From f9874fcd72904b2a9114775ff61312c7a2f61ce9 Mon Sep 17 00:00:00 2001 From: Sandhya Dasu Date: Tue, 24 Mar 2026 01:29:25 -0400 Subject: [PATCH] Remove GCPClusterHostedDNSInstall featuregate GCPClusterHostedDNSInstall has been promoted to a default install. So, removed the featuregate and its predecessor GCPClusterHostedDNS. --- .../GCPClusterHostedDNS.yaml | 2 - .../GCPClusterHostedDNSInstall.yaml | 2 - config/v1/types_infrastructure.go | 1 - ..._generated.featuregated-crd-manifests.yaml | 1 - .../AAA_ungated.yaml | 104 + .../AWSClusterHostedDNSInstall.yaml | 104 + .../AWSDualStackInstall.yaml | 104 + .../AzureClusterHostedDNSInstall.yaml | 104 + .../AzureDualStackInstall.yaml | 104 + .../DualReplica.yaml | 104 + .../DyanmicServiceEndpointIBMCloud.yaml | 104 + .../GCPClusterHostedDNSInstall.yaml | 2320 ------------- .../HighlyAvailableArbiter+DualReplica.yaml | 104 + .../HighlyAvailableArbiter.yaml | 104 + .../NutanixMultiSubnets.yaml | 104 + .../OnPremDNSRecords.yaml | 104 + .../VSphereHostVMGroupZonal.yaml | 104 + .../VSphereMultiNetworks.yaml | 104 + features.md | 2 - features/features.go | 28 +- .../GCPClusterHostedDNS.yaml | 2 - .../GCPClusterHostedDNSInstall.yaml | 4 +- ..._generated.featuregated-crd-manifests.yaml | 1 - .../AAA_ungated.yaml | 104 + .../AWSClusterHostedDNSInstall.yaml | 104 + .../AWSDualStackInstall.yaml | 104 + .../AzureClusterHostedDNSInstall.yaml | 104 + .../AzureDualStackInstall.yaml | 104 + .../DualReplica.yaml | 104 + .../DyanmicServiceEndpointIBMCloud.yaml | 104 + .../GCPClusterHostedDNSInstall.yaml | 2865 ----------------- .../HighlyAvailableArbiter+DualReplica.yaml | 104 + .../HighlyAvailableArbiter.yaml | 104 + .../NutanixMultiSubnets.yaml | 104 + .../OnPremDNSRecords.yaml | 104 + .../VSphereHostVMGroupZonal.yaml | 104 + .../VSphereMultiNetworks.yaml | 104 + openapi/openapi.json | 778 +---- .../featureGate-4-10-Hypershift-Default.yaml | 6 - ...e-4-10-Hypershift-DevPreviewNoUpgrade.yaml | 6 - .../featureGate-4-10-Hypershift-OKD.yaml | 6 - ...-4-10-Hypershift-TechPreviewNoUpgrade.yaml | 6 - ...eatureGate-4-10-SelfManagedHA-Default.yaml | 6 - ...-10-SelfManagedHA-DevPreviewNoUpgrade.yaml | 6 - .../featureGate-4-10-SelfManagedHA-OKD.yaml | 6 - ...10-SelfManagedHA-TechPreviewNoUpgrade.yaml | 6 - 46 files changed, 2728 insertions(+), 6030 deletions(-) delete mode 100644 config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml delete mode 100644 machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml diff --git a/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNS.yaml b/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNS.yaml index 0397f0b0c92..9455e66c09e 100644 --- a/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNS.yaml +++ b/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNS.yaml @@ -1,8 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "Infrastructure" crdName: infrastructures.config.openshift.io -featureGates: -- GCPClusterHostedDNSInstall tests: onCreate: - name: Should be able to create a minimal Infrastructure diff --git a/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml b/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml index 0397f0b0c92..9455e66c09e 100644 --- a/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml +++ b/config/v1/tests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml @@ -1,8 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "Infrastructure" crdName: infrastructures.config.openshift.io -featureGates: -- GCPClusterHostedDNSInstall tests: onCreate: - name: Should be able to create a minimal Infrastructure diff --git a/config/v1/types_infrastructure.go b/config/v1/types_infrastructure.go index 369ba1e7a00..19df177a68b 100644 --- a/config/v1/types_infrastructure.go +++ b/config/v1/types_infrastructure.go @@ -787,7 +787,6 @@ type GCPPlatformStatus struct { // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} - // +openshift:enable:FeatureGate=GCPClusterHostedDNSInstall // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` diff --git a/config/v1/zz_generated.featuregated-crd-manifests.yaml b/config/v1/zz_generated.featuregated-crd-manifests.yaml index 4b768c3898d..b88667c1344 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -372,7 +372,6 @@ infrastructures.config.openshift.io: - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - HighlyAvailableArbiter - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AAA_ungated.yaml index 7ce516e3d84..70f66d71557 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AAA_ungated.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AAA_ungated.yaml @@ -1481,6 +1481,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSClusterHostedDNSInstall.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSClusterHostedDNSInstall.yaml index 355975c0330..49271c41c9d 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSClusterHostedDNSInstall.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSClusterHostedDNSInstall.yaml @@ -1579,6 +1579,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSDualStackInstall.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSDualStackInstall.yaml index 61dab7f7001..b9dc0f4d79d 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSDualStackInstall.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSDualStackInstall.yaml @@ -1490,6 +1490,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml index 8604ac29fac..6606ab444ad 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml @@ -1578,6 +1578,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureDualStackInstall.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureDualStackInstall.yaml index e355b0d17cf..99997a5ff1e 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureDualStackInstall.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AzureDualStackInstall.yaml @@ -1490,6 +1490,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DualReplica.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DualReplica.yaml index d2aa200edf6..1dfbce12fbb 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DualReplica.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DualReplica.yaml @@ -1480,6 +1480,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DyanmicServiceEndpointIBMCloud.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DyanmicServiceEndpointIBMCloud.yaml index de44fd84aa2..04984cc7583 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DyanmicServiceEndpointIBMCloud.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/DyanmicServiceEndpointIBMCloud.yaml @@ -1537,6 +1537,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml deleted file mode 100644 index 950fdcabc63..00000000000 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/GCPClusterHostedDNSInstall.yaml +++ /dev/null @@ -1,2320 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/filename-cvo-runlevel: "0000_10" - api.openshift.io/filename-operator: config-operator - api.openshift.io/filename-ordering: "01" - feature-gate.release.openshift.io/GCPClusterHostedDNSInstall: "true" - release.openshift.io/bootstrap-required: "true" - name: infrastructures.config.openshift.io -spec: - group: config.openshift.io - names: - kind: Infrastructure - listKind: InfrastructureList - plural: infrastructures - singular: infrastructure - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` - - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - properties: - cloudConfig: - description: |- - cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. - This configuration file is used to configure the Kubernetes cloud provider integration - when using the built-in cloud provider integration or the external cloud controller manager. - The namespace for this config map is openshift-config. - - cloudConfig should only be consumed by the kube_cloud_config controller. - The controller is responsible for using the user configuration in the spec - for various platforms and combining that with the user provided ConfigMap in this field - to create a stitched kube cloud config. - The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace - with the kube cloud config is stored in `cloud.conf` key. - All the clients are expected to use the generated ConfigMap only. - properties: - key: - description: key allows pointing to a specific key/value inside - of the configmap. This is useful for logical file references. - type: string - name: - type: string - type: object - platformSpec: - description: |- - platformSpec holds desired information specific to the underlying - infrastructure provider. - properties: - alibabaCloud: - description: alibabaCloud contains settings specific to the Alibaba - Cloud infrastructure provider. - type: object - aws: - description: aws contains settings specific to the Amazon Web - Services infrastructure provider. - properties: - serviceEndpoints: - description: |- - serviceEndpoints list contains custom endpoints which will override default - service endpoint of AWS Services. - There must be only one ServiceEndpoint for a service. - items: - description: |- - AWSServiceEndpoint store the configuration of a custom url to - override existing defaults of AWS Services. - properties: - name: - description: |- - name is the name of the AWS service. - The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - pattern: ^https:// - type: string - type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: azure contains settings specific to the Azure infrastructure - provider. - type: object - baremetal: - description: baremetal contains settings specific to the BareMetal - platform. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - equinixMetal: - description: equinixMetal contains settings specific to the Equinix - Metal infrastructure provider. - type: object - external: - description: |- - ExternalPlatformType represents generic infrastructure provider. - Platform-specific components should be supplemented separately. - properties: - platformName: - default: Unknown - description: |- - platformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. - This field is solely for informational and reporting purposes and is not expected to be used for decision-making. - type: string - x-kubernetes-validations: - - message: platform name cannot be changed once set - rule: oldSelf == 'Unknown' || self == oldSelf - type: object - gcp: - description: gcp contains settings specific to the Google Cloud - Platform infrastructure provider. - type: object - ibmcloud: - description: ibmcloud contains settings specific to the IBMCloud - infrastructure provider. - type: object - kubevirt: - description: kubevirt contains settings specific to the kubevirt - infrastructure provider. - type: object - nutanix: - description: nutanix contains settings specific to the Nutanix - infrastructure provider. - properties: - failureDomains: - description: |- - failureDomains configures failure domains information for the Nutanix platform. - When set, the failure domains defined here may be used to spread Machines across - prism element clusters to improve fault tolerance of the cluster. - items: - description: NutanixFailureDomain configures failure domain - information for the Nutanix platform. - properties: - cluster: - description: |- - cluster is to identify the cluster (the Prism Element under management of the Prism Central), - in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained - from the Prism Central console or using the prism_central API. - properties: - name: - description: name is the resource name in the PC. - It cannot be empty if the type is Name. - type: string - type: - description: type is the identifier type to use - for this resource. - enum: - - UUID - - Name - type: string - uuid: - description: uuid is the UUID of the resource in - the PC. It cannot be empty if the type is UUID. - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: uuid configuration is required when type - is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' ? has(self.uuid) - : !has(self.uuid)' - - message: name configuration is required when type - is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' ? has(self.name) - : !has(self.name)' - name: - description: |- - name defines the unique name of a failure domain. - Name is required and must be at most 64 characters in length. - It must consist of only lower case alphanumeric characters and hyphens (-). - It must start and end with an alphanumeric character. - This value is arbitrary and is used to identify the failure domain within the platform. - maxLength: 64 - minLength: 1 - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' - type: string - subnets: - description: |- - subnets holds a list of identifiers (one or more) of the cluster's network subnets - If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. - for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be - obtained from the Prism Central console or using the prism_central API. - items: - description: NutanixResourceIdentifier holds the identity - of a Nutanix PC resource (cluster, image, subnet, - etc.) - properties: - name: - description: name is the resource name in the - PC. It cannot be empty if the type is Name. - type: string - type: - description: type is the identifier type to use - for this resource. - enum: - - UUID - - Name - type: string - uuid: - description: uuid is the UUID of the resource - in the PC. It cannot be empty if the type is - UUID. - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: uuid configuration is required when type - is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' ? has(self.uuid) - : !has(self.uuid)' - - message: name configuration is required when type - is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' ? has(self.name) - : !has(self.name)' - minItems: 1 - type: array - x-kubernetes-list-type: atomic - required: - - cluster - - name - - subnets - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - prismCentral: - description: |- - prismCentral holds the endpoint address and port to access the Nutanix Prism Central. - When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. - Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the - proxy spec.noProxy list. - properties: - address: - description: address is the endpoint address (DNS name - or IP address) of the Nutanix Prism Central or Element - (cluster) - maxLength: 256 - type: string - port: - description: port is the port number to access the Nutanix - Prism Central or Element (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port - type: object - prismElements: - description: |- - prismElements holds one or more endpoint address and port data to access the Nutanix - Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one - Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) - used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) - spread over multiple Prism Elements (clusters) of the Prism Central. - items: - description: NutanixPrismElementEndpoint holds the name - and endpoint data for a Prism Element (cluster) - properties: - endpoint: - description: |- - endpoint holds the endpoint address and port data of the Prism Element (cluster). - When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. - Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the - proxy spec.noProxy list. - properties: - address: - description: address is the endpoint address (DNS - name or IP address) of the Nutanix Prism Central - or Element (cluster) - maxLength: 256 - type: string - port: - description: port is the port number to access the - Nutanix Prism Central or Element (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port - type: object - name: - description: |- - name is the name of the Prism Element (cluster). This value will correspond with - the cluster field configured on other resources (eg Machines, PVCs, etc). - maxLength: 256 - type: string - required: - - endpoint - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - prismCentral - - prismElements - type: object - openstack: - description: openstack contains settings specific to the OpenStack - infrastructure provider. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - ovirt: - description: ovirt contains settings specific to the oVirt infrastructure - provider. - type: object - powervs: - description: powervs contains settings specific to the IBM Power - Systems Virtual Servers infrastructure provider. - properties: - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of a Power VS service. - items: - description: |- - PowervsServiceEndpoint stores the configuration of a custom url to - override existing defaults of PowerVS Services. - properties: - name: - description: |- - name is the name of the Power VS service. - Few of the services are - IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - Power - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - type is the underlying infrastructure provider for the cluster. This - value controls whether infrastructure automation such as service load - balancers, dynamic volume provisioning, machine creation and deletion, and - other integrations are enabled. If None, no infrastructure automation is - enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - "OpenStack", "VSphere", "oVirt", "IBMCloud", "KubeVirt", "EquinixMetal", - "PowerVS", "AlibabaCloud", "Nutanix", "External", and "None". Individual - components may not support all platforms, and must handle unrecognized - platforms as None if they do not support that platform. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - vsphere: - description: vsphere contains settings specific to the VSphere - infrastructure provider. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - failureDomains: - description: |- - failureDomains contains the definition of region, zone and the vCenter topology. - If this is omitted failure domains (regions and zones) will not be used. - items: - description: VSpherePlatformFailureDomainSpec holds the - region and zone failure domain and the vCenter topology - of that failure domain. - properties: - name: - description: |- - name defines the arbitrary but unique name - of a failure domain. - maxLength: 256 - minLength: 1 - type: string - region: - description: |- - region defines the name of a region tag that will - be attached to a vCenter datacenter. The tag - category in vCenter must be named openshift-region. - maxLength: 80 - minLength: 1 - type: string - regionAffinity: - description: |- - regionAffinity holds the type of region, Datacenter or ComputeCluster. - When set to Datacenter, this means the region is a vCenter Datacenter as defined in topology. - When set to ComputeCluster, this means the region is a vCenter Cluster as defined in topology. - properties: - type: - description: |- - type determines the vSphere object type for a region within this failure domain. - Available types are Datacenter and ComputeCluster. - When set to Datacenter, this means the vCenter Datacenter defined is the region. - When set to ComputeCluster, this means the vCenter cluster defined is the region. - enum: - - ComputeCluster - - Datacenter - type: string - required: - - type - type: object - server: - description: server is the fully-qualified domain name - or the IP address of the vCenter server. - maxLength: 255 - minLength: 1 - type: string - topology: - description: topology describes a given failure domain - using vSphere constructs - properties: - computeCluster: - description: |- - computeCluster the absolute path of the vCenter cluster - in which virtual machine will be located. - The absolute path is of the form //host/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/host/.