github.com/verrazzano/verrazzano@v1.7.0/platform-operator/capi/infrastructure-oci/v0.12.1/infrastructure-components.yaml (about) 1 # Copyright (c) 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 apiVersion: v1 5 kind: Namespace 6 metadata: 7 labels: 8 cluster.x-k8s.io/provider: infrastructure-oci 9 control-plane: controller-manager 10 name: cluster-api-provider-oci-system 11 --- 12 apiVersion: apiextensions.k8s.io/v1 13 kind: CustomResourceDefinition 14 metadata: 15 annotations: 16 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17 controller-gen.kubebuilder.io/version: v0.10.0 18 labels: 19 cluster.x-k8s.io/provider: infrastructure-oci 20 cluster.x-k8s.io/v1beta1: v1beta1 21 name: ociclusteridentities.infrastructure.cluster.x-k8s.io 22 spec: 23 conversion: 24 strategy: Webhook 25 webhook: 26 clientConfig: 27 service: 28 name: capoci-webhook-service 29 namespace: cluster-api-provider-oci-system 30 path: /convert 31 conversionReviewVersions: 32 - v1 33 - v1beta1 34 group: infrastructure.cluster.x-k8s.io 35 names: 36 kind: OCIClusterIdentity 37 listKind: OCIClusterIdentityList 38 plural: ociclusteridentities 39 singular: ociclusteridentity 40 scope: Namespaced 41 versions: 42 - name: v1beta1 43 schema: 44 openAPIV3Schema: 45 description: OCIClusterIdentity is the Schema for the OCI Cluster Identity 46 API 47 properties: 48 apiVersion: 49 description: 'APIVersion defines the versioned schema of this representation 50 of an object. Servers should convert recognized schemas to the latest 51 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 52 type: string 53 kind: 54 description: 'Kind is a string value representing the REST resource this 55 object represents. Servers may infer this from the endpoint the client 56 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 57 type: string 58 metadata: 59 type: object 60 spec: 61 description: OCIClusterIdentitySpec defines the parameters that are used 62 to create an OCIClusterIdentity. 63 properties: 64 allowedNamespaces: 65 description: AllowedNamespaces is used to identify the namespaces 66 the clusters are allowed to use the identity from. Namespaces can 67 be selected either using an array of namespaces or with label selector. 68 An empty allowedNamespaces object indicates that OCIClusters can 69 use this identity from any namespace. If this object is nil, no 70 namespaces will be allowed (default behaviour, if this field is 71 not provided) A namespace should be either in the NamespaceList 72 or match with Selector to use the identity. 73 nullable: true 74 properties: 75 list: 76 description: A nil or empty list indicates that OCICluster cannot 77 use the identity from any namespace. NamespaceList takes precedence 78 over the Selector. 79 items: 80 type: string 81 nullable: true 82 type: array 83 selector: 84 description: "Selector is a selector of namespaces that OCICluster 85 can use this Identity from. This is a standard Kubernetes LabelSelector, 86 a label query over a set of resources. The result of matchLabels 87 and matchExpressions are ANDed. \n A nil or empty selector indicates 88 that OCICluster cannot use this OCIClusterIdentity from any 89 namespace." 90 properties: 91 matchExpressions: 92 description: matchExpressions is a list of label selector 93 requirements. The requirements are ANDed. 94 items: 95 description: A label selector requirement is a selector 96 that contains values, a key, and an operator that relates 97 the key and values. 98 properties: 99 key: 100 description: key is the label key that the selector 101 applies to. 102 type: string 103 operator: 104 description: operator represents a key's relationship 105 to a set of values. Valid operators are In, NotIn, 106 Exists and DoesNotExist. 107 type: string 108 values: 109 description: values is an array of string values. If 110 the operator is In or NotIn, the values array must 111 be non-empty. If the operator is Exists or DoesNotExist, 112 the values array must be empty. This array is replaced 113 during a strategic merge patch. 114 items: 115 type: string 116 type: array 117 required: 118 - key 119 - operator 120 type: object 121 type: array 122 matchLabels: 123 additionalProperties: 124 type: string 125 description: matchLabels is a map of {key,value} pairs. A 126 single {key,value} in the matchLabels map is equivalent 127 to an element of matchExpressions, whose key field is "key", 128 the operator is "In", and the values array contains only 129 "value". The requirements are ANDed. 130 type: object 131 type: object 132 x-kubernetes-map-type: atomic 133 type: object 134 principalSecret: 135 description: PrincipalSecret is a secret reference which contains 136 the authentication credentials for the principal. 137 properties: 138 name: 139 description: name is unique within a namespace to reference a 140 secret resource. 141 type: string 142 namespace: 143 description: namespace defines the space within which the secret 144 name must be unique. 145 type: string 146 type: object 147 x-kubernetes-map-type: atomic 148 type: 149 description: Type is the type of OCI Principal used. UserPrincipal 150 is the only supported value 151 type: string 152 required: 153 - type 154 type: object 155 status: 156 description: OCIClusterIdentityStatus defines the observed state of OCIClusterIdentity. 157 properties: 158 conditions: 159 description: Conditions defines current service state of the OCIClusterIdentity. 160 items: 161 description: Condition defines an observation of a Cluster API resource 162 operational state. 163 properties: 164 lastTransitionTime: 165 description: Last time the condition transitioned from one status 166 to another. This should be when the underlying condition changed. 167 If that is not known, then using the time when the API field 168 changed is acceptable. 169 format: date-time 170 type: string 171 message: 172 description: A human readable message indicating details about 173 the transition. This field may be empty. 174 type: string 175 reason: 176 description: The reason for the condition's last transition 177 in CamelCase. The specific API may choose whether or not this 178 field is considered a guaranteed API. This field may not be 179 empty. 180 type: string 181 severity: 182 description: Severity provides an explicit classification of 183 Reason code, so the users or machines can immediately understand 184 the current situation and act accordingly. The Severity field 185 MUST be set only when Status=False. 186 type: string 187 status: 188 description: Status of the condition, one of True, False, Unknown. 189 type: string 190 type: 191 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 192 Many .condition.type values are consistent across resources 193 like Available, but because arbitrary conditions can be useful 194 (see .node.status.conditions), the ability to deconflict is 195 important. 196 type: string 197 required: 198 - lastTransitionTime 199 - status 200 - type 201 type: object 202 type: array 203 type: object 204 type: object 205 served: true 206 storage: false 207 subresources: 208 status: {} 209 - name: v1beta2 210 schema: 211 openAPIV3Schema: 212 description: OCIClusterIdentity is the Schema for the OCI Cluster Identity 213 API 214 properties: 215 apiVersion: 216 description: 'APIVersion defines the versioned schema of this representation 217 of an object. Servers should convert recognized schemas to the latest 218 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 219 type: string 220 kind: 221 description: 'Kind is a string value representing the REST resource this 222 object represents. Servers may infer this from the endpoint the client 223 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 224 type: string 225 metadata: 226 type: object 227 spec: 228 description: OCIClusterIdentitySpec defines the parameters that are used 229 to create an OCIClusterIdentity. 230 properties: 231 allowedNamespaces: 232 description: AllowedNamespaces is used to identify the namespaces 233 the clusters are allowed to use the identity from. Namespaces can 234 be selected either using an array of namespaces or with label selector. 235 An empty allowedNamespaces object indicates that OCIClusters can 236 use this identity from any namespace. If this object is nil, no 237 namespaces will be allowed (default behaviour, if this field is 238 not provided) A namespace should be either in the NamespaceList 239 or match with Selector to use the identity. 240 nullable: true 241 properties: 242 list: 243 description: A nil or empty list indicates that OCICluster cannot 244 use the identity from any namespace. NamespaceList takes precedence 245 over the Selector. 246 items: 247 type: string 248 nullable: true 249 type: array 250 selector: 251 description: "Selector is a selector of namespaces that OCICluster 252 can use this Identity from. This is a standard Kubernetes LabelSelector, 253 a label query over a set of resources. The result of matchLabels 254 and matchExpressions are ANDed. \n A nil or empty selector indicates 255 that OCICluster cannot use this OCIClusterIdentity from any 256 namespace." 257 properties: 258 matchExpressions: 259 description: matchExpressions is a list of label selector 260 requirements. The requirements are ANDed. 261 items: 262 description: A label selector requirement is a selector 263 that contains values, a key, and an operator that relates 264 the key and values. 265 properties: 266 key: 267 description: key is the label key that the selector 268 applies to. 269 type: string 270 operator: 271 description: operator represents a key's relationship 272 to a set of values. Valid operators are In, NotIn, 273 Exists and DoesNotExist. 274 type: string 275 values: 276 description: values is an array of string values. If 277 the operator is In or NotIn, the values array must 278 be non-empty. If the operator is Exists or DoesNotExist, 279 the values array must be empty. This array is replaced 280 during a strategic merge patch. 281 items: 282 type: string 283 type: array 284 required: 285 - key 286 - operator 287 type: object 288 type: array 289 matchLabels: 290 additionalProperties: 291 type: string 292 description: matchLabels is a map of {key,value} pairs. A 293 single {key,value} in the matchLabels map is equivalent 294 to an element of matchExpressions, whose key field is "key", 295 the operator is "In", and the values array contains only 296 "value". The requirements are ANDed. 297 type: object 298 type: object 299 x-kubernetes-map-type: atomic 300 type: object 301 principalSecret: 302 description: PrincipalSecret is a secret reference which contains 303 the authentication credentials for the principal. 304 properties: 305 name: 306 description: name is unique within a namespace to reference a 307 secret resource. 308 type: string 309 namespace: 310 description: namespace defines the space within which the secret 311 name must be unique. 312 type: string 313 type: object 314 x-kubernetes-map-type: atomic 315 type: 316 description: Type is the type of OCI Principal used. UserPrincipal 317 is the only supported value 318 type: string 319 required: 320 - type 321 type: object 322 status: 323 description: OCIClusterIdentityStatus defines the observed state of OCIClusterIdentity. 324 properties: 325 conditions: 326 description: Conditions defines current service state of the OCIClusterIdentity. 327 items: 328 description: Condition defines an observation of a Cluster API resource 329 operational state. 330 properties: 331 lastTransitionTime: 332 description: Last time the condition transitioned from one status 333 to another. This should be when the underlying condition changed. 334 If that is not known, then using the time when the API field 335 changed is acceptable. 336 format: date-time 337 type: string 338 message: 339 description: A human readable message indicating details about 340 the transition. This field may be empty. 341 type: string 342 reason: 343 description: The reason for the condition's last transition 344 in CamelCase. The specific API may choose whether or not this 345 field is considered a guaranteed API. This field may not be 346 empty. 347 type: string 348 severity: 349 description: Severity provides an explicit classification of 350 Reason code, so the users or machines can immediately understand 351 the current situation and act accordingly. The Severity field 352 MUST be set only when Status=False. 353 type: string 354 status: 355 description: Status of the condition, one of True, False, Unknown. 356 type: string 357 type: 358 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 359 Many .condition.type values are consistent across resources 360 like Available, but because arbitrary conditions can be useful 361 (see .node.status.conditions), the ability to deconflict is 362 important. 363 type: string 364 required: 365 - lastTransitionTime 366 - status 367 - type 368 type: object 369 type: array 370 type: object 371 type: object 372 served: true 373 storage: true 374 subresources: 375 status: {} 376 --- 377 apiVersion: apiextensions.k8s.io/v1 378 kind: CustomResourceDefinition 379 metadata: 380 annotations: 381 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 382 controller-gen.kubebuilder.io/version: v0.10.0 383 labels: 384 cluster.x-k8s.io/provider: infrastructure-oci 385 cluster.x-k8s.io/v1beta1: v1beta1 386 name: ociclusters.infrastructure.cluster.x-k8s.io 387 spec: 388 conversion: 389 strategy: Webhook 390 webhook: 391 clientConfig: 392 service: 393 name: capoci-webhook-service 394 namespace: cluster-api-provider-oci-system 395 path: /convert 396 conversionReviewVersions: 397 - v1 398 - v1beta1 399 group: infrastructure.cluster.x-k8s.io 400 names: 401 kind: OCICluster 402 listKind: OCIClusterList 403 plural: ociclusters 404 singular: ocicluster 405 scope: Namespaced 406 versions: 407 - name: v1beta1 408 schema: 409 openAPIV3Schema: 410 description: OCICluster is the Schema for the ociclusters API. 411 properties: 412 apiVersion: 413 description: 'APIVersion defines the versioned schema of this representation 414 of an object. Servers should convert recognized schemas to the latest 415 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 416 type: string 417 kind: 418 description: 'Kind is a string value representing the REST resource this 419 object represents. Servers may infer this from the endpoint the client 420 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 421 type: string 422 metadata: 423 type: object 424 spec: 425 description: OCIClusterSpec defines the desired state of OciCluster 426 properties: 427 compartmentId: 428 description: Compartment to create the cluster network. 429 type: string 430 controlPlaneEndpoint: 431 description: ControlPlaneEndpoint represents the endpoint used to 432 communicate with the control plane. 433 properties: 434 host: 435 description: The hostname on which the API server is serving. 436 type: string 437 port: 438 description: The port on which the API server is serving. 439 format: int32 440 type: integer 441 required: 442 - host 443 - port 444 type: object 445 definedTags: 446 additionalProperties: 447 additionalProperties: 448 type: string 449 type: object 450 description: 'Defined tags for this resource. Each key is predefined 451 and scoped to a namespace. For more information, see Resource Tags 452 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 453 Example: `{"Operations": {"CostCenter": "42"}}`' 454 type: object 455 freeformTags: 456 additionalProperties: 457 type: string 458 description: Free-form tags for this resource. 459 type: object 460 identityRef: 461 description: IdentityRef is a reference to an identity(principal) 462 to be used when reconciling this cluster 463 properties: 464 apiVersion: 465 description: API version of the referent. 466 type: string 467 fieldPath: 468 description: 'If referring to a piece of an object instead of 469 an entire object, this string should contain a valid JSON/Go 470 field access statement, such as desiredState.manifest.containers[2]. 471 For example, if the object reference is to a container within 472 a pod, this would take on a value like: "spec.containers{name}" 473 (where "name" refers to the name of the container that triggered 474 the event) or if no container name is specified "spec.containers[2]" 475 (container with index 2 in this pod). This syntax is chosen 476 only to have some well-defined way of referencing a part of 477 an object. TODO: this design is not final and this field is 478 subject to change in the future.' 479 type: string 480 kind: 481 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 482 type: string 483 name: 484 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 485 type: string 486 namespace: 487 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 488 type: string 489 resourceVersion: 490 description: 'Specific resourceVersion to which this reference 491 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 492 type: string 493 uid: 494 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 495 type: string 496 type: object 497 x-kubernetes-map-type: atomic 498 networkSpec: 499 description: NetworkSpec encapsulates all things related to OCI network. 500 properties: 501 apiServerLoadBalancer: 502 description: API Server LB configuration. 503 properties: 504 loadBalancerId: 505 description: ID of Load Balancer. 506 type: string 507 name: 508 description: LoadBalancer Name. 509 type: string 510 type: object 511 skipNetworkManagement: 512 description: SkipNetworkManagement defines if the networking spec(VCN 513 related) specified by the user needs to be reconciled(actioned-upon) 514 or used as it is. APIServerLB will still be reconciled. 515 type: boolean 516 vcn: 517 description: VCN configuration. 518 properties: 519 cidr: 520 description: VCN CIDR. 521 type: string 522 id: 523 description: VCN OCID. 524 type: string 525 internetGatewayId: 526 description: ID of Internet Gateway. 527 type: string 528 name: 529 description: VCN Name. 530 type: string 531 natGatewayId: 532 description: ID of Nat Gateway. 533 type: string 534 networkSecurityGroups: 535 description: NetworkSecurityGroups is the configuration for 536 the Network Security Groups required in the VCN. 537 items: 538 description: NSG defines configuration for a Network Security 539 Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 540 properties: 541 egressRules: 542 description: EgressRules on the NSG. 543 items: 544 description: EgressSecurityRuleForNSG is EgressSecurityRule 545 for NSG. 546 properties: 547 egressRule: 548 description: EgressSecurityRule A rule for allowing 549 outbound IP packets. 550 properties: 551 description: 552 description: An optional description of your 553 choice for the rule. 554 type: string 555 destination: 556 description: 'Conceptually, this is the range 557 of IP addresses that a packet originating 558 from the instance can go to. Allowed values: 559 * IP address range in CIDR notation. For 560 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 561 Note that IPv6 addressing is currently supported 562 only in certain regions. See IPv6 Addresses 563 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 564 * The `cidrBlock` value for a Service, if 565 you''re setting up a security list rule 566 for traffic destined for a particular `Service` 567 through a service gateway. For example: 568 `oci-phx-objectstorage`.' 569 type: string 570 destinationType: 571 description: 'Type of destination for the 572 rule. The default is `CIDR_BLOCK`. Allowed 573 values: * `CIDR_BLOCK`: If the rule''s `destination` 574 is an IP address range in CIDR notation. 575 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 576 is the `cidrBlock` value for a Service (the 577 rule is for traffic destined for a particular 578 `Service` through a service gateway).' 579 type: string 580 icmpOptions: 581 description: 'IcmpOptions Optional and valid 582 only for ICMP and ICMPv6. Use to specify 583 a particular ICMP type and code as defined 584 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 585 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 586 If you specify ICMP or ICMPv6 as the protocol 587 but omit this object, then all ICMP types 588 and codes are allowed. If you do provide 589 this object, the type is required and the 590 code is optional. To enable MTU negotiation 591 for ingress internet traffic via IPv4, make 592 sure to allow type 3 ("Destination Unreachable") 593 code 4 ("Fragmentation Needed and Don''t 594 Fragment was Set"). If you need to specify 595 multiple codes for a single type, create 596 a separate security list rule for each.' 597 properties: 598 code: 599 description: The ICMP code (optional). 600 type: integer 601 type: 602 description: The ICMP type. 603 type: integer 604 type: object 605 isStateless: 606 description: A stateless rule allows traffic 607 in one direction. Remember to add a corresponding 608 stateless rule in the other direction if 609 you need to support bidirectional traffic. 610 For example, if egress traffic allows TCP 611 destination port 80, there should be an 612 ingress rule to allow TCP source port 80. 613 Defaults to false, which means the rule 614 is stateful and a corresponding rule is 615 not necessary for bidirectional traffic. 616 type: boolean 617 protocol: 618 description: The transport protocol. Specify 619 either `all` or an IPv4 protocol number 620 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 621 Options are supported only for ICMP ("1"), 622 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 623 type: string 624 tcpOptions: 625 description: TcpOptions Optional and valid 626 only for TCP. Use to specify particular 627 destination ports for TCP rules. If you 628 specify TCP as the protocol but omit this 629 object, then all destination ports are allowed. 630 properties: 631 destinationPortRange: 632 description: PortRange The representation 633 of PortRange. 634 properties: 635 max: 636 description: The maximum port number, 637 which must not be less than the 638 minimum port number. To specify 639 a single port number, set both the 640 min and max to the same value. 641 type: integer 642 min: 643 description: The minimum port number, 644 which must not be greater than the 645 maximum port number. 646 type: integer 647 type: object 648 sourcePortRange: 649 description: PortRange The representation 650 of PortRange. 651 properties: 652 max: 653 description: The maximum port number, 654 which must not be less than the 655 minimum port number. To specify 656 a single port number, set both the 657 min and max to the same value. 658 type: integer 659 min: 660 description: The minimum port number, 661 which must not be greater than the 662 maximum port number. 663 type: integer 664 type: object 665 type: object 666 udpOptions: 667 description: UdpOptions Optional and valid 668 only for UDP. Use to specify particular 669 destination ports for UDP rules. If you 670 specify UDP as the protocol but omit this 671 object, then all destination ports are allowed. 672 properties: 673 destinationPortRange: 674 description: PortRange The representation 675 of PortRange. 676 properties: 677 max: 678 description: The maximum port number, 679 which must not be less than the 680 minimum port number. To specify 681 a single port number, set both the 682 min and max to the same value. 683 type: integer 684 min: 685 description: The minimum port number, 686 which must not be greater than the 687 maximum port number. 688 type: integer 689 type: object 690 sourcePortRange: 691 description: PortRange The representation 692 of PortRange. 693 properties: 694 max: 695 description: The maximum port number, 696 which must not be less than the 697 minimum port number. To specify 698 a single port number, set both the 699 min and max to the same value. 700 type: integer 701 min: 702 description: The minimum port number, 703 which must not be greater than the 704 maximum port number. 705 type: integer 706 type: object 707 type: object 708 type: object 709 id: 710 description: 'EgressSecurityRule ID for NSG. Deprecated: 711 this field is not populated and used during 712 reconciliation' 713 type: string 714 type: object 715 type: array 716 id: 717 description: NSG OCID. 718 type: string 719 ingressRules: 720 description: IngressRules on the NSG. 721 items: 722 description: IngressSecurityRuleForNSG is IngressSecurityRule 723 for NSG 724 properties: 725 id: 726 description: 'IngressSecurityRule ID for NSG. 727 Deprecated: this field is not populated and 728 used during reconciliation' 729 type: string 730 ingressRule: 731 description: IngressSecurityRule A rule for allowing 732 inbound IP packets. 733 properties: 734 description: 735 description: An optional description of your 736 choice for the rule. 737 type: string 738 icmpOptions: 739 description: 'IcmpOptions Optional and valid 740 only for ICMP and ICMPv6. Use to specify 741 a particular ICMP type and code as defined 742 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 743 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 744 If you specify ICMP or ICMPv6 as the protocol 745 but omit this object, then all ICMP types 746 and codes are allowed. If you do provide 747 this object, the type is required and the 748 code is optional. To enable MTU negotiation 749 for ingress internet traffic via IPv4, make 750 sure to allow type 3 ("Destination Unreachable") 751 code 4 ("Fragmentation Needed and Don''t 752 Fragment was Set"). If you need to specify 753 multiple codes for a single type, create 754 a separate security list rule for each.' 755 properties: 756 code: 757 description: The ICMP code (optional). 758 type: integer 759 type: 760 description: The ICMP type. 761 type: integer 762 type: object 763 isStateless: 764 description: A stateless rule allows traffic 765 in one direction. Remember to add a corresponding 766 stateless rule in the other direction if 767 you need to support bidirectional traffic. 768 For example, if ingress traffic allows TCP 769 destination port 80, there should be an 770 egress rule to allow TCP source port 80. 771 Defaults to false, which means the rule 772 is stateful and a corresponding rule is 773 not necessary for bidirectional traffic. 774 type: boolean 775 protocol: 776 description: The transport protocol. Specify 777 either `all` or an IPv4 protocol number 778 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 779 Options are supported only for ICMP ("1"), 780 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 781 type: string 782 source: 783 description: 'Conceptually, this is the range 784 of IP addresses that a packet coming into 785 the instance can come from. Allowed values: 786 * IP address range in CIDR notation. For 787 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 788 IPv6 addressing is supported for all commercial 789 and government regions. See IPv6 Addresses 790 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 791 * The `cidrBlock` value for a Service, if 792 you''re setting up a security list rule 793 for traffic coming from a particular `Service` 794 through a service gateway. For example: 795 `oci-phx-objectstorage`.' 796 type: string 797 sourceType: 798 description: 'Type of source for the rule. 799 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 800 If the rule''s `source` is an IP address 801 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 802 If the rule''s `source` is the `cidrBlock` 803 value for a Service (the rule is for traffic 804 coming from a particular `Service` through 805 a service gateway).' 806 type: string 807 tcpOptions: 808 description: TcpOptions Optional and valid 809 only for TCP. Use to specify particular 810 destination ports for TCP rules. If you 811 specify TCP as the protocol but omit this 812 object, then all destination ports are allowed. 813 properties: 814 destinationPortRange: 815 description: PortRange The representation 816 of PortRange. 817 properties: 818 max: 819 description: The maximum port number, 820 which must not be less than the 821 minimum port number. To specify 822 a single port number, set both the 823 min and max to the same value. 824 type: integer 825 min: 826 description: The minimum port number, 827 which must not be greater than the 828 maximum port number. 829 type: integer 830 type: object 831 sourcePortRange: 832 description: PortRange The representation 833 of PortRange. 834 properties: 835 max: 836 description: The maximum port number, 837 which must not be less than the 838 minimum port number. To specify 839 a single port number, set both the 840 min and max to the same value. 841 type: integer 842 min: 843 description: The minimum port number, 844 which must not be greater than the 845 maximum port number. 846 type: integer 847 type: object 848 type: object 849 udpOptions: 850 description: UdpOptions Optional and valid 851 only for UDP. Use to specify particular 852 destination ports for UDP rules. If you 853 specify UDP as the protocol but omit this 854 object, then all destination ports are allowed. 855 properties: 856 destinationPortRange: 857 description: PortRange The representation 858 of PortRange. 859 properties: 860 max: 861 description: The maximum port number, 862 which must not be less than the 863 minimum port number. To specify 864 a single port number, set both the 865 min and max to the same value. 866 type: integer 867 min: 868 description: The minimum port number, 869 which must not be greater than the 870 maximum port number. 871 type: integer 872 type: object 873 sourcePortRange: 874 description: PortRange The representation 875 of PortRange. 876 properties: 877 max: 878 description: The maximum port number, 879 which must not be less than the 880 minimum port number. To specify 881 a single port number, set both the 882 min and max to the same value. 883 type: integer 884 min: 885 description: The minimum port number, 886 which must not be greater than the 887 maximum port number. 888 type: integer 889 type: object 890 type: object 891 type: object 892 type: object 893 type: array 894 name: 895 description: NSG Name. 896 type: string 897 role: 898 description: Role defines the NSG role (eg. control-plane, 899 control-plane-endpoint, service-lb, worker). 900 type: string 901 required: 902 - name 903 type: object 904 type: array 905 x-kubernetes-list-map-keys: 906 - name 907 x-kubernetes-list-type: map 908 privateRouteTableId: 909 description: ID of Private Route Table. 910 type: string 911 publicRouteTableId: 912 description: ID of Public Route Table. 913 type: string 914 serviceGatewayId: 915 description: ID of Service Gateway. 916 type: string 917 subnets: 918 description: Subnets is the configuration for subnets required 919 in the VCN. 920 items: 921 description: Subnet defines the configuration for a network's 922 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 923 properties: 924 cidr: 925 description: Subnet CIDR. 926 type: string 927 id: 928 description: Subnet OCID. 929 type: string 930 name: 931 description: Subnet Name. 932 type: string 933 role: 934 description: Role defines the subnet role (eg. control-plane, 935 control-plane-endpoint, service-lb, worker). 936 type: string 937 securityList: 938 description: The security list associated with Subnet. 939 properties: 940 egressRules: 941 description: EgressRules on the SecurityList. 942 items: 943 description: EgressSecurityRule A rule for allowing 944 outbound IP packets. 945 properties: 946 description: 947 description: An optional description of your 948 choice for the rule. 949 type: string 950 destination: 951 description: 'Conceptually, this is the range 952 of IP addresses that a packet originating 953 from the instance can go to. Allowed values: 954 * IP address range in CIDR notation. For 955 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 956 Note that IPv6 addressing is currently supported 957 only in certain regions. See IPv6 Addresses 958 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 959 * The `cidrBlock` value for a Service, if 960 you''re setting up a security list rule 961 for traffic destined for a particular `Service` 962 through a service gateway. For example: 963 `oci-phx-objectstorage`.' 964 type: string 965 destinationType: 966 description: 'Type of destination for the 967 rule. The default is `CIDR_BLOCK`. Allowed 968 values: * `CIDR_BLOCK`: If the rule''s `destination` 969 is an IP address range in CIDR notation. 970 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 971 is the `cidrBlock` value for a Service (the 972 rule is for traffic destined for a particular 973 `Service` through a service gateway).' 974 type: string 975 icmpOptions: 976 description: 'IcmpOptions Optional and valid 977 only for ICMP and ICMPv6. Use to specify 978 a particular ICMP type and code as defined 979 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 980 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 981 If you specify ICMP or ICMPv6 as the protocol 982 but omit this object, then all ICMP types 983 and codes are allowed. If you do provide 984 this object, the type is required and the 985 code is optional. To enable MTU negotiation 986 for ingress internet traffic via IPv4, make 987 sure to allow type 3 ("Destination Unreachable") 988 code 4 ("Fragmentation Needed and Don''t 989 Fragment was Set"). If you need to specify 990 multiple codes for a single type, create 991 a separate security list rule for each.' 992 properties: 993 code: 994 description: The ICMP code (optional). 995 type: integer 996 type: 997 description: The ICMP type. 998 type: integer 999 type: object 1000 isStateless: 1001 description: A stateless rule allows traffic 1002 in one direction. Remember to add a corresponding 1003 stateless rule in the other direction if 1004 you need to support bidirectional traffic. 1005 For example, if egress traffic allows TCP 1006 destination port 80, there should be an 1007 ingress rule to allow TCP source port 80. 1008 Defaults to false, which means the rule 1009 is stateful and a corresponding rule is 1010 not necessary for bidirectional traffic. 1011 type: boolean 1012 protocol: 1013 description: The transport protocol. Specify 1014 either `all` or an IPv4 protocol number 1015 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1016 Options are supported only for ICMP ("1"), 1017 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 1018 type: string 1019 tcpOptions: 1020 description: TcpOptions Optional and valid 1021 only for TCP. Use to specify particular 1022 destination ports for TCP rules. If you 1023 specify TCP as the protocol but omit this 1024 object, then all destination ports are allowed. 1025 properties: 1026 destinationPortRange: 1027 description: PortRange The representation 1028 of PortRange. 1029 properties: 1030 max: 1031 description: The maximum port number, 1032 which must not be less than the 1033 minimum port number. To specify 1034 a single port number, set both the 1035 min and max to the same value. 1036 type: integer 1037 min: 1038 description: The minimum port number, 1039 which must not be greater than the 1040 maximum port number. 1041 type: integer 1042 type: object 1043 sourcePortRange: 1044 description: PortRange The representation 1045 of PortRange. 1046 properties: 1047 max: 1048 description: The maximum port number, 1049 which must not be less than the 1050 minimum port number. To specify 1051 a single port number, set both the 1052 min and max to the same value. 1053 type: integer 1054 min: 1055 description: The minimum port number, 1056 which must not be greater than the 1057 maximum port number. 1058 type: integer 1059 type: object 1060 type: object 1061 udpOptions: 1062 description: UdpOptions Optional and valid 1063 only for UDP. Use to specify particular 1064 destination ports for UDP rules. If you 1065 specify UDP as the protocol but omit this 1066 object, then all destination ports are allowed. 1067 properties: 1068 destinationPortRange: 1069 description: PortRange The representation 1070 of PortRange. 1071 properties: 1072 max: 1073 description: The maximum port number, 1074 which must not be less than the 1075 minimum port number. To specify 1076 a single port number, set both the 1077 min and max to the same value. 1078 type: integer 1079 min: 1080 description: The minimum port number, 1081 which must not be greater than the 1082 maximum port number. 1083 type: integer 1084 type: object 1085 sourcePortRange: 1086 description: PortRange The representation 1087 of PortRange. 1088 properties: 1089 max: 1090 description: The maximum port number, 1091 which must not be less than the 1092 minimum port number. To specify 1093 a single port number, set both the 1094 min and max to the same value. 1095 type: integer 1096 min: 1097 description: The minimum port number, 1098 which must not be greater than the 1099 maximum port number. 1100 type: integer 1101 type: object 1102 type: object 1103 type: object 1104 type: array 1105 id: 1106 description: ID of the SecurityList. 1107 type: string 1108 ingressRules: 1109 description: IngressRules on the SecurityList. 1110 items: 1111 description: IngressSecurityRule A rule for allowing 1112 inbound IP packets. 1113 properties: 1114 description: 1115 description: An optional description of your 1116 choice for the rule. 1117 type: string 1118 icmpOptions: 1119 description: 'IcmpOptions Optional and valid 1120 only for ICMP and ICMPv6. Use to specify 1121 a particular ICMP type and code as defined 1122 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1123 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1124 If you specify ICMP or ICMPv6 as the protocol 1125 but omit this object, then all ICMP types 1126 and codes are allowed. If you do provide 1127 this object, the type is required and the 1128 code is optional. To enable MTU negotiation 1129 for ingress internet traffic via IPv4, make 1130 sure to allow type 3 ("Destination Unreachable") 1131 code 4 ("Fragmentation Needed and Don''t 1132 Fragment was Set"). If you need to specify 1133 multiple codes for a single type, create 1134 a separate security list rule for each.' 1135 properties: 1136 code: 1137 description: The ICMP code (optional). 1138 type: integer 1139 type: 1140 description: The ICMP type. 1141 type: integer 1142 type: object 1143 isStateless: 1144 description: A stateless rule allows traffic 1145 in one direction. Remember to add a corresponding 1146 stateless rule in the other direction if 1147 you need to support bidirectional traffic. 1148 For example, if ingress traffic allows TCP 1149 destination port 80, there should be an 1150 egress rule to allow TCP source port 80. 1151 Defaults to false, which means the rule 1152 is stateful and a corresponding rule is 1153 not necessary for bidirectional traffic. 1154 type: boolean 1155 protocol: 1156 description: The transport protocol. Specify 1157 either `all` or an IPv4 protocol number 1158 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1159 Options are supported only for ICMP ("1"), 1160 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 1161 type: string 1162 source: 1163 description: 'Conceptually, this is the range 1164 of IP addresses that a packet coming into 1165 the instance can come from. Allowed values: 1166 * IP address range in CIDR notation. For 1167 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 1168 IPv6 addressing is supported for all commercial 1169 and government regions. See IPv6 Addresses 1170 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1171 * The `cidrBlock` value for a Service, if 1172 you''re setting up a security list rule 1173 for traffic coming from a particular `Service` 1174 through a service gateway. For example: 1175 `oci-phx-objectstorage`.' 1176 type: string 1177 sourceType: 1178 description: 'Type of source for the rule. 1179 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 1180 If the rule''s `source` is an IP address 1181 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1182 If the rule''s `source` is the `cidrBlock` 1183 value for a Service (the rule is for traffic 1184 coming from a particular `Service` through 1185 a service gateway).' 1186 type: string 1187 tcpOptions: 1188 description: TcpOptions Optional and valid 1189 only for TCP. Use to specify particular 1190 destination ports for TCP rules. If you 1191 specify TCP as the protocol but omit this 1192 object, then all destination ports are allowed. 1193 properties: 1194 destinationPortRange: 1195 description: PortRange The representation 1196 of PortRange. 1197 properties: 1198 max: 1199 description: The maximum port number, 1200 which must not be less than the 1201 minimum port number. To specify 1202 a single port number, set both the 1203 min and max to the same value. 1204 type: integer 1205 min: 1206 description: The minimum port number, 1207 which must not be greater than the 1208 maximum port number. 1209 type: integer 1210 type: object 1211 sourcePortRange: 1212 description: PortRange The representation 1213 of PortRange. 1214 properties: 1215 max: 1216 description: The maximum port number, 1217 which must not be less than the 1218 minimum port number. To specify 1219 a single port number, set both the 1220 min and max to the same value. 1221 type: integer 1222 min: 1223 description: The minimum port number, 1224 which must not be greater than the 1225 maximum port number. 1226 type: integer 1227 type: object 1228 type: object 1229 udpOptions: 1230 description: UdpOptions Optional and valid 1231 only for UDP. Use to specify particular 1232 destination ports for UDP rules. If you 1233 specify UDP as the protocol but omit this 1234 object, then all destination ports are allowed. 1235 properties: 1236 destinationPortRange: 1237 description: PortRange The representation 1238 of PortRange. 1239 properties: 1240 max: 1241 description: The maximum port number, 1242 which must not be less than the 1243 minimum port number. To specify 1244 a single port number, set both the 1245 min and max to the same value. 1246 type: integer 1247 min: 1248 description: The minimum port number, 1249 which must not be greater than the 1250 maximum port number. 1251 type: integer 1252 type: object 1253 sourcePortRange: 1254 description: PortRange The representation 1255 of PortRange. 1256 properties: 1257 max: 1258 description: The maximum port number, 1259 which must not be less than the 1260 minimum port number. To specify 1261 a single port number, set both the 1262 min and max to the same value. 1263 type: integer 1264 min: 1265 description: The minimum port number, 1266 which must not be greater than the 1267 maximum port number. 1268 type: integer 1269 type: object 1270 type: object 1271 type: object 1272 type: array 1273 name: 1274 description: SecurityList Name. 1275 type: string 1276 type: object 1277 type: 1278 description: Type defines the subnet type (e.g. public, 1279 private). 1280 type: string 1281 required: 1282 - name 1283 - role 1284 type: object 1285 type: array 1286 x-kubernetes-list-map-keys: 1287 - name 1288 x-kubernetes-list-type: map 1289 type: object 1290 vcnPeering: 1291 description: VCNPeering configuration. 1292 properties: 1293 drg: 1294 description: DRG configuration refers to the DRG which has 1295 to be created if required. If management cluster and workload 1296 cluster shares the same DRG, this fields is not required 1297 to be specified. 1298 properties: 1299 id: 1300 description: ID is the OCID for the created DRG. 1301 type: string 1302 manage: 1303 description: Manage defines whether the DRG has to be 1304 managed(including create). If set to false(the default) 1305 the ID has to be specified by the user to a valid DRG 1306 ID to which the VCN has to be attached. 1307 type: boolean 1308 name: 1309 description: Name is the name of the created DRG. 1310 type: string 1311 vcnAttachmentId: 1312 description: VcnAttachmentId is the ID of the VCN attachment 1313 of the DRG. The workload cluster VCN can be attached 1314 to either the management cluster VCN if they are sharing 1315 the same DRG or to the workload cluster DRG. 1316 type: string 1317 type: object 1318 peerRouteRules: 1319 description: PeerRouteRules defines the routing rules which 1320 will be added to the private route tables of the workload 1321 cluster VCN. The routes defined here will be directed to 1322 DRG. 1323 items: 1324 description: PeerRouteRule defines a Route Rule to be routed 1325 via a DRG. 1326 properties: 1327 vcnCIDRRange: 1328 description: VCNCIDRRange is the CIDR Range of peer 1329 VCN to which the workload cluster VCN will be peered. 1330 The CIDR range is required to add the route rule in 1331 the workload cluster VCN, the route rule will forward 1332 any traffic to the CIDR to the DRG. 1333 type: string 1334 type: object 1335 type: array 1336 remotePeeringConnections: 1337 description: RemotePeeringConnections defines the RPC connections 1338 which be established with the workload cluster DRG. 1339 items: 1340 description: RemotePeeringConnection is used to peer VCNs 1341 residing in different regions(typically). Remote VCN Peering 1342 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 1343 properties: 1344 managePeerRPC: 1345 description: ManagePeerRPC will define if the Peer VCN 1346 needs to be managed. If set to true a Remote Peering 1347 Connection will be created in the Peer DRG and the 1348 connection will be created between local and peer 1349 RPC. 1350 type: boolean 1351 peerDRGId: 1352 description: PeerDRGId defines the DRG ID of the peer. 1353 type: string 1354 peerRPCConnectionId: 1355 description: PeerRPCConnectionId defines the RPC ID 1356 of peer. If ManagePeerRPC is set to true this will 1357 be created by Cluster API Provider for OCI, otherwise 1358 this has be defined by the user. 1359 type: string 1360 peerRegionName: 1361 description: PeerRegionName defined the region name 1362 of Peer VCN. 1363 type: string 1364 rpcConnectionId: 1365 description: RPCConnectionId is the connection ID of 1366 the connection between peer and local RPC. 1367 type: string 1368 type: object 1369 type: array 1370 type: object 1371 type: object 1372 ociResourceIdentifier: 1373 description: The unique ID which will be used to tag all the resources 1374 created by this Cluster. The tag will be used to identify resources 1375 belonging to this cluster. this will be auto-generated and should 1376 not be set by the user. 1377 type: string 1378 region: 1379 description: Region the cluster operates in. It must be one of available 1380 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 1381 type: string 1382 type: object 1383 status: 1384 description: OCIClusterStatus defines the observed state of OCICluster 1385 properties: 1386 availabilityDomains: 1387 additionalProperties: 1388 description: OCIAvailabilityDomain contains information about an 1389 Availability Domain (AD). 1390 properties: 1391 faultDomains: 1392 description: 'FaultDomains a list of fault domain (FD) names. 1393 Example: ["FAULT-DOMAIN-1"]' 1394 items: 1395 type: string 1396 type: array 1397 name: 1398 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 1399 type: string 1400 type: object 1401 description: AvailabilityDomains encapsulates the clusters Availability 1402 Domain (AD) information in a map where the map key is the AD name 1403 and the struct is details about the AD. 1404 type: object 1405 conditions: 1406 description: NetworkSpec encapsulates all things related to OCI network. 1407 items: 1408 description: Condition defines an observation of a Cluster API resource 1409 operational state. 1410 properties: 1411 lastTransitionTime: 1412 description: Last time the condition transitioned from one status 1413 to another. This should be when the underlying condition changed. 1414 If that is not known, then using the time when the API field 1415 changed is acceptable. 1416 format: date-time 1417 type: string 1418 message: 1419 description: A human readable message indicating details about 1420 the transition. This field may be empty. 1421 type: string 1422 reason: 1423 description: The reason for the condition's last transition 1424 in CamelCase. The specific API may choose whether or not this 1425 field is considered a guaranteed API. This field may not be 1426 empty. 1427 type: string 1428 severity: 1429 description: Severity provides an explicit classification of 1430 Reason code, so the users or machines can immediately understand 1431 the current situation and act accordingly. The Severity field 1432 MUST be set only when Status=False. 1433 type: string 1434 status: 1435 description: Status of the condition, one of True, False, Unknown. 1436 type: string 1437 type: 1438 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1439 Many .condition.type values are consistent across resources 1440 like Available, but because arbitrary conditions can be useful 1441 (see .node.status.conditions), the ability to deconflict is 1442 important. 1443 type: string 1444 required: 1445 - lastTransitionTime 1446 - status 1447 - type 1448 type: object 1449 type: array 1450 failureDomains: 1451 additionalProperties: 1452 description: FailureDomainSpec is the Schema for Cluster API failure 1453 domains. It allows controllers to understand how many failure 1454 domains a cluster can optionally span across. 1455 properties: 1456 attributes: 1457 additionalProperties: 1458 type: string 1459 description: Attributes is a free form map of attributes an 1460 infrastructure provider might use or require. 1461 type: object 1462 controlPlane: 1463 description: ControlPlane determines if this failure domain 1464 is suitable for use by control plane machines. 1465 type: boolean 1466 type: object 1467 description: FailureDomains is a slice of FailureDomains. 1468 type: object 1469 ready: 1470 type: boolean 1471 type: object 1472 type: object 1473 served: true 1474 storage: false 1475 subresources: 1476 status: {} 1477 - name: v1beta2 1478 schema: 1479 openAPIV3Schema: 1480 description: OCICluster is the Schema for the ociclusters API. 1481 properties: 1482 apiVersion: 1483 description: 'APIVersion defines the versioned schema of this representation 1484 of an object. Servers should convert recognized schemas to the latest 1485 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1486 type: string 1487 kind: 1488 description: 'Kind is a string value representing the REST resource this 1489 object represents. Servers may infer this from the endpoint the client 1490 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1491 type: string 1492 metadata: 1493 type: object 1494 spec: 1495 description: OCIClusterSpec defines the desired state of OciCluster 1496 properties: 1497 availabilityDomains: 1498 additionalProperties: 1499 description: OCIAvailabilityDomain contains information about an 1500 Availability Domain (AD). 1501 properties: 1502 faultDomains: 1503 description: 'FaultDomains a list of fault domain (FD) names. 1504 Example: ["FAULT-DOMAIN-1"]' 1505 items: 1506 type: string 1507 type: array 1508 name: 1509 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 1510 type: string 1511 type: object 1512 description: AvailabilityDomains encapsulates the clusters Availability 1513 Domain (AD) information in a map where the map key is the AD name 1514 and the struct is details about the AD. 1515 type: object 1516 clientOverrides: 1517 description: ClientOverrides allows the default client SDK URLs to 1518 be changed. 1519 nullable: true 1520 properties: 1521 certOverride: 1522 description: CertOverride is a secret that contains information 1523 about a cert override used by all the OCI SDK clients. The secret 1524 must contain data with a `cert`property. 1525 nullable: true 1526 properties: 1527 name: 1528 description: name is unique within a namespace to reference 1529 a secret resource. 1530 type: string 1531 namespace: 1532 description: namespace defines the space within which the 1533 secret name must be unique. 1534 type: string 1535 type: object 1536 x-kubernetes-map-type: atomic 1537 computeClientUrl: 1538 description: ComputeClientUrl allows the default compute SDK client 1539 URL to be changed. 1540 nullable: true 1541 type: string 1542 computeManagementClientUrl: 1543 description: ComputeManagementClientUrl allows the default compute 1544 management SDK client URL to be changed. 1545 nullable: true 1546 type: string 1547 containerEngineClientUrl: 1548 description: ContainerEngineClientUrl allows the default container 1549 engine SDK client URL to be changed. 1550 nullable: true 1551 type: string 1552 identityClientUrl: 1553 description: IdentityClientUrl allows the default identity SDK 1554 client URL to be changed. 1555 nullable: true 1556 type: string 1557 loadBalancerClientUrl: 1558 description: LoadBalancerClientUrl allows the default load balancer 1559 SDK client URL to be changed. 1560 nullable: true 1561 type: string 1562 networkLoadBalancerClientUrl: 1563 description: NetworkLoadBalancerClientUrl allows the default NLB 1564 SDK client URL to be changed. 1565 nullable: true 1566 type: string 1567 vCNClientUrl: 1568 description: VCNClientUrl allows the default vcn SDK client URL 1569 to be changed. 1570 nullable: true 1571 type: string 1572 type: object 1573 compartmentId: 1574 description: Compartment to create the cluster network. 1575 type: string 1576 controlPlaneEndpoint: 1577 description: ControlPlaneEndpoint represents the endpoint used to 1578 communicate with the control plane. 1579 properties: 1580 host: 1581 description: The hostname on which the API server is serving. 1582 type: string 1583 port: 1584 description: The port on which the API server is serving. 1585 format: int32 1586 type: integer 1587 required: 1588 - host 1589 - port 1590 type: object 1591 definedTags: 1592 additionalProperties: 1593 additionalProperties: 1594 type: string 1595 type: object 1596 description: 'Defined tags for this resource. Each key is predefined 1597 and scoped to a namespace. For more information, see Resource Tags 1598 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 1599 Example: `{"Operations": {"CostCenter": "42"}}`' 1600 type: object 1601 freeformTags: 1602 additionalProperties: 1603 type: string 1604 description: Free-form tags for this resource. 