rancher
/
cluster-api-provider-rke2
mirror of https://github.com/rancher/cluster-api-provider-rke2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18 from belgaied2/main 

Adding first structs for the API
This commit is contained in:
Mohamed Belgaied Hassine 2022-11-14 15:31:00 +01:00 committed by GitHub
parent 7a0bc0daea 57c6795ecf
commit c09e48a979
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 3231 additions and 370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

318
bootstrap/api/v1alpha1/rke2config_types.go
View File

@ -17,48 +17,324 @@ limitations under the License.
package v1alpha1
import (
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// Rke2ConfigSpec defines the desired state of Rke2Config
type Rke2ConfigSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// RKE2ConfigSpec defines the desired state of RKE2Config.
type RKE2ConfigSpec struct {
// Files specifies extra files to be passed to user_data upon creation.
//+optional
Files []File `json:"files,omitempty"`
// Foo is an example field of Rke2Config. Edit rke2config_types.go to remove/update
Foo string `json:"foo,omitempty"`
// PreRKE2Commands specifies extra commands to run before rke2 setup runs.
//+optional
PreRKE2Commands []string `json:"preRKE2Commands,omitempty"`
// PostRKE2Commands specifies extra commands to run after rke2 setup runs.
//+optional
PostRKE2Commands []string `json:"postRKE2Commands,omitempty"`
// AgentConfig specifies configuration for the agent nodes.
//+optional
AgentConfig RKE2AgentConfig `json:"agentConfig,omitempty"`
// PrivateRegistriesConfig defines the containerd configuration for private registries and local registry mirrors.
//+optional
PrivateRegistriesConfig Registry `json:"privateRegistriesConfig,omitempty"`
// Version specifies the rke2 version.
//+optional
Version string `json:"version,omitempty"`
}
// Rke2ConfigStatus defines the observed state of Rke2Config
type Rke2ConfigStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
// RKE2CommonNodeConfig describes some attributes that are common to agent and server nodes
type RKE2AgentConfig struct {
// DataDir Folder to hold state.
//+optional
DataDir string `json:"dataDir,omitempty"`
// NodeLabels Registering and starting kubelet with set of labels.
//+optional
NodeLabels []string `json:"nodeLabels,omitempty"`
// NodeTaints Registering kubelet with set of taints.
//+optional
NodeTaints []string `json:"nodeTaints,omitempty"`
// NodeNamePrefix Prefix to the Node Name that CAPI will generate.
//+optional
NodeNamePrefix string `json:"nodeName,omitempty"`
// NTP specifies NTP configuration
// +optional
NTP *NTP `json:"ntp,omitempty"`
// ImageCredentialProviderConfigMap is a reference to the ConfigMap that contains credential provider plugin config
// The configMap should contain a YAML file content + a Path to the Binaries for Credential Provider.
//+optional
ImageCredentialProviderConfigMap corev1.ObjectReference `json:"imageCredentialProviderConfigMap,omitempty"`
// TODO: Remove ContainerRuntimeEndpoint since this feature will probably not be offered by CAPI Bootstrap provider?
// ContainerRuntimeEndpoint Disable embedded containerd and use alternative CRI implementation.
//+optional
ContainerRuntimeEndpoint string `json:"containerRuntimeEndpoint,omitempty"`
// TODO: Find a way to handle IP addresses that should be advertised but that RKE2 cannot find on the host (Example: Elastic IPs on Cloud Providers).
// NodeIp IPv4/IPv6 addresses to advertise for node.
//+optional.
//NodeIp string `json:"nodeIp,omitempty"`
// NodeExternalIp IPv4/IPv6 external IP addresses to advertise for node.
//+optional
// NodeExternalIp string `json:"nodeExternalIp,omitempty"`
// CISProfile activates CIS compliance of RKE2 for a certain profile
// +kubebuilder:validation:Enum=cis-1.23
//+optional
CISProfile CISProfile `json:"cisProfile,omitempty"`
// ResolvConf is a reference to a ConfigMap containing resolv.conf content for the node.
//+optional
ResolvConf corev1.ObjectReference `json:"resolvConf,omitempty"`
// ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults.
// if false, kernel tunable can be different from kubelet defaults
//+optional
ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"`
// SystemDefaultRegistry Private registry to be used for all system images.
//+optional
SystemDefaultRegistry string `json:"systemDefaultRegistry,omitempty"`
// EnableContainerdSElinux defines the policy for enabling SELinux for Containerd
// if value is true, Containerd will run with selinux-enabled=true flag
// if value is false, Containerd will run without the above flag
//+optional
EnableContainerdSElinux bool `json:"enableContainerdSElinux,omitempty"`
// KubeletPath Override kubelet binary path.
//+optional
KubeletPath string `json:"kubeletPath,omitempty"`
// KubeletArgs Customized flag for kubelet process.
//+optional
Kubelet ComponentConfig `json:"kubelet,omitempty"`
// KubeProxyArgs Customized flag for kube-proxy process.
//+optional
KubeProxy ComponentConfig `json:"kubeProxy,omitempty"`
}
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// NTP defines input for generated ntp in cloud-init.
type NTP struct {
// Servers specifies which NTP servers to use
// +optional
Servers []string `json:"servers,omitempty"`
// Rke2Config is the Schema for the rke2configs API
type Rke2Config struct {
// Enabled specifies whether NTP should be enabled
// +optional
Enabled *bool `json:"enabled,omitempty"`
}
// RKE2ConfigStatus defines the observed state of RKE2Config.
type RKE2ConfigStatus struct {
// Ready indicates the BootstrapData field is ready to be consumed.
Ready bool `json:"ready,omitempty"`
// DataSecretName is the name of the secret that stores the bootstrap data script.
//+optional
DataSecretName *string `json:"dataSecretName,omitempty"`
// FailureReason will be set on non-retryable errors.
//+optional
FailureReason string `json:"failureReason,omitempty"`
// FailureMessage will be set on non-retryable errors.
//+optional
FailureMessage string `json:"failureMessage,omitempty"`
// ObservedGeneration is the latest generation observed by the controller.
//+optional
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
// Conditions defines current service state of the RKE2Config.
//+optional
Conditions clusterv1.Conditions `json:"conditions,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// RKE2Config is the Schema for the rke2configs API.
type RKE2Config struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec Rke2ConfigSpec `json:"spec,omitempty"`
Status Rke2ConfigStatus `json:"status,omitempty"`
Spec RKE2ConfigSpec `json:"spec,omitempty"`
Status RKE2ConfigStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
func (c *RKE2Config) GetConditions() clusterv1.Conditions {
return c.Status.Conditions
}
// Rke2ConfigList contains a list of Rke2Config
type Rke2ConfigList struct {
func (c *RKE2Config) SetConditions(conditions clusterv1.Conditions) {
c.Status.Conditions = conditions
}
// +kubebuilder:object:root=true
// RKE2ConfigList contains a list of RKE2Config.
type RKE2ConfigList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Rke2Config `json:"items"`
Items []RKE2Config `json:"items"`
}
// CISProfile defines the CIS Benchmark profile to be activated in RKE2.
type CISProfile string
const (
// CIS1_23 references RKE2's CIS Profile "cis-1.23"
CIS1_23 CISProfile = "cis-1.23"
)
// Encoding specifies the cloud-init file encoding.
type Encoding string
const (
// Base64 implies the contents of the file are encoded as base64.
Base64 Encoding = "base64"
// Gzip implies the contents of the file are encoded with gzip.
Gzip Encoding = "gzip"
// GzipBase64 implies the contents of the file are first base64 encoded and then gzip encoded.
GzipBase64 Encoding = "gzip+base64"
)
// File defines the input for generating write_files in cloud-init.
type File struct {
// Path specifies the full path on disk where to store the file.
Path string `json:"path"`
// Owner specifies the ownership of the file, e.g. "root:root".
//+optional
Owner string `json:"owner,omitempty"`
// Permissions specifies the permissions to assign to the file, e.g. "0640".
//+optional
Permissions string `json:"permissions,omitempty"`
// Encoding specifies the encoding of the file contents.
// +kubebuilder:validation:Enum=base64;gzip;gzip+base64
//+optional
Encoding Encoding `json:"encoding,omitempty"`
// Content is the actual content of the file.
//+optional
Content string `json:"content,omitempty"`
// ContentFrom is a referenced source of content to populate the file.
//+optional
ContentFrom *FileSource `json:"contentFrom,omitempty"`
}
// FileSource is a union of all possible external source types for file data.
// Only one field may be populated in any given instance. Developers adding new
// sources of data for target systems should add them here.
type FileSource struct {
// Secret represents a secret that should populate this file.
Secret SecretFileSource `json:"secret"`
}
// Adapts a Secret into a FileSource.
//
// The contents of the target Secret's Data field will be presented
// as files using the keys in the Data field as the file names.
type SecretFileSource struct {
// Name of the secret in the RKE2BootstrapConfig's namespace to use.
Name string `json:"name"`
// Key is the key in the secret's data map for this value.
Key string `json:"key"`
}
// Registry is registry settings including mirrors, TLS, and credentials.
type Registry struct {
// Mirrors are namespace to mirror mapping for all namespaces.
//+optional
Mirrors map[string]Mirror `json:"mirrors,omitempty"`
// Configs are configs for each registry.
// The key is the FDQN or IP of the registry.
//+optional
Configs map[string]RegistryConfig `json:"configs,omitempty"`
}
// Mirror contains the config related to the registry mirror.
type Mirror struct {
// Endpoints are endpoints for a namespace. CRI plugin will try the endpoints
// one by one until a working one is found. The endpoint must be a valid url
// with host specified.
// The scheme, host and path from the endpoint URL will be used.
//+optional
Endpoints []string `json:"endpoint,omitempty"`
// Rewrites are repository rewrite rules for a namespace. When fetching image resources
// from an endpoint and a key matches the repository via regular expression matching
// it will be replaced with the corresponding value from the map in the resource request.
//+optional
Rewrites map[string]string `json:"rewrite,omitempty"`
}
// RegistryConfig contains configuration used to communicate with the registry.
type RegistryConfig struct {
// Auth si a reference to a Secret containing information to authenticate to the registry.
// The Secret must provite a username and a password data entry.
//+optional
AuthSecret corev1.ObjectReference `json:"authSecret,omitempty"`
// TLS is a pair of CA/Cert/Key which then are used when creating the transport
// that communicates with the registry.
//+optional
TLS TLSConfig `json:"tls,omitempty"`
}
// TLSConfig contains the CA/Cert/Key used for a registry.
type TLSConfig struct {
// TLSConfigSecret is a reference to a secret of type `kubernetes.io/tls` thich has up to 3 entries: tls.crt, tls.key and ca.crt
// which describe the TLS configuration necessary to connect to the registry.
// +optional
TLSConfigSecret corev1.ObjectReference `json:"tlsConfigSecret,omitempty"`
// EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true.
//+optional
EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"`
}
type ComponentConfig struct {
// ExtraEnv is a map of environment variables to pass on to a Kubernetes Component command.
//+optional
ExtraEnv map[string]string `json:"extraEnv,omitempty"`
// ExtraArgs is a map of command line arguments to pass to a Kubernetes Component command.
//+optional
ExtraArgs map[string]string `json:"extraArgs,omitempty"`
// ExtraMounts is a map of volume mounts to be added for the Kubernetes component StaticPod
//+optional
ExtraMounts map[string]string `json:"extraMounts,omitempty"`
// OverrideImage is a string that references a container image to override the default one for the Kubernetes Component
//+optional
OverrideImage string `json:"overrideImage,omitempty"`
}
func init() {
SchemeBuilder.Register(&Rke2Config{}, &Rke2ConfigList{})
SchemeBuilder.Register(&RKE2Config{}, &RKE2ConfigList{})
}

21
bootstrap/api/v1alpha1/rke2config_webhook.go
View File

@ -26,50 +26,43 @@ import (
// log is for logging in this package.
var rke2configlog = logf.Log.WithName("rke2config-resource")
func (r *Rke2Config) SetupWebhookWithManager(mgr ctrl.Manager) error {
func (r *RKE2Config) SetupWebhookWithManager(mgr ctrl.Manager) error {
return ctrl.NewWebhookManagedBy(mgr).
For(r).
Complete()
}
// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
//+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=mrke2config.kb.io,admissionReviewVersions=v1
var _ webhook.Defaulter = &Rke2Config{}
var _ webhook.Defaulter = &RKE2Config{}
// Default implements webhook.Defaulter so a webhook will be registered for the type
func (r *Rke2Config) Default() {
func (r *RKE2Config) Default() {
rke2configlog.Info("default", "name", r.Name)
// TODO(user): fill in your defaulting logic.
}
// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
//+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=vrke2config.kb.io,admissionReviewVersions=v1
var _ webhook.Validator = &Rke2Config{}
var _ webhook.Validator = &RKE2Config{}
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2Config) ValidateCreate() error {
func (r *RKE2Config) ValidateCreate() error {
rke2configlog.Info("validate create", "name", r.Name)
// TODO(user): fill in your validation logic upon object creation.
return nil
}
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2Config) ValidateUpdate(old runtime.Object) error {
func (r *RKE2Config) ValidateUpdate(old runtime.Object) error {
rke2configlog.Info("validate update", "name", r.Name)
// TODO(user): fill in your validation logic upon object update.
return nil
}
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2Config) ValidateDelete() error {
func (r *RKE2Config) ValidateDelete() error {
rke2configlog.Info("validate delete", "name", r.Name)
// TODO(user): fill in your validation logic upon object deletion.
return nil
}