*? - type: string - datacenter: - description: |- - datacenter is the name of vCenter datacenter in which virtual machines will be located. - The maximum length of the datacenter name is 80 characters. - maxLength: 80 - type: string - datastore: - description: |- - datastore is the absolute path of the datastore in which the - virtual machine is located. - The absolute path is of the form //datastore/ - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/datastore/.*? - type: string - folder: - description: |- - folder is the absolute path of the folder where - virtual machines are located. The absolute path - is of the form //vm/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/vm/.*? - type: string - networks: - description: |- - networks is the list of port group network names within this failure domain. - If feature gate VSphereMultiNetworks is enabled, up to 10 network adapters may be defined. - 10 is the maximum number of virtual network devices which may be attached to a VM as defined by: - https://configmax.esp.vmware.com/guest?vmwareproduct=vSphere&release=vSphere%208.0&categories=1-0 - The available networks (port groups) can be listed using - `govc ls 'network/*'` - Networks should be in the form of an absolute path: - //network/. - items: - type: string - minItems: 1 - type: array - x-kubernetes-list-type: atomic - resourcePool: - description: |- - resourcePool is the absolute path of the resource pool where virtual machines will be - created. The absolute path is of the form //host//Resources/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/host/.*?/Resources.* - type: string - template: - description: |- - template is the full inventory path of the virtual machine or template - that will be cloned when creating new machines in this failure domain. - The maximum length of the path is 2048 characters. - - When omitted, the template will be calculated by the control plane - machineset operator based on the region and zone defined in - VSpherePlatformFailureDomainSpec. - For example, for zone=zonea, region=region1, and infrastructure name=test, - the template path would be calculated as //vm/test-rhcos-region1-zonea. - maxLength: 2048 - minLength: 1 - pattern: ^/.*?/vm/.*? - type: string - required: - - computeCluster - - datacenter - - datastore - - networks - type: object - zone: - description: |- - zone defines the name of a zone tag that will - be attached to a vCenter cluster. The tag - category in vCenter must be named openshift-zone. - maxLength: 80 - minLength: 1 - type: string - zoneAffinity: - description: |- - zoneAffinity holds the type of the zone and the hostGroup which - vmGroup and the hostGroup names in vCenter corresponds to - a vm-host group of type Virtual Machine and Host respectively. Is also - contains the vmHostRule which is an affinity vm-host rule in vCenter. - properties: - hostGroup: - description: |- - hostGroup holds the vmGroup and the hostGroup names in vCenter - corresponds to a vm-host group of type Virtual Machine and Host respectively. Is also - contains the vmHostRule which is an affinity vm-host rule in vCenter. - properties: - hostGroup: - description: |- - hostGroup is the name of the vm-host group of type host within vCenter for this failure domain. - hostGroup is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - vmGroup: - description: |- - vmGroup is the name of the vm-host group of type virtual machine within vCenter for this failure domain. - vmGroup is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - vmHostRule: - description: |- - vmHostRule is the name of the affinity vm-host rule within vCenter for this failure domain. - vmHostRule is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - required: - - hostGroup - - vmGroup - - vmHostRule - type: object - type: - description: |- - type determines the vSphere object type for a zone within this failure domain. - Available types are ComputeCluster and HostGroup. - When set to ComputeCluster, this means the vCenter cluster defined is the zone. - When set to HostGroup, hostGroup must be configured with hostGroup, vmGroup and vmHostRule and - this means the zone is defined by the grouping of those fields. - enum: - - HostGroup - - ComputeCluster - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: hostGroup is required when type is HostGroup, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''HostGroup'' - ? has(self.hostGroup) : !has(self.hostGroup)' - required: - - name - - region - - server - - topology - - zone - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeNetworking: - description: |- - nodeNetworking contains the definition of internal and external network constraints for - assigning the node's networking. - If this field is omitted, networking defaults to the legacy - address selection behavior which is to only support a single address and - return the first one found. - properties: - external: - description: external represents the network configuration - of the node that is externally routable. - properties: - excludeNetworkSubnetCidr: - description: |- - excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's VM for use in the status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: |- - network VirtualMachine's VM Network names that will be used to when searching - for status.addresses fields. Note that if internal.networkSubnetCIDR and - external.networkSubnetCIDR are not set, then the vNIC associated to this network must - only have a single IP address assigned to it. - The available networks (port groups) can be listed using - `govc ls 'network/*'` - type: string - networkSubnetCidr: - description: |- - networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs - that will be used in respective status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: set - type: object - internal: - description: internal represents the network configuration - of the node that is routable only within the cluster. - properties: - excludeNetworkSubnetCidr: - description: |- - excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's VM for use in the status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: |- - network VirtualMachine's VM Network names that will be used to when searching - for status.addresses fields. Note that if internal.networkSubnetCIDR and - external.networkSubnetCIDR are not set, then the vNIC associated to this network must - only have a single IP address assigned to it. - The available networks (port groups) can be listed using - `govc ls 'network/*'` - type: string - networkSubnetCidr: - description: |- - networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs - that will be used in respective status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: set - type: object - type: object - vcenters: - description: |- - vcenters holds the connection details for services to communicate with vCenter. - Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. - Once the cluster has been installed, you are unable to change the current number of defined - vCenters except in the case where the cluster has been upgraded from a version of OpenShift - where the vsphere platform spec was not present. You may make modifications to the existing - vCenters that are defined in the vcenters list in order to match with any added or modified - failure domains. - items: - description: |- - VSpherePlatformVCenterSpec stores the vCenter connection fields. - This is used by the vSphere CCM. - properties: - datacenters: - description: |- - The vCenter Datacenters in which the RHCOS - vm guests are located. This field will - be used by the Cloud Controller Manager. - Each datacenter listed here should be used within - a topology. - items: - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - port: - description: |- - port is the TCP port that will be used to communicate to - the vCenter endpoint. - When omitted, this means the user has no opinion and - it is up to the platform to choose a sensible default, - which is subject to change over time. - format: int32 - maximum: 32767 - minimum: 1 - type: integer - server: - description: server is the fully-qualified domain name - or the IP address of the vCenter server. - maxLength: 255 - type: string - required: - - datacenters - - server - type: object - maxItems: 3 - minItems: 0 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: vcenters cannot be added or removed once set - rule: 'size(self) != size(oldSelf) ? size(oldSelf) == 0 - && size(self) < 2 : true' - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - - message: vcenters can have at most 1 item when configured post-install - rule: '!has(oldSelf.vcenters) && has(self.vcenters) ? size(self.vcenters) - < 2 : true' - type: object - x-kubernetes-validations: - - message: vcenters can have at most 1 item when configured post-install - rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? size(self.vsphere.vcenters) - < 2 : true' - type: object - status: - description: status holds observed values from the cluster. They may not - be overridden. - properties: - apiServerInternalURI: - description: |- - apiServerInternalURL is a valid URI with scheme 'https', - address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components - like kubelets, to contact the Kubernetes API server using the - infrastructure provider rather than Kubernetes networking. - type: string - apiServerURL: - description: |- - apiServerURL is a valid URI with scheme 'https', address and - optionally a port (defaulting to 443). apiServerURL can be used by components like the web console - to tell users where to find the Kubernetes API. - type: string - controlPlaneTopology: - default: HighlyAvailable - description: |- - controlPlaneTopology expresses the expectations for operands that normally run on control nodes. - The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. - The 'SingleReplica' mode will be used in single-node deployments - and the operators should not configure the operand for highly-available operation - The 'External' mode indicates that the control plane is hosted externally to the cluster and that - its components are not visible within the cluster. - type: string - cpuPartitioning: - default: None - description: |- - cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. - CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. - Valid values are "None" and "AllNodes". When omitted, the default value is "None". - The default value of "None" indicates that no nodes will be setup with CPU partitioning. - The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, - and can then be further configured via the PerformanceProfile API. - enum: - - None - - AllNodes - type: string - etcdDiscoveryDomain: - description: |- - etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering - etcd servers and clients. - For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery - deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release. - type: string - infrastructureName: - description: |- - infrastructureName uniquely identifies a cluster with a human friendly name. - Once set it should not be changed. Must be of max length 27 and must have only - alphanumeric or hyphen characters. - type: string - infrastructureTopology: - default: HighlyAvailable - description: |- - infrastructureTopology expresses the expectations for infrastructure services that do not run on control - plane nodes, usually indicated by a node selector for a `role` value - other than `master`. - The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. - The 'SingleReplica' mode will be used in single-node deployments - and the operators should not configure the operand for highly-available operation - NOTE: External topology mode is not applicable for this field. - enum: - - HighlyAvailable - - SingleReplica - type: string - platform: - description: |- - platform is the underlying infrastructure provider for the cluster. - - Deprecated: Use platformStatus.type instead. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - platformStatus: - description: |- - platformStatus holds status information specific to the underlying - infrastructure provider. - properties: - alibabaCloud: - description: alibabaCloud contains settings specific to the Alibaba - Cloud infrastructure provider. - properties: - region: - description: region specifies the region for Alibaba Cloud - resources created for the cluster. - pattern: ^[0-9A-Za-z-]+$ - type: string - resourceGroupID: - description: resourceGroupID is the ID of the resource group - for the cluster. - pattern: ^(rg-[0-9A-Za-z]+)?$ - type: string - resourceTags: - description: resourceTags is a list of additional tags to - apply to Alibaba Cloud resources created for the cluster. - items: - description: AlibabaCloudResourceTag is the set of tags - to add to apply to resources. - properties: - key: - description: key is the key of the tag. - maxLength: 128 - minLength: 1 - type: string - value: - description: value is the value of the tag. - maxLength: 128 - minLength: 1 - type: string - required: - - key - - value - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - required: - - region - type: object - aws: - description: aws contains settings specific to the Amazon Web - Services infrastructure provider. - properties: - region: - description: region holds the default AWS region for new AWS - resources created by the cluster. - type: string - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to AWS resources created for the cluster. - See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. - AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags - available for the user. - items: - description: AWSResourceTag is a tag to apply to AWS resources - created for the cluster. - properties: - key: - description: |- - key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. - Key should consist of between 1 and 128 characters, and may - contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. - maxLength: 128 - minLength: 1 - type: string - x-kubernetes-validations: - - message: invalid AWS resource tag key. The string - can contain only the set of alphanumeric characters, - space (' '), '_', '.', '/', '=', '+', '-', ':', - '@' - rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$') - value: - description: |- - value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. - Value should consist of between 1 and 256 characters, and may - contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. - Some AWS service do not support empty values. Since tags are added to resources in many services, the - length of the tag value must meet the requirements of all services. - maxLength: 256 - minLength: 1 - type: string - x-kubernetes-validations: - - message: invalid AWS resource tag value. The string - can contain only the set of alphanumeric characters, - space (' '), '_', '.', '/', '=', '+', '-', ':', - '@' - rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$') - required: - - key - - value - type: object - maxItems: 25 - type: array - x-kubernetes-list-type: atomic - serviceEndpoints: - description: |- - serviceEndpoints list contains custom endpoints which will override default - service endpoint of AWS Services. - There must be only one ServiceEndpoint for a service. - items: - description: |- - AWSServiceEndpoint store the configuration of a custom url to - override existing defaults of AWS Services. - properties: - name: - description: |- - name is the name of the AWS service. - The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - pattern: ^https:// - type: string - type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: azure contains settings specific to the Azure infrastructure - provider. - properties: - armEndpoint: - description: armEndpoint specifies a URL to use for resource - management in non-soverign clouds such as Azure Stack. - type: string - cloudName: - description: |- - cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK - with the appropriate Azure API endpoints. - If empty, the value is equal to `AzurePublicCloud`. - enum: - - "" - - AzurePublicCloud - - AzureUSGovernmentCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureStackCloud - type: string - networkResourceGroupName: - description: |- - networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. - If empty, the value is same as ResourceGroupName. - type: string - resourceGroupName: - description: resourceGroupName is the Resource Group for new - Azure resources created for the cluster. - type: string - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to Azure resources created for the cluster. - See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. - Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags - may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. - items: - description: AzureResourceTag is a tag to apply to Azure - resources created for the cluster. - properties: - key: - description: |- - key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key - must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric - characters and the following special characters `_ . -`. - maxLength: 128 - minLength: 1 - pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ - type: string - value: - description: |- - value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value - must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`. - maxLength: 256 - minLength: 1 - pattern: ^[0-9A-Za-z_.=+-@]+$ - type: string - required: - - key - - value - type: object - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: resourceTags are immutable and may only be configured - during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) - type: object - x-kubernetes-validations: - - message: resourceTags may only be configured during installation - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) - || has(oldSelf.resourceTags) && has(self.resourceTags)' - baremetal: - description: baremetal contains settings specific to the BareMetal - platform. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on BareMetal platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used to connect - all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - BareMetal deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - equinixMetal: - description: equinixMetal contains settings specific to the Equinix - Metal infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - type: string - type: object - external: - description: external contains settings specific to the generic - External infrastructure provider. - properties: - cloudControllerManager: - description: |- - cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). - When omitted, new nodes will be not tainted - and no extra initialization from the cloud controller manager is expected. - properties: - state: - description: |- - state determines whether or not an external Cloud Controller Manager is expected to - be installed within the cluster. - https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager - - Valid values are "External", "None" and omitted. - When set to "External", new nodes will be tainted as uninitialized when created, - preventing them from running workloads until they are initialized by the cloud controller manager. - When omitted or set to "None", new nodes will be not tainted - and no extra initialization from the cloud controller manager is expected. - enum: - - "" - - External - - None - type: string - x-kubernetes-validations: - - message: state is immutable once set - rule: self == oldSelf - type: object - x-kubernetes-validations: - - message: state may not be added or removed once set - rule: (has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) - && self.state != "External") - type: object - x-kubernetes-validations: - - message: cloudControllerManager may not be added or removed - once set - rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) - gcp: - description: gcp contains settings specific to the Google Cloud - Platform infrastructure provider. - properties: - cloudLoadBalancerConfig: - default: - dnsType: PlatformDefault - description: |- - cloudLoadBalancerConfig holds configuration related to DNS and cloud - load balancers. It allows configuration of in-cluster DNS as an alternative - to the platform default DNS implementation. - When using the ClusterHosted DNS type, Load Balancer IP addresses - must be provided for the API and internal API load balancers as well as the - ingress load balancer. - nullable: true - properties: - clusterHosted: - description: |- - clusterHosted holds the IP addresses of API, API-Int and Ingress Load - Balancers on Cloud Platforms. The DNS solution hosted within the cluster - use these IP addresses to provide resolution for API, API-Int and Ingress - services. - properties: - apiIntLoadBalancerIPs: - description: |- - apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Entries in the apiIntLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - apiLoadBalancerIPs: - description: |- - apiLoadBalancerIPs holds Load Balancer IPs for the API service. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Could be empty for private clusters. - Entries in the apiLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - ingressLoadBalancerIPs: - description: |- - ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Entries in the ingressLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - type: object - dnsType: - default: PlatformDefault - description: |- - dnsType indicates the type of DNS solution in use within the cluster. Its default value of - `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. - It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, - the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. - The cluster's use of the cloud's Load Balancers is unaffected by this setting. - The value is immutable after it has been set at install time. - Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. - Enabling this functionality allows the user to start their own DNS solution outside the cluster after - installation is complete. The customer would be responsible for configuring this custom DNS solution, - and it can be run in addition to the in-cluster DNS solution. - enum: - - ClusterHosted - - PlatformDefault - type: string - x-kubernetes-validations: - - message: dnsType is immutable - rule: oldSelf == '' || self == oldSelf - type: object - x-kubernetes-validations: - - message: clusterHosted is permitted only when dnsType is - ClusterHosted - rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' - ? !has(self.clusterHosted) : true' - projectID: - description: resourceGroupName is the Project ID for new GCP - resources created for the cluster. - type: string - region: - description: region holds the region for new GCP resources - created for the cluster. - type: string - resourceLabels: - description: |- - resourceLabels is a list of additional labels to apply to GCP resources created for the cluster. - See https://cloud.google.com/compute/docs/labeling-resources for information on labeling GCP resources. - GCP supports a maximum of 64 labels per resource. OpenShift reserves 32 labels for internal use, - allowing 32 labels for user configuration. - items: - description: GCPResourceLabel is a label to apply to GCP - resources created for the cluster. - properties: - key: - description: |- - key is the key part of the label. A label key can have a maximum of 63 characters and cannot be empty. - Label key must begin with a lowercase letter, and must contain only lowercase letters, numeric characters, - and the following special characters `_-`. Label key must not have the reserved prefixes `kubernetes-io` - and `openshift-io`. - maxLength: 63 - minLength: 1 - pattern: ^[a-z][0-9a-z_-]{0,62}$ - type: string - x-kubernetes-validations: - - message: label keys must not start with either `openshift-io` - or `kubernetes-io` - rule: '!self.startsWith(''openshift-io'') && !self.startsWith(''kubernetes-io'')' - value: - description: |- - value is the value part of the label. A label value can have a maximum of 63 characters and cannot be empty. - Value must contain only lowercase letters, numeric characters, and the following special characters `_-`. - maxLength: 63 - minLength: 1 - pattern: ^[0-9a-z_-]{1,63}$ - type: string - required: - - key - - value - type: object - maxItems: 32 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: resourceLabels are immutable and may only be configured - during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to GCP resources created for the cluster. - See https://cloud.google.com/resource-manager/docs/tags/tags-overview for information on - tagging GCP resources. GCP supports a maximum of 50 tags per resource. - items: - description: GCPResourceTag is a tag to apply to GCP resources - created for the cluster. - properties: - key: - description: |- - key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot be empty. - Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase - alphanumeric characters, and the following special characters `._-`. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.-]{0,61}[a-zA-Z0-9])?$ - type: string - parentID: - description: |- - parentID is the ID of the hierarchical resource where the tags are defined, - e.g. at the Organization or the Project level. To find the Organization or Project ID refer to the following pages: - https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, - https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. - An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. - A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, - and hyphens, and must start with a letter, and cannot end with a hyphen. - maxLength: 32 - minLength: 1 - pattern: (^[1-9][0-9]{0,31}$)|(^[a-z][a-z0-9-]{4,28}[a-z0-9]$) - type: string - value: - description: |- - value is the value part of the tag. A tag value can have a maximum of 63 characters and cannot be empty. - Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase - alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.@%=+:,*#&()\[\]{}\-\s]{0,61}[a-zA-Z0-9])?$ - type: string - required: - - key - - parentID - - value - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: resourceTags are immutable and may only be configured - during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) - type: object - x-kubernetes-validations: - - message: resourceLabels may only be configured during installation - rule: '!has(oldSelf.resourceLabels) && !has(self.resourceLabels) - || has(oldSelf.resourceLabels) && has(self.resourceLabels)' - - message: resourceTags may only be configured during installation - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) - || has(oldSelf.resourceTags) && has(self.resourceTags)' - ibmcloud: - description: ibmcloud contains settings specific to the IBMCloud - infrastructure provider. - properties: - cisInstanceCRN: - description: |- - cisInstanceCRN is the CRN of the Cloud Internet Services instance managing - the DNS zone for the cluster's base domain - type: string - dnsInstanceCRN: - description: |- - dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone - for the cluster's base domain - type: string - location: - description: location is where the cluster has been deployed - type: string - providerType: - description: providerType indicates the type of cluster that - was created - type: string - resourceGroupName: - description: resourceGroupName is the Resource Group for new - IBMCloud resources created for the cluster. - type: string - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of an IBM service. These endpoints are used by components - within the cluster when trying to reach the IBM Cloud Services that have been - overridden. The CCCMO reads in the IBMCloudPlatformSpec and validates each - endpoint is resolvable. Once validated, the cloud config and IBMCloudPlatformStatus - are updated to reflect the same custom endpoints. - items: - description: |- - IBMCloudServiceEndpoint stores the configuration of a custom url to - override existing defaults of IBM Cloud Services. - properties: - name: - description: |- - name is the name of the IBM Cloud service. - Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. - For example, the IBM Cloud Private IAM service could be configured with the - service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` - Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured - with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. The path must follow the pattern - /v[0,9]+ or /api/v[0,9]+ - maxLength: 300 - type: string - x-kubernetes-validations: - - message: url must be a valid absolute URL - rule: isURL(self) - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - kubevirt: - description: kubevirt contains settings specific to the kubevirt - infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - type: string - type: object - nutanix: - description: nutanix contains settings specific to the Nutanix - infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on Nutanix platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - type: object - openstack: - description: openstack contains settings specific to the OpenStack - infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - cloudName: - description: |- - cloudName is the name of the desired OpenStack cloud in the - client configuration file (`clouds.yaml`). - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on OpenStack platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used to connect - all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - OpenStack deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - ovirt: - description: ovirt contains settings specific to the oVirt infrastructure - provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on Ovirt platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - nodeDNSIP: - description: 'deprecated: as of 4.6, this field is no longer - set or honored. It will be removed in a future release.' - type: string - type: object - powervs: - description: powervs contains settings specific to the Power Systems - Virtual Servers infrastructure provider. - properties: - cisInstanceCRN: - description: |- - cisInstanceCRN is the CRN of the Cloud Internet Services instance managing - the DNS zone for the cluster's base domain - type: string - dnsInstanceCRN: - description: |- - dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone - for the cluster's base domain - type: string - region: - description: region holds the default Power VS region for - new Power VS resources created by the cluster. - type: string - resourceGroup: - description: |- - resourceGroup is the resource group name for new IBMCloud resources created for a cluster. - The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. - More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. - When omitted, the image registry operator won't be able to configure storage, - which results in the image registry cluster operator not being in an available state. - maxLength: 40 - pattern: ^[a-zA-Z0-9-_ ]+$ - type: string - x-kubernetes-validations: - - message: resourceGroup is immutable once set - rule: oldSelf == '' || self == oldSelf - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of a Power VS service. - items: - description: |- - PowervsServiceEndpoint stores the configuration of a custom url to - override existing defaults of PowerVS Services. - properties: - name: - description: |- - name is the name of the Power VS service. - Few of the services are - IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - Power - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - zone: - description: |- - zone holds the default zone for the new Power VS resources created by the cluster. - Note: Currently only single-zone OCP clusters are supported - type: string - type: object - x-kubernetes-validations: - - message: cannot unset resourceGroup once set - rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' - type: - description: |- - type is the underlying infrastructure provider for the cluster. This - value controls whether infrastructure automation such as service load - balancers, dynamic volume provisioning, machine creation and deletion, and - other integrations are enabled. If None, no infrastructure automation is - enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". - Individual components may not support all platforms, and must handle - unrecognized platforms as None if they do not support that platform. - - This value will be synced with to the `status.platform` and `status.platformStatus.type`. - Currently this value cannot be changed once set. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - vsphere: - description: vsphere contains settings specific to the VSphere - infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 address - and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on VSphere platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used to connect - all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR notation - (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - vSphere deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter+DualReplica.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter+DualReplica.yaml index 61290bd0b7c..ebec41a18c3 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter+DualReplica.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter+DualReplica.yaml @@ -1482,6 +1482,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter.yaml index 02b2f45e8a0..2ebc47b592f 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/HighlyAvailableArbiter.yaml @@ -1480,6 +1480,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/NutanixMultiSubnets.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/NutanixMultiSubnets.yaml index 6499facb296..75ee7f5ea27 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/NutanixMultiSubnets.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/NutanixMultiSubnets.yaml @@ -1480,6 +1480,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/OnPremDNSRecords.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/OnPremDNSRecords.yaml index 5a5cbdb4215..80e9b9d4607 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/OnPremDNSRecords.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/OnPremDNSRecords.yaml @@ -1498,6 +1498,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereHostVMGroupZonal.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereHostVMGroupZonal.yaml index ffe59d2451b..ba054538736 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereHostVMGroupZonal.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereHostVMGroupZonal.yaml @@ -1486,6 +1486,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereMultiNetworks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereMultiNetworks.yaml index cb483be6f04..60c826741a8 100644 --- a/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereMultiNetworks.yaml +++ b/config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/VSphereMultiNetworks.yaml @@ -1476,6 +1476,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, "10.0.0.0" + or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType is + ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/features.md b/features.md index 1c9e3435c2d..46dbd7946a9 100644 --- a/features.md +++ b/features.md @@ -60,7 +60,6 @@ | EventTTL| | | Enabled | Enabled | | | Enabled | Enabled | | Example| | | Enabled | Enabled | | | Enabled | Enabled | | ExternalOIDCWithUpstreamParity| | | Enabled | Enabled | | | Enabled | Enabled | -| GCPClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpoints| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | | | Enabled | Enabled | | GCPDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | @@ -99,7 +98,6 @@ | ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/features/features.go b/features/features.go index a9f4cda54e4..aec33479918 100644 --- a/features/features.go +++ b/features/features.go @@ -203,12 +203,12 @@ var ( mustRegister() FeatureGateNoOverlayMode = newFeatureGate("NoOverlayMode"). - reportProblemsToJiraComponent("Networking/ovn-kubernetes"). - contactPerson("pliurh"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1859"). - enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). - mustRegister() + reportProblemsToJiraComponent("Networking/ovn-kubernetes"). + contactPerson("pliurh"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1859"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() FeatureGateEVPN = newFeatureGate("EVPN"). reportProblemsToJiraComponent("Networking/ovn-kubernetes"). @@ -272,14 +272,6 @@ var ( enhancementPR(legacyFeatureGateWithoutEnhancement). mustRegister() - FeatureGateGCPClusterHostedDNS = newFeatureGate("GCPClusterHostedDNS"). - reportProblemsToJiraComponent("Installer"). - contactPerson("barbacbd"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAWSClusterHostedDNS = newFeatureGate("AWSClusterHostedDNS"). reportProblemsToJiraComponent("Installer"). contactPerson("barbacbd"). @@ -833,14 +825,6 @@ var ( enable(inClusterProfile(SelfManaged), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateGCPClusterHostedDNSInstall = newFeatureGate("GCPClusterHostedDNSInstall"). - reportProblemsToJiraComponent("Installer"). - contactPerson("barbacbd"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1468"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAWSClusterHostedDNSInstall = newFeatureGate("AWSClusterHostedDNSInstall"). reportProblemsToJiraComponent("Installer"). contactPerson("barbacbd"). diff --git a/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNS.yaml b/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNS.yaml index ffbda81563e..8b1fe676724 100644 --- a/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNS.yaml +++ b/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNS.yaml @@ -1,8 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "GCP Cluster Hosted DNS" crdName: controllerconfigs.machineconfiguration.openshift.io -featureGates: -- GCPClusterHostedDNSInstall tests: onCreate: - name: Should be able to create a minimal ControllerConfig diff --git a/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml b/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml index 22e7cb3c179..d20304a3882 100644 --- a/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml +++ b/machineconfiguration/v1/tests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml @@ -1,8 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "Shamefully missing" crdName: controllerconfigs.machineconfiguration.openshift.io -featureGates: -- GCPClusterHostedDNSInstall tests: onCreate: - name: Should be able to create a minimal ControllerConfig @@ -101,4 +99,4 @@ tests: name: pull-secret namespace: openshift-config releaseImage: "" - rootCAData: Y2VydGlmaWNhdGUK \ No newline at end of file + rootCAData: Y2VydGlmaWNhdGUK diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml index 906d504ef9b..591db438fa6 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml @@ -35,7 +35,6 @@ controllerconfigs.machineconfiguration.openshift.io: - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - HighlyAvailableArbiter - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index 84456f16e83..0b95b722853 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -1779,6 +1779,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSClusterHostedDNSInstall.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSClusterHostedDNSInstall.yaml index d1ea29f18cb..ca289d7fe74 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSClusterHostedDNSInstall.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSClusterHostedDNSInstall.yaml @@ -1877,6 +1877,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSDualStackInstall.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSDualStackInstall.yaml index cae7f08b880..5060ce7518f 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSDualStackInstall.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AWSDualStackInstall.yaml @@ -1788,6 +1788,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureClusterHostedDNSInstall.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureClusterHostedDNSInstall.yaml index d7f4bc5505e..3e811f4b6fa 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureClusterHostedDNSInstall.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureClusterHostedDNSInstall.yaml @@ -1876,6 +1876,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureDualStackInstall.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureDualStackInstall.yaml index b7231a9bc23..4e7a091dc69 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureDualStackInstall.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/AzureDualStackInstall.yaml @@ -1788,6 +1788,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DualReplica.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DualReplica.yaml index a4a49f28265..523365e14e4 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DualReplica.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DualReplica.yaml @@ -1778,6 +1778,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DyanmicServiceEndpointIBMCloud.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DyanmicServiceEndpointIBMCloud.yaml index 825201f6698..d8343fa9274 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DyanmicServiceEndpointIBMCloud.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/DyanmicServiceEndpointIBMCloud.yaml @@ -1836,6 +1836,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml deleted file mode 100644 index b7aefb54f4d..00000000000 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/GCPClusterHostedDNSInstall.yaml +++ /dev/null @@ -1,2865 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/filename-cvo-runlevel: "0000_80" - api.openshift.io/filename-operator: machine-config - api.openshift.io/filename-ordering: "01" - feature-gate.release.openshift.io/GCPClusterHostedDNSInstall: "true" - labels: - openshift.io/operator-managed: "" - name: controllerconfigs.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: ControllerConfig - listKind: ControllerConfigList - plural: controllerconfigs - singular: controllerconfig - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - ControllerConfig describes configuration for MachineConfigController. - This is currently only used to drive the MachineConfig objects generated by the TemplateController. - - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec contains the desired controller config configuration. - properties: - additionalTrustBundle: - description: |- - additionalTrustBundle is a certificate bundle that will be added to the nodes - trusted certificate store. - format: byte - nullable: true - type: string - baseOSContainerImage: - description: baseOSContainerImage is the new-format container image - for operating system updates. - type: string - baseOSExtensionsContainerImage: - description: baseOSExtensionsContainerImage is the matching extensions - container for the new-format container - type: string - cloudProviderCAData: - description: cloudProviderCAData specifies the cloud provider CA data - format: byte - nullable: true - type: string - cloudProviderConfig: - description: cloudProviderConfig is the configuration for the given - cloud provider - type: string - clusterDNSIP: - description: clusterDNSIP is the cluster DNS IP address - type: string - dns: - description: dns holds the cluster dns details - nullable: true - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: |- - metadata is the standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - spec: - description: spec holds user settable values for configuration - properties: - baseDomain: - description: |- - baseDomain is the base domain of the cluster. All managed DNS records will - be sub-domains of this base. - - For example, given the base domain `openshift.example.com`, an API server - DNS record may be created for `cluster-api.openshift.example.com`. - - Once set, this field cannot be changed. - type: string - platform: - description: |- - platform holds configuration specific to the underlying - infrastructure provider for DNS. - When omitted, this means the user has no opinion and the platform is left - to choose reasonable defaults. These defaults are subject to change over time. - properties: - aws: - description: aws contains DNS configuration specific to - the Amazon Web Services cloud provider. - properties: - privateZoneIAMRole: - description: |- - privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing - operations on the cluster's private hosted zone specified in the cluster DNS config. - When left empty, no role should be assumed. - pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$ - type: string - type: object - type: - description: |- - type is the underlying infrastructure provider for the cluster. - Allowed values: "", "AWS". - - Individual components may not support all platforms, - and must handle unrecognized platforms with best-effort defaults. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - x-kubernetes-validations: - - message: allowed values are '' and 'AWS' - rule: self in ['','AWS'] - required: - - type - type: object - x-kubernetes-validations: - - message: aws configuration is required when platform is - AWS, and forbidden otherwise - rule: 'has(self.type) && self.type == ''AWS'' ? has(self.aws) - : !has(self.aws)' - privateZone: - description: |- - privateZone is the location where all the DNS records that are only available internally - to the cluster exist. - - If this field is nil, no private records should be created. - - Once set, this field cannot be changed. - properties: - id: - description: |- - id is the identifier that can be used to find the DNS hosted zone. - - on AWS zone can be fetched using `ID` as id in [1] - on Azure zone can be fetched using `ID` as a pre-determined name in [2], - on GCP zone can be fetched using `ID` as a pre-determined name in [3]. - - [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options - [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show - [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get - type: string - tags: - additionalProperties: - type: string - description: |- - tags can be used to query the DNS hosted zone. - - on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, - - [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options - type: object - type: object - publicZone: - description: |- - publicZone is the location where all the DNS records that are publicly accessible to - the internet exist. - - If this field is nil, no public records should be created. - - Once set, this field cannot be changed. - properties: - id: - description: |- - id is the identifier that can be used to find the DNS hosted zone. - - on AWS zone can be fetched using `ID` as id in [1] - on Azure zone can be fetched using `ID` as a pre-determined name in [2], - on GCP zone can be fetched using `ID` as a pre-determined name in [3]. - - [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options - [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show - [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get - type: string - tags: - additionalProperties: - type: string - description: |- - tags can be used to query the DNS hosted zone. - - on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, - - [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options - type: object - type: object - type: object - status: - description: status holds observed values from the cluster. They - may not be overridden. - type: object - required: - - spec - type: object - x-kubernetes-embedded-resource: true - etcdDiscoveryDomain: - description: etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain - instead - type: string - imageRegistryBundleData: - description: imageRegistryBundleData is the ImageRegistryData - items: - description: ImageRegistryBundle contains information for writing - image registry certificates - properties: - data: - description: data holds the contents of the bundle that will - be written to the file location - format: byte - type: string - file: - description: file holds the name of the file where the bundle - will be written to disk - type: string - required: - - data - - file - type: object - type: array - x-kubernetes-list-type: atomic - imageRegistryBundleUserData: - description: imageRegistryBundleUserData is Image Registry Data provided - by the user - items: - description: ImageRegistryBundle contains information for writing - image registry certificates - properties: - data: - description: data holds the contents of the bundle that will - be written to the file location - format: byte - type: string - file: - description: file holds the name of the file where the bundle - will be written to disk - type: string - required: - - data - - file - type: object - type: array - x-kubernetes-list-type: atomic - images: - additionalProperties: - type: string - description: images is map of images that are used by the controller - to render templates under ./templates/ - type: object - infra: - description: infra holds the infrastructure details - nullable: true - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: |- - metadata is the standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - spec: - description: spec holds user settable values for configuration - properties: - cloudConfig: - description: |- - cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. - This configuration file is used to configure the Kubernetes cloud provider integration - when using the built-in cloud provider integration or the external cloud controller manager. - The namespace for this config map is openshift-config. - - cloudConfig should only be consumed by the kube_cloud_config controller. - The controller is responsible for using the user configuration in the spec - for various platforms and combining that with the user provided ConfigMap in this field - to create a stitched kube cloud config. - The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace - with the kube cloud config is stored in `cloud.conf` key. - All the clients are expected to use the generated ConfigMap only. - properties: - key: - description: key allows pointing to a specific key/value - inside of the configmap. This is useful for logical - file references. - type: string - name: - type: string - type: object - platformSpec: - description: |- - platformSpec holds desired information specific to the underlying - infrastructure provider. - properties: - alibabaCloud: - description: alibabaCloud contains settings specific to - the Alibaba Cloud infrastructure provider. - type: object - aws: - description: aws contains settings specific to the Amazon - Web Services infrastructure provider. - properties: - serviceEndpoints: - description: |- - serviceEndpoints list contains custom endpoints which will override default - service endpoint of AWS Services. - There must be only one ServiceEndpoint for a service. - items: - description: |- - AWSServiceEndpoint store the configuration of a custom url to - override existing defaults of AWS Services. - properties: - name: - description: |- - name is the name of the AWS service. - The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - pattern: ^https:// - type: string - type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: azure contains settings specific to the Azure - infrastructure provider. - type: object - baremetal: - description: baremetal contains settings specific to the - BareMetal platform. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - equinixMetal: - description: equinixMetal contains settings specific to - the Equinix Metal infrastructure provider. - type: object - external: - description: |- - ExternalPlatformType represents generic infrastructure provider. - Platform-specific components should be supplemented separately. - properties: - platformName: - default: Unknown - description: |- - platformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. - This field is solely for informational and reporting purposes and is not expected to be used for decision-making. - type: string - x-kubernetes-validations: - - message: platform name cannot be changed once set - rule: oldSelf == 'Unknown' || self == oldSelf - type: object - gcp: - description: gcp contains settings specific to the Google - Cloud Platform infrastructure provider. - type: object - ibmcloud: - description: ibmcloud contains settings specific to the - IBMCloud infrastructure provider. - type: object - kubevirt: - description: kubevirt contains settings specific to the - kubevirt infrastructure provider. - type: object - nutanix: - description: nutanix contains settings specific to the - Nutanix infrastructure provider. - properties: - failureDomains: - description: |- - failureDomains configures failure domains information for the Nutanix platform. - When set, the failure domains defined here may be used to spread Machines across - prism element clusters to improve fault tolerance of the cluster. - items: - description: NutanixFailureDomain configures failure - domain information for the Nutanix platform. - properties: - cluster: - description: |- - cluster is to identify the cluster (the Prism Element under management of the Prism Central), - in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained - from the Prism Central console or using the prism_central API. - properties: - name: - description: name is the resource name in - the PC. It cannot be empty if the type - is Name. - type: string - type: - description: type is the identifier type - to use for this resource. - enum: - - UUID - - Name - type: string - uuid: - description: uuid is the UUID of the resource - in the PC. It cannot be empty if the type - is UUID. - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: uuid configuration is required when - type is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' - ? has(self.uuid) : !has(self.uuid)' - - message: name configuration is required when - type is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' - ? has(self.name) : !has(self.name)' - name: - description: |- - name defines the unique name of a failure domain. - Name is required and must be at most 64 characters in length. - It must consist of only lower case alphanumeric characters and hyphens (-). - It must start and end with an alphanumeric character. - This value is arbitrary and is used to identify the failure domain within the platform. - maxLength: 64 - minLength: 1 - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' - type: string - subnets: - description: |- - subnets holds a list of identifiers (one or more) of the cluster's network subnets - If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. - for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be - obtained from the Prism Central console or using the prism_central API. - items: - description: NutanixResourceIdentifier holds - the identity of a Nutanix PC resource (cluster, - image, subnet, etc.) - properties: - name: - description: name is the resource name - in the PC. It cannot be empty if the - type is Name. - type: string - type: - description: type is the identifier type - to use for this resource. - enum: - - UUID - - Name - type: string - uuid: - description: uuid is the UUID of the resource - in the PC. It cannot be empty if the - type is UUID. - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: uuid configuration is required - when type is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' - ? has(self.uuid) : !has(self.uuid)' - - message: name configuration is required - when type is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' - ? has(self.name) : !has(self.name)' - minItems: 1 - type: array - x-kubernetes-list-type: atomic - required: - - cluster - - name - - subnets - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - prismCentral: - description: |- - prismCentral holds the endpoint address and port to access the Nutanix Prism Central. - When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. - Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the - proxy spec.noProxy list. - properties: - address: - description: address is the endpoint address (DNS - name or IP address) of the Nutanix Prism Central - or Element (cluster) - maxLength: 256 - type: string - port: - description: port is the port number to access - the Nutanix Prism Central or Element (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port - type: object - prismElements: - description: |- - prismElements holds one or more endpoint address and port data to access the Nutanix - Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one - Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) - used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) - spread over multiple Prism Elements (clusters) of the Prism Central. - items: - description: NutanixPrismElementEndpoint holds the - name and endpoint data for a Prism Element (cluster) - properties: - endpoint: - description: |- - endpoint holds the endpoint address and port data of the Prism Element (cluster). - When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. - Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the - proxy spec.noProxy list. - properties: - address: - description: address is the endpoint address - (DNS name or IP address) of the Nutanix - Prism Central or Element (cluster) - maxLength: 256 - type: string - port: - description: port is the port number to - access the Nutanix Prism Central or Element - (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port - type: object - name: - description: |- - name is the name of the Prism Element (cluster). This value will correspond with - the cluster field configured on other resources (eg Machines, PVCs, etc). - maxLength: 256 - type: string - required: - - endpoint - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - prismCentral - - prismElements - type: object - openstack: - description: openstack contains settings specific to the - OpenStack infrastructure provider. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - ovirt: - description: ovirt contains settings specific to the oVirt - infrastructure provider. - type: object - powervs: - description: powervs contains settings specific to the - IBM Power Systems Virtual Servers infrastructure provider. - properties: - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of a Power VS service. - items: - description: |- - PowervsServiceEndpoint stores the configuration of a custom url to - override existing defaults of PowerVS Services. - properties: - name: - description: |- - name is the name of the Power VS service. - Few of the services are - IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - Power - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - type is the underlying infrastructure provider for the cluster. This - value controls whether infrastructure automation such as service load - balancers, dynamic volume provisioning, machine creation and deletion, and - other integrations are enabled. If None, no infrastructure automation is - enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - "OpenStack", "VSphere", "oVirt", "IBMCloud", "KubeVirt", "EquinixMetal", - "PowerVS", "AlibabaCloud", "Nutanix", "External", and "None". Individual - components may not support all platforms, and must handle unrecognized - platforms as None if they do not support that platform. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - vsphere: - description: vsphere contains settings specific to the - VSphere infrastructure provider. - properties: - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - failureDomains: - description: |- - failureDomains contains the definition of region, zone and the vCenter topology. - If this is omitted failure domains (regions and zones) will not be used. - items: - description: VSpherePlatformFailureDomainSpec holds - the region and zone failure domain and the vCenter - topology of that failure domain. - properties: - name: - description: |- - name defines the arbitrary but unique name - of a failure domain. - maxLength: 256 - minLength: 1 - type: string - region: - description: |- - region defines the name of a region tag that will - be attached to a vCenter datacenter. The tag - category in vCenter must be named openshift-region. - maxLength: 80 - minLength: 1 - type: string - regionAffinity: - description: |- - regionAffinity holds the type of region, Datacenter or ComputeCluster. - When set to Datacenter, this means the region is a vCenter Datacenter as defined in topology. - When set to ComputeCluster, this means the region is a vCenter Cluster as defined in topology. - properties: - type: - description: |- - type determines the vSphere object type for a region within this failure domain. - Available types are Datacenter and ComputeCluster. - When set to Datacenter, this means the vCenter Datacenter defined is the region. - When set to ComputeCluster, this means the vCenter cluster defined is the region. - enum: - - ComputeCluster - - Datacenter - type: string - required: - - type - type: object - server: - description: server is the fully-qualified domain - name or the IP address of the vCenter server. - maxLength: 255 - minLength: 1 - type: string - topology: - description: topology describes a given failure - domain using vSphere constructs - properties: - computeCluster: - description: |- - computeCluster the absolute path of the vCenter cluster - in which virtual machine will be located. - The absolute path is of the form //host/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/host/.*? - type: string - datacenter: - description: |- - datacenter is the name of vCenter datacenter in which virtual machines will be located. - The maximum length of the datacenter name is 80 characters. - maxLength: 80 - type: string - datastore: - description: |- - datastore is the absolute path of the datastore in which the - virtual machine is located. - The absolute path is of the form //datastore/ - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/datastore/.*? - type: string - folder: - description: |- - folder is the absolute path of the folder where - virtual machines are located. The absolute path - is of the form //vm/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/vm/.*? - type: string - networks: - description: |- - networks is the list of port group network names within this failure domain. - If feature gate VSphereMultiNetworks is enabled, up to 10 network adapters may be defined. - 10 is the maximum number of virtual network devices which may be attached to a VM as defined by: - https://configmax.esp.vmware.com/guest?vmwareproduct=vSphere&release=vSphere%208.0&categories=1-0 - The available networks (port groups) can be listed using - `govc ls 'network/*'` - Networks should be in the form of an absolute path: - //network/. - items: - type: string - minItems: 1 - type: array - x-kubernetes-list-type: atomic - resourcePool: - description: |- - resourcePool is the absolute path of the resource pool where virtual machines will be - created. The absolute path is of the form //host//Resources/. - The maximum length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/host/.*?/Resources.* - type: string - template: - description: |- - template is the full inventory path of the virtual machine or template - that will be cloned when creating new machines in this failure domain. - The maximum length of the path is 2048 characters. - - When omitted, the template will be calculated by the control plane - machineset operator based on the region and zone defined in - VSpherePlatformFailureDomainSpec. - For example, for zone=zonea, region=region1, and infrastructure name=test, - the template path would be calculated as //vm/test-rhcos-region1-zonea. - maxLength: 2048 - minLength: 1 - pattern: ^/.*?/vm/.*? - type: string - required: - - computeCluster - - datacenter - - datastore - - networks - type: object - zone: - description: |- - zone defines the name of a zone tag that will - be attached to a vCenter cluster. The tag - category in vCenter must be named openshift-zone. - maxLength: 80 - minLength: 1 - type: string - zoneAffinity: - description: |- - zoneAffinity holds the type of the zone and the hostGroup which - vmGroup and the hostGroup names in vCenter corresponds to - a vm-host group of type Virtual Machine and Host respectively. Is also - contains the vmHostRule which is an affinity vm-host rule in vCenter. - properties: - hostGroup: - description: |- - hostGroup holds the vmGroup and the hostGroup names in vCenter - corresponds to a vm-host group of type Virtual Machine and Host respectively. Is also - contains the vmHostRule which is an affinity vm-host rule in vCenter. - properties: - hostGroup: - description: |- - hostGroup is the name of the vm-host group of type host within vCenter for this failure domain. - hostGroup is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - vmGroup: - description: |- - vmGroup is the name of the vm-host group of type virtual machine within vCenter for this failure domain. - vmGroup is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - vmHostRule: - description: |- - vmHostRule is the name of the affinity vm-host rule within vCenter for this failure domain. - vmHostRule is limited to 80 characters. - This field is required when the VSphereFailureDomain ZoneType is HostGroup - maxLength: 80 - minLength: 1 - type: string - required: - - hostGroup - - vmGroup - - vmHostRule - type: object - type: - description: |- - type determines the vSphere object type for a zone within this failure domain. - Available types are ComputeCluster and HostGroup. - When set to ComputeCluster, this means the vCenter cluster defined is the zone. - When set to HostGroup, hostGroup must be configured with hostGroup, vmGroup and vmHostRule and - this means the zone is defined by the grouping of those fields. - enum: - - HostGroup - - ComputeCluster - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: hostGroup is required when type is - HostGroup, and forbidden otherwise - rule: 'has(self.type) && self.type == ''HostGroup'' - ? has(self.hostGroup) : !has(self.hostGroup)' - required: - - name - - region - - server - - topology - - zone - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. - In dual stack clusters this list contains two IP addresses, one from IPv4 - family and one from IPv6. - In single stack clusters a single IP address is expected. - When omitted, values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 && isIP(self[0]) && isIP(self[1]) - ? ip(self[0]).family() != ip(self[1]).family() - : true' - machineNetworks: - description: |- - machineNetworks are IP networks used to connect all the OpenShift cluster - nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, - for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeNetworking: - description: |- - nodeNetworking contains the definition of internal and external network constraints for - assigning the node's networking. - If this field is omitted, networking defaults to the legacy - address selection behavior which is to only support a single address and - return the first one found. - properties: - external: - description: external represents the network configuration - of the node that is externally routable. - properties: - excludeNetworkSubnetCidr: - description: |- - excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's VM for use in the status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: |- - network VirtualMachine's VM Network names that will be used to when searching - for status.addresses fields. Note that if internal.networkSubnetCIDR and - external.networkSubnetCIDR are not set, then the vNIC associated to this network must - only have a single IP address assigned to it. - The available networks (port groups) can be listed using - `govc ls 'network/*'` - type: string - networkSubnetCidr: - description: |- - networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs - that will be used in respective status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: set - type: object - internal: - description: internal represents the network configuration - of the node that is routable only within the - cluster. - properties: - excludeNetworkSubnetCidr: - description: |- - excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's VM for use in the status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: |- - network VirtualMachine's VM Network names that will be used to when searching - for status.addresses fields. Note that if internal.networkSubnetCIDR and - external.networkSubnetCIDR are not set, then the vNIC associated to this network must - only have a single IP address assigned to it. - The available networks (port groups) can be listed using - `govc ls 'network/*'` - type: string - networkSubnetCidr: - description: |- - networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs - that will be used in respective status.addresses fields. - items: - type: string - type: array - x-kubernetes-list-type: set - type: object - type: object - vcenters: - description: |- - vcenters holds the connection details for services to communicate with vCenter. - Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. - Once the cluster has been installed, you are unable to change the current number of defined - vCenters except in the case where the cluster has been upgraded from a version of OpenShift - where the vsphere platform spec was not present. You may make modifications to the existing - vCenters that are defined in the vcenters list in order to match with any added or modified - failure domains. - items: - description: |- - VSpherePlatformVCenterSpec stores the vCenter connection fields. - This is used by the vSphere CCM. - properties: - datacenters: - description: |- - The vCenter Datacenters in which the RHCOS - vm guests are located. This field will - be used by the Cloud Controller Manager. - Each datacenter listed here should be used within - a topology. - items: - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - port: - description: |- - port is the TCP port that will be used to communicate to - the vCenter endpoint. - When omitted, this means the user has no opinion and - it is up to the platform to choose a sensible default, - which is subject to change over time. - format: int32 - maximum: 32767 - minimum: 1 - type: integer - server: - description: server is the fully-qualified domain - name or the IP address of the vCenter server. - maxLength: 255 - type: string - required: - - datacenters - - server - type: object - maxItems: 3 - minItems: 0 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: vcenters cannot be added or removed once - set - rule: 'size(self) != size(oldSelf) ? size(oldSelf) - == 0 && size(self) < 2 : true' - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - - message: vcenters can have at most 1 item when configured - post-install - rule: '!has(oldSelf.vcenters) && has(self.vcenters) - ? size(self.vcenters) < 2 : true' - type: object - x-kubernetes-validations: - - message: vcenters can have at most 1 item when configured - post-install - rule: '!has(oldSelf.vsphere) && has(self.vsphere) ? size(self.vsphere.vcenters) - < 2 : true' - type: object - status: - description: status holds observed values from the cluster. They - may not be overridden. - properties: - apiServerInternalURI: - description: |- - apiServerInternalURL is a valid URI with scheme 'https', - address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components - like kubelets, to contact the Kubernetes API server using the - infrastructure provider rather than Kubernetes networking. - type: string - apiServerURL: - description: |- - apiServerURL is a valid URI with scheme 'https', address and - optionally a port (defaulting to 443). apiServerURL can be used by components like the web console - to tell users where to find the Kubernetes API. - type: string - controlPlaneTopology: - default: HighlyAvailable - description: |- - controlPlaneTopology expresses the expectations for operands that normally run on control nodes. - The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. - The 'SingleReplica' mode will be used in single-node deployments - and the operators should not configure the operand for highly-available operation - The 'External' mode indicates that the control plane is hosted externally to the cluster and that - its components are not visible within the cluster. - type: string - cpuPartitioning: - default: None - description: |- - cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. - CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. - Valid values are "None" and "AllNodes". When omitted, the default value is "None". - The default value of "None" indicates that no nodes will be setup with CPU partitioning. - The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, - and can then be further configured via the PerformanceProfile API. - enum: - - None - - AllNodes - type: string - etcdDiscoveryDomain: - description: |- - etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering - etcd servers and clients. - For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery - deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release. - type: string - infrastructureName: - description: |- - infrastructureName uniquely identifies a cluster with a human friendly name. - Once set it should not be changed. Must be of max length 27 and must have only - alphanumeric or hyphen characters. - type: string - infrastructureTopology: - default: HighlyAvailable - description: |- - infrastructureTopology expresses the expectations for infrastructure services that do not run on control - plane nodes, usually indicated by a node selector for a `role` value - other than `master`. - The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. - The 'SingleReplica' mode will be used in single-node deployments - and the operators should not configure the operand for highly-available operation - NOTE: External topology mode is not applicable for this field. - enum: - - HighlyAvailable - - SingleReplica - type: string - platform: - description: |- - platform is the underlying infrastructure provider for the cluster. - - Deprecated: Use platformStatus.type instead. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - platformStatus: - description: |- - platformStatus holds status information specific to the underlying - infrastructure provider. - properties: - alibabaCloud: - description: alibabaCloud contains settings specific to - the Alibaba Cloud infrastructure provider. - properties: - region: - description: region specifies the region for Alibaba - Cloud resources created for the cluster. - pattern: ^[0-9A-Za-z-]+$ - type: string - resourceGroupID: - description: resourceGroupID is the ID of the resource - group for the cluster. - pattern: ^(rg-[0-9A-Za-z]+)?