1605 type: object 1606 identityRef: 1607 description: IdentityRef is a reference to an identity(principal) 1608 to be used when reconciling this cluster 1609 properties: 1610 apiVersion: 1611 description: API version of the referent. 1612 type: string 1613 fieldPath: 1614 description: 'If referring to a piece of an object instead of 1615 an entire object, this string should contain a valid JSON/Go 1616 field access statement, such as desiredState.manifest.containers[2]. 1617 For example, if the object reference is to a container within 1618 a pod, this would take on a value like: "spec.containers{name}" 1619 (where "name" refers to the name of the container that triggered 1620 the event) or if no container name is specified "spec.containers[2]" 1621 (container with index 2 in this pod). This syntax is chosen 1622 only to have some well-defined way of referencing a part of 1623 an object. TODO: this design is not final and this field is 1624 subject to change in the future.' 1625 type: string 1626 kind: 1627 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1628 type: string 1629 name: 1630 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1631 type: string 1632 namespace: 1633 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 1634 type: string 1635 resourceVersion: 1636 description: 'Specific resourceVersion to which this reference 1637 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 1638 type: string 1639 uid: 1640 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 1641 type: string 1642 type: object 1643 x-kubernetes-map-type: atomic 1644 networkSpec: 1645 description: NetworkSpec encapsulates all things related to OCI network. 1646 properties: 1647 apiServerLoadBalancer: 1648 description: API Server LB configuration. 1649 properties: 1650 loadBalancerId: 1651 description: ID of Load Balancer. 1652 type: string 1653 loadBalancerType: 1654 description: 'Type of Load Balancer: NLB (default) or LBaaS.' 1655 type: string 1656 name: 1657 description: LoadBalancer Name. 1658 type: string 1659 type: object 1660 skipNetworkManagement: 1661 description: SkipNetworkManagement defines if the networking spec(VCN 1662 related) specified by the user needs to be reconciled(actioned-upon) 1663 or used as it is. APIServerLB will still be reconciled. 1664 type: boolean 1665 vcn: 1666 description: VCN configuration. 1667 properties: 1668 cidr: 1669 description: VCN CIDR. 1670 type: string 1671 id: 1672 description: VCN OCID. 1673 type: string 1674 internetGateway: 1675 description: Configuration for Internet Gateway. 1676 properties: 1677 id: 1678 description: ID of Internet Gateway. 1679 type: string 1680 skip: 1681 description: Skip specifies whether to skip creating internet 1682 gateway even if any one Subnet is public. 1683 type: boolean 1684 type: object 1685 name: 1686 description: VCN Name. 1687 type: string 1688 natGateway: 1689 description: Configuration for NAT Gateway. 1690 properties: 1691 id: 1692 description: ID of Nat Gateway. 1693 type: string 1694 skip: 1695 description: Skip specifies whether to skip creating NAT 1696 gateway even if any one Subnet is private. 1697 type: boolean 1698 type: object 1699 networkSecurityGroup: 1700 description: Configuration for NSG management. 1701 properties: 1702 list: 1703 description: NetworkSecurityGroup is the configuration 1704 for the Network Security Groups required in the VCN. 1705 items: 1706 description: NSG defines configuration for a Network 1707 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 1708 properties: 1709 egressRules: 1710 description: EgressRules on the NSG. 1711 items: 1712 description: EgressSecurityRuleForNSG is EgressSecurityRule 1713 for NSG. 1714 properties: 1715 egressRule: 1716 description: EgressSecurityRule A rule for 1717 allowing outbound IP packets. 1718 properties: 1719 description: 1720 description: An optional description of 1721 your choice for the rule. 1722 type: string 1723 destination: 1724 description: 'Conceptually, this is the 1725 range of IP addresses that a packet 1726 originating from the instance can go 1727 to. Allowed values: * IP address range 1728 in CIDR notation. For example: `192.168.1.0/24` 1729 or `2001:0db8:0123:45::/56` Note that 1730 IPv6 addressing is currently supported 1731 only in certain regions. See IPv6 Addresses 1732 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1733 * The `cidrBlock` value for a Service, 1734 if you''re setting up a security list 1735 rule for traffic destined for a particular 1736 `Service` through a service gateway. 1737 For example: `oci-phx-objectstorage`.' 1738 type: string 1739 destinationType: 1740 description: 'Type of destination for 1741 the rule. The default is `CIDR_BLOCK`. 1742 Allowed values: * `CIDR_BLOCK`: If the 1743 rule''s `destination` is an IP address 1744 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1745 If the rule''s `destination` is the 1746 `cidrBlock` value for a Service (the 1747 rule is for traffic destined for a particular 1748 `Service` through a service gateway).' 1749 type: string 1750 icmpOptions: 1751 description: 'IcmpOptions Optional and 1752 valid only for ICMP and ICMPv6. Use 1753 to specify a particular ICMP type and 1754 code as defined in: - ICMP Parameters 1755 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1756 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1757 If you specify ICMP or ICMPv6 as the 1758 protocol but omit this object, then 1759 all ICMP types and codes are allowed. 1760 If you do provide this object, the type 1761 is required and the code is optional. 1762 To enable MTU negotiation for ingress 1763 internet traffic via IPv4, make sure 1764 to allow type 3 ("Destination Unreachable") 1765 code 4 ("Fragmentation Needed and Don''t 1766 Fragment was Set"). If you need to specify 1767 multiple codes for a single type, create 1768 a separate security list rule for each.' 1769 properties: 1770 code: 1771 description: The ICMP code (optional). 1772 type: integer 1773 type: 1774 description: The ICMP type. 1775 type: integer 1776 type: object 1777 isStateless: 1778 description: A stateless rule allows traffic 1779 in one direction. Remember to add a 1780 corresponding stateless rule in the 1781 other direction if you need to support 1782 bidirectional traffic. For example, 1783 if egress traffic allows TCP destination 1784 port 80, there should be an ingress 1785 rule to allow TCP source port 80. Defaults 1786 to false, which means the rule is stateful 1787 and a corresponding rule is not necessary 1788 for bidirectional traffic. 1789 type: boolean 1790 protocol: 1791 description: The transport protocol. Specify 1792 either `all` or an IPv4 protocol number 1793 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1794 Options are supported only for ICMP 1795 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 1796 ("58"). 1797 type: string 1798 tcpOptions: 1799 description: TcpOptions Optional and valid 1800 only for TCP. Use to specify particular 1801 destination ports for TCP rules. If 1802 you specify TCP as the protocol but 1803 omit this object, then all destination 1804 ports are allowed. 1805 properties: 1806 destinationPortRange: 1807 description: PortRange The representation 1808 of PortRange. 1809 properties: 1810 max: 1811 description: The maximum port 1812 number, which must not be less 1813 than the minimum port number. 1814 To specify a single port number, 1815 set both the min and max to 1816 the same value. 1817 type: integer 1818 min: 1819 description: The minimum port 1820 number, which must not be greater 1821 than the maximum port number. 1822 type: integer 1823 type: object 1824 sourcePortRange: 1825 description: PortRange The representation 1826 of PortRange. 1827 properties: 1828 max: 1829 description: The maximum port 1830 number, which must not be less 1831 than the minimum port number. 1832 To specify a single port number, 1833 set both the min and max to 1834 the same value. 1835 type: integer 1836 min: 1837 description: The minimum port 1838 number, which must not be greater 1839 than the maximum port number. 1840 type: integer 1841 type: object 1842 type: object 1843 udpOptions: 1844 description: UdpOptions Optional and valid 1845 only for UDP. Use to specify particular 1846 destination ports for UDP rules. If 1847 you specify UDP as the protocol but 1848 omit this object, then all destination 1849 ports are allowed. 1850 properties: 1851 destinationPortRange: 1852 description: PortRange The representation 1853 of PortRange. 1854 properties: 1855 max: 1856 description: The maximum port 1857 number, which must not be less 1858 than the minimum port number. 1859 To specify a single port number, 1860 set both the min and max to 1861 the same value. 1862 type: integer 1863 min: 1864 description: The minimum port 1865 number, which must not be greater 1866 than the maximum port number. 1867 type: integer 1868 type: object 1869 sourcePortRange: 1870 description: PortRange The representation 1871 of PortRange. 1872 properties: 1873 max: 1874 description: The maximum port 1875 number, which must not be less 1876 than the minimum port number. 1877 To specify a single port number, 1878 set both the min and max to 1879 the same value. 1880 type: integer 1881 min: 1882 description: The minimum port 1883 number, which must not be greater 1884 than the maximum port number. 1885 type: integer 1886 type: object 1887 type: object 1888 type: object 1889 type: object 1890 type: array 1891 id: 1892 description: NSG OCID. 1893 type: string 1894 ingressRules: 1895 description: IngressRules on the NSG. 1896 items: 1897 description: IngressSecurityRuleForNSG is IngressSecurityRule 1898 for NSG 1899 properties: 1900 ingressRule: 1901 description: IngressSecurityRule A rule for 1902 allowing inbound IP packets. 1903 properties: 1904 description: 1905 description: An optional description of 1906 your choice for the rule. 1907 type: string 1908 icmpOptions: 1909 description: 'IcmpOptions Optional and 1910 valid only for ICMP and ICMPv6. Use 1911 to specify a particular ICMP type and 1912 code as defined in: - ICMP Parameters 1913 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1914 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1915 If you specify ICMP or ICMPv6 as the 1916 protocol but omit this object, then 1917 all ICMP types and codes are allowed. 1918 If you do provide this object, the type 1919 is required and the code is optional. 1920 To enable MTU negotiation for ingress 1921 internet traffic via IPv4, make sure 1922 to allow type 3 ("Destination Unreachable") 1923 code 4 ("Fragmentation Needed and Don''t 1924 Fragment was Set"). If you need to specify 1925 multiple codes for a single type, create 1926 a separate security list rule for each.' 1927 properties: 1928 code: 1929 description: The ICMP code (optional). 1930 type: integer 1931 type: 1932 description: The ICMP type. 1933 type: integer 1934 type: object 1935 isStateless: 1936 description: A stateless rule allows traffic 1937 in one direction. Remember to add a 1938 corresponding stateless rule in the 1939 other direction if you need to support 1940 bidirectional traffic. For example, 1941 if ingress traffic allows TCP destination 1942 port 80, there should be an egress rule 1943 to allow TCP source port 80. Defaults 1944 to false, which means the rule is stateful 1945 and a corresponding rule is not necessary 1946 for bidirectional traffic. 1947 type: boolean 1948 protocol: 1949 description: The transport protocol. Specify 1950 either `all` or an IPv4 protocol number 1951 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1952 Options are supported only for ICMP 1953 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 1954 ("58"). 1955 type: string 1956 source: 1957 description: 'Conceptually, this is the 1958 range of IP addresses that a packet 1959 coming into the instance can come from. 1960 Allowed values: * IP address range in 1961 CIDR notation. For example: `192.168.1.0/24` 1962 or `2001:0db8:0123:45::/56`. IPv6 addressing 1963 is supported for all commercial and 1964 government regions. See IPv6 Addresses 1965 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1966 * The `cidrBlock` value for a Service, 1967 if you''re setting up a security list 1968 rule for traffic coming from a particular 1969 `Service` through a service gateway. 1970 For example: `oci-phx-objectstorage`.' 1971 type: string 1972 sourceType: 1973 description: 'Type of source for the rule. 1974 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 1975 If the rule''s `source` is an IP address 1976 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1977 If the rule''s `source` is the `cidrBlock` 1978 value for a Service (the rule is for 1979 traffic coming from a particular `Service` 1980 through a service gateway).' 1981 type: string 1982 tcpOptions: 1983 description: TcpOptions Optional and valid 1984 only for TCP. Use to specify particular 1985 destination ports for TCP rules. If 1986 you specify TCP as the protocol but 1987 omit this object, then all destination 1988 ports are allowed. 1989 properties: 1990 destinationPortRange: 1991 description: PortRange The representation 1992 of PortRange. 1993 properties: 1994 max: 1995 description: The maximum port 1996 number, which must not be less 1997 than the minimum port number. 1998 To specify a single port number, 1999 set both the min and max to 2000 the same value. 2001 type: integer 2002 min: 2003 description: The minimum port 2004 number, which must not be greater 2005 than the maximum port number. 2006 type: integer 2007 type: object 2008 sourcePortRange: 2009 description: PortRange The representation 2010 of PortRange. 2011 properties: 2012 max: 2013 description: The maximum port 2014 number, which must not be less 2015 than the minimum port number. 2016 To specify a single port number, 2017 set both the min and max to 2018 the same value. 2019 type: integer 2020 min: 2021 description: The minimum port 2022 number, which must not be greater 2023 than the maximum port number. 2024 type: integer 2025 type: object 2026 type: object 2027 udpOptions: 2028 description: UdpOptions Optional and valid 2029 only for UDP. Use to specify particular 2030 destination ports for UDP rules. If 2031 you specify UDP as the protocol but 2032 omit this object, then all destination 2033 ports are allowed. 2034 properties: 2035 destinationPortRange: 2036 description: PortRange The representation 2037 of PortRange. 2038 properties: 2039 max: 2040 description: The maximum port 2041 number, which must not be less 2042 than the minimum port number. 2043 To specify a single port number, 2044 set both the min and max to 2045 the same value. 2046 type: integer 2047 min: 2048 description: The minimum port 2049 number, which must not be greater 2050 than the maximum port number. 2051 type: integer 2052 type: object 2053 sourcePortRange: 2054 description: PortRange The representation 2055 of PortRange. 2056 properties: 2057 max: 2058 description: The maximum port 2059 number, which must not be less 2060 than the minimum port number. 2061 To specify a single port number, 2062 set both the min and max to 2063 the same value. 2064 type: integer 2065 min: 2066 description: The minimum port 2067 number, which must not be greater 2068 than the maximum port number. 2069 type: integer 2070 type: object 2071 type: object 2072 type: object 2073 type: object 2074 type: array 2075 name: 2076 description: NSG Name. 2077 type: string 2078 role: 2079 description: Role defines the NSG role (eg. control-plane, 2080 control-plane-endpoint, service-lb, worker). 2081 type: string 2082 required: 2083 - name 2084 type: object 2085 type: array 2086 x-kubernetes-list-map-keys: 2087 - name 2088 x-kubernetes-list-type: map 2089 skip: 2090 description: Skip specifies whether to skip creating network 2091 security groups. 2092 type: boolean 2093 type: object 2094 routeTable: 2095 description: Configuration for Route table. 2096 properties: 2097 privateRouteTableId: 2098 description: ID of Private Route Table. 2099 type: string 2100 publicRouteTableId: 2101 description: ID of Public Route Table. 2102 type: string 2103 skip: 2104 description: Skip specifies whether to skip creating Route 2105 table. 2106 type: boolean 2107 type: object 2108 serviceGateway: 2109 description: Configuration for Service Gateway. 2110 properties: 2111 id: 2112 description: ID of Service Gateway. 2113 type: string 2114 skip: 2115 description: Skip specifies whether to skip creating Service 2116 gateway. 2117 type: boolean 2118 type: object 2119 subnets: 2120 description: Subnets is the configuration for subnets required 2121 in the VCN. 2122 items: 2123 description: Subnet defines the configuration for a network's 2124 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 2125 properties: 2126 cidr: 2127 description: Subnet CIDR. 2128 type: string 2129 id: 2130 description: Subnet OCID. 2131 type: string 2132 name: 2133 description: Subnet Name. 2134 type: string 2135 role: 2136 description: Role defines the subnet role (eg. control-plane, 2137 control-plane-endpoint, service-lb, worker). 2138 type: string 2139 securityList: 2140 description: The security list associated with Subnet. 2141 properties: 2142 egressRules: 2143 description: EgressRules on the SecurityList. 2144 items: 2145 description: EgressSecurityRule A rule for allowing 2146 outbound IP packets. 2147 properties: 2148 description: 2149 description: An optional description of your 2150 choice for the rule. 2151 type: string 2152 destination: 2153 description: 'Conceptually, this is the range 2154 of IP addresses that a packet originating 2155 from the instance can go to. Allowed values: 2156 * IP address range in CIDR notation. For 2157 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 2158 Note that IPv6 addressing is currently supported 2159 only in certain regions. See IPv6 Addresses 2160 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2161 * The `cidrBlock` value for a Service, if 2162 you''re setting up a security list rule 2163 for traffic destined for a particular `Service` 2164 through a service gateway. For example: 2165 `oci-phx-objectstorage`.' 2166 type: string 2167 destinationType: 2168 description: 'Type of destination for the 2169 rule. The default is `CIDR_BLOCK`. Allowed 2170 values: * `CIDR_BLOCK`: If the rule''s `destination` 2171 is an IP address range in CIDR notation. 2172 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 2173 is the `cidrBlock` value for a Service (the 2174 rule is for traffic destined for a particular 2175 `Service` through a service gateway).' 2176 type: string 2177 icmpOptions: 2178 description: 'IcmpOptions Optional and valid 2179 only for ICMP and ICMPv6. Use to specify 2180 a particular ICMP type and code as defined 2181 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2182 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2183 If you specify ICMP or ICMPv6 as the protocol 2184 but omit this object, then all ICMP types 2185 and codes are allowed. If you do provide 2186 this object, the type is required and the 2187 code is optional. To enable MTU negotiation 2188 for ingress internet traffic via IPv4, make 2189 sure to allow type 3 ("Destination Unreachable") 2190 code 4 ("Fragmentation Needed and Don''t 2191 Fragment was Set"). If you need to specify 2192 multiple codes for a single type, create 2193 a separate security list rule for each.' 2194 properties: 2195 code: 2196 description: The ICMP code (optional). 2197 type: integer 2198 type: 2199 description: The ICMP type. 2200 type: integer 2201 type: object 2202 isStateless: 2203 description: A stateless rule allows traffic 2204 in one direction. Remember to add a corresponding 2205 stateless rule in the other direction if 2206 you need to support bidirectional traffic. 2207 For example, if egress traffic allows TCP 2208 destination port 80, there should be an 2209 ingress rule to allow TCP source port 80. 2210 Defaults to false, which means the rule 2211 is stateful and a corresponding rule is 2212 not necessary for bidirectional traffic. 2213 type: boolean 2214 protocol: 2215 description: The transport protocol. Specify 2216 either `all` or an IPv4 protocol number 2217 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2218 Options are supported only for ICMP ("1"), 2219 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 2220 type: string 2221 tcpOptions: 2222 description: TcpOptions Optional and valid 2223 only for TCP. Use to specify particular 2224 destination ports for TCP rules. If you 2225 specify TCP as the protocol but omit this 2226 object, then all destination ports are allowed. 2227 properties: 2228 destinationPortRange: 2229 description: PortRange The representation 2230 of PortRange. 2231 properties: 2232 max: 2233 description: The maximum port number, 2234 which must not be less than the 2235 minimum port number. To specify 2236 a single port number, set both the 2237 min and max to the same value. 2238 type: integer 2239 min: 2240 description: The minimum port number, 2241 which must not be greater than the 2242 maximum port number. 2243 type: integer 2244 type: object 2245 sourcePortRange: 2246 description: PortRange The representation 2247 of PortRange. 2248 properties: 2249 max: 2250 description: The maximum port number, 2251 which must not be less than the 2252 minimum port number. To specify 2253 a single port number, set both the 2254 min and max to the same value. 2255 type: integer 2256 min: 2257 description: The minimum port number, 2258 which must not be greater than the 2259 maximum port number. 2260 type: integer 2261 type: object 2262 type: object 2263 udpOptions: 2264 description: UdpOptions Optional and valid 2265 only for UDP. Use to specify particular 2266 destination ports for UDP rules. If you 2267 specify UDP as the protocol but omit this 2268 object, then all destination ports are allowed. 2269 properties: 2270 destinationPortRange: 2271 description: PortRange The representation 2272 of PortRange. 2273 properties: 2274 max: 2275 description: The maximum port number, 2276 which must not be less than the 2277 minimum port number. To specify 2278 a single port number, set both the 2279 min and max to the same value. 2280 type: integer 2281 min: 2282 description: The minimum port number, 2283 which must not be greater than the 2284 maximum port number. 2285 type: integer 2286 type: object 2287 sourcePortRange: 2288 description: PortRange The representation 2289 of PortRange. 2290 properties: 2291 max: 2292 description: The maximum port number, 2293 which must not be less than the 2294 minimum port number. To specify 2295 a single port number, set both the 2296 min and max to the same value. 2297 type: integer 2298 min: 2299 description: The minimum port number, 2300 which must not be greater than the 2301 maximum port number. 2302 type: integer 2303 type: object 2304 type: object 2305 type: object 2306 type: array 2307 id: 2308 description: ID of the SecurityList. 2309 type: string 2310 ingressRules: 2311 description: IngressRules on the SecurityList. 2312 items: 2313 description: IngressSecurityRule A rule for allowing 2314 inbound IP packets. 2315 properties: 2316 description: 2317 description: An optional description of your 2318 choice for the rule. 2319 type: string 2320 icmpOptions: 2321 description: 'IcmpOptions Optional and valid 2322 only for ICMP and ICMPv6. Use to specify 2323 a particular ICMP type and code as defined 2324 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2325 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2326 If you specify ICMP or ICMPv6 as the protocol 2327 but omit this object, then all ICMP types 2328 and codes are allowed. If you do provide 2329 this object, the type is required and the 2330 code is optional. To enable MTU negotiation 2331 for ingress internet traffic via IPv4, make 2332 sure to allow type 3 ("Destination Unreachable") 2333 code 4 ("Fragmentation Needed and Don''t 2334 Fragment was Set"). If you need to specify 2335 multiple codes for a single type, create 2336 a separate security list rule for each.' 2337 properties: 2338 code: 2339 description: The ICMP code (optional). 2340 type: integer 2341 type: 2342 description: The ICMP type. 2343 type: integer 2344 type: object 2345 isStateless: 2346 description: A stateless rule allows traffic 2347 in one direction. Remember to add a corresponding 2348 stateless rule in the other direction if 2349 you need to support bidirectional traffic. 2350 For example, if ingress traffic allows TCP 2351 destination port 80, there should be an 2352 egress rule to allow TCP source port 80. 2353 Defaults to false, which means the rule 2354 is stateful and a corresponding rule is 2355 not necessary for bidirectional traffic. 2356 type: boolean 2357 protocol: 2358 description: The transport protocol. Specify 2359 either `all` or an IPv4 protocol number 2360 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2361 Options are supported only for ICMP ("1"), 2362 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 2363 type: string 2364 source: 2365 description: 'Conceptually, this is the range 2366 of IP addresses that a packet coming into 2367 the instance can come from. Allowed values: 2368 * IP address range in CIDR notation. For 2369 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 2370 IPv6 addressing is supported for all commercial 2371 and government regions. See IPv6 Addresses 2372 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2373 * The `cidrBlock` value for a Service, if 2374 you''re setting up a security list rule 2375 for traffic coming from a particular `Service` 2376 through a service gateway. For example: 2377 `oci-phx-objectstorage`.' 2378 type: string 2379 sourceType: 2380 description: 'Type of source for the rule. 2381 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 2382 If the rule''s `source` is an IP address 2383 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 2384 If the rule''s `source` is the `cidrBlock` 2385 value for a Service (the rule is for traffic 2386 coming from a particular `Service` through 2387 a service gateway).' 2388 type: string 2389 tcpOptions: 2390 description: TcpOptions Optional and valid 2391 only for TCP. Use to specify particular 2392 destination ports for TCP rules. If you 2393 specify TCP as the protocol but omit this 2394 object, then all destination ports are allowed. 2395 properties: 2396 destinationPortRange: 2397 description: PortRange The representation 2398 of PortRange. 2399 properties: 2400 max: 2401 description: The maximum port number, 2402 which must not be less than the 2403 minimum port number. To specify 2404 a single port number, set both the 2405 min and max to the same value. 2406 type: integer 2407 min: 2408 description: The minimum port number, 2409 which must not be greater than the 2410 maximum port number. 2411 type: integer 2412 type: object 2413 sourcePortRange: 2414 description: PortRange The representation 2415 of PortRange. 2416 properties: 2417 max: 2418 description: The maximum port number, 2419 which must not be less than the 2420 minimum port number. To specify 2421 a single port number, set both the 2422 min and max to the same value. 2423 type: integer 2424 min: 2425 description: The minimum port number, 2426 which must not be greater than the 2427 maximum port number. 2428 type: integer 2429 type: object 2430 type: object 2431 udpOptions: 2432 description: UdpOptions Optional and valid 2433 only for UDP. Use to specify particular 2434 destination ports for UDP rules. If you 2435 specify UDP as the protocol but omit this 2436 object, then all destination ports are allowed. 2437 properties: 2438 destinationPortRange: 2439 description: PortRange The representation 2440 of PortRange. 2441 properties: 2442 max: 2443 description: The maximum port number, 2444 which must not be less than the 2445 minimum port number. To specify 2446 a single port number, set both the 2447 min and max to the same value. 2448 type: integer 2449 min: 2450 description: The minimum port number, 2451 which must not be greater than the 2452 maximum port number. 2453 type: integer 2454 type: object 2455 sourcePortRange: 2456 description: PortRange The representation 2457 of PortRange. 2458 properties: 2459 max: 2460 description: The maximum port number, 2461 which must not be less than the 2462 minimum port number. To specify 2463 a single port number, set both the 2464 min and max to the same value. 2465 type: integer 2466 min: 2467 description: The minimum port number, 2468 which must not be greater than the 2469 maximum port number. 2470 type: integer 2471 type: object 2472 type: object 2473 type: object 2474 type: array 2475 name: 2476 description: SecurityList Name. 2477 type: string 2478 type: object 2479 type: 2480 description: Type defines the subnet type (e.g. public, 2481 private). 2482 type: string 2483 required: 2484 - name 2485 - role 2486 type: object 2487 type: array 2488 x-kubernetes-list-map-keys: 2489 - name 2490 x-kubernetes-list-type: map 2491 type: object 2492 vcnPeering: 2493 description: VCNPeering configuration. 2494 properties: 2495 drg: 2496 description: DRG configuration refers to the DRG which has 2497 to be created if required. If management cluster and workload 2498 cluster shares the same DRG, this fields is not required 2499 to be specified. 2500 properties: 2501 id: 2502 description: ID is the OCID for the created DRG. 2503 type: string 2504 manage: 2505 description: Manage defines whether the DRG has to be 2506 managed(including create). If set to false(the default) 2507 the ID has to be specified by the user to a valid DRG 2508 ID to which the VCN has to be attached. 2509 type: boolean 2510 name: 2511 description: Name is the name of the created DRG. 2512 type: string 2513 vcnAttachmentId: 2514 description: VcnAttachmentId is the ID of the VCN attachment 2515 of the DRG. The workload cluster VCN can be attached 2516 to either the management cluster VCN if they are sharing 2517 the same DRG or to the workload cluster DRG. 2518 type: string 2519 type: object 2520 peerRouteRules: 2521 description: PeerRouteRules defines the routing rules which 2522 will be added to the private route tables of the workload 2523 cluster VCN. The routes defined here will be directed to 2524 DRG. 2525 items: 2526 description: PeerRouteRule defines a Route Rule to be routed 2527 via a DRG. 2528 properties: 2529 vcnCIDRRange: 2530 description: VCNCIDRRange is the CIDR Range of peer 2531 VCN to which the workload cluster VCN will be peered. 2532 The CIDR range is required to add the route rule in 2533 the workload cluster VCN, the route rule will forward 2534 any traffic to the CIDR to the DRG. 2535 type: string 2536 type: object 2537 type: array 2538 remotePeeringConnections: 2539 description: RemotePeeringConnections defines the RPC connections 2540 which be established with the workload cluster DRG. 2541 items: 2542 description: RemotePeeringConnection is used to peer VCNs 2543 residing in different regions(typically). Remote VCN Peering 2544 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 2545 properties: 2546 managePeerRPC: 2547 description: ManagePeerRPC will define if the Peer VCN 2548 needs to be managed. If set to true a Remote Peering 2549 Connection will be created in the Peer DRG and the 2550 connection will be created between local and peer 2551 RPC. 2552 type: boolean 2553 peerDRGId: 2554 description: PeerDRGId defines the DRG ID of the peer. 2555 type: string 2556 peerRPCConnectionId: 2557 description: PeerRPCConnectionId defines the RPC ID 2558 of peer. If ManagePeerRPC is set to true this will 2559 be created by Cluster API Provider for OCI, otherwise 2560 this has be defined by the user. 2561 type: string 2562 peerRegionName: 2563 description: PeerRegionName defined the region name 2564 of Peer VCN. 2565 type: string 2566 rpcConnectionId: 2567 description: RPCConnectionId is the connection ID of 2568 the connection between peer and local RPC. 2569 type: string 2570 type: object 2571 type: array 2572 type: object 2573 type: object 2574 ociResourceIdentifier: 2575 description: The unique ID which will be used to tag all the resources 2576 created by this Cluster. The tag will be used to identify resources 2577 belonging to this cluster. this will be auto-generated and should 2578 not be set by the user. 2579 type: string 2580 region: 2581 description: Region the cluster operates in. It must be one of available 2582 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 2583 type: string 2584 type: object 2585 status: 2586 description: OCIClusterStatus defines the observed state of OCICluster 2587 properties: 2588 conditions: 2589 description: NetworkSpec encapsulates all things related to OCI network. 2590 items: 2591 description: Condition defines an observation of a Cluster API resource 2592 operational state. 2593 properties: 2594 lastTransitionTime: 2595 description: Last time the condition transitioned from one status 2596 to another. This should be when the underlying condition changed. 2597 If that is not known, then using the time when the API field 2598 changed is acceptable. 2599 format: date-time 2600 type: string 2601 message: 2602 description: A human readable message indicating details about 2603 the transition. This field may be empty. 2604 type: string 2605 reason: 2606 description: The reason for the condition's last transition 2607 in CamelCase. The specific API may choose whether or not this 2608 field is considered a guaranteed API. This field may not be 2609 empty. 2610 type: string 2611 severity: 2612 description: Severity provides an explicit classification of 2613 Reason code, so the users or machines can immediately understand 2614 the current situation and act accordingly. The Severity field 2615 MUST be set only when Status=False. 2616 type: string 2617 status: 2618 description: Status of the condition, one of True, False, Unknown. 2619 type: string 2620 type: 2621 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 2622 Many .condition.type values are consistent across resources 2623 like Available, but because arbitrary conditions can be useful 2624 (see .node.status.conditions), the ability to deconflict is 2625 important. 2626 type: string 2627 required: 2628 - lastTransitionTime 2629 - status 2630 - type 2631 type: object 2632 type: array 2633 failureDomains: 2634 additionalProperties: 2635 description: FailureDomainSpec is the Schema for Cluster API failure 2636 domains. It allows controllers to understand how many failure 2637 domains a cluster can optionally span across. 2638 properties: 2639 attributes: 2640 additionalProperties: 2641 type: string 2642 description: Attributes is a free form map of attributes an 2643 infrastructure provider might use or require. 2644 type: object 2645 controlPlane: 2646 description: ControlPlane determines if this failure domain 2647 is suitable for use by control plane machines. 2648 type: boolean 2649 type: object 2650 description: FailureDomains is a slice of FailureDomains. 2651 type: object 2652 ready: 2653 type: boolean 2654 type: object 2655 type: object 2656 served: true 2657 storage: true 2658 subresources: 2659 status: {} 2660 --- 2661 apiVersion: apiextensions.k8s.io/v1 2662 kind: CustomResourceDefinition 2663 metadata: 2664 annotations: 2665 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 2666 controller-gen.kubebuilder.io/version: v0.10.0 2667 labels: 2668 cluster.x-k8s.io/provider: infrastructure-oci 2669 cluster.x-k8s.io/v1beta1: v1beta1 2670 name: ociclustertemplates.infrastructure.cluster.x-k8s.io 2671 spec: 2672 conversion: 2673 strategy: Webhook 2674 webhook: 2675 clientConfig: 2676 service: 2677 name: capoci-webhook-service 2678 namespace: cluster-api-provider-oci-system 2679 path: /convert 2680 conversionReviewVersions: 2681 - v1 2682 - v1beta1 2683 group: infrastructure.cluster.x-k8s.io 2684 names: 2685 categories: 2686 - cluster-api 2687 kind: OCIClusterTemplate 2688 listKind: OCIClusterTemplateList 2689 plural: ociclustertemplates 2690 singular: ociclustertemplate 2691 scope: Namespaced 2692 versions: 2693 - name: v1beta1 2694 schema: 2695 openAPIV3Schema: 2696 description: OCIClusterTemplate is the Schema for the ociclustertemplates 2697 API. 2698 properties: 2699 apiVersion: 2700 description: 'APIVersion defines the versioned schema of this representation 2701 of an object. Servers should convert recognized schemas to the latest 2702 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2703 type: string 2704 kind: 2705 description: 'Kind is a string value representing the REST resource this 2706 object represents. Servers may infer this from the endpoint the client 2707 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2708 type: string 2709 metadata: 2710 type: object 2711 spec: 2712 description: OCIClusterTemplateSpec defines the desired state of OCIClusterTemplate. 2713 properties: 2714 template: 2715 description: OCIClusterTemplateResource describes the data needed 2716 to create an OCICluster from a template. 2717 properties: 2718 spec: 2719 description: OCIClusterSpec defines the desired state of OciCluster 2720 properties: 2721 compartmentId: 2722 description: Compartment to create the cluster network. 2723 type: string 2724 controlPlaneEndpoint: 2725 description: ControlPlaneEndpoint represents the endpoint 2726 used to communicate with the control plane. 2727 properties: 2728 host: 2729 description: The hostname on which the API server is serving. 2730 type: string 2731 port: 2732 description: The port on which the API server is serving. 2733 format: int32 2734 type: integer 2735 required: 2736 - host 2737 - port 2738 type: object 2739 definedTags: 2740 additionalProperties: 2741 additionalProperties: 2742 type: string 2743 type: object 2744 description: 'Defined tags for this resource. Each key is 2745 predefined and scoped to a namespace. For more information, 2746 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 2747 Example: `{"Operations": {"CostCenter": "42"}}`' 2748 type: object 2749 freeformTags: 2750 additionalProperties: 2751 type: string 2752 description: Free-form tags for this resource. 2753 type: object 2754 identityRef: 2755 description: IdentityRef is a reference to an identity(principal) 2756 to be used when reconciling this cluster 2757 properties: 2758 apiVersion: 2759 description: API version of the referent. 2760 type: string 2761 fieldPath: 2762 description: 'If referring to a piece of an object instead 2763 of an entire object, this string should contain a valid 2764 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 2765 For example, if the object reference is to a container 2766 within a pod, this would take on a value like: "spec.containers{name}" 2767 (where "name" refers to the name of the container that 2768 triggered the event) or if no container name is specified 2769 "spec.containers[2]" (container with index 2 in this 2770 pod). This syntax is chosen only to have some well-defined 2771 way of referencing a part of an object. TODO: this design 2772 is not final and this field is subject to change in 2773 the future.' 2774 type: string 2775 kind: 2776 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2777 type: string 2778 name: 2779 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 2780 type: string 2781 namespace: 2782 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 2783 type: string 2784 resourceVersion: 2785 description: 'Specific resourceVersion to which this reference 2786 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 2787 type: string 2788 uid: 2789 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 2790 type: string 2791 type: object 2792 x-kubernetes-map-type: atomic 2793 networkSpec: 2794 description: NetworkSpec encapsulates all things related to 2795 OCI network. 2796 properties: 2797 apiServerLoadBalancer: 2798 description: API Server LB configuration. 2799 properties: 2800 loadBalancerId: 2801 description: ID of Load Balancer. 2802 type: string 2803 name: 2804 description: LoadBalancer Name. 2805 type: string 2806 type: object 2807 skipNetworkManagement: 2808 description: SkipNetworkManagement defines if the networking 2809 spec(VCN related) specified by the user needs to be 2810 reconciled(actioned-upon) or used as it is. APIServerLB 2811 will still be reconciled. 2812 type: boolean 2813 vcn: 2814 description: VCN configuration. 2815 properties: 2816 cidr: 2817 description: VCN CIDR. 2818 type: string 2819 id: 2820 description: VCN OCID. 2821 type: string 2822 internetGatewayId: 2823 description: ID of Internet Gateway. 2824 type: string 2825 name: 2826 description: VCN Name. 2827 type: string 2828 natGatewayId: 2829 description: ID of Nat Gateway. 2830 type: string 2831 networkSecurityGroups: 2832 description: NetworkSecurityGroups is the configuration 2833 for the Network Security Groups required in the 2834 VCN. 2835 items: 2836 description: NSG defines configuration for a Network 2837 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 2838 properties: 2839 egressRules: 2840 description: EgressRules on the NSG. 2841 items: 2842 description: EgressSecurityRuleForNSG is EgressSecurityRule 2843 for NSG. 2844 properties: 2845 egressRule: 2846 description: EgressSecurityRule A rule 2847 for allowing outbound IP packets. 2848 properties: 2849 description: 2850 description: An optional description 2851 of your choice for the rule. 2852 type: string 2853 destination: 2854 description: 'Conceptually, this is 2855 the range of IP addresses that a 2856 packet originating from the instance 2857 can go to. Allowed values: * IP 2858 address range in CIDR notation. 2859 For example: `192.168.1.0/24` or 2860 `2001:0db8:0123:45::/56` Note that 2861 IPv6 addressing is currently supported 2862 only in certain regions. See IPv6 2863 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2864 * The `cidrBlock` value for a Service, 2865 if you''re setting up a security 2866 list rule for traffic destined for 2867 a particular `Service` through a 2868 service gateway. For example: `oci-phx-objectstorage`.' 2869 type: string 2870 destinationType: 2871 description: 'Type of destination 2872 for the rule. The default is `CIDR_BLOCK`. 2873 Allowed values: * `CIDR_BLOCK`: 2874 If the rule''s `destination` is 2875 an IP address range in CIDR notation. 2876 * `SERVICE_CIDR_BLOCK`: If the rule''s 2877 `destination` is the `cidrBlock` 2878 value for a Service (the rule is 2879 for traffic destined for a particular 2880 `Service` through a service gateway).' 2881 type: string 2882 icmpOptions: 2883 description: 'IcmpOptions Optional 2884 and valid only for ICMP and ICMPv6. 2885 Use to specify a particular ICMP 2886 type and code as defined in: - ICMP 2887 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2888 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2889 If you specify ICMP or ICMPv6 as 2890 the protocol but omit this object, 2891 then all ICMP types and codes are 2892 allowed. If you do provide this 2893 object, the type is required and 2894 the code is optional. To enable 2895 MTU negotiation for ingress internet 2896 traffic via IPv4, make sure to allow 2897 type 3 ("Destination Unreachable") 2898 code 4 ("Fragmentation Needed and 2899 Don''t Fragment was Set"). If you 2900 need to specify multiple codes for 2901 a single type, create a separate 2902 security list rule for each.' 2903 properties: 2904 code: 2905 description: The ICMP code (optional). 2906 type: integer 2907 type: 2908 description: The ICMP type. 2909 type: integer 2910 type: object 2911 isStateless: 2912 description: A stateless rule allows 2913 traffic in one direction. Remember 2914 to add a corresponding stateless 2915 rule in the other direction if you 2916 need to support bidirectional traffic. 2917 For example, if egress traffic allows 2918 TCP destination port 80, there should 2919 be an ingress rule to allow TCP 2920 source port 80. Defaults to false, 2921 which means the rule is stateful 2922 and a corresponding rule is not 2923 necessary for bidirectional traffic. 2924 type: boolean 2925 protocol: 2926 description: The transport protocol. 2927 Specify either `all` or an IPv4 2928 protocol number as defined in Protocol 2929 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2930 Options are supported only for ICMP 2931 ("1"), TCP ("6"), UDP ("17"), and 2932 ICMPv6 ("58"). 2933 type: string 2934 tcpOptions: 2935 description: TcpOptions Optional and 2936 valid only for TCP. Use to specify 2937 particular destination ports for 2938 TCP rules. If you specify TCP as 2939 the protocol but omit this object, 2940 then all destination ports are allowed. 2941 properties: 2942 destinationPortRange: 2943 description: PortRange The representation 2944 of PortRange. 2945 properties: 2946 max: 2947 description: The maximum port 2948 number, which must not be 2949 less than the minimum port 2950 number. To specify a single 2951 port number, set both the 2952 min and max to the same 2953 value. 2954 type: integer 2955 min: 2956 description: The minimum port 2957 number, which must not be 2958 greater than the maximum 2959 port number. 2960 type: integer 2961 type: object 2962 sourcePortRange: 2963 description: PortRange The representation 2964 of PortRange. 2965 properties: 2966 max: 2967 description: The maximum port 2968 number, which must not be 2969 less than the minimum port 2970 number. To specify a single 2971 port number, set both the 2972 min and max to the same 2973 value. 2974 type: integer 2975 min: 2976 description: The minimum port 2977 number, which must not be 2978 greater than the maximum 2979 port number. 2980 type: integer 2981 type: object 2982 type: object 2983 udpOptions: 2984 description: UdpOptions Optional and 2985 valid only for UDP. Use to specify 2986 particular destination ports for 2987 UDP rules. If you specify UDP as 2988 the protocol but omit this object, 2989 then all destination ports are allowed. 2990 properties: 2991 destinationPortRange: 2992 description: PortRange The representation 2993 of PortRange. 2994 properties: 2995 max: 2996 description: The maximum port 2997 number, which must not be 2998 less than the minimum port 2999 number. To specify a single 3000 port number, set both the 3001 min and max to the same 3002 value. 3003 type: integer 3004 min: 3005 description: The minimum port 3006 number, which must not be 3007 greater than the maximum 3008 port number. 3009 type: integer 3010 type: object 3011 sourcePortRange: 3012 description: PortRange The representation 3013 of PortRange. 3014 properties: 3015 max: 3016 description: The maximum port 3017 number, which must not be 3018 less than the minimum port 3019 number. To specify a single 3020 port number, set both the 3021 min and max to the same 3022 value. 3023 type: integer 3024 min: 3025 description: The minimum port 3026 number, which must not be 3027 greater than the maximum 3028 port number. 3029 type: integer 3030 type: object 3031 type: object 3032 type: object 3033 id: 3034 description: 'EgressSecurityRule ID for 3035 NSG. Deprecated: this field is not populated 3036 and used during reconciliation' 3037 type: string 3038 type: object 3039 type: array 3040 id: 3041 description: NSG OCID. 3042 type: string 3043 ingressRules: 3044 description: IngressRules on the NSG. 3045 items: 3046 description: IngressSecurityRuleForNSG is 3047 IngressSecurityRule for NSG 3048 properties: 3049 id: 3050 description: 'IngressSecurityRule ID for 3051 NSG. Deprecated: this field is not populated 3052 and used during reconciliation' 3053 type: string 3054 ingressRule: 3055 description: IngressSecurityRule A rule 3056 for allowing inbound IP packets. 3057 properties: 3058 description: 3059 description: An optional description 3060 of your choice for the rule. 3061 type: string 3062 icmpOptions: 3063 description: 'IcmpOptions Optional 3064 and valid only for ICMP and ICMPv6. 3065 Use to specify a particular ICMP 3066 type and code as defined in: - ICMP 3067 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3068 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3069 If you specify ICMP or ICMPv6 as 3070 the protocol but omit this object, 3071 then all ICMP types and codes are 3072 allowed. If you do provide this 3073 object, the type is required and 3074 the code is optional. To enable 3075 MTU negotiation for ingress internet 3076 traffic via IPv4, make sure to allow 3077 type 3 ("Destination Unreachable") 3078 code 4 ("Fragmentation Needed and 3079 Don''t Fragment was Set"). If you 3080 need to specify multiple codes for 3081 a single type, create a separate 3082 security list rule for each.' 3083 properties: 3084 code: 3085 description: The ICMP code (optional). 3086 type: integer 3087 type: 3088 description: The ICMP type. 3089 type: integer 3090 type: object 3091 isStateless: 3092 description: A stateless rule allows 3093 traffic in one direction. Remember 3094 to add a corresponding stateless 3095 rule in the other direction if you 3096 need to support bidirectional traffic. 3097 For example, if ingress traffic 3098 allows TCP destination port 80, 3099 there should be an egress rule to 3100 allow TCP source port 80. Defaults 3101 to false, which means the rule is 3102 stateful and a corresponding rule 3103 is not necessary for bidirectional 3104 traffic. 3105 type: boolean 3106 protocol: 3107 description: The transport protocol. 3108 Specify either `all` or an IPv4 3109 protocol number as defined in Protocol 3110 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3111 Options are supported only for ICMP 3112 ("1"), TCP ("6"), UDP ("17"), and 3113 ICMPv6 ("58"). 3114 type: string 3115 source: 3116 description: 'Conceptually, this is 3117 the range of IP addresses that a 3118 packet coming into the instance 3119 can come from. Allowed values: * 3120 IP address range in CIDR notation. 3121 For example: `192.168.1.0/24` or 3122 `2001:0db8:0123:45::/56`. IPv6 addressing 3123 is supported for all commercial 3124 and government regions. See IPv6 3125 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3126 * The `cidrBlock` value for a Service, 3127 if you''re setting up a security 3128 list rule for traffic coming from 3129 a particular `Service` through a 3130 service gateway. For example: `oci-phx-objectstorage`.' 3131 type: string 3132 sourceType: 3133 description: 'Type of source for the 3134 rule. The default is `CIDR_BLOCK`. 3135 * `CIDR_BLOCK`: If the rule''s `source` 3136 is an IP address range in CIDR notation. 3137 * `SERVICE_CIDR_BLOCK`: If the rule''s 3138 `source` is the `cidrBlock` value 3139 for a Service (the rule is for traffic 3140 coming from a particular `Service` 3141 through a service gateway).' 3142 type: string 3143 tcpOptions: 3144 description: TcpOptions Optional and 3145 valid only for TCP. Use to specify 3146 particular destination ports for 3147 TCP rules. If you specify TCP as 3148 the protocol but omit this object, 3149 then all destination ports are allowed. 3150 properties: 3151 destinationPortRange: 3152 description: PortRange The representation 3153 of PortRange. 3154 properties: 3155 max: 3156 description: The maximum port 3157 number, which must not be 3158 less than the minimum port 3159 number. To specify a single 3160 port number, set both the 3161 min and max to the same 3162 value. 3163 type: integer 3164 min: 3165 description: The minimum port 3166 number, which must not be 3167 greater than the maximum 3168 port number. 3169 type: integer 3170 type: object 3171 sourcePortRange: 3172 description: PortRange The representation 3173 of PortRange. 3174 properties: 3175 max: 3176 description: The maximum port 3177 number, which must not be 3178 less than the minimum port 3179 number. To specify a single 3180 port number, set both the 3181 min and max to the same 3182 value. 3183 type: integer 3184 min: 3185 description: The minimum port 3186 number, which must not be 3187 greater than the maximum 3188 port number. 3189 type: integer 3190 type: object 3191 type: object 3192 udpOptions: 3193 description: UdpOptions Optional and 3194 valid only for UDP. Use to specify 3195 particular destination ports for 3196 UDP rules. If you specify UDP as 3197 the protocol but omit this object, 3198 then all destination ports are allowed. 3199 properties: 3200 destinationPortRange: 3201 description: PortRange The representation 3202 of PortRange. 3203 properties: 3204 max: 3205 description: The maximum port 3206 number, which must not be 3207 less than the minimum port 3208 number. To specify a single 3209 port number, set both the 3210 min and max to the same 3211 value. 3212 type: integer 3213 min: 3214 description: The minimum port 3215 number, which must not be 3216 greater than the maximum 3217 port number. 3218 type: integer 3219 type: object 3220 sourcePortRange: 3221 description: PortRange The representation 3222 of PortRange. 3223 properties: 3224 max: 3225 description: The maximum port 3226 number, which must not be 3227 less than the minimum port 3228 number. To specify a single 3229 port number, set both the 3230 min and max to the same 3231 value. 3232 type: integer 3233 min: 3234 description: The minimum port 3235 number, which must not be 3236 greater than the maximum 3237 port number. 3238 type: integer 3239 type: object 3240 type: object 3241 type: object 3242 type: object 3243 type: array 3244 name: 3245 description: NSG Name. 3246 type: string 3247 role: 3248 description: Role defines the NSG role (eg. 3249 control-plane, control-plane-endpoint, service-lb, 3250 worker). 3251 type: string 3252 required: 3253 - name 3254 type: object 3255 type: array 3256 x-kubernetes-list-map-keys: 3257 - name 3258 x-kubernetes-list-type: map 3259 privateRouteTableId: 3260 description: ID of Private Route Table. 3261 type: string 3262 publicRouteTableId: 3263 description: ID of Public Route Table. 3264 type: string 3265 serviceGatewayId: 3266 description: ID of Service Gateway. 