26
bootstrap/api/v1alpha1/rke2configtemplate_types.go
View File

@ -23,17 +23,17 @@ import (
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// Rke2ConfigTemplateSpec defines the desired state of Rke2ConfigTemplate
type Rke2ConfigTemplateSpec struct {
// RKE2ConfigTemplateSpec defines the desired state of RKE2ConfigTemplate
type RKE2ConfigTemplateSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// Foo is an example field of Rke2ConfigTemplate. Edit rke2configtemplate_types.go to remove/update
// Foo is an example field of RKE2ConfigTemplate. Edit RKE2configtemplate_types.go to remove/update
Foo string `json:"foo,omitempty"`
}
// Rke2ConfigTemplateStatus defines the observed state of Rke2ConfigTemplate
type Rke2ConfigTemplateStatus struct {
// RKE2ConfigTemplateStatus defines the observed state of RKE2ConfigTemplate
type RKE2ConfigTemplateStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
}
@ -41,24 +41,24 @@ type Rke2ConfigTemplateStatus struct {
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// Rke2ConfigTemplate is the Schema for the rke2configtemplates API
type Rke2ConfigTemplate struct {
// RKE2ConfigTemplate is the Schema for the RKE2configtemplates API
type RKE2ConfigTemplate struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec Rke2ConfigTemplateSpec `json:"spec,omitempty"`
Status Rke2ConfigTemplateStatus `json:"status,omitempty"`
Spec RKE2ConfigTemplateSpec `json:"spec,omitempty"`
Status RKE2ConfigTemplateStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// Rke2ConfigTemplateList contains a list of Rke2ConfigTemplate
type Rke2ConfigTemplateList struct {
// RKE2ConfigTemplateList contains a list of RKE2ConfigTemplate
type RKE2ConfigTemplateList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Rke2ConfigTemplate `json:"items"`
Items []RKE2ConfigTemplate `json:"items"`
}
func init() {
SchemeBuilder.Register(&Rke2ConfigTemplate{}, &Rke2ConfigTemplateList{})
SchemeBuilder.Register(&RKE2ConfigTemplate{}, &RKE2ConfigTemplateList{})
}

31
bootstrap/api/v1alpha1/rke2configtemplate_webhook.go
View File

@ -24,52 +24,45 @@ import (
)
// log is for logging in this package.
var rke2configtemplatelog = logf.Log.WithName("rke2configtemplate-resource")
var RKE2configtemplatelog = logf.Log.WithName("RKE2configtemplate-resource")
func (r *Rke2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error {
func (r *RKE2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error {
return ctrl.NewWebhookManagedBy(mgr).
For(r).
Complete()
}
// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
//+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=mrke2configtemplate.kb.io,admissionReviewVersions=v1
var _ webhook.Defaulter = &Rke2ConfigTemplate{}
var _ webhook.Defaulter = &RKE2ConfigTemplate{}
// Default implements webhook.Defaulter so a webhook will be registered for the type
func (r *Rke2ConfigTemplate) Default() {
rke2configtemplatelog.Info("default", "name", r.Name)
func (r *RKE2ConfigTemplate) Default() {
RKE2configtemplatelog.Info("default", "name", r.Name)
// TODO(user): fill in your defaulting logic.
}
// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
//+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=vrke2configtemplate.kb.io,admissionReviewVersions=v1
var _ webhook.Validator = &Rke2ConfigTemplate{}
var _ webhook.Validator = &RKE2ConfigTemplate{}
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ConfigTemplate) ValidateCreate() error {
rke2configtemplatelog.Info("validate create", "name", r.Name)
func (r *RKE2ConfigTemplate) ValidateCreate() error {
RKE2configtemplatelog.Info("validate create", "name", r.Name)
// TODO(user): fill in your validation logic upon object creation.
return nil
}
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ConfigTemplate) ValidateUpdate(old runtime.Object) error {
rke2configtemplatelog.Info("validate update", "name", r.Name)
func (r *RKE2ConfigTemplate) ValidateUpdate(old runtime.Object) error {
RKE2configtemplatelog.Info("validate update", "name", r.Name)
// TODO(user): fill in your validation logic upon object update.
return nil
}
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ConfigTemplate) ValidateDelete() error {
rke2configtemplatelog.Info("validate delete", "name", r.Name)
func (r *RKE2ConfigTemplate) ValidateDelete() error {
RKE2configtemplatelog.Info("validate delete", "name", r.Name)
// TODO(user): fill in your validation logic upon object deletion.
return nil
}

4
bootstrap/api/v1alpha1/webhook_suite_test.go
View File

@ -102,10 +102,10 @@ var _ = BeforeSuite(func() {
})
Expect(err).NotTo(HaveOccurred())
err = (&Rke2Config{}).SetupWebhookWithManager(mgr)
err = (&RKE2Config{}).SetupWebhookWithManager(mgr)
Expect(err).NotTo(HaveOccurred())
err = (&Rke2ConfigTemplate{}).SetupWebhookWithManager(mgr)
err = (&RKE2ConfigTemplate{}).SetupWebhookWithManager(mgr)
Expect(err).NotTo(HaveOccurred())
//+kubebuilder:scaffold:webhook

433
bootstrap/api/v1alpha1/zz_generated.deepcopy.go
View File

@ -23,10 +23,289 @@ package v1alpha1
import (
"k8s.io/apimachinery/pkg/runtime"
"sigs.k8s.io/cluster-api/api/v1beta1"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2Config) DeepCopyInto(out *Rke2Config) {
func (in *ComponentConfig) DeepCopyInto(out *ComponentConfig) {
*out = *in
if in.ExtraEnv != nil {
in, out := &in.ExtraEnv, &out.ExtraEnv
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
if in.ExtraArgs != nil {
in, out := &in.ExtraArgs, &out.ExtraArgs
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
if in.ExtraMounts != nil {
in, out := &in.ExtraMounts, &out.ExtraMounts
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentConfig.
func (in *ComponentConfig) DeepCopy() *ComponentConfig {
if in == nil {
return nil
}
out := new(ComponentConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *File) DeepCopyInto(out *File) {
*out = *in
if in.ContentFrom != nil {
in, out := &in.ContentFrom, &out.ContentFrom
*out = new(FileSource)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new File.
func (in *File) DeepCopy() *File {
if in == nil {
return nil
}
out := new(File)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FileSource) DeepCopyInto(out *FileSource) {
*out = *in
out.Secret = in.Secret
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileSource.
func (in *FileSource) DeepCopy() *FileSource {
if in == nil {
return nil
}
out := new(FileSource)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Mirror) DeepCopyInto(out *Mirror) {
*out = *in
if in.Endpoints != nil {
in, out := &in.Endpoints, &out.Endpoints
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Rewrites != nil {
in, out := &in.Rewrites, &out.Rewrites
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mirror.
func (in *Mirror) DeepCopy() *Mirror {
if in == nil {
return nil
}
out := new(Mirror)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NTP) DeepCopyInto(out *NTP) {
*out = *in
if in.Servers != nil {
in, out := &in.Servers, &out.Servers
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Enabled != nil {
in, out := &in.Enabled, &out.Enabled
*out = new(bool)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NTP.
func (in *NTP) DeepCopy() *NTP {
if in == nil {
return nil
}
out := new(NTP)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2AgentConfig) DeepCopyInto(out *RKE2AgentConfig) {
*out = *in
if in.NodeLabels != nil {
in, out := &in.NodeLabels, &out.NodeLabels
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.NodeTaints != nil {
in, out := &in.NodeTaints, &out.NodeTaints
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.NTP != nil {
in, out := &in.NTP, &out.NTP
*out = new(NTP)
(*in).DeepCopyInto(*out)
}
out.ImageCredentialProviderConfigMap = in.ImageCredentialProviderConfigMap
out.ResolvConf = in.ResolvConf
in.Kubelet.DeepCopyInto(&out.Kubelet)
in.KubeProxy.DeepCopyInto(&out.KubeProxy)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2AgentConfig.
func (in *RKE2AgentConfig) DeepCopy() *RKE2AgentConfig {
if in == nil {
return nil
}
out := new(RKE2AgentConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2Config) DeepCopyInto(out *RKE2Config) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2Config.
func (in *RKE2Config) DeepCopy() *RKE2Config {
if in == nil {
return nil
}
out := new(RKE2Config)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *RKE2Config) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ConfigList) DeepCopyInto(out *RKE2ConfigList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]RKE2Config, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigList.
func (in *RKE2ConfigList) DeepCopy() *RKE2ConfigList {
if in == nil {
return nil
}
out := new(RKE2ConfigList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *RKE2ConfigList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ConfigSpec) DeepCopyInto(out *RKE2ConfigSpec) {
*out = *in
if in.Files != nil {
in, out := &in.Files, &out.Files
*out = make([]File, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.PreRKE2Commands != nil {
in, out := &in.PreRKE2Commands, &out.PreRKE2Commands
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.PostRKE2Commands != nil {
in, out := &in.PostRKE2Commands, &out.PostRKE2Commands
*out = make([]string, len(*in))
copy(*out, *in)
}
in.AgentConfig.DeepCopyInto(&out.AgentConfig)
in.PrivateRegistriesConfig.DeepCopyInto(&out.PrivateRegistriesConfig)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigSpec.
func (in *RKE2ConfigSpec) DeepCopy() *RKE2ConfigSpec {
if in == nil {
return nil
}
out := new(RKE2ConfigSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ConfigStatus) DeepCopyInto(out *RKE2ConfigStatus) {
*out = *in
if in.DataSecretName != nil {
in, out := &in.DataSecretName, &out.DataSecretName
*out = new(string)
**out = **in
}
if in.Conditions != nil {
in, out := &in.Conditions, &out.Conditions
*out = make(v1beta1.Conditions, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigStatus.
func (in *RKE2ConfigStatus) DeepCopy() *RKE2ConfigStatus {
if in == nil {
return nil
}
out := new(RKE2ConfigStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ConfigTemplate) DeepCopyInto(out *RKE2ConfigTemplate) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -34,18 +313,18 @@ func (in *Rke2Config) DeepCopyInto(out *Rke2Config) {
out.Status = in.Status
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2Config.
func (in *Rke2Config) DeepCopy() *Rke2Config {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplate.
func (in *RKE2ConfigTemplate) DeepCopy() *RKE2ConfigTemplate {
if in == nil {
return nil
}
out := new(Rke2Config)
out := new(RKE2ConfigTemplate)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2Config) DeepCopyObject() runtime.Object {
func (in *RKE2ConfigTemplate) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -53,31 +332,31 @@ func (in *Rke2Config) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigList) DeepCopyInto(out *Rke2ConfigList) {
func (in *RKE2ConfigTemplateList) DeepCopyInto(out *RKE2ConfigTemplateList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]Rke2Config, len(*in))
*out = make([]RKE2ConfigTemplate, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigList.
func (in *Rke2ConfigList) DeepCopy() *Rke2ConfigList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateList.
func (in *RKE2ConfigTemplateList) DeepCopy() *RKE2ConfigTemplateList {
if in == nil {
return nil
}
out := new(Rke2ConfigList)
out := new(RKE2ConfigTemplateList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ConfigList) DeepCopyObject() runtime.Object {
func (in *RKE2ConfigTemplateList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -85,120 +364,108 @@ func (in *Rke2ConfigList) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigSpec) DeepCopyInto(out *Rke2ConfigSpec) {
func (in *RKE2ConfigTemplateSpec) DeepCopyInto(out *RKE2ConfigTemplateSpec) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigSpec.
func (in *Rke2ConfigSpec) DeepCopy() *Rke2ConfigSpec {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateSpec.
func (in *RKE2ConfigTemplateSpec) DeepCopy() *RKE2ConfigTemplateSpec {
if in == nil {
return nil
}
out := new(Rke2ConfigSpec)
out := new(RKE2ConfigTemplateSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigStatus) DeepCopyInto(out *Rke2ConfigStatus) {
func (in *RKE2ConfigTemplateStatus) DeepCopyInto(out *RKE2ConfigTemplateStatus) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigStatus.
func (in *Rke2ConfigStatus) DeepCopy() *Rke2ConfigStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateStatus.
func (in *RKE2ConfigTemplateStatus) DeepCopy() *RKE2ConfigTemplateStatus {
if in == nil {
return nil
}
out := new(Rke2ConfigStatus)
out := new(RKE2ConfigTemplateStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigTemplate) DeepCopyInto(out *Rke2ConfigTemplate) {
func (in *Registry) DeepCopyInto(out *Registry) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
out.Status = in.Status
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplate.
func (in *Rke2ConfigTemplate) DeepCopy() *Rke2ConfigTemplate {
if in == nil {
return nil
if in.Mirrors != nil {
in, out := &in.Mirrors, &out.Mirrors
*out = make(map[string]Mirror, len(*in))
for key, val := range *in {
(*out)[key] = *val.DeepCopy()
}
}
out := new(Rke2ConfigTemplate)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ConfigTemplate) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigTemplateList) DeepCopyInto(out *Rke2ConfigTemplateList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]Rke2ConfigTemplate, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
if in.Configs != nil {
in, out := &in.Configs, &out.Configs
*out = make(map[string]RegistryConfig, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateList.
func (in *Rke2ConfigTemplateList) DeepCopy() *Rke2ConfigTemplateList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Registry.
func (in *Registry) DeepCopy() *Registry {
if in == nil {
return nil
}
out := new(Rke2ConfigTemplateList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ConfigTemplateList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigTemplateSpec) DeepCopyInto(out *Rke2ConfigTemplateSpec) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateSpec.
func (in *Rke2ConfigTemplateSpec) DeepCopy() *Rke2ConfigTemplateSpec {
if in == nil {
return nil
}
out := new(Rke2ConfigTemplateSpec)
out := new(Registry)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ConfigTemplateStatus) DeepCopyInto(out *Rke2ConfigTemplateStatus) {
func (in *RegistryConfig) DeepCopyInto(out *RegistryConfig) {
*out = *in
out.AuthSecret = in.AuthSecret
out.TLS = in.TLS
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateStatus.
func (in *Rke2ConfigTemplateStatus) DeepCopy() *Rke2ConfigTemplateStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistryConfig.
func (in *RegistryConfig) DeepCopy() *RegistryConfig {
if in == nil {
return nil
}
out := new(Rke2ConfigTemplateStatus)
out := new(RegistryConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *SecretFileSource) DeepCopyInto(out *SecretFileSource) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretFileSource.
func (in *SecretFileSource) DeepCopy() *SecretFileSource {
if in == nil {
return nil
}
out := new(SecretFileSource)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TLSConfig) DeepCopyInto(out *TLSConfig) {
*out = *in
out.TLSConfigSecret = in.TLSConfigSecret
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig.
func (in *TLSConfig) DeepCopy() *TLSConfig {
if in == nil {
return nil
}
out := new(TLSConfig)
in.DeepCopyInto(out)
return out
}