$ - type: string - resourceTags: - description: resourceTags is a list of additional - tags to apply to Alibaba Cloud resources created - for the cluster. - items: - description: AlibabaCloudResourceTag is the set - of tags to add to apply to resources. - properties: - key: - description: key is the key of the tag. - maxLength: 128 - minLength: 1 - type: string - value: - description: value is the value of the tag. - maxLength: 128 - minLength: 1 - type: string - required: - - key - - value - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - required: - - region - type: object - aws: - description: aws contains settings specific to the Amazon - Web Services infrastructure provider. - properties: - region: - description: region holds the default AWS region for - new AWS resources created by the cluster. - type: string - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to AWS resources created for the cluster. - See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. - AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags - available for the user. - items: - description: AWSResourceTag is a tag to apply to - AWS resources created for the cluster. - properties: - key: - description: |- - key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. - Key should consist of between 1 and 128 characters, and may - contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. - maxLength: 128 - minLength: 1 - type: string - x-kubernetes-validations: - - message: invalid AWS resource tag key. The - string can contain only the set of alphanumeric - characters, space (' '), '_', '.', '/', - '=', '+', '-', ':', '@' - rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$') - value: - description: |- - value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. - Value should consist of between 1 and 256 characters, and may - contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. - Some AWS service do not support empty values. Since tags are added to resources in many services, the - length of the tag value must meet the requirements of all services. - maxLength: 256 - minLength: 1 - type: string - x-kubernetes-validations: - - message: invalid AWS resource tag value. The - string can contain only the set of alphanumeric - characters, space (' '), '_', '.', '/', - '=', '+', '-', ':', '@' - rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$') - required: - - key - - value - type: object - maxItems: 25 - type: array - x-kubernetes-list-type: atomic - serviceEndpoints: - description: |- - serviceEndpoints list contains custom endpoints which will override default - service endpoint of AWS Services. - There must be only one ServiceEndpoint for a service. - items: - description: |- - AWSServiceEndpoint store the configuration of a custom url to - override existing defaults of AWS Services. - properties: - name: - description: |- - name is the name of the AWS service. - The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - pattern: ^https:// - type: string - type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: azure contains settings specific to the Azure - infrastructure provider. - properties: - armEndpoint: - description: armEndpoint specifies a URL to use for - resource management in non-soverign clouds such - as Azure Stack. - type: string - cloudName: - description: |- - cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK - with the appropriate Azure API endpoints. - If empty, the value is equal to `AzurePublicCloud`. - enum: - - "" - - AzurePublicCloud - - AzureUSGovernmentCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureStackCloud - type: string - networkResourceGroupName: - description: |- - networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. - If empty, the value is same as ResourceGroupName. - type: string - resourceGroupName: - description: resourceGroupName is the Resource Group - for new Azure resources created for the cluster. - type: string - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to Azure resources created for the cluster. - See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. - Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags - may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. - items: - description: AzureResourceTag is a tag to apply - to Azure resources created for the cluster. - properties: - key: - description: |- - key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key - must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric - characters and the following special characters `_ . -`. - maxLength: 128 - minLength: 1 - pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ - type: string - value: - description: |- - value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value - must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`. - maxLength: 256 - minLength: 1 - pattern: ^[0-9A-Za-z_.=+-@]+$ - type: string - required: - - key - - value - type: object - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: resourceTags are immutable and may only - be configured during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, - x in self) - type: object - x-kubernetes-validations: - - message: resourceTags may only be configured during - installation - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) - || has(oldSelf.resourceTags) && has(self.resourceTags)' - baremetal: - description: baremetal contains settings specific to the - BareMetal platform. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on BareMetal platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - BareMetal deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - equinixMetal: - description: equinixMetal contains settings specific to - the Equinix Metal infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - type: string - type: object - external: - description: external contains settings specific to the - generic External infrastructure provider. - properties: - cloudControllerManager: - description: |- - cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). - When omitted, new nodes will be not tainted - and no extra initialization from the cloud controller manager is expected. - properties: - state: - description: |- - state determines whether or not an external Cloud Controller Manager is expected to - be installed within the cluster. - https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager - - Valid values are "External", "None" and omitted. - When set to "External", new nodes will be tainted as uninitialized when created, - preventing them from running workloads until they are initialized by the cloud controller manager. - When omitted or set to "None", new nodes will be not tainted - and no extra initialization from the cloud controller manager is expected. - enum: - - "" - - External - - None - type: string - x-kubernetes-validations: - - message: state is immutable once set - rule: self == oldSelf - type: object - x-kubernetes-validations: - - message: state may not be added or removed once - set - rule: (has(self.state) == has(oldSelf.state)) || - (!has(oldSelf.state) && self.state != "External") - type: object - x-kubernetes-validations: - - message: cloudControllerManager may not be added or - removed once set - rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) - gcp: - description: gcp contains settings specific to the Google - Cloud Platform infrastructure provider. - properties: - cloudLoadBalancerConfig: - default: - dnsType: PlatformDefault - description: |- - cloudLoadBalancerConfig holds configuration related to DNS and cloud - load balancers. It allows configuration of in-cluster DNS as an alternative - to the platform default DNS implementation. - When using the ClusterHosted DNS type, Load Balancer IP addresses - must be provided for the API and internal API load balancers as well as the - ingress load balancer. - nullable: true - properties: - clusterHosted: - description: |- - clusterHosted holds the IP addresses of API, API-Int and Ingress Load - Balancers on Cloud Platforms. The DNS solution hosted within the cluster - use these IP addresses to provide resolution for API, API-Int and Ingress - services. - properties: - apiIntLoadBalancerIPs: - description: |- - apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Entries in the apiIntLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, - "10.0.0.0" or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - apiLoadBalancerIPs: - description: |- - apiLoadBalancerIPs holds Load Balancer IPs for the API service. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Could be empty for private clusters. - Entries in the apiLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, - "10.0.0.0" or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - ingressLoadBalancerIPs: - description: |- - ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. - These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. - Entries in the ingressLoadBalancerIPs must be unique. - A maximum of 16 IP addresses are permitted. - format: ip - items: - description: IP is an IP address (for example, - "10.0.0.0" or "fd00::"). - maxLength: 39 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid IP address - rule: isIP(self) - maxItems: 16 - type: array - x-kubernetes-list-type: set - type: object - dnsType: - default: PlatformDefault - description: |- - dnsType indicates the type of DNS solution in use within the cluster. Its default value of - `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. - It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, - the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. - The cluster's use of the cloud's Load Balancers is unaffected by this setting. - The value is immutable after it has been set at install time. - Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. - Enabling this functionality allows the user to start their own DNS solution outside the cluster after - installation is complete. The customer would be responsible for configuring this custom DNS solution, - and it can be run in addition to the in-cluster DNS solution. - enum: - - ClusterHosted - - PlatformDefault - type: string - x-kubernetes-validations: - - message: dnsType is immutable - rule: oldSelf == '' || self == oldSelf - type: object - x-kubernetes-validations: - - message: clusterHosted is permitted only when dnsType - is ClusterHosted - rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' - ? !has(self.clusterHosted) : true' - projectID: - description: resourceGroupName is the Project ID for - new GCP resources created for the cluster. - type: string - region: - description: region holds the region for new GCP resources - created for the cluster. - type: string - resourceLabels: - description: |- - resourceLabels is a list of additional labels to apply to GCP resources created for the cluster. - See https://cloud.google.com/compute/docs/labeling-resources for information on labeling GCP resources. - GCP supports a maximum of 64 labels per resource. OpenShift reserves 32 labels for internal use, - allowing 32 labels for user configuration. - items: - description: GCPResourceLabel is a label to apply - to GCP resources created for the cluster. - properties: - key: - description: |- - key is the key part of the label. A label key can have a maximum of 63 characters and cannot be empty. - Label key must begin with a lowercase letter, and must contain only lowercase letters, numeric characters, - and the following special characters `_-`. Label key must not have the reserved prefixes `kubernetes-io` - and `openshift-io`. - maxLength: 63 - minLength: 1 - pattern: ^[a-z][0-9a-z_-]{0,62}$ - type: string - x-kubernetes-validations: - - message: label keys must not start with either - `openshift-io` or `kubernetes-io` - rule: '!self.startsWith(''openshift-io'') - && !self.startsWith(''kubernetes-io'')' - value: - description: |- - value is the value part of the label. A label value can have a maximum of 63 characters and cannot be empty. - Value must contain only lowercase letters, numeric characters, and the following special characters `_-`. - maxLength: 63 - minLength: 1 - pattern: ^[0-9a-z_-]{1,63}$ - type: string - required: - - key - - value - type: object - maxItems: 32 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: resourceLabels are immutable and may only - be configured during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, - x in self) - resourceTags: - description: |- - resourceTags is a list of additional tags to apply to GCP resources created for the cluster. - See https://cloud.google.com/resource-manager/docs/tags/tags-overview for information on - tagging GCP resources. GCP supports a maximum of 50 tags per resource. - items: - description: GCPResourceTag is a tag to apply to - GCP resources created for the cluster. - properties: - key: - description: |- - key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot be empty. - Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase - alphanumeric characters, and the following special characters `._-`. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.-]{0,61}[a-zA-Z0-9])?$ - type: string - parentID: - description: |- - parentID is the ID of the hierarchical resource where the tags are defined, - e.g. at the Organization or the Project level. To find the Organization or Project ID refer to the following pages: - https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, - https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. - An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. - A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, - and hyphens, and must start with a letter, and cannot end with a hyphen. - maxLength: 32 - minLength: 1 - pattern: (^[1-9][0-9]{0,31}$)|(^[a-z][a-z0-9-]{4,28}[a-z0-9]$) - type: string - value: - description: |- - value is the value part of the tag. A tag value can have a maximum of 63 characters and cannot be empty. - Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase - alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.@%=+:,*#&()\[\]{}\-\s]{0,61}[a-zA-Z0-9])?$ - type: string - required: - - key - - parentID - - value - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: resourceTags are immutable and may only - be configured during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, - x in self) - type: object - x-kubernetes-validations: - - message: resourceLabels may only be configured during - installation - rule: '!has(oldSelf.resourceLabels) && !has(self.resourceLabels) - || has(oldSelf.resourceLabels) && has(self.resourceLabels)' - - message: resourceTags may only be configured during - installation - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) - || has(oldSelf.resourceTags) && has(self.resourceTags)' - ibmcloud: - description: ibmcloud contains settings specific to the - IBMCloud infrastructure provider. - properties: - cisInstanceCRN: - description: |- - cisInstanceCRN is the CRN of the Cloud Internet Services instance managing - the DNS zone for the cluster's base domain - type: string - dnsInstanceCRN: - description: |- - dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone - for the cluster's base domain - type: string - location: - description: location is where the cluster has been - deployed - type: string - providerType: - description: providerType indicates the type of cluster - that was created - type: string - resourceGroupName: - description: resourceGroupName is the Resource Group - for new IBMCloud resources created for the cluster. - type: string - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of an IBM service. These endpoints are used by components - within the cluster when trying to reach the IBM Cloud Services that have been - overridden. The CCCMO reads in the IBMCloudPlatformSpec and validates each - endpoint is resolvable. Once validated, the cloud config and IBMCloudPlatformStatus - are updated to reflect the same custom endpoints. - items: - description: |- - IBMCloudServiceEndpoint stores the configuration of a custom url to - override existing defaults of IBM Cloud Services. - properties: - name: - description: |- - name is the name of the IBM Cloud service. - Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. - For example, the IBM Cloud Private IAM service could be configured with the - service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` - Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured - with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com` - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. The path must follow the pattern - /v[0,9]+ or /api/v[0,9]+ - maxLength: 300 - type: string - x-kubernetes-validations: - - message: url must be a valid absolute URL - rule: isURL(self) - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - kubevirt: - description: kubevirt contains settings specific to the - kubevirt infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - type: string - type: object - nutanix: - description: nutanix contains settings specific to the - Nutanix infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on Nutanix platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - type: object - openstack: - description: openstack contains settings specific to the - OpenStack infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - cloudName: - description: |- - cloudName is the name of the desired OpenStack cloud in the - client configuration file (`clouds.yaml`). - type: string - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on OpenStack platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - OpenStack deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - ovirt: - description: ovirt contains settings specific to the oVirt - infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on Ovirt platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - nodeDNSIP: - description: 'deprecated: as of 4.6, this field is - no longer set or honored. It will be removed in - a future release.' - type: string - type: object - powervs: - description: powervs contains settings specific to the - Power Systems Virtual Servers infrastructure provider. - properties: - cisInstanceCRN: - description: |- - cisInstanceCRN is the CRN of the Cloud Internet Services instance managing - the DNS zone for the cluster's base domain - type: string - dnsInstanceCRN: - description: |- - dnsInstanceCRN is the CRN of the DNS Services instance managing the DNS zone - for the cluster's base domain - type: string - region: - description: region holds the default Power VS region - for new Power VS resources created by the cluster. - type: string - resourceGroup: - description: |- - resourceGroup is the resource group name for new IBMCloud resources created for a cluster. - The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. - More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. - When omitted, the image registry operator won't be able to configure storage, - which results in the image registry cluster operator not being in an available state. - maxLength: 40 - pattern: ^[a-zA-Z0-9-_ ]+$ - type: string - x-kubernetes-validations: - - message: resourceGroup is immutable once set - rule: oldSelf == '' || self == oldSelf - serviceEndpoints: - description: |- - serviceEndpoints is a list of custom endpoints which will override the default - service endpoints of a Power VS service. - items: - description: |- - PowervsServiceEndpoint stores the configuration of a custom url to - override existing defaults of PowerVS Services. - properties: - name: - description: |- - name is the name of the Power VS service. - Few of the services are - IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - enum: - - CIS - - COS - - COSConfig - - DNSServices - - GlobalCatalog - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - Power - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: |- - url is fully qualified URI with scheme https, that overrides the default generated - endpoint for a client. - This must be provided and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - zone: - description: |- - zone holds the default zone for the new Power VS resources created by the cluster. - Note: Currently only single-zone OCP clusters are supported - type: string - type: object - x-kubernetes-validations: - - message: cannot unset resourceGroup once set - rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' - type: - description: |- - type is the underlying infrastructure provider for the cluster. This - value controls whether infrastructure automation such as service load - balancers, dynamic volume provisioning, machine creation and deletion, and - other integrations are enabled. If None, no infrastructure automation is - enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". - Individual components may not support all platforms, and must handle - unrecognized platforms as None if they do not support that platform. - - This value will be synced with to the `status.platform` and `status.platformStatus.type`. - Currently this value cannot be changed once set. - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - vsphere: - description: vsphere contains settings specific to the - VSphere infrastructure provider. - properties: - apiServerInternalIP: - description: |- - apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used - by components inside the cluster, like kubelets using the infrastructure rather - than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer in front of the API servers. - - Deprecated: Use APIServerInternalIPs instead. - type: string - apiServerInternalIPs: - description: |- - apiServerInternalIPs are the IP addresses to contact the Kubernetes API - server that can be used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes networking. These are the - IPs for a self-hosted load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - ingressIP: - description: |- - ingressIP is an external IP which routes to the default ingress controller. - The IP is a suitable target of a wildcard DNS record used to resolve default route host names. - - Deprecated: Use IngressIPs instead. - type: string - ingressIPs: - description: |- - ingressIPs are the external IPs which route to the default ingress - controller. The IPs are suitable targets of a wildcard DNS record used to - resolve default route host names. In dual stack clusters this list - contains two IPs otherwise only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'self == oldSelf || (size(self) == 2 && isIP(self[0]) - && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() - : true)' - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: |- - type defines the type of load balancer used by the cluster on VSphere platform - which can be a user-managed or openshift-managed load balancer - that is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be deployed and it is expected that - the load balancer is configured out of band by the deployer. - When omitted, this means no opinion and the platform is left to choose a reasonable default. - The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - maxLength: 43 - minLength: 1 - type: string - x-kubernetes-validations: - - message: value must be a valid CIDR network address - rule: isCIDR(self) - maxItems: 32 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - rule: self.all(x, self.exists_one(y, x == y)) - nodeDNSIP: - description: |- - nodeDNSIP is the IP address for the internal DNS used by the - nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` - provides name resolution for the nodes themselves. There is no DNS-as-a-service for - vSphere deployments. In order to minimize necessary changes to the - datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - type: object - type: object - required: - - spec - type: object - x-kubernetes-embedded-resource: true - internalRegistryPullSecret: - description: |- - internalRegistryPullSecret is the pull secret for the internal registry, used by - rpm-ostree to pull images from the internal registry if present - format: byte - nullable: true - type: string - ipFamilies: - description: ipFamilies indicates the IP families in use by the cluster - network - type: string - kubeAPIServerServingCAData: - description: kubeAPIServerServingCAData managed Kubelet to API Server - Cert... Rotated automatically - format: byte - type: string - network: - description: network contains additional network related information - nullable: true - properties: - mtuMigration: - description: mtuMigration contains the MTU migration configuration. - nullable: true - properties: - machine: - description: machine contains MTU migration configuration - for the machine's uplink. - properties: - from: - description: from is the MTU to migrate from. - format: int32 - minimum: 0 - type: integer - to: - description: to is the MTU to migrate to. - format: int32 - minimum: 0 - type: integer - type: object - network: - description: network contains MTU migration configuration - for the default network. - properties: - from: - description: from is the MTU to migrate from. - format: int32 - minimum: 0 - type: integer - to: - description: to is the MTU to migrate to. - format: int32 - minimum: 0 - type: integer - type: object - type: object - required: - - mtuMigration - type: object - networkType: - description: |- - networkType holds the type of network the cluster is using - XXX: this is temporary and will be dropped as soon as possible in favor of a better support - to start network related services the proper way. - Nobody is also changing this once the cluster is up and running the first time, so, disallow - regeneration if this changes. - type: string - osImageURL: - description: osImageURL is the old-format container image that contains - the OS update payload. - type: string - platform: - description: platform is deprecated, use Infra.Status.PlatformStatus.Type - instead - type: string - proxy: - description: proxy holds the current proxy configuration for the nodes - nullable: true - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames and/or - CIDRs for which the proxy should not be used. - type: string - type: object - pullSecret: - description: |- - pullSecret is the default pull secret that needs to be installed - on all machines. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - releaseImage: - description: releaseImage is the image used when installing the cluster - type: string - rootCAData: - description: rootCAData specifies the root CA data - format: byte - type: string - required: - - additionalTrustBundle - - baseOSContainerImage - - cloudProviderCAData - - cloudProviderConfig - - clusterDNSIP - - dns - - images - - infra - - ipFamilies - - kubeAPIServerServingCAData - - network - - proxy - - releaseImage - - rootCAData - type: object - status: - description: status contains observed information about the controller - config. - properties: - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: ControllerConfigStatusCondition contains condition - information for ControllerConfigStatus - properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status object. - format: date-time - nullable: true - type: string - message: - description: |- - message provides additional information about the current condition. - This is only to be consumed by humans. - type: string - reason: - description: reason is the reason for the condition's last transition. Reasons - are PascalCase - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type specifies the state of the operator's reconciliation - functionality. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerCertificates: - description: controllerCertificates represents the latest available - observations of the automatically rotating certificates in the MCO. - items: - description: ControllerCertificate contains info about a specific - cert. - properties: - bundleFile: - description: bundleFile is the larger bundle a cert comes from - type: string - notAfter: - description: notAfter is the upper boundary for validity - format: date-time - type: string - notBefore: - description: notBefore is the lower boundary for validity - format: date-time - type: string - signer: - description: signer is the cert Issuer - type: string - subject: - description: subject is the cert subject - type: string - required: - - bundleFile - - signer - - subject - type: object - type: array - x-kubernetes-list-type: atomic - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter+DualReplica.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter+DualReplica.yaml index a3619b08be1..05f10559f87 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter+DualReplica.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter+DualReplica.yaml @@ -1780,6 +1780,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter.yaml index fbfcee89826..bdba8466ad4 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/HighlyAvailableArbiter.yaml @@ -1778,6 +1778,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/NutanixMultiSubnets.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/NutanixMultiSubnets.yaml index c5a659d8ea4..a163fb94d98 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/NutanixMultiSubnets.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/NutanixMultiSubnets.yaml @@ -1779,6 +1779,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/OnPremDNSRecords.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/OnPremDNSRecords.yaml index f36c703ab25..62d82ecb7fa 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/OnPremDNSRecords.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/OnPremDNSRecords.yaml @@ -1797,6 +1797,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereHostVMGroupZonal.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereHostVMGroupZonal.yaml index 2a12b07f07c..f4d23b1b5e3 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereHostVMGroupZonal.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereHostVMGroupZonal.yaml @@ -1786,6 +1786,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereMultiNetworks.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereMultiNetworks.yaml index 27b3501b505..60c88893b0c 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereMultiNetworks.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/controllerconfigs.machineconfiguration.openshift.io/VSphereMultiNetworks.yaml @@ -1774,6 +1774,110 @@ spec: description: gcp contains settings specific to the Google Cloud Platform infrastructure provider. properties: + cloudLoadBalancerConfig: + default: + dnsType: PlatformDefault + description: |- + cloudLoadBalancerConfig holds configuration related to DNS and cloud + load balancers. It allows configuration of in-cluster DNS as an alternative + to the platform default DNS implementation. + When using the ClusterHosted DNS type, Load Balancer IP addresses + must be provided for the API and internal API load balancers as well as the + ingress load balancer. + nullable: true + properties: + clusterHosted: + description: |- + clusterHosted holds the IP addresses of API, API-Int and Ingress Load + Balancers on Cloud Platforms. The DNS solution hosted within the cluster + use these IP addresses to provide resolution for API, API-Int and Ingress + services. + properties: + apiIntLoadBalancerIPs: + description: |- + apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the apiIntLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: |- + apiLoadBalancerIPs holds Load Balancer IPs for the API service. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Could be empty for private clusters. + Entries in the apiLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: |- + ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. + These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. + Entries in the ingressLoadBalancerIPs must be unique. + A maximum of 16 IP addresses are permitted. + format: ip + items: + description: IP is an IP address (for example, + "10.0.0.0" or "fd00::"). + maxLength: 39 + minLength: 1 + type: string + x-kubernetes-validations: + - message: value must be a valid IP address + rule: isIP(self) + maxItems: 16 + type: array + x-kubernetes-list-type: set + type: object + dnsType: + default: PlatformDefault + description: |- + dnsType indicates the type of DNS solution in use within the cluster. Its default value of + `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. + It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, + the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. + The cluster's use of the cloud's Load Balancers is unaffected by this setting. + The value is immutable after it has been set at install time. + Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. + Enabling this functionality allows the user to start their own DNS solution outside the cluster after + installation is complete. The customer would be responsible for configuring this custom DNS solution, + and it can be run in addition to the in-cluster DNS solution. + enum: + - ClusterHosted + - PlatformDefault + type: string + x-kubernetes-validations: + - message: dnsType is immutable + rule: oldSelf == '' || self == oldSelf + type: object + x-kubernetes-validations: + - message: clusterHosted is permitted only when dnsType + is ClusterHosted + rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' + ? !has(self.clusterHosted) : true' projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. diff --git a/openapi/openapi.json b/openapi/openapi.json index 6a6bc8edbc0..cb63bce2600 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -15949,6 +15949,10 @@ "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1.APIServerServingCerts" }, + "tlsAdherence": { + "description": "tlsAdherence controls if components in the cluster adhere to the TLS security profile configured on this APIServer resource.\n\nValid values are \"LegacyAdheringComponentsOnly\" and \"StrictAllComponents\".\n\nWhen set to \"LegacyAdheringComponentsOnly\", components that already honor the cluster-wide TLS profile continue to do so. Components that do not already honor it continue to use their individual TLS configurations.\n\nWhen set to \"StrictAllComponents\", all components must honor the configured TLS profile unless they have a component-specific TLS configuration that overrides it. This mode is recommended for security-conscious deployments and is required for certain compliance frameworks.\n\nNote: Some components such as Kubelet and IngressController have their own dedicated TLS configuration mechanisms via KubeletConfig and IngressController CRs respectively. When these component-specific TLS configurations are set, they take precedence over the cluster-wide tlsSecurityProfile. When not set, these components fall back to the cluster-wide default.\n\nComponents that encounter an unknown value for tlsAdherence should treat it as \"StrictAllComponents\" and log a warning to ensure forward compatibility while defaulting to the more secure behavior.\n\nThis field is optional. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is LegacyAdheringComponentsOnly.\n\nOnce set, this field may be changed to a different value, but may not be removed.", + "type": "string" + }, "tlsSecurityProfile": { "description": "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is the Intermediate profile.", "$ref": "#/definitions/com.github.openshift.api.config.v1.TLSSecurityProfile" @@ -24078,109 +24082,6 @@ } } }, - "com.github.openshift.api.config.v1alpha1.ClusterImagePolicy": { - "description": "ClusterImagePolicy holds cluster-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "default": {}, - "$ref": "#/definitions/ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "spec": { - "description": "spec contains the configuration for the cluster image policy.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec" - }, - "status": { - "description": "status contains the observed state of the resource.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ClusterImagePolicyList": { - "description": "ClusterImagePolicyList is a list of ClusterImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "metadata", - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ClusterImagePolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "default": {}, - "$ref": "#/definitions/ListMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec": { - "description": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.", - "type": "object", - "required": [ - "scopes", - "policy" - ], - "properties": { - "policy": { - "description": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy" - }, - "scopes": { - "description": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "type": "array", - "items": { - "type": "string", - "default": "" - }, - "x-kubernetes-list-type": "set" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus": { - "type": "object", - "properties": { - "conditions": { - "description": "conditions provide details on the status of this API Resource.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/Condition.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" - } - } - }, "com.github.openshift.api.config.v1alpha1.ClusterMonitoring": { "description": "ClusterMonitoring is the Custom Resource object which holds the current status of Cluster Monitoring Operator. CMO is a central component of the monitoring stack.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. ClusterMonitoring is the Schema for the Cluster Monitoring Operators API", "type": "object", @@ -24443,198 +24344,6 @@ } } }, - "com.github.openshift.api.config.v1alpha1.ImagePolicy": { - "description": "ImagePolicy holds namespace-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "default": {}, - "$ref": "#/definitions/ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "spec": { - "description": "spec holds user settable values for configuration", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicySpec" - }, - "status": { - "description": "status contains the observed state of the resource.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicyStatus" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust": { - "description": "ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key.", - "type": "object", - "required": [ - "fulcioCAData", - "rekorKeyData", - "fulcioSubject" - ], - "properties": { - "fulcioCAData": { - "description": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - "type": "string", - "format": "byte" - }, - "fulcioSubject": { - "description": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject" - }, - "rekorKeyData": { - "description": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "type": "string", - "format": "byte" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicyList": { - "description": "ImagePolicyList is a list of ImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "metadata", - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "default": {}, - "$ref": "#/definitions/ListMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust": { - "description": "ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates.", - "type": "object", - "required": [ - "caRootsData", - "pkiCertificateSubject" - ], - "properties": { - "caIntermediatesData": { - "description": "caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. caIntermediatesData requires caRootsData to be set.", - "type": "string", - "format": "byte" - }, - "caRootsData": { - "description": "caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters.", - "type": "string", - "format": "byte" - }, - "pkiCertificateSubject": { - "description": "pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PKICertificateSubject" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust": { - "description": "ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key.", - "type": "object", - "required": [ - "keyData" - ], - "properties": { - "keyData": { - "description": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - "type": "string", - "format": "byte" - }, - "rekorKeyData": { - "description": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "type": "string", - "format": "byte" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicySpec": { - "description": "ImagePolicySpec is the specification of the ImagePolicy CRD.", - "type": "object", - "required": [ - "scopes", - "policy" - ], - "properties": { - "policy": { - "description": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy" - }, - "scopes": { - "description": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "type": "array", - "items": { - "type": "string", - "default": "" - }, - "x-kubernetes-list-type": "set" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImagePolicyStatus": { - "type": "object", - "properties": { - "conditions": { - "description": "conditions provide details on the status of this API Resource.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/Condition.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" - } - } - }, - "com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy": { - "description": "ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list.", - "type": "object", - "required": [ - "rootOfTrust" - ], - "properties": { - "rootOfTrust": { - "description": "rootOfTrust specifies the root of trust for the policy.