3267 type: string 3268 subnets: 3269 description: Subnets is the configuration for subnets 3270 required in the VCN. 3271 items: 3272 description: Subnet defines the configuration for 3273 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 3274 properties: 3275 cidr: 3276 description: Subnet CIDR. 3277 type: string 3278 id: 3279 description: Subnet OCID. 3280 type: string 3281 name: 3282 description: Subnet Name. 3283 type: string 3284 role: 3285 description: Role defines the subnet role (eg. 3286 control-plane, control-plane-endpoint, service-lb, 3287 worker). 3288 type: string 3289 securityList: 3290 description: The security list associated with 3291 Subnet. 3292 properties: 3293 egressRules: 3294 description: EgressRules on the SecurityList. 3295 items: 3296 description: EgressSecurityRule A rule 3297 for allowing outbound IP packets. 3298 properties: 3299 description: 3300 description: An optional description 3301 of your choice for the rule. 3302 type: string 3303 destination: 3304 description: 'Conceptually, this is 3305 the range of IP addresses that a 3306 packet originating from the instance 3307 can go to. Allowed values: * IP 3308 address range in CIDR notation. 3309 For example: `192.168.1.0/24` or 3310 `2001:0db8:0123:45::/56` Note that 3311 IPv6 addressing is currently supported 3312 only in certain regions. See IPv6 3313 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3314 * The `cidrBlock` value for a Service, 3315 if you''re setting up a security 3316 list rule for traffic destined for 3317 a particular `Service` through a 3318 service gateway. For example: `oci-phx-objectstorage`.' 3319 type: string 3320 destinationType: 3321 description: 'Type of destination 3322 for the rule. The default is `CIDR_BLOCK`. 3323 Allowed values: * `CIDR_BLOCK`: 3324 If the rule''s `destination` is 3325 an IP address range in CIDR notation. 3326 * `SERVICE_CIDR_BLOCK`: If the rule''s 3327 `destination` is the `cidrBlock` 3328 value for a Service (the rule is 3329 for traffic destined for a particular 3330 `Service` through a service gateway).' 3331 type: string 3332 icmpOptions: 3333 description: 'IcmpOptions Optional 3334 and valid only for ICMP and ICMPv6. 3335 Use to specify a particular ICMP 3336 type and code as defined in: - ICMP 3337 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3338 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3339 If you specify ICMP or ICMPv6 as 3340 the protocol but omit this object, 3341 then all ICMP types and codes are 3342 allowed. If you do provide this 3343 object, the type is required and 3344 the code is optional. To enable 3345 MTU negotiation for ingress internet 3346 traffic via IPv4, make sure to allow 3347 type 3 ("Destination Unreachable") 3348 code 4 ("Fragmentation Needed and 3349 Don''t Fragment was Set"). If you 3350 need to specify multiple codes for 3351 a single type, create a separate 3352 security list rule for each.' 3353 properties: 3354 code: 3355 description: The ICMP code (optional). 3356 type: integer 3357 type: 3358 description: The ICMP type. 3359 type: integer 3360 type: object 3361 isStateless: 3362 description: A stateless rule allows 3363 traffic in one direction. Remember 3364 to add a corresponding stateless 3365 rule in the other direction if you 3366 need to support bidirectional traffic. 3367 For example, if egress traffic allows 3368 TCP destination port 80, there should 3369 be an ingress rule to allow TCP 3370 source port 80. Defaults to false, 3371 which means the rule is stateful 3372 and a corresponding rule is not 3373 necessary for bidirectional traffic. 3374 type: boolean 3375 protocol: 3376 description: The transport protocol. 3377 Specify either `all` or an IPv4 3378 protocol number as defined in Protocol 3379 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3380 Options are supported only for ICMP 3381 ("1"), TCP ("6"), UDP ("17"), and 3382 ICMPv6 ("58"). 3383 type: string 3384 tcpOptions: 3385 description: TcpOptions Optional and 3386 valid only for TCP. Use to specify 3387 particular destination ports for 3388 TCP rules. If you specify TCP as 3389 the protocol but omit this object, 3390 then all destination ports are allowed. 3391 properties: 3392 destinationPortRange: 3393 description: PortRange The representation 3394 of PortRange. 3395 properties: 3396 max: 3397 description: The maximum port 3398 number, which must not be 3399 less than the minimum port 3400 number. To specify a single 3401 port number, set both the 3402 min and max to the same 3403 value. 3404 type: integer 3405 min: 3406 description: The minimum port 3407 number, which must not be 3408 greater than the maximum 3409 port number. 3410 type: integer 3411 type: object 3412 sourcePortRange: 3413 description: PortRange The representation 3414 of PortRange. 3415 properties: 3416 max: 3417 description: The maximum port 3418 number, which must not be 3419 less than the minimum port 3420 number. To specify a single 3421 port number, set both the 3422 min and max to the same 3423 value. 3424 type: integer 3425 min: 3426 description: The minimum port 3427 number, which must not be 3428 greater than the maximum 3429 port number. 3430 type: integer 3431 type: object 3432 type: object 3433 udpOptions: 3434 description: UdpOptions Optional and 3435 valid only for UDP. Use to specify 3436 particular destination ports for 3437 UDP rules. If you specify UDP as 3438 the protocol but omit this object, 3439 then all destination ports are allowed. 3440 properties: 3441 destinationPortRange: 3442 description: PortRange The representation 3443 of PortRange. 3444 properties: 3445 max: 3446 description: The maximum port 3447 number, which must not be 3448 less than the minimum port 3449 number. To specify a single 3450 port number, set both the 3451 min and max to the same 3452 value. 3453 type: integer 3454 min: 3455 description: The minimum port 3456 number, which must not be 3457 greater than the maximum 3458 port number. 3459 type: integer 3460 type: object 3461 sourcePortRange: 3462 description: PortRange The representation 3463 of PortRange. 3464 properties: 3465 max: 3466 description: The maximum port 3467 number, which must not be 3468 less than the minimum port 3469 number. To specify a single 3470 port number, set both the 3471 min and max to the same 3472 value. 3473 type: integer 3474 min: 3475 description: The minimum port 3476 number, which must not be 3477 greater than the maximum 3478 port number. 3479 type: integer 3480 type: object 3481 type: object 3482 type: object 3483 type: array 3484 id: 3485 description: ID of the SecurityList. 3486 type: string 3487 ingressRules: 3488 description: IngressRules on the SecurityList. 3489 items: 3490 description: IngressSecurityRule A rule 3491 for allowing inbound IP packets. 3492 properties: 3493 description: 3494 description: An optional description 3495 of your choice for the rule. 3496 type: string 3497 icmpOptions: 3498 description: 'IcmpOptions Optional 3499 and valid only for ICMP and ICMPv6. 3500 Use to specify a particular ICMP 3501 type and code as defined in: - ICMP 3502 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3503 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3504 If you specify ICMP or ICMPv6 as 3505 the protocol but omit this object, 3506 then all ICMP types and codes are 3507 allowed. If you do provide this 3508 object, the type is required and 3509 the code is optional. To enable 3510 MTU negotiation for ingress internet 3511 traffic via IPv4, make sure to allow 3512 type 3 ("Destination Unreachable") 3513 code 4 ("Fragmentation Needed and 3514 Don''t Fragment was Set"). If you 3515 need to specify multiple codes for 3516 a single type, create a separate 3517 security list rule for each.' 3518 properties: 3519 code: 3520 description: The ICMP code (optional). 3521 type: integer 3522 type: 3523 description: The ICMP type. 3524 type: integer 3525 type: object 3526 isStateless: 3527 description: A stateless rule allows 3528 traffic in one direction. Remember 3529 to add a corresponding stateless 3530 rule in the other direction if you 3531 need to support bidirectional traffic. 3532 For example, if ingress traffic 3533 allows TCP destination port 80, 3534 there should be an egress rule to 3535 allow TCP source port 80. Defaults 3536 to false, which means the rule is 3537 stateful and a corresponding rule 3538 is not necessary for bidirectional 3539 traffic. 3540 type: boolean 3541 protocol: 3542 description: The transport protocol. 3543 Specify either `all` or an IPv4 3544 protocol number as defined in Protocol 3545 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3546 Options are supported only for ICMP 3547 ("1"), TCP ("6"), UDP ("17"), and 3548 ICMPv6 ("58"). 3549 type: string 3550 source: 3551 description: 'Conceptually, this is 3552 the range of IP addresses that a 3553 packet coming into the instance 3554 can come from. Allowed values: * 3555 IP address range in CIDR notation. 3556 For example: `192.168.1.0/24` or 3557 `2001:0db8:0123:45::/56`. IPv6 addressing 3558 is supported for all commercial 3559 and government regions. See IPv6 3560 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3561 * The `cidrBlock` value for a Service, 3562 if you''re setting up a security 3563 list rule for traffic coming from 3564 a particular `Service` through a 3565 service gateway. For example: `oci-phx-objectstorage`.' 3566 type: string 3567 sourceType: 3568 description: 'Type of source for the 3569 rule. The default is `CIDR_BLOCK`. 3570 * `CIDR_BLOCK`: If the rule''s `source` 3571 is an IP address range in CIDR notation. 3572 * `SERVICE_CIDR_BLOCK`: If the rule''s 3573 `source` is the `cidrBlock` value 3574 for a Service (the rule is for traffic 3575 coming from a particular `Service` 3576 through a service gateway).' 3577 type: string 3578 tcpOptions: 3579 description: TcpOptions Optional and 3580 valid only for TCP. Use to specify 3581 particular destination ports for 3582 TCP rules. If you specify TCP as 3583 the protocol but omit this object, 3584 then all destination ports are allowed. 3585 properties: 3586 destinationPortRange: 3587 description: PortRange The representation 3588 of PortRange. 3589 properties: 3590 max: 3591 description: The maximum port 3592 number, which must not be 3593 less than the minimum port 3594 number. To specify a single 3595 port number, set both the 3596 min and max to the same 3597 value. 3598 type: integer 3599 min: 3600 description: The minimum port 3601 number, which must not be 3602 greater than the maximum 3603 port number. 3604 type: integer 3605 type: object 3606 sourcePortRange: 3607 description: PortRange The representation 3608 of PortRange. 3609 properties: 3610 max: 3611 description: The maximum port 3612 number, which must not be 3613 less than the minimum port 3614 number. To specify a single 3615 port number, set both the 3616 min and max to the same 3617 value. 3618 type: integer 3619 min: 3620 description: The minimum port 3621 number, which must not be 3622 greater than the maximum 3623 port number. 3624 type: integer 3625 type: object 3626 type: object 3627 udpOptions: 3628 description: UdpOptions Optional and 3629 valid only for UDP. Use to specify 3630 particular destination ports for 3631 UDP rules. If you specify UDP as 3632 the protocol but omit this object, 3633 then all destination ports are allowed. 3634 properties: 3635 destinationPortRange: 3636 description: PortRange The representation 3637 of PortRange. 3638 properties: 3639 max: 3640 description: The maximum port 3641 number, which must not be 3642 less than the minimum port 3643 number. To specify a single 3644 port number, set both the 3645 min and max to the same 3646 value. 3647 type: integer 3648 min: 3649 description: The minimum port 3650 number, which must not be 3651 greater than the maximum 3652 port number. 3653 type: integer 3654 type: object 3655 sourcePortRange: 3656 description: PortRange The representation 3657 of PortRange. 3658 properties: 3659 max: 3660 description: The maximum port 3661 number, which must not be 3662 less than the minimum port 3663 number. To specify a single 3664 port number, set both the 3665 min and max to the same 3666 value. 3667 type: integer 3668 min: 3669 description: The minimum port 3670 number, which must not be 3671 greater than the maximum 3672 port number. 3673 type: integer 3674 type: object 3675 type: object 3676 type: object 3677 type: array 3678 name: 3679 description: SecurityList Name. 3680 type: string 3681 type: object 3682 type: 3683 description: Type defines the subnet type (e.g. 3684 public, private). 3685 type: string 3686 required: 3687 - name 3688 - role 3689 type: object 3690 type: array 3691 x-kubernetes-list-map-keys: 3692 - name 3693 x-kubernetes-list-type: map 3694 type: object 3695 vcnPeering: 3696 description: VCNPeering configuration. 3697 properties: 3698 drg: 3699 description: DRG configuration refers to the DRG which 3700 has to be created if required. If management cluster 3701 and workload cluster shares the same DRG, this fields 3702 is not required to be specified. 3703 properties: 3704 id: 3705 description: ID is the OCID for the created DRG. 3706 type: string 3707 manage: 3708 description: Manage defines whether the DRG has 3709 to be managed(including create). If set to false(the 3710 default) the ID has to be specified by the user 3711 to a valid DRG ID to which the VCN has to be 3712 attached. 3713 type: boolean 3714 name: 3715 description: Name is the name of the created DRG. 3716 type: string 3717 vcnAttachmentId: 3718 description: VcnAttachmentId is the ID of the 3719 VCN attachment of the DRG. The workload cluster 3720 VCN can be attached to either the management 3721 cluster VCN if they are sharing the same DRG 3722 or to the workload cluster DRG. 3723 type: string 3724 type: object 3725 peerRouteRules: 3726 description: PeerRouteRules defines the routing rules 3727 which will be added to the private route tables 3728 of the workload cluster VCN. The routes defined 3729 here will be directed to DRG. 3730 items: 3731 description: PeerRouteRule defines a Route Rule 3732 to be routed via a DRG. 3733 properties: 3734 vcnCIDRRange: 3735 description: VCNCIDRRange is the CIDR Range 3736 of peer VCN to which the workload cluster 3737 VCN will be peered. The CIDR range is required 3738 to add the route rule in the workload cluster 3739 VCN, the route rule will forward any traffic 3740 to the CIDR to the DRG. 3741 type: string 3742 type: object 3743 type: array 3744 remotePeeringConnections: 3745 description: RemotePeeringConnections defines the 3746 RPC connections which be established with the workload 3747 cluster DRG. 3748 items: 3749 description: RemotePeeringConnection is used to 3750 peer VCNs residing in different regions(typically). 3751 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 3752 properties: 3753 managePeerRPC: 3754 description: ManagePeerRPC will define if the 3755 Peer VCN needs to be managed. If set to true 3756 a Remote Peering Connection will be created 3757 in the Peer DRG and the connection will be 3758 created between local and peer RPC. 3759 type: boolean 3760 peerDRGId: 3761 description: PeerDRGId defines the DRG ID of 3762 the peer. 3763 type: string 3764 peerRPCConnectionId: 3765 description: PeerRPCConnectionId defines the 3766 RPC ID of peer. If ManagePeerRPC is set to 3767 true this will be created by Cluster API Provider 3768 for OCI, otherwise this has be defined by 3769 the user. 3770 type: string 3771 peerRegionName: 3772 description: PeerRegionName defined the region 3773 name of Peer VCN. 3774 type: string 3775 rpcConnectionId: 3776 description: RPCConnectionId is the connection 3777 ID of the connection between peer and local 3778 RPC. 3779 type: string 3780 type: object 3781 type: array 3782 type: object 3783 type: object 3784 ociResourceIdentifier: 3785 description: The unique ID which will be used to tag all the 3786 resources created by this Cluster. The tag will be used 3787 to identify resources belonging to this cluster. this will 3788 be auto-generated and should not be set by the user. 3789 type: string 3790 region: 3791 description: Region the cluster operates in. It must be one 3792 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 3793 type: string 3794 type: object 3795 required: 3796 - spec 3797 type: object 3798 required: 3799 - template 3800 type: object 3801 type: object 3802 served: true 3803 storage: false 3804 - name: v1beta2 3805 schema: 3806 openAPIV3Schema: 3807 description: OCIClusterTemplate is the Schema for the ociclustertemplates 3808 API. 3809 properties: 3810 apiVersion: 3811 description: 'APIVersion defines the versioned schema of this representation 3812 of an object. Servers should convert recognized schemas to the latest 3813 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 3814 type: string 3815 kind: 3816 description: 'Kind is a string value representing the REST resource this 3817 object represents. Servers may infer this from the endpoint the client 3818 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3819 type: string 3820 metadata: 3821 type: object 3822 spec: 3823 description: OCIClusterTemplateSpec defines the desired state of OCIClusterTemplate. 3824 properties: 3825 template: 3826 description: OCIClusterTemplateResource describes the data needed 3827 to create an OCICluster from a template. 3828 properties: 3829 spec: 3830 description: OCIClusterSpec defines the desired state of OciCluster 3831 properties: 3832 availabilityDomains: 3833 additionalProperties: 3834 description: OCIAvailabilityDomain contains information 3835 about an Availability Domain (AD). 3836 properties: 3837 faultDomains: 3838 description: 'FaultDomains a list of fault domain (FD) 3839 names. Example: ["FAULT-DOMAIN-1"]' 3840 items: 3841 type: string 3842 type: array 3843 name: 3844 description: 'Name is the AD''s full name. Example: 3845 Uocm:PHX-AD-1' 3846 type: string 3847 type: object 3848 description: AvailabilityDomains encapsulates the clusters 3849 Availability Domain (AD) information in a map where the 3850 map key is the AD name and the struct is details about the 3851 AD. 3852 type: object 3853 clientOverrides: 3854 description: ClientOverrides allows the default client SDK 3855 URLs to be changed. 3856 nullable: true 3857 properties: 3858 certOverride: 3859 description: CertOverride is a secret that contains information 3860 about a cert override used by all the OCI SDK clients. 3861 The secret must contain data with a `cert`property. 3862 nullable: true 3863 properties: 3864 name: 3865 description: name is unique within a namespace to 3866 reference a secret resource. 3867 type: string 3868 namespace: 3869 description: namespace defines the space within which 3870 the secret name must be unique. 3871 type: string 3872 type: object 3873 x-kubernetes-map-type: atomic 3874 computeClientUrl: 3875 description: ComputeClientUrl allows the default compute 3876 SDK client URL to be changed. 3877 nullable: true 3878 type: string 3879 computeManagementClientUrl: 3880 description: ComputeManagementClientUrl allows the default 3881 compute management SDK client URL to be changed. 3882 nullable: true 3883 type: string 3884 containerEngineClientUrl: 3885 description: ContainerEngineClientUrl allows the default 3886 container engine SDK client URL to be changed. 3887 nullable: true 3888 type: string 3889 identityClientUrl: 3890 description: IdentityClientUrl allows the default identity 3891 SDK client URL to be changed. 3892 nullable: true 3893 type: string 3894 loadBalancerClientUrl: 3895 description: LoadBalancerClientUrl allows the default 3896 load balancer SDK client URL to be changed. 3897 nullable: true 3898 type: string 3899 networkLoadBalancerClientUrl: 3900 description: NetworkLoadBalancerClientUrl allows the default 3901 NLB SDK client URL to be changed. 3902 nullable: true 3903 type: string 3904 vCNClientUrl: 3905 description: VCNClientUrl allows the default vcn SDK client 3906 URL to be changed. 3907 nullable: true 3908 type: string 3909 type: object 3910 compartmentId: 3911 description: Compartment to create the cluster network. 3912 type: string 3913 controlPlaneEndpoint: 3914 description: ControlPlaneEndpoint represents the endpoint 3915 used to communicate with the control plane. 3916 properties: 3917 host: 3918 description: The hostname on which the API server is serving. 3919 type: string 3920 port: 3921 description: The port on which the API server is serving. 3922 format: int32 3923 type: integer 3924 required: 3925 - host 3926 - port 3927 type: object 3928 definedTags: 3929 additionalProperties: 3930 additionalProperties: 3931 type: string 3932 type: object 3933 description: 'Defined tags for this resource. Each key is 3934 predefined and scoped to a namespace. For more information, 3935 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 3936 Example: `{"Operations": {"CostCenter": "42"}}`' 3937 type: object 3938 freeformTags: 3939 additionalProperties: 3940 type: string 3941 description: Free-form tags for this resource. 3942 type: object 3943 identityRef: 3944 description: IdentityRef is a reference to an identity(principal) 3945 to be used when reconciling this cluster 3946 properties: 3947 apiVersion: 3948 description: API version of the referent. 3949 type: string 3950 fieldPath: 3951 description: 'If referring to a piece of an object instead 3952 of an entire object, this string should contain a valid 3953 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 3954 For example, if the object reference is to a container 3955 within a pod, this would take on a value like: "spec.containers{name}" 3956 (where "name" refers to the name of the container that 3957 triggered the event) or if no container name is specified 3958 "spec.containers[2]" (container with index 2 in this 3959 pod). This syntax is chosen only to have some well-defined 3960 way of referencing a part of an object. TODO: this design 3961 is not final and this field is subject to change in 3962 the future.' 3963 type: string 3964 kind: 3965 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3966 type: string 3967 name: 3968 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3969 type: string 3970 namespace: 3971 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 3972 type: string 3973 resourceVersion: 3974 description: 'Specific resourceVersion to which this reference 3975 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 3976 type: string 3977 uid: 3978 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 3979 type: string 3980 type: object 3981 x-kubernetes-map-type: atomic 3982 networkSpec: 3983 description: NetworkSpec encapsulates all things related to 3984 OCI network. 3985 properties: 3986 apiServerLoadBalancer: 3987 description: API Server LB configuration. 3988 properties: 3989 loadBalancerId: 3990 description: ID of Load Balancer. 3991 type: string 3992 loadBalancerType: 3993 description: 'Type of Load Balancer: NLB (default) 3994 or LBaaS.' 3995 type: string 3996 name: 3997 description: LoadBalancer Name. 3998 type: string 3999 type: object 4000 skipNetworkManagement: 4001 description: SkipNetworkManagement defines if the networking 4002 spec(VCN related) specified by the user needs to be 4003 reconciled(actioned-upon) or used as it is. APIServerLB 4004 will still be reconciled. 4005 type: boolean 4006 vcn: 4007 description: VCN configuration. 4008 properties: 4009 cidr: 4010 description: VCN CIDR. 4011 type: string 4012 id: 4013 description: VCN OCID. 4014 type: string 4015 internetGateway: 4016 description: Configuration for Internet Gateway. 4017 properties: 4018 id: 4019 description: ID of Internet Gateway. 4020 type: string 4021 skip: 4022 description: Skip specifies whether to skip creating 4023 internet gateway even if any one Subnet is public. 4024 type: boolean 4025 type: object 4026 name: 4027 description: VCN Name. 4028 type: string 4029 natGateway: 4030 description: Configuration for NAT Gateway. 4031 properties: 4032 id: 4033 description: ID of Nat Gateway. 4034 type: string 4035 skip: 4036 description: Skip specifies whether to skip creating 4037 NAT gateway even if any one Subnet is private. 4038 type: boolean 4039 type: object 4040 networkSecurityGroup: 4041 description: Configuration for NSG management. 4042 properties: 4043 list: 4044 description: NetworkSecurityGroup is the configuration 4045 for the Network Security Groups required in 4046 the VCN. 4047 items: 4048 description: NSG defines configuration for a 4049 Network Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 4050 properties: 4051 egressRules: 4052 description: EgressRules on the NSG. 4053 items: 4054 description: EgressSecurityRuleForNSG 4055 is EgressSecurityRule for NSG. 4056 properties: 4057 egressRule: 4058 description: EgressSecurityRule A 4059 rule for allowing outbound IP packets. 4060 properties: 4061 description: 4062 description: An optional description 4063 of your choice for the rule. 4064 type: string 4065 destination: 4066 description: 'Conceptually, this 4067 is the range of IP addresses 4068 that a packet originating from 4069 the instance can go to. Allowed 4070 values: * IP address range in 4071 CIDR notation. For example: 4072 `192.168.1.0/24` or `2001:0db8:0123:45::/56` 4073 Note that IPv6 addressing is 4074 currently supported only in 4075 certain regions. See IPv6 Addresses 4076 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4077 * The `cidrBlock` value for 4078 a Service, if you''re setting 4079 up a security list rule for 4080 traffic destined for a particular 4081 `Service` through a service 4082 gateway. For example: `oci-phx-objectstorage`.' 4083 type: string 4084 destinationType: 4085 description: 'Type of destination 4086 for the rule. The default is 4087 `CIDR_BLOCK`. Allowed values: 4088 * `CIDR_BLOCK`: If the rule''s 4089 `destination` is an IP address 4090 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 4091 If the rule''s `destination` 4092 is the `cidrBlock` value for 4093 a Service (the rule is for traffic 4094 destined for a particular `Service` 4095 through a service gateway).' 4096 type: string 4097 icmpOptions: 4098 description: 'IcmpOptions Optional 4099 and valid only for ICMP and 4100 ICMPv6. Use to specify a particular 4101 ICMP type and code as defined 4102 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4103 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4104 If you specify ICMP or ICMPv6 4105 as the protocol but omit this 4106 object, then all ICMP types 4107 and codes are allowed. If you 4108 do provide this object, the 4109 type is required and the code 4110 is optional. To enable MTU negotiation 4111 for ingress internet traffic 4112 via IPv4, make sure to allow 4113 type 3 ("Destination Unreachable") 4114 code 4 ("Fragmentation Needed 4115 and Don''t Fragment was Set"). 4116 If you need to specify multiple 4117 codes for a single type, create 4118 a separate security list rule 4119 for each.' 4120 properties: 4121 code: 4122 description: The ICMP code 4123 (optional). 4124 type: integer 4125 type: 4126 description: The ICMP type. 4127 type: integer 4128 type: object 4129 isStateless: 4130 description: A stateless rule 4131 allows traffic in one direction. 4132 Remember to add a corresponding 4133 stateless rule in the other 4134 direction if you need to support 4135 bidirectional traffic. For example, 4136 if egress traffic allows TCP 4137 destination port 80, there should 4138 be an ingress rule to allow 4139 TCP source port 80. Defaults 4140 to false, which means the rule 4141 is stateful and a corresponding 4142 rule is not necessary for bidirectional 4143 traffic. 4144 type: boolean 4145 protocol: 4146 description: The transport protocol. 4147 Specify either `all` or an IPv4 4148 protocol number as defined in 4149 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4150 Options are supported only for 4151 ICMP ("1"), TCP ("6"), UDP ("17"), 4152 and ICMPv6 ("58"). 4153 type: string 4154 tcpOptions: 4155 description: TcpOptions Optional 4156 and valid only for TCP. Use 4157 to specify particular destination 4158 ports for TCP rules. If you 4159 specify TCP as the protocol 4160 but omit this object, then all 4161 destination ports are allowed. 4162 properties: 4163 destinationPortRange: 4164 description: PortRange The 4165 representation of PortRange. 4166 properties: 4167 max: 4168 description: The maximum 4169 port number, which must 4170 not be less than the 4171 minimum port number. 4172 To specify a single 4173 port number, set both 4174 the min and max to the 4175 same value. 4176 type: integer 4177 min: 4178 description: The minimum 4179 port number, which must 4180 not be greater than 4181 the maximum port number. 4182 type: integer 4183 type: object 4184 sourcePortRange: 4185 description: PortRange The 4186 representation of PortRange. 4187 properties: 4188 max: 4189 description: The maximum 4190 port number, which must 4191 not be less than the 4192 minimum port number. 4193 To specify a single 4194 port number, set both 4195 the min and max to the 4196 same value. 4197 type: integer 4198 min: 4199 description: The minimum 4200 port number, which must 4201 not be greater than 4202 the maximum port number. 4203 type: integer 4204 type: object 4205 type: object 4206 udpOptions: 4207 description: UdpOptions Optional 4208 and valid only for UDP. Use 4209 to specify particular destination 4210 ports for UDP rules. If you 4211 specify UDP as the protocol 4212 but omit this object, then all 4213 destination ports are allowed. 4214 properties: 4215 destinationPortRange: 4216 description: PortRange The 4217 representation of PortRange. 4218 properties: 4219 max: 4220 description: The maximum 4221 port number, which must 4222 not be less than the 4223 minimum port number. 4224 To specify a single 4225 port number, set both 4226 the min and max to the 4227 same value. 4228 type: integer 4229 min: 4230 description: The minimum 4231 port number, which must 4232 not be greater than 4233 the maximum port number. 4234 type: integer 4235 type: object 4236 sourcePortRange: 4237 description: PortRange The 4238 representation of PortRange. 4239 properties: 4240 max: 4241 description: The maximum 4242 port number, which must 4243 not be less than the 4244 minimum port number. 4245 To specify a single 4246 port number, set both 4247 the min and max to the 4248 same value. 4249 type: integer 4250 min: 4251 description: The minimum 4252 port number, which must 4253 not be greater than 4254 the maximum port number. 4255 type: integer 4256 type: object 4257 type: object 4258 type: object 4259 type: object 4260 type: array 4261 id: 4262 description: NSG OCID. 4263 type: string 4264 ingressRules: 4265 description: IngressRules on the NSG. 4266 items: 4267 description: IngressSecurityRuleForNSG 4268 is IngressSecurityRule for NSG 4269 properties: 4270 ingressRule: 4271 description: IngressSecurityRule A 4272 rule for allowing inbound IP packets. 4273 properties: 4274 description: 4275 description: An optional description 4276 of your choice for the rule. 4277 type: string 4278 icmpOptions: 4279 description: 'IcmpOptions Optional 4280 and valid only for ICMP and 4281 ICMPv6. Use to specify a particular 4282 ICMP type and code as defined 4283 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4284 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4285 If you specify ICMP or ICMPv6 4286 as the protocol but omit this 4287 object, then all ICMP types 4288 and codes are allowed. If you 4289 do provide this object, the 4290 type is required and the code 4291 is optional. To enable MTU negotiation 4292 for ingress internet traffic 4293 via IPv4, make sure to allow 4294 type 3 ("Destination Unreachable") 4295 code 4 ("Fragmentation Needed 4296 and Don''t Fragment was Set"). 4297 If you need to specify multiple 4298 codes for a single type, create 4299 a separate security list rule 4300 for each.' 4301 properties: 4302 code: 4303 description: The ICMP code 4304 (optional). 4305 type: integer 4306 type: 4307 description: The ICMP type. 4308 type: integer 4309 type: object 4310 isStateless: 4311 description: A stateless rule 4312 allows traffic in one direction. 4313 Remember to add a corresponding 4314 stateless rule in the other 4315 direction if you need to support 4316 bidirectional traffic. For example, 4317 if ingress traffic allows TCP 4318 destination port 80, there should 4319 be an egress rule to allow TCP 4320 source port 80. Defaults to 4321 false, which means the rule 4322 is stateful and a corresponding 4323 rule is not necessary for bidirectional 4324 traffic. 4325 type: boolean 4326 protocol: 4327 description: The transport protocol. 4328 Specify either `all` or an IPv4 4329 protocol number as defined in 4330 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4331 Options are supported only for 4332 ICMP ("1"), TCP ("6"), UDP ("17"), 4333 and ICMPv6 ("58"). 4334 type: string 4335 source: 4336 description: 'Conceptually, this 4337 is the range of IP addresses 4338 that a packet coming into the 4339 instance can come from. Allowed 4340 values: * IP address range in 4341 CIDR notation. For example: 4342 `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 4343 IPv6 addressing is supported 4344 for all commercial and government 4345 regions. See IPv6 Addresses 4346 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4347 * The `cidrBlock` value for 4348 a Service, if you''re setting 4349 up a security list rule for 4350 traffic coming from a particular 4351 `Service` through a service 4352 gateway. For example: `oci-phx-objectstorage`.' 4353 type: string 4354 sourceType: 4355 description: 'Type of source for 4356 the rule. The default is `CIDR_BLOCK`. 4357 * `CIDR_BLOCK`: If the rule''s 4358 `source` is an IP address range 4359 in CIDR notation. * `SERVICE_CIDR_BLOCK`: 4360 If the rule''s `source` is the 4361 `cidrBlock` value for a Service 4362 (the rule is for traffic coming 4363 from a particular `Service` 4364 through a service gateway).' 4365 type: string 4366 tcpOptions: 4367 description: TcpOptions Optional 4368 and valid only for TCP. Use 4369 to specify particular destination 4370 ports for TCP rules. If you 4371 specify TCP as the protocol 4372 but omit this object, then all 4373 destination ports are allowed. 4374 properties: 4375 destinationPortRange: 4376 description: PortRange The 4377 representation of PortRange. 4378 properties: 4379 max: 4380 description: The maximum 4381 port number, which must 4382 not be less than the 4383 minimum port number. 4384 To specify a single 4385 port number, set both 4386 the min and max to the 4387 same value. 4388 type: integer 4389 min: 4390 description: The minimum 4391 port number, which must 4392 not be greater than 4393 the maximum port number. 4394 type: integer 4395 type: object 4396 sourcePortRange: 4397 description: PortRange The 4398 representation of PortRange. 4399 properties: 4400 max: 4401 description: The maximum 4402 port number, which must 4403 not be less than the 4404 minimum port number. 4405 To specify a single 4406 port number, set both 4407 the min and max to the 4408 same value. 4409 type: integer 4410 min: 4411 description: The minimum 4412 port number, which must 4413 not be greater than 4414 the maximum port number. 4415 type: integer 4416 type: object 4417 type: object 4418 udpOptions: 4419 description: UdpOptions Optional 4420 and valid only for UDP. Use 4421 to specify particular destination 4422 ports for UDP rules. If you 4423 specify UDP as the protocol 4424 but omit this object, then all 4425 destination ports are allowed. 4426 properties: 4427 destinationPortRange: 4428 description: PortRange The 4429 representation of PortRange. 4430 properties: 4431 max: 4432 description: The maximum 4433 port number, which must 4434 not be less than the 4435 minimum port number. 4436 To specify a single 4437 port number, set both 4438 the min and max to the 4439 same value. 4440 type: integer 4441 min: 4442 description: The minimum 4443 port number, which must 4444 not be greater than 4445 the maximum port number. 4446 type: integer 4447 type: object 4448 sourcePortRange: 4449 description: PortRange The 4450 representation of PortRange. 4451 properties: 4452 max: 4453 description: The maximum 4454 port number, which must 4455 not be less than the 4456 minimum port number. 4457 To specify a single 4458 port number, set both 4459 the min and max to the 4460 same value. 4461 type: integer 4462 min: 4463 description: The minimum 4464 port number, which must 4465 not be greater than 4466 the maximum port number. 4467 type: integer 4468 type: object 4469 type: object 4470 type: object 4471 type: object 4472 type: array 4473 name: 4474 description: NSG Name. 4475 type: string 4476 role: 4477 description: Role defines the NSG role (eg. 4478 control-plane, control-plane-endpoint, 4479 service-lb, worker). 4480 type: string 4481 required: 4482 - name 4483 type: object 4484 type: array 4485 x-kubernetes-list-map-keys: 4486 - name 4487 x-kubernetes-list-type: map 4488 skip: 4489 description: Skip specifies whether to skip creating 4490 network security groups. 4491 type: boolean 4492 type: object 4493 routeTable: 4494 description: Configuration for Route table. 4495 properties: 4496 privateRouteTableId: 4497 description: ID of Private Route Table. 4498 type: string 4499 publicRouteTableId: 4500 description: ID of Public Route Table. 4501 type: string 4502 skip: 4503 description: Skip specifies whether to skip creating 4504 Route table. 4505 type: boolean 4506 type: object 4507 serviceGateway: 4508 description: Configuration for Service Gateway. 4509 properties: 4510 id: 4511 description: ID of Service Gateway. 4512 type: string 4513 skip: 4514 description: Skip specifies whether to skip creating 4515 Service gateway. 4516 type: boolean 4517 type: object 4518 subnets: 4519 description: Subnets is the configuration for subnets 4520 required in the VCN. 4521 items: 4522 description: Subnet defines the configuration for 4523 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 4524 properties: 4525 cidr: 4526 description: Subnet CIDR. 4527 type: string 4528 id: 4529 description: Subnet OCID. 4530 type: string 4531 name: 4532 description: Subnet Name. 4533 type: string 4534 role: 4535 description: Role defines the subnet role (eg. 4536 control-plane, control-plane-endpoint, service-lb, 4537 worker). 4538 type: string 4539 securityList: 4540 description: The security list associated with 4541 Subnet. 4542 properties: 4543 egressRules: 4544 description: EgressRules on the SecurityList. 4545 items: 4546 description: EgressSecurityRule A rule 4547 for allowing outbound IP packets. 4548 properties: 4549 description: 4550 description: An optional description 4551 of your choice for the rule. 4552 type: string 4553 destination: 4554 description: 'Conceptually, this is 4555 the range of IP addresses that a 4556 packet originating from the instance 4557 can go to. Allowed values: * IP 4558 address range in CIDR notation. 4559 For example: `192.168.1.0/24` or 4560 `2001:0db8:0123:45::/56` Note that 4561 IPv6 addressing is currently supported 4562 only in certain regions. See IPv6 4563 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4564 * The `cidrBlock` value for a Service, 4565 if you''re setting up a security 4566 list rule for traffic destined for 4567 a particular `Service` through a 4568 service gateway. For example: `oci-phx-objectstorage`.' 4569 type: string 4570 destinationType: 4571 description: 'Type of destination 4572 for the rule. The default is `CIDR_BLOCK`. 4573 Allowed values: * `CIDR_BLOCK`: 4574 If the rule''s `destination` is 4575 an IP address range in CIDR notation. 4576 * `SERVICE_CIDR_BLOCK`: If the rule''s 4577 `destination` is the `cidrBlock` 4578 value for a Service (the rule is 4579 for traffic destined for a particular 4580 `Service` through a service gateway).' 4581 type: string 4582 icmpOptions: 4583 description: 'IcmpOptions Optional 4584 and valid only for ICMP and ICMPv6. 4585 Use to specify a particular ICMP 4586 type and code as defined in: - ICMP 4587 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4588 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4589 If you specify ICMP or ICMPv6 as 4590 the protocol but omit this object, 4591 then all ICMP types and codes are 4592 allowed. If you do provide this 4593 object, the type is required and 4594 the code is optional. To enable 4595 MTU negotiation for ingress internet 4596 traffic via IPv4, make sure to allow 4597 type 3 ("Destination Unreachable") 4598 code 4 ("Fragmentation Needed and 4599 Don''t Fragment was Set"). If you 4600 need to specify multiple codes for 4601 a single type, create a separate 4602 security list rule for each.' 4603 properties: 4604 code: 4605 description: The ICMP code (optional). 4606 type: integer 4607 type: 4608 description: The ICMP type. 4609 type: integer 4610 type: object 4611 isStateless: 4612 description: A stateless rule allows 4613 traffic in one direction. Remember 4614 to add a corresponding stateless 4615 rule in the other direction if you 4616 need to support bidirectional traffic. 4617 For example, if egress traffic allows 4618 TCP destination port 80, there should 4619 be an ingress rule to allow TCP 4620 source port 80. Defaults to false, 4621 which means the rule is stateful 4622 and a corresponding rule is not 4623 necessary for bidirectional traffic. 4624 type: boolean 4625 protocol: 4626 description: The transport protocol. 4627 Specify either `all` or an IPv4 4628 protocol number as defined in Protocol 4629 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4630 Options are supported only for ICMP 4631 ("1"), TCP ("6"), UDP ("17"), and 4632 ICMPv6 ("58"). 4633 type: string 4634 tcpOptions: 4635 description: TcpOptions Optional and 4636 valid only for TCP. Use to specify 4637 particular destination ports for 4638 TCP rules. If you specify TCP as 4639 the protocol but omit this object, 4640 then all destination ports are allowed. 4641 properties: 4642 destinationPortRange: 4643 description: PortRange The representation 4644 of PortRange. 4645 properties: 4646 max: 4647 description: The maximum port 4648 number, which must not be 4649 less than the minimum port 4650 number. To specify a single 4651 port number, set both the 4652 min and max to the same 4653 value. 4654 type: integer 4655 min: 4656 description: The minimum port 4657 number, which must not be 4658 greater than the maximum 4659 port number. 4660 type: integer 4661 type: object 4662 sourcePortRange: 4663 description: PortRange The representation 4664 of PortRange. 4665 properties: 4666 max: 4667 description: The maximum port 4668 number, which must not be 4669 less than the minimum port 4670 number. To specify a single 4671 port number, set both the 4672 min and max to the same 4673 value. 4674 type: integer 4675 min: 4676 description: The minimum port 4677 number, which must not be 4678 greater than the maximum 4679 port number. 4680 type: integer 4681 type: object 4682 type: object 4683 udpOptions: 4684 description: UdpOptions Optional and 4685 valid only for UDP. Use to specify 4686 particular destination ports for 4687 UDP rules. If you specify UDP as 4688 the protocol but omit this object, 4689 then all destination ports are allowed. 4690 properties: 4691 destinationPortRange: 4692 description: PortRange The representation 4693 of PortRange. 4694 properties: 4695 max: 4696 description: The maximum port 4697 number, which must not be 4698 less than the minimum port 4699 number. To specify a single 4700 port number, set both the 4701 min and max to the same 4702 value. 4703 type: integer 4704 min: 4705 description: The minimum port 4706 number, which must not be 4707 greater than the maximum 4708 port number. 4709 type: integer 4710 type: object 4711 sourcePortRange: 4712 description: PortRange The representation 4713 of PortRange. 4714 properties: 4715 max: 4716 description: The maximum port 4717 number, which must not be 4718 less than the minimum port 4719 number. To specify a single 4720 port number, set both the 4721 min and max to the same 4722 value. 4723 type: integer 4724 min: 4725 description: The minimum port 4726 number, which must not be 4727 greater than the maximum 4728 port number. 4729 type: integer 4730 type: object 4731 type: object 4732 type: object 4733 type: array 4734 id: 4735 description: ID of the SecurityList. 4736 type: string 4737 ingressRules: 4738 description: IngressRules on the SecurityList. 4739 items: 4740 description: IngressSecurityRule A rule 4741 for allowing inbound IP packets. 4742 properties: 4743 description: 4744 description: An optional description 4745 of your choice for the rule. 4746 type: string 4747 icmpOptions: 4748 description: 'IcmpOptions Optional 4749 and valid only for ICMP and ICMPv6. 4750 Use to specify a particular ICMP 4751 type and code as defined in: - ICMP 4752 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4753 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4754 If you specify ICMP or ICMPv6 as 4755 the protocol but omit this object, 4756 then all ICMP types and codes are 4757 allowed. If you do provide this 4758 object, the type is required and 4759 the code is optional. To enable 4760 MTU negotiation for ingress internet 4761 traffic via IPv4, make sure to allow 4762 type 3 ("Destination Unreachable") 4763 code 4 ("Fragmentation Needed and 4764 Don''t Fragment was Set"). If you 4765 need to specify multiple codes for 4766 a single type, create a separate 4767 security list rule for each.' 4768 properties: 4769 code: 4770 description: The ICMP code (optional). 4771 type: integer 4772 type: 4773 description: The ICMP type. 4774 type: integer 4775 type: object 4776 isStateless: 4777 description: A stateless rule allows 4778 traffic in one direction. Remember 4779 to add a corresponding stateless 4780 rule in the other direction if you 4781 need to support bidirectional traffic. 4782 For example, if ingress traffic 4783 allows TCP destination port 80, 4784 there should be an egress rule to 4785 allow TCP source port 80. Defaults 4786 to false, which means the rule is 4787 stateful and a corresponding rule 4788 is not necessary for bidirectional 4789 traffic. 4790 type: boolean 4791 protocol: 4792 description: The transport protocol. 4793 Specify either `all` or an IPv4 4794 protocol number as defined in Protocol 4795 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4796 Options are supported only for ICMP 4797 ("1"), TCP ("6"), UDP ("17"), and 4798 ICMPv6 ("58"). 4799 type: string 4800 source: 4801 description: 'Conceptually, this is 4802 the range of IP addresses that a 4803 packet coming into the instance 4804 can come from. Allowed values: * 4805 IP address range in CIDR notation. 4806 For example: `192.168.1.0/24` or 4807 `2001:0db8:0123:45::/56`. IPv6 addressing 4808 is supported for all commercial 4809 and government regions. See IPv6 4810 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4811 * The `cidrBlock` value for a Service, 4812 if you''re setting up a security 4813 list rule for traffic coming from 4814 a particular `Service` through a 4815 service gateway. For example: `oci-phx-objectstorage`.' 4816 type: string 4817 sourceType: 4818 description: 'Type of source for the 4819 rule. The default is `CIDR_BLOCK`. 4820 * `CIDR_BLOCK`: If the rule''s `source` 4821 is an IP address range in CIDR notation. 4822 * `SERVICE_CIDR_BLOCK`: If the rule''s 4823 `source` is the `cidrBlock` value 4824 for a Service (the rule is for traffic 4825 coming from a particular `Service` 4826 through a service gateway).' 4827 type: string 4828 tcpOptions: 4829 description: TcpOptions Optional and 4830 valid only for TCP. Use to specify 4831 particular destination ports for 4832 TCP rules. If you specify TCP as 4833 the protocol but omit this object, 4834 then all destination ports are allowed. 4835 properties: 4836 destinationPortRange: 4837 description: PortRange The representation 4838 of PortRange. 4839 properties: 4840 max: 4841 description: The maximum port 4842 number, which must not be 4843 less than the minimum port 4844 number. To specify a single 4845 port number, set both the 4846 min and max to the same 4847 value. 4848 type: integer 4849 min: 4850 description: The minimum port 4851 number, which must not be 4852 greater than the maximum 4853 port number. 4854 type: integer 4855 type: object 4856 sourcePortRange: 4857 description: PortRange The representation 4858 of PortRange. 4859 properties: 4860 max: 4861 description: The maximum port 4862 number, which must not be 4863 less than the minimum port 4864 number. To specify a single 4865 port number, set both the 4866 min and max to the same 4867 value. 4868 type: integer 4869 min: 4870 description: The minimum port 4871 number, which must not be 4872 greater than the maximum 4873 port number. 4874 type: integer 4875 type: object 4876 type: object 4877 udpOptions: 4878 description: UdpOptions Optional and 4879 valid only for UDP. Use to specify 4880 particular destination ports for 4881 UDP rules. If you specify UDP as 4882 the protocol but omit this object, 4883 then all destination ports are allowed. 4884 properties: 4885 destinationPortRange: 4886 description: PortRange The representation 4887 of PortRange. 4888 properties: 4889 max: 4890 description: The maximum port 4891 number, which must not be 4892 less than the minimum port 4893 number. To specify a single 4894 port number, set both the 4895 min and max to the same 4896 value. 4897 type: integer 4898 min: 4899 description: The minimum port 4900 number, which must not be 4901 greater than the maximum 4902 port number. 4903 type: integer 4904 type: object 4905 sourcePortRange: 4906 description: PortRange The representation 4907 of PortRange. 4908 properties: 4909 max: 4910 description: The maximum port 4911 number, which must not be 4912 less than the minimum port 4913 number. To specify a single 4914 port number, set both the 4915 min and max to the same 4916 value. 4917 type: integer 4918 min: 4919 description: The minimum port 4920 number, which must not be 4921 greater than the maximum 4922 port number. 4923 type: integer 4924 type: object 4925 type: object 4926 type: object 4927 type: array 4928 name: 4929 description: SecurityList Name. 4930 type: string 4931 type: object 4932 type: 4933 description: Type defines the subnet type (e.g. 4934 public, private). 4935 type: string 4936 required: 4937 - name 4938 - role 4939 type: object 4940 type: array 4941 x-kubernetes-list-map-keys: 4942 - name 4943 x-kubernetes-list-type: map 4944 type: object 4945 vcnPeering: 4946 description: VCNPeering configuration. 4947 properties: 4948 drg: 4949 description: DRG configuration refers to the DRG which 4950 has to be created if required. If management cluster 4951 and workload cluster shares the same DRG, this fields 4952 is not required to be specified. 4953 properties: 4954 id: 4955 description: ID is the OCID for the created DRG. 4956 type: string 4957 manage: 4958 description: Manage defines whether the DRG has 4959 to be managed(including create). If set to false(the 4960 default) the ID has to be specified by the user 4961 to a valid DRG ID to which the VCN has to be 4962 attached. 4963 type: boolean 4964 name: 4965 description: Name is the name of the created DRG. 4966 type: string 4967 vcnAttachmentId: 4968 description: VcnAttachmentId is the ID of the 4969 VCN attachment of the DRG. The workload cluster 4970 VCN can be attached to either the management 4971 cluster VCN if they are sharing the same DRG 4972 or to the workload cluster DRG. 4973 type: string 4974 type: object 4975 peerRouteRules: 4976 description: PeerRouteRules defines the routing rules 4977 which will be added to the private route tables 4978 of the workload cluster VCN. The routes defined 4979 here will be directed to DRG. 4980 items: 4981 description: PeerRouteRule defines a Route Rule 4982 to be routed via a DRG. 4983 properties: 4984 vcnCIDRRange: 4985 description: VCNCIDRRange is the CIDR Range 4986 of peer VCN to which the workload cluster 4987 VCN will be peered. The CIDR range is required 4988 to add the route rule in the workload cluster 4989 VCN, the route rule will forward any traffic 4990 to the CIDR to the DRG. 4991 type: string 4992 type: object 4993 type: array 4994 remotePeeringConnections: 4995 description: RemotePeeringConnections defines the 4996 RPC connections which be established with the workload 4997 cluster DRG. 4998 items: 4999 description: RemotePeeringConnection is used to 5000 peer VCNs residing in different regions(typically). 