477
bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml
View File

@ -9,8 +9,8 @@ metadata:
spec:
group: bootstrap.cluster.x-k8s.io
names:
kind: Rke2Config
listKind: Rke2ConfigList
kind: RKE2Config
listKind: RKE2ConfigList
plural: rke2configs
singular: rke2config
scope: Namespaced
@ -18,7 +18,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rke2Config is the Schema for the rke2configs API
description: RKE2Config is the Schema for the rke2configs API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -33,15 +33,476 @@ spec:
metadata:
type: object
spec:
description: Rke2ConfigSpec defines the desired state of Rke2Config
description: RKE2ConfigSpec defines the desired state of RKE2Config.
properties:
foo:
description: Foo is an example field of Rke2Config. Edit rke2config_types.go
to remove/update
agentConfig:
description: AgentConfig specifies configuration for the agent nodes.
properties:
cisProfile:
description: CISProfile activates CIS compliance of RKE2 for a
certain profile
enum:
- cis-1.23
type: string
containerRuntimeEndpoint:
description: ContainerRuntimeEndpoint Disable embedded containerd
and use alternative CRI implementation.
type: string
dataDir:
description: DataDir Folder to hold state.
type: string
enableContainerdSElinux:
description: EnableContainerdSElinux defines the policy for enabling
SELinux for Containerd if value is true, Containerd will run
with selinux-enabled=true flag if value is false, Containerd
will run without the above flag
type: boolean
imageCredentialProviderConfigMap:
description: ImageCredentialProviderConfigMap is a reference to
the ConfigMap that contains credential provider plugin config
The configMap should contain a YAML file content + a Path to
the Binaries for Credential Provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
kubeProxy:
description: KubeProxyArgs Customized flag for kube-proxy process.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubelet:
description: KubeletArgs Customized flag for kubelet process.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubeletPath:
description: KubeletPath Override kubelet binary path.
type: string
nodeLabels:
description: NodeLabels Registering and starting kubelet with
set of labels.
items:
type: string
type: array
nodeName:
description: NodeNamePrefix Prefix to the Node Name that CAPI
will generate.
type: string
nodeTaints:
description: NodeTaints Registering kubelet with set of taints.
items:
type: string
type: array
ntp:
description: NTP specifies NTP configuration
properties:
enabled:
description: Enabled specifies whether NTP should be enabled
type: boolean
servers:
description: Servers specifies which NTP servers to use
items:
type: string
type: array
type: object
protectKernelDefaults:
description: ProtectKernelDefaults defines Kernel tuning behavior.
If true, error if kernel tunables are different than kubelet
defaults. if false, kernel tunable can be different from kubelet
defaults
type: boolean
resolvConf:
description: ResolvConf is a reference to a ConfigMap containing
resolv.conf content for the node.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
systemDefaultRegistry:
description: SystemDefaultRegistry Private registry to be used
for all system images.
type: string
type: object
files:
description: Files specifies extra files to be passed to user_data
upon creation.
items:
description: File defines the input for generating write_files in
cloud-init.
properties:
content:
description: Content is the actual content of the file.
type: string
contentFrom:
description: ContentFrom is a referenced source of content to
populate the file.
properties:
secret:
description: Secret represents a secret that should populate
this file.
properties:
key:
description: Key is the key in the secret's data map
for this value.
type: string
name:
description: Name of the secret in the RKE2BootstrapConfig's
namespace to use.
type: string
required:
- key
- name
type: object
required:
- secret
type: object
encoding:
description: Encoding specifies the encoding of the file contents.
enum:
- base64
- gzip
- gzip+base64
type: string
owner:
description: Owner specifies the ownership of the file, e.g.
"root:root".
type: string
path:
description: Path specifies the full path on disk where to store
the file.
type: string
permissions:
description: Permissions specifies the permissions to assign
to the file, e.g. "0640".
type: string
required:
- path
type: object
type: array
postRKE2Commands:
description: PostRKE2Commands specifies extra commands to run after
rke2 setup runs.
items:
type: string
type: array
preRKE2Commands:
description: PreRKE2Commands specifies extra commands to run before
rke2 setup runs.
items:
type: string
type: array
privateRegistriesConfig:
description: PrivateRegistriesConfig defines the containerd configuration
for private registries and local registry mirrors.
properties:
configs:
additionalProperties:
description: RegistryConfig contains configuration used to communicate
with the registry.
properties:
authSecret:
description: Auth si a reference to a Secret containing
information to authenticate to the registry. The Secret
must provite a username and a password data entry.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a
valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to
have some well-defined way of referencing a part of
an object. TODO: this design is not final and this
field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
tls:
description: TLS is a pair of CA/Cert/Key which then are
used when creating the transport that communicates with
the registry.
properties:
enforceSslVerify:
description: EnforceSSLVerify may be set to false to
skip verifying the registry's certificate, default
is true.
type: boolean
tlsConfigSecret:
description: 'TLSConfigSecret is a reference to a secret
of type `kubernetes.io/tls` thich has up to 3 entries:
tls.crt, tls.key and ca.crt which describe the TLS
configuration necessary to connect to the registry.'
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to
the name of the container that triggered the event)
or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax
is chosen only to have some well-defined way of
referencing a part of an object. TODO: this design
is not final and this field is subject to change
in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which
this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: object
type: object
description: Configs are configs for each registry. The key is
the FDQN or IP of the registry.
type: object
mirrors:
additionalProperties:
description: Mirror contains the config related to the registry
mirror.
properties:
endpoint:
description: Endpoints are endpoints for a namespace. CRI
plugin will try the endpoints one by one until a working
one is found. The endpoint must be a valid url with host
specified. The scheme, host and path from the endpoint
URL will be used.
items:
type: string
type: array
rewrite:
additionalProperties:
type: string
description: Rewrites are repository rewrite rules for a
namespace. When fetching image resources from an endpoint
and a key matches the repository via regular expression
matching it will be replaced with the corresponding value
from the map in the resource request.
type: object
type: object
description: Mirrors are namespace to mirror mapping for all namespaces.
type: object
type: object
version:
description: Version specifies the rke2 version.
type: string
type: object
status:
description: Rke2ConfigStatus defines the observed state of Rke2Config
description: RKE2ConfigStatus defines the observed state of RKE2Config.
properties:
conditions:
description: Conditions defines current service state of the RKE2Config.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
dataSecretName:
description: DataSecretName is the name of the secret that stores
the bootstrap data script.
type: string
failureMessage:
description: FailureMessage will be set on non-retryable errors.
type: string
failureReason:
description: FailureReason will be set on non-retryable errors.
type: string
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
ready:
description: Ready indicates the BootstrapData field is ready to be
consumed.
type: boolean
type: object
type: object
served: true

12
bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configtemplates.yaml
View File

@ -9,8 +9,8 @@ metadata:
spec:
group: bootstrap.cluster.x-k8s.io
names:
kind: Rke2ConfigTemplate
listKind: Rke2ConfigTemplateList
kind: RKE2ConfigTemplate
listKind: RKE2ConfigTemplateList
plural: rke2configtemplates
singular: rke2configtemplate
scope: Namespaced
@ -18,7 +18,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rke2ConfigTemplate is the Schema for the rke2configtemplates
description: RKE2ConfigTemplate is the Schema for the RKE2configtemplates
API
properties:
apiVersion:
@ -34,15 +34,15 @@ spec:
metadata:
type: object
spec:
description: Rke2ConfigTemplateSpec defines the desired state of Rke2ConfigTemplate
description: RKE2ConfigTemplateSpec defines the desired state of RKE2ConfigTemplate
properties:
foo:
description: Foo is an example field of Rke2ConfigTemplate. Edit rke2configtemplate_types.go
description: Foo is an example field of RKE2ConfigTemplate. Edit RKE2configtemplate_types.go
to remove/update
type: string
type: object
status:
description: Rke2ConfigTemplateStatus defines the observed state of Rke2ConfigTemplate
description: RKE2ConfigTemplateStatus defines the observed state of RKE2ConfigTemplate
type: object
type: object
served: true

2
bootstrap/internal/controllers/rke2config_controller.go
View File

@ -57,6 +57,6 @@ func (r *Rke2ConfigReconciler) Reconcile(ctx context.Context, req ctrl.Request)
// SetupWithManager sets up the controller with the Manager.
func (r *Rke2ConfigReconciler) SetupWithManager(mgr ctrl.Manager) error {
return ctrl.NewControllerManagedBy(mgr).
For(&bootstrapv1.Rke2Config{}).
For(&bootstrapv1.RKE2Config{}).
Complete(r)
}

4
bootstrap/main.go
View File

@ -96,11 +96,11 @@ func main() {
setupLog.Error(err, "unable to create controller", "controller", "Rke2Config")
os.Exit(1)
}
if err = (&bootstrapv1.Rke2Config{}).SetupWebhookWithManager(mgr); err != nil {
if err = (&bootstrapv1.RKE2Config{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "Rke2Config")
os.Exit(1)
}
if err = (&bootstrapv1.Rke2ConfigTemplate{}).SetupWebhookWithManager(mgr); err != nil {
if err = (&bootstrapv1.RKE2ConfigTemplate{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ConfigTemplate")
os.Exit(1)
}