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust" - }, - "signedIdentity": { - "description": "signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PolicyIdentity" - } - } - }, "com.github.openshift.api.config.v1alpha1.InsightsDataGather": { "description": "InsightsDataGather provides data gather configuration options for the the Insights Operator.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "type": "object", @@ -25049,20 +24758,6 @@ } ] }, - "com.github.openshift.api.config.v1alpha1.PKICertificateSubject": { - "description": "PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "type": "object", - "properties": { - "email": { - "description": "email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. The email should be a valid email address and at most 320 characters in length.", - "type": "string" - }, - "hostname": { - "description": "hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk.", - "type": "string" - } - } - }, "com.github.openshift.api.config.v1alpha1.PKIList": { "description": "PKIList is a collection of PKI resources.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "type": "object", @@ -25154,138 +24849,19 @@ "description": "persistentVolumeConfig provides configuration options for PersistentVolume storage.", "type": "object", "required": [ - "claim" - ], - "properties": { - "claim": { - "description": "claim is a required field that specifies the configuration of the PersistentVolumeClaim that will be used to store the Insights data archive. The PersistentVolumeClaim must be created in the openshift-insights namespace.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference" - }, - "mountPath": { - "description": "mountPath is an optional field specifying the directory where the PVC will be mounted inside the Insights data gathering Pod. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default mount path is /var/lib/insights-operator The path may not exceed 1024 characters and must not contain a colon.", - "type": "string" - } - } - }, - "com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject": { - "description": "PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration.", - "type": "object", - "required": [ - "oidcIssuer", - "signedEmail" - ], - "properties": { - "oidcIssuer": { - "description": "oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. Example: \"https://expected.OIDC.issuer/\"", - "type": "string", - "default": "" - }, - "signedEmail": { - "description": "signedEmail holds the email address the the Fulcio certificate is issued for. Example: \"expected-signing-user@example.com\"", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.config.v1alpha1.PolicyIdentity": { - "description": "PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "type": "object", - "required": [ - "matchPolicy" - ], - "properties": { - "exactRepository": { - "description": "exactRepository is required if matchPolicy is set to \"ExactRepository\".", - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository" - }, - "matchPolicy": { - "description": "matchPolicy sets the type of matching to be used. Valid values are \"MatchRepoDigestOrExact\", \"MatchRepository\", \"ExactRepository\", \"RemapIdentity\". When omitted, the default value is \"MatchRepoDigestOrExact\". If set matchPolicy to ExactRepository, then the exactRepository must be specified. If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. \"MatchRepoDigestOrExact\" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. \"MatchRepository\" means that the identity in the signature must be in the same repository as the image identity. \"ExactRepository\" means that the identity in the signature must be in the same repository as a specific identity specified by \"repository\". \"RemapIdentity\" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the \"prefix\" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix.", - "type": "string", - "default": "" - }, - "remapIdentity": { - "description": "remapIdentity is required if matchPolicy is set to \"RemapIdentity\".", - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity" - } - }, - "x-kubernetes-unions": [ - { - "discriminator": "matchPolicy", - "fields-to-discriminateBy": { - "exactRepository": "PolicyMatchExactRepository", - "remapIdentity": "PolicyMatchRemapIdentity" - } - } - ] - }, - "com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository": { - "type": "object", - "required": [ - "repository" - ], - "properties": { - "repository": { - "description": "repository is the reference of the image identity to be matched. The value should be a repository name (by omitting the tag or digest) in a registry implementing the \"Docker Registry HTTP API V2\". For example, docker.io/library/busybox", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity": { - "type": "object", - "required": [ - "prefix", - "signedPrefix" - ], - "properties": { - "prefix": { - "description": "prefix is the prefix of the image identity to be matched. If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "type": "string", - "default": "" - }, - "signedPrefix": { - "description": "signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as \"prefix\". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust": { - "description": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "type": "object", - "required": [ - "policyType" - ], - "properties": { - "fulcioCAWithRekor": { - "description": "fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust" - }, - "pki": { - "description": "pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates.", - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust" - }, - "policyType": { - "description": "policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. \"PublicKey\" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. \"FulcioCAWithRekor\" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. \"PKI\" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", - "type": "string", - "default": "" - }, - "publicKey": { - "description": "publicKey defines the root of trust based on a sigstore public key.", - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust" - } - }, - "x-kubernetes-unions": [ - { - "discriminator": "policyType", - "fields-to-discriminateBy": { - "fulcioCAWithRekor": "FulcioCAWithRekor", - "pki": "PKI", - "publicKey": "PublicKey" - } + "claim" + ], + "properties": { + "claim": { + "description": "claim is a required field that specifies the configuration of the PersistentVolumeClaim that will be used to store the Insights data archive. The PersistentVolumeClaim must be created in the openshift-insights namespace.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference" + }, + "mountPath": { + "description": "mountPath is an optional field specifying the directory where the PVC will be mounted inside the Insights data gathering Pod. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default mount path is /var/lib/insights-operator The path may not exceed 1024 characters and must not contain a colon.", + "type": "string" } - ] + } }, "com.github.openshift.api.config.v1alpha1.PrometheusConfig": { "description": "PrometheusConfig provides configuration options for the Prometheus instance. Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", @@ -38699,214 +38275,6 @@ } } }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference": { - "description": "MCOObjectReference holds information about an object the MCO either owns or modifies in some way", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "name is the name of the object being referenced. For example, this can represent a machine config pool or node name. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode": { - "description": "MachineConfigNode describes the health of the Machines on the system Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard object metadata.", - "default": {}, - "$ref": "#/definitions/ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "spec": { - "description": "spec describes the configuration of the machine config node.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec" - }, - "status": { - "description": "status describes the last observed state of this machine config node.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeList": { - "description": "MachineConfigNodeList describes all of the MachinesStates on the system\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items contains a collection of MachineConfigNode resources.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list metadata.", - "default": {}, - "$ref": "#/definitions/ListMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec": { - "description": "MachineConfigNodeSpec describes the MachineConfigNode we are managing.", - "type": "object", - "required": [ - "node", - "pool", - "configVersion" - ], - "properties": { - "configVersion": { - "description": "configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates the new machine config against the current machine config.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion" - }, - "node": { - "description": "node contains a reference to the node for this machine config node.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference" - }, - "pool": { - "description": "pool contains a reference to the machine config pool that this machine config node's referenced node belongs to.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion": { - "description": "MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will take account of upgrade related events. Otherwise, they will be ignored given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "type": "object", - "required": [ - "desired" - ], - "properties": { - "desired": { - "description": "desired is the name of the machine config that the the node should be upgraded to. This value is set when the machine config pool generates a new version of its rendered configuration. When this value is changed, the machine config daemon starts the node upgrade process. This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus": { - "description": "MachineConfigNodeStatus holds the reported information on a particular machine config node.", - "type": "object", - "required": [ - "configVersion" - ], - "properties": { - "conditions": { - "description": "conditions represent the observations of a machine config node's current state.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/Condition.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" - }, - "configVersion": { - "description": "configVersion describes the current and desired machine config version for this node.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion" - }, - "observedGeneration": { - "description": "observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec.", - "type": "integer", - "format": "int64" - }, - "pinnedImageSets": { - "description": "pinnedImageSets describes the current and desired pinned image sets for this node.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet" - }, - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion": { - "description": "MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will monitor the upgrade process. When the current and desired versions do match, the machine config node will ignore these events given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "type": "object", - "required": [ - "desired" - ], - "properties": { - "current": { - "description": "current is the name of the machine config currently in use on the node. This value is updated once the machine config daemon has completed the update of the configuration for the node. This value should match the desired version unless an upgrade is in progress. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "type": "string", - "default": "" - }, - "desired": { - "description": "desired is the MachineConfig the node wants to upgrade to. This value gets set in the machine config node status once the machine config has been validated against the current machine config. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "type": "string", - "default": "" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet": { - "description": "MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "currentGeneration": { - "description": "currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node.", - "type": "integer", - "format": "int32" - }, - "desiredGeneration": { - "description": "desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node.", - "type": "integer", - "format": "int32" - }, - "lastFailedGeneration": { - "description": "lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node.", - "type": "integer", - "format": "int32" - }, - "lastFailedGenerationError": { - "description": "lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. The error is an empty string if the image pull and pin is successful.", - "type": "string" - }, - "name": { - "description": "name is the name of the pinned image set. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "type": "string", - "default": "" - } - } - }, "com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStream": { "description": "OSImageStream describes a set of streams and associated images available for the MachineConfigPools to be used as base OS images.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "type": "object", @@ -38995,7 +38363,7 @@ "type": "object", "properties": { "defaultStream": { - "description": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nWhen omitted, the operator determines the default stream automatically.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", + "description": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nWhen omitted, the operator determines the default stream automatically. Once set, this field cannot be removed.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", "type": "string" } } @@ -39026,118 +38394,6 @@ } } }, - "com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef": { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "name is an OCI Image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", - "type": "string" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet": { - "description": "PinnedImageSet describes a set of images that should be pinned by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "default": {}, - "$ref": "#/definitions/ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "spec": { - "description": "spec describes the configuration of this pinned image set.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec" - }, - "status": { - "description": "status describes the last observed state of this pinned image set.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetList": { - "description": "PinnedImageSetList is a list of PinnedImageSet resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "type": "object", - "required": [ - "metadata", - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "default": {}, - "$ref": "#/definitions/ListMeta.v1.meta.apis.pkg.apimachinery.k8s.io" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec": { - "description": "PinnedImageSetSpec defines the desired state of a PinnedImageSet.", - "type": "object", - "required": [ - "pinnedImages" - ], - "properties": { - "pinnedImages": { - "description": "pinnedImages is a list of OCI Image referenced by digest that should be pinned and pre-loaded by the nodes of a MachineConfigPool. Translates into a new file inside the /etc/crio/crio.conf.d directory with content similar to this:\n\n pinned_images = [\n \"quay.io/openshift-release-dev/ocp-release@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n ...\n ]\n\nThese image references should all be by digest, tags aren't allowed.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef" - }, - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map" - } - } - }, - "com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus": { - "description": "PinnedImageSetStatus describes the current state of a PinnedImageSet.", - "type": "object", - "properties": { - "conditions": { - "description": "conditions represent the observations of a pinned image set's current state.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/Condition.v1.meta.apis.pkg.apimachinery.k8s.io" - }, - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" - } - } - }, "com.github.openshift.api.monitoring.v1.AlertRelabelConfig": { "description": "AlertRelabelConfig defines a set of relabel configs for alerts.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "type": "object", diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml index 8eabfb74bde..1dae05e60d6 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml @@ -158,9 +158,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, { "name": "GCPCustomAPIEndpoints" }, @@ -310,9 +307,6 @@ { "name": "ExternalOIDCWithUIDAndExtraClaimMappings" }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "HighlyAvailableArbiter" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml index a18e3ffb8d4..78232a3d8b2 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml @@ -213,12 +213,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "GCPCustomAPIEndpoints" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml index 799724633a5..ef20335609e 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml @@ -160,9 +160,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, { "name": "GCPCustomAPIEndpoints" }, @@ -312,9 +309,6 @@ { "name": "ExternalOIDCWithUIDAndExtraClaimMappings" }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "HighlyAvailableArbiter" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml index fec1cef6138..bc5970345ed 100644 --- a/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml @@ -225,12 +225,6 @@ { "name": "ExternalOIDCWithUpstreamParity" }, - { - "name": "GCPClusterHostedDNS" - }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "GCPCustomAPIEndpoints" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml index 465660d5059..55d5080a35b 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml @@ -155,9 +155,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, { "name": "GCPCustomAPIEndpoints" }, @@ -307,9 +304,6 @@ { "name": "ExternalOIDCWithUIDAndExtraClaimMappings" }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "HighlyAvailableArbiter" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml index fb6e46db2d7..c62ff4f079e 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml @@ -192,12 +192,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "GCPCustomAPIEndpoints" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml index 67402321239..ade20347943 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml @@ -157,9 +157,6 @@ { "name": "ExternalSnapshotMetadata" }, - { - "name": "GCPClusterHostedDNS" - }, { "name": "GCPCustomAPIEndpoints" }, @@ -309,9 +306,6 @@ { "name": "ExternalOIDCWithUIDAndExtraClaimMappings" }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "HighlyAvailableArbiter" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml index 3c48a8f327e..c60a0aedb7d 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml @@ -204,12 +204,6 @@ { "name": "ExternalOIDCWithUpstreamParity" }, - { - "name": "GCPClusterHostedDNS" - }, - { - "name": "GCPClusterHostedDNSInstall" - }, { "name": "GCPCustomAPIEndpoints" },