5001 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 5002 properties: 5003 managePeerRPC: 5004 description: ManagePeerRPC will define if the 5005 Peer VCN needs to be managed. If set to true 5006 a Remote Peering Connection will be created 5007 in the Peer DRG and the connection will be 5008 created between local and peer RPC. 5009 type: boolean 5010 peerDRGId: 5011 description: PeerDRGId defines the DRG ID of 5012 the peer. 5013 type: string 5014 peerRPCConnectionId: 5015 description: PeerRPCConnectionId defines the 5016 RPC ID of peer. If ManagePeerRPC is set to 5017 true this will be created by Cluster API Provider 5018 for OCI, otherwise this has be defined by 5019 the user. 5020 type: string 5021 peerRegionName: 5022 description: PeerRegionName defined the region 5023 name of Peer VCN. 5024 type: string 5025 rpcConnectionId: 5026 description: RPCConnectionId is the connection 5027 ID of the connection between peer and local 5028 RPC. 5029 type: string 5030 type: object 5031 type: array 5032 type: object 5033 type: object 5034 ociResourceIdentifier: 5035 description: The unique ID which will be used to tag all the 5036 resources created by this Cluster. The tag will be used 5037 to identify resources belonging to this cluster. this will 5038 be auto-generated and should not be set by the user. 5039 type: string 5040 region: 5041 description: Region the cluster operates in. It must be one 5042 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 5043 type: string 5044 type: object 5045 required: 5046 - spec 5047 type: object 5048 required: 5049 - template 5050 type: object 5051 type: object 5052 served: true 5053 storage: true 5054 --- 5055 apiVersion: apiextensions.k8s.io/v1 5056 kind: CustomResourceDefinition 5057 metadata: 5058 annotations: 5059 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 5060 controller-gen.kubebuilder.io/version: v0.10.0 5061 labels: 5062 cluster.x-k8s.io/provider: infrastructure-oci 5063 cluster.x-k8s.io/v1beta1: v1beta1 5064 name: ocimachinepools.infrastructure.cluster.x-k8s.io 5065 spec: 5066 conversion: 5067 strategy: Webhook 5068 webhook: 5069 clientConfig: 5070 service: 5071 name: capoci-webhook-service 5072 namespace: cluster-api-provider-oci-system 5073 path: /convert 5074 conversionReviewVersions: 5075 - v1 5076 - v1beta1 5077 group: infrastructure.cluster.x-k8s.io 5078 names: 5079 kind: OCIMachinePool 5080 listKind: OCIMachinePoolList 5081 plural: ocimachinepools 5082 singular: ocimachinepool 5083 scope: Namespaced 5084 versions: 5085 - name: v1beta1 5086 schema: 5087 openAPIV3Schema: 5088 properties: 5089 apiVersion: 5090 description: 'APIVersion defines the versioned schema of this representation 5091 of an object. Servers should convert recognized schemas to the latest 5092 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5093 type: string 5094 kind: 5095 description: 'Kind is a string value representing the REST resource this 5096 object represents. Servers may infer this from the endpoint the client 5097 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5098 type: string 5099 metadata: 5100 type: object 5101 spec: 5102 description: OCIMachinePoolSpec defines the desired state of OCIMachinePool 5103 properties: 5104 instanceConfiguration: 5105 description: InstanceConfiguration defines the configuration of the 5106 instance pool instances. 5107 properties: 5108 agentConfig: 5109 description: AgentConfig defines the options for the Oracle Cloud 5110 Agent software running on the instance. 5111 properties: 5112 areAllPluginsDisabled: 5113 description: AreAllPluginsDisabled defines whether Oracle 5114 Cloud Agent can run all the available plugins. This includes 5115 the management and monitoring plugins. To get a list of 5116 available plugins, use the ListInstanceagentAvailablePlugins 5117 operation in the Oracle Cloud Agent API. For more information 5118 about the available plugins, see Managing Plugins with Oracle 5119 Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5120 type: boolean 5121 isManagementDisabled: 5122 description: 'IsManagementDisabled defines whether Oracle 5123 Cloud Agent can run all the available management plugins. 5124 Default value is false (management plugins are enabled). 5125 These are the management plugins: OS Management Service 5126 Agent and Compute Instance Run Command. The management plugins 5127 are controlled by this parameter and by the per-plugin configuration 5128 in the `pluginsConfig` object. - If `isManagementDisabled` 5129 is true, all of the management plugins are disabled, regardless 5130 of the per-plugin configuration. - If `isManagementDisabled` 5131 is false, all of the management plugins are enabled. You 5132 can optionally disable individual management plugins by 5133 providing a value in the `pluginsConfig` object.' 5134 type: boolean 5135 isMonitoringDisabled: 5136 description: 'IsMonitoringDisabled defines whether Oracle 5137 Cloud Agent can gather performance metrics and monitor the 5138 instance using the monitoring plugins. Default value is 5139 false (monitoring plugins are enabled). These are the monitoring 5140 plugins: Compute Instance Monitoring and Custom Logs Monitoring. 5141 The monitoring plugins are controlled by this parameter 5142 and by the per-plugin configuration in the `pluginsConfig` 5143 object. - If `isMonitoringDisabled` is true, all of the 5144 monitoring plugins are disabled, regardless of the per-plugin 5145 configuration. - If `isMonitoringDisabled` is false, all 5146 of the monitoring plugins are enabled. You can optionally 5147 disable individual monitoring plugins by providing a value 5148 in the `pluginsConfig` object.' 5149 type: boolean 5150 pluginsConfigs: 5151 description: PluginsConfig defines the configuration of plugins 5152 associated with this instance. 5153 items: 5154 description: InstanceAgentPluginConfig defines the configuration 5155 of plugins associated with this instance. 5156 properties: 5157 desiredState: 5158 description: 'DesiredState defines whether the plugin 5159 should be enabled or disabled. To enable the monitoring 5160 and management plugins, the `isMonitoringDisabled` 5161 and `isManagementDisabled` attributes must also be 5162 set to false. The following values are supported: 5163 * `ENABLED` * `DISABLED`' 5164 type: string 5165 name: 5166 description: Name defines the name of the plugin. To 5167 get a list of available plugins, use the ListInstanceagentAvailablePlugins 5168 operation in the Oracle Cloud Agent API. For more 5169 information about the available plugins, see Managing 5170 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5171 type: string 5172 type: object 5173 type: array 5174 type: object 5175 availabilityConfig: 5176 description: LaunchInstanceAvailabilityConfig defines the options 5177 for VM migration during infrastructure maintenance events and 5178 for defining the availability of a VM instance after a maintenance 5179 event that impacts the underlying hardware. 5180 properties: 5181 isLiveMigrationPreferred: 5182 description: IsLiveMigrationPreferred defines whether to live 5183 migrate supported VM instances to a healthy physical VM 5184 host without disrupting running instances during infrastructure 5185 maintenance events. If null, Oracle chooses the best option 5186 for migrating the VM during infrastructure maintenance events. 5187 type: boolean 5188 recoveryAction: 5189 description: RecoveryAction defines the lifecycle state for 5190 an instance when it is recovered after infrastructure maintenance. 5191 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 5192 state it was in before the maintenance event. If the instance 5193 was running, it is automatically rebooted. This is the default 5194 action when a value is not set. * `STOP_INSTANCE` - The 5195 instance is recovered in the stopped state. 5196 type: string 5197 type: object 5198 capacityReservationId: 5199 description: CapacityReservationId defines the OCID of the compute 5200 capacity reservation this instance is launched under. You can 5201 opt out of all default reservations by specifying an empty string 5202 as input for this field. For more information, see Capacity 5203 Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 5204 type: string 5205 dedicatedVmHostId: 5206 description: DedicatedVmHostId defines the OCID of the dedicated 5207 VM host. 5208 type: string 5209 instanceConfigurationId: 5210 type: string 5211 instanceOptions: 5212 description: InstanceOptions defines the instance options 5213 properties: 5214 areLegacyImdsEndpointsDisabled: 5215 description: Whether to disable the legacy (/v1) instance 5216 metadata service endpoints. Customers who have migrated 5217 to /v2 should set this to true for added security. Default 5218 is false. 5219 type: boolean 5220 type: object 5221 instanceSourceViaImageConfig: 5222 description: InstanceSourceViaImageConfig defines the options 5223 for booting up instances via images 5224 properties: 5225 bootVolumeSizeInGBs: 5226 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 5227 to extend the boot volume size. 5228 format: int64 5229 type: integer 5230 bootVolumeVpusPerGB: 5231 description: 'BootVolumeVpusPerGB defines the number of volume 5232 performance units (VPUs) that will be applied to this volume 5233 per GB, representing the Block Volume service''s elastic 5234 performance options. See Block Volume Performance Levels 5235 (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 5236 for more information. Allowed values: * `10`: Represents 5237 Balanced option. * `20`: Represents Higher Performance option. 5238 * `30`-`120`: Represents the Ultra High Performance option. 5239 For volumes with the auto-tuned performance feature enabled, 5240 this is set to the default (minimum) VPUs/GB.' 5241 format: int64 5242 type: integer 5243 imageId: 5244 description: OCID of the image to be used to launch the instance. 5245 type: string 5246 kmsKeyId: 5247 description: KmsKeyId defines the OCID of the Key Management 5248 key to assign as the master encryption key for the boot 5249 volume. 5250 type: string 5251 type: object 5252 instanceVnicConfiguration: 5253 description: NetworkDetails defines the configuration options 5254 for the network 5255 properties: 5256 assignPrivateDnsRecord: 5257 description: AssignPrivateDnsRecord defines whether the VNIC 5258 should be assigned a DNS record. 5259 type: boolean 5260 assignPublicIp: 5261 description: AssignPublicIp defines whether the instance should 5262 have a public IP address 5263 type: boolean 5264 displayName: 5265 description: DisplayName defines a user-friendly name. Does 5266 not have to be unique, and it's changeable. Avoid entering 5267 confidential information. 5268 type: string 5269 hostnameLabel: 5270 description: HostnameLabel defines the hostname for the VNIC's 5271 primary private IP. Used for DNS. 5272 type: string 5273 nsgId: 5274 description: NSGId defines the ID of the NSG to use. This 5275 parameter takes priority over NsgNames. 5276 type: string 5277 nsgNames: 5278 description: NsgNames defines a list of the nsg names of the 5279 network security groups (NSGs) to add the VNIC to. 5280 items: 5281 type: string 5282 type: array 5283 skipSourceDestCheck: 5284 description: SkipSourceDestCheck defines whether the source/destination 5285 check is disabled on the VNIC. 5286 type: boolean 5287 subnetId: 5288 description: SubnetId defines the ID of the subnet to use. 5289 This parameter takes priority over SubnetName. 5290 type: string 5291 subnetName: 5292 description: SubnetName defines the subnet name to use for 5293 the VNIC 5294 type: string 5295 type: object 5296 isPvEncryptionInTransitEnabled: 5297 default: true 5298 description: Is in transit encryption of volumes required. 5299 type: boolean 5300 launchOptions: 5301 description: LaunchOptions defines the options for tuning the 5302 compatibility and performance of VM shapes 5303 properties: 5304 bootVolumeType: 5305 description: BootVolumeType defines Emulation type for the 5306 boot volume. * `ISCSI` - ISCSI attached block storage device. 5307 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 5308 * `VFIO` - Direct attached Virtual Function storage. This 5309 is the default option for local data volumes on platform 5310 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 5311 is the default for boot volumes and remote block storage 5312 volumes on platform images. 5313 type: string 5314 firmware: 5315 description: Firmware defines the firmware used to boot VM. 5316 Select the option that matches your operating system. * 5317 `BIOS` - Boot VM using BIOS style firmware. This is compatible 5318 with both 32 bit and 64 bit operating systems that boot 5319 using MBR style bootloaders. * `UEFI_64` - Boot VM using 5320 UEFI style firmware compatible with 64 bit operating systems. 5321 This is the default for platform images. 5322 type: string 5323 isConsistentVolumeNamingEnabled: 5324 description: IsConsistentVolumeNamingEnabled defines whether 5325 to enable consistent volume naming feature. Defaults to 5326 false. 5327 type: boolean 5328 networkType: 5329 description: NetworkType defines the emulation type for the 5330 physical network interface card (NIC). * `E1000` - Emulated 5331 Gigabit ethernet controller. Compatible with Linux e1000 5332 network driver. * `VFIO` - Direct attached Virtual Function 5333 network controller. This is the networking type when you 5334 launch an instance using hardware-assisted (SR-IOV) networking. 5335 * `PARAVIRTUALIZED` - VM instances launch with paravirtualized 5336 devices using VirtIO drivers. 5337 type: string 5338 remoteDataVolumeType: 5339 description: RemoteDataVolumeType defines the emulation type 5340 for volume. * `ISCSI` - ISCSI attached block storage device. 5341 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 5342 * `VFIO` - Direct attached Virtual Function storage. This 5343 is the default option for local data volumes on platform 5344 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 5345 is the default for boot volumes and remote block storage 5346 volumes on platform images. 5347 type: string 5348 type: object 5349 metadata: 5350 additionalProperties: 5351 type: string 5352 description: Custom metadata key/value pairs that you provide, 5353 such as the SSH public key required to connect to the instance. 5354 type: object 5355 platformConfig: 5356 description: PlatformConfig defines the platform config parameters 5357 properties: 5358 amdMilanBmPlatformConfig: 5359 description: AmdMilanBmPlatformConfig describe AMD Milan BM 5360 platform configuration 5361 properties: 5362 areVirtualInstructionsEnabled: 5363 description: Whether virtualization instructions are available. 5364 For example, Secure Virtual Machine for AMD shapes or 5365 VT-x for Intel shapes. 5366 type: boolean 5367 isAccessControlServiceEnabled: 5368 description: Whether the Access Control Service is enabled 5369 on the instance. When enabled, the platform can enforce 5370 PCIe device isolation, required for VFIO device pass-through. 5371 type: boolean 5372 isInputOutputMemoryManagementUnitEnabled: 5373 description: Whether the input-output memory management 5374 unit is enabled. 5375 type: boolean 5376 isMeasuredBootEnabled: 5377 description: Whether the Measured Boot feature is enabled 5378 on the instance. 5379 type: boolean 5380 isMemoryEncryptionEnabled: 5381 description: Whether the instance is a confidential instance. 5382 If this value is `true`, the instance is a confidential 5383 instance. The default value is `false`. 5384 type: boolean 5385 isSecureBootEnabled: 5386 description: Whether Secure Boot is enabled on the instance. 5387 type: boolean 5388 isSymmetricMultiThreadingEnabled: 5389 description: Whether symmetric multithreading is enabled 5390 on the instance. Symmetric multithreading is also called 5391 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5392 Intel and AMD processors have two hardware execution 5393 threads per core (OCPU). SMT permits multiple independent 5394 threads of execution, to better use the resources and 5395 increase the efficiency of the CPU. When multithreading 5396 is disabled, only one thread is permitted to run on 5397 each core, which can provide higher or more predictable 5398 performance for some workloads. 5399 type: boolean 5400 isTrustedPlatformModuleEnabled: 5401 description: Whether the Trusted Platform Module (TPM) 5402 is enabled on the instance. 5403 type: boolean 5404 numaNodesPerSocket: 5405 description: 'The number of NUMA nodes per socket (NPS). 5406 The following values are supported: * `NPS0` * `NPS1` 5407 * `NPS2` * `NPS4`' 5408 type: string 5409 percentageOfCoresEnabled: 5410 description: The percentage of cores enabled. Value must 5411 be a multiple of 25%. If the requested percentage results 5412 in a fractional number of cores, the system rounds up 5413 the number of cores across processors and provisions 5414 an instance with a whole number of cores. If the applications 5415 that you run on the instance use a core-based licensing 5416 model and need fewer cores than the full size of the 5417 shape, you can disable cores to reduce your licensing 5418 costs. The instance itself is billed for the full shape, 5419 regardless of whether all cores are enabled. 5420 type: integer 5421 type: object 5422 amdRomeBmGpuPlatformConfig: 5423 description: AmdMilanBmPlatformConfig describe AMD Rome BM 5424 platform configuration 5425 properties: 5426 areVirtualInstructionsEnabled: 5427 description: Whether virtualization instructions are available. 5428 For example, Secure Virtual Machine for AMD shapes or 5429 VT-x for Intel shapes. 5430 type: boolean 5431 isAccessControlServiceEnabled: 5432 description: Whether the Access Control Service is enabled 5433 on the instance. When enabled, the platform can enforce 5434 PCIe device isolation, required for VFIO device pass-through. 5435 type: boolean 5436 isInputOutputMemoryManagementUnitEnabled: 5437 description: Whether the input-output memory management 5438 unit is enabled. 5439 type: boolean 5440 isMeasuredBootEnabled: 5441 description: Whether the Measured Boot feature is enabled 5442 on the instance. 5443 type: boolean 5444 isMemoryEncryptionEnabled: 5445 description: Whether the instance is a confidential instance. 5446 If this value is `true`, the instance is a confidential 5447 instance. The default value is `false`. 5448 type: boolean 5449 isSecureBootEnabled: 5450 description: Whether Secure Boot is enabled on the instance. 5451 type: boolean 5452 isSymmetricMultiThreadingEnabled: 5453 description: Whether symmetric multithreading is enabled 5454 on the instance. Symmetric multithreading is also called 5455 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5456 Intel and AMD processors have two hardware execution 5457 threads per core (OCPU). SMT permits multiple independent 5458 threads of execution, to better use the resources and 5459 increase the efficiency of the CPU. When multithreading 5460 is disabled, only one thread is permitted to run on 5461 each core, which can provide higher or more predictable 5462 performance for some workloads. 5463 type: boolean 5464 isTrustedPlatformModuleEnabled: 5465 description: Whether the Trusted Platform Module (TPM) 5466 is enabled on the instance. 5467 type: boolean 5468 numaNodesPerSocket: 5469 description: 'The number of NUMA nodes per socket (NPS). 5470 The following values are supported: * `NPS0` * `NPS1` 5471 * `NPS2` * `NPS4`' 5472 type: string 5473 type: object 5474 amdRomeBmPlatformConfig: 5475 description: AmdMilanBmPlatformConfig describe AMD Rome BM 5476 platform configuration 5477 properties: 5478 areVirtualInstructionsEnabled: 5479 description: Whether virtualization instructions are available. 5480 For example, Secure Virtual Machine for AMD shapes or 5481 VT-x for Intel shapes. 5482 type: boolean 5483 isAccessControlServiceEnabled: 5484 description: Whether the Access Control Service is enabled 5485 on the instance. When enabled, the platform can enforce 5486 PCIe device isolation, required for VFIO device pass-through. 5487 type: boolean 5488 isInputOutputMemoryManagementUnitEnabled: 5489 description: Whether the input-output memory management 5490 unit is enabled. 5491 type: boolean 5492 isMeasuredBootEnabled: 5493 description: Whether the Measured Boot feature is enabled 5494 on the instance. 5495 type: boolean 5496 isMemoryEncryptionEnabled: 5497 description: Whether the instance is a confidential instance. 5498 If this value is `true`, the instance is a confidential 5499 instance. The default value is `false`. 5500 type: boolean 5501 isSecureBootEnabled: 5502 description: Whether Secure Boot is enabled on the instance. 5503 type: boolean 5504 isSymmetricMultiThreadingEnabled: 5505 description: Whether symmetric multithreading is enabled 5506 on the instance. Symmetric multithreading is also called 5507 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5508 Intel and AMD processors have two hardware execution 5509 threads per core (OCPU). SMT permits multiple independent 5510 threads of execution, to better use the resources and 5511 increase the efficiency of the CPU. When multithreading 5512 is disabled, only one thread is permitted to run on 5513 each core, which can provide higher or more predictable 5514 performance for some workloads. 5515 type: boolean 5516 isTrustedPlatformModuleEnabled: 5517 description: Whether the Trusted Platform Module (TPM) 5518 is enabled on the instance. 5519 type: boolean 5520 numaNodesPerSocket: 5521 description: 'The number of NUMA nodes per socket (NPS). 5522 The following values are supported: * `NPS0` * `NPS1` 5523 * `NPS2` * `NPS4`' 5524 type: string 5525 percentageOfCoresEnabled: 5526 description: The percentage of cores enabled. Value must 5527 be a multiple of 25%. If the requested percentage results 5528 in a fractional number of cores, the system rounds up 5529 the number of cores across processors and provisions 5530 an instance with a whole number of cores. If the applications 5531 that you run on the instance use a core-based licensing 5532 model and need fewer cores than the full size of the 5533 shape, you can disable cores to reduce your licensing 5534 costs. The instance itself is billed for the full shape, 5535 regardless of whether all cores are enabled. 5536 type: integer 5537 type: object 5538 amdVmPlatformConfig: 5539 description: AmdMilanBmPlatformConfig describe AMD VM platform 5540 configuration 5541 properties: 5542 isMeasuredBootEnabled: 5543 description: Whether the Measured Boot feature is enabled 5544 on the instance. 5545 type: boolean 5546 isMemoryEncryptionEnabled: 5547 description: Whether the instance is a confidential instance. 5548 If this value is `true`, the instance is a confidential 5549 instance. The default value is `false`. 5550 type: boolean 5551 isSecureBootEnabled: 5552 description: Whether Secure Boot is enabled on the instance. 5553 type: boolean 5554 isTrustedPlatformModuleEnabled: 5555 description: Whether the Trusted Platform Module (TPM) 5556 is enabled on the instance. 5557 type: boolean 5558 type: object 5559 intelIcelakeBmPlatformConfig: 5560 description: AmdMilanBmPlatformConfig describe Intel Skylke 5561 BM platform configuration 5562 properties: 5563 isInputOutputMemoryManagementUnitEnabled: 5564 description: Whether the input-output memory management 5565 unit is enabled. 5566 type: boolean 5567 isMeasuredBootEnabled: 5568 description: Whether the Measured Boot feature is enabled 5569 on the instance. 5570 type: boolean 5571 isMemoryEncryptionEnabled: 5572 description: Whether the instance is a confidential instance. 5573 If this value is `true`, the instance is a confidential 5574 instance. The default value is `false`. 5575 type: boolean 5576 isSecureBootEnabled: 5577 description: Whether Secure Boot is enabled on the instance. 5578 type: boolean 5579 isSymmetricMultiThreadingEnabled: 5580 description: Whether symmetric multithreading is enabled 5581 on the instance. Symmetric multithreading is also called 5582 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5583 Intel and AMD processors have two hardware execution 5584 threads per core (OCPU). SMT permits multiple independent 5585 threads of execution, to better use the resources and 5586 increase the efficiency of the CPU. When multithreading 5587 is disabled, only one thread is permitted to run on 5588 each core, which can provide higher or more predictable 5589 performance for some workloads. 5590 type: boolean 5591 isTrustedPlatformModuleEnabled: 5592 description: Whether the Trusted Platform Module (TPM) 5593 is enabled on the instance. 5594 type: boolean 5595 numaNodesPerSocket: 5596 description: 'The number of NUMA nodes per socket (NPS). 5597 The following values are supported: * `NPS1` * `NPS2`' 5598 type: string 5599 percentageOfCoresEnabled: 5600 description: The percentage of cores enabled. Value must 5601 be a multiple of 25%. If the requested percentage results 5602 in a fractional number of cores, the system rounds up 5603 the number of cores across processors and provisions 5604 an instance with a whole number of cores. If the applications 5605 that you run on the instance use a core-based licensing 5606 model and need fewer cores than the full size of the 5607 shape, you can disable cores to reduce your licensing 5608 costs. The instance itself is billed for the full shape, 5609 regardless of whether all cores are enabled. 5610 type: integer 5611 type: object 5612 intelSkylakeBmPlatformConfig: 5613 description: AmdMilanBmPlatformConfig describe Intel Skylke 5614 BM platform configuration 5615 properties: 5616 isMeasuredBootEnabled: 5617 description: Whether the Measured Boot feature is enabled 5618 on the instance. 5619 type: boolean 5620 isMemoryEncryptionEnabled: 5621 description: Whether the instance is a confidential instance. 5622 If this value is `true`, the instance is a confidential 5623 instance. The default value is `false`. 5624 type: boolean 5625 isSecureBootEnabled: 5626 description: Whether Secure Boot is enabled on the instance. 5627 type: boolean 5628 isTrustedPlatformModuleEnabled: 5629 description: Whether the Trusted Platform Module (TPM) 5630 is enabled on the instance. 5631 type: boolean 5632 type: object 5633 intelVmPlatformConfig: 5634 description: AmdMilanBmPlatformConfig describe Intel VM platform 5635 configuration 5636 properties: 5637 isMeasuredBootEnabled: 5638 description: Whether the Measured Boot feature is enabled 5639 on the instance. 5640 type: boolean 5641 isMemoryEncryptionEnabled: 5642 description: Whether the instance is a confidential instance. 5643 If this value is `true`, the instance is a confidential 5644 instance. The default value is `false`. 5645 type: boolean 5646 isSecureBootEnabled: 5647 description: Whether Secure Boot is enabled on the instance. 5648 type: boolean 5649 isTrustedPlatformModuleEnabled: 5650 description: Whether the Trusted Platform Module (TPM) 5651 is enabled on the instance. 5652 type: boolean 5653 type: object 5654 platformConfigType: 5655 description: The type of platform configuration. Valid values 5656 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 5657 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 5658 Based on the enum, exactly one of the specific configuration 5659 types must be set 5660 type: string 5661 type: object 5662 preemptibleInstanceConfig: 5663 description: PreemptibleInstanceConfig Configuration options for 5664 preemptible instances. 5665 properties: 5666 terminatePreemptionAction: 5667 description: TerminatePreemptionAction terminates the preemptible 5668 instance when it is interrupted for eviction. 5669 properties: 5670 preserveBootVolume: 5671 description: PreserveBootVolume defines whether to preserve 5672 the boot volume that was used to launch the preemptible 5673 instance when the instance is terminated. Defaults to 5674 false if not specified. 5675 type: boolean 5676 type: object 5677 type: object 5678 shape: 5679 type: string 5680 shapeConfig: 5681 description: The shape configuration of the instance, applicable 5682 for flex instances. 5683 properties: 5684 baselineOcpuUtilization: 5685 description: 'The baseline OCPU utilization for a subcore 5686 burstable VM instance. Leave this attribute blank for a 5687 non-burstable instance, or explicitly specify non-burstable 5688 with `BASELINE_1_1`. The following values are supported: 5689 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` 5690 - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline 5691 usage is an entire OCPU. This represents a non-burstable 5692 instance.' 5693 type: string 5694 memoryInGBs: 5695 description: The total amount of memory available to the instance, 5696 in gigabytes. 5697 type: string 5698 nvmes: 5699 description: Nvmes defines the number of NVMe drives to be 5700 used for storage. A single drive has 6.8 TB available. 5701 type: integer 5702 ocpus: 5703 description: The total number of OCPUs available to the instance. 5704 type: string 5705 type: object 5706 type: object 5707 ocid: 5708 description: OCID is the OCID of the associated InstancePool 5709 type: string 5710 placementDetails: 5711 description: PlacementDetails defines the placement details of the 5712 instance pool. 5713 items: 5714 properties: 5715 availabilityDomain: 5716 description: The availability domain to place instances. 5717 type: integer 5718 required: 5719 - availabilityDomain 5720 type: object 5721 type: array 5722 providerID: 5723 description: ProviderID is the OCID of the associated InstancePool 5724 in a provider format 5725 type: string 5726 providerIDList: 5727 description: ProviderIDList are the identification IDs of machine 5728 instances provided by the provider. This field must match the provider 5729 IDs as seen on the node objects corresponding to a machine pool's 5730 machine instances. 5731 items: 5732 type: string 5733 type: array 5734 type: object 5735 status: 5736 description: OCIMachinePoolStatus defines the observed state of OCIMachinePool 5737 properties: 5738 conditions: 5739 description: Conditions defines current service state of the OCIMachinePool. 5740 items: 5741 description: Condition defines an observation of a Cluster API resource 5742 operational state. 5743 properties: 5744 lastTransitionTime: 5745 description: Last time the condition transitioned from one status 5746 to another. This should be when the underlying condition changed. 5747 If that is not known, then using the time when the API field 5748 changed is acceptable. 5749 format: date-time 5750 type: string 5751 message: 5752 description: A human readable message indicating details about 5753 the transition. This field may be empty. 5754 type: string 5755 reason: 5756 description: The reason for the condition's last transition 5757 in CamelCase. The specific API may choose whether or not this 5758 field is considered a guaranteed API. This field may not be 5759 empty. 5760 type: string 5761 severity: 5762 description: Severity provides an explicit classification of 5763 Reason code, so the users or machines can immediately understand 5764 the current situation and act accordingly. The Severity field 5765 MUST be set only when Status=False. 5766 type: string 5767 status: 5768 description: Status of the condition, one of True, False, Unknown. 5769 type: string 5770 type: 5771 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 5772 Many .condition.type values are consistent across resources 5773 like Available, but because arbitrary conditions can be useful 5774 (see .node.status.conditions), the ability to deconflict is 5775 important. 5776 type: string 5777 required: 5778 - lastTransitionTime 5779 - status 5780 - type 5781 type: object 5782 type: array 5783 failureMessage: 5784 type: string 5785 failureReason: 5786 description: MachineStatusError defines errors states for Machine 5787 objects. 5788 type: string 5789 ready: 5790 description: Ready is true when the provider resource is ready. 5791 type: boolean 5792 replicas: 5793 description: Replicas is the most recently observed number of replicas 5794 format: int32 5795 type: integer 5796 type: object 5797 type: object 5798 served: true 5799 storage: false 5800 subresources: 5801 status: {} 5802 - name: v1beta2 5803 schema: 5804 openAPIV3Schema: 5805 properties: 5806 apiVersion: 5807 description: 'APIVersion defines the versioned schema of this representation 5808 of an object. Servers should convert recognized schemas to the latest 5809 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5810 type: string 5811 kind: 5812 description: 'Kind is a string value representing the REST resource this 5813 object represents. Servers may infer this from the endpoint the client 5814 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5815 type: string 5816 metadata: 5817 type: object 5818 spec: 5819 description: OCIMachinePoolSpec defines the desired state of OCIMachinePool 5820 properties: 5821 instanceConfiguration: 5822 description: InstanceConfiguration defines the configuration of the 5823 instance pool instances. 5824 properties: 5825 agentConfig: 5826 description: AgentConfig defines the options for the Oracle Cloud 5827 Agent software running on the instance. 5828 properties: 5829 areAllPluginsDisabled: 5830 description: AreAllPluginsDisabled defines whether Oracle 5831 Cloud Agent can run all the available plugins. This includes 5832 the management and monitoring plugins. To get a list of 5833 available plugins, use the ListInstanceagentAvailablePlugins 5834 operation in the Oracle Cloud Agent API. For more information 5835 about the available plugins, see Managing Plugins with Oracle 5836 Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5837 type: boolean 5838 isManagementDisabled: 5839 description: 'IsManagementDisabled defines whether Oracle 5840 Cloud Agent can run all the available management plugins. 5841 Default value is false (management plugins are enabled). 5842 These are the management plugins: OS Management Service 5843 Agent and Compute Instance Run Command. The management plugins 5844 are controlled by this parameter and by the per-plugin configuration 5845 in the `pluginsConfig` object. - If `isManagementDisabled` 5846 is true, all of the management plugins are disabled, regardless 5847 of the per-plugin configuration. - If `isManagementDisabled` 5848 is false, all of the management plugins are enabled. You 5849 can optionally disable individual management plugins by 5850 providing a value in the `pluginsConfig` object.' 5851 type: boolean 5852 isMonitoringDisabled: 5853 description: 'IsMonitoringDisabled defines whether Oracle 5854 Cloud Agent can gather performance metrics and monitor the 5855 instance using the monitoring plugins. Default value is 5856 false (monitoring plugins are enabled). These are the monitoring 5857 plugins: Compute Instance Monitoring and Custom Logs Monitoring. 5858 The monitoring plugins are controlled by this parameter 5859 and by the per-plugin configuration in the `pluginsConfig` 5860 object. - If `isMonitoringDisabled` is true, all of the 5861 monitoring plugins are disabled, regardless of the per-plugin 5862 configuration. - If `isMonitoringDisabled` is false, all 5863 of the monitoring plugins are enabled. You can optionally 5864 disable individual monitoring plugins by providing a value 5865 in the `pluginsConfig` object.' 5866 type: boolean 5867 pluginsConfigs: 5868 description: PluginsConfig defines the configuration of plugins 5869 associated with this instance. 5870 items: 5871 description: InstanceAgentPluginConfig defines the configuration 5872 of plugins associated with this instance. 5873 properties: 5874 desiredState: 5875 description: 'DesiredState defines whether the plugin 5876 should be enabled or disabled. To enable the monitoring 5877 and management plugins, the `isMonitoringDisabled` 5878 and `isManagementDisabled` attributes must also be 5879 set to false. The following values are supported: 5880 * `ENABLED` * `DISABLED`' 5881 type: string 5882 name: 5883 description: Name defines the name of the plugin. To 5884 get a list of available plugins, use the ListInstanceagentAvailablePlugins 5885 operation in the Oracle Cloud Agent API. For more 5886 information about the available plugins, see Managing 5887 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5888 type: string 5889 type: object 5890 type: array 5891 type: object 5892 availabilityConfig: 5893 description: LaunchInstanceAvailabilityConfig defines the options 5894 for VM migration during infrastructure maintenance events and 5895 for defining the availability of a VM instance after a maintenance 5896 event that impacts the underlying hardware. 5897 properties: 5898 isLiveMigrationPreferred: 5899 description: IsLiveMigrationPreferred defines whether to live 5900 migrate supported VM instances to a healthy physical VM 5901 host without disrupting running instances during infrastructure 5902 maintenance events. If null, Oracle chooses the best option 5903 for migrating the VM during infrastructure maintenance events. 5904 type: boolean 5905 recoveryAction: 5906 description: RecoveryAction defines the lifecycle state for 5907 an instance when it is recovered after infrastructure maintenance. 5908 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 5909 state it was in before the maintenance event. If the instance 5910 was running, it is automatically rebooted. This is the default 5911 action when a value is not set. * `STOP_INSTANCE` - The 5912 instance is recovered in the stopped state. 5913 type: string 5914 type: object 5915 capacityReservationId: 5916 description: CapacityReservationId defines the OCID of the compute 5917 capacity reservation this instance is launched under. You can 5918 opt out of all default reservations by specifying an empty string 5919 as input for this field. For more information, see Capacity 5920 Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 5921 type: string 5922 dedicatedVmHostId: 5923 description: DedicatedVmHostId defines the OCID of the dedicated 5924 VM host. 5925 type: string 5926 instanceConfigurationId: 5927 type: string 5928 instanceOptions: 5929 description: InstanceOptions defines the instance options 5930 properties: 5931 areLegacyImdsEndpointsDisabled: 5932 description: Whether to disable the legacy (/v1) instance 5933 metadata service endpoints. Customers who have migrated 5934 to /v2 should set this to true for added security. Default 5935 is false. 5936 type: boolean 5937 type: object 5938 instanceSourceViaImageConfig: 5939 description: InstanceSourceViaImageConfig defines the options 5940 for booting up instances via images 5941 properties: 5942 bootVolumeSizeInGBs: 5943 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 5944 to extend the boot volume size. 5945 format: int64 5946 type: integer 5947 bootVolumeVpusPerGB: 5948 description: 'BootVolumeVpusPerGB defines the number of volume 5949 performance units (VPUs) that will be applied to this volume 5950 per GB, representing the Block Volume service''s elastic 5951 performance options. See Block Volume Performance Levels 5952 (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 5953 for more information. Allowed values: * `10`: Represents 5954 Balanced option. * `20`: Represents Higher Performance option. 5955 * `30`-`120`: Represents the Ultra High Performance option. 5956 For volumes with the auto-tuned performance feature enabled, 5957 this is set to the default (minimum) VPUs/GB.' 5958 format: int64 5959 type: integer 5960 imageId: 5961 description: OCID of the image to be used to launch the instance. 5962 type: string 5963 kmsKeyId: 5964 description: KmsKeyId defines the OCID of the Key Management 5965 key to assign as the master encryption key for the boot 5966 volume. 5967 type: string 5968 type: object 5969 instanceVnicConfiguration: 5970 description: NetworkDetails defines the configuration options 5971 for the network 5972 properties: 5973 assignPrivateDnsRecord: 5974 description: AssignPrivateDnsRecord defines whether the VNIC 5975 should be assigned a DNS record. 5976 type: boolean 5977 assignPublicIp: 5978 description: AssignPublicIp defines whether the instance should 5979 have a public IP address 5980 type: boolean 5981 displayName: 5982 description: DisplayName defines a user-friendly name. Does 5983 not have to be unique, and it's changeable. Avoid entering 5984 confidential information. 5985 type: string 5986 hostnameLabel: 5987 description: HostnameLabel defines the hostname for the VNIC's 5988 primary private IP. Used for DNS. 5989 type: string 5990 nsgId: 5991 description: NSGId defines the ID of the NSG to use. This 5992 parameter takes priority over NsgNames. 5993 type: string 5994 nsgNames: 5995 description: NsgNames defines a list of the nsg names of the 5996 network security groups (NSGs) to add the VNIC to. 5997 items: 5998 type: string 5999 type: array 6000 skipSourceDestCheck: 6001 description: SkipSourceDestCheck defines whether the source/destination 6002 check is disabled on the VNIC. 6003 type: boolean 6004 subnetId: 6005 description: SubnetId defines the ID of the subnet to use. 6006 This parameter takes priority over SubnetName. 6007 type: string 6008 subnetName: 6009 description: SubnetName defines the subnet name to use for 6010 the VNIC 6011 type: string 6012 type: object 6013 isPvEncryptionInTransitEnabled: 6014 description: Is in transit encryption of volumes required. 6015 type: boolean 6016 launchOptions: 6017 description: LaunchOptions defines the options for tuning the 6018 compatibility and performance of VM shapes 6019 properties: 6020 bootVolumeType: 6021 description: BootVolumeType defines Emulation type for the 6022 boot volume. * `ISCSI` - ISCSI attached block storage device. 6023 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 6024 * `VFIO` - Direct attached Virtual Function storage. This 6025 is the default option for local data volumes on platform 6026 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 6027 is the default for boot volumes and remote block storage 6028 volumes on platform images. 6029 type: string 6030 firmware: 6031 description: Firmware defines the firmware used to boot VM. 6032 Select the option that matches your operating system. * 6033 `BIOS` - Boot VM using BIOS style firmware. This is compatible 6034 with both 32 bit and 64 bit operating systems that boot 6035 using MBR style bootloaders. * `UEFI_64` - Boot VM using 6036 UEFI style firmware compatible with 64 bit operating systems. 6037 This is the default for platform images. 6038 type: string 6039 isConsistentVolumeNamingEnabled: 6040 description: IsConsistentVolumeNamingEnabled defines whether 6041 to enable consistent volume naming feature. Defaults to 6042 false. 6043 type: boolean 6044 networkType: 6045 description: NetworkType defines the emulation type for the 6046 physical network interface card (NIC). * `E1000` - Emulated 6047 Gigabit ethernet controller. Compatible with Linux e1000 6048 network driver. * `VFIO` - Direct attached Virtual Function 6049 network controller. This is the networking type when you 6050 launch an instance using hardware-assisted (SR-IOV) networking. 6051 * `PARAVIRTUALIZED` - VM instances launch with paravirtualized 6052 devices using VirtIO drivers. 6053 type: string 6054 remoteDataVolumeType: 6055 description: RemoteDataVolumeType defines the emulation type 6056 for volume. * `ISCSI` - ISCSI attached block storage device. 6057 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 6058 * `VFIO` - Direct attached Virtual Function storage. This 6059 is the default option for local data volumes on platform 6060 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 6061 is the default for boot volumes and remote block storage 6062 volumes on platform images. 6063 type: string 6064 type: object 6065 metadata: 6066 additionalProperties: 6067 type: string 6068 description: Custom metadata key/value pairs that you provide, 6069 such as the SSH public key required to connect to the instance. 6070 type: object 6071 platformConfig: 6072 description: PlatformConfig defines the platform config parameters 6073 properties: 6074 amdMilanBmPlatformConfig: 6075 description: AmdMilanBmPlatformConfig describe AMD Milan BM 6076 platform configuration 6077 properties: 6078 areVirtualInstructionsEnabled: 6079 description: Whether virtualization instructions are available. 6080 For example, Secure Virtual Machine for AMD shapes or 6081 VT-x for Intel shapes. 6082 type: boolean 6083 isAccessControlServiceEnabled: 6084 description: Whether the Access Control Service is enabled 6085 on the instance. When enabled, the platform can enforce 6086 PCIe device isolation, required for VFIO device pass-through. 6087 type: boolean 6088 isInputOutputMemoryManagementUnitEnabled: 6089 description: Whether the input-output memory management 6090 unit is enabled. 6091 type: boolean 6092 isMeasuredBootEnabled: 6093 description: Whether the Measured Boot feature is enabled 6094 on the instance. 6095 type: boolean 6096 isMemoryEncryptionEnabled: 6097 description: Whether the instance is a confidential instance. 6098 If this value is `true`, the instance is a confidential 6099 instance. The default value is `false`. 6100 type: boolean 6101 isSecureBootEnabled: 6102 description: Whether Secure Boot is enabled on the instance. 6103 type: boolean 6104 isSymmetricMultiThreadingEnabled: 6105 description: Whether symmetric multithreading is enabled 6106 on the instance. Symmetric multithreading is also called 6107 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6108 Intel and AMD processors have two hardware execution 6109 threads per core (OCPU). SMT permits multiple independent 6110 threads of execution, to better use the resources and 6111 increase the efficiency of the CPU. When multithreading 6112 is disabled, only one thread is permitted to run on 6113 each core, which can provide higher or more predictable 6114 performance for some workloads. 6115 type: boolean 6116 isTrustedPlatformModuleEnabled: 6117 description: Whether the Trusted Platform Module (TPM) 6118 is enabled on the instance. 6119 type: boolean 6120 numaNodesPerSocket: 6121 description: 'The number of NUMA nodes per socket (NPS). 6122 The following values are supported: * `NPS0` * `NPS1` 6123 * `NPS2` * `NPS4`' 6124 type: string 6125 percentageOfCoresEnabled: 6126 description: The percentage of cores enabled. Value must 6127 be a multiple of 25%. If the requested percentage results 6128 in a fractional number of cores, the system rounds up 6129 the number of cores across processors and provisions 6130 an instance with a whole number of cores. If the applications 6131 that you run on the instance use a core-based licensing 6132 model and need fewer cores than the full size of the 6133 shape, you can disable cores to reduce your licensing 6134 costs. The instance itself is billed for the full shape, 6135 regardless of whether all cores are enabled. 6136 type: integer 6137 type: object 6138 amdRomeBmGpuPlatformConfig: 6139 description: AmdMilanBmPlatformConfig describe AMD Rome BM 6140 platform configuration 6141 properties: 6142 areVirtualInstructionsEnabled: 6143 description: Whether virtualization instructions are available. 6144 For example, Secure Virtual Machine for AMD shapes or 6145 VT-x for Intel shapes. 6146 type: boolean 6147 isAccessControlServiceEnabled: 6148 description: Whether the Access Control Service is enabled 6149 on the instance. When enabled, the platform can enforce 6150 PCIe device isolation, required for VFIO device pass-through. 6151 type: boolean 6152 isInputOutputMemoryManagementUnitEnabled: 6153 description: Whether the input-output memory management 6154 unit is enabled. 6155 type: boolean 6156 isMeasuredBootEnabled: 6157 description: Whether the Measured Boot feature is enabled 6158 on the instance. 6159 type: boolean 6160 isMemoryEncryptionEnabled: 6161 description: Whether the instance is a confidential instance. 6162 If this value is `true`, the instance is a confidential 6163 instance. The default value is `false`. 6164 type: boolean 6165 isSecureBootEnabled: 6166 description: Whether Secure Boot is enabled on the instance. 6167 type: boolean 6168 isSymmetricMultiThreadingEnabled: 6169 description: Whether symmetric multithreading is enabled 6170 on the instance. Symmetric multithreading is also called 6171 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6172 Intel and AMD processors have two hardware execution 6173 threads per core (OCPU). SMT permits multiple independent 6174 threads of execution, to better use the resources and 6175 increase the efficiency of the CPU. When multithreading 6176 is disabled, only one thread is permitted to run on 6177 each core, which can provide higher or more predictable 6178 performance for some workloads. 6179 type: boolean 6180 isTrustedPlatformModuleEnabled: 6181 description: Whether the Trusted Platform Module (TPM) 6182 is enabled on the instance. 6183 type: boolean 6184 numaNodesPerSocket: 6185 description: 'The number of NUMA nodes per socket (NPS). 6186 The following values are supported: * `NPS0` * `NPS1` 6187 * `NPS2` * `NPS4`' 6188 type: string 6189 type: object 6190 amdRomeBmPlatformConfig: 6191 description: AmdMilanBmPlatformConfig describe AMD Rome BM 6192 platform configuration 6193 properties: 6194 areVirtualInstructionsEnabled: 6195 description: Whether virtualization instructions are available. 6196 For example, Secure Virtual Machine for AMD shapes or 6197 VT-x for Intel shapes. 6198 type: boolean 6199 isAccessControlServiceEnabled: 6200 description: Whether the Access Control Service is enabled 6201 on the instance. When enabled, the platform can enforce 6202 PCIe device isolation, required for VFIO device pass-through. 6203 type: boolean 6204 isInputOutputMemoryManagementUnitEnabled: 6205 description: Whether the input-output memory management 6206 unit is enabled. 6207 type: boolean 6208 isMeasuredBootEnabled: 6209 description: Whether the Measured Boot feature is enabled 6210 on the instance. 6211 type: boolean 6212 isMemoryEncryptionEnabled: 6213 description: Whether the instance is a confidential instance. 6214 If this value is `true`, the instance is a confidential 6215 instance. The default value is `false`. 6216 type: boolean 6217 isSecureBootEnabled: 6218 description: Whether Secure Boot is enabled on the instance. 6219 type: boolean 6220 isSymmetricMultiThreadingEnabled: 6221 description: Whether symmetric multithreading is enabled 6222 on the instance. Symmetric multithreading is also called 6223 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6224 Intel and AMD processors have two hardware execution 6225 threads per core (OCPU). SMT permits multiple independent 6226 threads of execution, to better use the resources and 6227 increase the efficiency of the CPU. When multithreading 6228 is disabled, only one thread is permitted to run on 6229 each core, which can provide higher or more predictable 6230 performance for some workloads. 6231 type: boolean 6232 isTrustedPlatformModuleEnabled: 6233 description: Whether the Trusted Platform Module (TPM) 6234 is enabled on the instance. 6235 type: boolean 6236 numaNodesPerSocket: 6237 description: 'The number of NUMA nodes per socket (NPS). 6238 The following values are supported: * `NPS0` * `NPS1` 6239 * `NPS2` * `NPS4`' 6240 type: string 6241 percentageOfCoresEnabled: 6242 description: The percentage of cores enabled. Value must 6243 be a multiple of 25%. If the requested percentage results 6244 in a fractional number of cores, the system rounds up 6245 the number of cores across processors and provisions 6246 an instance with a whole number of cores. If the applications 6247 that you run on the instance use a core-based licensing 6248 model and need fewer cores than the full size of the 6249 shape, you can disable cores to reduce your licensing 6250 costs. The instance itself is billed for the full shape, 6251 regardless of whether all cores are enabled. 6252 type: integer 6253 type: object 6254 amdVmPlatformConfig: 6255 description: AmdMilanBmPlatformConfig describe AMD VM platform 6256 configuration 6257 properties: 6258 isMeasuredBootEnabled: 6259 description: Whether the Measured Boot feature is enabled 6260 on the instance. 6261 type: boolean 6262 isMemoryEncryptionEnabled: 6263 description: Whether the instance is a confidential instance. 6264 If this value is `true`, the instance is a confidential 6265 instance. The default value is `false`. 6266 type: boolean 6267 isSecureBootEnabled: 6268 description: Whether Secure Boot is enabled on the instance. 6269 type: boolean 6270 isTrustedPlatformModuleEnabled: 6271 description: Whether the Trusted Platform Module (TPM) 6272 is enabled on the instance. 6273 type: boolean 6274 type: object 6275 intelIcelakeBmPlatformConfig: 6276 description: AmdMilanBmPlatformConfig describe Intel Skylke 6277 BM platform configuration 6278 properties: 6279 isInputOutputMemoryManagementUnitEnabled: 6280 description: Whether the input-output memory management 6281 unit is enabled. 6282 type: boolean 6283 isMeasuredBootEnabled: 6284 description: Whether the Measured Boot feature is enabled 6285 on the instance. 6286 type: boolean 6287 isMemoryEncryptionEnabled: 6288 description: Whether the instance is a confidential instance. 6289 If this value is `true`, the instance is a confidential 6290 instance. The default value is `false`. 6291 type: boolean 6292 isSecureBootEnabled: 6293 description: Whether Secure Boot is enabled on the instance. 6294 type: boolean 6295 isSymmetricMultiThreadingEnabled: 6296 description: Whether symmetric multithreading is enabled 6297 on the instance. Symmetric multithreading is also called 6298 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6299 Intel and AMD processors have two hardware execution 6300 threads per core (OCPU). SMT permits multiple independent 6301 threads of execution, to better use the resources and 6302 increase the efficiency of the CPU. When multithreading 6303 is disabled, only one thread is permitted to run on 6304 each core, which can provide higher or more predictable 6305 performance for some workloads. 6306 type: boolean 6307 isTrustedPlatformModuleEnabled: 6308 description: Whether the Trusted Platform Module (TPM) 6309 is enabled on the instance. 6310 type: boolean 6311 numaNodesPerSocket: 6312 description: 'The number of NUMA nodes per socket (NPS). 6313 The following values are supported: * `NPS1` * `NPS2`' 6314 type: string 6315 percentageOfCoresEnabled: 6316 description: The percentage of cores enabled. Value must 6317 be a multiple of 25%. If the requested percentage results 6318 in a fractional number of cores, the system rounds up 6319 the number of cores across processors and provisions 6320 an instance with a whole number of cores. If the applications 6321 that you run on the instance use a core-based licensing 6322 model and need fewer cores than the full size of the 6323 shape, you can disable cores to reduce your licensing 6324 costs. The instance itself is billed for the full shape, 6325 regardless of whether all cores are enabled. 6326 type: integer 6327 type: object 6328 intelSkylakeBmPlatformConfig: 6329 description: AmdMilanBmPlatformConfig describe Intel Skylke 6330 BM platform configuration 6331 properties: 6332 isMeasuredBootEnabled: 6333 description: Whether the Measured Boot feature is enabled 6334 on the instance. 6335 type: boolean 6336 isMemoryEncryptionEnabled: 6337 description: Whether the instance is a confidential instance. 