271
controlplane/api/v1alpha1/rke2controlplane_types.go
View File

@ -17,48 +17,277 @@ limitations under the License.
package v1alpha1
import (
bootstrapv1 "github.com/rancher-sandbox/cluster-api-provider-rke2/bootstrap/api/v1alpha1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane
type RKE2ControlPlaneSpec struct {
// bootstrapv1.RKE2AgentConfig references fields from the Agent Configuration in the Bootstrap Provider because an RKE2 Server node also has an agent
bootstrapv1.RKE2AgentConfig `json:",inline"`
// Rke2ControlPlaneSpec defines the desired state of Rke2ControlPlane
type Rke2ControlPlaneSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// ServerConfig specifies configuration for the agent nodes.
//+optional
ServerConfig RKE2ServerConfig `json:"serverConfig,omitempty"`
// Foo is an example field of Rke2ControlPlane. Edit rke2controlplane_types.go to remove/update
Foo string `json:"foo,omitempty"`
// ManifestsConfigMapReference references a ConfigMap which contains Kubernetes manifests to be deployed automatically on the cluster
// Each data entry in the ConfigMap will be will be copied to a folder on the control plane nodes that RKE2 scans and uses to deploy manifests.
//+optional
ManifestsConfigMapReference corev1.ObjectReference `json:"manifestsConfigMapReference,omitempty"`
}
// Rke2ControlPlaneStatus defines the observed state of Rke2ControlPlane
type Rke2ControlPlaneStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
type RKE2ServerConfig struct {
// BindAddress describes the rke2 bind address (default: 0.0.0.0).
//+optional
BindAddress string `json:"bindAddress,omitempty"`
// AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip).
//+optional
AdvertiseAddress string `json:"advertiseAddress,omitempty"`
// TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert.
//+optional
TLSSan []string `json:"tlsSan,omitempty"`
// ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767").
//+optional
ServiceNodePortRange string `json:"service-node-port-range,omitempty"`
// ClusterDNS is the cluster IP for CoreDNS service. Should be in your service-cidr range (default: 10.43.0.10).
//+optional
ClusterDNS string `json:"clusterDNS,omitempty"`
// ClusterDomain is the cluster domain name (default: "cluster.local").
//+optional
ClusterDomain string `json:"clusterDomain,omitempty"`
// DisableComponents lists Kubernetes components and RKE2 plugin components that will be disabled.
//+optional
DisableComponents DisableComponents `json:"disableComponents,omitempty"`
// LoadBalancerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer (default: 6444).
//+optional
LoadBalancerPort int `json:"loadBalancerPort,omitempty"`
// CNI describes the CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal).
// +kubebuilder:validation:Enum=none;calico;canal;cilium
//+optional
CNI CNI `json:"cni,omitempty"`
// PauseImage Override image to use for pause.
//+optional
PauseImage string `json:"pauseImage,omitempty"`
// RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc).
//+optional
RuntimeImage string `json:"runtimeImage,omitempty"`
// CloudProviderName Cloud provider name.
//+optional
CloudProviderName string `json:"cloudProviderName,omitempty"`
// CloudProviderConfigMap is a reference to a ConfigMap containing Cloud provider configuration.
//+optional
CloudProviderConfigMap corev1.ObjectReference `json:"cloudProviderConfigMap,omitempty"`
// NOTE: this was only profile, changed it to cisProfile.
// AuditPolicySecret Path to the file that defines the audit policy configuration.
//+optional
AuditPolicySecret corev1.ObjectReference `json:"auditPolicySecret,omitempty"`
// Etcd defines optional custom configuration of ETCD.
//+optional
Etcd EtcdConfig `json:"etcd,omitempty"`
// KubeAPIServer defines optional custom configuration of the Kube API Server.
//+optional
KubeAPIServer bootstrapv1.ComponentConfig `json:"kubeAPIServer,omitempty"`
// KubeControllerManager defines optional custom configuration of the Kube Controller Manager.
//+optional
KubeControllerManager bootstrapv1.ComponentConfig `json:"kubeControllerManager,omitempty"`
// KubeScheduler defines optional custom configuration of the Kube Scheduler.
//+optional
KubeScheduler bootstrapv1.ComponentConfig `json:"kubeScheduler,omitempty"`
// CloudControllerManager defines optional custom configuration of the Cloud Controller Manager.
//+optional
CloudControllerManager bootstrapv1.ComponentConfig `json:"cloudControllerManager,omitempty"`
}
// RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane
type RKE2ControlPlaneStatus struct {
// Ready indicates the BootstrapData field is ready to be consumed.
Ready bool `json:"ready,omitempty"`
// DataSecretName is the name of the secret that stores the bootstrap data script.
// +optional
DataSecretName *string `json:"dataSecretName,omitempty"`
// FailureReason will be set on non-retryable errors.
// +optional
FailureReason string `json:"failureReason,omitempty"`
// FailureMessage will be set on non-retryable errors.
// +optional
FailureMessage string `json:"failureMessage,omitempty"`
// ObservedGeneration is the latest generation observed by the controller.
// +optional
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
// Conditions defines current service state of the RKE2Config.
// +optional
Conditions clusterv1.Conditions `json:"conditions,omitempty"`
}
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// Rke2ControlPlane is the Schema for the rke2controlplanes API
type Rke2ControlPlane struct {
// RKE2ControlPlane is the Schema for the rke2controlplanes API
type RKE2ControlPlane struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec Rke2ControlPlaneSpec `json:"spec,omitempty"`
Status Rke2ControlPlaneStatus `json:"status,omitempty"`
Spec RKE2ControlPlaneSpec `json:"spec,omitempty"`
Status RKE2ControlPlaneStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// Rke2ControlPlaneList contains a list of Rke2ControlPlane
type Rke2ControlPlaneList struct {
// RKE2ControlPlaneList contains a list of RKE2ControlPlane
type RKE2ControlPlaneList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Rke2ControlPlane `json:"items"`
Items []RKE2ControlPlane `json:"items"`
}
func init() {
SchemeBuilder.Register(&Rke2ControlPlane{}, &Rke2ControlPlaneList{})
// EtcdConfig regroups the ETCD-specific configuration of the control plane
type EtcdConfig struct {
// ExposeEtcdMetrics defines the policy for ETCD Metrics exposure.
// if value is true, ETCD metrics will be exposed
// if value is false, ETCD metrics will NOT be exposed
// +optional
ExposeEtcdMetrics bool `json:"exposeEtcdMetrics,omitempty"`
// BackupConfig defines how RKE2 will snapshot ETCD: target storage, schedule, etc.
//+optional
BackupConfig EtcdBackupConfig `json:"backupConfig,omitempty"`
// CustomConfig defines the custom settings for ETCD.
CustomConfig bootstrapv1.ComponentConfig `json:"customConfig,omitempty"`
}
// EtcdBackupConfig describes the backup configuration for ETCD.
type EtcdBackupConfig struct {
// EnableAutomaticSnapshots defines the policy for ETCD snapshots. true means automatic snapshots will be scheduled, false means automatic snapshots will not be scheduled.
//+optional
EnableAutomaticSnapshots bool `json:"enableAutomaticSnapshots,omitempty"`
// SnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot").
//+optional
SnapshotName string `json:"snapshotName,omitempty"`
// ScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *").
//+optional
ScheduleCron string `json:"scheduleCron,omitempty"`
// Retention Number of snapshots to retain Default: 5 (default: 5).
//+optional
Retention string `json:"retention,omitempty"`
// Directory Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots).
//+optional
Directory string `json:"directory,omitempty"`
// S3 Enable backup to an S3-compatible Object Store.
//+optional
S3 EtcdS3 `json:"s3,omitempty"`
}
type EtcdS3 struct {
// Endpoint S3 endpoint url (default: "s3.amazonaws.com").
Endpoint string `json:"endpoint"`
// EndpointCA references the Secret that contains a custom CA that should be trusted to connect to S3 endpoint.
//+optional
EndpointCA corev1.ObjectReference `json:"endpointCA,omitempty"`
// EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true.
//+optional
EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"`
// S3CredentialSecret is a reference to a Secret containing the Access Key and Secret Key necessary to access the target S3 Bucket.
S3CredentialSecret corev1.ObjectReference `json:"S3CredentialSecret"`
// Bucket S3 bucket name.
//+optional
Bucket string `json:"bucket,omitempty"`
// Region S3 region / bucket location (optional) (default: "us-east-1").
//+optional
Region string `json:"region,omitempty"`
// Folder S3 folder.
//+optional
Folder string `json:"folder,omitempty"`
}
// CNI defines the Cni options for deploying RKE2.
type CNI string
const (
// Cilium references the RKE2 CNI Plugin "cilium"
Cilium CNI = "cilium"
// Calico references the RKE2 CNI Plugin "calico"
Calico CNI = "calico"
// Canal references the RKE2 CNI Plugin "canal"
Canal CNI = "canal"
// None means that no CNI Plugin will be installed with RKE2, letting the operator install his own CNI afterwards.
None CNI = "none"
)
// DisableComponents describes components of RKE2 (Kubernetes components and plugin components) that should be disabled
type DisableComponents struct {
// KubernetesComponents is a list of Kubernetes components to disable.
// +kubebuilder:validation:Enum=scheduler;kubeProxy;cloudController
KubernetesComponents []DisabledKubernetesComponent `json:"kubernetesComponents,omitempty"`
// PluginComponents is a list of PluginComponents to disable.
// +kubebuilder:validation:Enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server
PluginComponents []DisabledPluginComponent `json:"pluginComponents,omitempty"`
}
// DisabledKubernetesComponent is an enum field that can take one of the following values: scheduler, kubeProxy or cloudController.
type DisabledKubernetesComponent string
const (
// Scheduler references the Kube Scheduler Kubernetes components of the control plane/server nodes
Scheduler DisabledKubernetesComponent = "scheduler"
// KubeProxy references the Kube Proxy Kubernetes components on the agents
KubeProxy DisabledKubernetesComponent = "kubeProxy"
// CloudController references the Cloud Controller Manager Kubernetes Components on the control plane / server nodes
CloudController DisabledKubernetesComponent = "cloudController"
)
// DisabledItem selects a plugin Components to be disabled.
type DisabledPluginComponent string
const (
// CoreDNS references the RKE2 Plugin "rke2-coredns"
CoreDNS DisabledPluginComponent = "rke2-coredns"
// IngressNginx references the RKE2 Plugin "rke2-ingress-nginx"
IngressNginx DisabledPluginComponent = "rke2-ingress-nginx"
// MetricsServer references the RKE2 Plugin "rke2-metrics-server"
MetricsServer DisabledPluginComponent = "rke2-metrics-server"
)
func init() {
SchemeBuilder.Register(&RKE2ControlPlane{}, &RKE2ControlPlaneList{})
}

22
controlplane/api/v1alpha1/rke2controlplane_webhook.go
View File

@ -26,50 +26,42 @@ import (
// log is for logging in this package.
var rke2controlplanelog = logf.Log.WithName("rke2controlplane-resource")
func (r *Rke2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error {
func (r *RKE2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error {
return ctrl.NewWebhookManagedBy(mgr).
For(r).
Complete()
}
// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
//+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=mrke2controlplane.kb.io,admissionReviewVersions=v1
var _ webhook.Defaulter = &Rke2ControlPlane{}
var _ webhook.Defaulter = &RKE2ControlPlane{}
// Default implements webhook.Defaulter so a webhook will be registered for the type
func (r *Rke2ControlPlane) Default() {
func (r *RKE2ControlPlane) Default() {
rke2controlplanelog.Info("default", "name", r.Name)
// TODO(user): fill in your defaulting logic.
}
// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
//+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=vrke2controlplane.kb.io,admissionReviewVersions=v1
var _ webhook.Validator = &Rke2ControlPlane{}
var _ webhook.Validator = &RKE2ControlPlane{}
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlane) ValidateCreate() error {
func (r *RKE2ControlPlane) ValidateCreate() error {
rke2controlplanelog.Info("validate create", "name", r.Name)
// TODO(user): fill in your validation logic upon object creation.
return nil
}
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlane) ValidateUpdate(old runtime.Object) error {
func (r *RKE2ControlPlane) ValidateUpdate(old runtime.Object) error {
rke2controlplanelog.Info("validate update", "name", r.Name)
// TODO(user): fill in your validation logic upon object update.
return nil
}
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlane) ValidateDelete() error {
func (r *RKE2ControlPlane) ValidateDelete() error {
rke2controlplanelog.Info("validate delete", "name", r.Name)
// TODO(user): fill in your validation logic upon object deletion.
return nil
}

26
controlplane/api/v1alpha1/rke2controlplanetemplate_types.go
View File

@ -23,17 +23,17 @@ import (
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// Rke2ControlPlaneTemplateSpec defines the desired state of Rke2ControlPlaneTemplate
type Rke2ControlPlaneTemplateSpec struct {
// RKE2ControlPlaneTemplateSpec defines the desired state of RKE2ControlPlaneTemplate
type RKE2ControlPlaneTemplateSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// Foo is an example field of Rke2ControlPlaneTemplate. Edit rke2controlplanetemplate_types.go to remove/update
// Foo is an example field of RKE2ControlPlaneTemplate. Edit rke2controlplanetemplate_types.go to remove/update
Foo string `json:"foo,omitempty"`
}
// Rke2ControlPlaneTemplateStatus defines the observed state of Rke2ControlPlaneTemplate
type Rke2ControlPlaneTemplateStatus struct {
// RKE2ControlPlaneTemplateStatus defines the observed state of RKE2ControlPlaneTemplate
type RKE2ControlPlaneTemplateStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
}
@ -41,24 +41,24 @@ type Rke2ControlPlaneTemplateStatus struct {
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// Rke2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates API
type Rke2ControlPlaneTemplate struct {
// RKE2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates API
type RKE2ControlPlaneTemplate struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec Rke2ControlPlaneTemplateSpec `json:"spec,omitempty"`
Status Rke2ControlPlaneTemplateStatus `json:"status,omitempty"`
Spec RKE2ControlPlaneTemplateSpec `json:"spec,omitempty"`
Status RKE2ControlPlaneTemplateStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// Rke2ControlPlaneTemplateList contains a list of Rke2ControlPlaneTemplate
type Rke2ControlPlaneTemplateList struct {
// RKE2ControlPlaneTemplateList contains a list of RKE2ControlPlaneTemplate
type RKE2ControlPlaneTemplateList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Rke2ControlPlaneTemplate `json:"items"`
Items []RKE2ControlPlaneTemplate `json:"items"`
}
func init() {
SchemeBuilder.Register(&Rke2ControlPlaneTemplate{}, &Rke2ControlPlaneTemplateList{})
SchemeBuilder.Register(&RKE2ControlPlaneTemplate{}, &RKE2ControlPlaneTemplateList{})
}

21
controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go
View File

@ -26,50 +26,43 @@ import (
// log is for logging in this package.
var rke2controlplanetemplatelog = logf.Log.WithName("rke2controlplanetemplate-resource")
func (r *Rke2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error {
func (r *RKE2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error {
return ctrl.NewWebhookManagedBy(mgr).
For(r).
Complete()
}
// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
//+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=mrke2controlplanetemplate.kb.io,admissionReviewVersions=v1
var _ webhook.Defaulter = &Rke2ControlPlaneTemplate{}
var _ webhook.Defaulter = &RKE2ControlPlaneTemplate{}
// Default implements webhook.Defaulter so a webhook will be registered for the type
func (r *Rke2ControlPlaneTemplate) Default() {
func (r *RKE2ControlPlaneTemplate) Default() {
rke2controlplanetemplatelog.Info("default", "name", r.Name)
// TODO(user): fill in your defaulting logic.
}
// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
//+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=vrke2controlplanetemplate.kb.io,admissionReviewVersions=v1
var _ webhook.Validator = &Rke2ControlPlaneTemplate{}
var _ webhook.Validator = &RKE2ControlPlaneTemplate{}
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlaneTemplate) ValidateCreate() error {
func (r *RKE2ControlPlaneTemplate) ValidateCreate() error {
rke2controlplanetemplatelog.Info("validate create", "name", r.Name)
// TODO(user): fill in your validation logic upon object creation.
return nil
}
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error {
func (r *RKE2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error {
rke2controlplanetemplatelog.Info("validate update", "name", r.Name)
// TODO(user): fill in your validation logic upon object update.
return nil
}
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
func (r *Rke2ControlPlaneTemplate) ValidateDelete() error {
func (r *RKE2ControlPlaneTemplate) ValidateDelete() error {
rke2controlplanetemplatelog.Info("validate delete", "name", r.Name)
// TODO(user): fill in your validation logic upon object deletion.
return nil
}

4
controlplane/api/v1alpha1/webhook_suite_test.go
View File

@ -102,10 +102,10 @@ var _ = BeforeSuite(func() {
})
Expect(err).NotTo(HaveOccurred())
err = (&Rke2ControlPlane{}).SetupWebhookWithManager(mgr)
err = (&RKE2ControlPlane{}).SetupWebhookWithManager(mgr)
Expect(err).NotTo(HaveOccurred())
err = (&Rke2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr)
err = (&RKE2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr)
Expect(err).NotTo(HaveOccurred())
//+kubebuilder:scaffold:webhook

313
controlplane/api/v1alpha1/zz_generated.deepcopy.go
View File

@ -23,10 +23,190 @@ package v1alpha1
import (
"k8s.io/apimachinery/pkg/runtime"
"sigs.k8s.io/cluster-api/api/v1beta1"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlane) DeepCopyInto(out *Rke2ControlPlane) {
func (in *DisableComponents) DeepCopyInto(out *DisableComponents) {
*out = *in
if in.KubernetesComponents != nil {
in, out := &in.KubernetesComponents, &out.KubernetesComponents
*out = make([]DisabledKubernetesComponent, len(*in))
copy(*out, *in)
}
if in.PluginComponents != nil {
in, out := &in.PluginComponents, &out.PluginComponents
*out = make([]DisabledPluginComponent, len(*in))
copy(*out, *in)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableComponents.
func (in *DisableComponents) DeepCopy() *DisableComponents {
if in == nil {
return nil
}
out := new(DisableComponents)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *EtcdBackupConfig) DeepCopyInto(out *EtcdBackupConfig) {
*out = *in
out.S3 = in.S3
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupConfig.
func (in *EtcdBackupConfig) DeepCopy() *EtcdBackupConfig {
if in == nil {
return nil
}
out := new(EtcdBackupConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *EtcdConfig) DeepCopyInto(out *EtcdConfig) {
*out = *in
out.BackupConfig = in.BackupConfig
in.CustomConfig.DeepCopyInto(&out.CustomConfig)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdConfig.
func (in *EtcdConfig) DeepCopy() *EtcdConfig {
if in == nil {
return nil
}
out := new(EtcdConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *EtcdS3) DeepCopyInto(out *EtcdS3) {
*out = *in
out.EndpointCA = in.EndpointCA
out.S3CredentialSecret = in.S3CredentialSecret
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdS3.
func (in *EtcdS3) DeepCopy() *EtcdS3 {
if in == nil {
return nil
}
out := new(EtcdS3)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ControlPlane) DeepCopyInto(out *RKE2ControlPlane) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlane.
func (in *RKE2ControlPlane) DeepCopy() *RKE2ControlPlane {
if in == nil {
return nil
}
out := new(RKE2ControlPlane)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *RKE2ControlPlane) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ControlPlaneList) DeepCopyInto(out *RKE2ControlPlaneList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]RKE2ControlPlane, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneList.
func (in *RKE2ControlPlaneList) DeepCopy() *RKE2ControlPlaneList {
if in == nil {
return nil
}
out := new(RKE2ControlPlaneList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *RKE2ControlPlaneList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ControlPlaneSpec) DeepCopyInto(out *RKE2ControlPlaneSpec) {
*out = *in
in.RKE2AgentConfig.DeepCopyInto(&out.RKE2AgentConfig)
in.ServerConfig.DeepCopyInto(&out.ServerConfig)
out.ManifestsConfigMapReference = in.ManifestsConfigMapReference
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneSpec.
func (in *RKE2ControlPlaneSpec) DeepCopy() *RKE2ControlPlaneSpec {
if in == nil {
return nil
}
out := new(RKE2ControlPlaneSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ControlPlaneStatus) DeepCopyInto(out *RKE2ControlPlaneStatus) {
*out = *in
if in.DataSecretName != nil {
in, out := &in.DataSecretName, &out.DataSecretName
*out = new(string)
**out = **in
}
if in.Conditions != nil {
in, out := &in.Conditions, &out.Conditions
*out = make(v1beta1.Conditions, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneStatus.
func (in *RKE2ControlPlaneStatus) DeepCopy() *RKE2ControlPlaneStatus {
if in == nil {
return nil
}
out := new(RKE2ControlPlaneStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RKE2ControlPlaneTemplate) DeepCopyInto(out *RKE2ControlPlaneTemplate) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -34,18 +214,18 @@ func (in *Rke2ControlPlane) DeepCopyInto(out *Rke2ControlPlane) {
out.Status = in.Status
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlane.
func (in *Rke2ControlPlane) DeepCopy() *Rke2ControlPlane {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplate.
func (in *RKE2ControlPlaneTemplate) DeepCopy() *RKE2ControlPlaneTemplate {
if in == nil {
return nil
}
out := new(Rke2ControlPlane)
out := new(RKE2ControlPlaneTemplate)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ControlPlane) DeepCopyObject() runtime.Object {
func (in *RKE2ControlPlaneTemplate) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -53,31 +233,31 @@ func (in *Rke2ControlPlane) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneList) DeepCopyInto(out *Rke2ControlPlaneList) {
func (in *RKE2ControlPlaneTemplateList) DeepCopyInto(out *RKE2ControlPlaneTemplateList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]Rke2ControlPlane, len(*in))
*out = make([]RKE2ControlPlaneTemplate, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneList.
func (in *Rke2ControlPlaneList) DeepCopy() *Rke2ControlPlaneList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateList.
func (in *RKE2ControlPlaneTemplateList) DeepCopy() *RKE2ControlPlaneTemplateList {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneList)
out := new(RKE2ControlPlaneTemplateList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ControlPlaneList) DeepCopyObject() runtime.Object {
func (in *RKE2ControlPlaneTemplateList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -85,120 +265,59 @@ func (in *Rke2ControlPlaneList) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneSpec) DeepCopyInto(out *Rke2ControlPlaneSpec) {
func (in *RKE2ControlPlaneTemplateSpec) DeepCopyInto(out *RKE2ControlPlaneTemplateSpec) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneSpec.
func (in *Rke2ControlPlaneSpec) DeepCopy() *Rke2ControlPlaneSpec {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateSpec.
func (in *RKE2ControlPlaneTemplateSpec) DeepCopy() *RKE2ControlPlaneTemplateSpec {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneSpec)
out := new(RKE2ControlPlaneTemplateSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneStatus) DeepCopyInto(out *Rke2ControlPlaneStatus) {
func (in *RKE2ControlPlaneTemplateStatus) DeepCopyInto(out *RKE2ControlPlaneTemplateStatus) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneStatus.
func (in *Rke2ControlPlaneStatus) DeepCopy() *Rke2ControlPlaneStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateStatus.
func (in *RKE2ControlPlaneTemplateStatus) DeepCopy() *RKE2ControlPlaneTemplateStatus {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneStatus)
out := new(RKE2ControlPlaneTemplateStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneTemplate) DeepCopyInto(out *Rke2ControlPlaneTemplate) {
func (in *RKE2ServerConfig) DeepCopyInto(out *RKE2ServerConfig) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
out.Status = in.Status
if in.TLSSan != nil {
in, out := &in.TLSSan, &out.TLSSan
*out = make([]string, len(*in))
copy(*out, *in)
}
in.DisableComponents.DeepCopyInto(&out.DisableComponents)
out.CloudProviderConfigMap = in.CloudProviderConfigMap
out.AuditPolicySecret = in.AuditPolicySecret
in.Etcd.DeepCopyInto(&out.Etcd)
in.KubeAPIServer.DeepCopyInto(&out.KubeAPIServer)
in.KubeControllerManager.DeepCopyInto(&out.KubeControllerManager)
in.KubeScheduler.DeepCopyInto(&out.KubeScheduler)
in.CloudControllerManager.DeepCopyInto(&out.CloudControllerManager)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplate.
func (in *Rke2ControlPlaneTemplate) DeepCopy() *Rke2ControlPlaneTemplate {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ServerConfig.
func (in *RKE2ServerConfig) DeepCopy() *RKE2ServerConfig {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneTemplate)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ControlPlaneTemplate) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneTemplateList) DeepCopyInto(out *Rke2ControlPlaneTemplateList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]Rke2ControlPlaneTemplate, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateList.
func (in *Rke2ControlPlaneTemplateList) DeepCopy() *Rke2ControlPlaneTemplateList {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneTemplateList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Rke2ControlPlaneTemplateList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneTemplateSpec) DeepCopyInto(out *Rke2ControlPlaneTemplateSpec) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateSpec.
func (in *Rke2ControlPlaneTemplateSpec) DeepCopy() *Rke2ControlPlaneTemplateSpec {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneTemplateSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rke2ControlPlaneTemplateStatus) DeepCopyInto(out *Rke2ControlPlaneTemplateStatus) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateStatus.
func (in *Rke2ControlPlaneTemplateStatus) DeepCopy() *Rke2ControlPlaneTemplateStatus {
if in == nil {
return nil
}
out := new(Rke2ControlPlaneTemplateStatus)
out := new(RKE2ServerConfig)
in.DeepCopyInto(out)
return out
}

761
controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml
View File

@ -9,8 +9,8 @@ metadata:
spec:
group: controlplane.cluster.x-k8s.io
names:
kind: Rke2ControlPlane
listKind: Rke2ControlPlaneList
kind: RKE2ControlPlane
listKind: RKE2ControlPlaneList
plural: rke2controlplanes
singular: rke2controlplane
scope: Namespaced
@ -18,7 +18,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rke2ControlPlane is the Schema for the rke2controlplanes API
description: RKE2ControlPlane is the Schema for the rke2controlplanes API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -33,15 +33,760 @@ spec:
metadata:
type: object
spec:
description: Rke2ControlPlaneSpec defines the desired state of Rke2ControlPlane
description: RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane
properties:
foo:
description: Foo is an example field of Rke2ControlPlane. Edit rke2controlplane_types.go
to remove/update
cisProfile:
description: CISProfile activates CIS compliance of RKE2 for a certain
profile
enum:
- cis-1.23
type: string
containerRuntimeEndpoint:
description: ContainerRuntimeEndpoint Disable embedded containerd
and use alternative CRI implementation.
type: string
dataDir:
description: DataDir Folder to hold state.
type: string
enableContainerdSElinux:
description: EnableContainerdSElinux defines the policy for enabling
SELinux for Containerd if value is true, Containerd will run with
selinux-enabled=true flag if value is false, Containerd will run
without the above flag
type: boolean
imageCredentialProviderConfigMap:
description: ImageCredentialProviderConfigMap is a reference to the
ConfigMap that contains credential provider plugin config The configMap
should contain a YAML file content + a Path to the Binaries for
Credential Provider.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
kubeProxy:
description: KubeProxyArgs Customized flag for kube-proxy process.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments to pass
to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to pass
on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubelet:
description: KubeletArgs Customized flag for kubelet process.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments to pass
to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to pass
on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubeletPath:
description: KubeletPath Override kubelet binary path.
type: string
manifestsConfigMapReference:
description: ManifestsConfigMapReference references a ConfigMap which
contains Kubernetes manifests to be deployed automatically on the
cluster Each data entry in the ConfigMap will be will be copied
to a folder on the control plane nodes that RKE2 scans and uses
to deploy manifests.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
nodeLabels:
description: NodeLabels Registering and starting kubelet with set
of labels.
items:
type: string
type: array
nodeName:
description: NodeNamePrefix Prefix to the Node Name that CAPI will
generate.
type: string
nodeTaints:
description: NodeTaints Registering kubelet with set of taints.
items:
type: string
type: array
ntp:
description: NTP specifies NTP configuration
properties:
enabled:
description: Enabled specifies whether NTP should be enabled
type: boolean
servers:
description: Servers specifies which NTP servers to use
items:
type: string
type: array
type: object
protectKernelDefaults:
description: ProtectKernelDefaults defines Kernel tuning behavior.
If true, error if kernel tunables are different than kubelet defaults.
if false, kernel tunable can be different from kubelet defaults
type: boolean
resolvConf:
description: ResolvConf is a reference to a ConfigMap containing resolv.conf
content for the node.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
serverConfig:
description: ServerConfig specifies configuration for the agent nodes.
properties:
advertiseAddress:
description: 'AdvertiseAddress IP address that apiserver uses
to advertise to members of the cluster (default: node-external-ip/node-ip).'
type: string
auditPolicySecret:
description: AuditPolicySecret Path to the file that defines the
audit policy configuration.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
bindAddress:
description: 'BindAddress describes the rke2 bind address (default:
0.0.0.0).'
type: string
cloudControllerManager:
description: CloudControllerManager defines optional custom configuration
of the Cloud Controller Manager.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
cloudProviderConfigMap:
description: CloudProviderConfigMap is a reference to a ConfigMap
containing Cloud provider configuration.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part
of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
cloudProviderName:
description: CloudProviderName Cloud provider name.
type: string
clusterDNS:
description: 'ClusterDNS is the cluster IP for CoreDNS service.
Should be in your service-cidr range (default: 10.43.0.10).'
type: string
clusterDomain:
description: 'ClusterDomain is the cluster domain name (default:
"cluster.local").'
type: string
cni:
description: 'CNI describes the CNI Plugins to deploy, one of
none, calico, canal, cilium; optionally with multus as the first
value to enable the multus meta-plugin (default: canal).'
enum:
- none
- calico
- canal
- cilium
type: string
disableComponents:
description: DisableComponents lists Kubernetes components and
RKE2 plugin components that will be disabled.
properties:
kubernetesComponents:
description: KubernetesComponents is a list of Kubernetes
components to disable.
enum:
- scheduler
- kubeProxy
- cloudController
items:
description: 'DisabledKubernetesComponent is an enum field
that can take one of the following values: scheduler,
kubeProxy or cloudController.'
type: string
type: array
pluginComponents:
description: PluginComponents is a list of PluginComponents
to disable.
enum:
- rke2-coredns
- rke2-ingress-nginx
- rke2-metrics-server
items:
description: DisabledItem selects a plugin Components to
be disabled.
type: string
type: array
type: object
etcd:
description: Etcd defines optional custom configuration of ETCD.
properties:
backupConfig:
description: 'BackupConfig defines how RKE2 will snapshot
ETCD: target storage, schedule, etc.'
properties:
directory:
description: 'Directory Directory to save db snapshots.
(Default location: ${data-dir}/db/snapshots).'
type: string
enableAutomaticSnapshots:
description: EnableAutomaticSnapshots defines the policy
for ETCD snapshots. true means automatic snapshots will
be scheduled, false means automatic snapshots will not
be scheduled.
type: boolean
retention:
description: 'Retention Number of snapshots to retain
Default: 5 (default: 5).'
type: string
s3:
description: S3 Enable backup to an S3-compatible Object
Store.
properties:
S3CredentialSecret:
description: S3CredentialSecret is a reference to
a Secret containing the Access Key and Secret Key
necessary to access the target S3 Bucket.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2].
For example, if the object reference is to a
container within a pod, this would take on a
value like: "spec.containers{name}" (where "name"
refers to the name of the container that triggered
the event) or if no container name is specified
"spec.containers[2]" (container with index 2
in this pod). This syntax is chosen only to
have some well-defined way of referencing a
part of an object. TODO: this design is not
final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More
info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which
this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
bucket:
description: Bucket S3 bucket name.
type: string
endpoint:
description: 'Endpoint S3 endpoint url (default: "s3.amazonaws.com").'
type: string
endpointCA:
description: EndpointCA references the Secret that
contains a custom CA that should be trusted to connect
to S3 endpoint.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2].
For example, if the object reference is to a
container within a pod, this would take on a
value like: "spec.containers{name}" (where "name"
refers to the name of the container that triggered
the event) or if no container name is specified
"spec.containers[2]" (container with index 2
in this pod). This syntax is chosen only to
have some well-defined way of referencing a
part of an object. TODO: this design is not
final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More
info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which
this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
enforceSslVerify:
description: EnforceSSLVerify may be set to false
to skip verifying the registry's certificate, default
is true.
type: boolean
folder:
description: Folder S3 folder.
type: string
region:
description: 'Region S3 region / bucket location (optional)
(default: "us-east-1").'
type: string
required:
- S3CredentialSecret
- endpoint
type: object
scheduleCron:
description: 'ScheduleCron Snapshot interval time in cron
spec. eg. every 5 hours ''* */5 * * *'' (default: "0
*/12 * * *").'
type: string
snapshotName:
description: 'SnapshotName Set the base name of etcd snapshots.
Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot").'
type: string
type: object
customConfig:
description: CustomConfig defines the custom settings for
ETCD.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables
to pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to
be added for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references
a container image to override the default one for the
Kubernetes Component
type: string
type: object
exposeEtcdMetrics:
description: ExposeEtcdMetrics defines the policy for ETCD
Metrics exposure. if value is true, ETCD metrics will be
exposed if value is false, ETCD metrics will NOT be exposed
type: boolean
type: object
kubeAPIServer:
description: KubeAPIServer defines optional custom configuration
of the Kube API Server.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubeControllerManager:
description: KubeControllerManager defines optional custom configuration
of the Kube Controller Manager.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
kubeScheduler:
description: KubeScheduler defines optional custom configuration
of the Kube Scheduler.
properties:
extraArgs:
additionalProperties:
type: string
description: ExtraArgs is a map of command line arguments
to pass to a Kubernetes Component command.
type: object
extraEnv:
additionalProperties:
type: string
description: ExtraEnv is a map of environment variables to
pass on to a Kubernetes Component command.
type: object
extraMounts:
additionalProperties:
type: string
description: ExtraMounts is a map of volume mounts to be added
for the Kubernetes component StaticPod
type: object
overrideImage:
description: OverrideImage is a string that references a container
image to override the default one for the Kubernetes Component
type: string
type: object
loadBalancerPort:
description: 'LoadBalancerPort Local port for supervisor client
load-balancer. If the supervisor and apiserver are not colocated
an additional port 1 less than this port will also be used for
the apiserver client load-balancer (default: 6444).'
type: integer
pauseImage:
description: PauseImage Override image to use for pause.
type: string
runtimeImage:
description: RuntimeImage Override image to use for runtime binaries
(containerd, kubectl, crictl, etc).
type: string
service-node-port-range:
description: 'ServiceNodePortRange is the port range to reserve
for services with NodePort visibility (default: "30000-32767").'
type: string
tlsSan:
description: TLSSan Add additional hostname or IP as a Subject
Alternative Name in the TLS cert.
items:
type: string
type: array
type: object
systemDefaultRegistry:
description: SystemDefaultRegistry Private registry to be used for
all system images.
type: string
type: object
status:
description: Rke2ControlPlaneStatus defines the observed state of Rke2ControlPlane
description: RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane
properties:
conditions:
description: Conditions defines current service state of the RKE2Config.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
dataSecretName:
description: DataSecretName is the name of the secret that stores
the bootstrap data script.
type: string
failureMessage:
description: FailureMessage will be set on non-retryable errors.
type: string
failureReason:
description: FailureReason will be set on non-retryable errors.
type: string
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
format: int64
type: integer
ready:
description: Ready indicates the BootstrapData field is ready to be
consumed.
type: boolean
type: object
type: object
served: true

