github.com/verrazzano/verrazzano@v1.7.0/cluster-operator/controllers/quickcreate/ociocne/template/addons/addons.goyaml (about) 1 # Copyright (c) 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 apiVersion: addons.cluster.x-k8s.io/v1beta1 5 kind: ClusterResourceSet 6 metadata: 7 name: {{.Name}}-resource-set 8 namespace: {{.Namespace}} 9 spec: 10 clusterSelector: 11 matchLabels: 12 cluster.x-k8s.io/cluster-name: {{.Name}} 13 resources: 14 - kind: Secret 15 name: {{.Name}}-calico-module 16 - kind: Secret 17 name: {{.Name}}-oci-ccm-module 18 - kind: Secret 19 name: {{.Name}}-ccm 20 - kind: Secret 21 name: {{.Name}}-csi 22 {{- if .DockerConfigJSON }} 23 - kind: Secret 24 name: {{.Name}}-image-pull-secret 25 {{- end }} 26 strategy: Reconcile 27 --- 28 apiVersion: v1 29 kind: Secret 30 type: addons.cluster.x-k8s.io/resource-set 31 metadata: 32 name: {{.Name}}-oci-ccm-module 33 namespace: {{.Namespace}} 34 stringData: 35 oci-ccm-module.yaml: | 36 apiVersion: platform.verrazzano.io/v1alpha1 37 kind: Module 38 metadata: 39 name: oci-ccm 40 namespace: default 41 spec: 42 moduleName: oci-ccm 43 targetNamespace: kube-system 44 {{- if .PrivateRegistry }} 45 values: 46 global: 47 oci: 48 registry: {{.PrivateRegistry.URL}}/olcne 49 csi: 50 registry: {{.PrivateRegistry.URL}}/olcne 51 {{- end }} 52 --- 53 apiVersion: v1 54 kind: Secret 55 type: addons.cluster.x-k8s.io/resource-set 56 metadata: 57 name: {{.Name}}-calico-module 58 namespace: {{.Namespace}} 59 stringData: 60 calico-module.yaml: | 61 apiVersion: platform.verrazzano.io/v1alpha1 62 kind: Module 63 metadata: 64 name: calico 65 namespace: default 66 spec: 67 moduleName: calico 68 targetNamespace: default 69 values: 70 tigeraOperator: 71 version: {{ .ContainerImages.TigeraOperator }} 72 {{- if .PrivateRegistry }} 73 registry: {{.PrivateRegistry.URL}}/olcne 74 {{- end }} 75 {{- if .PrivateRegistry }} 76 calicoctl: 77 registry: {{.PrivateRegistry.URL}}/olcne 78 {{- end }} 79 installation: 80 cni: 81 type: Calico 82 calicoNetwork: 83 bgp: Disabled 84 ipPools: 85 - cidr: {{ .KubernetesBase.ClusterNetwork.PodCIDR }} 86 encapsulation: VXLAN 87 {{- if .PrivateRegistry }} 88 registry: {{.PrivateRegistry.URL}} 89 {{- else }} 90 registry: container-registry.oracle.com 91 {{- end }} 92 imagePath: olcne 93 94 --- 95 apiVersion: v1 96 kind: Secret 97 type: addons.cluster.x-k8s.io/resource-set 98 metadata: 99 name: {{.Name}}-ccm 100 namespace: {{.Namespace}} 101 stringData: 102 ccm.yaml: | 103 apiVersion: v1 104 kind: Secret 105 metadata: 106 name: oci-cloud-controller-manager 107 namespace: kube-system 108 stringData: 109 cloud-provider.yaml: |- 110 {{- if eq .UseInstancePrincipal "false" }} 111 auth: 112 region: {{.OCI.Region}} 113 tenancy: {{.Tenancy}} 114 compartment: {{.OCI.Compartment}} 115 user: {{.User}} 116 key: |- 117 {{.PrivateKey | nindent 20 }} 118 fingerprint: {{.Fingerprint}} 119 {{- if .Passphrase}} 120 key_passphrase: {{.Passphrase}} 121 {{- else }} 122 key_passphrase: "" 123 {{- end }} 124 {{- else }} 125 useInstancePrincipals: true 126 {{- end }} 127 vcn: {{.Network.VCN}} 128 loadBalancer: 129 subnet1: {{.LoadBalancerSubnet}} 130 securityListManagementMode: All 131 disableSecurityListManagement: false 132 useInstancePrincipals: false 133 # compartment configures Compartment within which the cluster resides. 134 compartment: {{.OCI.Compartment}} 135 # Optional rate limit controls for accessing OCI API 136 rateLimiter: 137 rateLimitQPSRead: 20.0 138 rateLimitBucketRead: 5 139 rateLimitQPSWrite: 20.0 140 rateLimitBucketWrite: 5 141 --- 142 apiVersion: v1 143 kind: Secret 144 type: addons.cluster.x-k8s.io/resource-set 145 metadata: 146 name: {{.Name}}-csi 147 namespace: {{.Namespace}} 148 stringData: 149 csi.yaml: | 150 apiVersion: v1 151 kind: Secret 152 metadata: 153 name: oci-volume-provisioner 154 namespace: kube-system 155 stringData: 156 config.yaml: |- 157 {{- if eq .UseInstancePrincipal "false" }} 158 auth: 159 region: {{.OCI.Region}} 160 tenancy: {{.Tenancy}} 161 compartment: {{.OCI.Compartment}} 162 user: {{.User}} 163 key: |- 164 {{.PrivateKey | nindent 20 }} 165 fingerprint: {{.Fingerprint}} 166 {{- if .Passphrase}} 167 key_passphrase: {{.Passphrase}} 168 {{- else }} 169 key_passphrase: "" 170 {{- end }} 171 {{- else }} 172 useInstancePrincipals: true 173 {{- end }} 174 vcn: {{.Network.VCN}} 175 loadBalancer: 176 subnet1: {{.LoadBalancerSubnet}} 177 securityListManagementMode: All 178 disableSecurityListManagement: false 179 useInstancePrincipals: false 180 # compartment configures Compartment within which the cluster resides. 181 compartment: {{.OCI.Compartment}} 182 # Optional rate limit controls for accessing OCI API 183 rateLimiter: 184 rateLimitQPSRead: 20.0 185 rateLimitBucketRead: 5 186 rateLimitQPSWrite: 20.0 187 rateLimitBucketWrite: 5 188 {{- if .DockerConfigJSON }} 189 --- 190 apiVersion: v1 191 kind: Secret 192 type: addons.cluster.x-k8s.io/resource-set 193 metadata: 194 name: {{.Name}}-image-pull-secret 195 namespace: {{.Namespace}} 196 stringData: 197 registry-secret.yaml: | 198 apiVersion: v1 199 kind: Secret 200 metadata: 201 name: verrazzano-container-registry 202 namespace: default 203 data: 204 .dockerconfigjson: {{.DockerConfigJSON}} 205 type: kubernetes.io/dockerconfigjson 206 {{- end }}