6338 If this value is `true`, the instance is a confidential 6339 instance. The default value is `false`. 6340 type: boolean 6341 isSecureBootEnabled: 6342 description: Whether Secure Boot is enabled on the instance. 6343 type: boolean 6344 isTrustedPlatformModuleEnabled: 6345 description: Whether the Trusted Platform Module (TPM) 6346 is enabled on the instance. 6347 type: boolean 6348 type: object 6349 intelVmPlatformConfig: 6350 description: AmdMilanBmPlatformConfig describe Intel VM platform 6351 configuration 6352 properties: 6353 isMeasuredBootEnabled: 6354 description: Whether the Measured Boot feature is enabled 6355 on the instance. 6356 type: boolean 6357 isMemoryEncryptionEnabled: 6358 description: Whether the instance is a confidential instance. 6359 If this value is `true`, the instance is a confidential 6360 instance. The default value is `false`. 6361 type: boolean 6362 isSecureBootEnabled: 6363 description: Whether Secure Boot is enabled on the instance. 6364 type: boolean 6365 isTrustedPlatformModuleEnabled: 6366 description: Whether the Trusted Platform Module (TPM) 6367 is enabled on the instance. 6368 type: boolean 6369 type: object 6370 platformConfigType: 6371 description: The type of platform configuration. Valid values 6372 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 6373 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 6374 Based on the enum, exactly one of the specific configuration 6375 types must be set 6376 type: string 6377 type: object 6378 preemptibleInstanceConfig: 6379 description: PreemptibleInstanceConfig Configuration options for 6380 preemptible instances. 6381 properties: 6382 terminatePreemptionAction: 6383 description: TerminatePreemptionAction terminates the preemptible 6384 instance when it is interrupted for eviction. 6385 properties: 6386 preserveBootVolume: 6387 description: PreserveBootVolume defines whether to preserve 6388 the boot volume that was used to launch the preemptible 6389 instance when the instance is terminated. Defaults to 6390 false if not specified. 6391 type: boolean 6392 type: object 6393 type: object 6394 shape: 6395 type: string 6396 shapeConfig: 6397 description: The shape configuration of the instance, applicable 6398 for flex instances. 6399 properties: 6400 baselineOcpuUtilization: 6401 description: 'The baseline OCPU utilization for a subcore 6402 burstable VM instance. Leave this attribute blank for a 6403 non-burstable instance, or explicitly specify non-burstable 6404 with `BASELINE_1_1`. The following values are supported: 6405 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` 6406 - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline 6407 usage is an entire OCPU. This represents a non-burstable 6408 instance.' 6409 type: string 6410 memoryInGBs: 6411 description: The total amount of memory available to the instance, 6412 in gigabytes. 6413 type: string 6414 nvmes: 6415 description: Nvmes defines the number of NVMe drives to be 6416 used for storage. A single drive has 6.8 TB available. 6417 type: integer 6418 ocpus: 6419 description: The total number of OCPUs available to the instance. 6420 type: string 6421 type: object 6422 type: object 6423 ocid: 6424 description: OCID is the OCID of the associated InstancePool 6425 type: string 6426 placementDetails: 6427 description: PlacementDetails defines the placement details of the 6428 instance pool. 6429 items: 6430 properties: 6431 availabilityDomain: 6432 description: The availability domain to place instances. 6433 type: integer 6434 required: 6435 - availabilityDomain 6436 type: object 6437 type: array 6438 providerID: 6439 description: ProviderID is the OCID of the associated InstancePool 6440 in a provider format 6441 type: string 6442 providerIDList: 6443 description: ProviderIDList are the identification IDs of machine 6444 instances provided by the provider. This field must match the provider 6445 IDs as seen on the node objects corresponding to a machine pool's 6446 machine instances. 6447 items: 6448 type: string 6449 type: array 6450 type: object 6451 status: 6452 description: OCIMachinePoolStatus defines the observed state of OCIMachinePool 6453 properties: 6454 conditions: 6455 description: Conditions defines current service state of the OCIMachinePool. 6456 items: 6457 description: Condition defines an observation of a Cluster API resource 6458 operational state. 6459 properties: 6460 lastTransitionTime: 6461 description: Last time the condition transitioned from one status 6462 to another. This should be when the underlying condition changed. 6463 If that is not known, then using the time when the API field 6464 changed is acceptable. 6465 format: date-time 6466 type: string 6467 message: 6468 description: A human readable message indicating details about 6469 the transition. This field may be empty. 6470 type: string 6471 reason: 6472 description: The reason for the condition's last transition 6473 in CamelCase. The specific API may choose whether or not this 6474 field is considered a guaranteed API. This field may not be 6475 empty. 6476 type: string 6477 severity: 6478 description: Severity provides an explicit classification of 6479 Reason code, so the users or machines can immediately understand 6480 the current situation and act accordingly. The Severity field 6481 MUST be set only when Status=False. 6482 type: string 6483 status: 6484 description: Status of the condition, one of True, False, Unknown. 6485 type: string 6486 type: 6487 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 6488 Many .condition.type values are consistent across resources 6489 like Available, but because arbitrary conditions can be useful 6490 (see .node.status.conditions), the ability to deconflict is 6491 important. 6492 type: string 6493 required: 6494 - lastTransitionTime 6495 - status 6496 - type 6497 type: object 6498 type: array 6499 failureMessage: 6500 type: string 6501 failureReason: 6502 description: MachineStatusError defines errors states for Machine 6503 objects. 6504 type: string 6505 ready: 6506 description: Ready is true when the provider resource is ready. 6507 type: boolean 6508 replicas: 6509 description: Replicas is the most recently observed number of replicas 6510 format: int32 6511 type: integer 6512 type: object 6513 type: object 6514 served: true 6515 storage: true 6516 subresources: 6517 status: {} 6518 --- 6519 apiVersion: apiextensions.k8s.io/v1 6520 kind: CustomResourceDefinition 6521 metadata: 6522 annotations: 6523 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 6524 controller-gen.kubebuilder.io/version: v0.10.0 6525 labels: 6526 cluster.x-k8s.io/provider: infrastructure-oci 6527 cluster.x-k8s.io/v1beta1: v1beta1 6528 name: ocimachines.infrastructure.cluster.x-k8s.io 6529 spec: 6530 conversion: 6531 strategy: Webhook 6532 webhook: 6533 clientConfig: 6534 service: 6535 name: capoci-webhook-service 6536 namespace: cluster-api-provider-oci-system 6537 path: /convert 6538 conversionReviewVersions: 6539 - v1 6540 - v1beta1 6541 group: infrastructure.cluster.x-k8s.io 6542 names: 6543 kind: OCIMachine 6544 listKind: OCIMachineList 6545 plural: ocimachines 6546 singular: ocimachine 6547 scope: Namespaced 6548 versions: 6549 - name: v1beta1 6550 schema: 6551 openAPIV3Schema: 6552 description: OCIMachine is the Schema for the ocimachines API. 6553 properties: 6554 apiVersion: 6555 description: 'APIVersion defines the versioned schema of this representation 6556 of an object. Servers should convert recognized schemas to the latest 6557 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6558 type: string 6559 kind: 6560 description: 'Kind is a string value representing the REST resource this 6561 object represents. Servers may infer this from the endpoint the client 6562 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6563 type: string 6564 metadata: 6565 type: object 6566 spec: 6567 description: OCIMachineSpec defines the desired state of OCIMachine Please 6568 read the API https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance 6569 for more information about the parameters below 6570 properties: 6571 agentConfig: 6572 description: AgentConfig defines the options for the Oracle Cloud 6573 Agent software running on the instance. 6574 properties: 6575 areAllPluginsDisabled: 6576 description: AreAllPluginsDisabled defines whether Oracle Cloud 6577 Agent can run all the available plugins. This includes the management 6578 and monitoring plugins. To get a list of available plugins, 6579 use the ListInstanceagentAvailablePlugins operation in the Oracle 6580 Cloud Agent API. For more information about the available plugins, 6581 see Managing Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6582 type: boolean 6583 isManagementDisabled: 6584 description: 'IsManagementDisabled defines whether Oracle Cloud 6585 Agent can run all the available management plugins. Default 6586 value is false (management plugins are enabled). These are the 6587 management plugins: OS Management Service Agent and Compute 6588 Instance Run Command. The management plugins are controlled 6589 by this parameter and by the per-plugin configuration in the 6590 `pluginsConfig` object. - If `isManagementDisabled` is true, 6591 all of the management plugins are disabled, regardless of the 6592 per-plugin configuration. - If `isManagementDisabled` is false, 6593 all of the management plugins are enabled. You can optionally 6594 disable individual management plugins by providing a value in 6595 the `pluginsConfig` object.' 6596 type: boolean 6597 isMonitoringDisabled: 6598 description: 'IsMonitoringDisabled defines whether Oracle Cloud 6599 Agent can gather performance metrics and monitor the instance 6600 using the monitoring plugins. Default value is false (monitoring 6601 plugins are enabled). These are the monitoring plugins: Compute 6602 Instance Monitoring and Custom Logs Monitoring. The monitoring 6603 plugins are controlled by this parameter and by the per-plugin 6604 configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` 6605 is true, all of the monitoring plugins are disabled, regardless 6606 of the per-plugin configuration. - If `isMonitoringDisabled` 6607 is false, all of the monitoring plugins are enabled. You can 6608 optionally disable individual monitoring plugins by providing 6609 a value in the `pluginsConfig` object.' 6610 type: boolean 6611 pluginsConfigs: 6612 description: PluginsConfig defines the configuration of plugins 6613 associated with this instance. 6614 items: 6615 description: InstanceAgentPluginConfig defines the configuration 6616 of plugins associated with this instance. 6617 properties: 6618 desiredState: 6619 description: 'DesiredState defines whether the plugin should 6620 be enabled or disabled. To enable the monitoring and management 6621 plugins, the `isMonitoringDisabled` and `isManagementDisabled` 6622 attributes must also be set to false. The following values 6623 are supported: * `ENABLED` * `DISABLED`' 6624 type: string 6625 name: 6626 description: Name defines the name of the plugin. To get 6627 a list of available plugins, use the ListInstanceagentAvailablePlugins 6628 operation in the Oracle Cloud Agent API. For more information 6629 about the available plugins, see Managing Plugins with 6630 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6631 type: string 6632 type: object 6633 type: array 6634 type: object 6635 availabilityConfig: 6636 description: LaunchInstanceAvailabilityConfig defines the options 6637 for VM migration during infrastructure maintenance events and for 6638 defining the availability of a VM instance after a maintenance event 6639 that impacts the underlying hardware. 6640 properties: 6641 isLiveMigrationPreferred: 6642 description: IsLiveMigrationPreferred defines whether to live 6643 migrate supported VM instances to a healthy physical VM host 6644 without disrupting running instances during infrastructure maintenance 6645 events. If null, Oracle chooses the best option for migrating 6646 the VM during infrastructure maintenance events. 6647 type: boolean 6648 recoveryAction: 6649 description: RecoveryAction defines the lifecycle state for an 6650 instance when it is recovered after infrastructure maintenance. 6651 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 6652 state it was in before the maintenance event. If the instance 6653 was running, it is automatically rebooted. This is the default 6654 action when a value is not set. * `STOP_INSTANCE` - The instance 6655 is recovered in the stopped state. 6656 type: string 6657 type: object 6658 bootVolumeSizeInGBs: 6659 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 6660 to extend the boot volume size. 6661 type: string 6662 capacityReservationId: 6663 description: CapacityReservationId defines the OCID of the compute 6664 capacity reservation this instance is launched under. You can opt 6665 out of all default reservations by specifying an empty string as 6666 input for this field. For more information, see Capacity Reservations 6667 (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 6668 type: string 6669 compartmentId: 6670 description: Compartment to launch the instance in. 6671 type: string 6672 dedicatedVmHostId: 6673 description: DedicatedVmHostId defines the OCID of the dedicated VM 6674 host. 6675 type: string 6676 definedTags: 6677 additionalProperties: 6678 additionalProperties: 6679 type: string 6680 type: object 6681 description: 'Defined tags for this resource. Each key is predefined 6682 and scoped to a namespace. For more information, see Resource Tags 6683 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 6684 Example: `{"Operations": {"CostCenter": "42"}}`' 6685 type: object 6686 freeformTags: 6687 additionalProperties: 6688 type: string 6689 description: Free-form tags for this resource. 6690 type: object 6691 imageId: 6692 description: OCID of the image to be used to launch the instance. 6693 type: string 6694 instanceId: 6695 description: OCID of launched compute instance. 6696 type: string 6697 instanceOptions: 6698 description: InstanceOptions defines the instance options 6699 properties: 6700 areLegacyImdsEndpointsDisabled: 6701 description: Whether to disable the legacy (/v1) instance metadata 6702 service endpoints. Customers who have migrated to /v2 should 6703 set this to true for added security. Default is false. 6704 type: boolean 6705 type: object 6706 instanceSourceViaImageConfig: 6707 description: InstanceSourceViaImageConfig defines the options for 6708 booting up instances via images 6709 properties: 6710 bootVolumeVpusPerGB: 6711 description: 'BootVolumeVpusPerGB defines the number of volume 6712 performance units (VPUs) that will be applied to this volume 6713 per GB, representing the Block Volume service''s elastic performance 6714 options. See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 6715 for more information. Allowed values: * `10`: Represents Balanced 6716 option. * `20`: Represents Higher Performance option. * `30`-`120`: 6717 Represents the Ultra High Performance option. For volumes with 6718 the auto-tuned performance feature enabled, this is set to the 6719 default (minimum) VPUs/GB.' 6720 format: int64 6721 type: integer 6722 kmsKeyId: 6723 description: KmsKeyId defines the OCID of the Key Management key 6724 to assign as the master encryption key for the boot volume. 6725 type: string 6726 type: object 6727 ipxeScript: 6728 type: string 6729 isPvEncryptionInTransitEnabled: 6730 description: Is in transit encryption of volumes required. 6731 type: boolean 6732 launchOptions: 6733 description: LaunchOptions defines the options for tuning the compatibility 6734 and performance of VM shapes 6735 properties: 6736 bootVolumeType: 6737 description: BootVolumeType defines Emulation type for the boot 6738 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 6739 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 6740 - Direct attached Virtual Function storage. This is the default 6741 option for local data volumes on platform images. * `PARAVIRTUALIZED` 6742 - Paravirtualized disk. This is the default for boot volumes 6743 and remote block storage volumes on platform images. 6744 type: string 6745 firmware: 6746 description: Firmware defines the firmware used to boot VM. Select 6747 the option that matches your operating system. * `BIOS` - Boot 6748 VM using BIOS style firmware. This is compatible with both 32 6749 bit and 64 bit operating systems that boot using MBR style bootloaders. 6750 * `UEFI_64` - Boot VM using UEFI style firmware compatible with 6751 64 bit operating systems. This is the default for platform images. 6752 type: string 6753 isConsistentVolumeNamingEnabled: 6754 description: IsConsistentVolumeNamingEnabled defines whether to 6755 enable consistent volume naming feature. Defaults to false. 6756 type: boolean 6757 networkType: 6758 description: NetworkType defines the emulation type for the physical 6759 network interface card (NIC). * `E1000` - Emulated Gigabit ethernet 6760 controller. Compatible with Linux e1000 network driver. * `VFIO` 6761 - Direct attached Virtual Function network controller. This 6762 is the networking type when you launch an instance using hardware-assisted 6763 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch 6764 with paravirtualized devices using VirtIO drivers. 6765 type: string 6766 remoteDataVolumeType: 6767 description: RemoteDataVolumeType defines the emulation type for 6768 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 6769 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 6770 - Direct attached Virtual Function storage. This is the default 6771 option for local data volumes on platform images. * `PARAVIRTUALIZED` 6772 - Paravirtualized disk. This is the default for boot volumes 6773 and remote block storage volumes on platform images. 6774 type: string 6775 type: object 6776 metadata: 6777 additionalProperties: 6778 type: string 6779 description: Custom metadata key/value pairs that you provide, such 6780 as the SSH public key required to connect to the instance. 6781 type: object 6782 networkDetails: 6783 description: NetworkDetails defines the configuration options for 6784 the network 6785 properties: 6786 assignPrivateDnsRecord: 6787 description: AssignPrivateDnsRecord defines whether the VNIC should 6788 be assigned a DNS record. 6789 type: boolean 6790 assignPublicIp: 6791 description: AssignPublicIp defines whether the instance should 6792 have a public IP address 6793 type: boolean 6794 displayName: 6795 description: DisplayName defines a user-friendly name. Does not 6796 have to be unique, and it's changeable. Avoid entering confidential 6797 information. 6798 type: string 6799 hostnameLabel: 6800 description: HostnameLabel defines the hostname for the VNIC's 6801 primary private IP. Used for DNS. 6802 type: string 6803 nsgId: 6804 description: NSGId defines the ID of the NSG to use. This parameter 6805 takes priority over NsgNames. 6806 type: string 6807 nsgNames: 6808 description: NsgNames defines a list of the nsg names of the network 6809 security groups (NSGs) to add the VNIC to. 6810 items: 6811 type: string 6812 type: array 6813 skipSourceDestCheck: 6814 description: SkipSourceDestCheck defines whether the source/destination 6815 check is disabled on the VNIC. 6816 type: boolean 6817 subnetId: 6818 description: SubnetId defines the ID of the subnet to use. This 6819 parameter takes priority over SubnetName. 6820 type: string 6821 subnetName: 6822 description: SubnetName defines the subnet name to use for the 6823 VNIC 6824 type: string 6825 type: object 6826 nsgName: 6827 description: The name of NSG to use. The name here refers to the NSGs 6828 defined in the OCICluster Spec. Optional, only if multiple NSGs 6829 of a type is defined, else the first element is used. Deprecated, 6830 please use NetworkDetails.NSGNames 6831 type: string 6832 platformConfig: 6833 description: PlatformConfig defines the platform config parameters 6834 properties: 6835 amdMilanBmPlatformConfig: 6836 description: AmdMilanBmPlatformConfig describe AMD Milan BM platform 6837 configuration 6838 properties: 6839 areVirtualInstructionsEnabled: 6840 description: Whether virtualization instructions are available. 6841 For example, Secure Virtual Machine for AMD shapes or VT-x 6842 for Intel shapes. 6843 type: boolean 6844 isAccessControlServiceEnabled: 6845 description: Whether the Access Control Service is enabled 6846 on the instance. When enabled, the platform can enforce 6847 PCIe device isolation, required for VFIO device pass-through. 6848 type: boolean 6849 isInputOutputMemoryManagementUnitEnabled: 6850 description: Whether the input-output memory management unit 6851 is enabled. 6852 type: boolean 6853 isMeasuredBootEnabled: 6854 description: Whether the Measured Boot feature is enabled 6855 on the instance. 6856 type: boolean 6857 isMemoryEncryptionEnabled: 6858 description: Whether the instance is a confidential instance. 6859 If this value is `true`, the instance is a confidential 6860 instance. The default value is `false`. 6861 type: boolean 6862 isSecureBootEnabled: 6863 description: Whether Secure Boot is enabled on the instance. 6864 type: boolean 6865 isSymmetricMultiThreadingEnabled: 6866 description: Whether symmetric multithreading is enabled on 6867 the instance. Symmetric multithreading is also called simultaneous 6868 multithreading (SMT) or Intel Hyper-Threading. Intel and 6869 AMD processors have two hardware execution threads per core 6870 (OCPU). SMT permits multiple independent threads of execution, 6871 to better use the resources and increase the efficiency 6872 of the CPU. When multithreading is disabled, only one thread 6873 is permitted to run on each core, which can provide higher 6874 or more predictable performance for some workloads. 6875 type: boolean 6876 isTrustedPlatformModuleEnabled: 6877 description: Whether the Trusted Platform Module (TPM) is 6878 enabled on the instance. 6879 type: boolean 6880 numaNodesPerSocket: 6881 description: 'The number of NUMA nodes per socket (NPS). The 6882 following values are supported: * `NPS0` * `NPS1` * `NPS2` 6883 * `NPS4`' 6884 type: string 6885 percentageOfCoresEnabled: 6886 description: The percentage of cores enabled. Value must be 6887 a multiple of 25%. If the requested percentage results in 6888 a fractional number of cores, the system rounds up the number 6889 of cores across processors and provisions an instance with 6890 a whole number of cores. If the applications that you run 6891 on the instance use a core-based licensing model and need 6892 fewer cores than the full size of the shape, you can disable 6893 cores to reduce your licensing costs. The instance itself 6894 is billed for the full shape, regardless of whether all 6895 cores are enabled. 6896 type: integer 6897 type: object 6898 amdRomeBmGpuPlatformConfig: 6899 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 6900 configuration 6901 properties: 6902 areVirtualInstructionsEnabled: 6903 description: Whether virtualization instructions are available. 6904 For example, Secure Virtual Machine for AMD shapes or VT-x 6905 for Intel shapes. 6906 type: boolean 6907 isAccessControlServiceEnabled: 6908 description: Whether the Access Control Service is enabled 6909 on the instance. When enabled, the platform can enforce 6910 PCIe device isolation, required for VFIO device pass-through. 6911 type: boolean 6912 isInputOutputMemoryManagementUnitEnabled: 6913 description: Whether the input-output memory management unit 6914 is enabled. 6915 type: boolean 6916 isMeasuredBootEnabled: 6917 description: Whether the Measured Boot feature is enabled 6918 on the instance. 6919 type: boolean 6920 isMemoryEncryptionEnabled: 6921 description: Whether the instance is a confidential instance. 6922 If this value is `true`, the instance is a confidential 6923 instance. The default value is `false`. 6924 type: boolean 6925 isSecureBootEnabled: 6926 description: Whether Secure Boot is enabled on the instance. 6927 type: boolean 6928 isSymmetricMultiThreadingEnabled: 6929 description: Whether symmetric multithreading is enabled on 6930 the instance. Symmetric multithreading is also called simultaneous 6931 multithreading (SMT) or Intel Hyper-Threading. Intel and 6932 AMD processors have two hardware execution threads per core 6933 (OCPU). SMT permits multiple independent threads of execution, 6934 to better use the resources and increase the efficiency 6935 of the CPU. When multithreading is disabled, only one thread 6936 is permitted to run on each core, which can provide higher 6937 or more predictable performance for some workloads. 6938 type: boolean 6939 isTrustedPlatformModuleEnabled: 6940 description: Whether the Trusted Platform Module (TPM) is 6941 enabled on the instance. 6942 type: boolean 6943 numaNodesPerSocket: 6944 description: 'The number of NUMA nodes per socket (NPS). The 6945 following values are supported: * `NPS0` * `NPS1` * `NPS2` 6946 * `NPS4`' 6947 type: string 6948 type: object 6949 amdRomeBmPlatformConfig: 6950 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 6951 configuration 6952 properties: 6953 areVirtualInstructionsEnabled: 6954 description: Whether virtualization instructions are available. 6955 For example, Secure Virtual Machine for AMD shapes or VT-x 6956 for Intel shapes. 6957 type: boolean 6958 isAccessControlServiceEnabled: 6959 description: Whether the Access Control Service is enabled 6960 on the instance. When enabled, the platform can enforce 6961 PCIe device isolation, required for VFIO device pass-through. 6962 type: boolean 6963 isInputOutputMemoryManagementUnitEnabled: 6964 description: Whether the input-output memory management unit 6965 is enabled. 6966 type: boolean 6967 isMeasuredBootEnabled: 6968 description: Whether the Measured Boot feature is enabled 6969 on the instance. 6970 type: boolean 6971 isMemoryEncryptionEnabled: 6972 description: Whether the instance is a confidential instance. 6973 If this value is `true`, the instance is a confidential 6974 instance. The default value is `false`. 6975 type: boolean 6976 isSecureBootEnabled: 6977 description: Whether Secure Boot is enabled on the instance. 6978 type: boolean 6979 isSymmetricMultiThreadingEnabled: 6980 description: Whether symmetric multithreading is enabled on 6981 the instance. Symmetric multithreading is also called simultaneous 6982 multithreading (SMT) or Intel Hyper-Threading. Intel and 6983 AMD processors have two hardware execution threads per core 6984 (OCPU). SMT permits multiple independent threads of execution, 6985 to better use the resources and increase the efficiency 6986 of the CPU. When multithreading is disabled, only one thread 6987 is permitted to run on each core, which can provide higher 6988 or more predictable performance for some workloads. 6989 type: boolean 6990 isTrustedPlatformModuleEnabled: 6991 description: Whether the Trusted Platform Module (TPM) is 6992 enabled on the instance. 6993 type: boolean 6994 numaNodesPerSocket: 6995 description: 'The number of NUMA nodes per socket (NPS). The 6996 following values are supported: * `NPS0` * `NPS1` * `NPS2` 6997 * `NPS4`' 6998 type: string 6999 percentageOfCoresEnabled: 7000 description: The percentage of cores enabled. Value must be 7001 a multiple of 25%. If the requested percentage results in 7002 a fractional number of cores, the system rounds up the number 7003 of cores across processors and provisions an instance with 7004 a whole number of cores. If the applications that you run 7005 on the instance use a core-based licensing model and need 7006 fewer cores than the full size of the shape, you can disable 7007 cores to reduce your licensing costs. The instance itself 7008 is billed for the full shape, regardless of whether all 7009 cores are enabled. 7010 type: integer 7011 type: object 7012 amdVmPlatformConfig: 7013 description: AmdMilanBmPlatformConfig describe AMD VM platform 7014 configuration 7015 properties: 7016 isMeasuredBootEnabled: 7017 description: Whether the Measured Boot feature is enabled 7018 on the instance. 7019 type: boolean 7020 isMemoryEncryptionEnabled: 7021 description: Whether the instance is a confidential instance. 7022 If this value is `true`, the instance is a confidential 7023 instance. The default value is `false`. 7024 type: boolean 7025 isSecureBootEnabled: 7026 description: Whether Secure Boot is enabled on the instance. 7027 type: boolean 7028 isTrustedPlatformModuleEnabled: 7029 description: Whether the Trusted Platform Module (TPM) is 7030 enabled on the instance. 7031 type: boolean 7032 type: object 7033 intelIcelakeBmPlatformConfig: 7034 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7035 platform configuration 7036 properties: 7037 isInputOutputMemoryManagementUnitEnabled: 7038 description: Whether the input-output memory management unit 7039 is enabled. 7040 type: boolean 7041 isMeasuredBootEnabled: 7042 description: Whether the Measured Boot feature is enabled 7043 on the instance. 7044 type: boolean 7045 isMemoryEncryptionEnabled: 7046 description: Whether the instance is a confidential instance. 7047 If this value is `true`, the instance is a confidential 7048 instance. The default value is `false`. 7049 type: boolean 7050 isSecureBootEnabled: 7051 description: Whether Secure Boot is enabled on the instance. 7052 type: boolean 7053 isSymmetricMultiThreadingEnabled: 7054 description: Whether symmetric multithreading is enabled on 7055 the instance. Symmetric multithreading is also called simultaneous 7056 multithreading (SMT) or Intel Hyper-Threading. Intel and 7057 AMD processors have two hardware execution threads per core 7058 (OCPU). SMT permits multiple independent threads of execution, 7059 to better use the resources and increase the efficiency 7060 of the CPU. When multithreading is disabled, only one thread 7061 is permitted to run on each core, which can provide higher 7062 or more predictable performance for some workloads. 7063 type: boolean 7064 isTrustedPlatformModuleEnabled: 7065 description: Whether the Trusted Platform Module (TPM) is 7066 enabled on the instance. 7067 type: boolean 7068 numaNodesPerSocket: 7069 description: 'The number of NUMA nodes per socket (NPS). The 7070 following values are supported: * `NPS1` * `NPS2`' 7071 type: string 7072 percentageOfCoresEnabled: 7073 description: The percentage of cores enabled. Value must be 7074 a multiple of 25%. If the requested percentage results in 7075 a fractional number of cores, the system rounds up the number 7076 of cores across processors and provisions an instance with 7077 a whole number of cores. If the applications that you run 7078 on the instance use a core-based licensing model and need 7079 fewer cores than the full size of the shape, you can disable 7080 cores to reduce your licensing costs. The instance itself 7081 is billed for the full shape, regardless of whether all 7082 cores are enabled. 7083 type: integer 7084 type: object 7085 intelSkylakeBmPlatformConfig: 7086 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7087 platform configuration 7088 properties: 7089 isMeasuredBootEnabled: 7090 description: Whether the Measured Boot feature is enabled 7091 on the instance. 7092 type: boolean 7093 isMemoryEncryptionEnabled: 7094 description: Whether the instance is a confidential instance. 7095 If this value is `true`, the instance is a confidential 7096 instance. The default value is `false`. 7097 type: boolean 7098 isSecureBootEnabled: 7099 description: Whether Secure Boot is enabled on the instance. 7100 type: boolean 7101 isTrustedPlatformModuleEnabled: 7102 description: Whether the Trusted Platform Module (TPM) is 7103 enabled on the instance. 7104 type: boolean 7105 type: object 7106 intelVmPlatformConfig: 7107 description: AmdMilanBmPlatformConfig describe Intel VM platform 7108 configuration 7109 properties: 7110 isMeasuredBootEnabled: 7111 description: Whether the Measured Boot feature is enabled 7112 on the instance. 7113 type: boolean 7114 isMemoryEncryptionEnabled: 7115 description: Whether the instance is a confidential instance. 7116 If this value is `true`, the instance is a confidential 7117 instance. The default value is `false`. 7118 type: boolean 7119 isSecureBootEnabled: 7120 description: Whether Secure Boot is enabled on the instance. 7121 type: boolean 7122 isTrustedPlatformModuleEnabled: 7123 description: Whether the Trusted Platform Module (TPM) is 7124 enabled on the instance. 7125 type: boolean 7126 type: object 7127 platformConfigType: 7128 description: The type of platform configuration. Valid values 7129 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 7130 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 7131 Based on the enum, exactly one of the specific configuration 7132 types must be set 7133 type: string 7134 type: object 7135 preemptibleInstanceConfig: 7136 description: PreemptibleInstanceConfig Configuration options for preemptible 7137 instances. 7138 properties: 7139 terminatePreemptionAction: 7140 description: TerminatePreemptionAction terminates the preemptible 7141 instance when it is interrupted for eviction. 7142 properties: 7143 preserveBootVolume: 7144 description: PreserveBootVolume defines whether to preserve 7145 the boot volume that was used to launch the preemptible 7146 instance when the instance is terminated. Defaults to false 7147 if not specified. 7148 type: boolean 7149 type: object 7150 type: object 7151 providerID: 7152 description: Provider ID of the instance, this will be set by Cluster 7153 API provider itself, users should not set this parameter. 7154 type: string 7155 shape: 7156 description: Shape of the instance. 7157 type: string 7158 shapeConfig: 7159 description: The shape configuration of rhe instance, applicable for 7160 flex instances. 7161 properties: 7162 baselineOcpuUtilization: 7163 description: 'The baseline OCPU utilization for a subcore burstable 7164 VM instance. Leave this attribute blank for a non-burstable 7165 instance, or explicitly specify non-burstable with `BASELINE_1_1`. 7166 The following values are supported: - `BASELINE_1_8` - baseline 7167 usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 7168 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire 7169 OCPU. This represents a non-burstable instance.' 7170 type: string 7171 memoryInGBs: 7172 description: The total amount of memory available to the instance, 7173 in gigabytes. 7174 type: string 7175 nvmes: 7176 description: Nvmes defines the number of NVMe drives to be used 7177 for storage. A single drive has 6.8 TB available. 7178 type: integer 7179 ocpus: 7180 description: The total number of OCPUs available to the instance. 7181 type: string 7182 type: object 7183 subnetName: 7184 description: The name of the subnet to use. The name here refers to 7185 the subnets defined in the OCICluster Spec. Optional, only if multiple 7186 subnets of a type is defined, else the first element is used. 7187 type: string 7188 vnicAttachments: 7189 description: VnicAttachments defines the configuration options for 7190 the vnic(s) attached to the machine The network bandwidth and number 7191 of VNICs scale proportionately with the number of OCPUs. 7192 items: 7193 properties: 7194 assignPublicIp: 7195 description: AssignPublicIp defines whether the vnic should 7196 have a public IP address 7197 type: boolean 7198 displayName: 7199 description: DisplayName defines a user-friendly name. Does 7200 not have to be unique. Avoid entering confidential information. 7201 type: string 7202 nicIndex: 7203 description: NicIndex defines which physical Network Interface 7204 Card (NIC) to use You can determine which NICs are active 7205 for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 7206 type: integer 7207 subnetName: 7208 description: SubnetName defines the subnet name to use for the 7209 VNIC Defaults to the "worker" subnet if not provided 7210 type: string 7211 vnicAttachmentId: 7212 description: VnicAttachmentId defines the ID of the VnicAttachment 7213 type: string 7214 required: 7215 - displayName 7216 type: object 7217 type: array 7218 type: object 7219 status: 7220 description: OCIMachineStatus defines the observed state of OCIMachine. 7221 properties: 7222 addresses: 7223 description: Addresses contains the addresses of the associated OCI 7224 instance. 7225 items: 7226 description: MachineAddress contains information for the node's 7227 address. 7228 properties: 7229 address: 7230 description: The machine address. 7231 type: string 7232 type: 7233 description: Machine address type, one of Hostname, ExternalIP, 7234 InternalIP, ExternalDNS or InternalDNS. 7235 type: string 7236 required: 7237 - address 7238 - type 7239 type: object 7240 type: array 7241 conditions: 7242 description: Conditions defines current service state of the OCIMachine. 7243 items: 7244 description: Condition defines an observation of a Cluster API resource 7245 operational state. 7246 properties: 7247 lastTransitionTime: 7248 description: Last time the condition transitioned from one status 7249 to another. This should be when the underlying condition changed. 7250 If that is not known, then using the time when the API field 7251 changed is acceptable. 7252 format: date-time 7253 type: string 7254 message: 7255 description: A human readable message indicating details about 7256 the transition. This field may be empty. 7257 type: string 7258 reason: 7259 description: The reason for the condition's last transition 7260 in CamelCase. The specific API may choose whether or not this 7261 field is considered a guaranteed API. This field may not be 7262 empty. 7263 type: string 7264 severity: 7265 description: Severity provides an explicit classification of 7266 Reason code, so the users or machines can immediately understand 7267 the current situation and act accordingly. The Severity field 7268 MUST be set only when Status=False. 7269 type: string 7270 status: 7271 description: Status of the condition, one of True, False, Unknown. 7272 type: string 7273 type: 7274 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 7275 Many .condition.type values are consistent across resources 7276 like Available, but because arbitrary conditions can be useful 7277 (see .node.status.conditions), the ability to deconflict is 7278 important. 7279 type: string 7280 required: 7281 - lastTransitionTime 7282 - status 7283 - type 7284 type: object 7285 type: array 7286 createBackendWorkRequestId: 7287 description: Create Backend OPC work request ID for the machine backend. 7288 type: string 7289 deleteBackendWorkRequestId: 7290 description: Delete Backend OPC work request ID for the machine backend. 7291 type: string 7292 failureMessage: 7293 description: The error message corresponding to the error on the machine. 7294 type: string 7295 failureReason: 7296 description: Error status on the machine. 7297 type: string 7298 launchInstanceWorkRequestId: 7299 description: Launch instance work request ID. 7300 type: string 7301 ready: 7302 description: Flag set to true when machine is ready. 7303 type: boolean 7304 type: object 7305 type: object 7306 served: true 7307 storage: false 7308 subresources: 7309 status: {} 7310 - name: v1beta2 7311 schema: 7312 openAPIV3Schema: 7313 description: OCIMachine is the Schema for the ocimachines API. 7314 properties: 7315 apiVersion: 7316 description: 'APIVersion defines the versioned schema of this representation 7317 of an object. Servers should convert recognized schemas to the latest 7318 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 7319 type: string 7320 kind: 7321 description: 'Kind is a string value representing the REST resource this 7322 object represents. Servers may infer this from the endpoint the client 7323 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 7324 type: string 7325 metadata: 7326 type: object 7327 spec: 7328 description: OCIMachineSpec defines the desired state of OCIMachine Please 7329 read the API https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance 7330 for more information about the parameters below 7331 properties: 7332 agentConfig: 7333 description: AgentConfig defines the options for the Oracle Cloud 7334 Agent software running on the instance. 7335 properties: 7336 areAllPluginsDisabled: 7337 description: AreAllPluginsDisabled defines whether Oracle Cloud 7338 Agent can run all the available plugins. This includes the management 7339 and monitoring plugins. To get a list of available plugins, 7340 use the ListInstanceagentAvailablePlugins operation in the Oracle 7341 Cloud Agent API. For more information about the available plugins, 7342 see Managing Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 7343 type: boolean 7344 isManagementDisabled: 7345 description: 'IsManagementDisabled defines whether Oracle Cloud 7346 Agent can run all the available management plugins. Default 7347 value is false (management plugins are enabled). These are the 7348 management plugins: OS Management Service Agent and Compute 7349 Instance Run Command. The management plugins are controlled 7350 by this parameter and by the per-plugin configuration in the 7351 `pluginsConfig` object. - If `isManagementDisabled` is true, 7352 all of the management plugins are disabled, regardless of the 7353 per-plugin configuration. - If `isManagementDisabled` is false, 7354 all of the management plugins are enabled. You can optionally 7355 disable individual management plugins by providing a value in 7356 the `pluginsConfig` object.' 7357 type: boolean 7358 isMonitoringDisabled: 7359 description: 'IsMonitoringDisabled defines whether Oracle Cloud 7360 Agent can gather performance metrics and monitor the instance 7361 using the monitoring plugins. Default value is false (monitoring 7362 plugins are enabled). These are the monitoring plugins: Compute 7363 Instance Monitoring and Custom Logs Monitoring. The monitoring 7364 plugins are controlled by this parameter and by the per-plugin 7365 configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` 7366 is true, all of the monitoring plugins are disabled, regardless 7367 of the per-plugin configuration. - If `isMonitoringDisabled` 7368 is false, all of the monitoring plugins are enabled. You can 7369 optionally disable individual monitoring plugins by providing 7370 a value in the `pluginsConfig` object.' 7371 type: boolean 7372 pluginsConfigs: 7373 description: PluginsConfig defines the configuration of plugins 7374 associated with this instance. 7375 items: 7376 description: InstanceAgentPluginConfig defines the configuration 7377 of plugins associated with this instance. 7378 properties: 7379 desiredState: 7380 description: 'DesiredState defines whether the plugin should 7381 be enabled or disabled. To enable the monitoring and management 7382 plugins, the `isMonitoringDisabled` and `isManagementDisabled` 7383 attributes must also be set to false. The following values 7384 are supported: * `ENABLED` * `DISABLED`' 7385 type: string 7386 name: 7387 description: Name defines the name of the plugin. To get 7388 a list of available plugins, use the ListInstanceagentAvailablePlugins 7389 operation in the Oracle Cloud Agent API. For more information 7390 about the available plugins, see Managing Plugins with 7391 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 7392 type: string 7393 type: object 7394 type: array 7395 type: object 7396 availabilityConfig: 7397 description: LaunchInstanceAvailabilityConfig defines the options 7398 for VM migration during infrastructure maintenance events and for 7399 defining the availability of a VM instance after a maintenance event 7400 that impacts the underlying hardware. 7401 properties: 7402 isLiveMigrationPreferred: 7403 description: IsLiveMigrationPreferred defines whether to live 7404 migrate supported VM instances to a healthy physical VM host 7405 without disrupting running instances during infrastructure maintenance 7406 events. If null, Oracle chooses the best option for migrating 7407 the VM during infrastructure maintenance events. 7408 type: boolean 7409 recoveryAction: 7410 description: RecoveryAction defines the lifecycle state for an 7411 instance when it is recovered after infrastructure maintenance. 7412 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 7413 state it was in before the maintenance event. If the instance 7414 was running, it is automatically rebooted. This is the default 7415 action when a value is not set. * `STOP_INSTANCE` - The instance 7416 is recovered in the stopped state. 7417 type: string 7418 type: object 7419 bootVolumeSizeInGBs: 7420 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 7421 to extend the boot volume size. 7422 type: string 7423 capacityReservationId: 7424 description: CapacityReservationId defines the OCID of the compute 7425 capacity reservation this instance is launched under. You can opt 7426 out of all default reservations by specifying an empty string as 7427 input for this field. For more information, see Capacity Reservations 7428 (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 7429 type: string 7430 compartmentId: 7431 description: Compartment to launch the instance in. 7432 type: string 7433 dedicatedVmHostId: 7434 description: DedicatedVmHostId defines the OCID of the dedicated VM 7435 host. 7436 type: string 7437 definedTags: 7438 additionalProperties: 7439 additionalProperties: 7440 type: string 7441 type: object 7442 description: 'Defined tags for this resource. Each key is predefined 7443 and scoped to a namespace. For more information, see Resource Tags 7444 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 7445 Example: `{"Operations": {"CostCenter": "42"}}`' 7446 type: object 7447 freeformTags: 7448 additionalProperties: 7449 type: string 7450 description: Free-form tags for this resource. 7451 type: object 7452 imageId: 7453 description: OCID of the image to be used to launch the instance. 7454 type: string 7455 instanceId: 7456 description: OCID of launched compute instance. 7457 type: string 7458 instanceOptions: 7459 description: InstanceOptions defines the instance options 7460 properties: 7461 areLegacyImdsEndpointsDisabled: 7462 description: Whether to disable the legacy (/v1) instance metadata 7463 service endpoints. Customers who have migrated to /v2 should 7464 set this to true for added security. Default is false. 7465 type: boolean 7466 type: object 7467 instanceSourceViaImageConfig: 7468 description: InstanceSourceViaImageConfig defines the options for 7469 booting up instances via images 7470 properties: 7471 bootVolumeVpusPerGB: 7472 description: 'BootVolumeVpusPerGB defines the number of volume 7473 performance units (VPUs) that will be applied to this volume 7474 per GB, representing the Block Volume service''s elastic performance 7475 options. See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 7476 for more information. Allowed values: * `10`: Represents Balanced 7477 option. * `20`: Represents Higher Performance option. * `30`-`120`: 7478 Represents the Ultra High Performance option. For volumes with 7479 the auto-tuned performance feature enabled, this is set to the 7480 default (minimum) VPUs/GB.' 7481 format: int64 7482 type: integer 7483 kmsKeyId: 7484 description: KmsKeyId defines the OCID of the Key Management key 7485 to assign as the master encryption key for the boot volume. 7486 type: string 7487 type: object 7488 ipxeScript: 7489 type: string 7490 isPvEncryptionInTransitEnabled: 7491 description: Is in transit encryption of volumes required. 7492 type: boolean 7493 launchOptions: 7494 description: LaunchOptions defines the options for tuning the compatibility 7495 and performance of VM shapes 7496 properties: 7497 bootVolumeType: 7498 description: BootVolumeType defines Emulation type for the boot 7499 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 7500 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 7501 - Direct attached Virtual Function storage. This is the default 7502 option for local data volumes on platform images. * `PARAVIRTUALIZED` 7503 - Paravirtualized disk. This is the default for boot volumes 7504 and remote block storage volumes on platform images. 7505 type: string 7506 firmware: 7507 description: Firmware defines the firmware used to boot VM. Select 7508 the option that matches your operating system. * `BIOS` - Boot 7509 VM using BIOS style firmware. This is compatible with both 32 7510 bit and 64 bit operating systems that boot using MBR style bootloaders. 7511 * `UEFI_64` - Boot VM using UEFI style firmware compatible with 7512 64 bit operating systems. This is the default for platform images. 7513 type: string 7514 isConsistentVolumeNamingEnabled: 7515 description: IsConsistentVolumeNamingEnabled defines whether to 7516 enable consistent volume naming feature. Defaults to false. 7517 type: boolean 7518 networkType: 7519 description: NetworkType defines the emulation type for the physical 7520 network interface card (NIC). * `E1000` - Emulated Gigabit ethernet 7521 controller. Compatible with Linux e1000 network driver. * `VFIO` 7522 - Direct attached Virtual Function network controller. This 7523 is the networking type when you launch an instance using hardware-assisted 7524 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch 7525 with paravirtualized devices using VirtIO drivers. 7526 type: string 7527 remoteDataVolumeType: 7528 description: RemoteDataVolumeType defines the emulation type for 7529 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 7530 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 7531 - Direct attached Virtual Function storage. This is the default 7532 option for local data volumes on platform images. * `PARAVIRTUALIZED` 7533 - Paravirtualized disk. This is the default for boot volumes 7534 and remote block storage volumes on platform images. 7535 type: string 7536 type: object 7537 metadata: 7538 additionalProperties: 7539 type: string 7540 description: Custom metadata key/value pairs that you provide, such 7541 as the SSH public key required to connect to the instance. 7542 type: object 7543 networkDetails: 7544 description: NetworkDetails defines the configuration options for 7545 the network 7546 properties: 7547 assignPrivateDnsRecord: 7548 description: AssignPrivateDnsRecord defines whether the VNIC should 7549 be assigned a DNS record. 7550 type: boolean 7551 assignPublicIp: 7552 description: AssignPublicIp defines whether the instance should 7553 have a public IP address 7554 type: boolean 7555 displayName: 7556 description: DisplayName defines a user-friendly name. Does not 7557 have to be unique, and it's changeable. Avoid entering confidential 7558 information. 7559 type: string 7560 hostnameLabel: 7561 description: HostnameLabel defines the hostname for the VNIC's 7562 primary private IP. Used for DNS. 7563 type: string 7564 nsgId: 7565 description: NSGId defines the ID of the NSG to use. This parameter 7566 takes priority over NsgNames. 7567 type: string 7568 nsgNames: 7569 description: NsgNames defines a list of the nsg names of the network 7570 security groups (NSGs) to add the VNIC to. 7571 items: 7572 type: string 7573 type: array 7574 skipSourceDestCheck: 7575 description: SkipSourceDestCheck defines whether the source/destination 7576 check is disabled on the VNIC. 7577 type: boolean 7578 subnetId: 7579 description: SubnetId defines the ID of the subnet to use. This 7580 parameter takes priority over SubnetName. 7581 type: string 7582 subnetName: 7583 description: SubnetName defines the subnet name to use for the 7584 VNIC 7585 type: string 7586 type: object 7587 platformConfig: 7588 description: PlatformConfig defines the platform config parameters 7589 properties: 7590 amdMilanBmPlatformConfig: 7591 description: AmdMilanBmPlatformConfig describe AMD Milan BM platform 7592 configuration 7593 properties: 7594 areVirtualInstructionsEnabled: 7595 description: Whether virtualization instructions are available. 7596 For example, Secure Virtual Machine for AMD shapes or VT-x 7597 for Intel shapes. 7598 type: boolean 7599 isAccessControlServiceEnabled: 7600 description: Whether the Access Control Service is enabled 7601 on the instance. When enabled, the platform can enforce 7602 PCIe device isolation, required for VFIO device pass-through. 7603 type: boolean 7604 isInputOutputMemoryManagementUnitEnabled: 7605 description: Whether the input-output memory management unit 7606 is enabled. 7607 type: boolean 7608 isMeasuredBootEnabled: 7609 description: Whether the Measured Boot feature is enabled 7610 on the instance. 7611 type: boolean 7612 isMemoryEncryptionEnabled: 7613 description: Whether the instance is a confidential instance. 7614 If this value is `true`, the instance is a confidential 7615 instance. The default value is `false`. 7616 type: boolean 7617 isSecureBootEnabled: 7618 description: Whether Secure Boot is enabled on the instance. 7619 type: boolean 7620 isSymmetricMultiThreadingEnabled: 7621 description: Whether symmetric multithreading is enabled on 7622 the instance. Symmetric multithreading is also called simultaneous 7623 multithreading (SMT) or Intel Hyper-Threading. Intel and 7624 AMD processors have two hardware execution threads per core 7625 (OCPU). SMT permits multiple independent threads of execution, 7626 to better use the resources and increase the efficiency 7627 of the CPU. When multithreading is disabled, only one thread 7628 is permitted to run on each core, which can provide higher 7629 or more predictable performance for some workloads. 7630 type: boolean 7631 isTrustedPlatformModuleEnabled: 7632 description: Whether the Trusted Platform Module (TPM) is 7633 enabled on the instance. 7634 type: boolean 7635 numaNodesPerSocket: 7636 description: 'The number of NUMA nodes per socket (NPS). The 7637 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7638 * `NPS4`' 7639 type: string 7640 percentageOfCoresEnabled: 7641 description: The percentage of cores enabled. Value must be 7642 a multiple of 25%. If the requested percentage results in 7643 a fractional number of cores, the system rounds up the number 7644 of cores across processors and provisions an instance with 7645 a whole number of cores. If the applications that you run 7646 on the instance use a core-based licensing model and need 7647 fewer cores than the full size of the shape, you can disable 7648 cores to reduce your licensing costs. The instance itself 7649 is billed for the full shape, regardless of whether all 7650 cores are enabled. 7651 type: integer 7652 type: object 7653 amdRomeBmGpuPlatformConfig: 7654 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7655 configuration 7656 properties: 7657 areVirtualInstructionsEnabled: 7658 description: Whether virtualization instructions are available. 7659 For example, Secure Virtual Machine for AMD shapes or VT-x 7660 for Intel shapes. 7661 type: boolean 7662 isAccessControlServiceEnabled: 7663 description: Whether the Access Control Service is enabled 7664 on the instance. When enabled, the platform can enforce 7665 PCIe device isolation, required for VFIO device pass-through. 7666 type: boolean 7667 isInputOutputMemoryManagementUnitEnabled: 7668 description: Whether the input-output memory management unit 7669 is enabled. 7670 type: boolean 7671 isMeasuredBootEnabled: 7672 description: Whether the Measured Boot feature is enabled 7673 on the instance. 7674 type: boolean 7675 isMemoryEncryptionEnabled: 7676 description: Whether the instance is a confidential instance. 7677 If this value is `true`, the instance is a confidential 7678 instance. The default value is `false`. 7679 type: boolean 7680 isSecureBootEnabled: 7681 description: Whether Secure Boot is enabled on the instance. 7682 type: boolean 7683 isSymmetricMultiThreadingEnabled: 7684 description: Whether symmetric multithreading is enabled on 7685 the instance. Symmetric multithreading is also called simultaneous 7686 multithreading (SMT) or Intel Hyper-Threading. Intel and 7687 AMD processors have two hardware execution threads per core 7688 (OCPU). SMT permits multiple independent threads of execution, 7689 to better use the resources and increase the efficiency 7690 of the CPU. When multithreading is disabled, only one thread 7691 is permitted to run on each core, which can provide higher 7692 or more predictable performance for some workloads. 7693 type: boolean 7694 isTrustedPlatformModuleEnabled: 7695 description: Whether the Trusted Platform Module (TPM) is 7696 enabled on the instance. 7697 type: boolean 7698 numaNodesPerSocket: 7699 description: 'The number of NUMA nodes per socket (NPS). The 7700 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7701 * `NPS4`' 7702 type: string 7703 type: object 7704 amdRomeBmPlatformConfig: 7705 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7706 configuration 7707 properties: 7708 areVirtualInstructionsEnabled: 7709 description: Whether virtualization instructions are available. 7710 For example, Secure Virtual Machine for AMD shapes or VT-x 7711 for Intel shapes. 7712 type: boolean 7713 isAccessControlServiceEnabled: 7714 description: Whether the Access Control Service is enabled 7715 on the instance. When enabled, the platform can enforce 7716 PCIe device isolation, required for VFIO device pass-through. 7717 type: boolean 7718 isInputOutputMemoryManagementUnitEnabled: 7719 description: Whether the input-output memory management unit 7720 is enabled. 7721 type: boolean 7722 isMeasuredBootEnabled: 7723 description: Whether the Measured Boot feature is enabled 7724 on the instance. 7725 type: boolean 7726 isMemoryEncryptionEnabled: 7727 description: Whether the instance is a confidential instance. 7728 If this value is `true`, the instance is a confidential 7729 instance. The default value is `false`. 7730 type: boolean 7731 isSecureBootEnabled: 7732 description: Whether Secure Boot is enabled on the instance. 7733 type: boolean 7734 isSymmetricMultiThreadingEnabled: 7735 description: Whether symmetric multithreading is enabled on 7736 the instance. Symmetric multithreading is also called simultaneous 7737 multithreading (SMT) or Intel Hyper-Threading. Intel and 7738 AMD processors have two hardware execution threads per core 7739 (OCPU). SMT permits multiple independent threads of execution, 7740 to better use the resources and increase the efficiency 7741 of the CPU. When multithreading is disabled, only one thread 7742 is permitted to run on each core, which can provide higher 7743 or more predictable performance for some workloads. 7744 type: boolean 7745 isTrustedPlatformModuleEnabled: 7746 description: Whether the Trusted Platform Module (TPM) is 7747 enabled on the instance. 7748 type: boolean 7749 numaNodesPerSocket: 7750 description: 'The number of NUMA nodes per socket (NPS). The 7751 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7752 * `NPS4`' 7753 type: string 7754 percentageOfCoresEnabled: 7755 description: The percentage of cores enabled. Value must be 7756 a multiple of 25%. If the requested percentage results in 7757 a fractional number of cores, the system rounds up the number 7758 of cores across processors and provisions an instance with 7759 a whole number of cores. If the applications that you run 7760 on the instance use a core-based licensing model and need 7761 fewer cores than the full size of the shape, you can disable 7762 cores to reduce your licensing costs. The instance itself 7763 is billed for the full shape, regardless of whether all 7764 cores are enabled. 7765 type: integer 7766 type: object 7767 amdVmPlatformConfig: 7768 description: AmdMilanBmPlatformConfig describe AMD VM platform 7769 configuration 7770 properties: 7771 isMeasuredBootEnabled: 7772 description: Whether the Measured Boot feature is enabled 7773 on the instance. 7774 type: boolean 7775 isMemoryEncryptionEnabled: 7776 description: Whether the instance is a confidential instance. 7777 If this value is `true`, the instance is a confidential 7778 instance. The default value is `false`. 7779 type: boolean 7780 isSecureBootEnabled: 7781 description: Whether Secure Boot is enabled on the instance. 7782 type: boolean 7783 isTrustedPlatformModuleEnabled: 7784 description: Whether the Trusted Platform Module (TPM) is 7785 enabled on the instance. 7786 type: boolean 7787 type: object 7788 intelIcelakeBmPlatformConfig: 7789 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7790 platform configuration 7791 properties: 7792 isInputOutputMemoryManagementUnitEnabled: 7793 description: Whether the input-output memory management unit 7794 is enabled. 7795 type: boolean 7796 isMeasuredBootEnabled: 7797 description: Whether the Measured Boot feature is enabled 7798 on the instance. 7799 type: boolean 7800 isMemoryEncryptionEnabled: 7801 description: Whether the instance is a confidential instance. 7802 If this value is `true`, the instance is a confidential 7803 instance. The default value is `false`. 7804 type: boolean 7805 isSecureBootEnabled: 7806 description: Whether Secure Boot is enabled on the instance. 7807 type: boolean 7808 isSymmetricMultiThreadingEnabled: 7809 description: Whether symmetric multithreading is enabled on 7810 the instance. Symmetric multithreading is also called simultaneous 7811 multithreading (SMT) or Intel Hyper-Threading. Intel and 7812 AMD processors have two hardware execution threads per core 7813 (OCPU). SMT permits multiple independent threads of execution, 7814 to better use the resources and increase the efficiency 7815 of the CPU. When multithreading is disabled, only one thread 7816 is permitted to run on each core, which can provide higher 7817 or more predictable performance for some workloads. 7818 type: boolean 7819 isTrustedPlatformModuleEnabled: 7820 description: Whether the Trusted Platform Module (TPM) is 7821 enabled on the instance. 7822 type: boolean 7823 numaNodesPerSocket: 7824 description: 'The number of NUMA nodes per socket (NPS). The 7825 following values are supported: * `NPS1` * `NPS2`' 7826 type: string 7827 percentageOfCoresEnabled: 7828 description: The percentage of cores enabled. Value must be 7829 a multiple of 25%. If the requested percentage results in 7830 a fractional number of cores, the system rounds up the number 7831 of cores across processors and provisions an instance with 7832 a whole number of cores. If the applications that you run 7833 on the instance use a core-based licensing model and need 7834 fewer cores than the full size of the shape, you can disable 7835 cores to reduce your licensing costs. The instance itself 7836 is billed for the full shape, regardless of whether all 7837 cores are enabled. 7838 type: integer 7839 type: object 7840 intelSkylakeBmPlatformConfig: 7841 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7842 platform configuration 7843 properties: 7844 isMeasuredBootEnabled: 7845 description: Whether the Measured Boot feature is enabled 7846 on the instance. 7847 type: boolean 7848 isMemoryEncryptionEnabled: 7849 description: Whether the instance is a confidential instance. 7850 If this value is `true`, the instance is a confidential 7851 instance. The default value is `false`. 7852 type: boolean 7853 isSecureBootEnabled: 7854 description: Whether Secure Boot is enabled on the instance. 7855 type: boolean 7856 isTrustedPlatformModuleEnabled: 7857 description: Whether the Trusted Platform Module (TPM) is 7858 enabled on the instance. 7859 type: boolean 7860 type: object 7861 intelVmPlatformConfig: 7862 description: AmdMilanBmPlatformConfig describe Intel VM platform 7863 configuration 7864 properties: 7865 isMeasuredBootEnabled: 7866 description: Whether the Measured Boot feature is enabled 7867 on the instance. 7868 type: boolean 7869 isMemoryEncryptionEnabled: 7870 description: Whether the instance is a confidential instance. 7871 If this value is `true`, the instance is a confidential 7872 instance. The default value is `false`. 7873 type: boolean 7874 isSecureBootEnabled: 7875 description: Whether Secure Boot is enabled on the instance. 7876 type: boolean 7877 isTrustedPlatformModuleEnabled: 7878 description: Whether the Trusted Platform Module (TPM) is 7879 enabled on the instance. 7880 type: boolean 7881 type: object 7882 platformConfigType: 7883 description: The type of platform configuration. Valid values 7884 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 7885 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 7886 Based on the enum, exactly one of the specific configuration 7887 types must be set 7888 type: string 7889 type: object 7890 preemptibleInstanceConfig: 7891 description: PreemptibleInstanceConfig Configuration options for preemptible 7892 instances. 7893 properties: 7894 terminatePreemptionAction: 7895 description: TerminatePreemptionAction terminates the preemptible 7896 instance when it is interrupted for eviction. 7897 properties: 7898 preserveBootVolume: 7899 description: PreserveBootVolume defines whether to preserve 7900 the boot volume that was used to launch the preemptible 7901 instance when the instance is terminated. Defaults to false 7902 if not specified. 7903 type: boolean 7904 type: object 7905 type: object 7906 providerID: 7907 description: Provider ID of the instance, this will be set by Cluster 7908 API provider itself, users should not set this parameter. 7909 type: string 7910 shape: 7911 description: Shape of the instance. 7912 type: string 7913 shapeConfig: 7914 description: The shape configuration of rhe instance, applicable for 7915 flex instances. 7916 properties: 7917 baselineOcpuUtilization: 7918 description: 'The baseline OCPU utilization for a subcore burstable 7919 VM instance. Leave this attribute blank for a non-burstable 7920 instance, or explicitly specify non-burstable with `BASELINE_1_1`. 7921 The following values are supported: - `BASELINE_1_8` - baseline 7922 usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 7923 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire 7924 OCPU. This represents a non-burstable instance.' 7925 type: string 7926 memoryInGBs: 7927 description: The total amount of memory available to the instance, 7928 in gigabytes. 7929 type: string 7930 nvmes: 7931 description: Nvmes defines the number of NVMe drives to be used 7932 for storage. A single drive has 6.8 TB available. 7933 type: integer 7934 ocpus: 7935 description: The total number of OCPUs available to the instance. 7936 type: string 7937 type: object 7938 subnetName: 7939 description: The name of the subnet to use. The name here refers to 7940 the subnets defined in the OCICluster Spec. Optional, only if multiple 7941 subnets of a type is defined, else the first element is used. 7942 type: string 7943 vnicAttachments: 7944 description: VnicAttachments defines the configuration options for 7945 the vnic(s) attached to the machine The network bandwidth and number 7946 of VNICs scale proportionately with the number of OCPUs. 7947 items: 7948 properties: 7949 assignPublicIp: 7950 description: AssignPublicIp defines whether the vnic should 7951 have a public IP address 7952 type: boolean 7953 displayName: 7954 description: DisplayName defines a user-friendly name. Does 7955 not have to be unique. Avoid entering confidential information. 7956 type: string 7957 nicIndex: 7958 description: NicIndex defines which physical Network Interface 7959 Card (NIC) to use You can determine which NICs are active 7960 for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 7961 type: integer 7962 subnetName: 7963 description: SubnetName defines the subnet name to use for the 7964 VNIC Defaults to the "worker" subnet if not provided 7965 type: string 7966 vnicAttachmentId: 7967 description: VnicAttachmentId defines the ID of the VnicAttachment 7968 type: string 7969 required: 7970 - displayName 7971 type: object 7972 type: array 7973 type: object 7974 status: 7975 description: OCIMachineStatus defines the observed state of OCIMachine. 7976 properties: 7977 addresses: 7978 description: Addresses contains the addresses of the associated OCI 7979 instance. 7980 items: 7981 description: MachineAddress contains information for the node's 7982 address. 7983 properties: 7984 address: 7985 description: The machine address. 7986 type: string 7987 type: 7988 description: Machine address type, one of Hostname, ExternalIP, 7989 InternalIP, ExternalDNS or InternalDNS. 7990 type: string 7991 required: 7992 - address 7993 - type 7994 type: object 7995 type: array 7996 conditions: 7997 description: Conditions defines current service state of the OCIMachine. 7998 items: 7999 description: Condition defines an observation of a Cluster API resource 8000 operational state. 8001 properties: 8002 lastTransitionTime: 8003 description: Last time the condition transitioned from one status 8004 to another. This should be when the underlying condition changed. 8005 If that is not known, then using the time when the API field 8006 changed is acceptable. 8007 format: date-time 8008 type: string 8009 message: 8010 description: A human readable message indicating details about 8011 the transition. This field may be empty. 8012 type: string 8013 reason: 8014 description: The reason for the condition's last transition 8015 in CamelCase. The specific API may choose whether or not this 8016 field is considered a guaranteed API. This field may not be 8017 empty. 8018 type: string 8019 severity: 8020 description: Severity provides an explicit classification of 8021 Reason code, so the users or machines can immediately understand 8022 the current situation and act accordingly. The Severity field 8023 MUST be set only when Status=False. 8024 type: string 8025 status: 8026 description: Status of the condition, one of True, False, Unknown. 8027 type: string 8028 type: 8029 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 8030 Many .condition.type values are consistent across resources 8031 like Available, but because arbitrary conditions can be useful 8032 (see .node.status.conditions), the ability to deconflict is 8033 important. 8034 type: string 8035 required: 8036 - lastTransitionTime 8037 - status 8038 - type 8039 type: object 8040 type: array 8041 createBackendWorkRequestId: 8042 description: Create Backend OPC work request ID for the machine backend. 8043 type: string 8044 deleteBackendWorkRequestId: 8045 description: Delete Backend OPC work request ID for the machine backend. 8046 type: string 8047 failureMessage: 8048 description: The error message corresponding to the error on the machine. 8049 type: string 8050 failureReason: 8051 description: Error status on the machine. 8052 type: string 8053 launchInstanceWorkRequestId: 8054 description: Launch instance work request ID. 8055 type: string 8056 ready: 8057 description: Flag set to true when machine is ready. 8058 type: boolean 8059 type: object 8060 type: object 8061 served: true 8062 storage: true 8063 subresources: 8064 status: {} 8065 --- 8066 apiVersion: apiextensions.k8s.io/v1 8067 kind: CustomResourceDefinition 8068 metadata: 8069 annotations: 8070 controller-gen.kubebuilder.io/version: v0.10.0 8071 creationTimestamp: null 8072 labels: 8073 cluster.x-k8s.io/provider: infrastructure-oci 8074 cluster.x-k8s.io/v1beta1: v1beta1 8075 name: ocimachinetemplates.infrastructure.cluster.x-k8s.io 8076 spec: 8077 group: infrastructure.cluster.x-k8s.io 8078 names: 8079 categories: 8080 - cluster-api 8081 kind: OCIMachineTemplate 8082 listKind: OCIMachineTemplateList 8083 plural: ocimachinetemplates 8084 singular: ocimachinetemplate 8085 scope: Namespaced 8086 versions: 8087 - name: v1beta1 8088 schema: 8089 openAPIV3Schema: 8090 description: OCIMachineTemplate is the schema for the OCI compute instance 8091 machine template. 8092 properties: 8093 apiVersion: 8094 description: 'APIVersion defines the versioned schema of this representation 8095 of an object. Servers should convert recognized schemas to the latest 8096 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 8097 type: string 8098 kind: 8099 description: 'Kind is a string value representing the REST resource this 8100 object represents. Servers may infer this from the endpoint the client 8101 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 8102 type: string 8103 metadata: 8104 type: object 8105 spec: 8106 description: OCIMachineTemplateSpec defines the desired state of OCIMachineTemplate. 8107 properties: 8108 template: 8109 description: OCIMachineTemplateResource describes the data needed 8110 to create an OCIMachine from a template. 8111 properties: 8112 spec: 8113 description: Spec is the specification of the desired behavior 8114 of the machine. 8115 properties: 8116 agentConfig: 8117 description: AgentConfig defines the options for the Oracle 8118 Cloud Agent software running on the instance. 8119 properties: 8120 areAllPluginsDisabled: 8121 description: AreAllPluginsDisabled defines whether Oracle 8122 Cloud Agent can run all the available plugins. This 8123 includes the management and monitoring plugins. To get 8124 a list of available plugins, use the ListInstanceagentAvailablePlugins 8125 operation in the Oracle Cloud Agent API. For more information 8126 about the available plugins, see Managing Plugins with 8127 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8128 type: boolean 8129 isManagementDisabled: 8130 description: 'IsManagementDisabled defines whether Oracle 8131 Cloud Agent can run all the available management plugins. 8132 Default value is false (management plugins are enabled). 8133 These are the management plugins: OS Management Service 8134 Agent and Compute Instance Run Command. The management 8135 plugins are controlled by this parameter and by the 8136 per-plugin configuration in the `pluginsConfig` object. 8137 - If `isManagementDisabled` is true, all of the management 8138 plugins are disabled, regardless of the per-plugin configuration. 8139 - If `isManagementDisabled` is false, all of the management 8140 plugins are enabled. You can optionally disable individual 8141 management plugins by providing a value in the `pluginsConfig` 8142 object.' 8143 type: boolean 8144 isMonitoringDisabled: 8145 description: 'IsMonitoringDisabled defines whether Oracle 8146 Cloud Agent can gather performance metrics and monitor 8147 the instance using the monitoring plugins. Default value 8148 is false (monitoring plugins are enabled). These are 8149 the monitoring plugins: Compute Instance Monitoring 8150 and Custom Logs Monitoring. The monitoring plugins are 8151 controlled by this parameter and by the per-plugin configuration 8152 in the `pluginsConfig` object. - If `isMonitoringDisabled` 8153 is true, all of the monitoring plugins are disabled, 8154 regardless of the per-plugin configuration. - If `isMonitoringDisabled` 8155 is false, all of the monitoring plugins are enabled. 8156 You can optionally disable individual monitoring plugins 8157 by providing a value in the `pluginsConfig` object.' 8158 type: boolean 8159 pluginsConfigs: 8160 description: PluginsConfig defines the configuration of 8161 plugins associated with this instance. 8162 items: 8163 description: InstanceAgentPluginConfig defines the configuration 8164 of plugins associated with this instance. 8165 properties: 8166 desiredState: 8167 description: 'DesiredState defines whether the plugin 8168 should be enabled or disabled. To enable the monitoring 8169 and management plugins, the `isMonitoringDisabled` 8170 and `isManagementDisabled` attributes must also 8171 be set to false. The following values are supported: 8172 * `ENABLED` * `DISABLED`' 8173 type: string 8174 name: 8175 description: Name defines the name of the plugin. 8176 To get a list of available plugins, use the ListInstanceagentAvailablePlugins 8177 operation in the Oracle Cloud Agent API. For more 8178 information about the available plugins, see Managing 8179 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8180 type: string 8181 type: object 8182 type: array 8183 type: object 8184 availabilityConfig: 8185 description: LaunchInstanceAvailabilityConfig defines the 8186 options for VM migration during infrastructure maintenance 8187 events and for defining the availability of a VM instance 8188 after a maintenance event that impacts the underlying hardware. 8189 properties: 8190 isLiveMigrationPreferred: 8191 description: IsLiveMigrationPreferred defines whether 8192 to live migrate supported VM instances to a healthy 8193 physical VM host without disrupting running instances 8194 during infrastructure maintenance events. If null, Oracle 8195 chooses the best option for migrating the VM during 8196 infrastructure maintenance events. 8197 type: boolean 8198 recoveryAction: 8199 description: RecoveryAction defines the lifecycle state 8200 for an instance when it is recovered after infrastructure 8201 maintenance. * `RESTORE_INSTANCE` - The instance is 8202 restored to the lifecycle state it was in before the 8203 maintenance event. If the instance was running, it is 8204 automatically rebooted. This is the default action when 8205 a value is not set. * `STOP_INSTANCE` - The instance 8206 is recovered in the stopped state. 8207 type: string 8208 type: object 8209 bootVolumeSizeInGBs: 8210 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 8211 to extend the boot volume size. 8212 type: string 8213 capacityReservationId: 8214 description: CapacityReservationId defines the OCID of the 8215 compute capacity reservation this instance is launched under. 8216 You can opt out of all default reservations by specifying 8217 an empty string as input for this field. For more information, 8218 see Capacity Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 8219 type: string 8220 compartmentId: 8221 description: Compartment to launch the instance in. 8222 type: string 8223 dedicatedVmHostId: 8224 description: DedicatedVmHostId defines the OCID of the dedicated 8225 VM host. 8226 type: string 8227 definedTags: 8228 additionalProperties: 8229 additionalProperties: 8230 type: string 8231 type: object 8232 description: 'Defined tags for this resource. Each key is 8233 predefined and scoped to a namespace. For more information, 8234 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 8235 Example: `{"Operations": {"CostCenter": "42"}}`' 8236 type: object 8237 freeformTags: 8238 additionalProperties: 8239 type: string 8240 description: Free-form tags for this resource. 8241 type: object 8242 imageId: 8243 description: OCID of the image to be used to launch the instance. 8244 type: string 8245 instanceId: 8246 description: OCID of launched compute instance. 8247 type: string 8248 instanceOptions: 8249 description: InstanceOptions defines the instance options 8250 properties: 8251 areLegacyImdsEndpointsDisabled: 8252 description: Whether to disable the legacy (/v1) instance 8253 metadata service endpoints. Customers who have migrated 8254 to /v2 should set this to true for added security. Default 8255 is false. 8256 type: boolean 8257 type: object 8258 instanceSourceViaImageConfig: 8259 description: InstanceSourceViaImageConfig defines the options 8260 for booting up instances via images 8261 properties: 8262 bootVolumeVpusPerGB: 8263 description: 'BootVolumeVpusPerGB defines the number of 8264 volume performance units (VPUs) that will be applied 8265 to this volume per GB, representing the Block Volume 8266 service''s elastic performance options. See Block Volume 8267 Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 8268 for more information. Allowed values: * `10`: Represents 8269 Balanced option. * `20`: Represents Higher Performance 8270 option. * `30`-`120`: Represents the Ultra High Performance 8271 option. For volumes with the auto-tuned performance 8272 feature enabled, this is set to the default (minimum) 8273 VPUs/GB.' 8274 format: int64 8275 type: integer 8276 kmsKeyId: 8277 description: KmsKeyId defines the OCID of the Key Management 8278 key to assign as the master encryption key for the boot 8279 volume. 8280 type: string 8281 type: object 8282 ipxeScript: 8283 type: string 8284 isPvEncryptionInTransitEnabled: 8285 description: Is in transit encryption of volumes required. 8286 type: boolean 8287 launchOptions: 8288 description: LaunchOptions defines the options for tuning 8289 the compatibility and performance of VM shapes 8290 properties: 8291 bootVolumeType: 8292 description: BootVolumeType defines Emulation type for 8293 the boot volume. * `ISCSI` - ISCSI attached block storage 8294 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 8295 IDE disk. * `VFIO` - Direct attached Virtual Function 8296 storage. This is the default option for local data volumes 8297 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 8298 disk. This is the default for boot volumes and remote 8299 block storage volumes on platform images. 8300 type: string 8301 firmware: 8302 description: Firmware defines the firmware used to boot 8303 VM. Select the option that matches your operating system. 8304 * `BIOS` - Boot VM using BIOS style firmware. This is 8305 compatible with both 32 bit and 64 bit operating systems 8306 that boot using MBR style bootloaders. * `UEFI_64` - 8307 Boot VM using UEFI style firmware compatible with 64 8308 bit operating systems. This is the default for platform 8309 images. 8310 type: string 8311 isConsistentVolumeNamingEnabled: 8312 description: IsConsistentVolumeNamingEnabled defines whether 8313 to enable consistent volume naming feature. Defaults 8314 to false. 8315 type: boolean 8316 networkType: 8317 description: NetworkType defines the emulation type for 8318 the physical network interface card (NIC). * `E1000` 8319 - Emulated Gigabit ethernet controller. Compatible with 8320 Linux e1000 network driver. * `VFIO` - Direct attached 8321 Virtual Function network controller. This is the networking 8322 type when you launch an instance using hardware-assisted 8323 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances 8324 launch with paravirtualized devices using VirtIO drivers. 8325 type: string 8326 remoteDataVolumeType: 8327 description: RemoteDataVolumeType defines the emulation 8328 type for volume. * `ISCSI` - ISCSI attached block storage 8329 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 8330 IDE disk. * `VFIO` - Direct attached Virtual Function 8331 storage. This is the default option for local data volumes 8332 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 8333 disk. This is the default for boot volumes and remote 8334 block storage volumes on platform images. 8335 type: string 8336 type: object 8337 metadata: 8338 additionalProperties: 8339 type: string 8340 description: Custom metadata key/value pairs that you provide, 8341 such as the SSH public key required to connect to the instance. 8342 type: object 8343 networkDetails: 8344 description: NetworkDetails defines the configuration options 8345 for the network 8346 properties: 8347 assignPrivateDnsRecord: 8348 description: AssignPrivateDnsRecord defines whether the 8349 VNIC should be assigned a DNS record. 8350 type: boolean 8351 assignPublicIp: 8352 description: AssignPublicIp defines whether the instance 8353 should have a public IP address 8354 type: boolean 8355 displayName: 8356 description: DisplayName defines a user-friendly name. 8357 Does not have to be unique, and it's changeable. Avoid 8358 entering confidential information. 8359 type: string 8360 hostnameLabel: 8361 description: HostnameLabel defines the hostname for the 8362 VNIC's primary private IP. Used for DNS. 8363 type: string 8364 nsgId: 8365 description: NSGId defines the ID of the NSG to use. This 8366 parameter takes priority over NsgNames. 8367 type: string 8368 nsgNames: 8369 description: NsgNames defines a list of the nsg names 8370 of the network security groups (NSGs) to add the VNIC 8371 to. 8372 items: 8373 type: string 8374 type: array 8375 skipSourceDestCheck: 8376 description: SkipSourceDestCheck defines whether the source/destination 8377 check is disabled on the VNIC. 8378 type: boolean 8379 subnetId: 8380 description: SubnetId defines the ID of the subnet to 8381 use. This parameter takes priority over SubnetName. 8382 type: string 8383 subnetName: 8384 description: SubnetName defines the subnet name to use 8385 for the VNIC 8386 type: string 8387 type: object 8388 nsgName: 8389 description: The name of NSG to use. The name here refers 8390 to the NSGs defined in the OCICluster Spec. Optional, only 8391 if multiple NSGs of a type is defined, else the first element 8392 is used. Deprecated, please use NetworkDetails.NSGNames 8393 type: string 8394 platformConfig: 8395 description: PlatformConfig defines the platform config parameters 8396 properties: 8397 amdMilanBmPlatformConfig: 8398 description: AmdMilanBmPlatformConfig describe AMD Milan 8399 BM platform configuration 8400 properties: 8401 areVirtualInstructionsEnabled: 8402 description: Whether virtualization instructions are 8403 available. For example, Secure Virtual Machine for 8404 AMD shapes or VT-x for Intel shapes. 8405 type: boolean 8406 isAccessControlServiceEnabled: 8407 description: Whether the Access Control Service is 8408 enabled on the instance. When enabled, the platform 8409 can enforce PCIe device isolation, required for 8410 VFIO device pass-through. 8411 type: boolean 8412 isInputOutputMemoryManagementUnitEnabled: 8413 description: Whether the input-output memory management 8414 unit is enabled. 8415 type: boolean 8416 isMeasuredBootEnabled: 8417 description: Whether the Measured Boot feature is 8418 enabled on the instance. 8419 type: boolean 8420 isMemoryEncryptionEnabled: 8421 description: Whether the instance is a confidential 8422 instance. If this value is `true`, the instance 8423 is a confidential instance. The default value is 8424 `false`. 8425 type: boolean 8426 isSecureBootEnabled: 8427 description: Whether Secure Boot is enabled on the 8428 instance. 8429 type: boolean 8430 isSymmetricMultiThreadingEnabled: 8431 description: Whether symmetric multithreading is enabled 8432 on the instance. Symmetric multithreading is also 8433 called simultaneous multithreading (SMT) or Intel 8434 Hyper-Threading. Intel and AMD processors have two 8435 hardware execution threads per core (OCPU). SMT 8436 permits multiple independent threads of execution, 8437 to better use the resources and increase the efficiency 8438 of the CPU. When multithreading is disabled, only 8439 one thread is permitted to run on each core, which 8440 can provide higher or more predictable performance 8441 for some workloads. 8442 type: boolean 8443 isTrustedPlatformModuleEnabled: 8444 description: Whether the Trusted Platform Module (TPM) 8445 is enabled on the instance. 8446 type: boolean 8447 numaNodesPerSocket: 8448 description: 'The number of NUMA nodes per socket 8449 (NPS). The following values are supported: * `NPS0` 8450 * `NPS1` * `NPS2` * `NPS4`' 8451 type: string 8452 percentageOfCoresEnabled: 8453 description: The percentage of cores enabled. Value 8454 must be a multiple of 25%. If the requested percentage 8455 results in a fractional number of cores, the system 8456 rounds up the number of cores across processors 8457 and provisions an instance with a whole number of 8458 cores. If the applications that you run on the instance 8459 use a core-based licensing model and need fewer 8460 cores than the full size of the shape, you can disable 8461 cores to reduce your licensing costs. The instance 8462 itself is billed for the full shape, regardless 8463 of whether all cores are enabled. 8464 type: integer 8465 type: object 8466 amdRomeBmGpuPlatformConfig: 8467 description: AmdMilanBmPlatformConfig describe AMD Rome 8468 BM platform configuration 8469 properties: 8470 areVirtualInstructionsEnabled: 8471 description: Whether virtualization instructions are 8472 available. For example, Secure Virtual Machine for 8473 AMD shapes or VT-x for Intel shapes. 8474 type: boolean 8475 isAccessControlServiceEnabled: 8476 description: Whether the Access Control Service is 8477 enabled on the instance. When enabled, the platform 8478 can enforce PCIe device isolation, required for 8479 VFIO device pass-through. 8480 type: boolean 8481 isInputOutputMemoryManagementUnitEnabled: 8482 description: Whether the input-output memory management 8483 unit is enabled. 8484 type: boolean 8485 isMeasuredBootEnabled: 8486 description: Whether the Measured Boot feature is 8487 enabled on the instance. 8488 type: boolean 8489 isMemoryEncryptionEnabled: 8490 description: Whether the instance is a confidential 8491 instance. If this value is `true`, the instance 8492 is a confidential instance. The default value is 8493 `false`. 8494 type: boolean 8495 isSecureBootEnabled: 8496 description: Whether Secure Boot is enabled on the 8497 instance. 8498 type: boolean 8499 isSymmetricMultiThreadingEnabled: 8500 description: Whether symmetric multithreading is enabled 8501 on the instance. Symmetric multithreading is also 8502 called simultaneous multithreading (SMT) or Intel 8503 Hyper-Threading. Intel and AMD processors have two 8504 hardware execution threads per core (OCPU). SMT 8505 permits multiple independent threads of execution, 8506 to better use the resources and increase the efficiency 8507 of the CPU. When multithreading is disabled, only 8508 one thread is permitted to run on each core, which 8509 can provide higher or more predictable performance 8510 for some workloads. 8511 type: boolean 8512 isTrustedPlatformModuleEnabled: 8513 description: Whether the Trusted Platform Module (TPM) 8514 is enabled on the instance. 8515 type: boolean 8516 numaNodesPerSocket: 8517 description: 'The number of NUMA nodes per socket 8518 (NPS). The following values are supported: * `NPS0` 8519 * `NPS1` * `NPS2` * `NPS4`' 8520 type: string 8521 type: object 8522 amdRomeBmPlatformConfig: 8523 description: AmdMilanBmPlatformConfig describe AMD Rome 8524 BM platform configuration 8525 properties: 8526 areVirtualInstructionsEnabled: 8527 description: Whether virtualization instructions are 8528 available. For example, Secure Virtual Machine for 8529 AMD shapes or VT-x for Intel shapes. 8530 type: boolean 8531 isAccessControlServiceEnabled: 8532 description: Whether the Access Control Service is 8533 enabled on the instance. When enabled, the platform 8534 can enforce PCIe device isolation, required for 8535 VFIO device pass-through. 8536 type: boolean 8537 isInputOutputMemoryManagementUnitEnabled: 8538 description: Whether the input-output memory management 8539 unit is enabled. 8540 type: boolean 8541 isMeasuredBootEnabled: 8542 description: Whether the Measured Boot feature is 8543 enabled on the instance. 8544 type: boolean 8545 isMemoryEncryptionEnabled: 8546 description: Whether the instance is a confidential 8547 instance. If this value is `true`, the instance 8548 is a confidential instance. The default value is 8549 `false`. 8550 type: boolean 8551 isSecureBootEnabled: 8552 description: Whether Secure Boot is enabled on the 8553 instance. 8554 type: boolean 8555 isSymmetricMultiThreadingEnabled: 8556 description: Whether symmetric multithreading is enabled 8557 on the instance. Symmetric multithreading is also 8558 called simultaneous multithreading (SMT) or Intel 8559 Hyper-Threading. Intel and AMD processors have two 8560 hardware execution threads per core (OCPU). SMT 8561 permits multiple independent threads of execution, 8562 to better use the resources and increase the efficiency 8563 of the CPU. When multithreading is disabled, only 8564 one thread is permitted to run on each core, which 8565 can provide higher or more predictable performance 8566 for some workloads. 8567 type: boolean 8568 isTrustedPlatformModuleEnabled: 8569 description: Whether the Trusted Platform Module (TPM) 8570 is enabled on the instance. 8571 type: boolean 8572 numaNodesPerSocket: 8573 description: 'The number of NUMA nodes per socket 8574 (NPS). The following values are supported: * `NPS0` 8575 * `NPS1` * `NPS2` * `NPS4`' 8576 type: string 8577 percentageOfCoresEnabled: 8578 description: The percentage of cores enabled. Value 8579 must be a multiple of 25%. If the requested percentage 8580 results in a fractional number of cores, the system 8581 rounds up the number of cores across processors 8582 and provisions an instance with a whole number of 8583 cores. If the applications that you run on the instance 8584 use a core-based licensing model and need fewer 8585 cores than the full size of the shape, you can disable 8586 cores to reduce your licensing costs. The instance 8587 itself is billed for the full shape, regardless 8588 of whether all cores are enabled. 8589 type: integer 8590 type: object 8591 amdVmPlatformConfig: 8592 description: AmdMilanBmPlatformConfig describe AMD VM 8593 platform configuration 8594 properties: 8595 isMeasuredBootEnabled: 8596 description: Whether the Measured Boot feature is 8597 enabled on the instance. 8598 type: boolean 8599 isMemoryEncryptionEnabled: 8600 description: Whether the instance is a confidential 8601 instance. If this value is `true`, the instance 8602 is a confidential instance. The default value is 8603 `false`. 8604 type: boolean 8605 isSecureBootEnabled: 8606 description: Whether Secure Boot is enabled on the 8607 instance. 8608 type: boolean 8609 isTrustedPlatformModuleEnabled: 8610 description: Whether the Trusted Platform Module (TPM) 8611 is enabled on the instance. 8612 type: boolean 8613 type: object 8614 intelIcelakeBmPlatformConfig: 8615 description: AmdMilanBmPlatformConfig describe Intel Skylke 8616 BM platform configuration 8617 properties: 8618 isInputOutputMemoryManagementUnitEnabled: 8619 description: Whether the input-output memory management 8620 unit is enabled. 8621 type: boolean 8622 isMeasuredBootEnabled: 8623 description: Whether the Measured Boot feature is 8624 enabled on the instance. 8625 type: boolean 8626 isMemoryEncryptionEnabled: 8627 description: Whether the instance is a confidential 8628 instance. If this value is `true`, the instance 8629 is a confidential instance. The default value is 8630 `false`. 8631 type: boolean 8632 isSecureBootEnabled: 8633 description: Whether Secure Boot is enabled on the 8634 instance. 8635 type: boolean 8636 isSymmetricMultiThreadingEnabled: 8637 description: Whether symmetric multithreading is enabled 8638 on the instance. Symmetric multithreading is also 8639 called simultaneous multithreading (SMT) or Intel 8640 Hyper-Threading. Intel and AMD processors have two 8641 hardware execution threads per core (OCPU). SMT 8642 permits multiple independent threads of execution, 8643 to better use the resources and increase the efficiency 8644 of the CPU. When multithreading is disabled, only 8645 one thread is permitted to run on each core, which 8646 can provide higher or more predictable performance 8647 for some workloads. 8648 type: boolean 8649 isTrustedPlatformModuleEnabled: 8650 description: Whether the Trusted Platform Module (TPM) 8651 is enabled on the instance. 8652 type: boolean 8653 numaNodesPerSocket: 8654 description: 'The number of NUMA nodes per socket 8655 (NPS). The following values are supported: * `NPS1` 8656 * `NPS2`' 8657 type: string 8658 percentageOfCoresEnabled: 8659 description: The percentage of cores enabled. Value 8660 must be a multiple of 25%. If the requested percentage 8661 results in a fractional number of cores, the system 8662 rounds up the number of cores across processors 8663 and provisions an instance with a whole number of 8664 cores. If the applications that you run on the instance 8665 use a core-based licensing model and need fewer 8666 cores than the full size of the shape, you can disable 8667 cores to reduce your licensing costs. The instance 8668 itself is billed for the full shape, regardless 8669 of whether all cores are enabled. 8670 type: integer 8671 type: object 8672 intelSkylakeBmPlatformConfig: 8673 description: AmdMilanBmPlatformConfig describe Intel Skylke 8674 BM platform configuration 8675 properties: 8676 isMeasuredBootEnabled: 8677 description: Whether the Measured Boot feature is 8678 enabled on the instance. 8679 type: boolean 8680 isMemoryEncryptionEnabled: 8681 description: Whether the instance is a confidential 8682 instance. If this value is `true`, the instance 8683 is a confidential instance. The default value is 8684 `false`. 8685 type: boolean 8686 isSecureBootEnabled: 8687 description: Whether Secure Boot is enabled on the 8688 instance. 8689 type: boolean 8690 isTrustedPlatformModuleEnabled: 8691 description: Whether the Trusted Platform Module (TPM) 8692 is enabled on the instance. 8693 type: boolean 8694 type: object 8695 intelVmPlatformConfig: 8696 description: AmdMilanBmPlatformConfig describe Intel VM 8697 platform configuration 8698 properties: 8699 isMeasuredBootEnabled: 8700 description: Whether the Measured Boot feature is 8701 enabled on the instance. 8702 type: boolean 8703 isMemoryEncryptionEnabled: 8704 description: Whether the instance is a confidential 8705 instance. If this value is `true`, the instance 8706 is a confidential instance. The default value is 8707 `false`. 8708 type: boolean 8709 isSecureBootEnabled: 8710 description: Whether Secure Boot is enabled on the 8711 instance. 8712 type: boolean 8713 isTrustedPlatformModuleEnabled: 8714 description: Whether the Trusted Platform Module (TPM) 8715 is enabled on the instance. 8716 type: boolean 8717 type: object 8718 platformConfigType: 8719 description: The type of platform configuration. Valid 8720 values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 8721 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 8722 Based on the enum, exactly one of the specific configuration 8723 types must be set 8724 type: string 8725 type: object 8726 preemptibleInstanceConfig: 8727 description: PreemptibleInstanceConfig Configuration options 8728 for preemptible instances. 8729 properties: 8730 terminatePreemptionAction: 8731 description: TerminatePreemptionAction terminates the 8732 preemptible instance when it is interrupted for eviction. 8733 properties: 8734 preserveBootVolume: 8735 description: PreserveBootVolume defines whether to 8736 preserve the boot volume that was used to launch 8737 the preemptible instance when the instance is terminated. 8738 Defaults to false if not specified. 8739 type: boolean 8740 type: object 8741 type: object 8742 providerID: 8743 description: Provider ID of the instance, this will be set 8744 by Cluster API provider itself, users should not set this 8745 parameter. 8746 type: string 8747 shape: 8748 description: Shape of the instance. 8749 type: string 8750 shapeConfig: 8751 description: The shape configuration of rhe instance, applicable 8752 for flex instances. 8753 properties: 8754 baselineOcpuUtilization: 8755 description: 'The baseline OCPU utilization for a subcore 8756 burstable VM instance. Leave this attribute blank for 8757 a non-burstable instance, or explicitly specify non-burstable 8758 with `BASELINE_1_1`. The following values are supported: 8759 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. 8760 - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. 8761 - `BASELINE_1_1` - baseline usage is an entire OCPU. 8762 This represents a non-burstable instance.' 8763 type: string 8764 memoryInGBs: 8765 description: The total amount of memory available to the 8766 instance, in gigabytes. 8767 type: string 8768 nvmes: 8769 description: Nvmes defines the number of NVMe drives to 8770 be used for storage. A single drive has 6.8 TB available. 8771 type: integer 8772 ocpus: 8773 description: The total number of OCPUs available to the 8774 instance. 8775 type: string 8776 type: object 8777 subnetName: 8778 description: The name of the subnet to use. The name here 8779 refers to the subnets defined in the OCICluster Spec. Optional, 8780 only if multiple subnets of a type is defined, else the 8781 first element is used. 8782 type: string 8783 vnicAttachments: 8784 description: VnicAttachments defines the configuration options 8785 for the vnic(s) attached to the machine The network bandwidth 8786 and number of VNICs scale proportionately with the number 8787 of OCPUs. 8788 items: 8789 properties: 8790 assignPublicIp: 8791 description: AssignPublicIp defines whether the vnic 8792 should have a public IP address 8793 type: boolean 8794 displayName: 8795 description: DisplayName defines a user-friendly name. 8796 Does not have to be unique. Avoid entering confidential 8797 information. 8798 type: string 8799 nicIndex: 8800 description: NicIndex defines which physical Network 8801 Interface Card (NIC) to use You can determine which 8802 NICs are active for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 8803 type: integer 8804 subnetName: 8805 description: SubnetName defines the subnet name to use 8806 for the VNIC Defaults to the "worker" subnet if not 8807 provided 8808 type: string 8809 vnicAttachmentId: 8810 description: VnicAttachmentId defines the ID of the 8811 VnicAttachment 8812 type: string 8813 required: 8814 - displayName 8815 type: object 8816 type: array 8817 type: object 8818 required: 8819 - spec 8820 type: object 8821 required: 8822 - template 8823 type: object 8824 type: object 8825 served: true 8826 storage: false 8827 - name: v1beta2 8828 schema: 8829 openAPIV3Schema: 8830 description: OCIMachineTemplate is the schema for the OCI compute instance 8831 machine template. 8832 properties: 8833 apiVersion: 8834 description: 'APIVersion defines the versioned schema of this representation 8835 of an object. Servers should convert recognized schemas to the latest 8836 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 8837 type: string 8838 kind: 8839 description: 'Kind is a string value representing the REST resource this 8840 object represents. Servers may infer this from the endpoint the client 8841 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 8842 type: string 8843 metadata: 8844 type: object 8845 spec: 8846 description: OCIMachineTemplateSpec defines the desired state of OCIMachineTemplate. 8847 properties: 8848 template: 8849 description: OCIMachineTemplateResource describes the data needed 8850 to create an OCIMachine from a template. 8851 properties: 8852 spec: 8853 description: Spec is the specification of the desired behavior 8854 of the machine. 8855 properties: 8856 agentConfig: 8857 description: AgentConfig defines the options for the Oracle 8858 Cloud Agent software running on the instance. 8859 properties: 8860 areAllPluginsDisabled: 8861 description: AreAllPluginsDisabled defines whether Oracle 8862 Cloud Agent can run all the available plugins. This 8863 includes the management and monitoring plugins. To get 8864 a list of available plugins, use the ListInstanceagentAvailablePlugins 8865 operation in the Oracle Cloud Agent API. For more information 8866 about the available plugins, see Managing Plugins with 8867 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8868 type: boolean 8869 isManagementDisabled: 8870 description: 'IsManagementDisabled defines whether Oracle 8871 Cloud Agent can run all the available management plugins. 8872 Default value is false (management plugins are enabled). 8873 These are the management plugins: OS Management Service 8874 Agent and Compute Instance Run Command. The management 8875 plugins are controlled by this parameter and by the 8876 per-plugin configuration in the `pluginsConfig` object. 8877 - If `isManagementDisabled` is true, all of the management 8878 plugins are disabled, regardless of the per-plugin configuration. 8879 - If `isManagementDisabled` is false, all of the management 8880 plugins are enabled. You can optionally disable individual 8881 management plugins by providing a value in the `pluginsConfig` 8882 object.' 8883 type: boolean 8884 isMonitoringDisabled: 8885 description: 'IsMonitoringDisabled defines whether Oracle 8886 Cloud Agent can gather performance metrics and monitor 8887 the instance using the monitoring plugins. Default value 8888 is false (monitoring plugins are enabled). These are 8889 the monitoring plugins: Compute Instance Monitoring 8890 and Custom Logs Monitoring. The monitoring plugins are 8891 controlled by this parameter and by the per-plugin configuration 8892 in the `pluginsConfig` object. - If `isMonitoringDisabled` 8893 is true, all of the monitoring plugins are disabled, 8894 regardless of the per-plugin configuration. - If `isMonitoringDisabled` 8895 is false, all of the monitoring plugins are enabled. 8896 You can optionally disable individual monitoring plugins 8897 by providing a value in the `pluginsConfig` object.' 8898 type: boolean 8899 pluginsConfigs: 8900 description: PluginsConfig defines the configuration of 8901 plugins associated with this instance. 8902 items: 8903 description: InstanceAgentPluginConfig defines the configuration 8904 of plugins associated with this instance. 8905 properties: 8906 desiredState: 8907 description: 'DesiredState defines whether the plugin 8908 should be enabled or disabled. To enable the monitoring 8909 and management plugins, the `isMonitoringDisabled` 8910 and `isManagementDisabled` attributes must also 8911 be set to false. The following values are supported: 8912 * `ENABLED` * `DISABLED`' 8913 type: string 8914 name: 8915 description: Name defines the name of the plugin. 8916 To get a list of available plugins, use the ListInstanceagentAvailablePlugins 8917 operation in the Oracle Cloud Agent API. For more 8918 information about the available plugins, see Managing 8919 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8920 type: string 8921 type: object 8922 type: array 8923 type: object 8924 availabilityConfig: 8925 description: LaunchInstanceAvailabilityConfig defines the 8926 options for VM migration during infrastructure maintenance 8927 events and for defining the availability of a VM instance 8928 after a maintenance event that impacts the underlying hardware. 8929 properties: 8930 isLiveMigrationPreferred: 8931 description: IsLiveMigrationPreferred defines whether 8932 to live migrate supported VM instances to a healthy 8933 physical VM host without disrupting running instances 8934 during infrastructure maintenance events. If null, Oracle 8935 chooses the best option for migrating the VM during 8936 infrastructure maintenance events. 8937 type: boolean 8938 recoveryAction: 8939 description: RecoveryAction defines the lifecycle state 8940 for an instance when it is recovered after infrastructure 8941 maintenance. * `RESTORE_INSTANCE` - The instance is 8942 restored to the lifecycle state it was in before the 8943 maintenance event. If the instance was running, it is 8944 automatically rebooted. This is the default action when 8945 a value is not set. * `STOP_INSTANCE` - The instance 8946 is recovered in the stopped state. 8947 type: string 8948 type: object 8949 bootVolumeSizeInGBs: 8950 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 8951 to extend the boot volume size. 8952 type: string 8953 capacityReservationId: 8954 description: CapacityReservationId defines the OCID of the 8955 compute capacity reservation this instance is launched under. 8956 You can opt out of all default reservations by specifying 8957 an empty string as input for this field. For more information, 8958 see Capacity Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 8959 type: string 8960 compartmentId: 8961 description: Compartment to launch the instance in. 8962 type: string 8963 dedicatedVmHostId: 8964 description: DedicatedVmHostId defines the OCID of the dedicated 8965 VM host. 8966 type: string 8967 definedTags: 8968 additionalProperties: 8969 additionalProperties: 8970 type: string 8971 type: object 8972 description: 'Defined tags for this resource. Each key is 8973 predefined and scoped to a namespace. For more information, 8974 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 8975 Example: `{"Operations": {"CostCenter": "42"}}`' 8976 type: object 8977 freeformTags: 8978 additionalProperties: 8979 type: string 8980 description: Free-form tags for this resource. 8981 type: object 8982 imageId: 8983 description: OCID of the image to be used to launch the instance. 8984 type: string 8985 instanceId: 8986 description: OCID of launched compute instance. 8987 type: string 8988 instanceOptions: 8989 description: InstanceOptions defines the instance options 8990 properties: 8991 areLegacyImdsEndpointsDisabled: 8992 description: Whether to disable the legacy (/v1) instance 8993 metadata service endpoints. Customers who have migrated 8994 to /v2 should set this to true for added security. Default 8995 is false. 8996 type: boolean 8997 type: object 8998 instanceSourceViaImageConfig: 8999 description: InstanceSourceViaImageConfig defines the options 9000 for booting up instances via images 9001 properties: 9002 bootVolumeVpusPerGB: 9003 description: 'BootVolumeVpusPerGB defines the number of 9004 volume performance units (VPUs) that will be applied 9005 to this volume per GB, representing the Block Volume 9006 service''s elastic performance options. See Block Volume 9007 Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 9008 for more information. Allowed values: * `10`: Represents 9009 Balanced option. * `20`: Represents Higher Performance 9010 option. * `30`-`120`: Represents the Ultra High Performance 9011 option. For volumes with the auto-tuned performance 9012 feature enabled, this is set to the default (minimum) 9013 VPUs/GB.' 9014 format: int64 9015 type: integer 9016 kmsKeyId: 9017 description: KmsKeyId defines the OCID of the Key Management 9018 key to assign as the master encryption key for the boot 9019 volume. 9020 type: string 9021 type: object 9022 ipxeScript: 9023 type: string 9024 isPvEncryptionInTransitEnabled: 9025 description: Is in transit encryption of volumes required. 9026 type: boolean 9027 launchOptions: 9028 description: LaunchOptions defines the options for tuning 9029 the compatibility and performance of VM shapes 9030 properties: 9031 bootVolumeType: 9032 description: BootVolumeType defines Emulation type for 9033 the boot volume. * `ISCSI` - ISCSI attached block storage 9034 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 9035 IDE disk. * `VFIO` - Direct attached Virtual Function 9036 storage. This is the default option for local data volumes 9037 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 9038 disk. This is the default for boot volumes and remote 9039 block storage volumes on platform images. 9040 type: string 9041 firmware: 9042 description: Firmware defines the firmware used to boot 9043 VM. Select the option that matches your operating system. 9044 * `BIOS` - Boot VM using BIOS style firmware. This is 9045 compatible with both 32 bit and 64 bit operating systems 9046 that boot using MBR style bootloaders. * `UEFI_64` - 9047 Boot VM using UEFI style firmware compatible with 64 9048 bit operating systems. This is the default for platform 9049 images. 9050 type: string 9051 isConsistentVolumeNamingEnabled: 9052 description: IsConsistentVolumeNamingEnabled defines whether 9053 to enable consistent volume naming feature. Defaults 9054 to false. 9055 type: boolean 9056 networkType: 9057 description: NetworkType defines the emulation type for 9058 the physical network interface card (NIC). * `E1000` 9059 - Emulated Gigabit ethernet controller. Compatible with 9060 Linux e1000 network driver. * `VFIO` - Direct attached 9061 Virtual Function network controller. This is the networking 9062 type when you launch an instance using hardware-assisted 9063 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances 9064 launch with paravirtualized devices using VirtIO drivers. 9065 type: string 9066 remoteDataVolumeType: 9067 description: RemoteDataVolumeType defines the emulation 9068 type for volume. * `ISCSI` - ISCSI attached block storage 9069 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 9070 IDE disk. * `VFIO` - Direct attached Virtual Function 9071 storage. This is the default option for local data volumes 9072 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 9073 disk. This is the default for boot volumes and remote 9074 block storage volumes on platform images. 9075 type: string 9076 type: object 9077 metadata: 9078 additionalProperties: 9079 type: string 9080 description: Custom metadata key/value pairs that you provide, 9081 such as the SSH public key required to connect to the instance. 9082 type: object 9083 networkDetails: 9084 description: NetworkDetails defines the configuration options 9085 for the network 9086 properties: 9087 assignPrivateDnsRecord: 9088 description: AssignPrivateDnsRecord defines whether the 9089 VNIC should be assigned a DNS record. 9090 type: boolean 9091 assignPublicIp: 9092 description: AssignPublicIp defines whether the instance 9093 should have a public IP address 9094 type: boolean 9095 displayName: 9096 description: DisplayName defines a user-friendly name. 9097 Does not have to be unique, and it's changeable. Avoid 9098 entering confidential information. 9099 type: string 9100 hostnameLabel: 9101 description: HostnameLabel defines the hostname for the 9102 VNIC's primary private IP. Used for DNS. 9103 type: string 9104 nsgId: 9105 description: NSGId defines the ID of the NSG to use. This 9106 parameter takes priority over NsgNames. 9107 type: string 9108 nsgNames: 9109 description: NsgNames defines a list of the nsg names 9110 of the network security groups (NSGs) to add the VNIC 9111 to. 9112 items: 9113 type: string 9114 type: array 9115 skipSourceDestCheck: 9116 description: SkipSourceDestCheck defines whether the source/destination 9117 check is disabled on the VNIC. 9118 type: boolean 9119 subnetId: 9120 description: SubnetId defines the ID of the subnet to 9121 use. This parameter takes priority over SubnetName. 9122 type: string 9123 subnetName: 9124 description: SubnetName defines the subnet name to use 9125 for the VNIC 9126 type: string 9127 type: object 9128 platformConfig: 9129 description: PlatformConfig defines the platform config parameters 9130 properties: 9131 amdMilanBmPlatformConfig: 9132 description: AmdMilanBmPlatformConfig describe AMD Milan 9133 BM platform configuration 9134 properties: 9135 areVirtualInstructionsEnabled: 9136 description: Whether virtualization instructions are 9137 available. For example, Secure Virtual Machine for 9138 AMD shapes or VT-x for Intel shapes. 9139 type: boolean 9140 isAccessControlServiceEnabled: 9141 description: Whether the Access Control Service is 9142 enabled on the instance. When enabled, the platform 9143 can enforce PCIe device isolation, required for 9144 VFIO device pass-through. 9145 type: boolean 9146 isInputOutputMemoryManagementUnitEnabled: 9147 description: Whether the input-output memory management 9148 unit is enabled. 9149 type: boolean 9150 isMeasuredBootEnabled: 9151 description: Whether the Measured Boot feature is 9152 enabled on the instance. 9153 type: boolean 9154 isMemoryEncryptionEnabled: 9155 description: Whether the instance is a confidential 9156 instance. If this value is `true`, the instance 9157 is a confidential instance. The default value is 9158 `false`. 9159 type: boolean 9160 isSecureBootEnabled: 9161 description: Whether Secure Boot is enabled on the 9162 instance. 9163 type: boolean 9164 isSymmetricMultiThreadingEnabled: 9165 description: Whether symmetric multithreading is enabled 9166 on the instance. Symmetric multithreading is also 9167 called simultaneous multithreading (SMT) or Intel 9168 Hyper-Threading. Intel and AMD processors have two 9169 hardware execution threads per core (OCPU). SMT 9170 permits multiple independent threads of execution, 9171 to better use the resources and increase the efficiency 9172 of the CPU. When multithreading is disabled, only 9173 one thread is permitted to run on each core, which 9174 can provide higher or more predictable performance 9175 for some workloads. 9176 type: boolean 9177 isTrustedPlatformModuleEnabled: 9178 description: Whether the Trusted Platform Module (TPM) 9179 is enabled on the instance. 9180 type: boolean 9181 numaNodesPerSocket: 9182 description: 'The number of NUMA nodes per socket 9183 (NPS). The following values are supported: * `NPS0` 9184 * `NPS1` * `NPS2` * `NPS4`' 9185 type: string 9186 percentageOfCoresEnabled: 9187 description: The percentage of cores enabled. Value 9188 must be a multiple of 25%. If the requested percentage 9189 results in a fractional number of cores, the system 9190 rounds up the number of cores across processors 9191 and provisions an instance with a whole number of 9192 cores. If the applications that you run on the instance 9193 use a core-based licensing model and need fewer 9194 cores than the full size of the shape, you can disable 9195 cores to reduce your licensing costs. The instance 9196 itself is billed for the full shape, regardless 9197 of whether all cores are enabled. 9198 type: integer 9199 type: object 9200 amdRomeBmGpuPlatformConfig: 9201 description: AmdMilanBmPlatformConfig describe AMD Rome 9202 BM platform configuration 9203 properties: 9204 areVirtualInstructionsEnabled: 9205 description: Whether virtualization instructions are 9206 available. For example, Secure Virtual Machine for 9207 AMD shapes or VT-x for Intel shapes. 9208 type: boolean 9209 isAccessControlServiceEnabled: 9210 description: Whether the Access Control Service is 9211 enabled on the instance. When enabled, the platform 9212 can enforce PCIe device isolation, required for 9213 VFIO device pass-through. 9214 type: boolean 9215 isInputOutputMemoryManagementUnitEnabled: 9216 description: Whether the input-output memory management 9217 unit is enabled. 9218 type: boolean 9219 isMeasuredBootEnabled: 9220 description: Whether the Measured Boot feature is 9221 enabled on the instance. 9222 type: boolean 9223 isMemoryEncryptionEnabled: 9224 description: Whether the instance is a confidential 9225 instance. If this value is `true`, the instance 9226 is a confidential instance. The default value is 9227 `false`. 9228 type: boolean 9229 isSecureBootEnabled: 9230 description: Whether Secure Boot is enabled on the 9231 instance. 9232 type: boolean 9233 isSymmetricMultiThreadingEnabled: 9234 description: Whether symmetric multithreading is enabled 9235 on the instance. Symmetric multithreading is also 9236 called simultaneous multithreading (SMT) or Intel 9237 Hyper-Threading. Intel and AMD processors have two 9238 hardware execution threads per core (OCPU). SMT 9239 permits multiple independent threads of execution, 9240 to better use the resources and increase the efficiency 9241 of the CPU. When multithreading is disabled, only 9242 one thread is permitted to run on each core, which 9243 can provide higher or more predictable performance 9244 for some workloads. 9245 type: boolean 9246 isTrustedPlatformModuleEnabled: 9247 description: Whether the Trusted Platform Module (TPM) 9248 is enabled on the instance. 9249 type: boolean 9250 numaNodesPerSocket: 9251 description: 'The number of NUMA nodes per socket 9252 (NPS). The following values are supported: * `NPS0` 9253 * `NPS1` * `NPS2` * `NPS4`' 9254 type: string 9255 type: object 9256 amdRomeBmPlatformConfig: 9257 description: AmdMilanBmPlatformConfig describe AMD Rome 9258 BM platform configuration 9259 properties: 9260 areVirtualInstructionsEnabled: 9261 description: Whether virtualization instructions are 9262 available. For example, Secure Virtual Machine for 9263 AMD shapes or VT-x for Intel shapes. 9264 type: boolean 9265 isAccessControlServiceEnabled: 9266 description: Whether the Access Control Service is 9267 enabled on the instance. When enabled, the platform 9268 can enforce PCIe device isolation, required for 9269 VFIO device pass-through. 9270 type: boolean 9271 isInputOutputMemoryManagementUnitEnabled: 9272 description: Whether the input-output memory management 9273 unit is enabled. 9274 type: boolean 9275 isMeasuredBootEnabled: 9276 description: Whether the Measured Boot feature is 9277 enabled on the instance. 9278 type: boolean 9279 isMemoryEncryptionEnabled: 9280 description: Whether the instance is a confidential 9281 instance. If this value is `true`, the instance 9282 is a confidential instance. The default value is 9283 `false`. 9284 type: boolean 9285 isSecureBootEnabled: 9286 description: Whether Secure Boot is enabled on the 9287 instance. 9288 type: boolean 9289 isSymmetricMultiThreadingEnabled: 9290 description: Whether symmetric multithreading is enabled 9291 on the instance. Symmetric multithreading is also 9292 called simultaneous multithreading (SMT) or Intel 9293 Hyper-Threading. Intel and AMD processors have two 9294 hardware execution threads per core (OCPU). SMT 9295 permits multiple independent threads of execution, 9296 to better use the resources and increase the efficiency 9297 of the CPU. When multithreading is disabled, only 9298 one thread is permitted to run on each core, which 9299 can provide higher or more predictable performance 9300 for some workloads. 9301 type: boolean 9302 isTrustedPlatformModuleEnabled: 9303 description: Whether the Trusted Platform Module (TPM) 9304 is enabled on the instance. 9305 type: boolean 9306 numaNodesPerSocket: 9307 description: 'The number of NUMA nodes per socket 9308 (NPS). The following values are supported: * `NPS0` 9309 * `NPS1` * `NPS2` * `NPS4`' 9310 type: string 9311 percentageOfCoresEnabled: 9312 description: The percentage of cores enabled. Value 9313 must be a multiple of 25%. If the requested percentage 9314 results in a fractional number of cores, the system 9315 rounds up the number of cores across processors 9316 and provisions an instance with a whole number of 9317 cores. If the applications that you run on the instance 9318 use a core-based licensing model and need fewer 9319 cores than the full size of the shape, you can disable 9320 cores to reduce your licensing costs. The instance 9321 itself is billed for the full shape, regardless 9322 of whether all cores are enabled. 9323 type: integer 9324 type: object 9325 amdVmPlatformConfig: 9326 description: AmdMilanBmPlatformConfig describe AMD VM 9327 platform configuration 9328 properties: 9329 isMeasuredBootEnabled: 9330 description: Whether the Measured Boot feature is 9331 enabled on the instance. 9332 type: boolean 9333 isMemoryEncryptionEnabled: 9334 description: Whether the instance is a confidential 9335 instance. If this value is `true`, the instance 9336 is a confidential instance. The default value is 9337 `false`. 9338 type: boolean 9339 isSecureBootEnabled: 9340 description: Whether Secure Boot is enabled on the 9341 instance. 9342 type: boolean 9343 isTrustedPlatformModuleEnabled: 9344 description: Whether the Trusted Platform Module (TPM) 9345 is enabled on the instance. 9346 type: boolean 9347 type: object 9348 intelIcelakeBmPlatformConfig: 9349 description: AmdMilanBmPlatformConfig describe Intel Skylke 9350 BM platform configuration 9351 properties: 9352 isInputOutputMemoryManagementUnitEnabled: 9353 description: Whether the input-output memory management 9354 unit is enabled. 9355 type: boolean 9356 isMeasuredBootEnabled: 9357 description: Whether the Measured Boot feature is 9358 enabled on the instance. 9359 type: boolean 9360 isMemoryEncryptionEnabled: 9361 description: Whether the instance is a confidential 9362 instance. If this value is `true`, the instance 9363 is a confidential instance. The default value is 9364 `false`. 9365 type: boolean 9366 isSecureBootEnabled: 9367 description: Whether Secure Boot is enabled on the 9368 instance. 9369 type: boolean 9370 isSymmetricMultiThreadingEnabled: 9371 description: Whether symmetric multithreading is enabled 9372 on the instance. Symmetric multithreading is also 9373 called simultaneous multithreading (SMT) or Intel 9374 Hyper-Threading. Intel and AMD processors have two 9375 hardware execution threads per core (OCPU). SMT 9376 permits multiple independent threads of execution, 9377 to better use the resources and increase the efficiency 9378 of the CPU. When multithreading is disabled, only 9379 one thread is permitted to run on each core, which 9380 can provide higher or more predictable performance 9381 for some workloads. 9382 type: boolean 9383 isTrustedPlatformModuleEnabled: 9384 description: Whether the Trusted Platform Module (TPM) 9385 is enabled on the instance. 9386 type: boolean 9387 numaNodesPerSocket: 9388 description: 'The number of NUMA nodes per socket 9389 (NPS). The following values are supported: * `NPS1` 9390 * `NPS2`' 9391 type: string 9392 percentageOfCoresEnabled: 9393 description: The percentage of cores enabled. Value 9394 must be a multiple of 25%. If the requested percentage 9395 results in a fractional number of cores, the system 9396 rounds up the number of cores across processors 9397 and provisions an instance with a whole number of 9398 cores. If the applications that you run on the instance 9399 use a core-based licensing model and need fewer 9400 cores than the full size of the shape, you can disable 9401 cores to reduce your licensing costs. The instance 9402 itself is billed for the full shape, regardless 9403 of whether all cores are enabled. 9404 type: integer 9405 type: object 9406 intelSkylakeBmPlatformConfig: 9407 description: AmdMilanBmPlatformConfig describe Intel Skylke 9408 BM platform configuration 9409 properties: 9410 isMeasuredBootEnabled: 9411 description: Whether the Measured Boot feature is 9412 enabled on the instance. 9413 type: boolean 9414 isMemoryEncryptionEnabled: 9415 description: Whether the instance is a confidential 9416 instance. If this value is `true`, the instance 9417 is a confidential instance. The default value is 9418 `false`. 9419 type: boolean 9420 isSecureBootEnabled: 9421 description: Whether Secure Boot is enabled on the 9422 instance. 9423 type: boolean 9424 isTrustedPlatformModuleEnabled: 9425 description: Whether the Trusted Platform Module (TPM) 9426 is enabled on the instance. 9427 type: boolean 9428 type: object 9429 intelVmPlatformConfig: 9430 description: AmdMilanBmPlatformConfig describe Intel VM 9431 platform configuration 9432 properties: 9433 isMeasuredBootEnabled: 9434 description: Whether the Measured Boot feature is 9435 enabled on the instance. 9436 type: boolean 9437 isMemoryEncryptionEnabled: 9438 description: Whether the instance is a confidential 9439 instance. If this value is `true`, the instance 9440 is a confidential instance. The default value is 9441 `false`. 9442 type: boolean 9443 isSecureBootEnabled: 9444 description: Whether Secure Boot is enabled on the 9445 instance. 9446 type: boolean 9447 isTrustedPlatformModuleEnabled: 9448 description: Whether the Trusted Platform Module (TPM) 9449 is enabled on the instance. 9450 type: boolean 9451 type: object 9452 platformConfigType: 9453 description: The type of platform configuration. Valid 9454 values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 9455 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 9456 Based on the enum, exactly one of the specific configuration 9457 types must be set 9458 type: string 9459 type: object 9460 preemptibleInstanceConfig: 9461 description: PreemptibleInstanceConfig Configuration options 9462 for preemptible instances. 9463 properties: 9464 terminatePreemptionAction: 9465 description: TerminatePreemptionAction terminates the 9466 preemptible instance when it is interrupted for eviction. 9467 properties: 9468 preserveBootVolume: 9469 description: PreserveBootVolume defines whether to 9470 preserve the boot volume that was used to launch 9471 the preemptible instance when the instance is terminated. 9472 Defaults to false if not specified. 9473 type: boolean 9474 type: object 9475 type: object 9476 providerID: 9477 description: Provider ID of the instance, this will be set 9478 by Cluster API provider itself, users should not set this 9479 parameter. 9480 type: string 9481 shape: 9482 description: Shape of the instance. 9483 type: string 9484 shapeConfig: 9485 description: The shape configuration of rhe instance, applicable 9486 for flex instances. 9487 properties: 9488 baselineOcpuUtilization: 9489 description: 'The baseline OCPU utilization for a subcore 9490 burstable VM instance. Leave this attribute blank for 9491 a non-burstable instance, or explicitly specify non-burstable 9492 with `BASELINE_1_1`. The following values are supported: 9493 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. 9494 - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. 9495 - `BASELINE_1_1` - baseline usage is an entire OCPU. 9496 This represents a non-burstable instance.' 9497 type: string 9498 memoryInGBs: 9499 description: The total amount of memory available to the 9500 instance, in gigabytes. 9501 type: string 9502 nvmes: 9503 description: Nvmes defines the number of NVMe drives to 9504 be used for storage. A single drive has 6.8 TB available. 9505 type: integer 9506 ocpus: 9507 description: The total number of OCPUs available to the 9508 instance. 9509 type: string 9510 type: object 9511 subnetName: 9512 description: The name of the subnet to use. The name here 9513 refers to the subnets defined in the OCICluster Spec. Optional, 9514 only if multiple subnets of a type is defined, else the 9515 first element is used. 9516 type: string 9517 vnicAttachments: 9518 description: VnicAttachments defines the configuration options 9519 for the vnic(s) attached to the machine The network bandwidth 9520 and number of VNICs scale proportionately with the number 9521 of OCPUs. 9522 items: 9523 properties: 9524 assignPublicIp: 9525 description: AssignPublicIp defines whether the vnic 9526 should have a public IP address 9527 type: boolean 9528 displayName: 9529 description: DisplayName defines a user-friendly name. 9530 Does not have to be unique. Avoid entering confidential 9531 information. 9532 type: string 9533 nicIndex: 9534 description: NicIndex defines which physical Network 9535 Interface Card (NIC) to use You can determine which 9536 NICs are active for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 9537 type: integer 9538 subnetName: 9539 description: SubnetName defines the subnet name to use 9540 for the VNIC Defaults to the "worker" subnet if not 9541 provided 9542 type: string 9543 vnicAttachmentId: 9544 description: VnicAttachmentId defines the ID of the 9545 VnicAttachment 9546 type: string 9547 required: 9548 - displayName 9549 type: object 9550 type: array 9551 type: object 9552 required: 9553 - spec 9554 type: object 9555 required: 9556 - template 9557 type: object 9558 type: object 9559 served: true 9560 storage: true 9561 --- 9562 apiVersion: apiextensions.k8s.io/v1 9563 kind: CustomResourceDefinition 9564 metadata: 9565 annotations: 9566 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 9567 controller-gen.kubebuilder.io/version: v0.10.0 9568 labels: 9569 cluster.x-k8s.io/provider: infrastructure-oci 9570 cluster.x-k8s.io/v1beta1: v1beta1 9571 name: ocimanagedclusters.infrastructure.cluster.x-k8s.io 9572 spec: 9573 conversion: 9574 strategy: Webhook 9575 webhook: 9576 clientConfig: 9577 service: 9578 name: capoci-webhook-service 9579 namespace: cluster-api-provider-oci-system 9580 path: /convert 9581 conversionReviewVersions: 9582 - v1 9583 - v1beta1 9584 group: infrastructure.cluster.x-k8s.io 9585 names: 9586 kind: OCIManagedCluster 9587 listKind: OCIManagedClusterList 9588 plural: ocimanagedclusters 9589 singular: ocimanagedcluster 9590 scope: Namespaced 9591 versions: 9592 - name: v1beta1 9593 schema: 9594 openAPIV3Schema: 9595 description: OCIManagedCluster is the Schema for the ocimanagedclusters API. 9596 properties: 9597 apiVersion: 9598 description: 'APIVersion defines the versioned schema of this representation 9599 of an object. Servers should convert recognized schemas to the latest 9600 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9601 type: string 9602 kind: 9603 description: 'Kind is a string value representing the REST resource this 9604 object represents. Servers may infer this from the endpoint the client 9605 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9606 type: string 9607 metadata: 9608 type: object 9609 spec: 9610 description: OCIManagedClusterSpec defines the desired state of OCI OKE 9611 Cluster 9612 properties: 9613 compartmentId: 9614 description: Compartment to create the cluster network. 9615 type: string 9616 controlPlaneEndpoint: 9617 description: ControlPlaneEndpoint represents the endpoint used to 9618 communicate with the control plane. This will not be set by the 9619 user, this will be updated by the Cluster Reconciler after OKe cluster 9620 has been created and the cluster has an endpoint address 9621 properties: 9622 host: 9623 description: The hostname on which the API server is serving. 9624 type: string 9625 port: 9626 description: The port on which the API server is serving. 9627 format: int32 9628 type: integer 9629 required: 9630 - host 9631 - port 9632 type: object 9633 definedTags: 9634 additionalProperties: 9635 additionalProperties: 9636 type: string 9637 type: object 9638 description: 'Defined tags for this resource. Each key is predefined 9639 and scoped to a namespace. For more information, see Resource Tags 9640 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 9641 Example: `{"Operations": {"CostCenter": "42"}}`' 9642 type: object 9643 freeformTags: 9644 additionalProperties: 9645 type: string 9646 description: Free-form tags for this resource. 9647 type: object 9648 identityRef: 9649 description: IdentityRef is a reference to an identity(principal) 9650 to be used when reconciling this cluster 9651 properties: 9652 apiVersion: 9653 description: API version of the referent. 9654 type: string 9655 fieldPath: 9656 description: 'If referring to a piece of an object instead of 9657 an entire object, this string should contain a valid JSON/Go 9658 field access statement, such as desiredState.manifest.containers[2]. 9659 For example, if the object reference is to a container within 9660 a pod, this would take on a value like: "spec.containers{name}" 9661 (where "name" refers to the name of the container that triggered 9662 the event) or if no container name is specified "spec.containers[2]" 9663 (container with index 2 in this pod). This syntax is chosen 9664 only to have some well-defined way of referencing a part of 9665 an object. TODO: this design is not final and this field is 9666 subject to change in the future.' 9667 type: string 9668 kind: 9669 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9670 type: string 9671 name: 9672 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 9673 type: string 9674 namespace: 9675 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 9676 type: string 9677 resourceVersion: 9678 description: 'Specific resourceVersion to which this reference 9679 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 9680 type: string 9681 uid: 9682 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 9683 type: string 9684 type: object 9685 x-kubernetes-map-type: atomic 9686 networkSpec: 9687 description: NetworkSpec encapsulates all things related to OCI network. 9688 properties: 9689 apiServerLoadBalancer: 9690 description: API Server LB configuration. 9691 properties: 9692 loadBalancerId: 9693 description: ID of Load Balancer. 9694 type: string 9695 name: 9696 description: LoadBalancer Name. 9697 type: string 9698 type: object 9699 skipNetworkManagement: 9700 description: SkipNetworkManagement defines if the networking spec(VCN 9701 related) specified by the user needs to be reconciled(actioned-upon) 9702 or used as it is. APIServerLB will still be reconciled. 9703 type: boolean 9704 vcn: 9705 description: VCN configuration. 9706 properties: 9707 cidr: 9708 description: VCN CIDR. 9709 type: string 9710 id: 9711 description: VCN OCID. 9712 type: string 9713 internetGatewayId: 9714 description: ID of Internet Gateway. 9715 type: string 9716 name: 9717 description: VCN Name. 9718 type: string 9719 natGatewayId: 9720 description: ID of Nat Gateway. 9721 type: string 9722 networkSecurityGroups: 9723 description: NetworkSecurityGroups is the configuration for 9724 the Network Security Groups required in the VCN. 9725 items: 9726 description: NSG defines configuration for a Network Security 9727 Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 9728 properties: 9729 egressRules: 9730 description: EgressRules on the NSG. 9731 items: 9732 description: EgressSecurityRuleForNSG is EgressSecurityRule 9733 for NSG. 9734 properties: 9735 egressRule: 9736 description: EgressSecurityRule A rule for allowing 9737 outbound IP packets. 9738 properties: 9739 description: 9740 description: An optional description of your 9741 choice for the rule. 9742 type: string 9743 destination: 9744 description: 'Conceptually, this is the range 9745 of IP addresses that a packet originating 9746 from the instance can go to. Allowed values: 9747 * IP address range in CIDR notation. For 9748 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 9749 Note that IPv6 addressing is currently supported 9750 only in certain regions. See IPv6 Addresses 9751 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 9752 * The `cidrBlock` value for a Service, if 9753 you''re setting up a security list rule 9754 for traffic destined for a particular `Service` 9755 through a service gateway. For example: 9756 `oci-phx-objectstorage`.' 9757 type: string 9758 destinationType: 9759 description: 'Type of destination for the 9760 rule. The default is `CIDR_BLOCK`. Allowed 9761 values: * `CIDR_BLOCK`: If the rule''s `destination` 9762 is an IP address range in CIDR notation. 9763 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 9764 is the `cidrBlock` value for a Service (the 9765 rule is for traffic destined for a particular 9766 `Service` through a service gateway).' 9767 type: string 9768 icmpOptions: 9769 description: 'IcmpOptions Optional and valid 9770 only for ICMP and ICMPv6. Use to specify 9771 a particular ICMP type and code as defined 9772 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 9773 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 9774 If you specify ICMP or ICMPv6 as the protocol 9775 but omit this object, then all ICMP types 9776 and codes are allowed. If you do provide 9777 this object, the type is required and the 9778 code is optional. To enable MTU negotiation 9779 for ingress internet traffic via IPv4, make 9780 sure to allow type 3 ("Destination Unreachable") 9781 code 4 ("Fragmentation Needed and Don''t 9782 Fragment was Set"). If you need to specify 9783 multiple codes for a single type, create 9784 a separate security list rule for each.' 9785 properties: 9786 code: 9787 description: The ICMP code (optional). 9788 type: integer 9789 type: 9790 description: The ICMP type. 9791 type: integer 9792 type: object 9793 isStateless: 9794 description: A stateless rule allows traffic 9795 in one direction. Remember to add a corresponding 9796 stateless rule in the other direction if 9797 you need to support bidirectional traffic. 9798 For example, if egress traffic allows TCP 9799 destination port 80, there should be an 9800 ingress rule to allow TCP source port 80. 9801 Defaults to false, which means the rule 9802 is stateful and a corresponding rule is 9803 not necessary for bidirectional traffic. 9804 type: boolean 9805 protocol: 9806 description: The transport protocol. Specify 9807 either `all` or an IPv4 protocol number 9808 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 9809 Options are supported only for ICMP ("1"), 9810 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 9811 type: string 9812 tcpOptions: 9813 description: TcpOptions Optional and valid 9814 only for TCP. Use to specify particular 9815 destination ports for TCP rules. If you 9816 specify TCP as the protocol but omit this 9817 object, then all destination ports are allowed. 9818 properties: 9819 destinationPortRange: 9820 description: PortRange The representation 9821 of PortRange. 9822 properties: 9823 max: 9824 description: The maximum port number, 9825 which must not be less than the 9826 minimum port number. To specify 9827 a single port number, set both the 9828 min and max to the same value. 9829 type: integer 9830 min: 9831 description: The minimum port number, 9832 which must not be greater than the 9833 maximum port number. 9834 type: integer 9835 type: object 9836 sourcePortRange: 9837 description: PortRange The representation 9838 of PortRange. 9839 properties: 9840 max: 9841 description: The maximum port number, 9842 which must not be less than the 9843 minimum port number. To specify 9844 a single port number, set both the 9845 min and max to the same value. 9846 type: integer 9847 min: 9848 description: The minimum port number, 9849 which must not be greater than the 9850 maximum port number. 9851 type: integer 9852 type: object 9853 type: object 9854 udpOptions: 9855 description: UdpOptions Optional and valid 9856 only for UDP. Use to specify particular 9857 destination ports for UDP rules. If you 9858 specify UDP as the protocol but omit this 9859 object, then all destination ports are allowed. 9860 properties: 9861 destinationPortRange: 9862 description: PortRange The representation 9863 of PortRange. 9864 properties: 9865 max: 9866 description: The maximum port number, 9867 which must not be less than the 9868 minimum port number. To specify 9869 a single port number, set both the 9870 min and max to the same value. 9871 type: integer 9872 min: 9873 description: The minimum port number, 9874 which must not be greater than the 9875 maximum port number. 9876 type: integer 9877 type: object 9878 sourcePortRange: 9879 description: PortRange The representation 9880 of PortRange. 9881 properties: 9882 max: 9883 description: The maximum port number, 9884 which must not be less than the 9885 minimum port number. To specify 9886 a single port number, set both the 9887 min and max to the same value. 9888 type: integer 9889 min: 9890 description: The minimum port number, 9891 which must not be greater than the 9892 maximum port number. 9893 type: integer 9894 type: object 9895 type: object 9896 type: object 9897 id: 9898 description: 'EgressSecurityRule ID for NSG. Deprecated: 9899 this field is not populated and used during 9900 reconciliation' 9901 type: string 9902 type: object 9903 type: array 9904 id: 9905 description: NSG OCID. 9906 type: string 9907 ingressRules: 9908 description: IngressRules on the NSG. 9909 items: 9910 description: IngressSecurityRuleForNSG is IngressSecurityRule 9911 for NSG 9912 properties: 9913 id: 9914 description: 'IngressSecurityRule ID for NSG. 9915 Deprecated: this field is not populated and 9916 used during reconciliation' 9917 type: string 9918 ingressRule: 9919 description: IngressSecurityRule A rule for allowing 9920 inbound IP packets. 9921 properties: 9922 description: 9923 description: An optional description of your 9924 choice for the rule. 9925 type: string 9926 icmpOptions: 9927 description: 'IcmpOptions Optional and valid 9928 only for ICMP and ICMPv6. Use to specify 9929 a particular ICMP type and code as defined 9930 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 9931 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 9932 If you specify ICMP or ICMPv6 as the protocol 9933 but omit this object, then all ICMP types 9934 and codes are allowed. If you do provide 9935 this object, the type is required and the 9936 code is optional. To enable MTU negotiation 9937 for ingress internet traffic via IPv4, make 9938 sure to allow type 3 ("Destination Unreachable") 9939 code 4 ("Fragmentation Needed and Don''t 9940 Fragment was Set"). If you need to specify 9941 multiple codes for a single type, create 9942 a separate security list rule for each.' 9943 properties: 9944 code: 9945 description: The ICMP code (optional). 9946 type: integer 9947 type: 9948 description: The ICMP type. 9949 type: integer 9950 type: object 9951 isStateless: 9952 description: A stateless rule allows traffic 9953 in one direction. Remember to add a corresponding 9954 stateless rule in the other direction if 9955 you need to support bidirectional traffic. 9956 For example, if ingress traffic allows TCP 9957 destination port 80, there should be an 9958 egress rule to allow TCP source port 80. 9959 Defaults to false, which means the rule 9960 is stateful and a corresponding rule is 9961 not necessary for bidirectional traffic. 9962 type: boolean 9963 protocol: 9964 description: The transport protocol. Specify 9965 either `all` or an IPv4 protocol number 9966 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 9967 Options are supported only for ICMP ("1"), 9968 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 9969 type: string 9970 source: 9971 description: 'Conceptually, this is the range 9972 of IP addresses that a packet coming into 9973 the instance can come from. Allowed values: 9974 * IP address range in CIDR notation. For 9975 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 9976 IPv6 addressing is supported for all commercial 9977 and government regions. See IPv6 Addresses 9978 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 9979 * The `cidrBlock` value for a Service, if 9980 you''re setting up a security list rule 9981 for traffic coming from a particular `Service` 9982 through a service gateway. For example: 9983 `oci-phx-objectstorage`.' 9984 type: string 9985 sourceType: 9986 description: 'Type of source for the rule. 9987 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 9988 If the rule''s `source` is an IP address 9989 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 9990 If the rule''s `source` is the `cidrBlock` 9991 value for a Service (the rule is for traffic 9992 coming from a particular `Service` through 9993 a service gateway).' 9994 type: string 9995 tcpOptions: 9996 description: TcpOptions Optional and valid 9997 only for TCP. Use to specify particular 9998 destination ports for TCP rules. If you 9999 specify TCP as the protocol but omit this 10000 object, then all destination ports are allowed. 10001 properties: 10002 destinationPortRange: 10003 description: PortRange The representation 10004 of PortRange. 10005 properties: 10006 max: 10007 description: The maximum port number, 10008 which must not be less than the 10009 minimum port number. To specify 10010 a single port number, set both the 10011 min and max to the same value. 10012 type: integer 10013 min: 10014 description: The minimum port number, 10015 which must not be greater than the 10016 maximum port number. 10017 type: integer 10018 type: object 10019 sourcePortRange: 10020 description: PortRange The representation 10021 of PortRange. 10022 properties: 10023 max: 10024 description: The maximum port number, 10025 which must not be less than the 10026 minimum port number. To specify 10027 a single port number, set both the 10028 min and max to the same value. 10029 type: integer 10030 min: 10031 description: The minimum port number, 10032 which must not be greater than the 10033 maximum port number. 10034 type: integer 10035 type: object 10036 type: object 10037 udpOptions: 10038 description: UdpOptions Optional and valid 10039 only for UDP. Use to specify particular 10040 destination ports for UDP rules. If you 10041 specify UDP as the protocol but omit this 10042 object, then all destination ports are allowed. 10043 properties: 10044 destinationPortRange: 10045 description: PortRange The representation 10046 of PortRange. 10047 properties: 10048 max: 10049 description: The maximum port number, 10050 which must not be less than the 10051 minimum port number. To specify 10052 a single port number, set both the 10053 min and max to the same value. 10054 type: integer 10055 min: 10056 description: The minimum port number, 10057 which must not be greater than the 10058 maximum port number. 10059 type: integer 10060 type: object 10061 sourcePortRange: 10062 description: PortRange The representation 10063 of PortRange. 10064 properties: 10065 max: 10066 description: The maximum port number, 10067 which must not be less than the 10068 minimum port number. To specify 10069 a single port number, set both the 10070 min and max to the same value. 10071 type: integer 10072 min: 10073 description: The minimum port number, 10074 which must not be greater than the 10075 maximum port number. 10076 type: integer 10077 type: object 10078 type: object 10079 type: object 10080 type: object 10081 type: array 10082 name: 10083 description: NSG Name. 10084 type: string 10085 role: 10086 description: Role defines the NSG role (eg. control-plane, 10087 control-plane-endpoint, service-lb, worker). 10088 type: string 10089 required: 10090 - name 10091 type: object 10092 type: array 10093 x-kubernetes-list-map-keys: 10094 - name 10095 x-kubernetes-list-type: map 10096 privateRouteTableId: 10097 description: ID of Private Route Table. 10098 type: string 10099 publicRouteTableId: 10100 description: ID of Public Route Table. 10101 type: string 10102 serviceGatewayId: 10103 description: ID of Service Gateway. 10104 type: string 10105 subnets: 10106 description: Subnets is the configuration for subnets required 10107 in the VCN. 10108 items: 10109 description: Subnet defines the configuration for a network's 10110 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 10111 properties: 10112 cidr: 10113 description: Subnet CIDR. 10114 type: string 10115 id: 10116 description: Subnet OCID. 10117 type: string 10118 name: 10119 description: Subnet Name. 10120 type: string 10121 role: 10122 description: Role defines the subnet role (eg. control-plane, 10123 control-plane-endpoint, service-lb, worker). 10124 type: string 10125 securityList: 10126 description: The security list associated with Subnet. 10127 properties: 10128 egressRules: 10129 description: EgressRules on the SecurityList. 10130 items: 10131 description: EgressSecurityRule A rule for allowing 10132 outbound IP packets. 10133 properties: 10134 description: 10135 description: An optional description of your 10136 choice for the rule. 10137 type: string 10138 destination: 10139 description: 'Conceptually, this is the range 10140 of IP addresses that a packet originating 10141 from the instance can go to. Allowed values: 10142 * IP address range in CIDR notation. For 10143 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 10144 Note that IPv6 addressing is currently supported 10145 only in certain regions. See IPv6 Addresses 10146 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10147 * The `cidrBlock` value for a Service, if 10148 you''re setting up a security list rule 10149 for traffic destined for a particular `Service` 10150 through a service gateway. For example: 10151 `oci-phx-objectstorage`.' 10152 type: string 10153 destinationType: 10154 description: 'Type of destination for the 10155 rule. The default is `CIDR_BLOCK`. Allowed 10156 values: * `CIDR_BLOCK`: If the rule''s `destination` 10157 is an IP address range in CIDR notation. 10158 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 10159 is the `cidrBlock` value for a Service (the 10160 rule is for traffic destined for a particular 10161 `Service` through a service gateway).' 10162 type: string 10163 icmpOptions: 10164 description: 'IcmpOptions Optional and valid 10165 only for ICMP and ICMPv6. Use to specify 10166 a particular ICMP type and code as defined 10167 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10168 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10169 If you specify ICMP or ICMPv6 as the protocol 10170 but omit this object, then all ICMP types 10171 and codes are allowed. If you do provide 10172 this object, the type is required and the 10173 code is optional. To enable MTU negotiation 10174 for ingress internet traffic via IPv4, make 10175 sure to allow type 3 ("Destination Unreachable") 10176 code 4 ("Fragmentation Needed and Don''t 10177 Fragment was Set"). If you need to specify 10178 multiple codes for a single type, create 10179 a separate security list rule for each.' 10180 properties: 10181 code: 10182 description: The ICMP code (optional). 10183 type: integer 10184 type: 10185 description: The ICMP type. 10186 type: integer 10187 type: object 10188 isStateless: 10189 description: A stateless rule allows traffic 10190 in one direction. Remember to add a corresponding 10191 stateless rule in the other direction if 10192 you need to support bidirectional traffic. 10193 For example, if egress traffic allows TCP 10194 destination port 80, there should be an 10195 ingress rule to allow TCP source port 80. 10196 Defaults to false, which means the rule 10197 is stateful and a corresponding rule is 10198 not necessary for bidirectional traffic. 10199 type: boolean 10200 protocol: 10201 description: The transport protocol. Specify 10202 either `all` or an IPv4 protocol number 10203 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10204 Options are supported only for ICMP ("1"), 10205 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10206 type: string 10207 tcpOptions: 10208 description: TcpOptions Optional and valid 10209 only for TCP. Use to specify particular 10210 destination ports for TCP rules. If you 10211 specify TCP as the protocol but omit this 10212 object, then all destination ports are allowed. 10213 properties: 10214 destinationPortRange: 10215 description: PortRange The representation 10216 of PortRange. 10217 properties: 10218 max: 10219 description: The maximum port number, 10220 which must not be less than the 10221 minimum port number. To specify 10222 a single port number, set both the 10223 min and max to the same value. 10224 type: integer 10225 min: 10226 description: The minimum port number, 10227 which must not be greater than the 10228 maximum port number. 10229 type: integer 10230 type: object 10231 sourcePortRange: 10232 description: PortRange The representation 10233 of PortRange. 10234 properties: 10235 max: 10236 description: The maximum port number, 10237 which must not be less than the 10238 minimum port number. To specify 10239 a single port number, set both the 10240 min and max to the same value. 10241 type: integer 10242 min: 10243 description: The minimum port number, 10244 which must not be greater than the 10245 maximum port number. 10246 type: integer 10247 type: object 10248 type: object 10249 udpOptions: 10250 description: UdpOptions Optional and valid 10251 only for UDP. Use to specify particular 10252 destination ports for UDP rules. If you 10253 specify UDP as the protocol but omit this 10254 object, then all destination ports are allowed. 10255 properties: 10256 destinationPortRange: 10257 description: PortRange The representation 10258 of PortRange. 10259 properties: 10260 max: 10261 description: The maximum port number, 10262 which must not be less than the 10263 minimum port number. To specify 10264 a single port number, set both the 10265 min and max to the same value. 10266 type: integer 10267 min: 10268 description: The minimum port number, 10269 which must not be greater than the 10270 maximum port number. 10271 type: integer 10272 type: object 10273 sourcePortRange: 10274 description: PortRange The representation 10275 of PortRange. 10276 properties: 10277 max: 10278 description: The maximum port number, 10279 which must not be less than the 10280 minimum port number. To specify 10281 a single port number, set both the 10282 min and max to the same value. 10283 type: integer 10284 min: 10285 description: The minimum port number, 10286 which must not be greater than the 10287 maximum port number. 10288 type: integer 10289 type: object 10290 type: object 10291 type: object 10292 type: array 10293 id: 10294 description: ID of the SecurityList. 10295 type: string 10296 ingressRules: 10297 description: IngressRules on the SecurityList. 10298 items: 10299 description: IngressSecurityRule A rule for allowing 10300 inbound IP packets. 10301 properties: 10302 description: 10303 description: An optional description of your 10304 choice for the rule. 10305 type: string 10306 icmpOptions: 10307 description: 'IcmpOptions Optional and valid 10308 only for ICMP and ICMPv6. Use to specify 10309 a particular ICMP type and code as defined 10310 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10311 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10312 If you specify ICMP or ICMPv6 as the protocol 10313 but omit this object, then all ICMP types 10314 and codes are allowed. If you do provide 10315 this object, the type is required and the 10316 code is optional. To enable MTU negotiation 10317 for ingress internet traffic via IPv4, make 10318 sure to allow type 3 ("Destination Unreachable") 10319 code 4 ("Fragmentation Needed and Don''t 10320 Fragment was Set"). If you need to specify 10321 multiple codes for a single type, create 10322 a separate security list rule for each.' 10323 properties: 10324 code: 10325 description: The ICMP code (optional). 10326 type: integer 10327 type: 10328 description: The ICMP type. 10329 type: integer 10330 type: object 10331 isStateless: 10332 description: A stateless rule allows traffic 10333 in one direction. Remember to add a corresponding 10334 stateless rule in the other direction if 10335 you need to support bidirectional traffic. 10336 For example, if ingress traffic allows TCP 10337 destination port 80, there should be an 10338 egress rule to allow TCP source port 80. 10339 Defaults to false, which means the rule 10340 is stateful and a corresponding rule is 10341 not necessary for bidirectional traffic. 10342 type: boolean 10343 protocol: 10344 description: The transport protocol. Specify 10345 either `all` or an IPv4 protocol number 10346 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10347 Options are supported only for ICMP ("1"), 10348 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10349 type: string 10350 source: 10351 description: 'Conceptually, this is the range 10352 of IP addresses that a packet coming into 10353 the instance can come from. Allowed values: 10354 * IP address range in CIDR notation. For 10355 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 10356 IPv6 addressing is supported for all commercial 10357 and government regions. See IPv6 Addresses 10358 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10359 * The `cidrBlock` value for a Service, if 10360 you''re setting up a security list rule 10361 for traffic coming from a particular `Service` 10362 through a service gateway. For example: 10363 `oci-phx-objectstorage`.' 10364 type: string 10365 sourceType: 10366 description: 'Type of source for the rule. 10367 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 10368 If the rule''s `source` is an IP address 10369 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 10370 If the rule''s `source` is the `cidrBlock` 10371 value for a Service (the rule is for traffic 10372 coming from a particular `Service` through 10373 a service gateway).' 10374 type: string 10375 tcpOptions: 10376 description: TcpOptions Optional and valid 10377 only for TCP. Use to specify particular 10378 destination ports for TCP rules. If you 10379 specify TCP as the protocol but omit this 10380 object, then all destination ports are allowed. 10381 properties: 10382 destinationPortRange: 10383 description: PortRange The representation 10384 of PortRange. 10385 properties: 10386 max: 10387 description: The maximum port number, 10388 which must not be less than the 10389 minimum port number. To specify 10390 a single port number, set both the 10391 min and max to the same value. 10392 type: integer 10393 min: 10394 description: The minimum port number, 10395 which must not be greater than the 10396 maximum port number. 10397 type: integer 10398 type: object 10399 sourcePortRange: 10400 description: PortRange The representation 10401 of PortRange. 10402 properties: 10403 max: 10404 description: The maximum port number, 10405 which must not be less than the 10406 minimum port number. To specify 10407 a single port number, set both the 10408 min and max to the same value. 10409 type: integer 10410 min: 10411 description: The minimum port number, 10412 which must not be greater than the 10413 maximum port number. 10414 type: integer 10415 type: object 10416 type: object 10417 udpOptions: 10418 description: UdpOptions Optional and valid 10419 only for UDP. Use to specify particular 10420 destination ports for UDP rules. If you 10421 specify UDP as the protocol but omit this 10422 object, then all destination ports are allowed. 10423 properties: 10424 destinationPortRange: 10425 description: PortRange The representation 10426 of PortRange. 10427 properties: 10428 max: 10429 description: The maximum port number, 10430 which must not be less than the 10431 minimum port number. To specify 10432 a single port number, set both the 10433 min and max to the same value. 10434 type: integer 10435 min: 10436 description: The minimum port number, 10437 which must not be greater than the 10438 maximum port number. 10439 type: integer 10440 type: object 10441 sourcePortRange: 10442 description: PortRange The representation 10443 of PortRange. 10444 properties: 10445 max: 10446 description: The maximum port number, 10447 which must not be less than the 10448 minimum port number. To specify 10449 a single port number, set both the 10450 min and max to the same value. 10451 type: integer 10452 min: 10453 description: The minimum port number, 10454 which must not be greater than the 10455 maximum port number. 10456 type: integer 10457 type: object 10458 type: object 10459 type: object 10460 type: array 10461 name: 10462 description: SecurityList Name. 10463 type: string 10464 type: object 10465 type: 10466 description: Type defines the subnet type (e.g. public, 10467 private). 10468 type: string 10469 required: 10470 - name 10471 - role 10472 type: object 10473 type: array 10474 x-kubernetes-list-map-keys: 10475 - name 10476 x-kubernetes-list-type: map 10477 type: object 10478 vcnPeering: 10479 description: VCNPeering configuration. 10480 properties: 10481 drg: 10482 description: DRG configuration refers to the DRG which has 10483 to be created if required. If management cluster and workload 10484 cluster shares the same DRG, this fields is not required 10485 to be specified. 