 100. If you leave this parameter set to 100, the percentages are 100% for On-Demand Instances and 0% for Spot Instances. format: int64 type: integer onDemandAllocationStrategy: description: OnDemandAllocationStrategy indicates how to allocate instance types to fulfill On-Demand capacity type: string onDemandBase: description: OnDemandBase is the minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is provisioned first as your group scales. format: int64 type: integer spotAllocationStrategy: description: SpotAllocationStrategy diversifies your Spot capacity across multiple instance types to find the best pricing. Higher Spot availability may result from a larger number of instance types to choose from. type: string spotInstancePools: description: SpotInstancePools is the number of Spot pools to use to allocate your Spot capacity (defaults to 2) pools are determined from the different instance types in the Overrides array of LaunchTemplate format: int64 type: integer type: object nodeLabels: additionalProperties: type: string description: NodeLabels indicates the kubernetes labels for nodes in this instance group type: object packages: description: Packages specifies additional packages to be installed. items: type: string type: array role: description: 'Type determines the role of instances in this instance group: masters or nodes' type: string rollingUpdate: description: RollingUpdate defines the rolling-update behavior properties: drainAndTerminate: description: DrainAndTerminate enables draining and terminating nodes during rolling updates. Defaults to true. type: boolean maxSurge: anyOf: - type: integer - type: string description: 'MaxSurge is the maximum number of extra nodes that can be created during the update. The value can be an absolute number (for example 5) or a percentage of desired machines (for example 10%). The absolute number is calculated from a percentage by rounding up. Has no effect on instance groups with role "Master". Defaults to 1 on AWS, 0 otherwise. Example: when this is set to 30%, the InstanceGroup can be scaled up immediately when the rolling update starts, such that the total number of old and new nodes do not exceed 130% of desired nodes.' x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string description: 'MaxUnavailable is the maximum number of nodes that can be unavailable during the update. The value can be an absolute number (for example 5) or a percentage of desired nodes (for example 10%). The absolute number is calculated from a percentage by rounding down. Defaults to 1 if MaxSurge is 0, otherwise defaults to 0. Example: when this is set to 30%, the InstanceGroup can be scaled down to 70% of desired nodes immediately when the rolling update starts. Once new nodes are ready, more old nodes can be drained, ensuring that the total number of nodes available at all times during the update is at least 70% of desired nodes.' x-kubernetes-int-or-string: true type: object rootVolumeDeleteOnTermination: description: RootVolumeDeleteOnTermination is unused. type: boolean rootVolumeEncryption: description: RootVolumeEncryption enables EBS root volume encryption for an instance type: boolean rootVolumeEncryptionKey: description: RootVolumeEncryptionKey provides the key identifier for root volume encryption type: string rootVolumeIops: description: RootVolumeIOPS is the provisioned IOPS when the volume type is io1, io2 or gp3 (AWS only). format: int32 type: integer rootVolumeOptimization: description: RootVolumeOptimization enables EBS optimization for an instance type: boolean rootVolumeSize: description: RootVolumeSize is the size of the EBS root volume to use, in GB format: int32 type: integer rootVolumeThroughput: description: RootVolumeThroughput is the volume throughput in MBps when the volume type is gp3 (AWS only). format: int32 type: integer rootVolumeType: description: RootVolumeType is the type of the EBS root volume to use (e.g. gp2) type: string securityGroupOverride: description: SecurityGroupOverride overrides the default security group created by Kops for this IG (AWS only). type: string spotDurationInMinutes: description: SpotDurationInMinutes indicates this is a spot-block group, with the specified value as the spot reservation time format: int64 type: integer subnets: description: Subnets is the names of the Subnets (as specified in the Cluster) where machines in this instance group should be placed items: type: string type: array suspendProcesses: description: SuspendProcesses disables the listed Scaling Policies items: type: string type: array sysctlParameters: description: SysctlParameters will configure kernel parameters using sysctl(8). When specified, each parameter must follow the form variable=value, the way it would appear in sysctl.conf. items: type: string type: array taints: description: Taints indicates the kubernetes taints for nodes in this instance group items: type: string type: array tenancy: description: Describes the tenancy of this instance group. Can be either default or dedicated. Currently only applies to AWS. type: string updatePolicy: description: 'UpdatePolicy determines the policy for applying upgrades automatically. If specified, this value overrides a value specified in the Cluster''s "spec.updatePolicy" field. Valid values: ''automatic'' (default): apply updates automatically (apply OS security upgrades, avoiding rebooting when possible) ''external'': do not apply updates automatically; they are applied manually or by an external system' type: string volumeMounts: description: VolumeMounts a collection of volume mounts items: description: VolumeMountSpec defines the specification for mounting a device properties: device: description: Device is the device name to provision and mount type: string filesystem: description: Filesystem is the filesystem to mount type: string formatOptions: description: FormatOptions is a collection of options passed when formatting the device items: type: string type: array mountOptions: description: MountOptions is a collection of mount options items: type: string type: array path: description: Path is the location to mount the device type: string type: object type: array volumes: description: Volumes is a collection of additional volumes to create for instances within this InstanceGroup items: description: VolumeSpec defined the spec for an additional volume attached to the instance group properties: deleteOnTermination: description: DeleteOnTermination configures volume retention policy upon instance termination. The volume is deleted by default. Cluster deletion does not remove retained volumes. type: boolean device: description: Device is an optional device name of the block device type: string encrypted: description: Encrypted indicates you want to encrypt the volume type: boolean iops: description: IOPS is the provisioned IOPS for the volume when the volume type is io1, io2 or gp3 (AWS only). format: int64 type: integer key: description: Key is the encryption key identifier for the volume type: string size: description: Size is the size of the volume in GB format: int64 type: integer throughput: description: Throughput is the volume throughput in MBps when the volume type is gp3 (AWS only). format: int64 type: integer type: description: Type is the type of volume to create and is cloud specific type: string type: object type: array warmPool: description: WarmPool configures an ASG warm pool for the instance group properties: enableLifecycleHook: description: EnableLifecycleHook determines if an ASG lifecycle hook will be added ensuring that nodeup runs to completion. Note that the metadata API must be protected from arbitrary Pods when this is enabled. type: boolean maxSize: description: MaxSize is the maximum size of the warm pool. The desired size of the instance group is subtracted from this number to determine the desired size of the warm pool (unless the resulting number is smaller than MinSize). The default is the instance group's MaxSize. format: int64 type: integer minSize: description: MinSize is the minimum size of the pool format: int64 type: integer type: object zones: description: Zones is the names of the Zones where machines in this instance group should be placed This is needed for regional subnets (e.g. GCE), to restrict placement to particular zones items: type: string type: array type: object type: object served: true storage: true subresources: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []