From a60e8456bb1c96e169963da2a232b70732561f12 Mon Sep 17 00:00:00 2001 From: Dmitry Gusev Date: Mon, 30 Sep 2024 19:03:03 +0300 Subject: [PATCH] CAPA v1beta2 API version support (#4625) * Generate capav1beta2 types and functions * Use capav1beta2 types and functions --- package.json | 2 +- scripts/generate/mapi-resources.yaml | 19 +- .../ClusterDetailWidgetProvider.tsx | 7 +- .../ClusterDetailWidgetProviderAWS.tsx | 6 +- .../ClusterDetailWidgetControlPlaneNodes.tsx | 16 +- .../__tests__/ClusterDetailWidgetProvider.tsx | 8 +- .../__tests__/ClusterDetailWidgetVersions.tsx | 6 +- .../ClusterDetail/__tests__/index.tsx | 6 +- .../MAPI/clusters/ClusterDetail/utils.ts | 20 +- .../ClusterList/__tests__/ClusterListItem.tsx | 6 +- .../__tests__/index.tsx | 14 +- .../OrganizationDetailGeneral/utils.ts | 4 +- src/components/MAPI/types.ts | 15 +- src/components/MAPI/utils.ts | 43 +- .../workernodes/ClusterDetailWorkerNodes.tsx | 6 +- .../WorkerNodesNodePoolItemMachineType.tsx | 3 +- .../WorkerNodesSpotInstancesCAPA.tsx | 4 +- .../ClusterDetailWidgetWorkerNodes.tsx | 16 +- .../__tests__/ClusterDetailWorkerNodes.tsx | 6 +- .../__tests__/WorkerNodesNodePoolItem.tsx | 10 +- .../capav1beta1/getAWSClusterRoleIdentity.ts | 31 - src/model/services/mapi/capav1beta1/index.ts | 7 - src/model/services/mapi/capav1beta1/types.ts | 1359 ------ .../getAWSCluster.ts | 2 +- .../getAWSMachinePool.ts | 2 +- .../getAWSMachinePoolList.ts | 4 +- .../getAWSMachineTemplate.ts | 2 +- .../getAWSMachineTemplateList.ts | 4 +- src/model/services/mapi/capav1beta2/index.ts | 5 + src/model/services/mapi/capav1beta2/types.ts | 3667 ++++++++++++++++- src/model/services/mapi/capgv1beta1/types.ts | 422 +- src/model/services/mapi/capzv1beta1/types.ts | 1210 ++++-- .../awsClusterRoleIdentities.ts | 6 +- .../awsClusters.ts | 10 +- .../awsMachinePools.ts | 10 +- .../awsMachineTemplates.ts | 8 +- .../{capav1beta1 => capav1beta2}/index.ts | 0 37 files changed, 4967 insertions(+), 1999 deletions(-) delete mode 100644 src/model/services/mapi/capav1beta1/getAWSClusterRoleIdentity.ts delete mode 100644 src/model/services/mapi/capav1beta1/index.ts delete mode 100644 src/model/services/mapi/capav1beta1/types.ts rename src/model/services/mapi/{capav1beta1 => capav1beta2}/getAWSCluster.ts (93%) rename src/model/services/mapi/{capav1beta1 => capav1beta2}/getAWSMachinePool.ts (93%) rename src/model/services/mapi/{capav1beta1 => capav1beta2}/getAWSMachinePoolList.ts (90%) rename src/model/services/mapi/{capav1beta1 => capav1beta2}/getAWSMachineTemplate.ts (93%) rename src/model/services/mapi/{capav1beta1 => capav1beta2}/getAWSMachineTemplateList.ts (90%) rename test/mockHttpCalls/{capav1beta1 => capav1beta2}/awsClusterRoleIdentities.ts (70%) rename test/mockHttpCalls/{capav1beta1 => capav1beta2}/awsClusters.ts (92%) rename test/mockHttpCalls/{capav1beta1 => capav1beta2}/awsMachinePools.ts (95%) rename test/mockHttpCalls/{capav1beta1 => capav1beta2}/awsMachineTemplates.ts (93%) rename test/mockHttpCalls/{capav1beta1 => capav1beta2}/index.ts (100%) diff --git a/package.json b/package.json index d8af2f5557..c2a4c4cd57 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "storybook": "storybook dev -p 6006", "storybook:build": "storybook build", "postinstall": "husky install", - "generate-mapi": "./node_modules/.bin/ts-node-esm scripts/generate/index.ts && yarn format:staged \"src/model/services/mapi/**/*.{js,ts,tsx}\" --loglevel error" + "generate-mapi": "npx ts-node scripts/generate/index.ts && yarn format:staged \"src/model/services/mapi/**/*.{js,ts,tsx}\" --loglevel error" }, "eslintIgnore": [ "node_modules", diff --git a/scripts/generate/mapi-resources.yaml b/scripts/generate/mapi-resources.yaml index bc87f09a6f..e7a41eac8d 100644 --- a/scripts/generate/mapi-resources.yaml +++ b/scripts/generate/mapi-resources.yaml @@ -1,32 +1,23 @@ -- apiVersionAlias: capav1beta1 - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +- apiVersionAlias: capav1beta2 + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 resources: - name: AWSCluster - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 crdURL: https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-aws/main/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml verbs: - get - - name: AWSClusterRoleIdentity - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - crdURL: https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-aws/main/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusterroleidentities.yaml - verbs: - - get - name: AWSMachinePool - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 crdURL: https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-aws/main/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinepools.yaml verbs: - get - list - name: AWSMachineTemplate - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 crdURL: https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-aws/main/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml verbs: - get - list - -- apiVersionAlias: capav1beta2 - apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 - resources: - name: AWSManagedCluster apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 crdURL: https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-aws/main/config/crd/bases/infrastructure.cluster.x-k8s.io_awsmanagedclusters.yaml diff --git a/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProvider.tsx b/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProvider.tsx index 0188fee66d..74a17bf117 100644 --- a/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProvider.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProvider.tsx @@ -8,7 +8,6 @@ import { } from 'MAPI/types'; import { extractErrorMessage } from 'MAPI/utils'; import { GenericResponseError } from 'model/clients/GenericResponseError'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capzv1beta1 from 'model/services/mapi/capzv1beta1'; @@ -117,11 +116,11 @@ const ClusterDetailWidgetProvider: React.FC< > {isLoading ? ( - ) : kind === capav1beta1.AWSCluster ? ( + ) : kind === capav1beta2.AWSCluster ? ( ) : kind === capav1beta2.AWSManagedCluster ? ( diff --git a/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProviderAWS.tsx b/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProviderAWS.tsx index dd25468943..c5165ebbb7 100644 --- a/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProviderAWS.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/ClusterDetailWidgetProviderAWS.tsx @@ -1,7 +1,7 @@ import { Text } from 'grommet'; import { normalizeColor } from 'grommet/utils'; import { getProviderClusterLocation } from 'MAPI/utils'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as infrav1alpha3 from 'model/services/mapi/infrastructurev1alpha3'; import * as legacyCredentials from 'model/services/mapi/legacy/credentials'; import React from 'react'; @@ -20,9 +20,9 @@ const StyledLink = styled.a` `; interface IClusterDetailWidgetProviderAWSProps { - providerCluster: capav1beta1.IAWSCluster | infrav1alpha3.IAWSCluster; + providerCluster: capav1beta2.IAWSCluster | infrav1alpha3.IAWSCluster; providerCredential?: - | capav1beta1.IAWSClusterRoleIdentity + | capav1beta2.IAWSClusterRoleIdentity | legacyCredentials.ICredential; } diff --git a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetControlPlaneNodes.tsx b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetControlPlaneNodes.tsx index 90ee4d6602..6322bde25f 100644 --- a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetControlPlaneNodes.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetControlPlaneNodes.tsx @@ -4,8 +4,8 @@ import { Providers, StatusCodes } from 'model/constants'; import nock from 'nock'; import React from 'react'; import { SWRConfig } from 'swr'; -import * as capa1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; -import * as capg1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; +import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; import * as capzv1beta1Mocks from 'test/mockHttpCalls/capzv1beta1'; import * as infrav1alpha3Mocks from 'test/mockHttpCalls/infrastructurev1alpha3'; @@ -311,7 +311,7 @@ describe('ClusterDetailWidgetControlPlaneNodes on GCP', () => { ) .reply( StatusCodes.Ok, - capg1beta1Mocks.randomClusterGCP1GCPMachineTemplateListCP + capgv1beta1Mocks.randomClusterGCP1GCPMachineTemplateListCP ); render( @@ -337,7 +337,7 @@ describe('ClusterDetailWidgetControlPlaneNodes on GCP', () => { ) .reply( StatusCodes.Ok, - capg1beta1Mocks.randomClusterGCP1GCPMachineTemplateListCP + capgv1beta1Mocks.randomClusterGCP1GCPMachineTemplateListCP ); render( @@ -375,11 +375,11 @@ describe('ClusterDetailWidgetControlPlaneNodes on CAPA', () => { .reply(StatusCodes.Ok, capiv1beta1Mocks.randomClusterCAPA1MachineList); nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinetemplates/?labelSelector=cluster.x-k8s.io%2Fcluster-name%3Dasdf1%2Ccluster.x-k8s.io%2Frole%3Dcontrol-plane` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinetemplates/?labelSelector=cluster.x-k8s.io%2Fcluster-name%3Dasdf1%2Ccluster.x-k8s.io%2Frole%3Dcontrol-plane` ) .reply( StatusCodes.Ok, - capa1beta1Mocks.randomClusterCAPA1AWSMachineTemplateList + capav1beta2Mocks.randomClusterCAPA1AWSMachineTemplateList ); render( @@ -401,11 +401,11 @@ describe('ClusterDetailWidgetControlPlaneNodes on CAPA', () => { .reply(StatusCodes.Ok, capiv1beta1Mocks.randomClusterCAPA1MachineList); nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinetemplates/?labelSelector=cluster.x-k8s.io%2Fcluster-name%3Dasdf1%2Ccluster.x-k8s.io%2Frole%3Dcontrol-plane` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinetemplates/?labelSelector=cluster.x-k8s.io%2Fcluster-name%3Dasdf1%2Ccluster.x-k8s.io%2Frole%3Dcontrol-plane` ) .reply( StatusCodes.Ok, - capa1beta1Mocks.randomClusterCAPA1AWSMachineTemplateList + capav1beta2Mocks.randomClusterCAPA1AWSMachineTemplateList ); render( diff --git a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetProvider.tsx b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetProvider.tsx index a91ff0e7d7..71f2adba15 100644 --- a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetProvider.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetProvider.tsx @@ -18,7 +18,7 @@ import nock from 'nock'; import React from 'react'; import { useParams } from 'react-router'; import { SWRConfig } from 'swr'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; import * as capzv1beta1Mocks from 'test/mockHttpCalls/capzv1beta1'; @@ -166,7 +166,7 @@ async function setupGCP() { async function setupCAPA() { const utils = setup( capiv1beta1Mocks.randomClusterCAPA1, - capav1beta1Mocks.randomAWSCluster1 + capav1beta2Mocks.randomAWSCluster1 ); if (screen.queryAllByText('Loading...').length > 0) { @@ -447,9 +447,9 @@ describe('ClusterDetailWidgetProvider when user can get AWSClusterRoleIdentity o it('displays cluster region and account ID', async () => { nock(window.config.mapiEndpoint) .get( - '/apis/infrastructure.cluster.x-k8s.io/v1beta1/awsclusterroleidentities/default/' + '/apis/infrastructure.cluster.x-k8s.io/v1beta2/awsclusterroleidentities/default/' ) - .reply(StatusCodes.Ok, capav1beta1Mocks.defaultAWSClusterRoleIdentity); + .reply(StatusCodes.Ok, capav1beta2Mocks.defaultAWSClusterRoleIdentity); await setupCAPA(); const providerInfo = screen.getByTestId('provider-info'); expect(within(providerInfo).getByText('AWS region')).toBeInTheDocument(); diff --git a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetVersions.tsx b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetVersions.tsx index 95e09e605b..d16fdb0e4d 100644 --- a/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetVersions.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/__tests__/ClusterDetailWidgetVersions.tsx @@ -5,7 +5,7 @@ import { Providers, StatusCodes } from 'model/constants'; import nock from 'nock'; import React from 'react'; import { SWRConfig } from 'swr'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; import * as capzv1beta1Mocks from 'test/mockHttpCalls/capzv1beta1'; @@ -166,7 +166,7 @@ describe('ClusterDetailWidgetVersions on CAPA', () => { render( getComponent({ cluster: capiv1beta1Mocks.randomClusterCAPA1, - providerCluster: capav1beta1Mocks.randomAWSCluster1, + providerCluster: capav1beta2Mocks.randomAWSCluster1, }) ); @@ -179,7 +179,7 @@ describe('ClusterDetailWidgetVersions on CAPA', () => { render( getComponent({ cluster: capiv1beta1Mocks.randomClusterCAPA1, - providerCluster: capav1beta1Mocks.randomAWSCluster1, + providerCluster: capav1beta2Mocks.randomAWSCluster1, }) ); diff --git a/src/components/MAPI/clusters/ClusterDetail/__tests__/index.tsx b/src/components/MAPI/clusters/ClusterDetail/__tests__/index.tsx index 897e4e5ca8..b9d763662e 100644 --- a/src/components/MAPI/clusters/ClusterDetail/__tests__/index.tsx +++ b/src/components/MAPI/clusters/ClusterDetail/__tests__/index.tsx @@ -13,7 +13,7 @@ import nock from 'nock'; import React from 'react'; import { useRouteMatch } from 'react-router'; import { SWRConfig } from 'swr'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; import * as capzv1beta1Mocks from 'test/mockHttpCalls/capzv1beta1'; @@ -447,7 +447,7 @@ describe('ClusterDetail', () => { ], }, }; - const providerCluster = capav1beta1Mocks.randomAWSCluster1; + const providerCluster = capav1beta2Mocks.randomAWSCluster1; (useRouteMatch as jest.Mock).mockReturnValue( getRouteMatch(cluster.metadata.name) @@ -465,7 +465,7 @@ describe('ClusterDetail', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/${ + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/${ cluster.metadata.namespace }/awsclusters/${cluster.spec!.infrastructureRef!.name}/` ) diff --git a/src/components/MAPI/clusters/ClusterDetail/utils.ts b/src/components/MAPI/clusters/ClusterDetail/utils.ts index 1f4b69ec0b..f1975735f2 100644 --- a/src/components/MAPI/clusters/ClusterDetail/utils.ts +++ b/src/components/MAPI/clusters/ClusterDetail/utils.ts @@ -18,7 +18,6 @@ import { import { GenericResponseError } from 'model/clients/GenericResponseError'; import { IHttpClient } from 'model/clients/HttpClient'; import { Constants, Providers } from 'model/constants'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capiv1beta1 from 'model/services/mapi/capiv1beta1'; @@ -334,16 +333,16 @@ export async function fetchProviderCredential( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && - apiGroup === capav1beta1.ApiGroup: { - const identityRef = (providerCluster as capav1beta1.IAWSCluster).spec + case kind === capav1beta2.AWSCluster && + apiGroup === capav1beta2.ApiGroup: { + const identityRef = (providerCluster as capav1beta2.IAWSCluster).spec ?.identityRef; if (identityRef?.kind !== 'AWSClusterRoleIdentity') { throw new Error('Unsupported AWS cluster role identity reference.'); } - return capav1beta1.getAWSClusterRoleIdentity( + return capav1beta2.getAWSClusterRoleIdentity( httpClientFactory(), auth, identityRef.name @@ -427,15 +426,15 @@ export function fetchProviderCredentialKey( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: { - const identityRef = (providerCluster as capav1beta1.IAWSCluster).spec + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: { + const identityRef = (providerCluster as capav1beta2.IAWSCluster).spec ?.identityRef; if (identityRef?.kind !== 'AWSClusterRoleIdentity') { return null; } - return capav1beta1.getAWSClusterRoleIdentityKey(identityRef.name); + return capav1beta2.getAWSClusterRoleIdentityKey(identityRef.name); } case kind === capav1beta2.AWSManagedCluster && @@ -492,17 +491,16 @@ function getMainCredential(credentials: legacyCredentials.ICredential[]) { export function getAWSCredentialAccountID( credential?: | legacyCredentials.ICredential - | capav1beta1.IAWSClusterRoleIdentity | capav1beta2.IAWSClusterRoleIdentity ) { if (!credential) return ''; switch (true) { case credential.hasOwnProperty('kind') && - (credential as capav1beta1.IAWSClusterRoleIdentity).kind === + (credential as capav1beta2.IAWSClusterRoleIdentity).kind === 'AWSClusterRoleIdentity': return extractIDFromARN( - (credential as capav1beta1.IAWSClusterRoleIdentity).spec?.roleARN + (credential as capav1beta2.IAWSClusterRoleIdentity).spec?.roleARN ); case credential.hasOwnProperty('awsOperatorRole'): return (credential as legacyCredentials.ICredential).awsOperatorRole; diff --git a/src/components/MAPI/clusters/ClusterList/__tests__/ClusterListItem.tsx b/src/components/MAPI/clusters/ClusterList/__tests__/ClusterListItem.tsx index bcbe2b9088..8352590d8f 100644 --- a/src/components/MAPI/clusters/ClusterList/__tests__/ClusterListItem.tsx +++ b/src/components/MAPI/clusters/ClusterList/__tests__/ClusterListItem.tsx @@ -11,7 +11,7 @@ import nock from 'nock'; import React from 'react'; import { SWRConfig } from 'swr'; import { withMarkup } from 'test/assertUtils'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiexpv1alpha3Mocks from 'test/mockHttpCalls/capiv1alpha3/exp'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; @@ -745,7 +745,7 @@ describe('ClusterListItem on CAPA', () => { render( getComponent({ cluster: capiv1beta1Mocks.randomClusterCAPA1, - providerCluster: capav1beta1Mocks.randomAWSCluster1, + providerCluster: capav1beta2Mocks.randomAWSCluster1, }) ); @@ -774,7 +774,7 @@ describe('ClusterListItem on CAPA', () => { ], }, }, - providerCluster: capav1beta1Mocks.randomAWSCluster1, + providerCluster: capav1beta2Mocks.randomAWSCluster1, }) ); diff --git a/src/components/MAPI/organizations/OrganizationDetailGeneral/__tests__/index.tsx b/src/components/MAPI/organizations/OrganizationDetailGeneral/__tests__/index.tsx index f175f7b2cd..bdaa2f9bfd 100644 --- a/src/components/MAPI/organizations/OrganizationDetailGeneral/__tests__/index.tsx +++ b/src/components/MAPI/organizations/OrganizationDetailGeneral/__tests__/index.tsx @@ -17,7 +17,7 @@ import nock from 'nock'; import * as React from 'react'; import { SWRConfig } from 'swr'; import * as authorizationv1Mocks from 'test/mockHttpCalls/authorizationv1'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiexpv1alpha3Mocks from 'test/mockHttpCalls/capiv1alpha3/exp'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; @@ -964,15 +964,15 @@ describe('OrganizationDetailGeneral on CAPA', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsclusters/${capiv1beta1Mocks.randomClusterListCAPA.items[0].metadata.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsclusters/${capiv1beta1Mocks.randomClusterListCAPA.items[0].metadata.name}/` ) - .reply(StatusCodes.Ok, capav1beta1Mocks.randomAWSCluster1); + .reply(StatusCodes.Ok, capav1beta2Mocks.randomAWSCluster1); nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsclusters/${capiv1beta1Mocks.randomClusterListCAPA.items[1].metadata.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsclusters/${capiv1beta1Mocks.randomClusterListCAPA.items[1].metadata.name}/` ) - .reply(StatusCodes.Ok, capav1beta1Mocks.randomAWSCluster2); + .reply(StatusCodes.Ok, capav1beta2Mocks.randomAWSCluster2); nock(window.config.mapiEndpoint) .get( @@ -985,9 +985,9 @@ describe('OrganizationDetailGeneral on CAPA', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` ) - .reply(StatusCodes.Ok, capav1beta1Mocks.randomClusterCAPA1AWSMachinePool); + .reply(StatusCodes.Ok, capav1beta2Mocks.randomClusterCAPA1AWSMachinePool); render( getComponent({ diff --git a/src/components/MAPI/organizations/OrganizationDetailGeneral/utils.ts b/src/components/MAPI/organizations/OrganizationDetailGeneral/utils.ts index 7eee11a32e..211b21052f 100644 --- a/src/components/MAPI/organizations/OrganizationDetailGeneral/utils.ts +++ b/src/components/MAPI/organizations/OrganizationDetailGeneral/utils.ts @@ -21,7 +21,7 @@ import { mapNodePoolsToProviderNodePools, } from 'MAPI/workernodes/utils'; import { GenericResponse } from 'model/clients/GenericResponse'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capiv1beta1 from 'model/services/mapi/capiv1beta1'; import * as capzv1beta1 from 'model/services/mapi/capzv1beta1'; @@ -152,7 +152,7 @@ function appendControlPlaneNodeStats( for (const cpNode of controlPlaneNodes) { switch (cpNode.kind) { - case capav1beta1.AWSMachineTemplate: + case capav1beta2.AWSMachineTemplate: case capgv1beta1.GCPMachineTemplate: if (cpNode.spec?.template?.spec.instanceType) { instanceTypes.push(cpNode.spec.template.spec.instanceType); diff --git a/src/components/MAPI/types.ts b/src/components/MAPI/types.ts index 139700dff5..9a7013d590 100644 --- a/src/components/MAPI/types.ts +++ b/src/components/MAPI/types.ts @@ -1,4 +1,3 @@ -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capiexpv1alpha3 from 'model/services/mapi/capiv1alpha3/exp'; @@ -12,7 +11,7 @@ import * as legacyCredentials from 'model/services/mapi/legacy/credentials'; export type ControlPlane = capiv1beta1.IKubeadmControlPlane | undefined; export type ControlPlaneNode = - | capav1beta1.IAWSMachineTemplate + | capav1beta2.IAWSMachineTemplate | capav1beta2.IAWSManagedControlPlane | capgv1beta1.IGCPMachineTemplate | capiv1beta1.IMachine @@ -25,7 +24,7 @@ export type ControlPlaneNodeList = | capzv1beta1.IAzureMachineList | infrav1alpha3.IAWSControlPlaneList | infrav1alpha3.IG8sControlPlaneList - | capav1beta1.IAWSMachineTemplateList + | capav1beta2.IAWSMachineTemplateList | capav1beta2.IAWSManagedControlPlaneList | capgv1beta1.IGCPMachineTemplateList | capiv1beta1.IMachineList; @@ -37,7 +36,7 @@ export type ClusterList = capiv1beta1.IClusterList; export type ProviderCluster = | capzv1beta1.IAzureCluster | infrav1alpha3.IAWSCluster - | capav1beta1.IAWSCluster + | capav1beta2.IAWSCluster | capav1beta2.IAWSManagedCluster | capgv1beta1.IGCPCluster | undefined; @@ -45,7 +44,7 @@ export type ProviderCluster = export type ProviderClusterList = | capzv1beta1.IAzureClusterList | infrav1alpha3.IAWSClusterList - | capav1beta1.IAWSClusterList + | capav1beta2.IAWSClusterList | capav1beta2.IAWSManagedClusterList | capgv1beta1.IGCPClusterList; @@ -60,7 +59,7 @@ export type NodePoolList = | capiv1beta1.IMachinePoolList; export type ProviderNodePool = - | capav1beta1.IAWSMachinePool + | capav1beta2.IAWSMachinePool | capav1beta2.IAWSManagedMachinePool | capgv1beta1.IGCPMachineTemplate | capzv1beta1.IAzureMachineTemplate @@ -73,20 +72,18 @@ export type ProviderNodePoolList = | capzexpv1alpha3.IAzureMachinePoolList | capzv1beta1.IAzureMachinePoolList | infrav1alpha3.IAWSMachineDeploymentList - | capav1beta1.IAWSMachinePoolList + | capav1beta2.IAWSMachinePoolList | capav1beta2.IAWSManagedMachinePoolList | capgv1beta1.IGCPMachineTemplateList; export type ProviderCredential = | legacyCredentials.ICredential - | capav1beta1.IAWSClusterRoleIdentity | capav1beta2.IAWSClusterRoleIdentity | capzv1beta1.IAzureClusterIdentity | undefined; export type ProviderCredentialList = | legacyCredentials.ICredentialList - | capav1beta1.IAWSClusterRoleIdentityList | capav1beta2.IAWSClusterRoleIdentityList | capzv1beta1.IAzureClusterIdentityList; diff --git a/src/components/MAPI/utils.ts b/src/components/MAPI/utils.ts index bdcfa55f21..5ab3d67783 100644 --- a/src/components/MAPI/utils.ts +++ b/src/components/MAPI/utils.ts @@ -1,7 +1,6 @@ import { GenericResponse } from 'model/clients/GenericResponse'; import { Constants, ProviderFlavors, Providers } from 'model/constants'; import * as applicationv1alpha1 from 'model/services/mapi/applicationv1alpha1'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capiexpv1alpha3 from 'model/services/mapi/capiv1alpha3/exp'; @@ -200,7 +199,7 @@ export async function fetchNodePoolListForCluster( break; - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: case kind === capav1beta2.AWSManagedCluster && apiGroup === capav1beta2.ApiGroup: case kind === capzv1beta1.AzureCluster: @@ -290,7 +289,7 @@ export function fetchNodePoolListForClusterKey( namespace, }); - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: case kind === capav1beta2.AWSManagedCluster && apiGroup === capav1beta2.ApiGroup: case kind === capzv1beta1.AzureCluster: @@ -335,8 +334,8 @@ export async function fetchProviderNodePoolForNodePool( const kind = infrastructureRef.kind; switch (true) { - case kind === capav1beta1.AWSMachinePool: - return capav1beta1.getAWSMachinePool( + case kind === capav1beta2.AWSMachinePool: + return capav1beta2.getAWSMachinePool( httpClientFactory(), auth, nodePool.metadata.namespace!, @@ -643,9 +642,9 @@ export async function fetchControlPlaneNodesForCluster( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: { + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: { const [capaCP, machineCP] = await Promise.allSettled([ - capav1beta1.getAWSMachineTemplateList(httpClientFactory(), auth, { + capav1beta2.getAWSMachineTemplateList(httpClientFactory(), auth, { labelSelector: { matchingLabels: { [capiv1beta1.labelClusterName]: cluster.metadata.name, @@ -902,8 +901,8 @@ export function fetchControlPlaneNodesForClusterKey( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: - return capav1beta1.getAWSMachineTemplateListKey({ + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: + return capav1beta2.getAWSMachineTemplateListKey({ labelSelector: { matchingLabels: { [capiv1beta1.labelClusterName]: cluster.metadata.name, @@ -988,8 +987,8 @@ export async function fetchProviderClusterForCluster( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: - return capav1beta1.getAWSCluster( + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: + return capav1beta2.getAWSCluster( httpClientFactory(), auth, cluster.metadata.namespace!, @@ -1043,8 +1042,8 @@ export function fetchProviderClusterForClusterKey(cluster: Cluster) { const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: - return capav1beta1.getAWSClusterKey( + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: + return capav1beta2.getAWSClusterKey( cluster.metadata.namespace!, infrastructureRef.name ); @@ -1186,7 +1185,7 @@ export function getProviderNodePoolMachineTypes( providerNodePool: ProviderNodePool ): NodePoolMachineTypes | undefined { switch (providerNodePool?.kind) { - case capav1beta1.AWSMachinePool: + case capav1beta2.AWSMachinePool: return { primary: providerNodePool.spec?.awsLaunchTemplate.instanceType ?? '', }; @@ -1250,7 +1249,7 @@ export function getProviderNodePoolSpotInstances( providerNodePool: ProviderNodePool ): NodePoolSpotInstances | undefined { switch (providerNodePool?.kind) { - case capav1beta1.AWSMachinePool: { + case capav1beta2.AWSMachinePool: { const onDemandBaseCapacity = providerNodePool.spec?.mixedInstancesPolicy?.instancesDistribution ?.onDemandBaseCapacity ?? 0; @@ -1375,11 +1374,11 @@ export function getNodePoolScaling( switch (true) { // CAPA case kind === capiv1beta1.MachinePool && - providerNodePoolKind === capav1beta1.AWSMachinePool: { + providerNodePoolKind === capav1beta2.AWSMachinePool: { status.min = - (providerNodePool as capav1beta1.IAWSMachinePool).spec?.minSize ?? -1; + (providerNodePool as capav1beta2.IAWSMachinePool).spec?.minSize ?? -1; status.max = - (providerNodePool as capav1beta1.IAWSMachinePool).spec?.maxSize ?? -1; + (providerNodePool as capav1beta2.IAWSMachinePool).spec?.maxSize ?? -1; return status; } @@ -1440,9 +1439,9 @@ export function getNodePoolAvailabilityZones( switch (true) { // CAPA case kind === capiv1beta1.MachinePool && - providerNodePoolKind === capav1beta1.AWSMachinePool: + providerNodePoolKind === capav1beta2.AWSMachinePool: return ( - (providerNodePool as capav1beta1.IAWSMachinePool).spec + (providerNodePool as capav1beta2.IAWSMachinePool).spec ?.availabilityZones ?? [] ); @@ -1541,8 +1540,8 @@ export function getProviderClusterLocation( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: - return (providerCluster as capav1beta1.IAWSCluster).spec?.region ?? ''; + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: + return (providerCluster as capav1beta2.IAWSCluster).spec?.region ?? ''; case kind === capgv1beta1.GCPCluster: return providerCluster.spec?.region ?? ''; diff --git a/src/components/MAPI/workernodes/ClusterDetailWorkerNodes.tsx b/src/components/MAPI/workernodes/ClusterDetailWorkerNodes.tsx index d6293c8a95..5a2d7fa106 100644 --- a/src/components/MAPI/workernodes/ClusterDetailWorkerNodes.tsx +++ b/src/components/MAPI/workernodes/ClusterDetailWorkerNodes.tsx @@ -25,7 +25,7 @@ import { } from 'MAPI/utils'; import { GenericResponseError } from 'model/clients/GenericResponseError'; import { ProviderFlavors, Providers } from 'model/constants'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capiv1beta1 from 'model/services/mapi/capiv1beta1'; import * as capzexpv1alpha3 from 'model/services/mapi/capzv1alpha3/exp'; import * as capzv1beta1 from 'model/services/mapi/capzv1beta1'; @@ -78,7 +78,7 @@ export function getAdditionalColumns( const apiGroup = getApiGroupFromApiVersion(apiVersion); switch (true) { - case kind === capav1beta1.AWSCluster && apiGroup === capav1beta1.ApiGroup: + case kind === capav1beta2.AWSCluster && apiGroup === capav1beta2.ApiGroup: return [ { title: 'Spot instances', @@ -86,7 +86,7 @@ export function getAdditionalColumns( return ( ); diff --git a/src/components/MAPI/workernodes/WorkerNodesNodePoolItemMachineType.tsx b/src/components/MAPI/workernodes/WorkerNodesNodePoolItemMachineType.tsx index 9755e4be6e..5bb53f3c1b 100644 --- a/src/components/MAPI/workernodes/WorkerNodesNodePoolItemMachineType.tsx +++ b/src/components/MAPI/workernodes/WorkerNodesNodePoolItemMachineType.tsx @@ -5,7 +5,6 @@ import { getProviderNodePoolMachineTypes, INodePoolMachineTypesAWS, } from 'MAPI/utils'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import * as capgv1beta1 from 'model/services/mapi/capgv1beta1'; import * as capzexpv1alpha3 from 'model/services/mapi/capzv1alpha3/exp'; @@ -32,7 +31,7 @@ function formatMachineTypeLabel(providerNodePool?: ProviderNodePool) { case capzv1beta1.AzureMachineTemplate: return `VM size: ${machineTypes?.primary ?? 'n/a'}`; - case capav1beta1.AWSMachinePool: + case capav1beta2.AWSMachinePool: case capav1beta2.AWSManagedMachinePool: case capgv1beta1.GCPMachineTemplate: case infrav1alpha3.AWSMachineDeployment: diff --git a/src/components/MAPI/workernodes/WorkerNodesSpotInstancesCAPA.tsx b/src/components/MAPI/workernodes/WorkerNodesSpotInstancesCAPA.tsx index 61c7eaaed4..0f2ab53c72 100644 --- a/src/components/MAPI/workernodes/WorkerNodesSpotInstancesCAPA.tsx +++ b/src/components/MAPI/workernodes/WorkerNodesSpotInstancesCAPA.tsx @@ -3,14 +3,14 @@ import { getProviderNodePoolSpotInstances, INodePoolSpotInstancesCAPA, } from 'MAPI/utils'; -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; import React from 'react'; import NotAvailable from 'UI/Display/NotAvailable'; import OptionalValue from 'UI/Display/OptionalValue/OptionalValue'; import { Tooltip, TooltipContainer } from 'UI/Display/Tooltip'; interface IWorkerNodesSpotInstancesCAPAProps { - providerNodePool?: capav1beta1.IAWSMachinePool; + providerNodePool?: capav1beta2.IAWSMachinePool; } const WorkerNodesSpotInstancesCAPA: React.FC< diff --git a/src/components/MAPI/workernodes/__tests__/ClusterDetailWidgetWorkerNodes.tsx b/src/components/MAPI/workernodes/__tests__/ClusterDetailWidgetWorkerNodes.tsx index f2f9812875..b1ea544704 100644 --- a/src/components/MAPI/workernodes/__tests__/ClusterDetailWidgetWorkerNodes.tsx +++ b/src/components/MAPI/workernodes/__tests__/ClusterDetailWidgetWorkerNodes.tsx @@ -6,7 +6,7 @@ import * as metav1 from 'model/services/mapi/metav1'; import nock from 'nock'; import React from 'react'; import { SWRConfig } from 'swr'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiexpv1alpha3Mocks from 'test/mockHttpCalls/capiv1alpha3/exp'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; @@ -509,9 +509,9 @@ describe('ClusterDetailWidgetWorkerNodes on CAPA', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` ) - .reply(StatusCodes.Ok, capav1beta1Mocks.randomClusterCAPA1AWSMachinePool); + .reply(StatusCodes.Ok, capav1beta2Mocks.randomClusterCAPA1AWSMachinePool); render( getComponent({ @@ -537,7 +537,7 @@ describe('ClusterDetailWidgetWorkerNodes on CAPA', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` ) .reply(StatusCodes.NotFound, {}); @@ -569,14 +569,14 @@ describe('ClusterDetailWidgetWorkerNodes on CAPA', () => { nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinepools/${capiv1beta1Mocks.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` ) .reply(StatusCodes.Ok, { - ...capav1beta1Mocks.randomClusterCAPA1AWSMachinePool, + ...capav1beta2Mocks.randomClusterCAPA1AWSMachinePool, spec: { - ...capav1beta1Mocks.randomClusterCAPA1AWSMachinePool.spec, + ...capav1beta2Mocks.randomClusterCAPA1AWSMachinePool.spec, awsLaunchTemplate: { - ...capav1beta1Mocks.randomClusterCAPA1AWSMachinePool.spec! + ...capav1beta2Mocks.randomClusterCAPA1AWSMachinePool.spec! .awsLaunchTemplate, instanceType: 'random-instance-type', }, diff --git a/src/components/MAPI/workernodes/__tests__/ClusterDetailWorkerNodes.tsx b/src/components/MAPI/workernodes/__tests__/ClusterDetailWorkerNodes.tsx index a106c020ac..e1129993f5 100644 --- a/src/components/MAPI/workernodes/__tests__/ClusterDetailWorkerNodes.tsx +++ b/src/components/MAPI/workernodes/__tests__/ClusterDetailWorkerNodes.tsx @@ -7,7 +7,7 @@ import nock from 'nock'; import React from 'react'; import Router from 'react-router'; import { SWRConfig } from 'swr'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiexpv1alpha3Mocks from 'test/mockHttpCalls/capiv1alpha3/exp'; import * as mockCapiv1beta1 from 'test/mockHttpCalls/capiv1beta1'; @@ -467,9 +467,9 @@ describe('ClusterDetailWorkerNodes on CAPA', () => { .reply(StatusCodes.Ok, mockCapiv1beta1.randomClusterCAPA1MachinePoolList); nock(window.config.mapiEndpoint) .get( - `/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/org-org1/awsmachinepools/${mockCapiv1beta1.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` + `/apis/infrastructure.cluster.x-k8s.io/v1beta2/namespaces/org-org1/awsmachinepools/${mockCapiv1beta1.randomClusterCAPA1MachinePoolList.items[0].spec?.template.spec?.infrastructureRef.name}/` ) - .reply(StatusCodes.Ok, capav1beta1Mocks.randomClusterCAPA1AWSMachinePool); + .reply(StatusCodes.Ok, capav1beta2Mocks.randomClusterCAPA1AWSMachinePool); render(getComponent({})); diff --git a/src/components/MAPI/workernodes/__tests__/WorkerNodesNodePoolItem.tsx b/src/components/MAPI/workernodes/__tests__/WorkerNodesNodePoolItem.tsx index 688c59ef63..d7f72460e1 100644 --- a/src/components/MAPI/workernodes/__tests__/WorkerNodesNodePoolItem.tsx +++ b/src/components/MAPI/workernodes/__tests__/WorkerNodesNodePoolItem.tsx @@ -8,7 +8,7 @@ import nock from 'nock'; import React from 'react'; import { SWRConfig } from 'swr'; import { withMarkup } from 'test/assertUtils'; -import * as capav1beta1Mocks from 'test/mockHttpCalls/capav1beta1'; +import * as capav1beta2Mocks from 'test/mockHttpCalls/capav1beta2'; import * as capgv1beta1Mocks from 'test/mockHttpCalls/capgv1beta1'; import * as capiexpv1alpha3Mocks from 'test/mockHttpCalls/capiv1alpha3/exp'; import * as capiv1beta1Mocks from 'test/mockHttpCalls/capiv1beta1'; @@ -888,7 +888,7 @@ describe('WorkerNodesNodePoolItem on CAPA', () => { render( getComponent({ nodePool: capiv1beta1Mocks.randomClusterCAPA1MachinePool1, - providerNodePool: capav1beta1Mocks.randomClusterCAPA1AWSMachinePool, + providerNodePool: capav1beta2Mocks.randomClusterCAPA1AWSMachinePool, }) ); @@ -911,7 +911,7 @@ describe('WorkerNodesNodePoolItem on CAPA', () => { render( getComponent({ nodePool: capiv1beta1Mocks.randomClusterCAPA1MachinePool1, - providerNodePool: capav1beta1Mocks.randomClusterCAPA1AWSMachinePool, + providerNodePool: capav1beta2Mocks.randomClusterCAPA1AWSMachinePool, }) ); @@ -933,7 +933,7 @@ describe('WorkerNodesNodePoolItem on CAPA', () => { render( getComponent({ nodePool: capiv1beta1Mocks.randomClusterCAPA1MachinePool1, - providerNodePool: capav1beta1Mocks.randomClusterCAPA1AWSMachinePool, + providerNodePool: capav1beta2Mocks.randomClusterCAPA1AWSMachinePool, additionalColumns: getAdditionalColumns( capiv1beta1Mocks.randomClusterCAPA1 ), @@ -958,7 +958,7 @@ describe('WorkerNodesNodePoolItem on CAPA', () => { render( getComponent({ nodePool: capiv1beta1Mocks.randomClusterCAPA1MachinePool1, - providerNodePool: capav1beta1Mocks.randomClusterCAPA1AWSMachinePoolSpot, + providerNodePool: capav1beta2Mocks.randomClusterCAPA1AWSMachinePoolSpot, additionalColumns: getAdditionalColumns( capiv1beta1Mocks.randomClusterCAPA1 ), diff --git a/src/model/services/mapi/capav1beta1/getAWSClusterRoleIdentity.ts b/src/model/services/mapi/capav1beta1/getAWSClusterRoleIdentity.ts deleted file mode 100644 index f5dbd797aa..0000000000 --- a/src/model/services/mapi/capav1beta1/getAWSClusterRoleIdentity.ts +++ /dev/null @@ -1,31 +0,0 @@ -/** - * This file was automatically generated, PLEASE DO NOT MODIFY IT BY HAND. - */ - -import { IHttpClient } from 'model/clients/HttpClient'; -import { getResource } from 'model/services/mapi/generic/getResource'; -import * as k8sUrl from 'model/services/mapi/k8sUrl'; -import { IOAuth2Provider } from 'utils/OAuth2/OAuth2'; - -import { IAWSClusterRoleIdentity } from '.'; - -export function getAWSClusterRoleIdentity( - client: IHttpClient, - auth: IOAuth2Provider, - - name: string -) { - const url = k8sUrl.create({ - baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', - kind: 'awsclusterroleidentities', - - name, - }); - - return getResource(client, auth, url.toString()); -} - -export function getAWSClusterRoleIdentityKey(name: string) { - return `getAWSClusterRoleIdentity/${name}`; -} diff --git a/src/model/services/mapi/capav1beta1/index.ts b/src/model/services/mapi/capav1beta1/index.ts deleted file mode 100644 index 5cd820a539..0000000000 --- a/src/model/services/mapi/capav1beta1/index.ts +++ /dev/null @@ -1,7 +0,0 @@ -export * from './types'; -export * from './getAWSCluster'; -export * from './getAWSClusterRoleIdentity'; -export * from './getAWSMachineTemplate'; -export * from './getAWSMachineTemplateList'; -export * from './getAWSMachinePool'; -export * from './getAWSMachinePoolList'; diff --git a/src/model/services/mapi/capav1beta1/types.ts b/src/model/services/mapi/capav1beta1/types.ts deleted file mode 100644 index 8f42b7fb27..0000000000 --- a/src/model/services/mapi/capav1beta1/types.ts +++ /dev/null @@ -1,1359 +0,0 @@ -/** - * This file was automatically generated, PLEASE DO NOT MODIFY IT BY HAND. - */ - -import * as metav1 from 'model/services/mapi/metav1'; - -export const ApiGroup = 'infrastructure.cluster.x-k8s.io'; - -export const ApiVersion = 'infrastructure.cluster.x-k8s.io/v1beta1'; - -export const AWSCluster = 'AWSCluster'; - -/** - * AWSCluster is the schema for Amazon EC2 based Kubernetes Cluster API. - */ -export interface IAWSCluster { - /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - */ - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - */ - kind: typeof AWSCluster; - metadata: metav1.IObjectMeta; - /** - * AWSClusterSpec defines the desired state of an EC2-based Kubernetes cluster. - */ - spec?: { - /** - * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default. - */ - additionalTags?: { - [k: string]: string; - }; - /** - * Bastion contains options to configure the bastion host. - */ - bastion?: { - /** - * AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). - */ - allowedCIDRBlocks?: string[]; - /** - * AMI will use the specified AMI to boot the bastion. If not specified, the AMI will default to one picked out in public space. - */ - ami?: string; - /** - * DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. Requires AllowedCIDRBlocks to be empty. - */ - disableIngressRules?: boolean; - /** - * Enabled allows this provider to create a bastion host instance with a public ip to access the VPC private network. - */ - enabled?: boolean; - /** - * InstanceType will use the specified instance type for the bastion. If not specified, Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. - */ - instanceType?: string; - }; - /** - * ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. - */ - controlPlaneEndpoint?: { - /** - * The hostname on which the API server is serving. - */ - host: string; - /** - * The port on which the API server is serving. - */ - port: number; - }; - /** - * ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior. - */ - controlPlaneLoadBalancer?: { - /** - * AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs This is optional - if not provided new security groups will be created for the load balancer - */ - additionalSecurityGroups?: string[]; - /** - * CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. - * With cross-zone load balancing, each load balancer node for your Classic Load Balancer distributes requests evenly across the registered instances in all enabled Availability Zones. If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across the registered instances in its Availability Zone only. - * Defaults to false. - */ - crossZoneLoadBalancing?: boolean; - /** - * HealthCheckProtocol sets the protocol type for classic ELB health check target default value is ClassicELBProtocolSSL - */ - healthCheckProtocol?: string; - /** - * Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique within your set of load balancers for the region, must have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once set, the value cannot be changed. - */ - name?: string; - /** - * Scheme sets the scheme of the load balancer (defaults to internet-facing) - */ - scheme?: 'internet-facing' | 'internal'; - /** - * Subnets sets the subnets that should be applied to the control plane load balancer (defaults to discovered subnets for managed VPCs or an empty set for unmanaged VPCs) - */ - subnets?: string[]; - }; - /** - * IdentityRef is a reference to a identity to be used when reconciling this cluster - */ - identityRef?: { - /** - * Kind of the identity. - */ - kind: - | 'AWSClusterControllerIdentity' - | 'AWSClusterRoleIdentity' - | 'AWSClusterStaticIdentity'; - /** - * Name of the identity. - */ - name: string; - }; - /** - * ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS. - */ - imageLookupBaseOS?: string; - /** - * ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/ - */ - imageLookupFormat?: string; - /** - * ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. - */ - imageLookupOrg?: string; - /** - * NetworkSpec encapsulates all things related to AWS network. - */ - network?: { - /** - * CNI configuration - */ - cni?: { - /** - * CNIIngressRules specify rules to apply to control plane and worker node security groups. The source for the rule will be set to control plane and worker security group IDs. - */ - cniIngressRules?: { - description: string; - fromPort: number; - /** - * SecurityGroupProtocol defines the protocol type for a security group rule. - */ - protocol: string; - toPort: number; - }[]; - }; - /** - * SecurityGroupOverrides is an optional set of security groups to use for cluster instances This is optional - if not provided new security groups will be created for the cluster - */ - securityGroupOverrides?: { - [k: string]: string; - }; - /** - * Subnets configuration. - */ - subnets?: { - /** - * AvailabilityZone defines the availability zone to use for this subnet in the cluster's region. - */ - availabilityZone?: string; - /** - * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. - */ - cidrBlock?: string; - /** - * ID defines a unique identifier to reference this resource. - */ - id?: string; - /** - * IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. A subnet can have an IPv4 and an IPv6 address. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. - */ - ipv6CidrBlock?: string; - /** - * IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. - */ - isIpv6?: boolean; - /** - * IsPublic defines the subnet as a public subnet. A subnet is public when it is associated with a route table that has a route to an internet gateway. - */ - isPublic?: boolean; - /** - * NatGatewayID is the NAT gateway id associated with the subnet. Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. - */ - natGatewayId?: string; - /** - * RouteTableID is the routing table id associated with the subnet. - */ - routeTableId?: string; - /** - * Tags is a collection of tags describing the resource. - */ - tags?: { - [k: string]: string; - }; - }[]; - /** - * VPC configuration. - */ - vpc?: { - /** - * AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: Ordered - selects based on alphabetical order Random - selects AZs randomly in a region Defaults to Ordered - */ - availabilityZoneSelection?: 'Ordered' | 'Random'; - /** - * AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that should be used in a region when automatically creating subnets. If a region has more than this number of AZs then this number of AZs will be picked randomly when creating default subnets. Defaults to 3 - */ - availabilityZoneUsageLimit?: number; - /** - * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. Defaults to 10.0.0.0/16. - */ - cidrBlock?: string; - /** - * ID is the vpc-id of the VPC this provider should use to create resources. - */ - id?: string; - /** - * InternetGatewayID is the id of the internet gateway associated with the VPC. - */ - internetGatewayId?: string; - /** - * IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object. - */ - ipv6?: { - /** - * CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. - */ - cidrBlock?: string; - /** - * EgressOnlyInternetGatewayID is the id of the egress only internet gateway associated with an IPv6 enabled VPC. - */ - egressOnlyInternetGatewayId?: string; - /** - * PoolID is the IP pool which must be defined in case of BYO IP is defined. - */ - poolId?: string; - }; - /** - * Tags is a collection of tags describing the resource. - */ - tags?: { - [k: string]: string; - }; - }; - }; - /** - * The AWS Region the cluster lives in. - */ - region?: string; - /** - * S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled). - */ - s3Bucket?: { - /** - * ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed to read control-plane node bootstrap data from S3 Bucket. - */ - controlPlaneIAMInstanceProfile: string; - /** - * Name defines name of S3 Bucket to be created. - */ - name: string; - /** - * NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read worker nodes bootstrap data from S3 Bucket. - */ - nodesIAMInstanceProfiles: string[]; - }; - /** - * SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) - */ - sshKeyName?: string; - }; - /** - * AWSClusterStatus defines the observed state of AWSCluster. - */ - status?: { - /** - * Instance describes an AWS instance. - */ - bastion?: { - /** - * Addresses contains the AWS instance associated addresses. - */ - addresses?: { - /** - * The machine address. - */ - address: string; - /** - * Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. - */ - type: string; - }[]; - /** - * Availability zone of instance - */ - availabilityZone?: string; - /** - * Indicates whether the instance is optimized for Amazon EBS I/O. - */ - ebsOptimized?: boolean; - /** - * Specifies whether enhanced networking with ENA is enabled. - */ - enaSupport?: boolean; - /** - * The name of the IAM instance profile associated with the instance, if applicable. - */ - iamProfile?: string; - id: string; - /** - * The ID of the AMI used to launch the instance. - */ - imageId?: string; - /** - * The current state of the instance. - */ - instanceState?: string; - /** - * Specifies ENIs attached to instance - */ - networkInterfaces?: string[]; - /** - * Configuration options for the non root storage volumes. - */ - nonRootVolumes?: { - /** - * Device name - */ - deviceName?: string; - /** - * Encrypted is whether the volume should be encrypted or not. - */ - encrypted?: boolean; - /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. - */ - encryptionKey?: string; - /** - * IOPS is the number of IOPS requested for the disk. Not applicable to all types. - */ - iops?: number; - /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). - */ - size: number; - /** - * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. - */ - throughput?: number; - /** - * Type is the type of the volume (e.g. gp2, io1, etc...). - */ - type?: string; - }[]; - /** - * The private IPv4 address assigned to the instance. - */ - privateIp?: string; - /** - * The public IPv4 address assigned to the instance, if applicable. - */ - publicIp?: string; - /** - * Configuration options for the root storage volume. - */ - rootVolume?: { - /** - * Device name - */ - deviceName?: string; - /** - * Encrypted is whether the volume should be encrypted or not. - */ - encrypted?: boolean; - /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. - */ - encryptionKey?: string; - /** - * IOPS is the number of IOPS requested for the disk. Not applicable to all types. - */ - iops?: number; - /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). - */ - size: number; - /** - * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. - */ - throughput?: number; - /** - * Type is the type of the volume (e.g. gp2, io1, etc...). - */ - type?: string; - }; - /** - * SecurityGroupIDs are one or more security group IDs this instance belongs to. - */ - securityGroupIds?: string[]; - /** - * SpotMarketOptions option for configuring instances to be run using AWS Spot instances. - */ - spotMarketOptions?: { - /** - * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - */ - maxPrice?: string; - }; - /** - * The name of the SSH key pair. - */ - sshKeyName?: string; - /** - * The ID of the subnet of the instance. - */ - subnetId?: string; - /** - * The tags associated with the instance. - */ - tags?: { - [k: string]: string; - }; - /** - * Tenancy indicates if instance should run on shared or single-tenant hardware. - */ - tenancy?: string; - /** - * The instance type. - */ - type?: string; - /** - * UserData is the raw data script passed to the instance which is run upon bootstrap. This field must not be base64 encoded and should only be used when running a new instance. - */ - userData?: string; - /** - * IDs of the instance's volumes - */ - volumeIDs?: string[]; - }; - /** - * Conditions provide observations of the operational state of a Cluster API resource. - */ - conditions?: { - /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - */ - lastTransitionTime: string; - /** - * A human readable message indicating details about the transition. This field may be empty. - */ - message?: string; - /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - */ - reason?: string; - /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - */ - severity?: string; - /** - * Status of the condition, one of True, False, Unknown. - */ - status: string; - /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - */ - type: string; - }[]; - /** - * FailureDomains is a slice of FailureDomains. - */ - failureDomains?: { - /** - * FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. - */ - [k: string]: { - /** - * Attributes is a free form map of attributes an infrastructure provider might use or require. - */ - attributes?: { - [k: string]: string; - }; - /** - * ControlPlane determines if this failure domain is suitable for use by control plane machines. - */ - controlPlane?: boolean; - }; - }; - /** - * NetworkStatus encapsulates AWS networking resources. - */ - networkStatus?: { - /** - * APIServerELB is the Kubernetes api server classic load balancer. - */ - apiServerElb?: { - /** - * Attributes defines extra attributes associated with the load balancer. - */ - attributes?: { - /** - * CrossZoneLoadBalancing enables the classic load balancer load balancing. - */ - crossZoneLoadBalancing?: boolean; - /** - * IdleTimeout is time that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. - */ - idleTimeout?: number; - }; - /** - * AvailabilityZones is an array of availability zones in the VPC attached to the load balancer. - */ - availabilityZones?: string[]; - /** - * DNSName is the dns name of the load balancer. - */ - dnsName?: string; - /** - * HealthCheck is the classic elb health check associated with the load balancer. - */ - healthChecks?: { - healthyThreshold: number; - /** - * A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. - */ - interval: number; - target: string; - /** - * A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. - */ - timeout: number; - unhealthyThreshold: number; - }; - /** - * Listeners is an array of classic elb listeners associated with the load balancer. There must be at least one. - */ - listeners?: { - instancePort: number; - /** - * ClassicELBProtocol defines listener protocols for a classic load balancer. - */ - instanceProtocol: string; - port: number; - /** - * ClassicELBProtocol defines listener protocols for a classic load balancer. - */ - protocol: string; - }[]; - /** - * The name of the load balancer. It must be unique within the set of load balancers defined in the region. It also serves as identifier. - */ - name?: string; - /** - * Scheme is the load balancer scheme, either internet-facing or private. - */ - scheme?: string; - /** - * SecurityGroupIDs is an array of security groups assigned to the load balancer. - */ - securityGroupIds?: string[]; - /** - * SubnetIDs is an array of subnets in the VPC attached to the load balancer. - */ - subnetIds?: string[]; - /** - * Tags is a map of tags associated with the load balancer. - */ - tags?: { - [k: string]: string; - }; - }; - /** - * SecurityGroups is a map from the role/kind of the security group to its unique name, if any. - */ - securityGroups?: { - /** - * SecurityGroup defines an AWS security group. - */ - [k: string]: { - /** - * ID is a unique identifier. - */ - id: string; - /** - * IngressRules is the inbound rules associated with the security group. - */ - ingressRule?: { - /** - * List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. - */ - cidrBlocks?: string[]; - description: string; - fromPort: number; - /** - * List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. - */ - ipv6CidrBlocks?: string[]; - /** - * SecurityGroupProtocol defines the protocol type for a security group rule. - */ - protocol: string; - /** - * The security group id to allow access from. Cannot be specified with CidrBlocks. - */ - sourceSecurityGroupIds?: string[]; - toPort: number; - }[]; - /** - * Name is the security group name. - */ - name: string; - /** - * Tags is a map of tags associated with the security group. - */ - tags?: { - [k: string]: string; - }; - }; - }; - }; - ready: boolean; - }; -} - -export const AWSClusterList = 'AWSClusterList'; - -export interface IAWSClusterList extends metav1.IList { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - kind: typeof AWSClusterList; -} - -export const AWSClusterRoleIdentity = 'AWSClusterRoleIdentity'; - -/** - * AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API It is used to assume a role using the provided sourceRef. - */ -export interface IAWSClusterRoleIdentity { - /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - */ - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - */ - kind: typeof AWSClusterRoleIdentity; - metadata: metav1.IObjectMeta; - /** - * Spec for this AWSClusterRoleIdentity. - */ - spec?: { - /** - * AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity. - */ - allowedNamespaces?: { - /** - * An nil or empty list indicates that AWSClusters cannot use the identity from any namespace. - */ - list?: string[]; - /** - * An empty selector indicates that AWSClusters cannot use this AWSClusterIdentity from any namespace. - */ - selector?: { - /** - * matchExpressions is a list of label selector requirements. The requirements are ANDed. - */ - matchExpressions?: { - /** - * key is the label key that the selector applies to. - */ - key: string; - /** - * operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - */ - operator: string; - /** - * values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - */ - values?: string[]; - }[]; - /** - * matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - */ - matchLabels?: { - [k: string]: string; - }; - }; - }; - /** - * The duration, in seconds, of the role session before it is renewed. - */ - durationSeconds?: number; - /** - * A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide. - */ - externalID?: string; - /** - * An IAM policy as a JSON-encoded string that you want to use as an inline session policy. - */ - inlinePolicy?: string; - /** - * The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role. - */ - policyARNs?: string[]; - /** - * The Amazon Resource Name (ARN) of the role to assume. - */ - roleARN: string; - /** - * An identifier for the assumed role session - */ - sessionName?: string; - /** - * SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted. - */ - sourceIdentityRef?: { - /** - * Kind of the identity. - */ - kind: - | 'AWSClusterControllerIdentity' - | 'AWSClusterRoleIdentity' - | 'AWSClusterStaticIdentity'; - /** - * Name of the identity. - */ - name: string; - }; - }; -} - -export const AWSClusterRoleIdentityList = 'AWSClusterRoleIdentityList'; - -export interface IAWSClusterRoleIdentityList - extends metav1.IList { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - kind: typeof AWSClusterRoleIdentityList; -} - -export const AWSMachinePool = 'AWSMachinePool'; - -/** - * AWSMachinePool is the Schema for the awsmachinepools API. - */ -export interface IAWSMachinePool { - /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - */ - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - */ - kind: typeof AWSMachinePool; - metadata: metav1.IObjectMeta; - /** - * AWSMachinePoolSpec defines the desired state of AWSMachinePool. - */ - spec?: { - /** - * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. - */ - additionalTags?: { - [k: string]: string; - }; - /** - * AvailabilityZones is an array of availability zones instances can run in - */ - availabilityZones?: string[]; - /** - * AWSLaunchTemplate specifies the launch template and version to use when an instance is launched. - */ - awsLaunchTemplate: { - /** - * AdditionalSecurityGroups is an array of references to security groups that should be applied to the instances. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. - */ - additionalSecurityGroups?: { - /** - * Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html - */ - filters?: { - /** - * Name of the filter. Filter names are case-sensitive. - */ - name: string; - /** - * Values includes one or more filter values. Filter values are case-sensitive. - */ - values: string[]; - }[]; - /** - * ID of resource - */ - id?: string; - }[]; - /** - * AMI is the reference to the AMI from which to create the machine instance. - */ - ami?: { - /** - * EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store - */ - eksLookupType?: 'AmazonLinux' | 'AmazonLinuxGPU'; - /** - * ID of resource - */ - id?: string; - }; - /** - * The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role. - */ - iamInstanceProfile?: string; - /** - * ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set. - */ - imageLookupBaseOS?: string; - /** - * ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/ - */ - imageLookupFormat?: string; - /** - * ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set. - */ - imageLookupOrg?: string; - /** - * InstanceType is the type of instance to create. Example: m4.xlarge - */ - instanceType?: string; - /** - * The name of the launch template. - */ - name?: string; - /** - * RootVolume encapsulates the configuration options for the root volume - */ - rootVolume?: { - /** - * Device name - */ - deviceName?: string; - /** - * Encrypted is whether the volume should be encrypted or not. - */ - encrypted?: boolean; - /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. - */ - encryptionKey?: string; - /** - * IOPS is the number of IOPS requested for the disk. Not applicable to all types. - */ - iops?: number; - /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). - */ - size: number; - /** - * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. - */ - throughput?: number; - /** - * Type is the type of the volume (e.g. gp2, io1, etc...). - */ - type?: string; - }; - /** - * SpotMarketOptions are options for configuring AWSMachinePool instances to be run using AWS Spot instances. - */ - spotMarketOptions?: { - /** - * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - */ - maxPrice?: string; - }; - /** - * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) - */ - sshKeyName?: string; - /** - * VersionNumber is the version of the launch template that is applied. Typically a new version is created when at least one of the following happens: 1) A new launch template spec is applied. 2) One or more parameters in an existing template is changed. 3) A new AMI is discovered. - */ - versionNumber?: number; - }; - /** - * Enable or disable the capacity rebalance autoscaling group feature - */ - capacityRebalance?: boolean; - /** - * The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. If no value is supplied by user a default value of 300 seconds is set - */ - defaultCoolDown?: string; - /** - * MaxSize defines the maximum size of the group. - */ - maxSize: number; - /** - * MinSize defines the minimum size of the group. - */ - minSize: number; - /** - * MixedInstancesPolicy describes how multiple instance types will be used by the ASG. - */ - mixedInstancesPolicy?: { - /** - * InstancesDistribution to configure distribution of On-Demand Instances and Spot Instances. - */ - instancesDistribution?: { - /** - * OnDemandAllocationStrategy indicates how to allocate instance types to fulfill On-Demand capacity. - */ - onDemandAllocationStrategy?: 'prioritized'; - onDemandBaseCapacity?: number; - onDemandPercentageAboveBaseCapacity?: number; - /** - * SpotAllocationStrategy indicates how to allocate instances across Spot Instance pools. - */ - spotAllocationStrategy?: 'lowest-price' | 'capacity-optimized'; - }; - overrides?: { - instanceType: string; - }[]; - }; - /** - * ProviderID is the ARN of the associated ASG - */ - providerID?: string; - /** - * ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. - */ - providerIDList?: string[]; - /** - * RefreshPreferences describes set of preferences associated with the instance refresh request. - */ - refreshPreferences?: { - /** - * The number of seconds until a newly launched instance is configured and ready to use. During this time, the next replacement will not be initiated. The default is to use the value for the health check grace period defined for the group. - */ - instanceWarmup?: number; - /** - * The amount of capacity as a percentage in ASG that must remain healthy during an instance refresh. The default is 90. - */ - minHealthyPercentage?: number; - /** - * The strategy to use for the instance refresh. The only valid value is Rolling. A rolling update is an update that is applied to all instances in an Auto Scaling group until all instances have been updated. - */ - strategy?: string; - }; - /** - * Subnets is an array of subnet configurations - */ - subnets?: { - /** - * Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html - */ - filters?: { - /** - * Name of the filter. Filter names are case-sensitive. - */ - name: string; - /** - * Values includes one or more filter values. Filter values are case-sensitive. - */ - values: string[]; - }[]; - /** - * ID of resource - */ - id?: string; - }[]; - }; - /** - * AWSMachinePoolStatus defines the observed state of AWSMachinePool. - */ - status?: { - /** - * ASGStatus is a status string returned by the autoscaling API. - */ - asgStatus?: string; - /** - * Conditions defines current service state of the AWSMachinePool. - */ - conditions?: { - /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - */ - lastTransitionTime: string; - /** - * A human readable message indicating details about the transition. This field may be empty. - */ - message?: string; - /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - */ - reason?: string; - /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - */ - severity?: string; - /** - * Status of the condition, one of True, False, Unknown. - */ - status: string; - /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - */ - type: string; - }[]; - /** - * FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. - */ - failureMessage?: string; - /** - * FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. - */ - failureReason?: string; - /** - * Instances contains the status for each instance in the pool - */ - instances?: { - /** - * InstanceID is the identification of the Machine Instance within ASG - */ - instanceID?: string; - /** - * Version defines the Kubernetes version for the Machine Instance - */ - version?: string; - }[]; - /** - * The ID of the launch template - */ - launchTemplateID?: string; - /** - * The version of the launch template - */ - launchTemplateVersion?: string; - /** - * Ready is true when the provider resource is ready. - */ - ready?: boolean; - /** - * Replicas is the most recently observed number of replicas - */ - replicas?: number; - }; -} - -export const AWSMachinePoolList = 'AWSMachinePoolList'; - -export interface IAWSMachinePoolList extends metav1.IList { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - kind: typeof AWSMachinePoolList; -} - -export const AWSMachineTemplate = 'AWSMachineTemplate'; - -/** - * AWSMachineTemplate is the schema for the Amazon EC2 Machine Templates API. - */ -export interface IAWSMachineTemplate { - /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - */ - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - */ - kind: typeof AWSMachineTemplate; - metadata: metav1.IObjectMeta; - /** - * AWSMachineTemplateSpec defines the desired state of AWSMachineTemplate. - */ - spec?: { - /** - * AWSMachineTemplateResource describes the data needed to create am AWSMachine from a template. - */ - template: { - /** - * Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - */ - metadata?: { - /** - * Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations - */ - annotations?: { - [k: string]: string; - }; - /** - * Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels - */ - labels?: { - [k: string]: string; - }; - }; - /** - * Spec is the specification of the desired behavior of the machine. - */ - spec: { - /** - * AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too. - */ - additionalSecurityGroups?: { - /** - * ARN of resource. Deprecated: This field has no function and is going to be removed in the next release. - */ - arn?: string; - /** - * Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html - */ - filters?: { - /** - * Name of the filter. Filter names are case-sensitive. - */ - name: string; - /** - * Values includes one or more filter values. Filter values are case-sensitive. - */ - values: string[]; - }[]; - /** - * ID of resource - */ - id?: string; - }[]; - /** - * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine's value takes precedence. - */ - additionalTags?: { - [k: string]: string; - }; - /** - * AMI is the reference to the AMI from which to create the machine instance. - */ - ami?: { - /** - * EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store - */ - eksLookupType?: 'AmazonLinux' | 'AmazonLinuxGPU'; - /** - * ID of resource - */ - id?: string; - }; - /** - * CloudInit defines options related to the bootstrapping systems where CloudInit is used. - */ - cloudInit?: { - /** - * InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager or AWS Systems Manager Parameter Store to ensure privacy of userdata. By default, a cloud-init boothook shell script is prepended to download the userdata from Secrets Manager and additionally delete the secret. - */ - insecureSkipSecretsManager?: boolean; - /** - * SecretCount is the number of secrets used to form the complete secret - */ - secretCount?: number; - /** - * SecretPrefix is the prefix for the secret name. This is stored temporarily, and deleted when the machine registers as a node against the workload cluster. - */ - secretPrefix?: string; - /** - * SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager Parameter Storage to distribute secrets. By default or with the value of secrets-manager, will use AWS Secrets Manager instead. - */ - secureSecretsBackend?: 'secrets-manager' | 'ssm-parameter-store'; - }; - /** - * FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. If multiple subnets are matched for the availability zone, the first one returned is picked. - */ - failureDomain?: string; - /** - * IAMInstanceProfile is a name of an IAM instance profile to assign to the instance - */ - iamInstanceProfile?: string; - /** - * Ignition defined options related to the bootstrapping systems where Ignition is used. - */ - ignition?: { - /** - * Version defines which version of Ignition will be used to generate bootstrap data. - */ - version?: '2.3'; - }; - /** - * ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set. - */ - imageLookupBaseOS?: string; - /** - * ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/ - */ - imageLookupFormat?: string; - /** - * ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set. - */ - imageLookupOrg?: string; - /** - * InstanceID is the EC2 instance ID for this machine. - */ - instanceID?: string; - /** - * InstanceType is the type of instance to create. Example: m4.xlarge - */ - instanceType: string; - /** - * NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified. - * - * @maxItems 2 - */ - networkInterfaces?: [] | [string] | [string, string]; - /** - * Configuration options for the non root storage volumes. - */ - nonRootVolumes?: { - /** - * Device name - */ - deviceName?: string; - /** - * Encrypted is whether the volume should be encrypted or not. - */ - encrypted?: boolean; - /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. - */ - encryptionKey?: string; - /** - * IOPS is the number of IOPS requested for the disk. Not applicable to all types. - */ - iops?: number; - /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). - */ - size: number; - /** - * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. - */ - throughput?: number; - /** - * Type is the type of the volume (e.g. gp2, io1, etc...). - */ - type?: string; - }[]; - /** - * ProviderID is the unique identifier as specified by the cloud provider. - */ - providerID?: string; - /** - * PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default - */ - publicIP?: boolean; - /** - * RootVolume encapsulates the configuration options for the root volume - */ - rootVolume?: { - /** - * Device name - */ - deviceName?: string; - /** - * Encrypted is whether the volume should be encrypted or not. - */ - encrypted?: boolean; - /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. - */ - encryptionKey?: string; - /** - * IOPS is the number of IOPS requested for the disk. Not applicable to all types. - */ - iops?: number; - /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). - */ - size: number; - /** - * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. - */ - throughput?: number; - /** - * Type is the type of the volume (e.g. gp2, io1, etc...). - */ - type?: string; - }; - /** - * SpotMarketOptions allows users to configure instances to be run using AWS Spot instances. - */ - spotMarketOptions?: { - /** - * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - */ - maxPrice?: string; - }; - /** - * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) - */ - sshKeyName?: string; - /** - * Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used. - */ - subnet?: { - /** - * ARN of resource. Deprecated: This field has no function and is going to be removed in the next release. - */ - arn?: string; - /** - * Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html - */ - filters?: { - /** - * Name of the filter. Filter names are case-sensitive. - */ - name: string; - /** - * Values includes one or more filter values. Filter values are case-sensitive. - */ - values: string[]; - }[]; - /** - * ID of resource - */ - id?: string; - }; - /** - * Tenancy indicates if instance should run on shared or single-tenant hardware. - */ - tenancy?: 'default' | 'dedicated' | 'host'; - /** - * UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed. - */ - uncompressedUserData?: boolean; - }; - }; - }; - /** - * AWSMachineTemplateStatus defines a status for an AWSMachineTemplate. - */ - status?: { - /** - * Capacity defines the resource capacity for this machine. This value is used for autoscaling from zero operations as defined in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md - */ - capacity?: { - [k: string]: number | string; - }; - }; -} - -export const AWSMachineTemplateList = 'AWSMachineTemplateList'; - -export interface IAWSMachineTemplateList - extends metav1.IList { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; - kind: typeof AWSMachineTemplateList; -} diff --git a/src/model/services/mapi/capav1beta1/getAWSCluster.ts b/src/model/services/mapi/capav1beta2/getAWSCluster.ts similarity index 93% rename from src/model/services/mapi/capav1beta1/getAWSCluster.ts rename to src/model/services/mapi/capav1beta2/getAWSCluster.ts index 8e22b4a687..82b810fcbd 100644 --- a/src/model/services/mapi/capav1beta1/getAWSCluster.ts +++ b/src/model/services/mapi/capav1beta2/getAWSCluster.ts @@ -17,7 +17,7 @@ export function getAWSCluster( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsclusters', namespace, name, diff --git a/src/model/services/mapi/capav1beta1/getAWSMachinePool.ts b/src/model/services/mapi/capav1beta2/getAWSMachinePool.ts similarity index 93% rename from src/model/services/mapi/capav1beta1/getAWSMachinePool.ts rename to src/model/services/mapi/capav1beta2/getAWSMachinePool.ts index 94519653bf..712db172cd 100644 --- a/src/model/services/mapi/capav1beta1/getAWSMachinePool.ts +++ b/src/model/services/mapi/capav1beta2/getAWSMachinePool.ts @@ -17,7 +17,7 @@ export function getAWSMachinePool( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinepools', namespace, name, diff --git a/src/model/services/mapi/capav1beta1/getAWSMachinePoolList.ts b/src/model/services/mapi/capav1beta2/getAWSMachinePoolList.ts similarity index 90% rename from src/model/services/mapi/capav1beta1/getAWSMachinePoolList.ts rename to src/model/services/mapi/capav1beta2/getAWSMachinePoolList.ts index 028edcccfb..4f6db7755f 100644 --- a/src/model/services/mapi/capav1beta1/getAWSMachinePoolList.ts +++ b/src/model/services/mapi/capav1beta2/getAWSMachinePoolList.ts @@ -21,7 +21,7 @@ export function getAWSMachinePoolList( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinepools', ...options, }); @@ -34,7 +34,7 @@ export function getAWSMachinePoolListKey( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinepools', ...options, }); diff --git a/src/model/services/mapi/capav1beta1/getAWSMachineTemplate.ts b/src/model/services/mapi/capav1beta2/getAWSMachineTemplate.ts similarity index 93% rename from src/model/services/mapi/capav1beta1/getAWSMachineTemplate.ts rename to src/model/services/mapi/capav1beta2/getAWSMachineTemplate.ts index cc696a9bb8..6fea442f32 100644 --- a/src/model/services/mapi/capav1beta1/getAWSMachineTemplate.ts +++ b/src/model/services/mapi/capav1beta2/getAWSMachineTemplate.ts @@ -17,7 +17,7 @@ export function getAWSMachineTemplate( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinetemplates', namespace, name, diff --git a/src/model/services/mapi/capav1beta1/getAWSMachineTemplateList.ts b/src/model/services/mapi/capav1beta2/getAWSMachineTemplateList.ts similarity index 90% rename from src/model/services/mapi/capav1beta1/getAWSMachineTemplateList.ts rename to src/model/services/mapi/capav1beta2/getAWSMachineTemplateList.ts index 7c61611473..570a9c3502 100644 --- a/src/model/services/mapi/capav1beta1/getAWSMachineTemplateList.ts +++ b/src/model/services/mapi/capav1beta2/getAWSMachineTemplateList.ts @@ -21,7 +21,7 @@ export function getAWSMachineTemplateList( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinetemplates', ...options, }); @@ -34,7 +34,7 @@ export function getAWSMachineTemplateListKey( ) { const url = k8sUrl.create({ baseUrl: window.config.mapiEndpoint, - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'awsmachinetemplates', ...options, }); diff --git a/src/model/services/mapi/capav1beta2/index.ts b/src/model/services/mapi/capav1beta2/index.ts index 665f776444..6d3ffa7fd4 100644 --- a/src/model/services/mapi/capav1beta2/index.ts +++ b/src/model/services/mapi/capav1beta2/index.ts @@ -5,3 +5,8 @@ export * from './getAWSManagedMachinePoolList'; export * from './getAWSManagedControlPlane'; export * from './getAWSManagedControlPlaneList'; export * from './getAWSClusterRoleIdentity'; +export * from './getAWSCluster'; +export * from './getAWSMachinePool'; +export * from './getAWSMachinePoolList'; +export * from './getAWSMachineTemplate'; +export * from './getAWSMachineTemplateList'; diff --git a/src/model/services/mapi/capav1beta2/types.ts b/src/model/services/mapi/capav1beta2/types.ts index dd512e4a03..36cf69c5a7 100644 --- a/src/model/services/mapi/capav1beta2/types.ts +++ b/src/model/services/mapi/capav1beta2/types.ts @@ -8,6 +8,2677 @@ export const ApiGroup = 'infrastructure.cluster.x-k8s.io'; export const ApiVersion = 'infrastructure.cluster.x-k8s.io/v1beta2'; +export const AWSCluster = 'AWSCluster'; + +/** + * AWSCluster is the schema for Amazon EC2 based Kubernetes Cluster API. + */ +export interface IAWSCluster { + /** + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + */ + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + /** + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + */ + kind: typeof AWSCluster; + metadata: metav1.IObjectMeta; + /** + * AWSClusterSpec defines the desired state of an EC2-based Kubernetes cluster. + */ + spec?: { + /** + * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + * ones added by default. + */ + additionalTags?: { + [k: string]: string; + }; + /** + * Bastion contains options to configure the bastion host. + */ + bastion?: { + /** + * AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + * They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). + */ + allowedCIDRBlocks?: string[]; + /** + * AMI will use the specified AMI to boot the bastion. If not specified, + * the AMI will default to one picked out in public space. + */ + ami?: string; + /** + * DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + * Requires AllowedCIDRBlocks to be empty. + */ + disableIngressRules?: boolean; + /** + * Enabled allows this provider to create a bastion host instance + * with a public ip to access the VPC private network. + */ + enabled?: boolean; + /** + * InstanceType will use the specified instance type for the bastion. If not specified, + * Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro + * will be the default. + */ + instanceType?: string; + }; + /** + * ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. + */ + controlPlaneEndpoint?: { + /** + * The hostname on which the API server is serving. + */ + host: string; + /** + * The port on which the API server is serving. + */ + port: number; + }; + /** + * ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior. + */ + controlPlaneLoadBalancer?: { + /** + * AdditionalListeners sets the additional listeners for the control plane load balancer. + * This is only applicable to Network Load Balancer (NLB) types for the time being. + */ + additionalListeners?: { + /** + * HealthCheck sets the optional custom health check configuration to the API target group. + */ + healthCheck?: { + /** + * The approximate amount of time, in seconds, between health checks of an individual + * target. + */ + intervalSeconds?: number; + /** + * The destination for health checks on the targets when using the protocol HTTP or HTTPS, + * otherwise the path will be ignored. + */ + path?: string; + /** + * The port the load balancer uses when performing health checks for additional target groups. When + * not specified this value will be set for the same of listener port. + */ + port?: string; + /** + * The protocol to use to health check connect with the target. When not specified the Protocol + * will be the same of the listener. + */ + protocol?: 'TCP' | 'HTTP' | 'HTTPS'; + /** + * The number of consecutive health check successes required before considering + * a target healthy. + */ + thresholdCount?: number; + /** + * The amount of time, in seconds, during which no response from a target means + * a failed health check. + */ + timeoutSeconds?: number; + /** + * The number of consecutive health check failures required before considering + * a target unhealthy. + */ + unhealthyThresholdCount?: number; + }; + /** + * Port sets the port for the additional listener. + */ + port: number; + /** + * Protocol sets the protocol for the additional listener. + * Currently only TCP is supported. + */ + protocol?: 'TCP'; + }[]; + /** + * AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + * This is optional - if not provided new security groups will be created for the load balancer + */ + additionalSecurityGroups?: string[]; + /** + * CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + * + * + * With cross-zone load balancing, each load balancer node for your Classic Load Balancer + * distributes requests evenly across the registered instances in all enabled Availability Zones. + * If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + * the registered instances in its Availability Zone only. + * + * + * Defaults to false. + */ + crossZoneLoadBalancing?: boolean; + /** + * DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts + * file of each instance. This is by default, false. + */ + disableHostsRewrite?: boolean; + /** + * HealthCheck sets custom health check configuration to the API target group. + */ + healthCheck?: { + /** + * The approximate amount of time, in seconds, between health checks of an individual + * target. + */ + intervalSeconds?: number; + /** + * The number of consecutive health check successes required before considering + * a target healthy. + */ + thresholdCount?: number; + /** + * The amount of time, in seconds, during which no response from a target means + * a failed health check. + */ + timeoutSeconds?: number; + /** + * The number of consecutive health check failures required before considering + * a target unhealthy. + */ + unhealthyThresholdCount?: number; + }; + /** + * HealthCheckProtocol sets the protocol type for ELB health check target + * default value is ELBProtocolSSL + */ + healthCheckProtocol?: 'TCP' | 'SSL' | 'HTTP' | 'HTTPS' | 'TLS' | 'UDP'; + /** + * IngressRules sets the ingress rules for the control plane load balancer. + */ + ingressRules?: { + /** + * List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + cidrBlocks?: string[]; + /** + * Description provides extended information about the ingress rule. + */ + description: string; + /** + * FromPort is the start of port range. + */ + fromPort: number; + /** + * List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + ipv6CidrBlocks?: string[]; + /** + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). + */ + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; + /** + * The security group id to allow access from. Cannot be specified with CidrBlocks. + */ + sourceSecurityGroupIds?: string[]; + /** + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. + */ + sourceSecurityGroupRoles?: ( + | 'bastion' + | 'node' + | 'controlplane' + | 'apiserver-lb' + | 'lb' + | 'node-eks-additional' + )[]; + /** + * ToPort is the end of port range. + */ + toPort: number; + }[]; + /** + * LoadBalancerType sets the type for a load balancer. The default type is classic. + */ + loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb' | 'disabled'; + /** + * Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + * within your set of load balancers for the region, must have a maximum of 32 characters, must + * contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + * set, the value cannot be changed. + */ + name?: string; + /** + * PreserveClientIP lets the user control if preservation of client ips must be retained or not. + * If this is enabled 6443 will be opened to 0.0.0.0/0. + */ + preserveClientIP?: boolean; + /** + * Scheme sets the scheme of the load balancer (defaults to internet-facing) + */ + scheme?: 'internet-facing' | 'internal'; + /** + * Subnets sets the subnets that should be applied to the control plane load balancer (defaults to discovered subnets for managed VPCs or an empty set for unmanaged VPCs) + */ + subnets?: string[]; + }; + /** + * IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + * If no identity is specified, the default identity for this controller will be used. + */ + identityRef?: { + /** + * Kind of the identity. + */ + kind: + | 'AWSClusterControllerIdentity' + | 'AWSClusterRoleIdentity' + | 'AWSClusterStaticIdentity'; + /** + * Name of the identity. + */ + name: string; + }; + /** + * ImageLookupBaseOS is the name of the base operating system used to look + * up machine images when a machine does not specify an AMI. When set, this + * will be used for all cluster machines unless a machine specifies a + * different ImageLookupBaseOS. + */ + imageLookupBaseOS?: string; + /** + * ImageLookupFormat is the AMI naming format to look up machine images when + * a machine does not specify an AMI. When set, this will be used for all + * cluster machines unless a machine specifies a different ImageLookupOrg. + * Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + * OS and kubernetes version, respectively. The BaseOS will be the value in + * ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + * defined by the packages produced by kubernetes/release without v as a + * prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + * image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + * searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + * Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + * also: https://golang.org/pkg/text/template/ + */ + imageLookupFormat?: string; + /** + * ImageLookupOrg is the AWS Organization ID to look up machine images when a + * machine does not specify an AMI. When set, this will be used for all + * cluster machines unless a machine specifies a different ImageLookupOrg. + */ + imageLookupOrg?: string; + /** + * NetworkSpec encapsulates all things related to AWS network. + */ + network?: { + /** + * AdditionalControlPlaneIngressRules is an optional set of ingress rules to add to the control plane + */ + additionalControlPlaneIngressRules?: { + /** + * List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + cidrBlocks?: string[]; + /** + * Description provides extended information about the ingress rule. + */ + description: string; + /** + * FromPort is the start of port range. + */ + fromPort: number; + /** + * List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + ipv6CidrBlocks?: string[]; + /** + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). + */ + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; + /** + * The security group id to allow access from. Cannot be specified with CidrBlocks. + */ + sourceSecurityGroupIds?: string[]; + /** + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. + */ + sourceSecurityGroupRoles?: ( + | 'bastion' + | 'node' + | 'controlplane' + | 'apiserver-lb' + | 'lb' + | 'node-eks-additional' + )[]; + /** + * ToPort is the end of port range. + */ + toPort: number; + }[]; + /** + * CNI configuration + */ + cni?: { + /** + * CNIIngressRules specify rules to apply to control plane and worker node security groups. + * The source for the rule will be set to control plane and worker security group IDs. + */ + cniIngressRules?: { + description: string; + fromPort: number; + /** + * SecurityGroupProtocol defines the protocol type for a security group rule. + */ + protocol: string; + toPort: number; + }[]; + }; + /** + * SecurityGroupOverrides is an optional set of security groups to use for cluster instances + * This is optional - if not provided new security groups will be created for the cluster + */ + securityGroupOverrides?: { + [k: string]: string; + }; + /** + * Subnets configuration. + */ + subnets?: { + /** + * AvailabilityZone defines the availability zone to use for this subnet in the cluster's region. + */ + availabilityZone?: string; + /** + * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + */ + cidrBlock?: string; + /** + * ID defines a unique identifier to reference this resource. + * If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + * + * + * When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + * the id can be set to any placeholder value that does not start with `subnet-`; + * upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + * the `id` field is going to be used as the subnet name. If you specify a tag + * called `Name`, it takes precedence. + */ + id: string; + /** + * IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + * A subnet can have an IPv4 and an IPv6 address. + * IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. + */ + ipv6CidrBlock?: string; + /** + * IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + * IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. + */ + isIpv6?: boolean; + /** + * IsPublic defines the subnet as a public subnet. A subnet is public when it is associated with a route table that has a route to an internet gateway. + */ + isPublic?: boolean; + /** + * NatGatewayID is the NAT gateway id associated with the subnet. + * Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. + */ + natGatewayId?: string; + /** + * ParentZoneName is the zone name where the current subnet's zone is tied when + * the zone is a Local Zone. + * + * + * The subnets in Local Zone or Wavelength Zone locations consume the ParentZoneName + * to select the correct private route table to egress traffic to the internet. + */ + parentZoneName?: string; + /** + * ResourceID is the subnet identifier from AWS, READ ONLY. + * This field is populated when the provider manages the subnet. + */ + resourceID?: string; + /** + * RouteTableID is the routing table id associated with the subnet. + */ + routeTableId?: string; + /** + * Tags is a collection of tags describing the resource. + */ + tags?: { + [k: string]: string; + }; + /** + * ZoneType defines the type of the zone where the subnet is created. + * + * + * The valid values are availability-zone, local-zone, and wavelength-zone. + * + * + * Subnet with zone type availability-zone (regular) is always selected to create cluster + * resources, like Load Balancers, NAT Gateways, Contol Plane nodes, etc. + * + * + * Subnet with zone type local-zone or wavelength-zone is not eligible to automatically create + * regular cluster resources. + * + * + * The public subnet in availability-zone or local-zone is associated with regular public + * route table with default route entry to a Internet Gateway. + * + * + * The public subnet in wavelength-zone is associated with a carrier public + * route table with default route entry to a Carrier Gateway. + * + * + * The private subnet in the availability-zone is associated with a private route table with + * the default route entry to a NAT Gateway created in that zone. + * + * + * The private subnet in the local-zone or wavelength-zone is associated with a private route table with + * the default route entry re-using the NAT Gateway in the Region (preferred from the + * parent zone, the zone type availability-zone in the region, or first table available). + */ + zoneType?: 'availability-zone' | 'local-zone' | 'wavelength-zone'; + }[]; + /** + * VPC configuration. + */ + vpc?: { + /** + * AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + * in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + * Ordered - selects based on alphabetical order + * Random - selects AZs randomly in a region + * Defaults to Ordered + */ + availabilityZoneSelection?: 'Ordered' | 'Random'; + /** + * AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + * should be used in a region when automatically creating subnets. If a region has more + * than this number of AZs then this number of AZs will be picked randomly when creating + * default subnets. Defaults to 3 + */ + availabilityZoneUsageLimit?: number; + /** + * CarrierGatewayID is the id of the internet gateway associated with the VPC, + * for carrier network (Wavelength Zones). + */ + carrierGatewayId?: string; + /** + * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + * Defaults to 10.0.0.0/16. + * Mutually exclusive with IPAMPool. + */ + cidrBlock?: string; + /** + * ElasticIPPool contains specific configuration to allocate Public IPv4 address (Elastic IP) from user-defined pool + * brought to AWS for core infrastructure resources, like NAT Gateways and Public Network Load Balancers for + * the API Server. + */ + elasticIpPool?: { + /** + * PublicIpv4Pool sets a custom Public IPv4 Pool used to create Elastic IP address for resources + * created in public IPv4 subnets. Every IPv4 address, Elastic IP, will be allocated from the custom + * Public IPv4 pool that you brought to AWS, instead of Amazon-provided pool. The public IPv4 pool + * resource ID starts with 'ipv4pool-ec2'. + */ + publicIpv4Pool?: string; + /** + * PublicIpv4PoolFallBackOrder defines the fallback action when the Public IPv4 Pool has been exhausted, + * no more IPv4 address available in the pool. + * + * + * When set to 'amazon-pool', the controller check if the pool has available IPv4 address, when pool has reached the + * IPv4 limit, the address will be claimed from Amazon-pool (default). + * + * + * When set to 'none', the controller will fail the Elastic IP allocation when the publicIpv4Pool is exhausted. + */ + publicIpv4PoolFallbackOrder?: 'amazon-pool' | 'none'; + }; + /** + * EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + * and egress rules should be removed. + * + * + * By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + * rules that allow traffic from anywhere. The group could be used as a potential surface attack and + * it's generally suggested that the group rules are removed or modified appropriately. + * + * + * NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. + */ + emptyRoutesDefaultVPCSecurityGroup?: boolean; + /** + * ID is the vpc-id of the VPC this provider should use to create resources. + */ + id?: string; + /** + * InternetGatewayID is the id of the internet gateway associated with the VPC. + */ + internetGatewayId?: string; + /** + * IPAMPool defines the IPAMv4 pool to be used for VPC. + * Mutually exclusive with CidrBlock. + */ + ipamPool?: { + /** + * ID is the ID of the IPAM pool this provider should use to create VPC. + */ + id?: string; + /** + * Name is the name of the IPAM pool this provider should use to create VPC. + */ + name?: string; + /** + * The netmask length of the IPv4 CIDR you want to allocate to VPC from + * an Amazon VPC IP Address Manager (IPAM) pool. + * Defaults to /16 for IPv4 if not specified. + */ + netmaskLength?: number; + }; + /** + * IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + * This field cannot be set on AWSCluster object. + */ + ipv6?: { + /** + * CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + * Mutually exclusive with IPAMPool. + */ + cidrBlock?: string; + /** + * EgressOnlyInternetGatewayID is the id of the egress only internet gateway associated with an IPv6 enabled VPC. + */ + egressOnlyInternetGatewayId?: string; + /** + * IPAMPool defines the IPAMv6 pool to be used for VPC. + * Mutually exclusive with CidrBlock. + */ + ipamPool?: { + /** + * ID is the ID of the IPAM pool this provider should use to create VPC. + */ + id?: string; + /** + * Name is the name of the IPAM pool this provider should use to create VPC. + */ + name?: string; + /** + * The netmask length of the IPv4 CIDR you want to allocate to VPC from + * an Amazon VPC IP Address Manager (IPAM) pool. + * Defaults to /16 for IPv4 if not specified. + */ + netmaskLength?: number; + }; + /** + * PoolID is the IP pool which must be defined in case of BYO IP is defined. + * Must be specified if CidrBlock is set. + * Mutually exclusive with IPAMPool. + */ + poolId?: string; + }; + /** + * PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + * For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + * or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). + */ + privateDnsHostnameTypeOnLaunch?: 'ip-name' | 'resource-name'; + /** + * SecondaryCidrBlocks are additional CIDR blocks to be associated when the provider creates a managed VPC. + * Defaults to none. Mutually exclusive with IPAMPool. This makes sense to use if, for example, you want to use + * a separate IP range for pods (e.g. Cilium ENI mode). + */ + secondaryCidrBlocks?: { + /** + * IPv4CidrBlock is the IPv4 CIDR block to associate with the managed VPC. + */ + ipv4CidrBlock: string; + }[]; + /** + * SubnetSchema specifies how CidrBlock should be divided on subnets in the VPC depending on the number of AZs. + * PreferPrivate - one private subnet for each AZ plus one other subnet that will be further sub-divided for the public subnets. + * PreferPublic - have the reverse logic of PreferPrivate, one public subnet for each AZ plus one other subnet + * that will be further sub-divided for the private subnets. + * Defaults to PreferPrivate + */ + subnetSchema?: 'PreferPrivate' | 'PreferPublic'; + /** + * Tags is a collection of tags describing the resource. + */ + tags?: { + [k: string]: string; + }; + }; + }; + /** + * Partition is the AWS security partition being used. Defaults to "aws" + */ + partition?: string; + /** + * The AWS Region the cluster lives in. + */ + region?: string; + /** + * S3Bucket contains options to configure a supporting S3 bucket for this + * cluster - currently used for nodes requiring Ignition + * (https://coreos.github.io/ignition/) for bootstrapping (requires + * BootstrapFormatIgnition feature flag to be enabled). + */ + s3Bucket?: { + /** + * BestEffortDeleteObjects defines whether access/permission errors during object deletion should be ignored. + */ + bestEffortDeleteObjects?: boolean; + /** + * ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed + * to read control-plane node bootstrap data from S3 Bucket. + */ + controlPlaneIAMInstanceProfile?: string; + /** + * Name defines name of S3 Bucket to be created. + */ + name: string; + /** + * NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read + * worker nodes bootstrap data from S3 Bucket. + */ + nodesIAMInstanceProfiles?: string[]; + /** + * PresignedURLDuration defines the duration for which presigned URLs are valid. + * + * + * This is used to generate presigned URLs for S3 Bucket objects, which are used by + * control-plane and worker nodes to fetch bootstrap data. + * + * + * When enabled, the IAM instance profiles specified are not used. + */ + presignedURLDuration?: string; + }; + /** + * SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane. + * + * + * An example use case is to have a separate internal load balancer for internal traffic, + * and a separate external load balancer for external traffic. + */ + secondaryControlPlaneLoadBalancer?: { + /** + * AdditionalListeners sets the additional listeners for the control plane load balancer. + * This is only applicable to Network Load Balancer (NLB) types for the time being. + */ + additionalListeners?: { + /** + * HealthCheck sets the optional custom health check configuration to the API target group. + */ + healthCheck?: { + /** + * The approximate amount of time, in seconds, between health checks of an individual + * target. + */ + intervalSeconds?: number; + /** + * The destination for health checks on the targets when using the protocol HTTP or HTTPS, + * otherwise the path will be ignored. + */ + path?: string; + /** + * The port the load balancer uses when performing health checks for additional target groups. When + * not specified this value will be set for the same of listener port. + */ + port?: string; + /** + * The protocol to use to health check connect with the target. When not specified the Protocol + * will be the same of the listener. + */ + protocol?: 'TCP' | 'HTTP' | 'HTTPS'; + /** + * The number of consecutive health check successes required before considering + * a target healthy. + */ + thresholdCount?: number; + /** + * The amount of time, in seconds, during which no response from a target means + * a failed health check. + */ + timeoutSeconds?: number; + /** + * The number of consecutive health check failures required before considering + * a target unhealthy. + */ + unhealthyThresholdCount?: number; + }; + /** + * Port sets the port for the additional listener. + */ + port: number; + /** + * Protocol sets the protocol for the additional listener. + * Currently only TCP is supported. + */ + protocol?: 'TCP'; + }[]; + /** + * AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs + * This is optional - if not provided new security groups will be created for the load balancer + */ + additionalSecurityGroups?: string[]; + /** + * CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing. + * + * + * With cross-zone load balancing, each load balancer node for your Classic Load Balancer + * distributes requests evenly across the registered instances in all enabled Availability Zones. + * If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across + * the registered instances in its Availability Zone only. + * + * + * Defaults to false. + */ + crossZoneLoadBalancing?: boolean; + /** + * DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB's address as 127.0.0.1 to the hosts + * file of each instance. This is by default, false. + */ + disableHostsRewrite?: boolean; + /** + * HealthCheck sets custom health check configuration to the API target group. + */ + healthCheck?: { + /** + * The approximate amount of time, in seconds, between health checks of an individual + * target. + */ + intervalSeconds?: number; + /** + * The number of consecutive health check successes required before considering + * a target healthy. + */ + thresholdCount?: number; + /** + * The amount of time, in seconds, during which no response from a target means + * a failed health check. + */ + timeoutSeconds?: number; + /** + * The number of consecutive health check failures required before considering + * a target unhealthy. + */ + unhealthyThresholdCount?: number; + }; + /** + * HealthCheckProtocol sets the protocol type for ELB health check target + * default value is ELBProtocolSSL + */ + healthCheckProtocol?: 'TCP' | 'SSL' | 'HTTP' | 'HTTPS' | 'TLS' | 'UDP'; + /** + * IngressRules sets the ingress rules for the control plane load balancer. + */ + ingressRules?: { + /** + * List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + cidrBlocks?: string[]; + /** + * Description provides extended information about the ingress rule. + */ + description: string; + /** + * FromPort is the start of port range. + */ + fromPort: number; + /** + * List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + ipv6CidrBlocks?: string[]; + /** + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). + */ + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; + /** + * The security group id to allow access from. Cannot be specified with CidrBlocks. + */ + sourceSecurityGroupIds?: string[]; + /** + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. + */ + sourceSecurityGroupRoles?: ( + | 'bastion' + | 'node' + | 'controlplane' + | 'apiserver-lb' + | 'lb' + | 'node-eks-additional' + )[]; + /** + * ToPort is the end of port range. + */ + toPort: number; + }[]; + /** + * LoadBalancerType sets the type for a load balancer. The default type is classic. + */ + loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb' | 'disabled'; + /** + * Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique + * within your set of load balancers for the region, must have a maximum of 32 characters, must + * contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once + * set, the value cannot be changed. + */ + name?: string; + /** + * PreserveClientIP lets the user control if preservation of client ips must be retained or not. + * If this is enabled 6443 will be opened to 0.0.0.0/0. + */ + preserveClientIP?: boolean; + /** + * Scheme sets the scheme of the load balancer (defaults to internet-facing) + */ + scheme?: 'internet-facing' | 'internal'; + /** + * Subnets sets the subnets that should be applied to the control plane load balancer (defaults to discovered subnets for managed VPCs or an empty set for unmanaged VPCs) + */ + subnets?: string[]; + }; + /** + * SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) + */ + sshKeyName?: string; + }; + /** + * AWSClusterStatus defines the observed state of AWSCluster. + */ + status?: { + /** + * Instance describes an AWS instance. + */ + bastion?: { + /** + * Addresses contains the AWS instance associated addresses. + */ + addresses?: { + /** + * The machine address. + */ + address: string; + /** + * Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + */ + type: string; + }[]; + /** + * Availability zone of instance + */ + availabilityZone?: string; + /** + * CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched. + */ + capacityReservationId?: string; + /** + * Indicates whether the instance is optimized for Amazon EBS I/O. + */ + ebsOptimized?: boolean; + /** + * Specifies whether enhanced networking with ENA is enabled. + */ + enaSupport?: boolean; + /** + * The name of the IAM instance profile associated with the instance, if applicable. + */ + iamProfile?: string; + id: string; + /** + * The ID of the AMI used to launch the instance. + */ + imageId?: string; + /** + * InstanceMetadataOptions is the metadata options for the EC2 instance. + */ + instanceMetadataOptions?: { + /** + * Enables or disables the HTTP metadata endpoint on your instances. + * + * + * If you specify a value of disabled, you cannot access your instance metadata. + * + * + * Default: enabled + */ + httpEndpoint?: 'enabled' | 'disabled'; + /** + * The desired HTTP PUT response hop limit for instance metadata requests. The + * larger the number, the further instance metadata requests can travel. + * + * + * Default: 1 + */ + httpPutResponseHopLimit?: number; + /** + * The state of token usage for your instance metadata requests. + * + * + * If the state is optional, you can choose to retrieve instance metadata with + * or without a session token on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. + * If you retrieve the IAM role credentials using a valid session token, the + * version 2.0 role credentials are returned. + * + * + * If the state is required, you must send a session token with any instance + * metadata retrieval requests. In this state, retrieving the IAM role credentials + * always returns the version 2.0 credentials; the version 1.0 credentials are + * not available. + * + * + * Default: optional + */ + httpTokens?: 'optional' | 'required'; + /** + * Set to enabled to allow access to instance tags from the instance metadata. + * Set to disabled to turn off access to instance tags from the instance metadata. + * For more information, see Work with instance tags using the instance metadata + * (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + * + * + * Default: disabled + */ + instanceMetadataTags?: 'enabled' | 'disabled'; + }; + /** + * The current state of the instance. + */ + instanceState?: string; + /** + * Specifies ENIs attached to instance + */ + networkInterfaces?: string[]; + /** + * Configuration options for the non root storage volumes. + */ + nonRootVolumes?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }[]; + /** + * PlacementGroupName specifies the name of the placement group in which to launch the instance. + */ + placementGroupName?: string; + /** + * PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + * This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + * strategy set to partition. + */ + placementGroupPartition?: number; + /** + * PrivateDNSName is the options for the instance hostname. + */ + privateDnsName?: { + /** + * EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. + */ + enableResourceNameDnsAAAARecord?: boolean; + /** + * EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records. + */ + enableResourceNameDnsARecord?: boolean; + /** + * The type of hostname to assign to an instance. + */ + hostnameType?: 'ip-name' | 'resource-name'; + }; + /** + * The private IPv4 address assigned to the instance. + */ + privateIp?: string; + /** + * PublicIPOnLaunch is the option to associate a public IP on instance launch + */ + publicIPOnLaunch?: boolean; + /** + * The public IPv4 address assigned to the instance, if applicable. + */ + publicIp?: string; + /** + * Configuration options for the root storage volume. + */ + rootVolume?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }; + /** + * SecurityGroupIDs are one or more security group IDs this instance belongs to. + */ + securityGroupIds?: string[]; + /** + * SpotMarketOptions option for configuring instances to be run using AWS Spot instances. + */ + spotMarketOptions?: { + /** + * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances + */ + maxPrice?: string; + }; + /** + * The name of the SSH key pair. + */ + sshKeyName?: string; + /** + * The ID of the subnet of the instance. + */ + subnetId?: string; + /** + * The tags associated with the instance. + */ + tags?: { + [k: string]: string; + }; + /** + * Tenancy indicates if instance should run on shared or single-tenant hardware. + */ + tenancy?: string; + /** + * The instance type. + */ + type?: string; + /** + * UserData is the raw data script passed to the instance which is run upon bootstrap. + * This field must not be base64 encoded and should only be used when running a new instance. + */ + userData?: string; + /** + * IDs of the instance's volumes + */ + volumeIDs?: string[]; + }; + /** + * Conditions provide observations of the operational state of a Cluster API resource. + */ + conditions?: { + /** + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. + */ + lastTransitionTime: string; + /** + * A human readable message indicating details about the transition. + * This field may be empty. + */ + message?: string; + /** + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. + */ + reason?: string; + /** + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. + */ + severity?: string; + /** + * Status of the condition, one of True, False, Unknown. + */ + status: string; + /** + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. + */ + type: string; + }[]; + /** + * FailureDomains is a slice of FailureDomains. + */ + failureDomains?: { + /** + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. + */ + [k: string]: { + /** + * Attributes is a free form map of attributes an infrastructure provider might use or require. + */ + attributes?: { + [k: string]: string; + }; + /** + * ControlPlane determines if this failure domain is suitable for use by control plane machines. + */ + controlPlane?: boolean; + }; + }; + /** + * NetworkStatus encapsulates AWS networking resources. + */ + networkStatus?: { + /** + * APIServerELB is the Kubernetes api server load balancer. + */ + apiServerElb?: { + /** + * ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + * to define and get it. + */ + arn?: string; + /** + * ClassicElbAttributes defines extra attributes associated with the load balancer. + */ + attributes?: { + /** + * CrossZoneLoadBalancing enables the classic load balancer load balancing. + */ + crossZoneLoadBalancing?: boolean; + /** + * IdleTimeout is time that the connection is allowed to be idle (no data + * has been sent over the connection) before it is closed by the load balancer. + */ + idleTimeout?: number; + }; + /** + * AvailabilityZones is an array of availability zones in the VPC attached to the load balancer. + */ + availabilityZones?: string[]; + /** + * DNSName is the dns name of the load balancer. + */ + dnsName?: string; + /** + * ELBAttributes defines extra attributes associated with v2 load balancers. + */ + elbAttributes?: { + [k: string]: string; + }; + /** + * ELBListeners is an array of listeners associated with the load balancer. There must be at least one. + */ + elbListeners?: { + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + /** + * TargetGroupSpec specifies target group settings for a given listener. + * This is created first, and the ARN is then passed to the listener. + */ + targetGroup: { + /** + * Name of the TargetGroup. Must be unique over the same group of listeners. + */ + name: string; + /** + * Port is the exposed port + */ + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: 'tcp' | 'tls' | 'udp' | 'TCP' | 'TLS' | 'UDP'; + /** + * HealthCheck is the elb health check associated with the load balancer. + */ + targetGroupHealthCheck?: { + intervalSeconds?: number; + path?: string; + port?: string; + protocol?: string; + thresholdCount?: number; + timeoutSeconds?: number; + unhealthyThresholdCount?: number; + }; + vpcId: string; + }; + }[]; + /** + * HealthCheck is the classic elb health check associated with the load balancer. + */ + healthChecks?: { + healthyThreshold: number; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + interval: number; + target: string; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + timeout: number; + unhealthyThreshold: number; + }; + /** + * ClassicELBListeners is an array of classic elb listeners associated with the load balancer. There must be at least one. + */ + listeners?: { + instancePort: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + instanceProtocol: string; + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + }[]; + /** + * LoadBalancerType sets the type for a load balancer. The default type is classic. + */ + loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb'; + /** + * The name of the load balancer. It must be unique within the set of load balancers + * defined in the region. It also serves as identifier. + */ + name?: string; + /** + * Scheme is the load balancer scheme, either internet-facing or private. + */ + scheme?: string; + /** + * SecurityGroupIDs is an array of security groups assigned to the load balancer. + */ + securityGroupIds?: string[]; + /** + * SubnetIDs is an array of subnets in the VPC attached to the load balancer. + */ + subnetIds?: string[]; + /** + * Tags is a map of tags associated with the load balancer. + */ + tags?: { + [k: string]: string; + }; + }; + /** + * NatGatewaysIPs contains the public IPs of the NAT Gateways + */ + natGatewaysIPs?: string[]; + /** + * SecondaryAPIServerELB is the secondary Kubernetes api server load balancer. + */ + secondaryAPIServerELB?: { + /** + * ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + * to define and get it. + */ + arn?: string; + /** + * ClassicElbAttributes defines extra attributes associated with the load balancer. + */ + attributes?: { + /** + * CrossZoneLoadBalancing enables the classic load balancer load balancing. + */ + crossZoneLoadBalancing?: boolean; + /** + * IdleTimeout is time that the connection is allowed to be idle (no data + * has been sent over the connection) before it is closed by the load balancer. + */ + idleTimeout?: number; + }; + /** + * AvailabilityZones is an array of availability zones in the VPC attached to the load balancer. + */ + availabilityZones?: string[]; + /** + * DNSName is the dns name of the load balancer. + */ + dnsName?: string; + /** + * ELBAttributes defines extra attributes associated with v2 load balancers. + */ + elbAttributes?: { + [k: string]: string; + }; + /** + * ELBListeners is an array of listeners associated with the load balancer. There must be at least one. + */ + elbListeners?: { + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + /** + * TargetGroupSpec specifies target group settings for a given listener. + * This is created first, and the ARN is then passed to the listener. + */ + targetGroup: { + /** + * Name of the TargetGroup. Must be unique over the same group of listeners. + */ + name: string; + /** + * Port is the exposed port + */ + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: 'tcp' | 'tls' | 'udp' | 'TCP' | 'TLS' | 'UDP'; + /** + * HealthCheck is the elb health check associated with the load balancer. + */ + targetGroupHealthCheck?: { + intervalSeconds?: number; + path?: string; + port?: string; + protocol?: string; + thresholdCount?: number; + timeoutSeconds?: number; + unhealthyThresholdCount?: number; + }; + vpcId: string; + }; + }[]; + /** + * HealthCheck is the classic elb health check associated with the load balancer. + */ + healthChecks?: { + healthyThreshold: number; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + interval: number; + target: string; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + timeout: number; + unhealthyThreshold: number; + }; + /** + * ClassicELBListeners is an array of classic elb listeners associated with the load balancer. There must be at least one. + */ + listeners?: { + instancePort: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + instanceProtocol: string; + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + }[]; + /** + * LoadBalancerType sets the type for a load balancer. The default type is classic. + */ + loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb'; + /** + * The name of the load balancer. It must be unique within the set of load balancers + * defined in the region. It also serves as identifier. + */ + name?: string; + /** + * Scheme is the load balancer scheme, either internet-facing or private. + */ + scheme?: string; + /** + * SecurityGroupIDs is an array of security groups assigned to the load balancer. + */ + securityGroupIds?: string[]; + /** + * SubnetIDs is an array of subnets in the VPC attached to the load balancer. + */ + subnetIds?: string[]; + /** + * Tags is a map of tags associated with the load balancer. + */ + tags?: { + [k: string]: string; + }; + }; + /** + * SecurityGroups is a map from the role/kind of the security group to its unique name, if any. + */ + securityGroups?: { + /** + * SecurityGroup defines an AWS security group. + */ + [k: string]: { + /** + * ID is a unique identifier. + */ + id: string; + /** + * IngressRules is the inbound rules associated with the security group. + */ + ingressRule?: { + /** + * List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + cidrBlocks?: string[]; + /** + * Description provides extended information about the ingress rule. + */ + description: string; + /** + * FromPort is the start of port range. + */ + fromPort: number; + /** + * List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID. + */ + ipv6CidrBlocks?: string[]; + /** + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). + */ + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; + /** + * The security group id to allow access from. Cannot be specified with CidrBlocks. + */ + sourceSecurityGroupIds?: string[]; + /** + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. + */ + sourceSecurityGroupRoles?: ( + | 'bastion' + | 'node' + | 'controlplane' + | 'apiserver-lb' + | 'lb' + | 'node-eks-additional' + )[]; + /** + * ToPort is the end of port range. + */ + toPort: number; + }[]; + /** + * Name is the security group name. + */ + name: string; + /** + * Tags is a map of tags associated with the security group. + */ + tags?: { + [k: string]: string; + }; + }; + }; + }; + ready: boolean; + }; +} + +export const AWSClusterList = 'AWSClusterList'; + +export interface IAWSClusterList extends metav1.IList { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + kind: typeof AWSClusterList; +} + +export const AWSMachinePool = 'AWSMachinePool'; + +/** + * AWSMachinePool is the Schema for the awsmachinepools API. + */ +export interface IAWSMachinePool { + /** + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + */ + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + /** + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + */ + kind: typeof AWSMachinePool; + metadata: metav1.IObjectMeta; + /** + * AWSMachinePoolSpec defines the desired state of AWSMachinePool. + */ + spec?: { + /** + * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + * AWS provider. + */ + additionalTags?: { + [k: string]: string; + }; + /** + * AvailabilityZoneSubnetType specifies which type of subnets to use when an availability zone is specified. + */ + availabilityZoneSubnetType?: 'public' | 'private' | 'all'; + /** + * AvailabilityZones is an array of availability zones instances can run in + */ + availabilityZones?: string[]; + /** + * AWSLaunchTemplate specifies the launch template and version to use when an instance is launched. + */ + awsLaunchTemplate: { + /** + * AdditionalSecurityGroups is an array of references to security groups that should be applied to the + * instances. These security groups would be set in addition to any security groups defined + * at the cluster level or in the actuator. + */ + additionalSecurityGroups?: { + /** + * Filters is a set of key/value pairs used to identify a resource + * They are applied according to the rules defined by the AWS API: + * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html + */ + filters?: { + /** + * Name of the filter. Filter names are case-sensitive. + */ + name: string; + /** + * Values includes one or more filter values. Filter values are case-sensitive. + */ + values: string[]; + }[]; + /** + * ID of resource + */ + id?: string; + }[]; + /** + * AMI is the reference to the AMI from which to create the machine instance. + */ + ami?: { + /** + * EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store + */ + eksLookupType?: 'AmazonLinux' | 'AmazonLinuxGPU'; + /** + * ID of resource + */ + id?: string; + }; + /** + * The name or the Amazon Resource Name (ARN) of the instance profile associated + * with the IAM role for the instance. The instance profile contains the IAM + * role. + */ + iamInstanceProfile?: string; + /** + * ImageLookupBaseOS is the name of the base operating system to use for + * image lookup the AMI is not set. + */ + imageLookupBaseOS?: string; + /** + * ImageLookupFormat is the AMI naming format to look up the image for this + * machine It will be ignored if an explicit AMI is set. Supports + * substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + * kubernetes version, respectively. The BaseOS will be the value in + * ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + * defined by the packages produced by kubernetes/release without v as a + * prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + * image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + * searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + * Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + * also: https://golang.org/pkg/text/template/ + */ + imageLookupFormat?: string; + /** + * ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set. + */ + imageLookupOrg?: string; + /** + * InstanceMetadataOptions defines the behavior for applying metadata to instances. + */ + instanceMetadataOptions?: { + /** + * Enables or disables the HTTP metadata endpoint on your instances. + * + * + * If you specify a value of disabled, you cannot access your instance metadata. + * + * + * Default: enabled + */ + httpEndpoint?: 'enabled' | 'disabled'; + /** + * The desired HTTP PUT response hop limit for instance metadata requests. The + * larger the number, the further instance metadata requests can travel. + * + * + * Default: 1 + */ + httpPutResponseHopLimit?: number; + /** + * The state of token usage for your instance metadata requests. + * + * + * If the state is optional, you can choose to retrieve instance metadata with + * or without a session token on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. + * If you retrieve the IAM role credentials using a valid session token, the + * version 2.0 role credentials are returned. + * + * + * If the state is required, you must send a session token with any instance + * metadata retrieval requests. In this state, retrieving the IAM role credentials + * always returns the version 2.0 credentials; the version 1.0 credentials are + * not available. + * + * + * Default: optional + */ + httpTokens?: 'optional' | 'required'; + /** + * Set to enabled to allow access to instance tags from the instance metadata. + * Set to disabled to turn off access to instance tags from the instance metadata. + * For more information, see Work with instance tags using the instance metadata + * (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + * + * + * Default: disabled + */ + instanceMetadataTags?: 'enabled' | 'disabled'; + }; + /** + * InstanceType is the type of instance to create. Example: m4.xlarge + */ + instanceType?: string; + /** + * The name of the launch template. + */ + name?: string; + /** + * Configuration options for the non root storage volumes. + */ + nonRootVolumes?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }[]; + /** + * PrivateDNSName is the options for the instance hostname. + */ + privateDnsName?: { + /** + * EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. + */ + enableResourceNameDnsAAAARecord?: boolean; + /** + * EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records. + */ + enableResourceNameDnsARecord?: boolean; + /** + * The type of hostname to assign to an instance. + */ + hostnameType?: 'ip-name' | 'resource-name'; + }; + /** + * RootVolume encapsulates the configuration options for the root volume + */ + rootVolume?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }; + /** + * SpotMarketOptions are options for configuring AWSMachinePool instances to be run using AWS Spot instances. + */ + spotMarketOptions?: { + /** + * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances + */ + maxPrice?: string; + }; + /** + * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + * (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) + */ + sshKeyName?: string; + /** + * VersionNumber is the version of the launch template that is applied. + * Typically a new version is created when at least one of the following happens: + * 1) A new launch template spec is applied. + * 2) One or more parameters in an existing template is changed. + * 3) A new AMI is discovered. + */ + versionNumber?: number; + }; + /** + * Enable or disable the capacity rebalance autoscaling group feature + */ + capacityRebalance?: boolean; + /** + * The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. + * If no value is supplied by user a default value of 300 seconds is set + */ + defaultCoolDown?: string; + /** + * The amount of time, in seconds, until a new instance is considered to + * have finished initializing and resource consumption to become stable + * after it enters the InService state. + * If no value is supplied by user a default value of 300 seconds is set + */ + defaultInstanceWarmup?: string; + /** + * MaxSize defines the maximum size of the group. + */ + maxSize: number; + /** + * MinSize defines the minimum size of the group. + */ + minSize: number; + /** + * MixedInstancesPolicy describes how multiple instance types will be used by the ASG. + */ + mixedInstancesPolicy?: { + /** + * InstancesDistribution to configure distribution of On-Demand Instances and Spot Instances. + */ + instancesDistribution?: { + /** + * OnDemandAllocationStrategy indicates how to allocate instance types to fulfill On-Demand capacity. + */ + onDemandAllocationStrategy?: 'prioritized' | 'lowest-price'; + onDemandBaseCapacity?: number; + onDemandPercentageAboveBaseCapacity?: number; + /** + * SpotAllocationStrategy indicates how to allocate instances across Spot Instance pools. + */ + spotAllocationStrategy?: + | 'lowest-price' + | 'capacity-optimized' + | 'capacity-optimized-prioritized' + | 'price-capacity-optimized'; + }; + overrides?: { + instanceType: string; + }[]; + }; + /** + * ProviderID is the ARN of the associated ASG + */ + providerID?: string; + /** + * ProviderIDList are the identification IDs of machine instances provided by the provider. + * This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + */ + providerIDList?: string[]; + /** + * RefreshPreferences describes set of preferences associated with the instance refresh request. + */ + refreshPreferences?: { + /** + * Disable, if true, disables instance refresh from triggering when new launch templates are detected. + * This is useful in scenarios where ASG nodes are externally managed. + */ + disable?: boolean; + /** + * The number of seconds until a newly launched instance is configured and ready + * to use. During this time, the next replacement will not be initiated. + * The default is to use the value for the health check grace period defined for the group. + */ + instanceWarmup?: number; + /** + * The amount of capacity as a percentage in ASG that must remain healthy + * during an instance refresh. The default is 90. + */ + minHealthyPercentage?: number; + /** + * The strategy to use for the instance refresh. The only valid value is Rolling. + * A rolling update is an update that is applied to all instances in an Auto + * Scaling group until all instances have been updated. + */ + strategy?: string; + }; + /** + * Subnets is an array of subnet configurations + */ + subnets?: { + /** + * Filters is a set of key/value pairs used to identify a resource + * They are applied according to the rules defined by the AWS API: + * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html + */ + filters?: { + /** + * Name of the filter. Filter names are case-sensitive. + */ + name: string; + /** + * Values includes one or more filter values. Filter values are case-sensitive. + */ + values: string[]; + }[]; + /** + * ID of resource + */ + id?: string; + }[]; + /** + * SuspendProcesses defines a list of processes to suspend for the given ASG. This is constantly reconciled. + * If a process is removed from this list it will automatically be resumed. + */ + suspendProcesses?: { + all?: boolean; + /** + * Processes defines the processes which can be enabled or disabled individually. + */ + processes?: { + addToLoadBalancer?: boolean; + alarmNotification?: boolean; + azRebalance?: boolean; + healthCheck?: boolean; + instanceRefresh?: boolean; + launch?: boolean; + replaceUnhealthy?: boolean; + scheduledActions?: boolean; + terminate?: boolean; + }; + }; + }; + /** + * AWSMachinePoolStatus defines the observed state of AWSMachinePool. + */ + status?: { + /** + * ASGStatus is a status string returned by the autoscaling API. + */ + asgStatus?: string; + /** + * Conditions defines current service state of the AWSMachinePool. + */ + conditions?: { + /** + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. + */ + lastTransitionTime: string; + /** + * A human readable message indicating details about the transition. + * This field may be empty. + */ + message?: string; + /** + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. + */ + reason?: string; + /** + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. + */ + severity?: string; + /** + * Status of the condition, one of True, False, Unknown. + */ + status: string; + /** + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. + */ + type: string; + }[]; + /** + * FailureMessage will be set in the event that there is a terminal problem + * reconciling the Machine and will contain a more verbose string suitable + * for logging and human consumption. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the Machine's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of Machines + * can be added as events to the Machine object and/or logged in the + * controller's output. + */ + failureMessage?: string; + /** + * FailureReason will be set in the event that there is a terminal problem + * reconciling the Machine and will contain a succinct value suitable + * for machine interpretation. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the Machine's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of Machines + * can be added as events to the Machine object and/or logged in the + * controller's output. + */ + failureReason?: string; + /** + * Instances contains the status for each instance in the pool + */ + instances?: { + /** + * InstanceID is the identification of the Machine Instance within ASG + */ + instanceID?: string; + /** + * Version defines the Kubernetes version for the Machine Instance + */ + version?: string; + }[]; + /** + * The ID of the launch template + */ + launchTemplateID?: string; + /** + * The version of the launch template + */ + launchTemplateVersion?: string; + /** + * Ready is true when the provider resource is ready. + */ + ready?: boolean; + /** + * Replicas is the most recently observed number of replicas + */ + replicas?: number; + }; +} + +export const AWSMachinePoolList = 'AWSMachinePoolList'; + +export interface IAWSMachinePoolList extends metav1.IList { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + kind: typeof AWSMachinePoolList; +} + +export const AWSMachineTemplate = 'AWSMachineTemplate'; + +/** + * AWSMachineTemplate is the schema for the Amazon EC2 Machine Templates API. + */ +export interface IAWSMachineTemplate { + /** + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + */ + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + /** + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + */ + kind: typeof AWSMachineTemplate; + metadata: metav1.IObjectMeta; + /** + * AWSMachineTemplateSpec defines the desired state of AWSMachineTemplate. + */ + spec?: { + /** + * AWSMachineTemplateResource describes the data needed to create am AWSMachine from a template. + */ + template: { + /** + * Standard object's metadata. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + */ + metadata?: { + /** + * Annotations is an unstructured key value map stored with a resource that may be + * set by external tools to store and retrieve arbitrary metadata. They are not + * queryable and should be preserved when modifying objects. + * More info: http://kubernetes.io/docs/user-guide/annotations + */ + annotations?: { + [k: string]: string; + }; + /** + * Map of string keys and values that can be used to organize and categorize + * (scope and select) objects. May match selectors of replication controllers + * and services. + * More info: http://kubernetes.io/docs/user-guide/labels + */ + labels?: { + [k: string]: string; + }; + }; + /** + * Spec is the specification of the desired behavior of the machine. + */ + spec: { + /** + * AdditionalSecurityGroups is an array of references to security groups that should be applied to the + * instance. These security groups would be set in addition to any security groups defined + * at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters + * will cause additional requests to AWS API and if tags change the attached security groups might change too. + */ + additionalSecurityGroups?: { + /** + * Filters is a set of key/value pairs used to identify a resource + * They are applied according to the rules defined by the AWS API: + * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html + */ + filters?: { + /** + * Name of the filter. Filter names are case-sensitive. + */ + name: string; + /** + * Values includes one or more filter values. Filter values are case-sensitive. + */ + values: string[]; + }[]; + /** + * ID of resource + */ + id?: string; + }[]; + /** + * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + * AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the + * AWSMachine's value takes precedence. + */ + additionalTags?: { + [k: string]: string; + }; + /** + * AMI is the reference to the AMI from which to create the machine instance. + */ + ami?: { + /** + * EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store + */ + eksLookupType?: 'AmazonLinux' | 'AmazonLinuxGPU'; + /** + * ID of resource + */ + id?: string; + }; + /** + * CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched. + */ + capacityReservationId?: string; + /** + * CloudInit defines options related to the bootstrapping systems where + * CloudInit is used. + */ + cloudInit?: { + /** + * InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager + * or AWS Systems Manager Parameter Store to ensure privacy of userdata. + * By default, a cloud-init boothook shell script is prepended to download + * the userdata from Secrets Manager and additionally delete the secret. + */ + insecureSkipSecretsManager?: boolean; + /** + * SecretCount is the number of secrets used to form the complete secret + */ + secretCount?: number; + /** + * SecretPrefix is the prefix for the secret name. This is stored + * temporarily, and deleted when the machine registers as a node against + * the workload cluster. + */ + secretPrefix?: string; + /** + * SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager + * Parameter Storage to distribute secrets. By default or with the value of secrets-manager, + * will use AWS Secrets Manager instead. + */ + secureSecretsBackend?: 'secrets-manager' | 'ssm-parameter-store'; + }; + /** + * ElasticIPPool is the configuration to allocate Public IPv4 address (Elastic IP/EIP) from user-defined pool. + */ + elasticIpPool?: { + /** + * PublicIpv4Pool sets a custom Public IPv4 Pool used to create Elastic IP address for resources + * created in public IPv4 subnets. Every IPv4 address, Elastic IP, will be allocated from the custom + * Public IPv4 pool that you brought to AWS, instead of Amazon-provided pool. The public IPv4 pool + * resource ID starts with 'ipv4pool-ec2'. + */ + publicIpv4Pool?: string; + /** + * PublicIpv4PoolFallBackOrder defines the fallback action when the Public IPv4 Pool has been exhausted, + * no more IPv4 address available in the pool. + * + * + * When set to 'amazon-pool', the controller check if the pool has available IPv4 address, when pool has reached the + * IPv4 limit, the address will be claimed from Amazon-pool (default). + * + * + * When set to 'none', the controller will fail the Elastic IP allocation when the publicIpv4Pool is exhausted. + */ + publicIpv4PoolFallbackOrder?: 'amazon-pool' | 'none'; + }; + /** + * IAMInstanceProfile is a name of an IAM instance profile to assign to the instance + */ + iamInstanceProfile?: string; + /** + * Ignition defined options related to the bootstrapping systems where Ignition is used. + */ + ignition?: { + /** + * Proxy defines proxy settings for Ignition. + * Only valid for Ignition versions 3.1 and above. + */ + proxy?: { + /** + * HTTPProxy is the HTTP proxy to use for Ignition. + * A single URL that specifies the proxy server to use for HTTP and HTTPS requests, + * unless overridden by the HTTPSProxy or NoProxy options. + */ + httpProxy?: string; + /** + * HTTPSProxy is the HTTPS proxy to use for Ignition. + * A single URL that specifies the proxy server to use for HTTPS requests, + * unless overridden by the NoProxy option. + */ + httpsProxy?: string; + /** + * NoProxy is the list of domains to not proxy for Ignition. + * Specifies a list of strings to hosts that should be excluded from proxying. + * + * + * Each value is represented by: + * - An IP address prefix (1.2.3.4) + * - An IP address prefix in CIDR notation (1.2.3.4/8) + * - A domain name + * - A domain name matches that name and all subdomains + * - A domain name with a leading . matches subdomains only + * - A special DNS label (*), indicates that no proxying should be done + * + * + * An IP address prefix and domain name can also include a literal port number (1.2.3.4:80). + * + * @maxItems 64 + */ + noProxy?: string[]; + }; + /** + * StorageType defines how to store the boostrap user data for Ignition. + * This can be used to instruct Ignition from where to fetch the user data to bootstrap an instance. + * + * + * When omitted, the storage option will default to ClusterObjectStore. + * + * + * When set to "ClusterObjectStore", if the capability is available and a Cluster ObjectStore configuration + * is correctly provided in the Cluster object (under .spec.s3Bucket), + * an object store will be used to store bootstrap user data. + * + * + * When set to "UnencryptedUserData", EC2 Instance User Data will be used to store the machine bootstrap user data, unencrypted. + * This option is considered less secure than others as user data may contain sensitive informations (keys, certificates, etc.) + * and users with ec2:DescribeInstances permission or users running pods + * that can access the ec2 metadata service have access to this sensitive information. + * So this is only to be used at ones own risk, and only when other more secure options are not viable. + */ + storageType?: 'ClusterObjectStore' | 'UnencryptedUserData'; + /** + * TLS defines TLS settings for Ignition. + * Only valid for Ignition versions 3.1 and above. + */ + tls?: { + /** + * CASources defines the list of certificate authorities to use for Ignition. + * The value is the certificate bundle (in PEM format). The bundle can contain multiple concatenated certificates. + * Supported schemes are http, https, tftp, s3, arn, gs, and `data` (RFC 2397) URL scheme. + * + * @maxItems 64 + */ + certificateAuthorities?: string[]; + }; + /** + * Version defines which version of Ignition will be used to generate bootstrap data. + */ + version?: '2.3' | '3.0' | '3.1' | '3.2' | '3.3' | '3.4'; + }; + /** + * ImageLookupBaseOS is the name of the base operating system to use for + * image lookup the AMI is not set. + */ + imageLookupBaseOS?: string; + /** + * ImageLookupFormat is the AMI naming format to look up the image for this + * machine It will be ignored if an explicit AMI is set. Supports + * substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + * kubernetes version, respectively. The BaseOS will be the value in + * ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + * defined by the packages produced by kubernetes/release without v as a + * prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + * image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + * searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + * Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + * also: https://golang.org/pkg/text/template/ + */ + imageLookupFormat?: string; + /** + * ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set. + */ + imageLookupOrg?: string; + /** + * InstanceID is the EC2 instance ID for this machine. + */ + instanceID?: string; + /** + * InstanceMetadataOptions is the metadata options for the EC2 instance. + */ + instanceMetadataOptions?: { + /** + * Enables or disables the HTTP metadata endpoint on your instances. + * + * + * If you specify a value of disabled, you cannot access your instance metadata. + * + * + * Default: enabled + */ + httpEndpoint?: 'enabled' | 'disabled'; + /** + * The desired HTTP PUT response hop limit for instance metadata requests. The + * larger the number, the further instance metadata requests can travel. + * + * + * Default: 1 + */ + httpPutResponseHopLimit?: number; + /** + * The state of token usage for your instance metadata requests. + * + * + * If the state is optional, you can choose to retrieve instance metadata with + * or without a session token on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. + * If you retrieve the IAM role credentials using a valid session token, the + * version 2.0 role credentials are returned. + * + * + * If the state is required, you must send a session token with any instance + * metadata retrieval requests. In this state, retrieving the IAM role credentials + * always returns the version 2.0 credentials; the version 1.0 credentials are + * not available. + * + * + * Default: optional + */ + httpTokens?: 'optional' | 'required'; + /** + * Set to enabled to allow access to instance tags from the instance metadata. + * Set to disabled to turn off access to instance tags from the instance metadata. + * For more information, see Work with instance tags using the instance metadata + * (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + * + * + * Default: disabled + */ + instanceMetadataTags?: 'enabled' | 'disabled'; + }; + /** + * InstanceType is the type of instance to create. Example: m4.xlarge + */ + instanceType: string; + /** + * NetworkInterfaces is a list of ENIs to associate with the instance. + * A maximum of 2 may be specified. + * + * @maxItems 2 + */ + networkInterfaces?: [] | [string] | [string, string]; + /** + * Configuration options for the non root storage volumes. + */ + nonRootVolumes?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }[]; + /** + * PlacementGroupName specifies the name of the placement group in which to launch the instance. + */ + placementGroupName?: string; + /** + * PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + * This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + * strategy set to partition. + */ + placementGroupPartition?: number; + /** + * PrivateDNSName is the options for the instance hostname. + */ + privateDnsName?: { + /** + * EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. + */ + enableResourceNameDnsAAAARecord?: boolean; + /** + * EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records. + */ + enableResourceNameDnsARecord?: boolean; + /** + * The type of hostname to assign to an instance. + */ + hostnameType?: 'ip-name' | 'resource-name'; + }; + /** + * ProviderID is the unique identifier as specified by the cloud provider. + */ + providerID?: string; + /** + * PublicIP specifies whether the instance should get a public IP. + * Precedence for this setting is as follows: + * 1. This field if set + * 2. Cluster/flavor setting + * 3. Subnet default + */ + publicIP?: boolean; + /** + * RootVolume encapsulates the configuration options for the root volume + */ + rootVolume?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }; + /** + * SecurityGroupOverrides is an optional set of security groups to use for the node. + * This is optional - if not provided security groups from the cluster will be used. + */ + securityGroupOverrides?: { + [k: string]: string; + }; + /** + * SpotMarketOptions allows users to configure instances to be run using AWS Spot instances. + */ + spotMarketOptions?: { + /** + * MaxPrice defines the maximum price the user is willing to pay for Spot VM instances + */ + maxPrice?: string; + }; + /** + * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) + */ + sshKeyName?: string; + /** + * Subnet is a reference to the subnet to use for this instance. If not specified, + * the cluster subnet will be used. + */ + subnet?: { + /** + * Filters is a set of key/value pairs used to identify a resource + * They are applied according to the rules defined by the AWS API: + * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html + */ + filters?: { + /** + * Name of the filter. Filter names are case-sensitive. + */ + name: string; + /** + * Values includes one or more filter values. Filter values are case-sensitive. + */ + values: string[]; + }[]; + /** + * ID of resource + */ + id?: string; + }; + /** + * Tenancy indicates if instance should run on shared or single-tenant hardware. + */ + tenancy?: 'default' | 'dedicated' | 'host'; + /** + * UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. + * cloud-init has built-in support for gzip-compressed user data + * user data stored in aws secret manager is always gzip-compressed. + */ + uncompressedUserData?: boolean; + }; + }; + }; + /** + * AWSMachineTemplateStatus defines a status for an AWSMachineTemplate. + */ + status?: { + /** + * Capacity defines the resource capacity for this machine. + * This value is used for autoscaling from zero operations as defined in: + * https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md + */ + capacity?: { + [k: string]: number | string; + }; + }; +} + +export const AWSMachineTemplateList = 'AWSMachineTemplateList'; + +export interface IAWSMachineTemplateList + extends metav1.IList { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; + kind: typeof AWSMachineTemplateList; +} + export const AWSManagedCluster = 'AWSManagedCluster'; /** @@ -15,11 +2686,18 @@ export const AWSManagedCluster = 'AWSManagedCluster'; */ export interface IAWSManagedCluster { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AWSManagedCluster; metadata: metav1.IObjectMeta; @@ -50,7 +2728,8 @@ export interface IAWSManagedCluster { */ failureDomains?: { /** - * FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. */ [k: string]: { /** @@ -87,11 +2766,18 @@ export const AWSManagedMachinePool = 'AWSManagedMachinePool'; */ export interface IAWSManagedMachinePool { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AWSManagedMachinePool; metadata: metav1.IObjectMeta; @@ -100,7 +2786,8 @@ export interface IAWSManagedMachinePool { */ spec?: { /** - * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default. + * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + * ones added by default. */ additionalTags?: { [k: string]: string; @@ -108,9 +2795,17 @@ export interface IAWSManagedMachinePool { /** * AMIType defines the AMI type */ - amiType?: 'AL2_x86_64' | 'AL2_x86_64_GPU' | 'AL2_ARM_64' | 'CUSTOM'; + amiType?: + | 'AL2_x86_64' + | 'AL2_x86_64_GPU' + | 'AL2_ARM_64' + | 'AL2023_x86_64_STANDARD' + | 'AL2023_ARM_64_STANDARD' + | 'CUSTOM'; /** - * AMIVersion defines the desired AMI release version. If no version number is supplied then the latest version for the Kubernetes version will be used + * AMIVersion defines the desired AMI release version. If no version number + * is supplied then the latest version for the Kubernetes version + * will be used */ amiVersion?: string; /** @@ -122,15 +2817,21 @@ export interface IAWSManagedMachinePool { */ availabilityZones?: string[]; /** - * AWSLaunchTemplate specifies the launch template to use to create the managed node group. If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). + * AWSLaunchTemplate specifies the launch template to use to create the managed node group. + * If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template + * are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). */ awsLaunchTemplate?: { /** - * AdditionalSecurityGroups is an array of references to security groups that should be applied to the instances. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. + * AdditionalSecurityGroups is an array of references to security groups that should be applied to the + * instances. These security groups would be set in addition to any security groups defined + * at the cluster level or in the actuator. */ additionalSecurityGroups?: { /** - * Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html + * Filters is a set of key/value pairs used to identify a resource + * They are applied according to the rules defined by the AWS API: + * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html */ filters?: { /** @@ -161,15 +2862,28 @@ export interface IAWSManagedMachinePool { id?: string; }; /** - * The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role. + * The name or the Amazon Resource Name (ARN) of the instance profile associated + * with the IAM role for the instance. The instance profile contains the IAM + * role. */ iamInstanceProfile?: string; /** - * ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set. + * ImageLookupBaseOS is the name of the base operating system to use for + * image lookup the AMI is not set. */ imageLookupBaseOS?: string; /** - * ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/ + * ImageLookupFormat is the AMI naming format to look up the image for this + * machine It will be ignored if an explicit AMI is set. Supports + * substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and + * kubernetes version, respectively. The BaseOS will be the value in + * ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + * defined by the packages produced by kubernetes/release without v as a + * prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + * image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + * searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + * Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + * also: https://golang.org/pkg/text/template/ */ imageLookupFormat?: string; /** @@ -182,25 +2896,50 @@ export interface IAWSManagedMachinePool { instanceMetadataOptions?: { /** * Enables or disables the HTTP metadata endpoint on your instances. - * If you specify a value of disabled, you cannot access your instance metadata. - * Default: enabled + * + * + * If you specify a value of disabled, you cannot access your instance metadata. + * + * + * Default: enabled */ httpEndpoint?: 'enabled' | 'disabled'; /** - * The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. - * Default: 1 + * The desired HTTP PUT response hop limit for instance metadata requests. The + * larger the number, the further instance metadata requests can travel. + * + * + * Default: 1 */ httpPutResponseHopLimit?: number; /** * The state of token usage for your instance metadata requests. - * If the state is optional, you can choose to retrieve instance metadata with or without a session token on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid session token, the version 2.0 role credentials are returned. - * If the state is required, you must send a session token with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available. - * Default: optional + * + * + * If the state is optional, you can choose to retrieve instance metadata with + * or without a session token on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. + * If you retrieve the IAM role credentials using a valid session token, the + * version 2.0 role credentials are returned. + * + * + * If the state is required, you must send a session token with any instance + * metadata retrieval requests. In this state, retrieving the IAM role credentials + * always returns the version 2.0 credentials; the version 1.0 credentials are + * not available. + * + * + * Default: optional */ httpTokens?: 'optional' | 'required'; /** - * Set to enabled to allow access to instance tags from the instance metadata. Set to disabled to turn off access to instance tags from the instance metadata. For more information, see Work with instance tags using the instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - * Default: disabled + * Set to enabled to allow access to instance tags from the instance metadata. + * Set to disabled to turn off access to instance tags from the instance metadata. + * For more information, see Work with instance tags using the instance metadata + * (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + * + * + * Default: disabled */ instanceMetadataTags?: 'enabled' | 'disabled'; }; @@ -212,6 +2951,59 @@ export interface IAWSManagedMachinePool { * The name of the launch template. */ name?: string; + /** + * Configuration options for the non root storage volumes. + */ + nonRootVolumes?: { + /** + * Device name + */ + deviceName?: string; + /** + * Encrypted is whether the volume should be encrypted or not. + */ + encrypted?: boolean; + /** + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. + */ + encryptionKey?: string; + /** + * IOPS is the number of IOPS requested for the disk. Not applicable to all types. + */ + iops?: number; + /** + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). + */ + size: number; + /** + * Throughput to provision in MiB/s supported for the volume type. Not applicable to all types. + */ + throughput?: number; + /** + * Type is the type of the volume (e.g. gp2, io1, etc...). + */ + type?: string; + }[]; + /** + * PrivateDNSName is the options for the instance hostname. + */ + privateDnsName?: { + /** + * EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. + */ + enableResourceNameDnsAAAARecord?: boolean; + /** + * EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records. + */ + enableResourceNameDnsARecord?: boolean; + /** + * The type of hostname to assign to an instance. + */ + hostnameType?: 'ip-name' | 'resource-name'; + }; /** * RootVolume encapsulates the configuration options for the root volume */ @@ -225,7 +3017,9 @@ export interface IAWSManagedMachinePool { */ encrypted?: boolean; /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. */ encryptionKey?: string; /** @@ -233,7 +3027,8 @@ export interface IAWSManagedMachinePool { */ iops?: number; /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). */ size: number; /** @@ -255,11 +3050,16 @@ export interface IAWSManagedMachinePool { maxPrice?: string; }; /** - * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) + * SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string + * (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name) */ sshKeyName?: string; /** - * VersionNumber is the version of the launch template that is applied. Typically a new version is created when at least one of the following happens: 1) A new launch template spec is applied. 2) One or more parameters in an existing template is changed. 3) A new AMI is discovered. + * VersionNumber is the version of the launch template that is applied. + * Typically a new version is created when at least one of the following happens: + * 1) A new launch template spec is applied. + * 2) One or more parameters in an existing template is changed. + * 3) A new AMI is discovered. */ versionNumber?: number; }; @@ -272,7 +3072,10 @@ export interface IAWSManagedMachinePool { */ diskSize?: number; /** - * EKSNodegroupName specifies the name of the nodegroup in AWS corresponding to this MachinePool. If you don't specify a name then a default name will be created based on the namespace and name of the managed machine pool. + * EKSNodegroupName specifies the name of the nodegroup in AWS + * corresponding to this MachinePool. If you don't specify a name + * then a default name will be created based on the namespace and + * name of the managed machine pool. */ eksNodegroupName?: string; /** @@ -286,7 +3089,9 @@ export interface IAWSManagedMachinePool { [k: string]: string; }; /** - * ProviderIDList are the provider IDs of instances in the autoscaling group corresponding to the nodegroup represented by this machine pool + * ProviderIDList are the provider IDs of instances in the + * autoscaling group corresponding to the nodegroup represented by this + * machine pool */ providerIDList?: string[]; /** @@ -302,16 +3107,22 @@ export interface IAWSManagedMachinePool { */ sourceSecurityGroups?: string[]; /** - * SSHKeyName specifies which EC2 SSH key can be used to access machines. If left empty, the key from the control plane is used. + * SSHKeyName specifies which EC2 SSH key can be used to access machines. + * If left empty, the key from the control plane is used. */ sshKeyName?: string; }; /** - * RoleAdditionalPolicies allows you to attach additional polices to the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. + * RoleAdditionalPolicies allows you to attach additional polices to + * the node group role. You must enable the EKSAllowAddRoles + * feature flag to incorporate these into the created role. */ roleAdditionalPolicies?: string[]; /** - * RoleName specifies the name of IAM role for the node group. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created. + * RoleName specifies the name of IAM role for the node group. + * If the role is pre-existing we will treat it as unmanaged + * and not delete it on deletion. If the EKSEnableIAM feature + * flag is true and no name is supplied then a role is created. */ roleName?: string; /** @@ -322,7 +3133,8 @@ export interface IAWSManagedMachinePool { minSize?: number; }; /** - * SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup + * SubnetIDs specifies which subnets are used for the + * auto scaling group of this nodegroup */ subnetIDs?: string[]; /** @@ -343,15 +3155,18 @@ export interface IAWSManagedMachinePool { value: string; }[]; /** - * UpdateConfig holds the optional config to control the behaviour of the update to the nodegroup. + * UpdateConfig holds the optional config to control the behaviour of the update + * to the nodegroup. */ updateConfig?: { /** - * MaxUnavailable is the maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. The maximum number is 100. + * MaxUnavailable is the maximum number of nodes unavailable at once during a version update. + * Nodes will be updated in parallel. The maximum number is 100. */ maxUnavailable?: number; /** - * MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once. + * MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This + * percentage of nodes will be updated in parallel, up to 100 nodes at once. */ maxUnavailablePercentage?: number; }; @@ -365,19 +3180,26 @@ export interface IAWSManagedMachinePool { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -385,20 +3207,52 @@ export interface IAWSManagedMachinePool { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; /** - * FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output. + * FailureMessage will be set in the event that there is a terminal problem + * reconciling the MachinePool and will contain a more verbose string suitable + * for logging and human consumption. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the MachinePool's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of MachinePools + * can be added as events to the MachinePool object and/or logged in the + * controller's output. */ failureMessage?: string; /** - * FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a succinct value suitable for machine interpretation. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output. + * FailureReason will be set in the event that there is a terminal problem + * reconciling the MachinePool and will contain a succinct value suitable + * for machine interpretation. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the Machine's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of MachinePools + * can be added as events to the MachinePool object and/or logged in the + * controller's output. */ failureReason?: string; /** @@ -410,7 +3264,8 @@ export interface IAWSManagedMachinePool { */ launchTemplateVersion?: string; /** - * Ready denotes that the AWSManagedMachinePool nodegroup has joined the cluster + * Ready denotes that the AWSManagedMachinePool nodegroup has joined + * the cluster */ ready: boolean; /** @@ -435,11 +3290,18 @@ export const AWSManagedControlPlane = 'AWSManagedControlPlane'; */ export interface IAWSManagedControlPlane { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'controlplane.cluster.x-k8s.io/v1beta2'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AWSManagedControlPlane; metadata: metav1.IObjectMeta; @@ -448,7 +3310,8 @@ export interface IAWSManagedControlPlane { */ spec?: { /** - * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default. + * AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the + * ones added by default. */ additionalTags?: { [k: string]: string; @@ -462,7 +3325,8 @@ export interface IAWSManagedControlPlane { */ configuration?: string; /** - * ConflictResolution is used to declare what should happen if there are parameter conflicts. Defaults to none + * ConflictResolution is used to declare what should happen if there + * are parameter conflicts. Defaults to none */ conflictResolution?: 'overwrite' | 'none'; /** @@ -479,7 +3343,8 @@ export interface IAWSManagedControlPlane { version: string; }[]; /** - * AssociateOIDCProvider can be enabled to automatically create an identity provider for the controller for use with IAM roles for service accounts + * AssociateOIDCProvider can be enabled to automatically create an identity + * provider for the controller for use with IAM roles for service accounts */ associateOIDCProvider?: boolean; /** @@ -487,23 +3352,29 @@ export interface IAWSManagedControlPlane { */ bastion?: { /** - * AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). + * AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. + * They are set as ingress rules for the Bastion host's Security Group (defaults to 0.0.0.0/0). */ allowedCIDRBlocks?: string[]; /** - * AMI will use the specified AMI to boot the bastion. If not specified, the AMI will default to one picked out in public space. + * AMI will use the specified AMI to boot the bastion. If not specified, + * the AMI will default to one picked out in public space. */ ami?: string; /** - * DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. Requires AllowedCIDRBlocks to be empty. + * DisableIngressRules will ensure there are no Ingress rules in the bastion host's security group. + * Requires AllowedCIDRBlocks to be empty. */ disableIngressRules?: boolean; /** - * Enabled allows this provider to create a bastion host instance with a public ip to access the VPC private network. + * Enabled allows this provider to create a bastion host instance + * with a public ip to access the VPC private network. */ enabled?: boolean; /** - * InstanceType will use the specified instance type for the bastion. If not specified, Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default. + * InstanceType will use the specified instance type for the bastion. If not specified, + * Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro + * will be the default. */ instanceType?: string; }; @@ -521,7 +3392,9 @@ export interface IAWSManagedControlPlane { port: number; }; /** - * EKSClusterName allows you to specify the name of the EKS cluster in AWS. If you don't specify a name then a default name will be created based on the namespace and name of the managed control plane. + * EKSClusterName allows you to specify the name of the EKS cluster in + * AWS. If you don't specify a name then a default name will be created + * based on the namespace and name of the managed control plane. */ eksClusterName?: string; /** @@ -555,7 +3428,9 @@ export interface IAWSManagedControlPlane { publicCIDRs?: string[]; }; /** - * IAMAuthenticatorConfig allows the specification of any additional user or role mappings for use when generating the aws-iam-authenticator configuration. If this is nil the default configuration is still generated for the cluster. + * IAMAuthenticatorConfig allows the specification of any additional user or role mappings + * for use when generating the aws-iam-authenticator configuration. If this is nil the + * default configuration is still generated for the cluster. */ iamAuthenticatorConfig?: { /** @@ -594,7 +3469,8 @@ export interface IAWSManagedControlPlane { }[]; }; /** - * IdentityRef is a reference to a identity to be used when reconciling the managed control plane. + * IdentityRef is a reference to an identity to be used when reconciling the managed control plane. + * If no identity is specified, the default identity for this controller will be used. */ identityRef?: { /** @@ -610,15 +3486,31 @@ export interface IAWSManagedControlPlane { name: string; }; /** - * ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS. + * ImageLookupBaseOS is the name of the base operating system used to look + * up machine images when a machine does not specify an AMI. When set, this + * will be used for all cluster machines unless a machine specifies a + * different ImageLookupBaseOS. */ imageLookupBaseOS?: string; /** - * ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/ + * ImageLookupFormat is the AMI naming format to look up machine images when + * a machine does not specify an AMI. When set, this will be used for all + * cluster machines unless a machine specifies a different ImageLookupOrg. + * Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base + * OS and kubernetes version, respectively. The BaseOS will be the value in + * ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as + * defined by the packages produced by kubernetes/release without v as a + * prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default + * image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up + * searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a + * Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See + * also: https://golang.org/pkg/text/template/ */ imageLookupFormat?: string; /** - * ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. + * ImageLookupOrg is the AWS Organization ID to look up machine images when a + * machine does not specify an AMI. When set, this will be used for all + * cluster machines unless a machine specifies a different ImageLookupOrg. */ imageLookupOrg?: string; /** @@ -626,12 +3518,17 @@ export interface IAWSManagedControlPlane { */ kubeProxy?: { /** - * Disable set to true indicates that kube-proxy should be disabled. With EKS clusters kube-proxy is automatically installed into the cluster. For clusters where you want to use kube-proxy functionality that is provided with an alternate CNI, this option provides a way to specify that the kube-proxy daemonset should be deleted. You cannot set this to true if you are using the Amazon kube-proxy addon. + * Disable set to true indicates that kube-proxy should be disabled. With EKS clusters + * kube-proxy is automatically installed into the cluster. For clusters where you want + * to use kube-proxy functionality that is provided with an alternate CNI, this option + * provides a way to specify that the kube-proxy daemonset should be deleted. You cannot + * set this to true if you are using the Amazon kube-proxy addon. */ disable?: boolean; }; /** - * Logging specifies which EKS Cluster logs should be enabled. Entries for each of the enabled logs will be sent to CloudWatch + * Logging specifies which EKS Cluster logs should be enabled. Entries for + * each of the enabled logs will be sent to CloudWatch */ logging?: { /** @@ -680,15 +3577,20 @@ export interface IAWSManagedControlPlane { */ ipv6CidrBlocks?: string[]; /** - * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6). + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). */ - protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58'; + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; /** * The security group id to allow access from. Cannot be specified with CidrBlocks. */ sourceSecurityGroupIds?: string[]; /** - * The security group role to allow access from. Cannot be specified with CidrBlocks. The field will be combined with source security group IDs if specified. + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. */ sourceSecurityGroupRoles?: ( | 'bastion' @@ -708,7 +3610,8 @@ export interface IAWSManagedControlPlane { */ cni?: { /** - * CNIIngressRules specify rules to apply to control plane and worker node security groups. The source for the rule will be set to control plane and worker security group IDs. + * CNIIngressRules specify rules to apply to control plane and worker node security groups. + * The source for the rule will be set to control plane and worker security group IDs. */ cniIngressRules?: { description: string; @@ -721,7 +3624,8 @@ export interface IAWSManagedControlPlane { }[]; }; /** - * SecurityGroupOverrides is an optional set of security groups to use for cluster instances This is optional - if not provided new security groups will be created for the cluster + * SecurityGroupOverrides is an optional set of security groups to use for cluster instances + * This is optional - if not provided new security groups will be created for the cluster */ securityGroupOverrides?: { [k: string]: string; @@ -739,16 +3643,26 @@ export interface IAWSManagedControlPlane { */ cidrBlock?: string; /** - * ID defines a unique identifier to reference this resource. If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. - * When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, the id can be set to any placeholder value that does not start with `subnet-`; upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and the `id` field is going to be used as the subnet name. If you specify a tag called `Name`, it takes precedence. + * ID defines a unique identifier to reference this resource. + * If you're bringing your subnet, set the AWS subnet-id here, it must start with `subnet-`. + * + * + * When the VPC is managed by CAPA, and you'd like the provider to create a subnet for you, + * the id can be set to any placeholder value that does not start with `subnet-`; + * upon creation, the subnet AWS identifier will be populated in the `ResourceID` field and + * the `id` field is going to be used as the subnet name. If you specify a tag + * called `Name`, it takes precedence. */ id: string; /** - * IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. A subnet can have an IPv4 and an IPv6 address. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. + * IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. + * A subnet can have an IPv4 and an IPv6 address. + * IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. */ ipv6CidrBlock?: string; /** - * IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. + * IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. + * IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object. */ isIpv6?: boolean; /** @@ -756,11 +3670,22 @@ export interface IAWSManagedControlPlane { */ isPublic?: boolean; /** - * NatGatewayID is the NAT gateway id associated with the subnet. Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. + * NatGatewayID is the NAT gateway id associated with the subnet. + * Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet. */ natGatewayId?: string; /** - * ResourceID is the subnet identifier from AWS, READ ONLY. This field is populated when the provider manages the subnet. + * ParentZoneName is the zone name where the current subnet's zone is tied when + * the zone is a Local Zone. + * + * + * The subnets in Local Zone or Wavelength Zone locations consume the ParentZoneName + * to select the correct private route table to egress traffic to the internet. + */ + parentZoneName?: string; + /** + * ResourceID is the subnet identifier from AWS, READ ONLY. + * This field is populated when the provider manages the subnet. */ resourceID?: string; /** @@ -773,23 +3698,108 @@ export interface IAWSManagedControlPlane { tags?: { [k: string]: string; }; + /** + * ZoneType defines the type of the zone where the subnet is created. + * + * + * The valid values are availability-zone, local-zone, and wavelength-zone. + * + * + * Subnet with zone type availability-zone (regular) is always selected to create cluster + * resources, like Load Balancers, NAT Gateways, Contol Plane nodes, etc. + * + * + * Subnet with zone type local-zone or wavelength-zone is not eligible to automatically create + * regular cluster resources. + * + * + * The public subnet in availability-zone or local-zone is associated with regular public + * route table with default route entry to a Internet Gateway. + * + * + * The public subnet in wavelength-zone is associated with a carrier public + * route table with default route entry to a Carrier Gateway. + * + * + * The private subnet in the availability-zone is associated with a private route table with + * the default route entry to a NAT Gateway created in that zone. + * + * + * The private subnet in the local-zone or wavelength-zone is associated with a private route table with + * the default route entry re-using the NAT Gateway in the Region (preferred from the + * parent zone, the zone type availability-zone in the region, or first table available). + */ + zoneType?: 'availability-zone' | 'local-zone' | 'wavelength-zone'; }[]; /** * VPC configuration. */ vpc?: { /** - * AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: Ordered - selects based on alphabetical order Random - selects AZs randomly in a region Defaults to Ordered + * AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs + * in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: + * Ordered - selects based on alphabetical order + * Random - selects AZs randomly in a region + * Defaults to Ordered */ availabilityZoneSelection?: 'Ordered' | 'Random'; /** - * AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that should be used in a region when automatically creating subnets. If a region has more than this number of AZs then this number of AZs will be picked randomly when creating default subnets. Defaults to 3 + * AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that + * should be used in a region when automatically creating subnets. If a region has more + * than this number of AZs then this number of AZs will be picked randomly when creating + * default subnets. Defaults to 3 */ availabilityZoneUsageLimit?: number; /** - * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. Defaults to 10.0.0.0/16. Mutually exclusive with IPAMPool. + * CarrierGatewayID is the id of the internet gateway associated with the VPC, + * for carrier network (Wavelength Zones). + */ + carrierGatewayId?: string; + /** + * CidrBlock is the CIDR block to be used when the provider creates a managed VPC. + * Defaults to 10.0.0.0/16. + * Mutually exclusive with IPAMPool. */ cidrBlock?: string; + /** + * ElasticIPPool contains specific configuration to allocate Public IPv4 address (Elastic IP) from user-defined pool + * brought to AWS for core infrastructure resources, like NAT Gateways and Public Network Load Balancers for + * the API Server. + */ + elasticIpPool?: { + /** + * PublicIpv4Pool sets a custom Public IPv4 Pool used to create Elastic IP address for resources + * created in public IPv4 subnets. Every IPv4 address, Elastic IP, will be allocated from the custom + * Public IPv4 pool that you brought to AWS, instead of Amazon-provided pool. The public IPv4 pool + * resource ID starts with 'ipv4pool-ec2'. + */ + publicIpv4Pool?: string; + /** + * PublicIpv4PoolFallBackOrder defines the fallback action when the Public IPv4 Pool has been exhausted, + * no more IPv4 address available in the pool. + * + * + * When set to 'amazon-pool', the controller check if the pool has available IPv4 address, when pool has reached the + * IPv4 limit, the address will be claimed from Amazon-pool (default). + * + * + * When set to 'none', the controller will fail the Elastic IP allocation when the publicIpv4Pool is exhausted. + */ + publicIpv4PoolFallbackOrder?: 'amazon-pool' | 'none'; + }; + /** + * EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress + * and egress rules should be removed. + * + * + * By default, when creating a VPC, AWS creates a security group called `default` with ingress and egress + * rules that allow traffic from anywhere. The group could be used as a potential surface attack and + * it's generally suggested that the group rules are removed or modified appropriately. + * + * + * NOTE: This only applies when the VPC is managed by the Cluster API AWS controller. + */ + emptyRoutesDefaultVPCSecurityGroup?: boolean; /** * ID is the vpc-id of the VPC this provider should use to create resources. */ @@ -799,7 +3809,8 @@ export interface IAWSManagedControlPlane { */ internetGatewayId?: string; /** - * IPAMPool defines the IPAMv4 pool to be used for VPC. Mutually exclusive with CidrBlock. + * IPAMPool defines the IPAMv4 pool to be used for VPC. + * Mutually exclusive with CidrBlock. */ ipamPool?: { /** @@ -811,16 +3822,20 @@ export interface IAWSManagedControlPlane { */ name?: string; /** - * The netmask length of the IPv4 CIDR you want to allocate to VPC from an Amazon VPC IP Address Manager (IPAM) pool. Defaults to /16 for IPv4 if not specified. + * The netmask length of the IPv4 CIDR you want to allocate to VPC from + * an Amazon VPC IP Address Manager (IPAM) pool. + * Defaults to /16 for IPv4 if not specified. */ netmaskLength?: number; }; /** - * IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object. + * IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. + * This field cannot be set on AWSCluster object. */ ipv6?: { /** - * CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. Mutually exclusive with IPAMPool. + * CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. + * Mutually exclusive with IPAMPool. */ cidrBlock?: string; /** @@ -828,7 +3843,8 @@ export interface IAWSManagedControlPlane { */ egressOnlyInternetGatewayId?: string; /** - * IPAMPool defines the IPAMv6 pool to be used for VPC. Mutually exclusive with CidrBlock. + * IPAMPool defines the IPAMv6 pool to be used for VPC. + * Mutually exclusive with CidrBlock. */ ipamPool?: { /** @@ -840,15 +3856,44 @@ export interface IAWSManagedControlPlane { */ name?: string; /** - * The netmask length of the IPv4 CIDR you want to allocate to VPC from an Amazon VPC IP Address Manager (IPAM) pool. Defaults to /16 for IPv4 if not specified. + * The netmask length of the IPv4 CIDR you want to allocate to VPC from + * an Amazon VPC IP Address Manager (IPAM) pool. + * Defaults to /16 for IPv4 if not specified. */ netmaskLength?: number; }; /** - * PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool. + * PoolID is the IP pool which must be defined in case of BYO IP is defined. + * Must be specified if CidrBlock is set. + * Mutually exclusive with IPAMPool. */ poolId?: string; }; + /** + * PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. + * For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) + * or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name). + */ + privateDnsHostnameTypeOnLaunch?: 'ip-name' | 'resource-name'; + /** + * SecondaryCidrBlocks are additional CIDR blocks to be associated when the provider creates a managed VPC. + * Defaults to none. Mutually exclusive with IPAMPool. This makes sense to use if, for example, you want to use + * a separate IP range for pods (e.g. Cilium ENI mode). + */ + secondaryCidrBlocks?: { + /** + * IPv4CidrBlock is the IPv4 CIDR block to associate with the managed VPC. + */ + ipv4CidrBlock: string; + }[]; + /** + * SubnetSchema specifies how CidrBlock should be divided on subnets in the VPC depending on the number of AZs. + * PreferPrivate - one private subnet for each AZ plus one other subnet that will be further sub-divided for the public subnets. + * PreferPublic - have the reverse logic of PreferPrivate, one public subnet for each AZ plus one other subnet + * that will be further sub-divided for the private subnets. + * Defaults to PreferPrivate + */ + subnetSchema?: 'PreferPrivate' | 'PreferPublic'; /** * Tags is a collection of tags describing the resource. */ @@ -858,11 +3903,13 @@ export interface IAWSManagedControlPlane { }; }; /** - * IdentityProviderconfig is used to specify the oidc provider config to be attached with this eks cluster + * IdentityProviderconfig is used to specify the oidc provider config + * to be attached with this eks cluster */ oidcIdentityProviderConfig?: { /** - * This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider. + * This is also known as audience. The ID for the client application that makes + * authentication requests to the OpenID identity provider. */ clientId?: string; /** @@ -870,20 +3917,34 @@ export interface IAWSManagedControlPlane { */ groupsClaim?: string; /** - * The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the valueoidc: will create group names like oidc:engineering and oidc:infra. + * The prefix that is prepended to group claims to prevent clashes with existing + * names (such as system: groups). For example, the valueoidc: will create group + * names like oidc:engineering and oidc:infra. */ groupsPrefix?: string; /** * The name of the OIDC provider configuration. - * IdentityProviderConfigName is a required field + * + * + * IdentityProviderConfigName is a required field */ identityProviderConfigName?: string; /** - * The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider's OIDC ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet. + * The URL of the OpenID identity provider that allows the API server to discover + * public signing keys for verifying tokens. The URL must begin with https:// + * and should correspond to the iss claim in the provider's OIDC ID tokens. + * Per the OIDC standard, path components are allowed but query parameters are + * not. Typically the URL consists of only a hostname, like https://server.example.org + * or https://example.com. This URL should point to the level below .well-known/openid-configuration + * and must be publicly accessible over the internet. */ issuerUrl?: string; /** - * The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the Amazon EKS User Guide. + * The key value pairs that describe required claims in the identity token. + * If set, each claim is verified to be present in the token with a matching + * value. For the maximum number of claims that you can require, see Amazon + * EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) + * in the Amazon EKS User Guide. */ requiredClaims?: { [k: string]: string; @@ -895,11 +3956,18 @@ export interface IAWSManagedControlPlane { [k: string]: string; }; /** - * The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins. + * The JSON Web Token (JWT) claim to use as the username. The default is sub, + * which is expected to be a unique identifier of the end user. You can choose + * other claims, such as email or name, depending on the OpenID identity provider. + * Claims other than email are prefixed with the issuer URL to prevent naming + * clashes with other plug-ins. */ usernameClaim?: string; /** - * The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing. + * The prefix that is prepended to username claims to prevent clashes with existing + * names. If you do not provide this field, and username is a value other than + * email, the prefix defaults to issuerurl#. You can use the value - to disable + * all prefixing. */ usernamePrefix?: string; }; @@ -912,15 +3980,26 @@ export interface IAWSManagedControlPlane { */ region?: string; /** - * RoleAdditionalPolicies allows you to attach additional polices to the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role. + * RestrictPrivateSubnets indicates that the EKS control plane should only use private subnets. + */ + restrictPrivateSubnets?: boolean; + /** + * RoleAdditionalPolicies allows you to attach additional polices to + * the control plane role. You must enable the EKSAllowAddRoles + * feature flag to incorporate these into the created role. */ roleAdditionalPolicies?: string[]; /** - * RoleName specifies the name of IAM role that gives EKS permission to make API calls. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created. + * RoleName specifies the name of IAM role that gives EKS + * permission to make API calls. If the role is pre-existing + * we will treat it as unmanaged and not delete it on + * deletion. If the EKSEnableIAM feature flag is true + * and no name is supplied then a role is created. */ roleName?: string; /** - * SecondaryCidrBlock is the additional CIDR range to use for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. + * SecondaryCidrBlock is the additional CIDR range to use for pod IPs. + * Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. */ secondaryCidrBlock?: string; /** @@ -928,11 +4007,16 @@ export interface IAWSManagedControlPlane { */ sshKeyName?: string; /** - * TokenMethod is used to specify the method for obtaining a client token for communicating with EKS iam-authenticator - obtains a client token using iam-authentictor aws-cli - obtains a client token using the AWS CLI Defaults to iam-authenticator + * TokenMethod is used to specify the method for obtaining a client token for communicating with EKS + * iam-authenticator - obtains a client token using iam-authentictor + * aws-cli - obtains a client token using the AWS CLI + * Defaults to iam-authenticator */ tokenMethod?: 'iam-authenticator' | 'aws-cli'; /** - * Version defines the desired Kubernetes version. If no version number is supplied then the latest version of Kubernetes that EKS supports will be used. + * Version defines the desired Kubernetes version. If no version number + * is supplied then the latest version of Kubernetes that EKS supports + * will be used. */ version?: string; /** @@ -940,7 +4024,11 @@ export interface IAWSManagedControlPlane { */ vpcCni?: { /** - * Disable indicates that the Amazon VPC CNI should be disabled. With EKS clusters the Amazon VPC CNI is automatically installed into the cluster. For clusters where you want to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI should be deleted. You cannot set this to true if you are using the Amazon VPC CNI addon. + * Disable indicates that the Amazon VPC CNI should be disabled. With EKS clusters the + * Amazon VPC CNI is automatically installed into the cluster. For clusters where you want + * to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI + * should be deleted. You cannot set this to true if you are using the + * Amazon VPC CNI addon. */ disable?: boolean; /** @@ -952,7 +4040,15 @@ export interface IAWSManagedControlPlane { */ name: string; /** - * Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + * Variable references $(VAR_NAME) are expanded + * using the previously defined environment variables in the container and + * any service environment variables. If a variable cannot be resolved, + * the reference in the input string will be unchanged. Double $$ are reduced + * to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + * "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + * Escaped references will never be expanded, regardless of whether the variable + * exists or not. + * Defaults to "". */ value?: string; /** @@ -968,7 +4064,9 @@ export interface IAWSManagedControlPlane { */ key: string; /** - * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + * Name of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + * TODO: Add other useful fields. apiVersion, kind, uid? */ name?: string; /** @@ -977,7 +4075,8 @@ export interface IAWSManagedControlPlane { optional?: boolean; }; /** - * Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + * Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + * spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. */ fieldRef?: { /** @@ -990,7 +4089,8 @@ export interface IAWSManagedControlPlane { fieldPath: string; }; /** - * Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + * Selects a resource of the container: only resources limits and requests + * (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. */ resourceFieldRef?: { /** @@ -1015,7 +4115,9 @@ export interface IAWSManagedControlPlane { */ key: string; /** - * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + * Name of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + * TODO: Add other useful fields. apiVersion, kind, uid? */ name?: string; /** @@ -1102,6 +4204,10 @@ export interface IAWSManagedControlPlane { * Availability zone of instance */ availabilityZone?: string; + /** + * CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched. + */ + capacityReservationId?: string; /** * Indicates whether the instance is optimized for Amazon EBS I/O. */ @@ -1125,25 +4231,50 @@ export interface IAWSManagedControlPlane { instanceMetadataOptions?: { /** * Enables or disables the HTTP metadata endpoint on your instances. - * If you specify a value of disabled, you cannot access your instance metadata. - * Default: enabled + * + * + * If you specify a value of disabled, you cannot access your instance metadata. + * + * + * Default: enabled */ httpEndpoint?: 'enabled' | 'disabled'; /** - * The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. - * Default: 1 + * The desired HTTP PUT response hop limit for instance metadata requests. The + * larger the number, the further instance metadata requests can travel. + * + * + * Default: 1 */ httpPutResponseHopLimit?: number; /** * The state of token usage for your instance metadata requests. - * If the state is optional, you can choose to retrieve instance metadata with or without a session token on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid session token, the version 2.0 role credentials are returned. - * If the state is required, you must send a session token with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available. - * Default: optional + * + * + * If the state is optional, you can choose to retrieve instance metadata with + * or without a session token on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. + * If you retrieve the IAM role credentials using a valid session token, the + * version 2.0 role credentials are returned. + * + * + * If the state is required, you must send a session token with any instance + * metadata retrieval requests. In this state, retrieving the IAM role credentials + * always returns the version 2.0 credentials; the version 1.0 credentials are + * not available. + * + * + * Default: optional */ httpTokens?: 'optional' | 'required'; /** - * Set to enabled to allow access to instance tags from the instance metadata. Set to disabled to turn off access to instance tags from the instance metadata. For more information, see Work with instance tags using the instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - * Default: disabled + * Set to enabled to allow access to instance tags from the instance metadata. + * Set to disabled to turn off access to instance tags from the instance metadata. + * For more information, see Work with instance tags using the instance metadata + * (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). + * + * + * Default: disabled */ instanceMetadataTags?: 'enabled' | 'disabled'; }; @@ -1168,7 +4299,9 @@ export interface IAWSManagedControlPlane { */ encrypted?: boolean; /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. */ encryptionKey?: string; /** @@ -1176,7 +4309,8 @@ export interface IAWSManagedControlPlane { */ iops?: number; /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). */ size: number; /** @@ -1192,10 +4326,37 @@ export interface IAWSManagedControlPlane { * PlacementGroupName specifies the name of the placement group in which to launch the instance. */ placementGroupName?: string; + /** + * PlacementGroupPartition is the partition number within the placement group in which to launch the instance. + * This value is only valid if the placement group, referred in `PlacementGroupName`, was created with + * strategy set to partition. + */ + placementGroupPartition?: number; + /** + * PrivateDNSName is the options for the instance hostname. + */ + privateDnsName?: { + /** + * EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. + */ + enableResourceNameDnsAAAARecord?: boolean; + /** + * EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records. + */ + enableResourceNameDnsARecord?: boolean; + /** + * The type of hostname to assign to an instance. + */ + hostnameType?: 'ip-name' | 'resource-name'; + }; /** * The private IPv4 address assigned to the instance. */ privateIp?: string; + /** + * PublicIPOnLaunch is the option to associate a public IP on instance launch + */ + publicIPOnLaunch?: boolean; /** * The public IPv4 address assigned to the instance, if applicable. */ @@ -1213,7 +4374,9 @@ export interface IAWSManagedControlPlane { */ encrypted?: boolean; /** - * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller. + * EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. + * If Encrypted is set and this is omitted, the default AWS key will be used. + * The key must already exist and be accessible by the controller. */ encryptionKey?: string; /** @@ -1221,7 +4384,8 @@ export interface IAWSManagedControlPlane { */ iops?: number; /** - * Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). + * Size specifies size (in Gi) of the storage device. + * Must be greater than the image snapshot size or 8 (whichever is greater). */ size: number; /** @@ -1269,7 +4433,8 @@ export interface IAWSManagedControlPlane { */ type?: string; /** - * UserData is the raw data script passed to the instance which is run upon bootstrap. This field must not be base64 encoded and should only be used when running a new instance. + * UserData is the raw data script passed to the instance which is run upon bootstrap. + * This field must not be base64 encoded and should only be used when running a new instance. */ userData?: string; /** @@ -1282,19 +4447,26 @@ export interface IAWSManagedControlPlane { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -1302,12 +4474,15 @@ export interface IAWSManagedControlPlane { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; /** - * ExternalManagedControlPlane indicates to cluster-api that the control plane is managed by an external service such as AKS, EKS, GKE, etc. + * ExternalManagedControlPlane indicates to cluster-api that the control plane + * is managed by an external service such as AKS, EKS, GKE, etc. */ externalManagedControlPlane?: boolean; /** @@ -1315,7 +4490,8 @@ export interface IAWSManagedControlPlane { */ failureDomains?: { /** - * FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. */ [k: string]: { /** @@ -1331,11 +4507,13 @@ export interface IAWSManagedControlPlane { }; }; /** - * ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message. + * ErrorMessage indicates that there is a terminal problem reconciling the + * state, and will be set to a descriptive error message. */ failureMessage?: string; /** - * IdentityProviderStatus holds the status for associated identity provider + * IdentityProviderStatus holds the status for + * associated identity provider */ identityProviderStatus?: { /** @@ -1348,7 +4526,8 @@ export interface IAWSManagedControlPlane { status?: string; }; /** - * Initialized denotes whether or not the control plane has the uploaded kubernetes config-map. + * Initialized denotes whether or not the control plane has the + * uploaded kubernetes config-map. */ initialized?: boolean; /** @@ -1360,7 +4539,8 @@ export interface IAWSManagedControlPlane { */ apiServerElb?: { /** - * ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly to define and get it. + * ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + * to define and get it. */ arn?: string; /** @@ -1372,7 +4552,8 @@ export interface IAWSManagedControlPlane { */ crossZoneLoadBalancing?: boolean; /** - * IdleTimeout is time that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. + * IdleTimeout is time that the connection is allowed to be idle (no data + * has been sent over the connection) before it is closed by the load balancer. */ idleTimeout?: number; }; @@ -1400,7 +4581,8 @@ export interface IAWSManagedControlPlane { */ protocol: string; /** - * TargetGroupSpec specifies target group settings for a given listener. This is created first, and the ARN is then passed to the listener. + * TargetGroupSpec specifies target group settings for a given listener. + * This is created first, and the ARN is then passed to the listener. */ targetGroup: { /** @@ -1425,6 +4607,7 @@ export interface IAWSManagedControlPlane { protocol?: string; thresholdCount?: number; timeoutSeconds?: number; + unhealthyThresholdCount?: number; }; vpcId: string; }; @@ -1435,12 +4618,16 @@ export interface IAWSManagedControlPlane { healthChecks?: { healthyThreshold: number; /** - * A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. */ interval: number; target: string; /** - * A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. */ timeout: number; unhealthyThreshold: number; @@ -1465,7 +4652,8 @@ export interface IAWSManagedControlPlane { */ loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb'; /** - * The name of the load balancer. It must be unique within the set of load balancers defined in the region. It also serves as identifier. + * The name of the load balancer. It must be unique within the set of load balancers + * defined in the region. It also serves as identifier. */ name?: string; /** @@ -1491,6 +4679,147 @@ export interface IAWSManagedControlPlane { * NatGatewaysIPs contains the public IPs of the NAT Gateways */ natGatewaysIPs?: string[]; + /** + * SecondaryAPIServerELB is the secondary Kubernetes api server load balancer. + */ + secondaryAPIServerELB?: { + /** + * ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly + * to define and get it. + */ + arn?: string; + /** + * ClassicElbAttributes defines extra attributes associated with the load balancer. + */ + attributes?: { + /** + * CrossZoneLoadBalancing enables the classic load balancer load balancing. + */ + crossZoneLoadBalancing?: boolean; + /** + * IdleTimeout is time that the connection is allowed to be idle (no data + * has been sent over the connection) before it is closed by the load balancer. + */ + idleTimeout?: number; + }; + /** + * AvailabilityZones is an array of availability zones in the VPC attached to the load balancer. + */ + availabilityZones?: string[]; + /** + * DNSName is the dns name of the load balancer. + */ + dnsName?: string; + /** + * ELBAttributes defines extra attributes associated with v2 load balancers. + */ + elbAttributes?: { + [k: string]: string; + }; + /** + * ELBListeners is an array of listeners associated with the load balancer. There must be at least one. + */ + elbListeners?: { + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + /** + * TargetGroupSpec specifies target group settings for a given listener. + * This is created first, and the ARN is then passed to the listener. + */ + targetGroup: { + /** + * Name of the TargetGroup. Must be unique over the same group of listeners. + */ + name: string; + /** + * Port is the exposed port + */ + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: 'tcp' | 'tls' | 'udp' | 'TCP' | 'TLS' | 'UDP'; + /** + * HealthCheck is the elb health check associated with the load balancer. + */ + targetGroupHealthCheck?: { + intervalSeconds?: number; + path?: string; + port?: string; + protocol?: string; + thresholdCount?: number; + timeoutSeconds?: number; + unhealthyThresholdCount?: number; + }; + vpcId: string; + }; + }[]; + /** + * HealthCheck is the classic elb health check associated with the load balancer. + */ + healthChecks?: { + healthyThreshold: number; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + interval: number; + target: string; + /** + * A Duration represents the elapsed time between two instants + * as an int64 nanosecond count. The representation limits the + * largest representable duration to approximately 290 years. + */ + timeout: number; + unhealthyThreshold: number; + }; + /** + * ClassicELBListeners is an array of classic elb listeners associated with the load balancer. There must be at least one. + */ + listeners?: { + instancePort: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + instanceProtocol: string; + port: number; + /** + * ELBProtocol defines listener protocols for a load balancer. + */ + protocol: string; + }[]; + /** + * LoadBalancerType sets the type for a load balancer. The default type is classic. + */ + loadBalancerType?: 'classic' | 'elb' | 'alb' | 'nlb'; + /** + * The name of the load balancer. It must be unique within the set of load balancers + * defined in the region. It also serves as identifier. + */ + name?: string; + /** + * Scheme is the load balancer scheme, either internet-facing or private. + */ + scheme?: string; + /** + * SecurityGroupIDs is an array of security groups assigned to the load balancer. + */ + securityGroupIds?: string[]; + /** + * SubnetIDs is an array of subnets in the VPC attached to the load balancer. + */ + subnetIds?: string[]; + /** + * Tags is a map of tags associated with the load balancer. + */ + tags?: { + [k: string]: string; + }; + }; /** * SecurityGroups is a map from the role/kind of the security group to its unique name, if any. */ @@ -1524,15 +4853,20 @@ export interface IAWSManagedControlPlane { */ ipv6CidrBlocks?: string[]; /** - * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6). + * NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule. + */ + natGatewaysIPsSource?: boolean; + /** + * Protocol is the protocol for the ingress rule. Accepted values are "-1" (all), "4" (IP in IP),"tcp", "udp", "icmp", and "58" (ICMPv6), "50" (ESP). */ - protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58'; + protocol: '-1' | '4' | 'tcp' | 'udp' | 'icmp' | '58' | '50'; /** * The security group id to allow access from. Cannot be specified with CidrBlocks. */ sourceSecurityGroupIds?: string[]; /** - * The security group role to allow access from. Cannot be specified with CidrBlocks. The field will be combined with source security group IDs if specified. + * The security group role to allow access from. Cannot be specified with CidrBlocks. + * The field will be combined with source security group IDs if specified. */ sourceSecurityGroupRoles?: ( | 'bastion' @@ -1574,7 +4908,8 @@ export interface IAWSManagedControlPlane { trustPolicy?: string; }; /** - * Ready denotes that the AWSManagedControlPlane API Server is ready to receive requests and that the VPC infra is ready. + * Ready denotes that the AWSManagedControlPlane API Server is ready to + * receive requests and that the VPC infra is ready. */ ready: boolean; }; @@ -1591,15 +4926,23 @@ export interface IAWSManagedControlPlaneList export const AWSClusterRoleIdentity = 'AWSClusterRoleIdentity'; /** - * AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API It is used to assume a role using the provided sourceRef. + * AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API + * It is used to assume a role using the provided sourceRef. */ export interface IAWSClusterRoleIdentity { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AWSClusterRoleIdentity; metadata: metav1.IObjectMeta; @@ -1608,7 +4951,11 @@ export interface IAWSClusterRoleIdentity { */ spec?: { /** - * AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity. + * AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. + * Namespaces can be selected either using an array of namespaces or with label selector. + * An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. + * If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + * A namespace should be either in the NamespaceList or match with Selector to use the identity. */ allowedNamespaces?: { /** @@ -1616,7 +4963,8 @@ export interface IAWSClusterRoleIdentity { */ list?: string[]; /** - * An empty selector indicates that AWSClusters cannot use this AWSClusterIdentity from any namespace. + * An empty selector indicates that AWSClusters cannot use this + * AWSClusterIdentity from any namespace. */ selector?: { /** @@ -1628,16 +4976,22 @@ export interface IAWSClusterRoleIdentity { */ key: string; /** - * operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + * operator represents a key's relationship to a set of values. + * Valid operators are In, NotIn, Exists and DoesNotExist. */ operator: string; /** - * values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + * values is an array of string values. If the operator is In or NotIn, + * the values array must be non-empty. If the operator is Exists or DoesNotExist, + * the values array must be empty. This array is replaced during a strategic + * merge patch. */ values?: string[]; }[]; /** - * matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + * matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + * map is equivalent to an element of matchExpressions, whose key field is "key", the + * operator is "In", and the values array contains only "value". The requirements are ANDed. */ matchLabels?: { [k: string]: string; @@ -1649,7 +5003,15 @@ export interface IAWSClusterRoleIdentity { */ durationSeconds?: number; /** - * A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide. + * A unique identifier that might be required when you assume a role in another account. + * If the administrator of the account to which the role belongs provided you with an + * external ID, then provide that value in the ExternalId parameter. This value can be + * any string, such as a passphrase or account number. A cross-account role is usually + * set up to trust everyone in an account. Therefore, the administrator of the trusting + * account might send an external ID to the administrator of the trusted account. That + * way, only someone with the ID can assume the role, rather than everyone in the + * account. For more information about the external ID, see How to Use an External ID + * When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide. */ externalID?: string; /** @@ -1657,7 +5019,9 @@ export interface IAWSClusterRoleIdentity { */ inlinePolicy?: string; /** - * The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role. + * The Amazon Resource Names (ARNs) of the IAM managed policies that you want + * to use as managed session policies. + * The policies must exist in the same account as the role. */ policyARNs?: string[]; /** @@ -1669,7 +5033,8 @@ export interface IAWSClusterRoleIdentity { */ sessionName?: string; /** - * SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted. + * SourceIdentityRef is a reference to another identity which will be chained to do + * role assumption. All identity types are accepted. */ sourceIdentityRef?: { /** diff --git a/src/model/services/mapi/capgv1beta1/types.ts b/src/model/services/mapi/capgv1beta1/types.ts index 42c0e0a6da..ab1bf096f3 100644 --- a/src/model/services/mapi/capgv1beta1/types.ts +++ b/src/model/services/mapi/capgv1beta1/types.ts @@ -15,11 +15,18 @@ export const GCPCluster = 'GCPCluster'; */ export interface IGCPCluster { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof GCPCluster; metadata: metav1.IObjectMeta; @@ -28,7 +35,8 @@ export interface IGCPCluster { */ spec?: { /** - * AdditionalLabels is an optional set of tags to add to GCP resources managed by the GCP provider, in addition to the ones added by default. + * AdditionalLabels is an optional set of tags to add to GCP resources managed by the GCP provider, in addition to the + * ones added by default. */ additionalLabels?: { [k: string]: string; @@ -47,36 +55,93 @@ export interface IGCPCluster { port: number; }; /** - * CredentialsRef is a reference to a Secret that contains the credentials to use for provisioning this cluster. If not supplied then the credentials of the controller will be used. + * CredentialsRef is a reference to a Secret that contains the credentials to use for provisioning this cluster. If not + * supplied then the credentials of the controller will be used. */ credentialsRef?: { /** - * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + * Name of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ name: string; /** - * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + * Namespace of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ namespace: string; }; /** - * FailureDomains is an optional field which is used to assign selected availability zones to a cluster FailureDomains if empty, defaults to all the zones in the selected region and if specified would override the default zones. + * FailureDomains is an optional field which is used to assign selected availability zones to a cluster + * FailureDomains if empty, defaults to all the zones in the selected region and if specified would override + * the default zones. */ failureDomains?: string[]; + /** + * LoadBalancer contains configuration for one or more LoadBalancers. + */ + loadBalancer?: { + /** + * APIServerInstanceGroupTagOverride overrides the default setting for the + * tag used when creating the API Server Instance Group. + */ + apiServerInstanceGroupTagOverride?: string; + /** + * InternalLoadBalancer is the configuration for an Internal Passthrough Network Load Balancer. + */ + internalLoadBalancer?: { + /** + * Name is the name of the Load Balancer. If not set a default name + * will be used. For an Internal Load Balancer service the default + * name is "api-internal". + */ + name?: string; + /** + * Subnet is the name of the subnet to use for a regional Load Balancer. A subnet is + * required for the Load Balancer, if not defined the first configured subnet will be + * used. + */ + subnet?: string; + }; + /** + * LoadBalancerType defines the type of Load Balancer that should be created. + * If not set, a Global External Proxy Load Balancer will be created by default. + */ + loadBalancerType?: string; + }; /** * NetworkSpec encapsulates all things related to GCP network. */ network?: { /** - * AutoCreateSubnetworks: When set to true, the VPC network is created in "auto" mode. When set to false, the VPC network is created in "custom" mode. - * An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. - * Defaults to true. + * AutoCreateSubnetworks: When set to true, the VPC network is created + * in "auto" mode. When set to false, the VPC network is created in + * "custom" mode. + * + * + * An auto mode VPC network starts with one subnet per region. Each + * subnet has a predetermined range as described in Auto mode VPC + * network IP ranges. + * + * + * Defaults to true. */ autoCreateSubnetworks?: boolean; + /** + * HostProject is the name of the project hosting the shared VPC network resources. + */ + hostProject?: string; /** * Allow for configuration of load balancer backend (useful for changing apiserver port) */ loadBalancerBackendPort?: number; + /** + * Mtu: Maximum Transmission Unit in bytes. The minimum value for this field is + * 1300 and the maximum value is 8896. The suggested value is 1500, which is + * the default MTU used on the Internet, or 8896 if you want to use Jumbo + * frames. If unspecified, the value defaults to 1460. + * More info: https://pkg.go.dev/google.golang.org/api/compute/v1#Network + */ + mtu?: number; /** * Name is the name of the network to be used. */ @@ -86,7 +151,11 @@ export interface IGCPCluster { */ subnets?: { /** - * CidrBlock is the range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time. + * CidrBlock is the range of internal addresses that are owned by this + * subnetwork. Provide this property when you create the subnetwork. For + * example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and + * non-overlapping within a network. Only IPv4 is supported. This field + * can be set only at resource creation time. */ cidrBlock?: string; /** @@ -94,7 +163,9 @@ export interface IGCPCluster { */ description?: string; /** - * EnableFlowLogs: Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. + * EnableFlowLogs: Whether to enable flow logging for this subnetwork. + * If this field is not explicitly set, it will not appear in get + * listings. If not set the default behavior is to disable flow logging. */ enableFlowLogs?: boolean; /** @@ -102,12 +173,26 @@ export interface IGCPCluster { */ name?: string; /** - * PrivateGoogleAccess defines whether VMs in this subnet can access Google services without assigning external IP addresses + * PrivateGoogleAccess defines whether VMs in this subnet can access + * Google services without assigning external IP addresses */ privateGoogleAccess?: boolean; /** - * Purpose: The purpose of the resource. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER. - * Possible values: "INTERNAL_HTTPS_LOAD_BALANCER" - Subnet reserved for Internal HTTP(S) Load Balancing. "PRIVATE" - Regular user created or automatically created subnet. "PRIVATE_RFC_1918" - Regular user created or automatically created subnet. "PRIVATE_SERVICE_CONNECT" - Subnetworks created for Private Service Connect in the producer network. "REGIONAL_MANAGED_PROXY" - Subnetwork used for Regional Internal/External HTTP(S) Load Balancing. + * Purpose: The purpose of the resource. + * If unspecified, the purpose defaults to PRIVATE_RFC_1918. + * The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER. + * + * + * Possible values: + * "INTERNAL_HTTPS_LOAD_BALANCER" - Subnet reserved for Internal + * HTTP(S) Load Balancing. + * "PRIVATE" - Regular user created or automatically created subnet. + * "PRIVATE_RFC_1918" - Regular user created or automatically created + * subnet. + * "PRIVATE_SERVICE_CONNECT" - Subnetworks created for Private Service + * Connect in the producer network. + * "REGIONAL_MANAGED_PROXY" - Subnetwork used for Regional + * Internal/External HTTP(S) Load Balancing. */ purpose?: | 'INTERNAL_HTTPS_LOAD_BALANCER' @@ -120,7 +205,8 @@ export interface IGCPCluster { */ region?: string; /** - * SecondaryCidrBlocks defines secondary CIDR ranges, from which secondary IP ranges of a VM may be allocated + * SecondaryCidrBlocks defines secondary CIDR ranges, + * from which secondary IP ranges of a VM may be allocated */ secondaryCidrBlocks?: { [k: string]: string; @@ -135,6 +221,36 @@ export interface IGCPCluster { * The GCP Region the cluster lives in. */ region: string; + /** + * ResourceManagerTags is an optional set of tags to apply to GCP resources managed + * by the GCP provider. GCP supports a maximum of 50 tags per resource. + */ + resourceManagerTags?: { + /** + * Key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot + * be empty. Tag key must begin and end with an alphanumeric character, and must contain + * only uppercase, lowercase alphanumeric characters, and the following special + * characters `._-`. + */ + key: string; + /** + * ParentID is the ID of the hierarchical resource where the tags are defined + * e.g. at the Organization or the Project level. To find the Organization or Project ID ref + * https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id + * https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects + * An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. + * A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, + * numbers, and hyphens, and must start with a letter, and cannot end with a hyphen. + */ + parentID: string; + /** + * Value is the value part of the tag. A tag value can have a maximum of 63 characters and + * cannot be empty. Tag value must begin and end with an alphanumeric character, and must + * contain only uppercase, lowercase alphanumeric characters, and the following special + * characters `_-.@%=+:,*#&(){}[]` and spaces. + */ + value: string; + }[]; }; /** * GCPClusterStatus defines the observed state of GCPCluster. @@ -145,7 +261,8 @@ export interface IGCPCluster { */ failureDomains?: { /** - * FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. */ [k: string]: { /** @@ -165,29 +282,55 @@ export interface IGCPCluster { */ network?: { /** - * APIServerBackendService is the full reference to the backend service created for the API Server. + * APIInternalBackendService is the full reference to the backend service + * created for the internal Load Balancer. + */ + apiInternalBackendService?: string; + /** + * APIInternalForwardingRule is the full reference to the forwarding rule + * created for the internal Load Balancer. + */ + apiInternalForwardingRule?: string; + /** + * APIInternalHealthCheck is the full reference to the health check + * created for the internal Load Balancer. + */ + apiInternalHealthCheck?: string; + /** + * APIInternalAddress is the IPV4 regional address assigned to the + * internal Load Balancer. + */ + apiInternalIpAddress?: string; + /** + * APIServerBackendService is the full reference to the backend service + * created for the API Server. */ apiServerBackendService?: string; /** - * APIServerForwardingRule is the full reference to the forwarding rule created for the API Server. + * APIServerForwardingRule is the full reference to the forwarding rule + * created for the API Server. */ apiServerForwardingRule?: string; /** - * APIServerHealthCheck is the full reference to the health check created for the API Server. + * APIServerHealthCheck is the full reference to the health check + * created for the API Server. */ apiServerHealthCheck?: string; /** - * APIServerInstanceGroups is a map from zone to the full reference to the instance groups created for the control plane nodes created in the same zone. + * APIServerInstanceGroups is a map from zone to the full reference + * to the instance groups created for the control plane nodes created in the same zone. */ apiServerInstanceGroups?: { [k: string]: string; }; /** - * APIServerAddress is the IPV4 global address assigned to the load balancer created for the API Server. + * APIServerAddress is the IPV4 global address assigned to the load balancer + * created for the API Server. */ apiServerIpAddress?: string; /** - * APIServerTargetProxy is the full reference to the target proxy created for the API Server. + * APIServerTargetProxy is the full reference to the target proxy + * created for the API Server. */ apiServerTargetProxy?: string; /** @@ -197,7 +340,8 @@ export interface IGCPCluster { [k: string]: string; }; /** - * Router is the full reference to the router created within the network it'll contain the cloud nat gateway + * Router is the full reference to the router created within the network + * it'll contain the cloud nat gateway */ router?: string; /** @@ -226,11 +370,18 @@ export const GCPMachineTemplate = 'GCPMachineTemplate'; */ export interface IGCPMachineTemplate { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof GCPMachineTemplate; metadata: metav1.IObjectMeta; @@ -243,17 +394,24 @@ export interface IGCPMachineTemplate { */ template: { /** - * Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + * Standard object's metadata. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata */ metadata?: { /** - * Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations + * Annotations is an unstructured key value map stored with a resource that may be + * set by external tools to store and retrieve arbitrary metadata. They are not + * queryable and should be preserved when modifying objects. + * More info: http://kubernetes.io/docs/user-guide/annotations */ annotations?: { [k: string]: string; }; /** - * Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels + * Map of string keys and values that can be used to organize and categorize + * (scope and select) objects. May match selectors of replication controllers + * and services. + * More info: http://kubernetes.io/docs/user-guide/labels */ labels?: { [k: string]: string; @@ -268,22 +426,85 @@ export interface IGCPMachineTemplate { */ additionalDisks?: { /** - * DeviceType is a device type of the attached disk. Supported types of non-root attached volumes: 1. "pd-standard" - Standard (HDD) persistent disk 2. "pd-ssd" - SSD persistent disk 3. "local-ssd" - Local SSD disk (https://cloud.google.com/compute/docs/disks/local-ssd). Default is "pd-standard". + * DeviceType is a device type of the attached disk. + * Supported types of non-root attached volumes: + * 1. "pd-standard" - Standard (HDD) persistent disk + * 2. "pd-ssd" - SSD persistent disk + * 3. "local-ssd" - Local SSD disk (https://cloud.google.com/compute/docs/disks/local-ssd). + * 4. "pd-balanced" - Balanced Persistent Disk + * 5. "hyperdisk-balanced" - Hyperdisk Balanced + * Default is "pd-standard". */ deviceType?: string; /** - * Size is the size of the disk in GBs. Defaults to 30GB. For "local-ssd" size is always 375GB. + * EncryptionKey defines the KMS key to be used to encrypt the disk. + */ + encryptionKey?: { + /** + * KeyType is the type of encryption key. Must be either Managed, aka Customer-Managed Encryption Key (CMEK) or + * Supplied, aka Customer-Supplied EncryptionKey (CSEK). + */ + keyType: 'Managed' | 'Supplied'; + /** + * KMSKeyServiceAccount is the service account being used for the encryption request for the given KMS key. + * If absent, the Compute Engine default service account is used. For example: + * "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com. + * The maximum length is based on the Service Account ID (max 30), Project (max 30), and a valid gcloud email + * suffix ("iam.gserviceaccount.com"). + */ + kmsKeyServiceAccount?: string; + /** + * ManagedKey references keys managed by the Cloud Key Management Service. This should be set when KeyType is Managed. + */ + managedKey?: { + /** + * KMSKeyName is the name of the encryption key that is stored in Google Cloud KMS. For example: + * "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/key_region/cryptoKeys/key + */ + kmsKeyName?: string; + }; + /** + * SuppliedKey provides the key used to create or manage a disk. This should be set when KeyType is Managed. + */ + suppliedKey?: { + /** + * RawKey specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 + * base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. + * For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=" + */ + rawKey?: string; + /** + * RSAEncryptedKey specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption + * key to either encrypt or decrypt this resource. You can provide either the rawKey or the + * rsaEncryptedKey. + * For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFHi + * z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoDi + * D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" + * The key must meet the following requirements before you can provide it to Compute Engine: + * 1. The key is wrapped using a RSA public key certificate provided by Google. + * 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. + * Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem + */ + rsaEncryptedKey?: string; + }; + }; + /** + * Size is the size of the disk in GBs. + * Defaults to 30GB. For "local-ssd" size is always 375GB. */ size?: number; }[]; /** - * AdditionalLabels is an optional set of tags to add to an instance, in addition to the ones added by default by the GCP provider. If both the GCPCluster and the GCPMachine specify the same tag name with different values, the GCPMachine's value takes precedence. + * AdditionalLabels is an optional set of tags to add to an instance, in addition to the ones added by default by the + * GCP provider. If both the GCPCluster and the GCPMachine specify the same tag name with different values, the + * GCPMachine's value takes precedence. */ additionalLabels?: { [k: string]: string; }; /** - * AdditionalMetadata is an optional set of metadata to add to an instance, in addition to the ones added by default by the GCP provider. + * AdditionalMetadata is an optional set of metadata to add to an instance, in addition to the ones added by default by the + * GCP provider. */ additionalMetadata?: { /** @@ -296,15 +517,20 @@ export interface IGCPMachineTemplate { value?: string; }[]; /** - * AdditionalNetworkTags is a list of network tags that should be applied to the instance. These tags are set in addition to any network tags defined at the cluster level or in the actuator. + * AdditionalNetworkTags is a list of network tags that should be applied to the + * instance. These tags are set in addition to any network tags defined + * at the cluster level or in the actuator. */ additionalNetworkTags?: string[]; /** - * ConfidentialCompute Defines whether the instance should have confidential compute enabled. If enabled OnHostMaintenance is required to be set to "Terminate". If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * ConfidentialCompute Defines whether the instance should have confidential compute enabled. + * If enabled OnHostMaintenance is required to be set to "Terminate". + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ confidentialCompute?: 'Enabled' | 'Disabled'; /** - * Image is the full reference to a valid image to be used for this machine. Takes precedence over ImageFamily. + * Image is the full reference to a valid image to be used for this machine. + * Takes precedence over ImageFamily. */ image?: string; /** @@ -316,11 +542,13 @@ export interface IGCPMachineTemplate { */ instanceType: string; /** - * IPForwarding Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. Defaults to enabled. + * IPForwarding Allows this instance to send and receive packets with non-matching destination or source IPs. + * This is required if you plan to use this instance to forward routes. Defaults to enabled. */ ipForwarding?: 'Enabled' | 'Disabled'; /** - * OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". + * OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is "Migrate". */ onHostMaintenance?: 'Migrate' | 'Terminate'; /** @@ -332,19 +560,110 @@ export interface IGCPMachineTemplate { */ providerID?: string; /** - * PublicIP specifies whether the instance should get a public IP. Set this to true if you don't have a NAT instances or Cloud Nat setup. + * PublicIP specifies whether the instance should get a public IP. + * Set this to true if you don't have a NAT instances or Cloud Nat setup. */ publicIP?: boolean; /** - * RootDeviceSize is the size of the root volume in GB. Defaults to 30. + * ResourceManagerTags is an optional set of tags to apply to GCP resources managed + * by the GCP provider. GCP supports a maximum of 50 tags per resource. + */ + resourceManagerTags?: { + /** + * Key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot + * be empty. Tag key must begin and end with an alphanumeric character, and must contain + * only uppercase, lowercase alphanumeric characters, and the following special + * characters `._-`. + */ + key: string; + /** + * ParentID is the ID of the hierarchical resource where the tags are defined + * e.g. at the Organization or the Project level. To find the Organization or Project ID ref + * https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id + * https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects + * An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. + * A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, + * numbers, and hyphens, and must start with a letter, and cannot end with a hyphen. + */ + parentID: string; + /** + * Value is the value part of the tag. A tag value can have a maximum of 63 characters and + * cannot be empty. Tag value must begin and end with an alphanumeric character, and must + * contain only uppercase, lowercase alphanumeric characters, and the following special + * characters `_-.@%=+:,*#&(){}[]` and spaces. + */ + value: string; + }[]; + /** + * RootDeviceSize is the size of the root volume in GB. + * Defaults to 30. */ rootDeviceSize?: number; /** - * RootDeviceType is the type of the root volume. Supported types of root volumes: 1. "pd-standard" - Standard (HDD) persistent disk 2. "pd-ssd" - SSD persistent disk Default is "pd-standard". + * RootDeviceType is the type of the root volume. + * Supported types of root volumes: + * 1. "pd-standard" - Standard (HDD) persistent disk + * 2. "pd-ssd" - SSD persistent disk + * 3. "pd-balanced" - Balanced Persistent Disk + * 4. "hyperdisk-balanced" - Hyperdisk Balanced + * Default is "pd-standard". */ rootDeviceType?: string; /** - * ServiceAccount specifies the service account email and which scopes to assign to the machine. Defaults to: email: "default", scope: []{compute.CloudPlatformScope} + * RootDiskEncryptionKey defines the KMS key to be used to encrypt the root disk. + */ + rootDiskEncryptionKey?: { + /** + * KeyType is the type of encryption key. Must be either Managed, aka Customer-Managed Encryption Key (CMEK) or + * Supplied, aka Customer-Supplied EncryptionKey (CSEK). + */ + keyType: 'Managed' | 'Supplied'; + /** + * KMSKeyServiceAccount is the service account being used for the encryption request for the given KMS key. + * If absent, the Compute Engine default service account is used. For example: + * "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com. + * The maximum length is based on the Service Account ID (max 30), Project (max 30), and a valid gcloud email + * suffix ("iam.gserviceaccount.com"). + */ + kmsKeyServiceAccount?: string; + /** + * ManagedKey references keys managed by the Cloud Key Management Service. This should be set when KeyType is Managed. + */ + managedKey?: { + /** + * KMSKeyName is the name of the encryption key that is stored in Google Cloud KMS. For example: + * "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/key_region/cryptoKeys/key + */ + kmsKeyName?: string; + }; + /** + * SuppliedKey provides the key used to create or manage a disk. This should be set when KeyType is Managed. + */ + suppliedKey?: { + /** + * RawKey specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 + * base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. + * For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=" + */ + rawKey?: string; + /** + * RSAEncryptedKey specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption + * key to either encrypt or decrypt this resource. You can provide either the rawKey or the + * rsaEncryptedKey. + * For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFHi + * z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoDi + * D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" + * The key must meet the following requirements before you can provide it to Compute Engine: + * 1. The key is wrapped using a RSA public key certificate provided by Google. + * 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. + * Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem + */ + rsaEncryptedKey?: string; + }; + }; + /** + * ServiceAccount specifies the service account email and which scopes to assign to the machine. + * Defaults to: email: "default", scope: []{compute.CloudPlatformScope} */ serviceAccounts?: { /** @@ -352,7 +671,8 @@ export interface IGCPMachineTemplate { */ email?: string; /** - * Scopes: The list of scopes to be made available for this service account. + * Scopes: The list of scopes to be made available for this service + * account. */ scopes?: string[]; }; @@ -361,20 +681,28 @@ export interface IGCPMachineTemplate { */ shieldedInstanceConfig?: { /** - * IntegrityMonitoring determines whether the instance should have integrity monitoring that verify the runtime boot integrity. Compares the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled. + * IntegrityMonitoring determines whether the instance should have integrity monitoring that verify the runtime boot integrity. + * Compares the most recent boot measurements to the integrity policy baseline and return + * a pair of pass/fail results depending on whether they match or not. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled. */ integrityMonitoring?: 'Enabled' | 'Disabled'; /** - * SecureBoot Defines whether the instance should have secure boot enabled. Secure Boot verify the digital signature of all boot components, and halting the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Disabled. + * SecureBoot Defines whether the instance should have secure boot enabled. + * Secure Boot verify the digital signature of all boot components, and halting the boot process if signature verification fails. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is Disabled. */ secureBoot?: 'Enabled' | 'Disabled'; /** - * VirtualizedTrustedPlatformModule enable virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled. + * VirtualizedTrustedPlatformModule enable virtualized trusted platform module measurements to create a known good boot integrity policy baseline. + * The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is Enabled. */ virtualizedTrustedPlatformModule?: 'Enabled' | 'Disabled'; }; /** - * Subnet is a reference to the subnetwork to use for this instance. If not specified, the first subnetwork retrieved from the Cluster Region and Network is picked. + * Subnet is a reference to the subnetwork to use for this instance. If not specified, + * the first subnetwork retrieved from the Cluster Region and Network is picked. */ subnet?: string; }; diff --git a/src/model/services/mapi/capzv1beta1/types.ts b/src/model/services/mapi/capzv1beta1/types.ts index 3f2c665053..6952de05ad 100644 --- a/src/model/services/mapi/capzv1beta1/types.ts +++ b/src/model/services/mapi/capzv1beta1/types.ts @@ -15,11 +15,18 @@ export const AzureCluster = 'AzureCluster'; */ export interface IAzureCluster { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AzureCluster; metadata: metav1.IObjectMeta; @@ -28,13 +35,34 @@ export interface IAzureCluster { */ spec?: { /** - * AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default. + * AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the + * ones added by default. */ additionalTags?: { [k: string]: string; }; /** - * AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud" + * AzureEnvironment is the name of the AzureCloud to be used. + * The default value that would be used by most users is "AzurePublicCloud", other values are: + * - ChinaCloud: "AzureChinaCloud" + * - GermanCloud: "AzureGermanCloud" + * - PublicCloud: "AzurePublicCloud" + * - USGovernmentCloud: "AzureUSGovernmentCloud" + * + * + * Note that values other than the default must also be accompanied by corresponding changes to the + * aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does + * not support referring to multiple different clouds in a single installation. The following fields must + * be defined in the Secret: + * - AZURE_AUTHORITY_HOST + * - AZURE_RESOURCE_MANAGER_ENDPOINT + * - AZURE_RESOURCE_MANAGER_AUDIENCE + * + * + * See the [ASO docs] for more details. + * + * + * [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/ */ azureEnvironment?: string; /** @@ -80,7 +108,8 @@ export interface IAzureCluster { */ cidrBlocks?: string[]; /** - * ID is the Azure resource ID of the subnet. READ-ONLY + * ID is the Azure resource ID of the subnet. + * READ-ONLY */ id?: string; /** @@ -92,7 +121,8 @@ export interface IAzureCluster { */ natGateway?: { /** - * ID is the Azure resource ID of the NAT gateway. READ-ONLY + * ID is the Azure resource ID of the NAT gateway. + * READ-ONLY */ id?: string; /** @@ -131,7 +161,9 @@ export interface IAzureCluster { */ location?: string; /** - * ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. + * ManualApproval specifies if the connection approval needs to be done manually or not. + * Set it true when the network admin does not have access to approve connections to the remote resource. + * Defaults to false. */ manualApproval?: boolean; /** @@ -139,7 +171,8 @@ export interface IAzureCluster { */ name: string; /** - * PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. + * PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. + * They have to be part of the subnet where the private endpoint is linked. */ privateIPAddresses?: string[]; /** @@ -167,13 +200,14 @@ export interface IAzureCluster { /** * Role defines the subnet role (eg. Node, ControlPlane) */ - role: 'node' | 'control-plane' | 'bastion'; + role: 'node' | 'control-plane' | 'bastion' | 'cluster'; /** * RouteTable defines the route table that should be attached to this subnet. */ routeTable?: { /** - * ID is the Azure resource ID of the route table. READ-ONLY + * ID is the Azure resource ID of the route table. + * READ-ONLY */ id?: string; name: string; @@ -183,7 +217,8 @@ export interface IAzureCluster { */ securityGroup?: { /** - * ID is the Azure resource ID of the security group. READ-ONLY + * ID is the Azure resource ID of the security group. + * READ-ONLY */ id?: string; name: string; @@ -231,6 +266,10 @@ export interface IAzureCluster { * SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. */ sourcePorts?: string; + /** + * Sources specifies The CIDR or source IP ranges. + */ + sources?: string[]; }[]; /** * Tags defines a map of tags. @@ -250,7 +289,11 @@ export interface IAzureCluster { }; }; /** - * CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. This is only a subset of options that are available in azure cloud provider config. Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. See: https://cloud-provider-azure.sigs.k8s.io/install/configs Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider. + * CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. + * This is only a subset of options that are available in azure cloud provider config. + * Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. + * See: https://cloud-provider-azure.sigs.k8s.io/install/configs + * Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider. */ cloudProviderConfigOverrides?: { /** @@ -296,7 +339,8 @@ export interface IAzureCluster { }[]; }; /** - * ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it. + * ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set + * this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it. */ controlPlaneEndpoint?: { /** @@ -321,6 +365,30 @@ export interface IAzureCluster { */ type: 'EdgeZone'; }; + /** + * FailureDomains is a list of failure domains in the cluster's region, used to restrict + * eligibility to host the control plane. A FailureDomain maps to an availability zone, + * which is a separated group of datacenters within a region. + * See: https://learn.microsoft.com/azure/reliability/availability-zones-overview + */ + failureDomains?: { + /** + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. + */ + [k: string]: { + /** + * Attributes is a free form map of attributes an infrastructure provider might use or require. + */ + attributes?: { + [k: string]: string; + }; + /** + * ControlPlane determines if this failure domain is suitable for use by control plane machines. + */ + controlPlane?: boolean; + }; + }; /** * IdentityRef is a reference to an AzureIdentity to be used when reconciling this cluster */ @@ -330,27 +398,39 @@ export interface IAzureCluster { */ apiVersion?: string; /** - * If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + * If referring to a piece of an object instead of an entire object, this string + * should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + * For example, if the object reference is to a container within a pod, this would take on a value like: + * "spec.containers{name}" (where "name" refers to the name of the container that triggered + * the event) or if no container name is specified "spec.containers[2]" (container with + * index 2 in this pod). This syntax is chosen only to have some well-defined way of + * referencing a part of an object. + * TODO: this design is not final and this field is subject to change in the future. */ fieldPath?: string; /** - * Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind of the referent. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind?: string; /** - * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + * Name of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ name?: string; /** - * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + * Namespace of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ namespace?: string; /** - * Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + * Specific resourceVersion to which this reference is made, if any. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency */ resourceVersion?: string; /** - * UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + * UID of the referent. + * More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids */ uid?: string; }; @@ -368,7 +448,8 @@ export interface IAzureCluster { */ backendPool?: { /** - * Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. + * Name specifies the name of backend pool for the load balancer. If not specified, the default name will + * be set, depending on the load balancer role. */ name?: string; }; @@ -398,7 +479,8 @@ export interface IAzureCluster { */ frontendIPsCount?: number; /** - * ID is the Azure resource ID of the load balancer. READ-ONLY + * ID is the Azure resource ID of the load balancer. + * READ-ONLY */ id?: string; /** @@ -416,7 +498,8 @@ export interface IAzureCluster { type?: string; }; /** - * ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic. + * ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. + * This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic. */ controlPlaneOutboundLB?: { /** @@ -424,7 +507,8 @@ export interface IAzureCluster { */ backendPool?: { /** - * Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. + * Name specifies the name of backend pool for the load balancer. If not specified, the default name will + * be set, depending on the load balancer role. */ name?: string; }; @@ -454,7 +538,8 @@ export interface IAzureCluster { */ frontendIPsCount?: number; /** - * ID is the Azure resource ID of the load balancer. READ-ONLY + * ID is the Azure resource ID of the load balancer. + * READ-ONLY */ id?: string; /** @@ -480,7 +565,8 @@ export interface IAzureCluster { */ backendPool?: { /** - * Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. + * Name specifies the name of backend pool for the load balancer. If not specified, the default name will + * be set, depending on the load balancer role. */ name?: string; }; @@ -510,7 +596,8 @@ export interface IAzureCluster { */ frontendIPsCount?: number; /** - * ID is the Azure resource ID of the load balancer. READ-ONLY + * ID is the Azure resource ID of the load balancer. + * READ-ONLY */ id?: string; /** @@ -540,7 +627,8 @@ export interface IAzureCluster { */ cidrBlocks?: string[]; /** - * ID is the Azure resource ID of the subnet. READ-ONLY + * ID is the Azure resource ID of the subnet. + * READ-ONLY */ id?: string; /** @@ -552,7 +640,8 @@ export interface IAzureCluster { */ natGateway?: { /** - * ID is the Azure resource ID of the NAT gateway. READ-ONLY + * ID is the Azure resource ID of the NAT gateway. + * READ-ONLY */ id?: string; /** @@ -591,7 +680,9 @@ export interface IAzureCluster { */ location?: string; /** - * ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. + * ManualApproval specifies if the connection approval needs to be done manually or not. + * Set it true when the network admin does not have access to approve connections to the remote resource. + * Defaults to false. */ manualApproval?: boolean; /** @@ -599,7 +690,8 @@ export interface IAzureCluster { */ name: string; /** - * PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. + * PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. + * They have to be part of the subnet where the private endpoint is linked. */ privateIPAddresses?: string[]; /** @@ -627,13 +719,14 @@ export interface IAzureCluster { /** * Role defines the subnet role (eg. Node, ControlPlane) */ - role: 'node' | 'control-plane' | 'bastion'; + role: 'node' | 'control-plane' | 'bastion' | 'cluster'; /** * RouteTable defines the route table that should be attached to this subnet. */ routeTable?: { /** - * ID is the Azure resource ID of the route table. READ-ONLY + * ID is the Azure resource ID of the route table. + * READ-ONLY */ id?: string; name: string; @@ -643,7 +736,8 @@ export interface IAzureCluster { */ securityGroup?: { /** - * ID is the Azure resource ID of the security group. READ-ONLY + * ID is the Azure resource ID of the security group. + * READ-ONLY */ id?: string; name: string; @@ -691,6 +785,10 @@ export interface IAzureCluster { * SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. */ sourcePorts?: string; + /** + * Sources specifies The CIDR or source IP ranges. + */ + sources?: string[]; }[]; /** * Tags defines a map of tags. @@ -716,7 +814,8 @@ export interface IAzureCluster { */ cidrBlocks?: string[]; /** - * ID is the Azure resource ID of the virtual network. READ-ONLY + * ID is the Azure resource ID of the virtual network. + * READ-ONLY */ id?: string; /** @@ -728,23 +827,30 @@ export interface IAzureCluster { */ peerings?: { /** - * ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the remote virtual network. + * ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the + * remote virtual network. */ forwardPeeringProperties?: { /** - * AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. + * AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be + * allowed/disallowed in remote virtual network. */ allowForwardedTraffic?: boolean; /** - * AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. + * AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual + * network. */ allowGatewayTransit?: boolean; /** - * AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. + * AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access + * the VMs in remote virtual network space. */ allowVirtualNetworkAccess?: boolean; /** - * UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. + * UseRemoteGateways specifies if remote gateways can be used on this virtual network. + * If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network + * will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. + * This flag cannot be set if virtual network already has a gateway. */ useRemoteGateways?: boolean; }; @@ -757,29 +863,37 @@ export interface IAzureCluster { */ resourceGroup?: string; /** - * ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the cluster's virtual network. + * ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the + * cluster's virtual network. */ reversePeeringProperties?: { /** - * AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. + * AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be + * allowed/disallowed in remote virtual network. */ allowForwardedTraffic?: boolean; /** - * AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. + * AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual + * network. */ allowGatewayTransit?: boolean; /** - * AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. + * AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access + * the VMs in remote virtual network space. */ allowVirtualNetworkAccess?: boolean; /** - * UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. + * UseRemoteGateways specifies if remote gateways can be used on this virtual network. + * If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network + * will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. + * This flag cannot be set if virtual network already has a gateway. */ useRemoteGateways?: boolean; }; }[]; /** - * ResourceGroup is the name of the resource group of the existing virtual network or the resource group where a managed virtual network should be created. + * ResourceGroup is the name of the resource group of the existing virtual network + * or the resource group where a managed virtual network should be created. */ resourceGroup?: string; /** @@ -802,19 +916,26 @@ export interface IAzureCluster { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -822,16 +943,24 @@ export interface IAzureCluster { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; /** - * FailureDomains specifies the list of unique failure domains for the location/region of the cluster. A FailureDomain maps to Availability Zone with an Azure Region (if the region support them). An Availability Zone is a separate data center within a region and they can be used to ensure the cluster is more resilient to failure. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview This list will be used by Cluster API to try and spread the machines across the failure domains. + * FailureDomains specifies the list of unique failure domains for the location/region of the cluster. + * A FailureDomain maps to Availability Zone with an Azure Region (if the region support them). An + * Availability Zone is a separate data center within a region and they can be used to ensure + * the cluster is more resilient to failure. + * See: https://learn.microsoft.com/azure/reliability/availability-zones-overview + * This list will be used by Cluster API to try and spread the machines across the failure domains. */ failureDomains?: { /** - * FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + * FailureDomainSpec is the Schema for Cluster API failure domains. + * It allows controllers to understand how many failure domains a cluster can optionally span across. */ [k: string]: { /** @@ -847,7 +976,8 @@ export interface IAzureCluster { }; }; /** - * LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. + * LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the + * next reconciliation loop. */ longRunningOperationStates?: { /** @@ -855,7 +985,8 @@ export interface IAzureCluster { */ data: string; /** - * Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. + * Name is the name of the Azure resource. + * Together with the service name, this forms the unique identifier for the future. */ name: string; /** @@ -863,7 +994,8 @@ export interface IAzureCluster { */ resourceGroup?: string; /** - * ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. + * ServiceName is the name of the Azure service. + * Together with the name of the resource, this forms the unique identifier for the future. */ serviceName: string; /** @@ -892,11 +1024,18 @@ export const AzureClusterIdentity = 'AzureClusterIdentity'; */ export interface IAzureClusterIdentity { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AzureClusterIdentity; metadata: metav1.IObjectMeta; @@ -905,7 +1044,11 @@ export interface IAzureClusterIdentity { */ spec?: { /** - * AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity. + * AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. + * Namespaces can be selected either using an array of namespaces or with label selector. + * An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. + * If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) + * A namespace should be either in the NamespaceList or match with Selector to use the identity. */ allowedNamespaces?: { /** @@ -913,8 +1056,14 @@ export interface IAzureClusterIdentity { */ list?: string[]; /** - * Selector is a selector of namespaces that AzureCluster can use this Identity from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. - * A nil or empty selector indicates that AzureCluster cannot use this AzureClusterIdentity from any namespace. + * Selector is a selector of namespaces that AzureCluster can + * use this Identity from. This is a standard Kubernetes LabelSelector, + * a label query over a set of resources. The result of matchLabels and + * matchExpressions are ANDed. + * + * + * A nil or empty selector indicates that AzureCluster cannot use this + * AzureClusterIdentity from any namespace. */ selector?: { /** @@ -926,16 +1075,22 @@ export interface IAzureClusterIdentity { */ key: string; /** - * operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + * operator represents a key's relationship to a set of values. + * Valid operators are In, NotIn, Exists and DoesNotExist. */ operator: string; /** - * values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + * values is an array of string values. If the operator is In or NotIn, + * the values array must be non-empty. If the operator is Exists or DoesNotExist, + * the values array must be empty. This array is replaced during a strategic + * merge patch. */ values?: string[]; }[]; /** - * matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + * matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + * map is equivalent to an element of matchExpressions, whose key field is "key", the + * operator is "In", and the values array contains only "value". The requirements are ANDed. */ matchLabels?: { [k: string]: string; @@ -943,7 +1098,8 @@ export interface IAzureClusterIdentity { }; }; /** - * ClientID is the service principal client ID. Both User Assigned MSI and SP can use this field. + * ClientID is the service principal client ID. + * Both User Assigned MSI and SP can use this field. */ clientID: string; /** @@ -960,7 +1116,11 @@ export interface IAzureClusterIdentity { namespace?: string; }; /** - * ResourceID is the Azure resource ID for the User Assigned MSI resource. Only applicable when type is UserAssignedMSI. + * ResourceID is the Azure resource ID for the User Assigned MSI resource. + * Only applicable when type is UserAssignedMSI. + * + * + * Deprecated: This field no longer has any effect. */ resourceID?: string; /** @@ -968,7 +1128,8 @@ export interface IAzureClusterIdentity { */ tenantID: string; /** - * Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity. + * Type is the type of Azure Identity used. + * ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity. */ type: | 'ServicePrincipal' @@ -986,19 +1147,26 @@ export interface IAzureClusterIdentity { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -1006,7 +1174,9 @@ export interface IAzureClusterIdentity { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; @@ -1028,11 +1198,18 @@ export const AzureMachineTemplate = 'AzureMachineTemplate'; */ export interface IAzureMachineTemplate { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AzureMachineTemplate; metadata: metav1.IObjectMeta; @@ -1045,21 +1222,47 @@ export interface IAzureMachineTemplate { */ template: { /** - * ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. This is a copy of customizable fields from metav1.ObjectMeta. - * ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`, which are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases and read-only fields which end up in the generated CRD validation, having it as a subset simplifies the API and some issues that can impact user experience. - * During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) for v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs, specifically `spec.metadata.creationTimestamp in body must be of type string: "null"`. The investigation showed that `controller-tools@v2` behaves differently than its previous version when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package. - * In more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta` had validation properties, including for `creationTimestamp` (metav1.Time). The `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null` which breaks validation because the field isn't marked as nullable. - * In future versions, controller-tools@v2 might allow overriding the type and validation for embedded types. When that happens, this hack should be revisited. + * ObjectMeta is metadata that all persisted resources must have, which includes all objects + * users must create. This is a copy of customizable fields from metav1.ObjectMeta. + * + * + * ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`, + * which are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases + * and read-only fields which end up in the generated CRD validation, having it as a subset simplifies + * the API and some issues that can impact user experience. + * + * + * During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) + * for v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs, + * specifically `spec.metadata.creationTimestamp in body must be of type string: "null"`. + * The investigation showed that `controller-tools@v2` behaves differently than its previous version + * when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package. + * + * + * In more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta` + * had validation properties, including for `creationTimestamp` (metav1.Time). + * The `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null` + * which breaks validation because the field isn't marked as nullable. + * + * + * In future versions, controller-tools@v2 might allow overriding the type and validation for embedded + * types. When that happens, this hack should be revisited. */ metadata?: { /** - * Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations + * Annotations is an unstructured key value map stored with a resource that may be + * set by external tools to store and retrieve arbitrary metadata. They are not + * queryable and should be preserved when modifying objects. + * More info: http://kubernetes.io/docs/user-guide/annotations */ annotations?: { [k: string]: string; }; /** - * Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels + * Map of string keys and values that can be used to organize and categorize + * (scope and select) objects. May match selectors of replication controllers + * and services. + * More info: http://kubernetes.io/docs/user-guide/labels */ labels?: { [k: string]: string; @@ -1078,12 +1281,16 @@ export interface IAzureMachineTemplate { */ additionalCapabilities?: { /** - * UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. Defaults to true if Ultra SSD data disks are specified, otherwise it doesn't set the capability on the VM. + * UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. + * Defaults to true if Ultra SSD data disks are specified, + * otherwise it doesn't set the capability on the VM. */ ultraSSDEnabled?: boolean; }; /** - * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. + * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + * Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the + * AzureMachine's value takes precedence. */ additionalTags?: { [k: string]: string; @@ -1092,6 +1299,15 @@ export interface IAzureMachineTemplate { * AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true. */ allocatePublicIP?: boolean; + /** + * CapacityReservationGroupID specifies the capacity reservation group resource id that should be + * used for allocating the virtual machine. + * The field size should be greater than 0 and the field input must start with '/'. + * The input for capacityReservationGroupID must be similar to '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}'. + * The keys which are used should be among 'subscriptions', 'providers' and 'resourcegroups' followed by valid ID or names respectively. + * It is optional but may not be changed once set. + */ + capacityReservationGroupID?: string; /** * DataDisk specifies the parameters that are used to add one or more data disks to the machine */ @@ -1105,7 +1321,8 @@ export interface IAzureMachineTemplate { */ diskSizeGB: number; /** - * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. + * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. + * The value must be between 0 and 63. */ lun?: number; /** @@ -1126,7 +1343,9 @@ export interface IAzureMachineTemplate { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -1135,7 +1354,13 @@ export interface IAzureMachineTemplate { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: | 'VMGuestStateOnly' @@ -1144,20 +1369,26 @@ export interface IAzureMachineTemplate { storageAccountType?: string; }; /** - * NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. + * NameSuffix is the suffix to be appended to the machine name to generate the disk name. + * Each disk name will be in format _. */ nameSuffix: string; }[]; /** - * Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. + * Diagnostics specifies the diagnostics settings for a virtual machine. + * If not specified then Boot diagnostics (Managed) will be enabled. */ diagnostics?: { /** - * Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. + * Boot configures the boot diagnostics settings for the virtual machine. + * This allows to configure capturing serial output from the virtual machine on boot. + * This is useful for debugging software based launch issues. + * If not specified then Boot diagnostics (Managed) will be enabled. */ boot?: { /** - * StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). + * StorageAccountType determines if the storage account for storing the diagnostics data + * should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). */ storageAccountType: 'Managed' | 'UserManaged' | 'Disabled'; /** @@ -1165,30 +1396,50 @@ export interface IAzureMachineTemplate { */ userManaged?: { /** - * StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. + * StorageAccountURI is the URI of the user-managed storage account. + * The URI typically will be `https://.blob.core.windows.net/` + * but may differ if you are using Azure DNS zone endpoints. + * You can find the correct endpoint by looking for the Blob Primary Endpoint in the + * endpoints tab in the Azure console or with the CLI by issuing + * `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. */ storageAccountURI: string; }; }; }; + /** + * DisableExtensionOperations specifies whether extension operations should be disabled on the virtual machine. + * Use this setting only if VMExtensions are not supported by your image, as it disables CAPZ bootstrapping extension used for detecting Kubernetes bootstrap failure. + * This may only be set to True when no extensions are configured on the virtual machine. + */ + disableExtensionOperations?: boolean; /** * DNSServers adds a list of DNS Server IP addresses to the VM NICs. */ dnsServers?: string[]; /** - * EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled. + * EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine + * to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller + * manager). Default is false for disabled. */ enableIPForwarding?: boolean; /** - * FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone + * FailureDomain is the failure domain unique identifier this Machine should be attached to, + * as defined in Cluster API. This relates to an Azure Availability Zone */ failureDomain?: string; /** - * Identity is the type of identity used for the virtual machine. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM + * Identity is the type of identity used for the virtual machine. + * The type 'SystemAssigned' is an implicitly created identity. + * The generated identity will be assigned a Subscription contributor role. + * The type 'UserAssigned' is a standalone Azure resource provided by the user + * and assigned to the VM */ identity?: 'None' | 'SystemAssigned' | 'UserAssigned'; /** - * Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. + * Image is used to provide details of an image to use during VM creation. + * If image details are omitted the image will default the Azure Marketplace "capi" offer, + * which is based on Ubuntu. */ image?: { /** @@ -1208,7 +1459,8 @@ export interface IAzureMachineTemplate { */ plan?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -1216,7 +1468,8 @@ export interface IAzureMachineTemplate { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; }; @@ -1229,7 +1482,11 @@ export interface IAzureMachineTemplate { */ subscriptionID?: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; @@ -1242,7 +1499,8 @@ export interface IAzureMachineTemplate { */ marketplace?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -1250,20 +1508,27 @@ export interface IAzureMachineTemplate { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; /** - * ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. + * ThirdPartyImage indicates the image is published by a third party publisher and a Plan + * will be generated for it. */ thirdPartyImage?: boolean; /** - * Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of an image sku. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; /** - * SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead. + * SharedGallery specifies an image to use from an Azure Shared Image Gallery + * Deprecated: use ComputeGallery instead. */ sharedGallery?: { /** @@ -1275,11 +1540,16 @@ export interface IAzureMachineTemplate { */ name: string; /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ offer?: string; /** - * Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Publisher is the name of the organization that created the image. + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ publisher?: string; /** @@ -1287,7 +1557,10 @@ export interface IAzureMachineTemplate { */ resourceGroup: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ sku?: string; /** @@ -1295,21 +1568,31 @@ export interface IAzureMachineTemplate { */ subscriptionID: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; }; /** - * NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. + * NetworkInterfaces specifies a list of network interface configurations. + * If left unspecified, the VM will get a single network interface with a + * single IPConfig in the subnet specified in the cluster's node subnet field. + * The primary interface will be the first networkInterface specified (index 0) in the list. */ networkInterfaces?: { /** - * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. + * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on + * whether the requested VMSize supports accelerated networking. + * If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. */ acceleratedNetworking?: boolean; /** - * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. + * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. + * Defaults to 1 if not specified. */ privateIPConfigs?: number; /** @@ -1330,12 +1613,18 @@ export interface IAzureMachineTemplate { */ diffDiskSettings?: { /** - * Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details + * Option enables ephemeral OS when set to "Local" + * See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details */ option: 'Local'; + /** + * Placement specifies the ephemeral disk placement for operating system disk. If placement is specified, Option must be set to "Local". + */ + placement?: 'CacheDisk' | 'NvmeDisk' | 'ResourceDisk'; }; /** - * DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided + * DiskSizeGB is the size in GB to assign to the OS disk. + * Will have a default of 30GB if not provided */ diskSizeGB?: number; /** @@ -1356,7 +1645,9 @@ export interface IAzureMachineTemplate { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -1365,7 +1656,13 @@ export interface IAzureMachineTemplate { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: | 'VMGuestStateOnly' @@ -1388,11 +1685,15 @@ export interface IAzureMachineTemplate { */ securityProfile?: { /** - * This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. + * This field indicates whether Host Encryption should be enabled + * or disabled for a virtual machine or virtual machine scale set. + * This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. + * Default is disabled. */ encryptionAtHost?: boolean; /** - * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. + * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + * enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. */ securityType?: 'ConfidentialVM' | 'TrustedLaunch'; /** @@ -1400,11 +1701,17 @@ export interface IAzureMachineTemplate { */ uefiSettings?: { /** - * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. + * Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ secureBootEnabled?: boolean; /** - * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. + * When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. + * The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + * This is required to be set to Enabled if SecurityEncryptionType is defined. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ vTpmEnabled?: boolean; }; @@ -1423,7 +1730,8 @@ export interface IAzureMachineTemplate { maxPrice?: number | string; }; /** - * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. + * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. + * Refer to documentation on how to set up SSH access on Windows instances. */ sshPublicKey?: string; /** @@ -1435,24 +1743,31 @@ export interface IAzureMachineTemplate { */ systemAssignedIdentityRole?: { /** - * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles + * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. + * Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles */ definitionID?: string; /** - * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. + * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. + * If not specified, a random UUID will be generated. */ name?: string; /** - * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. + * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. + * If not specified, the scope will be the subscription. */ scope?: string; }; /** - * UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli + * UserAssignedIdentities is a list of standalone Azure identities provided by the user + * The lifecycle of a user-assigned identity is managed separately from the lifecycle of + * the AzureMachine. + * See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli */ userAssignedIdentities?: { /** - * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' + * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: + * 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' */ providerID: string; }[]; @@ -1506,11 +1821,18 @@ export const AzureMachine = 'AzureMachine'; */ export interface IAzureMachine { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AzureMachine; metadata: metav1.IObjectMeta; @@ -1527,12 +1849,16 @@ export interface IAzureMachine { */ additionalCapabilities?: { /** - * UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. Defaults to true if Ultra SSD data disks are specified, otherwise it doesn't set the capability on the VM. + * UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. + * Defaults to true if Ultra SSD data disks are specified, + * otherwise it doesn't set the capability on the VM. */ ultraSSDEnabled?: boolean; }; /** - * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. + * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + * Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the + * AzureMachine's value takes precedence. */ additionalTags?: { [k: string]: string; @@ -1541,6 +1867,15 @@ export interface IAzureMachine { * AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true. */ allocatePublicIP?: boolean; + /** + * CapacityReservationGroupID specifies the capacity reservation group resource id that should be + * used for allocating the virtual machine. + * The field size should be greater than 0 and the field input must start with '/'. + * The input for capacityReservationGroupID must be similar to '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}'. + * The keys which are used should be among 'subscriptions', 'providers' and 'resourcegroups' followed by valid ID or names respectively. + * It is optional but may not be changed once set. + */ + capacityReservationGroupID?: string; /** * DataDisk specifies the parameters that are used to add one or more data disks to the machine */ @@ -1554,7 +1889,8 @@ export interface IAzureMachine { */ diskSizeGB: number; /** - * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. + * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. + * The value must be between 0 and 63. */ lun?: number; /** @@ -1575,7 +1911,9 @@ export interface IAzureMachine { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -1584,27 +1922,39 @@ export interface IAzureMachine { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: 'VMGuestStateOnly' | 'DiskWithVMGuestState'; }; storageAccountType?: string; }; /** - * NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. + * NameSuffix is the suffix to be appended to the machine name to generate the disk name. + * Each disk name will be in format _. */ nameSuffix: string; }[]; /** - * Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. + * Diagnostics specifies the diagnostics settings for a virtual machine. + * If not specified then Boot diagnostics (Managed) will be enabled. */ diagnostics?: { /** - * Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. + * Boot configures the boot diagnostics settings for the virtual machine. + * This allows to configure capturing serial output from the virtual machine on boot. + * This is useful for debugging software based launch issues. + * If not specified then Boot diagnostics (Managed) will be enabled. */ boot?: { /** - * StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). + * StorageAccountType determines if the storage account for storing the diagnostics data + * should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). */ storageAccountType: 'Managed' | 'UserManaged' | 'Disabled'; /** @@ -1612,30 +1962,50 @@ export interface IAzureMachine { */ userManaged?: { /** - * StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. + * StorageAccountURI is the URI of the user-managed storage account. + * The URI typically will be `https://.blob.core.windows.net/` + * but may differ if you are using Azure DNS zone endpoints. + * You can find the correct endpoint by looking for the Blob Primary Endpoint in the + * endpoints tab in the Azure console or with the CLI by issuing + * `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. */ storageAccountURI: string; }; }; }; + /** + * DisableExtensionOperations specifies whether extension operations should be disabled on the virtual machine. + * Use this setting only if VMExtensions are not supported by your image, as it disables CAPZ bootstrapping extension used for detecting Kubernetes bootstrap failure. + * This may only be set to True when no extensions are configured on the virtual machine. + */ + disableExtensionOperations?: boolean; /** * DNSServers adds a list of DNS Server IP addresses to the VM NICs. */ dnsServers?: string[]; /** - * EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled. + * EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine + * to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller + * manager). Default is false for disabled. */ enableIPForwarding?: boolean; /** - * FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone + * FailureDomain is the failure domain unique identifier this Machine should be attached to, + * as defined in Cluster API. This relates to an Azure Availability Zone */ failureDomain?: string; /** - * Identity is the type of identity used for the virtual machine. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM + * Identity is the type of identity used for the virtual machine. + * The type 'SystemAssigned' is an implicitly created identity. + * The generated identity will be assigned a Subscription contributor role. + * The type 'UserAssigned' is a standalone Azure resource provided by the user + * and assigned to the VM */ identity?: 'None' | 'SystemAssigned' | 'UserAssigned'; /** - * Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. + * Image is used to provide details of an image to use during VM creation. + * If image details are omitted the image will default the Azure Marketplace "capi" offer, + * which is based on Ubuntu. */ image?: { /** @@ -1655,7 +2025,8 @@ export interface IAzureMachine { */ plan?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -1663,7 +2034,8 @@ export interface IAzureMachine { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; }; @@ -1676,7 +2048,11 @@ export interface IAzureMachine { */ subscriptionID?: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; @@ -1689,7 +2065,8 @@ export interface IAzureMachine { */ marketplace?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -1697,20 +2074,27 @@ export interface IAzureMachine { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; /** - * ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. + * ThirdPartyImage indicates the image is published by a third party publisher and a Plan + * will be generated for it. */ thirdPartyImage?: boolean; /** - * Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of an image sku. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; /** - * SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead. + * SharedGallery specifies an image to use from an Azure Shared Image Gallery + * Deprecated: use ComputeGallery instead. */ sharedGallery?: { /** @@ -1722,11 +2106,16 @@ export interface IAzureMachine { */ name: string; /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ offer?: string; /** - * Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Publisher is the name of the organization that created the image. + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ publisher?: string; /** @@ -1734,7 +2123,10 @@ export interface IAzureMachine { */ resourceGroup: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ sku?: string; /** @@ -1742,21 +2134,31 @@ export interface IAzureMachine { */ subscriptionID: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; }; /** - * NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. + * NetworkInterfaces specifies a list of network interface configurations. + * If left unspecified, the VM will get a single network interface with a + * single IPConfig in the subnet specified in the cluster's node subnet field. + * The primary interface will be the first networkInterface specified (index 0) in the list. */ networkInterfaces?: { /** - * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. + * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on + * whether the requested VMSize supports accelerated networking. + * If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. */ acceleratedNetworking?: boolean; /** - * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. + * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. + * Defaults to 1 if not specified. */ privateIPConfigs?: number; /** @@ -1777,12 +2179,18 @@ export interface IAzureMachine { */ diffDiskSettings?: { /** - * Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details + * Option enables ephemeral OS when set to "Local" + * See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details */ option: 'Local'; + /** + * Placement specifies the ephemeral disk placement for operating system disk. If placement is specified, Option must be set to "Local". + */ + placement?: 'CacheDisk' | 'NvmeDisk' | 'ResourceDisk'; }; /** - * DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided + * DiskSizeGB is the size in GB to assign to the OS disk. + * Will have a default of 30GB if not provided */ diskSizeGB?: number; /** @@ -1803,7 +2211,9 @@ export interface IAzureMachine { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -1812,7 +2222,13 @@ export interface IAzureMachine { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: 'VMGuestStateOnly' | 'DiskWithVMGuestState'; }; @@ -1833,11 +2249,15 @@ export interface IAzureMachine { */ securityProfile?: { /** - * This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. + * This field indicates whether Host Encryption should be enabled + * or disabled for a virtual machine or virtual machine scale set. + * This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. + * Default is disabled. */ encryptionAtHost?: boolean; /** - * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. + * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + * enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. */ securityType?: 'ConfidentialVM' | 'TrustedLaunch'; /** @@ -1845,11 +2265,17 @@ export interface IAzureMachine { */ uefiSettings?: { /** - * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. + * Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ secureBootEnabled?: boolean; /** - * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. + * When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. + * The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + * This is required to be set to Enabled if SecurityEncryptionType is defined. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ vTpmEnabled?: boolean; }; @@ -1868,7 +2294,8 @@ export interface IAzureMachine { maxPrice?: number | string; }; /** - * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. + * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. + * Refer to documentation on how to set up SSH access on Windows instances. */ sshPublicKey?: string; /** @@ -1880,24 +2307,31 @@ export interface IAzureMachine { */ systemAssignedIdentityRole?: { /** - * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles + * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. + * Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles */ definitionID?: string; /** - * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. + * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. + * If not specified, a random UUID will be generated. */ name?: string; /** - * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. + * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. + * If not specified, the scope will be the subscription. */ scope?: string; }; /** - * UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli + * UserAssignedIdentities is a list of standalone Azure identities provided by the user + * The lifecycle of a user-assigned identity is managed separately from the lifecycle of + * the AzureMachine. + * See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli */ userAssignedIdentities?: { /** - * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' + * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: + * 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' */ providerID: string; }[]; @@ -1954,19 +2388,26 @@ export interface IAzureMachine { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -1974,24 +2415,57 @@ export interface IAzureMachine { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; /** - * ErrorMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. + * ErrorMessage will be set in the event that there is a terminal problem + * reconciling the Machine and will contain a more verbose string suitable + * for logging and human consumption. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the Machine's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of Machines + * can be added as events to the Machine object and/or logged in the + * controller's output. */ failureMessage?: string; /** - * ErrorReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. + * ErrorReason will be set in the event that there is a terminal problem + * reconciling the Machine and will contain a succinct value suitable + * for machine interpretation. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the Machine's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of Machines + * can be added as events to the Machine object and/or logged in the + * controller's output. */ failureReason?: string; /** - * LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. + * LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the + * next reconciliation loop. */ longRunningOperationStates?: { /** @@ -1999,7 +2473,8 @@ export interface IAzureMachine { */ data: string; /** - * Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. + * Name is the name of the Azure resource. + * Together with the service name, this forms the unique identifier for the future. */ name: string; /** @@ -2007,7 +2482,8 @@ export interface IAzureMachine { */ resourceGroup?: string; /** - * ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. + * ServiceName is the name of the Azure service. + * Together with the name of the resource, this forms the unique identifier for the future. */ serviceName: string; /** @@ -2040,11 +2516,18 @@ export const AzureMachinePool = 'AzureMachinePool'; */ export interface IAzureMachinePool { /** - * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + * APIVersion defines the versioned schema of this representation of an object. + * Servers should convert recognized schemas to the latest internal value, and + * may reject unrecognized values. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1'; /** - * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + * Kind is a string value representing the REST resource this object represents. + * Servers may infer this from the endpoint the client submits requests to. + * Cannot be updated. + * In CamelCase. + * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: typeof AzureMachinePool; metadata: metav1.IObjectMeta; @@ -2053,33 +2536,41 @@ export interface IAzureMachinePool { */ spec?: { /** - * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. + * AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the + * Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the + * AzureMachine's value takes precedence. */ additionalTags?: { [k: string]: string; }; /** - * Identity is the type of identity used for the Virtual Machine Scale Set. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM + * Identity is the type of identity used for the Virtual Machine Scale Set. + * The type 'SystemAssigned' is an implicitly created identity. + * The generated identity will be assigned a Subscription contributor role. + * The type 'UserAssigned' is a standalone Azure resource provided by the user + * and assigned to the VM */ identity?: 'None' | 'SystemAssigned' | 'UserAssigned'; /** * Location is the Azure region location e.g. westus2 */ location: string; - /** - * NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` - */ - nodeDrainTimeout?: string; /** * OrchestrationMode specifies the orchestration mode for the Virtual Machine Scale Set */ orchestrationMode?: 'Flexible' | 'Uniform'; + /** + * PlatformFaultDomainCount specifies the number of fault domains that the Virtual Machine Scale Set can use. + * The count determines the spreading algorithm of the Azure fault domain. + */ + platformFaultDomainCount?: number; /** * ProviderID is the identification ID of the Virtual Machine Scale Set */ providerID?: string; /** - * ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + * ProviderIDList are the identification IDs of machine instances provided by the provider. + * This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. */ providerIDList?: string[]; /** @@ -2091,19 +2582,45 @@ export interface IAzureMachinePool { */ strategy?: { /** - * Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + * Rolling update config params. Present only if + * MachineDeploymentStrategyType = RollingUpdate. */ rollingUpdate?: { /** - * DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default is Oldest + * DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. + * Valid values are "Random, "Newest", "Oldest" + * When no value is supplied, the default is Oldest */ deletePolicy?: 'Random' | 'Newest' | 'Oldest'; /** - * The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines. + * The maximum number of machines that can be scheduled above the + * desired number of machines. + * Value can be an absolute number (ex: 5) or a percentage of + * desired machines (ex: 10%). + * This can not be 0 if MaxUnavailable is 0. + * Absolute number is calculated from percentage by rounding up. + * Defaults to 1. + * Example: when this is set to 30%, the new MachineSet can be scaled + * up immediately when the rolling update starts, such that the total + * number of old and new machines do not exceed 130% of desired + * machines. Once old machines have been killed, new MachineSet can + * be scaled up further, ensuring that total number of machines running + * at any time during the update is at most 130% of desired machines. */ maxSurge?: number | string; /** - * The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines. + * The maximum number of machines that can be unavailable during the update. + * Value can be an absolute number (ex: 5) or a percentage of desired + * machines (ex: 10%). + * Absolute number is calculated from percentage by rounding down. + * This can not be 0 if MaxSurge is 0. + * Defaults to 0. + * Example: when this is set to 30%, the old MachineSet can be scaled + * down to 70% of desired machines immediately when the rolling update + * starts. Once new machines are ready, old MachineSet can be scaled + * down further, followed by scaling up the new MachineSet, ensuring + * that the total number of machines available at all times + * during the update is at least 70% of desired machines. */ maxUnavailable?: number | string; }; @@ -2117,15 +2634,18 @@ export interface IAzureMachinePool { */ systemAssignedIdentityRole?: { /** - * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles + * DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. + * Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles */ definitionID?: string; /** - * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. + * Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. + * If not specified, a random UUID will be generated. */ name?: string; /** - * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. + * Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. + * If not specified, the scope will be the subscription. */ scope?: string; }; @@ -2150,7 +2670,8 @@ export interface IAzureMachinePool { */ diskSizeGB: number; /** - * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. + * Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. + * The value must be between 0 and 63. */ lun?: number; /** @@ -2171,7 +2692,9 @@ export interface IAzureMachinePool { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -2180,7 +2703,13 @@ export interface IAzureMachinePool { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: | 'VMGuestStateOnly' @@ -2189,20 +2718,26 @@ export interface IAzureMachinePool { storageAccountType?: string; }; /** - * NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. + * NameSuffix is the suffix to be appended to the machine name to generate the disk name. + * Each disk name will be in format _. */ nameSuffix: string; }[]; /** - * Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. + * Diagnostics specifies the diagnostics settings for a virtual machine. + * If not specified then Boot diagnostics (Managed) will be enabled. */ diagnostics?: { /** - * Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. + * Boot configures the boot diagnostics settings for the virtual machine. + * This allows to configure capturing serial output from the virtual machine on boot. + * This is useful for debugging software based launch issues. + * If not specified then Boot diagnostics (Managed) will be enabled. */ boot?: { /** - * StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). + * StorageAccountType determines if the storage account for storing the diagnostics data + * should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). */ storageAccountType: 'Managed' | 'UserManaged' | 'Disabled'; /** @@ -2210,14 +2745,21 @@ export interface IAzureMachinePool { */ userManaged?: { /** - * StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. + * StorageAccountURI is the URI of the user-managed storage account. + * The URI typically will be `https://.blob.core.windows.net/` + * but may differ if you are using Azure DNS zone endpoints. + * You can find the correct endpoint by looking for the Blob Primary Endpoint in the + * endpoints tab in the Azure console or with the CLI by issuing + * `az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'`. */ storageAccountURI: string; }; }; }; /** - * Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. + * Image is used to provide details of an image to use during VM creation. + * If image details are omitted the image will default the Azure Marketplace "capi" offer, + * which is based on Ubuntu. */ image?: { /** @@ -2237,7 +2779,8 @@ export interface IAzureMachinePool { */ plan?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -2245,7 +2788,8 @@ export interface IAzureMachinePool { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; }; @@ -2258,7 +2802,11 @@ export interface IAzureMachinePool { */ subscriptionID?: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; @@ -2271,7 +2819,8 @@ export interface IAzureMachinePool { */ marketplace?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -2279,20 +2828,27 @@ export interface IAzureMachinePool { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; /** - * ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. + * ThirdPartyImage indicates the image is published by a third party publisher and a Plan + * will be generated for it. */ thirdPartyImage?: boolean; /** - * Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of an image sku. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; /** - * SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead. + * SharedGallery specifies an image to use from an Azure Shared Image Gallery + * Deprecated: use ComputeGallery instead. */ sharedGallery?: { /** @@ -2304,11 +2860,16 @@ export interface IAzureMachinePool { */ name: string; /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ offer?: string; /** - * Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Publisher is the name of the organization that created the image. + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ publisher?: string; /** @@ -2316,7 +2877,10 @@ export interface IAzureMachinePool { */ resourceGroup: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ sku?: string; /** @@ -2324,21 +2888,31 @@ export interface IAzureMachinePool { */ subscriptionID: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; }; /** - * NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. + * NetworkInterfaces specifies a list of network interface configurations. + * If left unspecified, the VM will get a single network interface with a + * single IPConfig in the subnet specified in the cluster's node subnet field. + * The primary interface will be the first networkInterface specified (index 0) in the list. */ networkInterfaces?: { /** - * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. + * AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on + * whether the requested VMSize supports accelerated networking. + * If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. */ acceleratedNetworking?: boolean; /** - * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. + * PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. + * Defaults to 1 if not specified. */ privateIPConfigs?: number; /** @@ -2359,12 +2933,18 @@ export interface IAzureMachinePool { */ diffDiskSettings?: { /** - * Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details + * Option enables ephemeral OS when set to "Local" + * See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details */ option: 'Local'; + /** + * Placement specifies the ephemeral disk placement for operating system disk. If placement is specified, Option must be set to "Local". + */ + placement?: 'CacheDisk' | 'NvmeDisk' | 'ResourceDisk'; }; /** - * DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided + * DiskSizeGB is the size in GB to assign to the OS disk. + * Will have a default of 30GB if not provided */ diskSizeGB?: number; /** @@ -2385,7 +2965,9 @@ export interface IAzureMachinePool { */ securityProfile?: { /** - * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. + * DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the + * managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and + * VMGuest blob. */ diskEncryptionSet?: { /** @@ -2394,7 +2976,13 @@ export interface IAzureMachinePool { id?: string; }; /** - * SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. + * SecurityEncryptionType specifies the encryption type of the managed disk. + * It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState + * blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. + * When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. + * When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and + * VirtualizedTrustedPlatformModule should be set to Enabled. + * It can be set only for Confidential VMs. */ securityEncryptionType?: | 'VMGuestStateOnly' @@ -2409,11 +2997,15 @@ export interface IAzureMachinePool { */ securityProfile?: { /** - * This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. + * This field indicates whether Host Encryption should be enabled + * or disabled for a virtual machine or virtual machine scale set. + * This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. + * Default is disabled. */ encryptionAtHost?: boolean; /** - * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. + * SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to + * enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set. */ securityType?: 'ConfidentialVM' | 'TrustedLaunch'; /** @@ -2421,11 +3013,17 @@ export interface IAzureMachinePool { */ uefiSettings?: { /** - * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. + * Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ secureBootEnabled?: boolean; /** - * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + * VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. + * When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. + * The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. + * This is required to be set to Enabled if SecurityEncryptionType is defined. + * If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. */ vTpmEnabled?: boolean; }; @@ -2444,7 +3042,8 @@ export interface IAzureMachinePool { maxPrice?: number | string; }; /** - * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. + * SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. + * Refer to documentation on how to set up SSH access on Windows instances. */ sshPublicKey?: string; /** @@ -2452,7 +3051,8 @@ export interface IAzureMachinePool { */ subnetName?: string; /** - * TerminateNotificationTimeout enables or disables VMSS scheduled events termination notification with specified timeout allowed values are between 5 and 15 (mins) + * TerminateNotificationTimeout enables or disables VMSS scheduled events termination notification with specified timeout + * allowed values are between 5 and 15 (mins) */ terminateNotificationTimeout?: number; /** @@ -2485,19 +3085,28 @@ export interface IAzureMachinePool { version: string; }[]; /** - * VMSize is the size of the Virtual Machine to build. See https://learn.microsoft.com/rest/api/compute/virtualmachines/createorupdate#virtualmachinesizetypes + * VMSize is the size of the Virtual Machine to build. + * See https://learn.microsoft.com/rest/api/compute/virtualmachines/createorupdate#virtualmachinesizetypes */ vmSize: string; }; /** - * UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachinePool. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli + * UserAssignedIdentities is a list of standalone Azure identities provided by the user + * The lifecycle of a user-assigned identity is managed separately from the lifecycle of + * the AzureMachinePool. + * See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli */ userAssignedIdentities?: { /** - * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' + * ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: + * 'azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}' */ providerID: string; }[]; + /** + * ZoneBalane dictates whether to force strictly even Virtual Machine distribution cross x-zones in case there is zone outage. + */ + zoneBalance?: boolean; }; /** * AzureMachinePoolStatus defines the observed state of AzureMachinePool. @@ -2508,19 +3117,26 @@ export interface IAzureMachinePool { */ conditions?: { /** - * Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + * Last time the condition transitioned from one status to another. + * This should be when the underlying condition changed. If that is not known, then using the time when + * the API field changed is acceptable. */ lastTransitionTime: string; /** - * A human readable message indicating details about the transition. This field may be empty. + * A human readable message indicating details about the transition. + * This field may be empty. */ message?: string; /** - * The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + * The reason for the condition's last transition in CamelCase. + * The specific API may choose whether or not this field is considered a guaranteed API. + * This field may not be empty. */ reason?: string; /** - * Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + * Severity provides an explicit classification of Reason code, so the users or machines can immediately + * understand the current situation and act accordingly. + * The Severity field MUST be set only when Status=False. */ severity?: string; /** @@ -2528,24 +3144,57 @@ export interface IAzureMachinePool { */ status: string; /** - * Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + * Type of condition in CamelCase or in foo.example.com/CamelCase. + * Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + * can be useful (see .node.status.conditions), the ability to deconflict is important. */ type: string; }[]; /** - * FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output. + * FailureMessage will be set in the event that there is a terminal problem + * reconciling the MachinePool and will contain a more verbose string suitable + * for logging and human consumption. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the MachinePool's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of MachinePools + * can be added as events to the MachinePool object and/or logged in the + * controller's output. */ failureMessage?: string; /** - * FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a succinct value suitable for machine interpretation. - * This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. - * Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output. + * FailureReason will be set in the event that there is a terminal problem + * reconciling the MachinePool and will contain a succinct value suitable + * for machine interpretation. + * + * + * This field should not be set for transitive errors that a controller + * faces that are expected to be fixed automatically over + * time (like service outages), but instead indicate that something is + * fundamentally wrong with the MachinePool's spec or the configuration of + * the controller, and that manual intervention is required. Examples + * of terminal errors would be invalid combinations of settings in the + * spec, values that are unsupported by the controller, or the + * responsible controller itself being critically misconfigured. + * + * + * Any transient errors that occur during the reconciliation of MachinePools + * can be added as events to the MachinePool object and/or logged in the + * controller's output. */ failureReason?: string; /** - * Image is the current image used in the AzureMachinePool. When the spec image is nil, this image is populated with the details of the defaulted Azure Marketplace "capi" offer. + * Image is the current image used in the AzureMachinePool. When the spec image is nil, this image is populated + * with the details of the defaulted Azure Marketplace "capi" offer. */ image?: { /** @@ -2565,7 +3214,8 @@ export interface IAzureMachinePool { */ plan?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -2573,7 +3223,8 @@ export interface IAzureMachinePool { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; }; @@ -2586,7 +3237,11 @@ export interface IAzureMachinePool { */ subscriptionID?: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; @@ -2599,7 +3254,8 @@ export interface IAzureMachinePool { */ marketplace?: { /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer */ offer: string; /** @@ -2607,20 +3263,27 @@ export interface IAzureMachinePool { */ publisher: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter */ sku: string; /** - * ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. + * ThirdPartyImage indicates the image is published by a third party publisher and a Plan + * will be generated for it. */ thirdPartyImage?: boolean; /** - * Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of an image sku. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; /** - * SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead. + * SharedGallery specifies an image to use from an Azure Shared Image Gallery + * Deprecated: use ComputeGallery instead. */ sharedGallery?: { /** @@ -2632,11 +3295,16 @@ export interface IAzureMachinePool { */ name: string; /** - * Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Offer specifies the name of a group of related images created by the publisher. + * For example, UbuntuServer, WindowsServer + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ offer?: string; /** - * Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * Publisher is the name of the organization that created the image. + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ publisher?: string; /** @@ -2644,7 +3312,10 @@ export interface IAzureMachinePool { */ resourceGroup: string; /** - * SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. + * SKU specifies an instance of an offer, such as a major release of a distribution. + * For example, 18.04-LTS, 2019-Datacenter + * This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. + * This is needed when the source image from which this SIG image was built requires the `Plan` to be used. */ sku?: string; /** @@ -2652,11 +3323,19 @@ export interface IAzureMachinePool { */ subscriptionID: string; /** - * Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. + * Version specifies the version of the marketplace image. The allowed formats + * are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. + * Specify 'latest' to use the latest version of an image available at deploy time. + * Even if you use 'latest', the VM image will not automatically update after deploy + * time even if a new version becomes available. */ version: string; }; }; + /** + * InfrastructureMachineKind is the kind of the infrastructure resources behind MachinePool Machines. + */ + infrastructureMachineKind?: string; /** * Instances is the VM instance status for each VM in the VMSS */ @@ -2670,7 +3349,9 @@ export interface IAzureMachinePool { */ instanceName?: string; /** - * LatestModelApplied indicates the instance is running the most up-to-date VMSS model. A VMSS model describes the image version the VM is running. If the instance is not running the latest model, it means the instance may not be running the version of Kubernetes the Machine Pool has specified and needs to be updated. + * LatestModelApplied indicates the instance is running the most up-to-date VMSS model. A VMSS model describes + * the image version the VM is running. If the instance is not running the latest model, it means the instance + * may not be running the version of Kubernetes the Machine Pool has specified and needs to be updated. */ latestModelApplied: boolean; /** @@ -2687,7 +3368,8 @@ export interface IAzureMachinePool { version?: string; }[]; /** - * LongRunningOperationStates saves the state for Azure long-running operations so they can be continued on the next reconciliation loop. + * LongRunningOperationStates saves the state for Azure long-running operations so they can be continued on the + * next reconciliation loop. */ longRunningOperationStates?: { /** @@ -2695,7 +3377,8 @@ export interface IAzureMachinePool { */ data: string; /** - * Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. + * Name is the name of the Azure resource. + * Together with the service name, this forms the unique identifier for the future. */ name: string; /** @@ -2703,7 +3386,8 @@ export interface IAzureMachinePool { */ resourceGroup?: string; /** - * ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. + * ServiceName is the name of the Azure service. + * Together with the name of the resource, this forms the unique identifier for the future. */ serviceName: string; /** diff --git a/test/mockHttpCalls/capav1beta1/awsClusterRoleIdentities.ts b/test/mockHttpCalls/capav1beta2/awsClusterRoleIdentities.ts similarity index 70% rename from test/mockHttpCalls/capav1beta1/awsClusterRoleIdentities.ts rename to test/mockHttpCalls/capav1beta2/awsClusterRoleIdentities.ts index b36b9e1459..c9675694fc 100644 --- a/test/mockHttpCalls/capav1beta1/awsClusterRoleIdentities.ts +++ b/test/mockHttpCalls/capav1beta2/awsClusterRoleIdentities.ts @@ -1,8 +1,8 @@ -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; -export const defaultAWSClusterRoleIdentity: capav1beta1.IAWSClusterRoleIdentity = +export const defaultAWSClusterRoleIdentity: capav1beta2.IAWSClusterRoleIdentity = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSClusterRoleIdentity', metadata: { creationTimestamp: '2022-09-29T09:14:00Z', diff --git a/test/mockHttpCalls/capav1beta1/awsClusters.ts b/test/mockHttpCalls/capav1beta2/awsClusters.ts similarity index 92% rename from test/mockHttpCalls/capav1beta1/awsClusters.ts rename to test/mockHttpCalls/capav1beta2/awsClusters.ts index eb06c86d83..e084b62f7e 100644 --- a/test/mockHttpCalls/capav1beta1/awsClusters.ts +++ b/test/mockHttpCalls/capav1beta2/awsClusters.ts @@ -1,7 +1,7 @@ -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; -export const randomAWSCluster1: capav1beta1.IAWSCluster = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', +export const randomAWSCluster1: capav1beta2.IAWSCluster = { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSCluster', metadata: { annotations: { @@ -74,8 +74,8 @@ export const randomAWSCluster1: capav1beta1.IAWSCluster = { }, }; -export const randomAWSCluster2: capav1beta1.IAWSCluster = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', +export const randomAWSCluster2: capav1beta2.IAWSCluster = { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSCluster', metadata: { annotations: { diff --git a/test/mockHttpCalls/capav1beta1/awsMachinePools.ts b/test/mockHttpCalls/capav1beta2/awsMachinePools.ts similarity index 95% rename from test/mockHttpCalls/capav1beta1/awsMachinePools.ts rename to test/mockHttpCalls/capav1beta2/awsMachinePools.ts index 0e8688cedf..0aad6a144f 100644 --- a/test/mockHttpCalls/capav1beta1/awsMachinePools.ts +++ b/test/mockHttpCalls/capav1beta2/awsMachinePools.ts @@ -1,7 +1,7 @@ -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; -export const randomClusterCAPA1AWSMachinePool: capav1beta1.IAWSMachinePool = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', +export const randomClusterCAPA1AWSMachinePool: capav1beta2.IAWSMachinePool = { + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSMachinePool', metadata: { annotations: { @@ -109,9 +109,9 @@ export const randomClusterCAPA1AWSMachinePool: capav1beta1.IAWSMachinePool = { }, }; -export const randomClusterCAPA1AWSMachinePoolSpot: capav1beta1.IAWSMachinePool = +export const randomClusterCAPA1AWSMachinePoolSpot: capav1beta2.IAWSMachinePool = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSMachinePool', metadata: { annotations: { diff --git a/test/mockHttpCalls/capav1beta1/awsMachineTemplates.ts b/test/mockHttpCalls/capav1beta2/awsMachineTemplates.ts similarity index 93% rename from test/mockHttpCalls/capav1beta1/awsMachineTemplates.ts rename to test/mockHttpCalls/capav1beta2/awsMachineTemplates.ts index 878e174526..62c4ea63e2 100644 --- a/test/mockHttpCalls/capav1beta1/awsMachineTemplates.ts +++ b/test/mockHttpCalls/capav1beta2/awsMachineTemplates.ts @@ -1,16 +1,16 @@ -import * as capav1beta1 from 'model/services/mapi/capav1beta1'; +import * as capav1beta2 from 'model/services/mapi/capav1beta2'; // AWSMachineTemplateList for randomClusterCAPA1's control plane -export const randomClusterCAPA1AWSMachineTemplateList: capav1beta1.IAWSMachineTemplateList = +export const randomClusterCAPA1AWSMachineTemplateList: capav1beta2.IAWSMachineTemplateList = { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSMachineTemplateList', metadata: { resourceVersion: '16032957', }, items: [ { - apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta1', + apiVersion: 'infrastructure.cluster.x-k8s.io/v1beta2', kind: 'AWSMachineTemplate', metadata: { annotations: { diff --git a/test/mockHttpCalls/capav1beta1/index.ts b/test/mockHttpCalls/capav1beta2/index.ts similarity index 100% rename from test/mockHttpCalls/capav1beta1/index.ts rename to test/mockHttpCalls/capav1beta2/index.ts