16
controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanetemplates.yaml
View File

@ -9,8 +9,8 @@ metadata:
spec:
group: controlplane.cluster.x-k8s.io
names:
kind: Rke2ControlPlaneTemplate
listKind: Rke2ControlPlaneTemplateList
kind: RKE2ControlPlaneTemplate
listKind: RKE2ControlPlaneTemplateList
plural: rke2controlplanetemplates
singular: rke2controlplanetemplate
scope: Namespaced
@ -18,7 +18,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rke2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates
description: RKE2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates
API
properties:
apiVersion:
@ -34,17 +34,17 @@ spec:
metadata:
type: object
spec:
description: Rke2ControlPlaneTemplateSpec defines the desired state of
Rke2ControlPlaneTemplate
description: RKE2ControlPlaneTemplateSpec defines the desired state of
RKE2ControlPlaneTemplate
properties:
foo:
description: Foo is an example field of Rke2ControlPlaneTemplate.
description: Foo is an example field of RKE2ControlPlaneTemplate.
Edit rke2controlplanetemplate_types.go to remove/update
type: string
type: object
status:
description: Rke2ControlPlaneTemplateStatus defines the observed state
of Rke2ControlPlaneTemplate
description: RKE2ControlPlaneTemplateStatus defines the observed state
of RKE2ControlPlaneTemplate
type: object
type: object
served: true

12
controlplane/internal/controllers/rke2controlplane_controller.go
View File

@ -27,8 +27,8 @@ import (
controlplanev1 "github.com/rancher-sandbox/cluster-api-provider-rke2/controlplane/api/v1alpha1"
)
// Rke2ControlPlaneReconciler reconciles a Rke2ControlPlane object
type Rke2ControlPlaneReconciler struct {
// RKE2ControlPlaneReconciler reconciles a RKE2ControlPlane object
type RKE2ControlPlaneReconciler struct {
client.Client
Scheme *runtime.Scheme
}
@ -42,13 +42,13 @@ type Rke2ControlPlaneReconciler struct {
// Reconcile is part of the main kubernetes reconciliation loop which aims to
// move the current state of the cluster closer to the desired state.
// TODO(user): Modify the Reconcile function to compare the state specified by
// the Rke2ControlPlane object against the actual cluster state, and then
// the RKE2ControlPlane object against the actual cluster state, and then
// perform operations to make the cluster state reflect the state specified by
// the user.
//
// For more details, check Reconcile and its Result here:
// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.12.2/pkg/reconcile
func (r *Rke2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
func (r *RKE2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
_ = log.FromContext(ctx)
// TODO(user): your logic here
@ -57,8 +57,8 @@ func (r *Rke2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Req
}
// SetupWithManager sets up the controller with the Manager.
func (r *Rke2ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error {
func (r *RKE2ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error {
return ctrl.NewControllerManagedBy(mgr).
For(&controlplanev1.Rke2ControlPlane{}).
For(&controlplanev1.RKE2ControlPlane{}).
Complete(r)
}

12
controlplane/main.go
View File

@ -89,19 +89,19 @@ func main() {
os.Exit(1)
}
if err = (&controllers.Rke2ControlPlaneReconciler{
if err = (&controllers.RKE2ControlPlaneReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "Rke2ControlPlane")
setupLog.Error(err, "unable to create controller", "controller", "RKE2ControlPlane")
os.Exit(1)
}
if err = (&controlplanev1.Rke2ControlPlane{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ControlPlane")
if err = (&controlplanev1.RKE2ControlPlane{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "RKE2ControlPlane")
os.Exit(1)
}
if err = (&controlplanev1.Rke2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ControlPlaneTemplate")
if err = (&controlplanev1.RKE2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create webhook", "webhook", "RKE2ControlPlaneTemplate")
os.Exit(1)
}
//+kubebuilder:scaffold:builder

518
docs/RKE2 Cluster API Provider - Data Type definitions.md Normal file
View File

@ -0,0 +1,518 @@
# RKE2 Cluster API Provider - Data Type definitions
## Introduction
The Cluster API Bootstrap provider for RKE2 has a goal of provisioning RKE2 on a Cluster API machine. It relies on `cloud-init` to provision files, modify configuration and run commands on the machine.
The idea is that the provider gives the user a large choice of configuration options, but uses as many sensible default as possible to avoid overburdening the user.
Therefore a particular attention has to be given to the kinds of manifests the end user should write. This document aims at documenting the process with which the data types for these manifests have been thought through.
## Configuration options
RKE2 is a very configurable Kubernetes distribution. The main ways to configure RKE2 are as follows:
- config.yaml file (default location at /etc/rancher/rke2/): configuration options for RKE2 that are described in this [documentation page]([Server Configuration Reference - RKE2 - Rancher's Next Generation Kubernetes Distribution](https://docs.rke2.io/install/install_options/server_config/))
- registries.yaml ()
- Environement variables for versions, etc. (options documented [here]([Overview - RKE2 - Rancher's Next Generation Kubernetes Distribution](https://docs.rke2.io/install/install_options/install_options/#configuring-the-linux-installation-script)))
- Possibly automatically deploy manifests in `/var/lib/rancher/rke2/server/manifests/`
- Should be possible to deploy in **Air-Gapped** mode
<mark>Question: Should the use be able to uninstall ?</mark>
### First configuration section: config.yaml
In order to make RKE2 installation sufficiently configurable, we rely on the documentation page above and implement all options.
This is what the page shows for RKE2 **<u>servers</u>**:
```
--config FILE, -c FILE (config) Load configuration from FILE (default: "/etc/rancher/rke2/config.yaml") [$RKE2_CONFIG_FILE]
--debug (logging) Turn on debug logs [$RKE2_DEBUG]
--bind-address value (listener) rke2 bind address (default: 0.0.0.0)
--advertise-address value (listener) IPv4 address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip)
--tls-san value (listener) Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert
--data-dir value, -d value (data) Folder to hold state (default: "/var/lib/rancher/rke2")
--cluster-cidr value (networking) IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16)
--service-cidr value (networking) IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16)
--service-node-port-range value (networking) Port range to reserve for services with NodePort visibility (default: "30000-32767")
--cluster-dns value (networking) IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10)
--cluster-domain value (networking) Cluster Domain (default: "cluster.local")
--token value, -t value (cluster) Shared secret used to join a server or agent to a cluster [$RKE2_TOKEN]
--token-file value (cluster) File containing the cluster-secret/token [$RKE2_TOKEN_FILE]
--write-kubeconfig value, -o value (client) Write kubeconfig for admin client to this file [$RKE2_KUBECONFIG_OUTPUT]
--write-kubeconfig-mode value (client) Write kubeconfig with this mode [$RKE2_KUBECONFIG_MODE]
--kube-apiserver-arg value (flags) Customized flag for kube-apiserver process
--etcd-arg value (flags) Customized flag for etcd process
--kube-controller-manager-arg value (flags) Customized flag for kube-controller-manager process
--kube-scheduler-arg value (flags) Customized flag for kube-scheduler process
--etcd-expose-metrics (db) Expose etcd metrics to client interface. (Default false)
--etcd-disable-snapshots (db) Disable automatic etcd snapshots
--etcd-snapshot-name value (db) Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot")
--etcd-snapshot-schedule-cron value (db) Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *")
--etcd-snapshot-retention value (db) Number of snapshots to retain Default: 5 (default: 5)
--etcd-snapshot-dir value (db) Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots)
--etcd-s3 (db) Enable backup to S3
--etcd-s3-endpoint value (db) S3 endpoint url (default: "s3.amazonaws.com")
--etcd-s3-endpoint-ca value (db) S3 custom CA cert to connect to S3 endpoint
--etcd-s3-skip-ssl-verify (db) Disables S3 SSL certificate validation
--etcd-s3-access-key value (db) S3 access key [$AWS_ACCESS_KEY_ID]
--etcd-s3-secret-key value (db) S3 secret key [$AWS_SECRET_ACCESS_KEY]
--etcd-s3-bucket value (db) S3 bucket name
--etcd-s3-region value (db) S3 region / bucket location (optional) (default: "us-east-1")
--etcd-s3-folder value (db) S3 folder
--disable value (components) Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-metrics-server)
--disable-scheduler (components) Disable Kubernetes default scheduler
--disable-cloud-controller (components) Disable rke2 default cloud controller manager
--disable-kube-proxy (components) Disable running kube-proxy
--node-name value (agent/node) Node name [$RKE2_NODE_NAME]
--node-label value (agent/node) Registering and starting kubelet with set of labels
--node-taint value (agent/node) Registering kubelet with set of taints
--image-credential-provider-bin-dir value (agent/node) The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin")
--image-credential-provider-config value (agent/node) The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml")
--container-runtime-endpoint value (agent/runtime) Disable embedded containerd and use alternative CRI implementation
--snapshotter value (agent/runtime) Override default containerd snapshotter (default: "overlayfs")
--private-registry value (agent/runtime) Private registry configuration file (default: "/etc/rancher/rke2/registries.yaml")
--node-ip value, -i value (agent/networking) IPv4/IPv6 addresses to advertise for node
--node-external-ip value (agent/networking) IPv4/IPv6 external IP addresses to advertise for node
--resolv-conf value (agent/networking) Kubelet resolv.conf file [$RKE2_RESOLV_CONF]
--kubelet-arg value (agent/flags) Customized flag for kubelet process
--kube-proxy-arg value (agent/flags) Customized flag for kube-proxy process
--protect-kernel-defaults (agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.
--agent-token value (experimental/cluster) Shared secret used to join agents to the cluster, but not servers [$RKE2_AGENT_TOKEN]
--agent-token-file value (experimental/cluster) File containing the agent secret [$RKE2_AGENT_TOKEN_FILE]
--server value, -s value (experimental/cluster) Server to connect to, used to join a cluster [$RKE2_URL]
--cluster-reset (experimental/cluster) Forget all peers and become sole member of a new cluster [$RKE2_CLUSTER_RESET]
--cluster-reset-restore-path value (db) Path to snapshot file to be restored
--system-default-registry value (image) Private registry to be used for all system images [$RKE2_SYSTEM_DEFAULT_REGISTRY]
--selinux (agent/node) Enable SELinux in containerd [$RKE2_SELINUX]
--lb-server-port value (agent/node) Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444) [$RKE2_LB_SERVER_PORT]
--cni value (networking) CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal) [$RKE2_CNI]
--kube-apiserver-image value (image) Override image to use for kube-apiserver [$RKE2_KUBE_APISERVER_IMAGE]
--kube-controller-manager-image value (image) Override image to use for kube-controller-manager [$RKE2_KUBE_CONTROLLER_MANAGER_IMAGE]
--kube-proxy-image value (image) Override image to use for kube-proxy [$RKE2_KUBE_PROXY_IMAGE]
--kube-scheduler-image value (image) Override image to use for kube-scheduler [$RKE2_KUBE_SCHEDULER_IMAGE]
--pause-image value (image) Override image to use for pause [$RKE2_PAUSE_IMAGE]
--runtime-image value (image) Override image to use for runtime binaries (containerd, kubectl, crictl, etc) [$RKE2_RUNTIME_IMAGE]
--etcd-image value (image) Override image to use for etcd [$RKE2_ETCD_IMAGE]
--kubelet-path value (experimental/agent) Override kubelet binary path [$RKE2_KUBELET_PATH]
--cloud-provider-name value (cloud provider) Cloud provider name [$RKE2_CLOUD_PROVIDER_NAME]
--cloud-provider-config value (cloud provider) Cloud provider configuration file path [$RKE2_CLOUD_PROVIDER_CONFIG]
--profile value (security) Validate system configuration against the selected benchmark (valid items: cis-1.23 ) [$RKE2_CIS_PROFILE]
--audit-policy-file value (security) Path to the file that defines the audit policy configuration [$RKE2_AUDIT_POLICY_FILE]
--control-plane-resource-requests value (components) Control Plane resource requests [$RKE2_CONTROL_PLANE_RESOURCE_REQUESTS]
--control-plane-resource-limits value (components) Control Plane resource limits [$RKE2_CONTROL_PLANE_RESOURCE_LIMITS]
--kube-apiserver-extra-mount value (components) kube-apiserver extra volume mounts [$RKE2_KUBE_APISERVER_EXTRA_MOUNT]
--kube-scheduler-extra-mount value (components) kube-scheduler extra volume mounts [$RKE2_KUBE_SCHEDULER_EXTRA_MOUNT]
--kube-controller-manager-extra-mount value (components) kube-controller-manager extra volume mounts [$RKE2_KUBE_CONTROLLER_MANAGER_EXTRA_MOUNT]
--kube-proxy-extra-mount value (components) kube-proxy extra volume mounts [$RKE2_KUBE_PROXY_EXTRA_MOUNT]
--etcd-extra-mount value (components) etcd extra volume mounts [$RKE2_ETCD_EXTRA_MOUNT]
--cloud-controller-manager-extra-mount value (components) cloud-controller-manager extra volume mounts [$RKE2_CLOUD_CONTROLLER_MANAGER_EXTRA_MOUNT]
--kube-apiserver-extra-env value (components) kube-apiserver extra environment variables [$RKE2_KUBE_APISERVER_EXTRA_ENV]
--kube-scheduler-extra-env value (components) kube-scheduler extra environment variables [$RKE2_KUBE_SCHEDULER_EXTRA_ENV]
--kube-controller-manager-extra-env value (components) kube-controller-manager extra environment variables [$RKE2_KUBE_CONTROLLER_MANAGER_EXTRA_ENV]
--kube-proxy-extra-env value (components) kube-proxy extra environment variables [$RKE2_KUBE_PROXY_EXTRA_ENV]
--etcd-extra-env value (components) etcd extra environment variables [$RKE2_ETCD_EXTRA_ENV]
--cloud-controller-manager-extra-env value (components) cloud-controller-manager extra environment variables [$RKE2_CLOUD_CONTROLLER_MANAGER_EXTRA_ENV]```
```
In order to transform that into a struct, we can use the following regex which catches each line with its formatting:
```regex
*--([a-z0-9\-]*) (value(, \-[a-z] value){0,1}){0,1} *\([a-z/]*\) ([\u\l ,\d/\.\-]*)(.*$)
```
with the following for replacement:
```regex
// $1 $4\n//+optional\n$1\n$5\n\n
```
This will create a pseudo-struct definition that does not satisfy the Kubernetes API and Golang guidelines for attribute naming
### Filtering previous
- Token
- TokenFile
Are probably not needed since the token can be generated automatically and should not necessarily be known to/provided by the user. After some work on the attribute formatting and some clean up, we can get the first workable intermediate result.
### Intermediate result
This shows a first usable intermediate result:
```go
type RKE2ServerConfig struct {
// Debug is boolean that turns on debug logs if true (default: false)
//+optional
Debug bool `json:"debug,omitempty"`
// BindAddress describes the rke2 bind address (default: 0.0.0.0)
// +optional
BindAddress string `json:"bindAddress,omitempty"`
// AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip)
// +optional
AdvertiseAddress string `json:"advertiseAddress,omitempty"`
// TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert
// +optional
TLSSan []string `json:"tlsSan,omitempty"`
// DataDir is the Folder to hold RKE2's state (default: "/var/lib/rancher/rke2")
//+optional
DataDir string `json:"data-dir,omitempty"`
// ClusterCidr Network CIDR to use for pod IPs (default: "10.42.0.0/16")
// +optional
ClusterCidr string `json:"clusterCidr,omitempty"`
// ServiceCidr Network CIDR to use for services IPs (default: "10.43.0.0/16")
// +optional
ServiceCidr string `json:"serviceCidr,omitempty"`
// ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767")
//+optional
ServiceNodePortRange string `json:"service-node-port-range,omitempty"`
// ClusterDNS Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10)
// +optional
ClusterDNS string `json:"clusterDNS,omitempty"`
// ClusterDomain Cluster Domain (default: "cluster.local")
// +optional
ClusterDomain string `json:"clusterDomain,omitempty"`
// TODO: Remove both Token and TokenFile attributes
// token Shared secret used to join a server or agent to a cluster
//+optional
//Token string `json:"token,omitempty"`
// token-file File containing the cluster-secret/token
//+optional
//TokenFile string `json:"token-file,omitempty"`
// WriteKubeconfig path to which kubeconfig file for admin client will be written
// +optional
WriteKubeconfig string `json:"writeKubeconfig,omitempty"`
// WriteKubeconfigMode Write kubeconfig with this mode
// +optional
WriteKubeconfigMode string `json:"writeKubeconfigMode,omitempty"`
// KubeApiserverArgs Customized flag for kube-apiserver process
// +optional
KubeApiserverArgs []string `json:"kubeApiserverArgs,omitempty"`
// EtcdArgs Customized flag for etcd process
// +optional
EtcdArgs []string `json:"etcdArgs,omitempty"`
// KubeControllerManagerArgs Customized flag for kube-controller-manager process
// +optional
KubeControllerManagerArgs []string `json:"kubeControllerManagerArgs,omitempty"`
// KubeSchedulerArgs Customized flag for kube-scheduler process
// +optional
KubeSchedulerArgs []string `json:"kubeSchedulerArgs,omitempty"`
// EtcdExposeMetrics Expose etcd metrics to client interface. (Default false)
// +optional
EtcdExposeMetrics string `json:"etcdExposeMetrics,omitempty"`
// EtcdDisableSnapshots Disable automatic etcd snapshots
// +optional
EtcdDisableSnapshots string `json:"etcdDisableSnapshots,omitempty"`
// EtcdSnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot")
// +optional
EtcdSnapshotName string `json:"etcdSnapshotName,omitempty"`
// EtcdSnapshotScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *")
// +optional
EtcdSnapshotScheduleCron string `json:"etcdSnapshotScheduleCron,omitempty"`
// EtcdSnapshotRetention Number of snapshots to retain Default: 5 (default: 5)
// +optional
EtcdSnapshotRetention string `json:"etcdSnapshotRetention,omitempty"`
// EtcdSnapshotDir Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots)
// +optional
EtcdSnapshotDir string `json:"etcdSnapshotDir,omitempty"`
// EtcdS3 Enable backup to S3
// +optional
EtcdS3 string `json:"etcdS3,omitempty"`
// EtcdS3Endpoint S3 endpoint url (default: "s3.amazonaws.com")
// +optional
EtcdS3Endpoint string `json:"etcdS3Endpoint,omitempty"`
// EtcdS3EndpointCa S3 custom CA cert to connect to S3 endpoint
// +optional
EtcdS3EndpointCa string `json:"etcdS3EndpointCa,omitempty"`
// EtcdS3SkipSslVerify Disables S3 SSL certificate validation
// +optional
EtcdS3SkipSslVerify string `json:"etcdS3SkipSslVerify,omitempty"`
// EtcdS3AccessKey S3 access key
// +optional
EtcdS3AccessKey string `json:"etcdS3AccessKey,omitempty"`
// EtcdS3SecretKey S3 secret key
// +optional
EtcdS3SecretKey string `json:"etcdS3SecretKey,omitempty"`
// EtcdS3Bucket S3 bucket name
// +optional
EtcdS3Bucket string `json:"etcdS3Bucket,omitempty"`
// EtcdS3Region S3 region / bucket location (optional) (default: "us-east-1")
// +optional
EtcdS3Region string `json:"etcdS3Region,omitempty"`
// EtcdS3Folder S3 folder
// +optional
EtcdS3Folder string `json:"etcdS3Folder,omitempty"`
// Disable Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-metrics-server)
// +optional
Disable []DisabledItem `json:"disable,omitempty"`
// DisableScheduler Disable Kubernetes default scheduler
// +optional
DisableScheduler string `json:"disable-scheduler,omitempty"`
// DisableCloudController Disable rke2 default cloud controller manager
// +optional
DisableCloudController string `json:"disableCloudController,omitempty"`
// DisableKubeProxy Disable running kube-proxy
// +optional
DisableKubeProxy string `json:"disableKubeProxy,omitempty"`
// NodeName Node name
// +optional
NodeName string `json:"nodeName,omitempty"`
// NodeLabel Registering and starting kubelet with set of labels
// +optional
NodeLabel string `json:"nodeLabel,omitempty"`
// NodeTaint Registering kubelet with set of taints
// +optional
NodeTaint string `json:"nodeTaint,omitempty"`
// ImageCredentialProviderBinDir The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin")
// +optional
ImageCredentialProviderBinDir string `json:"imageCredentialProviderBinDir,omitempty"`
// ImageCredentialProviderConfig The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml")
// +optional
ImageCredentialProviderConfig string `json:"imageCredentialProviderConfig,omitempty"`
// ContainerRuntimeEndpoint Disable embedded containerd and use alternative CRI implementation
// +optional
ContainerRuntimeEndpoint string `json:"containerRuntimeEndpoint,omitempty"`
// Snapshotter Override default containerd snapshotter (default: "overlayfs")
// +optional
Snapshotter string `json:"snapshotter,omitempty"`
// TODO: Decide if user should be able to do this here, registries.yaml might integrated in ConfigSpec.
// PrivateRegistry Private registry configuration file (default: "/etc/rancher/rke2/registries.yaml")
// +optional
PrivateRegistry string `json:"privateRegistry,omitempty"`
// NodeIp IPv4/IPv6 addresses to advertise for node
// +optional
NodeIp string `json:"nodeIp,omitempty"`
// NodeExternalIp IPv4/IPv6 external IP addresses to advertise for node
// +optional
NodeExternalIp string `json:"nodeExternalIp,omitempty"`
// ResolvConf Kubelet resolv.conf file
// +optional
ResolvConf string `json:"resolvConf,omitempty"`
// KubeletArgs Customized flag for kubelet process
// +optional
KubeletArgs []string `json:"kubeletArgs,omitempty"`
// KubeProxyArgs Customized flag for kube-proxy process
// +optional
KubeProxyArgs []string `json:"kubeProxyArgs,omitempty"`
// ProtectKernelDefaults Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.
// +optional
ProtectKernelDefaults string `json:"protectKernelDefaults,omitempty"`
// AgentToken Shared secret used to join agents to the cluster, but not servers
// +optional
AgentToken string `json:"agentToken,omitempty"`
// AgentTokenFile File containing the agent secret
// +optional
AgentTokenFile string `json:"agentTokenFile,omitempty"`
// Server Server to connect to, used to join a cluster
// +optional
Server string `json:"server,omitempty"`
// ClusterReset Forget all peers and become sole member of a new cluster
// +optional
ClusterReset string `json:"clusterReset,omitempty"`
// ClusterResetRestorePath Path to snapshot file to be restored
// +optional
ClusterResetRestorePath string `json:"clusterResetRestorePath,omitempty"`
// SystemDefaultRegistry Private registry to be used for all system images
// +optional
SystemDefaultRegistry string `json:"systemDefaultRegistry,omitempty"`
// Selinux Enable SELinux in containerd
// +optional
Selinux string `json:"selinux,omitempty"`
// LbServerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444)
// +optional
LbServerPort string `json:"lbServerPort,omitempty"`
// Cni CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal)
// +optional
Cni Cni `json:"cni,omitempty"`
// KubeApiserverImage Override image to use for kube-apiserver
// +optional
KubeApiserverImage string `json:"kubeApiserverImage,omitempty"`
// KubeControllerManagerImage Override image to use for kube-controller-manager
// +optional
KubeControllerManagerImage string `json:"kubeControllerManagerImage,omitempty"`
// KubeProxyImage Override image to use for kube-proxy
// +optional
KubeProxyImage string `json:"kubeProxyImage,omitempty"`
// KubeSchedulerImage Override image to use for kube-scheduler
// +optional
KubeSchedulerImage string `json:"kubeSchedulerImage,omitempty"`
// PauseImage Override image to use for pause
// +optional
PauseImage string `json:"pauseImage,omitempty"`
// RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc)
// +optional
RuntimeImage string `json:"runtimeImage,omitempty"`
// EtcdImage Override image to use for etcd
// +optional
EtcdImage string `json:"etcdImage,omitempty"`
// KubeletPath Override kubelet binary path
// +optional
KubeletPath string `json:"kubeletPath,omitempty"`
// CloudProviderName Cloud provider name
//
// +optional
CloudProviderName string `json:"cloudProviderName,omitempty"`
// CloudProviderConfig Cloud provider configuration file path
//
// +optional
CloudProviderConfig string `json:"cloudProviderConfig,omitempty"`
// NOTE: this was only profile, changed it to cisProfile
// CisProfile Validate system configuration against the selected benchmark (valid items: cis-1.23 )
// +optional
CisProfile CisProfile `json:"cisProfile,omitempty"`
// AuditPolicyFile Path to the file that defines the audit policy configuration
// +optional
AuditPolicyFile string `json:"auditPolicyFile,omitempty"`
// ControlPlaneResourceRequests Control Plane resource requests
// +optional
ControlPlaneResourceRequests string `json:"controlPlaneResourceRequests,omitempty"`
// ControlPlaneResourceLimits Control Plane resource limits
// +optional
ControlPlaneResourceLimits string `json:"controlPlaneResourceLimits,omitempty"`
// KubeApiserverExtraMount kube-apiserver extra volume mounts
// +optional
KubeApiserverExtraMount string `json:"kubeApiserverExtraMount,omitempty"`
// KubeSchedulerExtraMount kube-scheduler extra volume mounts
// +optional
KubeSchedulerExtraMount string `json:"kubeSchedulerExtraMount,omitempty"`
// KubeControllerManagerExtraMount kube-controller-manager extra volume mounts
// +optional
KubeControllerManagerExtraMount string `json:"kubeControllerManagerExtraMount,omitempty"`
// KubeProxyExtraMount kube-proxy extra volume mounts
// +optional
KubeProxyExtraMount string `json:"kubeProxyExtraMount,omitempty"`
// EtcdExtraMount etcd extra volume mounts
// +optional
EtcdExtraMount string `json:"etcdExtraMount,omitempty"`
// CloudControllerManagerExtraMount cloud-controller-manager extra volume mounts
// +optional
CloudControllerManagerExtraMount string `json:"cloudControllerManagerExtraMount,omitempty"`
// KubeApiserverExtraEnv kube-apiserver extra environment variables
// +optional
KubeApiserverExtraEnv string `json:"kubeApiserverExtraEnv,omitempty"`
// KubeSchedulerExtraEnv kube-scheduler extra environment variables
// +optional
KubeSchedulerExtraEnv string `json:"kubeSchedulerExtraEnv,omitempty"`
// KubeControllerManagerExtraEnv kube-controller-manager extra environment variables
// +optional
KubeControllerManagerExtraEnv string `json:"kubeControllerManagerExtraEnv,omitempty"`
// KubeProxyExtraEnv kube-proxy extra environment variables
// +optional
KubeProxyExtraEnv string `json:"kubeProxyExtraEnv,omitempty"`
// EtcdExtraEnv etcd extra environment variables
// +optional
EtcdExtraEnv string `json:"etcdExtraEnv,omitempty"`
// CloudControllerManagerExtraEnv cloud-controller-manager extra environment variables
// +optional
CloudControllerManagerExtraEnv string `json:"cloudControllerManagerExtraEnv,omitempty"`
}
// DisabledItem selects a plugin Components to be disabled
// +kubebuilder:validation:enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server
type DisabledItem string
// CisProfile defines the CIS Benchmark profile to be activated in RKE2
// +kubebuilder:validation:enum=cis-1.23
type CisProfile string
// Cni defines the Cni options for deploying RKE2
// +kubebuilder:validation:enum=none;calico;canal;cilium
type Cni string
```

264
docs/Structures Relationships.uml Normal file
View File

@ -0,0 +1,264 @@
@startuml
namespace v1beta1 {
class AuthConfig << (S,Aquamarine) >> {
+ Username string
+ Password string
+ Auth string
+ IdentityToken string
}
class ComponentConfig << (S,Aquamarine) >> {
+ ExtraEnv <font color=blue>map</font>[string]string
+ ExtraArgs <font color=blue>map</font>[string]string
+ ExtraMounts <font color=blue>map</font>[string]string
+ OverrideImage string
}
class EtcdBackupConfig << (S,Aquamarine) >> {
+ EtcdDisableSnapshots bool
+ EtcdSnapshotName string
+ EtcdSnapshotScheduleCron string
+ EtcdSnapshotRetention string
+ EtcdSnapshotDir string
+ EtcdS3 EtcdS3
}
class EtcdS3 << (S,Aquamarine) >> {
+ Endpoint string
+ EndpointCa string
+ SkipSslVerify string
+ AccessKey string
+ SecretKey string
+ Bucket string
+ Region string
+ Folder string
}
class File << (S,Aquamarine) >> {
+ Path string
+ Owner string
+ Permissions string
+ Encoding Encoding
+ Content string
+ ContentFrom *FileSource
+ DeepCopyInto(out *File)
+ DeepCopy() *File
}
class FileSource << (S,Aquamarine) >> {
+ Secret SecretFileSource
+ DeepCopyInto(out *FileSource)
+ DeepCopy() *FileSource
}
class Mirror << (S,Aquamarine) >> {
+ Endpoints []string
+ Rewrites <font color=blue>map</font>[string]string
}
class RKE2AgentConfig << (S,Aquamarine) >> {
+ NodeLabels []string
+ NodeTaints []string
+ PrivateRegistry string
+ KubeletArgs []string
+ KubeProxyArgs []string
+ NodeName string
+ DeepCopyInto(out *RKE2AgentConfig)
+ DeepCopy() *RKE2AgentConfig
}
class RKE2Config << (S,Aquamarine) >> {
+ Spec RKE2ConfigSpec
+ Status RKE2ConfigStatus
+ GetConditions() v1beta1.Conditions
+ SetConditions(conditions v1beta1.Conditions)
+ DeepCopyInto(out *RKE2Config)
+ DeepCopy() *RKE2Config
+ DeepCopyObject() runtime.Object
}
class RKE2ConfigList << (S,Aquamarine) >> {
+ Items []RKE2Config
+ DeepCopyInto(out *RKE2ConfigList)
+ DeepCopy() *RKE2ConfigList
+ DeepCopyObject() runtime.Object
}
class RKE2ConfigSpec << (S,Aquamarine) >> {
+ Files []File
+ PreRKE2Commands []string
+ DeployRKE2Commands []string
+ PostRKE2Commands []string
+ AgentConfig RKE2AgentConfig
+ ServerConfig RKE2ServerConfig
+ PrivateRegistriesConfig Registry
+ Version string
+ DeepCopyInto(out *RKE2ConfigSpec)
+ DeepCopy() *RKE2ConfigSpec
}
class RKE2ConfigStatus << (S,Aquamarine) >> {
+ Ready bool
+ BootstrapData []byte
+ DataSecretName *string
+ FailureReason string
+ FailureMessage string
+ ObservedGeneration int64
+ Conditions v1beta1.Conditions
+ DeepCopyInto(out *RKE2ConfigStatus)
+ DeepCopy() *RKE2ConfigStatus
}
class RKE2ConfigTemplate << (S,Aquamarine) >> {
+ Spec RKE2ConfigTemplateSpec
+ DeepCopyInto(out *RKE2ConfigTemplate)
+ DeepCopy() *RKE2ConfigTemplate
+ DeepCopyObject() runtime.Object
}
class RKE2ConfigTemplateList << (S,Aquamarine) >> {
+ Items []RKE2ConfigTemplate
+ DeepCopyInto(out *RKE2ConfigTemplateList)
+ DeepCopy() *RKE2ConfigTemplateList
+ DeepCopyObject() runtime.Object
}
class RKE2ConfigTemplateResource << (S,Aquamarine) >> {
+ Spec RKE2ConfigSpec
+ DeepCopyInto(out *RKE2ConfigTemplateResource)
+ DeepCopy() *RKE2ConfigTemplateResource
}
class RKE2ConfigTemplateSpec << (S,Aquamarine) >> {
+ Template RKE2ConfigTemplateResource
+ DeepCopyInto(out *RKE2ConfigTemplateSpec)
+ DeepCopy() *RKE2ConfigTemplateSpec
}
class RKE2ServerConfig << (S,Aquamarine) >> {
+ BindAddress string
+ AdvertiseAddress string
+ TLSSan []string
+ DataDir string
+ ServiceNodePortRange string
+ ClusterDNS string
+ ClusterDomain string
+ WriteKubeconfig string
+ WriteKubeconfigMode string
+ EtcdExposeMetrics string
+ EtcdBackupConfig EtcdBackupConfig
+ Disable []DisabledItem
+ DisableScheduler string
+ DisableCloudController string
+ DisableKubeProxy string
+ NodeName string
+ NodeLabel string
+ NodeTaint string
+ ImageCredentialProviderBinDir string
+ ImageCredentialProviderConfig string
+ ContainerRuntimeEndpoint string
+ Snapshotter string
+ PrivateRegistry string
+ NodeIp string
+ NodeExternalIp string
+ ResolvConf string
+ ProtectKernelDefaults string
+ SystemDefaultRegistry string
+ Selinux string
+ LbServerPort string
+ Cni Cni
+ PauseImage string
+ RuntimeImage string
+ KubeletPath string
+ CloudProviderName string
+ CloudProviderConfig string
+ CisProfile CisProfile
+ AuditPolicyFile string
+ ControlPlaneResourceRequests string
+ ControlPlaneResourceLimits string
+ Etcd ComponentConfig
+ KubeApiServer ComponentConfig
+ KubeControllerManager ComponentConfig
+ KubeScheduler ComponentConfig
+ KubeProxy ComponentConfig
+ CloudControllerManager ComponentConfig
+ Kubelet ComponentConfig
+ DeepCopyInto(out *RKE2ServerConfig)
+ DeepCopy() *RKE2ServerConfig
}
class Registry << (S,Aquamarine) >> {
+ Mirrors <font color=blue>map</font>[string]Mirror
+ Configs <font color=blue>map</font>[string]RegistryConfig
}
class RegistryConfig << (S,Aquamarine) >> {
+ Auth *AuthConfig
+ TLS *TLSConfig
}
class SecretFileSource << (S,Aquamarine) >> {
+ Name string
+ Key string
+ DeepCopyInto(out *SecretFileSource)
+ DeepCopy() *SecretFileSource
}
class TLSConfig << (S,Aquamarine) >> {
+ CAFile string
+ CertFile string
+ KeyFile string
+ InsecureSkipVerify bool
}
class v1beta1.CisProfile << (T, #FF7700) >> {
}
class v1beta1.Cni << (T, #FF7700) >> {
}
class v1beta1.DisabledItem << (T, #FF7700) >> {
}
class v1beta1.Encoding << (T, #FF7700) >> {
}
}
"v1beta1.RKE2ConfigList" *-- "v1beta1.RKE2Config"
"v1beta1.RKE2Config" *-- "v1beta1.RKE2ConfigStatus"
"v1beta1.RKE2Config" *-- "v1beta1.RKE2ConfigSpec"
"v1beta1.RKE2ConfigSpec" *-- "v1beta1.RKE2ServerConfig"
"v1beta1.RKE2ConfigSpec" *-- "v1beta1.File"
"v1beta1.RKE2ConfigSpec" *-- "v1beta1.RKE2AgentConfig"
"v1beta1.RKE2ServerConfig" *-- "v1beta1.EtcdBackupConfig"
"v1beta1.EtcdBackupConfig" *-- "v1beta1.EtcdS3"
"v1beta1.RKE2ServerConfig" *-- "v1beta1.CisProfile"
"v1beta1.RKE2ServerConfig" *-- "v1beta1.Cni"
"v1beta1.RKE2ServerConfig" *-- "v1beta1.DisabledItem"
"v1beta1.RKE2ConfigSpec" *-- "v1beta1.Registry"
"v1beta1.RKE2ServerConfig" *-- "v1beta1.ComponentConfig"
"v1beta1.Registry" *-- "v1beta1.Mirror"
"v1beta1.Registry" *-- "v1beta1.RegistryConfig"
"v1beta1.RegistryConfig" *-- "v1beta1.AuthConfig"
"v1beta1.RegistryConfig" *-- "v1beta1.TLSConfig"
"v1beta1.File" *-- "v1beta1.FileSource"
"v1beta1.File" *-- "v1beta1.Encoding"
"v1beta1.FileSource" *-- "v1beta1.SecretFileSource"
"v1beta1.RKE2ConfigTemplateList" *-- "v1beta1.RKE2ConfigTemplate"
"v1beta1.RKE2ConfigTemplate" *-- "v1beta1.RKE2ConfigTemplateSpec"
"v1beta1.RKE2ConfigTemplateSpec" *-- "v1beta1.RKE2ConfigTemplateResource"
"v1beta1.RKE2ConfigTemplateResource" *-- "v1beta1.RKE2ConfigSpec"
@enduml

10
go.mod
View File

@ -9,6 +9,7 @@ require (
k8s.io/api v0.25.3
k8s.io/apimachinery v0.25.3
k8s.io/client-go v0.25.3
sigs.k8s.io/cluster-api v1.2.5
sigs.k8s.io/controller-runtime v0.13.1
)
@ -23,6 +24,7 @@ require (
github.com/PuerkitoBio/purell v1.1.1 // indirect
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver v3.5.1+incompatible // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.8.0 // indirect
@ -39,8 +41,8 @@ require (
github.com/golang/protobuf v1.5.2 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/gofuzz v1.1.0 // indirect
github.com/google/uuid v1.1.2 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/uuid v1.2.0 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
@ -58,9 +60,9 @@ require (
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.21.0 // indirect
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect
golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
golang.org/x/net v0.1.0 // indirect
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect
golang.org/x/sys v0.1.0 // indirect
golang.org/x/term v0.1.0 // indirect
golang.org/x/text v0.4.0 // indirect

23
go.sum
View File

@ -79,6 +79,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@ -201,8 +203,8 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
@ -222,8 +224,9 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe
github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
@ -369,8 +372,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38=
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 h1:kUhD7nTDoI3fVd9G4ORWrbV5NY0liEs/Jg2pv5f+bBA=
golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -448,6 +451,7 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@ -465,8 +469,8 @@ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ
golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb h1:8tDJ3aechhddbdPAxpycgXHJRMLpk/Ab+aa4OgdN5/g=
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -537,11 +541,13 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0 h1:g6Z6vPFA9dYBAF7DWcH6sCcOntplXsDKcliusYijMlw=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -552,6 +558,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@ -806,6 +813,8 @@ k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/cluster-api v1.2.5 h1:Am4W5ITO0v5FUNkfCuD6gwE29phDt1gyQY9EGWnTYIU=
sigs.k8s.io/cluster-api v1.2.5/go.mod h1:Ye5gn15u+q6VcE+Se7nBMSo6INm55F+zBcCiWzrjxFc=
sigs.k8s.io/controller-runtime v0.13.1 h1:tUsRCSJVM1QQOOeViGeX3GMT3dQF1eePPw6sEE3xSlg=
sigs.k8s.io/controller-runtime v0.13.1/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=