10486 properties: 10487 id: 10488 description: ID is the OCID for the created DRG. 10489 type: string 10490 manage: 10491 description: Manage defines whether the DRG has to be 10492 managed(including create). If set to false(the default) 10493 the ID has to be specified by the user to a valid DRG 10494 ID to which the VCN has to be attached. 10495 type: boolean 10496 name: 10497 description: Name is the name of the created DRG. 10498 type: string 10499 vcnAttachmentId: 10500 description: VcnAttachmentId is the ID of the VCN attachment 10501 of the DRG. The workload cluster VCN can be attached 10502 to either the management cluster VCN if they are sharing 10503 the same DRG or to the workload cluster DRG. 10504 type: string 10505 type: object 10506 peerRouteRules: 10507 description: PeerRouteRules defines the routing rules which 10508 will be added to the private route tables of the workload 10509 cluster VCN. The routes defined here will be directed to 10510 DRG. 10511 items: 10512 description: PeerRouteRule defines a Route Rule to be routed 10513 via a DRG. 10514 properties: 10515 vcnCIDRRange: 10516 description: VCNCIDRRange is the CIDR Range of peer 10517 VCN to which the workload cluster VCN will be peered. 10518 The CIDR range is required to add the route rule in 10519 the workload cluster VCN, the route rule will forward 10520 any traffic to the CIDR to the DRG. 10521 type: string 10522 type: object 10523 type: array 10524 remotePeeringConnections: 10525 description: RemotePeeringConnections defines the RPC connections 10526 which be established with the workload cluster DRG. 10527 items: 10528 description: RemotePeeringConnection is used to peer VCNs 10529 residing in different regions(typically). Remote VCN Peering 10530 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 10531 properties: 10532 managePeerRPC: 10533 description: ManagePeerRPC will define if the Peer VCN 10534 needs to be managed. If set to true a Remote Peering 10535 Connection will be created in the Peer DRG and the 10536 connection will be created between local and peer 10537 RPC. 10538 type: boolean 10539 peerDRGId: 10540 description: PeerDRGId defines the DRG ID of the peer. 10541 type: string 10542 peerRPCConnectionId: 10543 description: PeerRPCConnectionId defines the RPC ID 10544 of peer. If ManagePeerRPC is set to true this will 10545 be created by Cluster API Provider for OCI, otherwise 10546 this has be defined by the user. 10547 type: string 10548 peerRegionName: 10549 description: PeerRegionName defined the region name 10550 of Peer VCN. 10551 type: string 10552 rpcConnectionId: 10553 description: RPCConnectionId is the connection ID of 10554 the connection between peer and local RPC. 10555 type: string 10556 type: object 10557 type: array 10558 type: object 10559 type: object 10560 ociResourceIdentifier: 10561 description: The unique ID which will be used to tag all the resources 10562 created by this Cluster. The tag will be used to identify resources 10563 belonging to this cluster. this will be auto-generated and should 10564 not be set by the user. 10565 type: string 10566 region: 10567 description: Region the cluster operates in. It must be one of available 10568 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 10569 type: string 10570 type: object 10571 status: 10572 description: OCIManagedClusterStatus defines the observed state of OCICluster 10573 properties: 10574 availabilityDomains: 10575 additionalProperties: 10576 description: OCIAvailabilityDomain contains information about an 10577 Availability Domain (AD). 10578 properties: 10579 faultDomains: 10580 description: 'FaultDomains a list of fault domain (FD) names. 10581 Example: ["FAULT-DOMAIN-1"]' 10582 items: 10583 type: string 10584 type: array 10585 name: 10586 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 10587 type: string 10588 type: object 10589 description: AvailabilityDomains encapsulates the clusters Availability 10590 Domain (AD) information in a map where the map key is the AD name 10591 and the struct is details about the AD. 10592 type: object 10593 conditions: 10594 description: NetworkSpec encapsulates all things related to OCI network. 10595 items: 10596 description: Condition defines an observation of a Cluster API resource 10597 operational state. 10598 properties: 10599 lastTransitionTime: 10600 description: Last time the condition transitioned from one status 10601 to another. This should be when the underlying condition changed. 10602 If that is not known, then using the time when the API field 10603 changed is acceptable. 10604 format: date-time 10605 type: string 10606 message: 10607 description: A human readable message indicating details about 10608 the transition. This field may be empty. 10609 type: string 10610 reason: 10611 description: The reason for the condition's last transition 10612 in CamelCase. The specific API may choose whether or not this 10613 field is considered a guaranteed API. This field may not be 10614 empty. 10615 type: string 10616 severity: 10617 description: Severity provides an explicit classification of 10618 Reason code, so the users or machines can immediately understand 10619 the current situation and act accordingly. The Severity field 10620 MUST be set only when Status=False. 10621 type: string 10622 status: 10623 description: Status of the condition, one of True, False, Unknown. 10624 type: string 10625 type: 10626 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 10627 Many .condition.type values are consistent across resources 10628 like Available, but because arbitrary conditions can be useful 10629 (see .node.status.conditions), the ability to deconflict is 10630 important. 10631 type: string 10632 required: 10633 - lastTransitionTime 10634 - status 10635 - type 10636 type: object 10637 type: array 10638 failureDomains: 10639 additionalProperties: 10640 description: FailureDomainSpec is the Schema for Cluster API failure 10641 domains. It allows controllers to understand how many failure 10642 domains a cluster can optionally span across. 10643 properties: 10644 attributes: 10645 additionalProperties: 10646 type: string 10647 description: Attributes is a free form map of attributes an 10648 infrastructure provider might use or require. 10649 type: object 10650 controlPlane: 10651 description: ControlPlane determines if this failure domain 10652 is suitable for use by control plane machines. 10653 type: boolean 10654 type: object 10655 description: FailureDomains is a slice of FailureDomains. 10656 type: object 10657 ready: 10658 type: boolean 10659 type: object 10660 type: object 10661 served: true 10662 storage: false 10663 subresources: 10664 status: {} 10665 - name: v1beta2 10666 schema: 10667 openAPIV3Schema: 10668 description: OCIManagedCluster is the Schema for the ocimanagedclusters API. 10669 properties: 10670 apiVersion: 10671 description: 'APIVersion defines the versioned schema of this representation 10672 of an object. Servers should convert recognized schemas to the latest 10673 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 10674 type: string 10675 kind: 10676 description: 'Kind is a string value representing the REST resource this 10677 object represents. Servers may infer this from the endpoint the client 10678 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 10679 type: string 10680 metadata: 10681 type: object 10682 spec: 10683 description: OCIManagedClusterSpec defines the desired state of OCI OKE 10684 Cluster 10685 properties: 10686 availabilityDomains: 10687 additionalProperties: 10688 description: OCIAvailabilityDomain contains information about an 10689 Availability Domain (AD). 10690 properties: 10691 faultDomains: 10692 description: 'FaultDomains a list of fault domain (FD) names. 10693 Example: ["FAULT-DOMAIN-1"]' 10694 items: 10695 type: string 10696 type: array 10697 name: 10698 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 10699 type: string 10700 type: object 10701 description: AvailabilityDomains encapsulates the clusters Availability 10702 Domain (AD) information in a map where the map key is the AD name 10703 and the struct is details about the AD. 10704 type: object 10705 compartmentId: 10706 description: Compartment to create the cluster network. 10707 type: string 10708 controlPlaneEndpoint: 10709 description: ControlPlaneEndpoint represents the endpoint used to 10710 communicate with the control plane. This will not be set by the 10711 user, this will be updated by the Cluster Reconciler after OKe cluster 10712 has been created and the cluster has an endpoint address 10713 properties: 10714 host: 10715 description: The hostname on which the API server is serving. 10716 type: string 10717 port: 10718 description: The port on which the API server is serving. 10719 format: int32 10720 type: integer 10721 required: 10722 - host 10723 - port 10724 type: object 10725 definedTags: 10726 additionalProperties: 10727 additionalProperties: 10728 type: string 10729 type: object 10730 description: 'Defined tags for this resource. Each key is predefined 10731 and scoped to a namespace. For more information, see Resource Tags 10732 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 10733 Example: `{"Operations": {"CostCenter": "42"}}`' 10734 type: object 10735 freeformTags: 10736 additionalProperties: 10737 type: string 10738 description: Free-form tags for this resource. 10739 type: object 10740 hostUrl: 10741 description: ClientOverrides allows the default client SDK URLs to 10742 be changed. 10743 nullable: true 10744 properties: 10745 certOverride: 10746 description: CertOverride is a secret that contains information 10747 about a cert override used by all the OCI SDK clients. The secret 10748 must contain data with a `cert`property. 10749 nullable: true 10750 properties: 10751 name: 10752 description: name is unique within a namespace to reference 10753 a secret resource. 10754 type: string 10755 namespace: 10756 description: namespace defines the space within which the 10757 secret name must be unique. 10758 type: string 10759 type: object 10760 x-kubernetes-map-type: atomic 10761 computeClientUrl: 10762 description: ComputeClientUrl allows the default compute SDK client 10763 URL to be changed. 10764 nullable: true 10765 type: string 10766 computeManagementClientUrl: 10767 description: ComputeManagementClientUrl allows the default compute 10768 management SDK client URL to be changed. 10769 nullable: true 10770 type: string 10771 containerEngineClientUrl: 10772 description: ContainerEngineClientUrl allows the default container 10773 engine SDK client URL to be changed. 10774 nullable: true 10775 type: string 10776 identityClientUrl: 10777 description: IdentityClientUrl allows the default identity SDK 10778 client URL to be changed. 10779 nullable: true 10780 type: string 10781 loadBalancerClientUrl: 10782 description: LoadBalancerClientUrl allows the default load balancer 10783 SDK client URL to be changed. 10784 nullable: true 10785 type: string 10786 networkLoadBalancerClientUrl: 10787 description: NetworkLoadBalancerClientUrl allows the default NLB 10788 SDK client URL to be changed. 10789 nullable: true 10790 type: string 10791 vCNClientUrl: 10792 description: VCNClientUrl allows the default vcn SDK client URL 10793 to be changed. 10794 nullable: true 10795 type: string 10796 type: object 10797 identityRef: 10798 description: IdentityRef is a reference to an identity(principal) 10799 to be used when reconciling this cluster 10800 properties: 10801 apiVersion: 10802 description: API version of the referent. 10803 type: string 10804 fieldPath: 10805 description: 'If referring to a piece of an object instead of 10806 an entire object, this string should contain a valid JSON/Go 10807 field access statement, such as desiredState.manifest.containers[2]. 10808 For example, if the object reference is to a container within 10809 a pod, this would take on a value like: "spec.containers{name}" 10810 (where "name" refers to the name of the container that triggered 10811 the event) or if no container name is specified "spec.containers[2]" 10812 (container with index 2 in this pod). This syntax is chosen 10813 only to have some well-defined way of referencing a part of 10814 an object. TODO: this design is not final and this field is 10815 subject to change in the future.' 10816 type: string 10817 kind: 10818 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 10819 type: string 10820 name: 10821 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 10822 type: string 10823 namespace: 10824 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 10825 type: string 10826 resourceVersion: 10827 description: 'Specific resourceVersion to which this reference 10828 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 10829 type: string 10830 uid: 10831 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 10832 type: string 10833 type: object 10834 x-kubernetes-map-type: atomic 10835 networkSpec: 10836 description: NetworkSpec encapsulates all things related to OCI network. 10837 properties: 10838 apiServerLoadBalancer: 10839 description: API Server LB configuration. 10840 properties: 10841 loadBalancerId: 10842 description: ID of Load Balancer. 10843 type: string 10844 loadBalancerType: 10845 description: 'Type of Load Balancer: NLB (default) or LBaaS.' 10846 type: string 10847 name: 10848 description: LoadBalancer Name. 10849 type: string 10850 type: object 10851 skipNetworkManagement: 10852 description: SkipNetworkManagement defines if the networking spec(VCN 10853 related) specified by the user needs to be reconciled(actioned-upon) 10854 or used as it is. APIServerLB will still be reconciled. 10855 type: boolean 10856 vcn: 10857 description: VCN configuration. 10858 properties: 10859 cidr: 10860 description: VCN CIDR. 10861 type: string 10862 id: 10863 description: VCN OCID. 10864 type: string 10865 internetGateway: 10866 description: Configuration for Internet Gateway. 10867 properties: 10868 id: 10869 description: ID of Internet Gateway. 10870 type: string 10871 skip: 10872 description: Skip specifies whether to skip creating internet 10873 gateway even if any one Subnet is public. 10874 type: boolean 10875 type: object 10876 name: 10877 description: VCN Name. 10878 type: string 10879 natGateway: 10880 description: Configuration for NAT Gateway. 10881 properties: 10882 id: 10883 description: ID of Nat Gateway. 10884 type: string 10885 skip: 10886 description: Skip specifies whether to skip creating NAT 10887 gateway even if any one Subnet is private. 10888 type: boolean 10889 type: object 10890 networkSecurityGroup: 10891 description: Configuration for NSG management. 10892 properties: 10893 list: 10894 description: NetworkSecurityGroup is the configuration 10895 for the Network Security Groups required in the VCN. 10896 items: 10897 description: NSG defines configuration for a Network 10898 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 10899 properties: 10900 egressRules: 10901 description: EgressRules on the NSG. 10902 items: 10903 description: EgressSecurityRuleForNSG is EgressSecurityRule 10904 for NSG. 10905 properties: 10906 egressRule: 10907 description: EgressSecurityRule A rule for 10908 allowing outbound IP packets. 10909 properties: 10910 description: 10911 description: An optional description of 10912 your choice for the rule. 10913 type: string 10914 destination: 10915 description: 'Conceptually, this is the 10916 range of IP addresses that a packet 10917 originating from the instance can go 10918 to. Allowed values: * IP address range 10919 in CIDR notation. For example: `192.168.1.0/24` 10920 or `2001:0db8:0123:45::/56` Note that 10921 IPv6 addressing is currently supported 10922 only in certain regions. See IPv6 Addresses 10923 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10924 * The `cidrBlock` value for a Service, 10925 if you''re setting up a security list 10926 rule for traffic destined for a particular 10927 `Service` through a service gateway. 10928 For example: `oci-phx-objectstorage`.' 10929 type: string 10930 destinationType: 10931 description: 'Type of destination for 10932 the rule. The default is `CIDR_BLOCK`. 10933 Allowed values: * `CIDR_BLOCK`: If the 10934 rule''s `destination` is an IP address 10935 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 10936 If the rule''s `destination` is the 10937 `cidrBlock` value for a Service (the 10938 rule is for traffic destined for a particular 10939 `Service` through a service gateway).' 10940 type: string 10941 icmpOptions: 10942 description: 'IcmpOptions Optional and 10943 valid only for ICMP and ICMPv6. Use 10944 to specify a particular ICMP type and 10945 code as defined in: - ICMP Parameters 10946 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10947 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10948 If you specify ICMP or ICMPv6 as the 10949 protocol but omit this object, then 10950 all ICMP types and codes are allowed. 10951 If you do provide this object, the type 10952 is required and the code is optional. 10953 To enable MTU negotiation for ingress 10954 internet traffic via IPv4, make sure 10955 to allow type 3 ("Destination Unreachable") 10956 code 4 ("Fragmentation Needed and Don''t 10957 Fragment was Set"). If you need to specify 10958 multiple codes for a single type, create 10959 a separate security list rule for each.' 10960 properties: 10961 code: 10962 description: The ICMP code (optional). 10963 type: integer 10964 type: 10965 description: The ICMP type. 10966 type: integer 10967 type: object 10968 isStateless: 10969 description: A stateless rule allows traffic 10970 in one direction. Remember to add a 10971 corresponding stateless rule in the 10972 other direction if you need to support 10973 bidirectional traffic. For example, 10974 if egress traffic allows TCP destination 10975 port 80, there should be an ingress 10976 rule to allow TCP source port 80. Defaults 10977 to false, which means the rule is stateful 10978 and a corresponding rule is not necessary 10979 for bidirectional traffic. 10980 type: boolean 10981 protocol: 10982 description: The transport protocol. Specify 10983 either `all` or an IPv4 protocol number 10984 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10985 Options are supported only for ICMP 10986 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 10987 ("58"). 10988 type: string 10989 tcpOptions: 10990 description: TcpOptions Optional and valid 10991 only for TCP. Use to specify particular 10992 destination ports for TCP rules. If 10993 you specify TCP as the protocol but 10994 omit this object, then all destination 10995 ports are allowed. 10996 properties: 10997 destinationPortRange: 10998 description: PortRange The representation 10999 of PortRange. 11000 properties: 11001 max: 11002 description: The maximum port 11003 number, which must not be less 11004 than the minimum port number. 11005 To specify a single port number, 11006 set both the min and max to 11007 the same value. 11008 type: integer 11009 min: 11010 description: The minimum port 11011 number, which must not be greater 11012 than the maximum port number. 11013 type: integer 11014 type: object 11015 sourcePortRange: 11016 description: PortRange The representation 11017 of PortRange. 11018 properties: 11019 max: 11020 description: The maximum port 11021 number, which must not be less 11022 than the minimum port number. 11023 To specify a single port number, 11024 set both the min and max to 11025 the same value. 11026 type: integer 11027 min: 11028 description: The minimum port 11029 number, which must not be greater 11030 than the maximum port number. 11031 type: integer 11032 type: object 11033 type: object 11034 udpOptions: 11035 description: UdpOptions Optional and valid 11036 only for UDP. Use to specify particular 11037 destination ports for UDP rules. If 11038 you specify UDP as the protocol but 11039 omit this object, then all destination 11040 ports are allowed. 11041 properties: 11042 destinationPortRange: 11043 description: PortRange The representation 11044 of PortRange. 11045 properties: 11046 max: 11047 description: The maximum port 11048 number, which must not be less 11049 than the minimum port number. 11050 To specify a single port number, 11051 set both the min and max to 11052 the same value. 11053 type: integer 11054 min: 11055 description: The minimum port 11056 number, which must not be greater 11057 than the maximum port number. 11058 type: integer 11059 type: object 11060 sourcePortRange: 11061 description: PortRange The representation 11062 of PortRange. 11063 properties: 11064 max: 11065 description: The maximum port 11066 number, which must not be less 11067 than the minimum port number. 11068 To specify a single port number, 11069 set both the min and max to 11070 the same value. 11071 type: integer 11072 min: 11073 description: The minimum port 11074 number, which must not be greater 11075 than the maximum port number. 11076 type: integer 11077 type: object 11078 type: object 11079 type: object 11080 type: object 11081 type: array 11082 id: 11083 description: NSG OCID. 11084 type: string 11085 ingressRules: 11086 description: IngressRules on the NSG. 11087 items: 11088 description: IngressSecurityRuleForNSG is IngressSecurityRule 11089 for NSG 11090 properties: 11091 ingressRule: 11092 description: IngressSecurityRule A rule for 11093 allowing inbound IP packets. 11094 properties: 11095 description: 11096 description: An optional description of 11097 your choice for the rule. 11098 type: string 11099 icmpOptions: 11100 description: 'IcmpOptions Optional and 11101 valid only for ICMP and ICMPv6. Use 11102 to specify a particular ICMP type and 11103 code as defined in: - ICMP Parameters 11104 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11105 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11106 If you specify ICMP or ICMPv6 as the 11107 protocol but omit this object, then 11108 all ICMP types and codes are allowed. 11109 If you do provide this object, the type 11110 is required and the code is optional. 11111 To enable MTU negotiation for ingress 11112 internet traffic via IPv4, make sure 11113 to allow type 3 ("Destination Unreachable") 11114 code 4 ("Fragmentation Needed and Don''t 11115 Fragment was Set"). If you need to specify 11116 multiple codes for a single type, create 11117 a separate security list rule for each.' 11118 properties: 11119 code: 11120 description: The ICMP code (optional). 11121 type: integer 11122 type: 11123 description: The ICMP type. 11124 type: integer 11125 type: object 11126 isStateless: 11127 description: A stateless rule allows traffic 11128 in one direction. Remember to add a 11129 corresponding stateless rule in the 11130 other direction if you need to support 11131 bidirectional traffic. For example, 11132 if ingress traffic allows TCP destination 11133 port 80, there should be an egress rule 11134 to allow TCP source port 80. Defaults 11135 to false, which means the rule is stateful 11136 and a corresponding rule is not necessary 11137 for bidirectional traffic. 11138 type: boolean 11139 protocol: 11140 description: The transport protocol. Specify 11141 either `all` or an IPv4 protocol number 11142 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11143 Options are supported only for ICMP 11144 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 11145 ("58"). 11146 type: string 11147 source: 11148 description: 'Conceptually, this is the 11149 range of IP addresses that a packet 11150 coming into the instance can come from. 11151 Allowed values: * IP address range in 11152 CIDR notation. For example: `192.168.1.0/24` 11153 or `2001:0db8:0123:45::/56`. IPv6 addressing 11154 is supported for all commercial and 11155 government regions. See IPv6 Addresses 11156 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11157 * The `cidrBlock` value for a Service, 11158 if you''re setting up a security list 11159 rule for traffic coming from a particular 11160 `Service` through a service gateway. 11161 For example: `oci-phx-objectstorage`.' 11162 type: string 11163 sourceType: 11164 description: 'Type of source for the rule. 11165 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 11166 If the rule''s `source` is an IP address 11167 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 11168 If the rule''s `source` is the `cidrBlock` 11169 value for a Service (the rule is for 11170 traffic coming from a particular `Service` 11171 through a service gateway).' 11172 type: string 11173 tcpOptions: 11174 description: TcpOptions Optional and valid 11175 only for TCP. Use to specify particular 11176 destination ports for TCP rules. If 11177 you specify TCP as the protocol but 11178 omit this object, then all destination 11179 ports are allowed. 11180 properties: 11181 destinationPortRange: 11182 description: PortRange The representation 11183 of PortRange. 11184 properties: 11185 max: 11186 description: The maximum port 11187 number, which must not be less 11188 than the minimum port number. 11189 To specify a single port number, 11190 set both the min and max to 11191 the same value. 11192 type: integer 11193 min: 11194 description: The minimum port 11195 number, which must not be greater 11196 than the maximum port number. 11197 type: integer 11198 type: object 11199 sourcePortRange: 11200 description: PortRange The representation 11201 of PortRange. 11202 properties: 11203 max: 11204 description: The maximum port 11205 number, which must not be less 11206 than the minimum port number. 11207 To specify a single port number, 11208 set both the min and max to 11209 the same value. 11210 type: integer 11211 min: 11212 description: The minimum port 11213 number, which must not be greater 11214 than the maximum port number. 11215 type: integer 11216 type: object 11217 type: object 11218 udpOptions: 11219 description: UdpOptions Optional and valid 11220 only for UDP. Use to specify particular 11221 destination ports for UDP rules. If 11222 you specify UDP as the protocol but 11223 omit this object, then all destination 11224 ports are allowed. 11225 properties: 11226 destinationPortRange: 11227 description: PortRange The representation 11228 of PortRange. 11229 properties: 11230 max: 11231 description: The maximum port 11232 number, which must not be less 11233 than the minimum port number. 11234 To specify a single port number, 11235 set both the min and max to 11236 the same value. 11237 type: integer 11238 min: 11239 description: The minimum port 11240 number, which must not be greater 11241 than the maximum port number. 11242 type: integer 11243 type: object 11244 sourcePortRange: 11245 description: PortRange The representation 11246 of PortRange. 11247 properties: 11248 max: 11249 description: The maximum port 11250 number, which must not be less 11251 than the minimum port number. 11252 To specify a single port number, 11253 set both the min and max to 11254 the same value. 11255 type: integer 11256 min: 11257 description: The minimum port 11258 number, which must not be greater 11259 than the maximum port number. 11260 type: integer 11261 type: object 11262 type: object 11263 type: object 11264 type: object 11265 type: array 11266 name: 11267 description: NSG Name. 11268 type: string 11269 role: 11270 description: Role defines the NSG role (eg. control-plane, 11271 control-plane-endpoint, service-lb, worker). 11272 type: string 11273 required: 11274 - name 11275 type: object 11276 type: array 11277 x-kubernetes-list-map-keys: 11278 - name 11279 x-kubernetes-list-type: map 11280 skip: 11281 description: Skip specifies whether to skip creating network 11282 security groups. 11283 type: boolean 11284 type: object 11285 routeTable: 11286 description: Configuration for Route table. 11287 properties: 11288 privateRouteTableId: 11289 description: ID of Private Route Table. 11290 type: string 11291 publicRouteTableId: 11292 description: ID of Public Route Table. 11293 type: string 11294 skip: 11295 description: Skip specifies whether to skip creating Route 11296 table. 11297 type: boolean 11298 type: object 11299 serviceGateway: 11300 description: Configuration for Service Gateway. 11301 properties: 11302 id: 11303 description: ID of Service Gateway. 11304 type: string 11305 skip: 11306 description: Skip specifies whether to skip creating Service 11307 gateway. 11308 type: boolean 11309 type: object 11310 subnets: 11311 description: Subnets is the configuration for subnets required 11312 in the VCN. 11313 items: 11314 description: Subnet defines the configuration for a network's 11315 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 11316 properties: 11317 cidr: 11318 description: Subnet CIDR. 11319 type: string 11320 id: 11321 description: Subnet OCID. 11322 type: string 11323 name: 11324 description: Subnet Name. 11325 type: string 11326 role: 11327 description: Role defines the subnet role (eg. control-plane, 11328 control-plane-endpoint, service-lb, worker). 11329 type: string 11330 securityList: 11331 description: The security list associated with Subnet. 11332 properties: 11333 egressRules: 11334 description: EgressRules on the SecurityList. 11335 items: 11336 description: EgressSecurityRule A rule for allowing 11337 outbound IP packets. 11338 properties: 11339 description: 11340 description: An optional description of your 11341 choice for the rule. 11342 type: string 11343 destination: 11344 description: 'Conceptually, this is the range 11345 of IP addresses that a packet originating 11346 from the instance can go to. Allowed values: 11347 * IP address range in CIDR notation. For 11348 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 11349 Note that IPv6 addressing is currently supported 11350 only in certain regions. See IPv6 Addresses 11351 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11352 * The `cidrBlock` value for a Service, if 11353 you''re setting up a security list rule 11354 for traffic destined for a particular `Service` 11355 through a service gateway. For example: 11356 `oci-phx-objectstorage`.' 11357 type: string 11358 destinationType: 11359 description: 'Type of destination for the 11360 rule. The default is `CIDR_BLOCK`. Allowed 11361 values: * `CIDR_BLOCK`: If the rule''s `destination` 11362 is an IP address range in CIDR notation. 11363 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 11364 is the `cidrBlock` value for a Service (the 11365 rule is for traffic destined for a particular 11366 `Service` through a service gateway).' 11367 type: string 11368 icmpOptions: 11369 description: 'IcmpOptions Optional and valid 11370 only for ICMP and ICMPv6. Use to specify 11371 a particular ICMP type and code as defined 11372 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11373 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11374 If you specify ICMP or ICMPv6 as the protocol 11375 but omit this object, then all ICMP types 11376 and codes are allowed. If you do provide 11377 this object, the type is required and the 11378 code is optional. To enable MTU negotiation 11379 for ingress internet traffic via IPv4, make 11380 sure to allow type 3 ("Destination Unreachable") 11381 code 4 ("Fragmentation Needed and Don''t 11382 Fragment was Set"). If you need to specify 11383 multiple codes for a single type, create 11384 a separate security list rule for each.' 11385 properties: 11386 code: 11387 description: The ICMP code (optional). 11388 type: integer 11389 type: 11390 description: The ICMP type. 11391 type: integer 11392 type: object 11393 isStateless: 11394 description: A stateless rule allows traffic 11395 in one direction. Remember to add a corresponding 11396 stateless rule in the other direction if 11397 you need to support bidirectional traffic. 11398 For example, if egress traffic allows TCP 11399 destination port 80, there should be an 11400 ingress rule to allow TCP source port 80. 11401 Defaults to false, which means the rule 11402 is stateful and a corresponding rule is 11403 not necessary for bidirectional traffic. 11404 type: boolean 11405 protocol: 11406 description: The transport protocol. Specify 11407 either `all` or an IPv4 protocol number 11408 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11409 Options are supported only for ICMP ("1"), 11410 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 11411 type: string 11412 tcpOptions: 11413 description: TcpOptions Optional and valid 11414 only for TCP. Use to specify particular 11415 destination ports for TCP rules. If you 11416 specify TCP as the protocol but omit this 11417 object, then all destination ports are allowed. 11418 properties: 11419 destinationPortRange: 11420 description: PortRange The representation 11421 of PortRange. 11422 properties: 11423 max: 11424 description: The maximum port number, 11425 which must not be less than the 11426 minimum port number. To specify 11427 a single port number, set both the 11428 min and max to the same value. 11429 type: integer 11430 min: 11431 description: The minimum port number, 11432 which must not be greater than the 11433 maximum port number. 11434 type: integer 11435 type: object 11436 sourcePortRange: 11437 description: PortRange The representation 11438 of PortRange. 11439 properties: 11440 max: 11441 description: The maximum port number, 11442 which must not be less than the 11443 minimum port number. To specify 11444 a single port number, set both the 11445 min and max to the same value. 11446 type: integer 11447 min: 11448 description: The minimum port number, 11449 which must not be greater than the 11450 maximum port number. 11451 type: integer 11452 type: object 11453 type: object 11454 udpOptions: 11455 description: UdpOptions Optional and valid 11456 only for UDP. Use to specify particular 11457 destination ports for UDP rules. If you 11458 specify UDP as the protocol but omit this 11459 object, then all destination ports are allowed. 11460 properties: 11461 destinationPortRange: 11462 description: PortRange The representation 11463 of PortRange. 11464 properties: 11465 max: 11466 description: The maximum port number, 11467 which must not be less than the 11468 minimum port number. To specify 11469 a single port number, set both the 11470 min and max to the same value. 11471 type: integer 11472 min: 11473 description: The minimum port number, 11474 which must not be greater than the 11475 maximum port number. 11476 type: integer 11477 type: object 11478 sourcePortRange: 11479 description: PortRange The representation 11480 of PortRange. 11481 properties: 11482 max: 11483 description: The maximum port number, 11484 which must not be less than the 11485 minimum port number. To specify 11486 a single port number, set both the 11487 min and max to the same value. 11488 type: integer 11489 min: 11490 description: The minimum port number, 11491 which must not be greater than the 11492 maximum port number. 11493 type: integer 11494 type: object 11495 type: object 11496 type: object 11497 type: array 11498 id: 11499 description: ID of the SecurityList. 11500 type: string 11501 ingressRules: 11502 description: IngressRules on the SecurityList. 11503 items: 11504 description: IngressSecurityRule A rule for allowing 11505 inbound IP packets. 11506 properties: 11507 description: 11508 description: An optional description of your 11509 choice for the rule. 11510 type: string 11511 icmpOptions: 11512 description: 'IcmpOptions Optional and valid 11513 only for ICMP and ICMPv6. Use to specify 11514 a particular ICMP type and code as defined 11515 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11516 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11517 If you specify ICMP or ICMPv6 as the protocol 11518 but omit this object, then all ICMP types 11519 and codes are allowed. If you do provide 11520 this object, the type is required and the 11521 code is optional. To enable MTU negotiation 11522 for ingress internet traffic via IPv4, make 11523 sure to allow type 3 ("Destination Unreachable") 11524 code 4 ("Fragmentation Needed and Don''t 11525 Fragment was Set"). If you need to specify 11526 multiple codes for a single type, create 11527 a separate security list rule for each.' 11528 properties: 11529 code: 11530 description: The ICMP code (optional). 11531 type: integer 11532 type: 11533 description: The ICMP type. 11534 type: integer 11535 type: object 11536 isStateless: 11537 description: A stateless rule allows traffic 11538 in one direction. Remember to add a corresponding 11539 stateless rule in the other direction if 11540 you need to support bidirectional traffic. 11541 For example, if ingress traffic allows TCP 11542 destination port 80, there should be an 11543 egress rule to allow TCP source port 80. 11544 Defaults to false, which means the rule 11545 is stateful and a corresponding rule is 11546 not necessary for bidirectional traffic. 11547 type: boolean 11548 protocol: 11549 description: The transport protocol. Specify 11550 either `all` or an IPv4 protocol number 11551 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11552 Options are supported only for ICMP ("1"), 11553 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 11554 type: string 11555 source: 11556 description: 'Conceptually, this is the range 11557 of IP addresses that a packet coming into 11558 the instance can come from. Allowed values: 11559 * IP address range in CIDR notation. For 11560 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 11561 IPv6 addressing is supported for all commercial 11562 and government regions. See IPv6 Addresses 11563 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11564 * The `cidrBlock` value for a Service, if 11565 you''re setting up a security list rule 11566 for traffic coming from a particular `Service` 11567 through a service gateway. For example: 11568 `oci-phx-objectstorage`.' 11569 type: string 11570 sourceType: 11571 description: 'Type of source for the rule. 11572 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 11573 If the rule''s `source` is an IP address 11574 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 11575 If the rule''s `source` is the `cidrBlock` 11576 value for a Service (the rule is for traffic 11577 coming from a particular `Service` through 11578 a service gateway).' 11579 type: string 11580 tcpOptions: 11581 description: TcpOptions Optional and valid 11582 only for TCP. Use to specify particular 11583 destination ports for TCP rules. If you 11584 specify TCP as the protocol but omit this 11585 object, then all destination ports are allowed. 11586 properties: 11587 destinationPortRange: 11588 description: PortRange The representation 11589 of PortRange. 11590 properties: 11591 max: 11592 description: The maximum port number, 11593 which must not be less than the 11594 minimum port number. To specify 11595 a single port number, set both the 11596 min and max to the same value. 11597 type: integer 11598 min: 11599 description: The minimum port number, 11600 which must not be greater than the 11601 maximum port number. 11602 type: integer 11603 type: object 11604 sourcePortRange: 11605 description: PortRange The representation 11606 of PortRange. 11607 properties: 11608 max: 11609 description: The maximum port number, 11610 which must not be less than the 11611 minimum port number. To specify 11612 a single port number, set both the 11613 min and max to the same value. 11614 type: integer 11615 min: 11616 description: The minimum port number, 11617 which must not be greater than the 11618 maximum port number. 11619 type: integer 11620 type: object 11621 type: object 11622 udpOptions: 11623 description: UdpOptions Optional and valid 11624 only for UDP. Use to specify particular 11625 destination ports for UDP rules. If you 11626 specify UDP as the protocol but omit this 11627 object, then all destination ports are allowed. 11628 properties: 11629 destinationPortRange: 11630 description: PortRange The representation 11631 of PortRange. 11632 properties: 11633 max: 11634 description: The maximum port number, 11635 which must not be less than the 11636 minimum port number. To specify 11637 a single port number, set both the 11638 min and max to the same value. 11639 type: integer 11640 min: 11641 description: The minimum port number, 11642 which must not be greater than the 11643 maximum port number. 11644 type: integer 11645 type: object 11646 sourcePortRange: 11647 description: PortRange The representation 11648 of PortRange. 11649 properties: 11650 max: 11651 description: The maximum port number, 11652 which must not be less than the 11653 minimum port number. To specify 11654 a single port number, set both the 11655 min and max to the same value. 11656 type: integer 11657 min: 11658 description: The minimum port number, 11659 which must not be greater than the 11660 maximum port number. 11661 type: integer 11662 type: object 11663 type: object 11664 type: object 11665 type: array 11666 name: 11667 description: SecurityList Name. 11668 type: string 11669 type: object 11670 type: 11671 description: Type defines the subnet type (e.g. public, 11672 private). 11673 type: string 11674 required: 11675 - name 11676 - role 11677 type: object 11678 type: array 11679 x-kubernetes-list-map-keys: 11680 - name 11681 x-kubernetes-list-type: map 11682 type: object 11683 vcnPeering: 11684 description: VCNPeering configuration. 11685 properties: 11686 drg: 11687 description: DRG configuration refers to the DRG which has 11688 to be created if required. If management cluster and workload 11689 cluster shares the same DRG, this fields is not required 11690 to be specified. 11691 properties: 11692 id: 11693 description: ID is the OCID for the created DRG. 11694 type: string 11695 manage: 11696 description: Manage defines whether the DRG has to be 11697 managed(including create). If set to false(the default) 11698 the ID has to be specified by the user to a valid DRG 11699 ID to which the VCN has to be attached. 11700 type: boolean 11701 name: 11702 description: Name is the name of the created DRG. 11703 type: string 11704 vcnAttachmentId: 11705 description: VcnAttachmentId is the ID of the VCN attachment 11706 of the DRG. The workload cluster VCN can be attached 11707 to either the management cluster VCN if they are sharing 11708 the same DRG or to the workload cluster DRG. 11709 type: string 11710 type: object 11711 peerRouteRules: 11712 description: PeerRouteRules defines the routing rules which 11713 will be added to the private route tables of the workload 11714 cluster VCN. The routes defined here will be directed to 11715 DRG. 11716 items: 11717 description: PeerRouteRule defines a Route Rule to be routed 11718 via a DRG. 11719 properties: 11720 vcnCIDRRange: 11721 description: VCNCIDRRange is the CIDR Range of peer 11722 VCN to which the workload cluster VCN will be peered. 11723 The CIDR range is required to add the route rule in 11724 the workload cluster VCN, the route rule will forward 11725 any traffic to the CIDR to the DRG. 11726 type: string 11727 type: object 11728 type: array 11729 remotePeeringConnections: 11730 description: RemotePeeringConnections defines the RPC connections 11731 which be established with the workload cluster DRG. 11732 items: 11733 description: RemotePeeringConnection is used to peer VCNs 11734 residing in different regions(typically). Remote VCN Peering 11735 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 11736 properties: 11737 managePeerRPC: 11738 description: ManagePeerRPC will define if the Peer VCN 11739 needs to be managed. If set to true a Remote Peering 11740 Connection will be created in the Peer DRG and the 11741 connection will be created between local and peer 11742 RPC. 11743 type: boolean 11744 peerDRGId: 11745 description: PeerDRGId defines the DRG ID of the peer. 11746 type: string 11747 peerRPCConnectionId: 11748 description: PeerRPCConnectionId defines the RPC ID 11749 of peer. If ManagePeerRPC is set to true this will 11750 be created by Cluster API Provider for OCI, otherwise 11751 this has be defined by the user. 11752 type: string 11753 peerRegionName: 11754 description: PeerRegionName defined the region name 11755 of Peer VCN. 11756 type: string 11757 rpcConnectionId: 11758 description: RPCConnectionId is the connection ID of 11759 the connection between peer and local RPC. 11760 type: string 11761 type: object 11762 type: array 11763 type: object 11764 type: object 11765 ociResourceIdentifier: 11766 description: The unique ID which will be used to tag all the resources 11767 created by this Cluster. The tag will be used to identify resources 11768 belonging to this cluster. this will be auto-generated and should 11769 not be set by the user. 11770 type: string 11771 region: 11772 description: Region the cluster operates in. It must be one of available 11773 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 11774 type: string 11775 type: object 11776 status: 11777 description: OCIManagedClusterStatus defines the observed state of OCICluster 11778 properties: 11779 conditions: 11780 description: NetworkSpec encapsulates all things related to OCI network. 11781 items: 11782 description: Condition defines an observation of a Cluster API resource 11783 operational state. 11784 properties: 11785 lastTransitionTime: 11786 description: Last time the condition transitioned from one status 11787 to another. This should be when the underlying condition changed. 11788 If that is not known, then using the time when the API field 11789 changed is acceptable. 11790 format: date-time 11791 type: string 11792 message: 11793 description: A human readable message indicating details about 11794 the transition. This field may be empty. 11795 type: string 11796 reason: 11797 description: The reason for the condition's last transition 11798 in CamelCase. The specific API may choose whether or not this 11799 field is considered a guaranteed API. This field may not be 11800 empty. 11801 type: string 11802 severity: 11803 description: Severity provides an explicit classification of 11804 Reason code, so the users or machines can immediately understand 11805 the current situation and act accordingly. The Severity field 11806 MUST be set only when Status=False. 11807 type: string 11808 status: 11809 description: Status of the condition, one of True, False, Unknown. 11810 type: string 11811 type: 11812 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 11813 Many .condition.type values are consistent across resources 11814 like Available, but because arbitrary conditions can be useful 11815 (see .node.status.conditions), the ability to deconflict is 11816 important. 11817 type: string 11818 required: 11819 - lastTransitionTime 11820 - status 11821 - type 11822 type: object 11823 type: array 11824 failureDomains: 11825 additionalProperties: 11826 description: FailureDomainSpec is the Schema for Cluster API failure 11827 domains. It allows controllers to understand how many failure 11828 domains a cluster can optionally span across. 11829 properties: 11830 attributes: 11831 additionalProperties: 11832 type: string 11833 description: Attributes is a free form map of attributes an 11834 infrastructure provider might use or require. 11835 type: object 11836 controlPlane: 11837 description: ControlPlane determines if this failure domain 11838 is suitable for use by control plane machines. 11839 type: boolean 11840 type: object 11841 description: FailureDomains is a slice of FailureDomains. 11842 type: object 11843 ready: 11844 type: boolean 11845 type: object 11846 type: object 11847 served: true 11848 storage: true 11849 subresources: 11850 status: {} 11851 --- 11852 apiVersion: apiextensions.k8s.io/v1 11853 kind: CustomResourceDefinition 11854 metadata: 11855 annotations: 11856 controller-gen.kubebuilder.io/version: v0.10.0 11857 creationTimestamp: null 11858 labels: 11859 cluster.x-k8s.io/provider: infrastructure-oci 11860 cluster.x-k8s.io/v1beta1: v1beta1 11861 name: ocimanagedclustertemplates.infrastructure.cluster.x-k8s.io 11862 spec: 11863 group: infrastructure.cluster.x-k8s.io 11864 names: 11865 categories: 11866 - cluster-api 11867 kind: OCIManagedClusterTemplate 11868 listKind: OCIManagedClusterTemplateList 11869 plural: ocimanagedclustertemplates 11870 singular: ocimanagedclustertemplate 11871 scope: Namespaced 11872 versions: 11873 - name: v1beta1 11874 schema: 11875 openAPIV3Schema: 11876 description: OCIManagedClusterTemplate is the Schema for the ocimanagedclustertemplates 11877 API. 11878 properties: 11879 apiVersion: 11880 description: 'APIVersion defines the versioned schema of this representation 11881 of an object. Servers should convert recognized schemas to the latest 11882 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 11883 type: string 11884 kind: 11885 description: 'Kind is a string value representing the REST resource this 11886 object represents. Servers may infer this from the endpoint the client 11887 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 11888 type: string 11889 metadata: 11890 type: object 11891 spec: 11892 description: OCIManagedClusterTemplateSpec defines the desired state of 11893 OCIManagedClusterTemplate. 11894 properties: 11895 template: 11896 description: OCIManagedClusterSpec describes the data needed to create 11897 an OCIManagedCluster from a template. 11898 properties: 11899 spec: 11900 description: OCIManagedClusterSpec defines the desired state of 11901 OCI OKE Cluster 11902 properties: 11903 compartmentId: 11904 description: Compartment to create the cluster network. 11905 type: string 11906 controlPlaneEndpoint: 11907 description: ControlPlaneEndpoint represents the endpoint 11908 used to communicate with the control plane. This will not 11909 be set by the user, this will be updated by the Cluster 11910 Reconciler after OKe cluster has been created and the cluster 11911 has an endpoint address 11912 properties: 11913 host: 11914 description: The hostname on which the API server is serving. 11915 type: string 11916 port: 11917 description: The port on which the API server is serving. 11918 format: int32 11919 type: integer 11920 required: 11921 - host 11922 - port 11923 type: object 11924 definedTags: 11925 additionalProperties: 11926 additionalProperties: 11927 type: string 11928 type: object 11929 description: 'Defined tags for this resource. Each key is 11930 predefined and scoped to a namespace. For more information, 11931 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 11932 Example: `{"Operations": {"CostCenter": "42"}}`' 11933 type: object 11934 freeformTags: 11935 additionalProperties: 11936 type: string 11937 description: Free-form tags for this resource. 11938 type: object 11939 identityRef: 11940 description: IdentityRef is a reference to an identity(principal) 11941 to be used when reconciling this cluster 11942 properties: 11943 apiVersion: 11944 description: API version of the referent. 11945 type: string 11946 fieldPath: 11947 description: 'If referring to a piece of an object instead 11948 of an entire object, this string should contain a valid 11949 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 11950 For example, if the object reference is to a container 11951 within a pod, this would take on a value like: "spec.containers{name}" 11952 (where "name" refers to the name of the container that 11953 triggered the event) or if no container name is specified 11954 "spec.containers[2]" (container with index 2 in this 11955 pod). This syntax is chosen only to have some well-defined 11956 way of referencing a part of an object. TODO: this design 11957 is not final and this field is subject to change in 11958 the future.' 11959 type: string 11960 kind: 11961 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 11962 type: string 11963 name: 11964 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 11965 type: string 11966 namespace: 11967 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 11968 type: string 11969 resourceVersion: 11970 description: 'Specific resourceVersion to which this reference 11971 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 11972 type: string 11973 uid: 11974 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 11975 type: string 11976 type: object 11977 x-kubernetes-map-type: atomic 11978 networkSpec: 11979 description: NetworkSpec encapsulates all things related to 11980 OCI network. 11981 properties: 11982 apiServerLoadBalancer: 11983 description: API Server LB configuration. 11984 properties: 11985 loadBalancerId: 11986 description: ID of Load Balancer. 11987 type: string 11988 name: 11989 description: LoadBalancer Name. 11990 type: string 11991 type: object 11992 skipNetworkManagement: 11993 description: SkipNetworkManagement defines if the networking 11994 spec(VCN related) specified by the user needs to be 11995 reconciled(actioned-upon) or used as it is. APIServerLB 11996 will still be reconciled. 11997 type: boolean 11998 vcn: 11999 description: VCN configuration. 12000 properties: 12001 cidr: 12002 description: VCN CIDR. 12003 type: string 12004 id: 12005 description: VCN OCID. 12006 type: string 12007 internetGatewayId: 12008 description: ID of Internet Gateway. 12009 type: string 12010 name: 12011 description: VCN Name. 12012 type: string 12013 natGatewayId: 12014 description: ID of Nat Gateway. 12015 type: string 12016 networkSecurityGroups: 12017 description: NetworkSecurityGroups is the configuration 12018 for the Network Security Groups required in the 12019 VCN. 12020 items: 12021 description: NSG defines configuration for a Network 12022 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 12023 properties: 12024 egressRules: 12025 description: EgressRules on the NSG. 12026 items: 12027 description: EgressSecurityRuleForNSG is EgressSecurityRule 12028 for NSG. 12029 properties: 12030 egressRule: 12031 description: EgressSecurityRule A rule 12032 for allowing outbound IP packets. 12033 properties: 12034 description: 12035 description: An optional description 12036 of your choice for the rule. 12037 type: string 12038 destination: 12039 description: 'Conceptually, this is 12040 the range of IP addresses that a 12041 packet originating from the instance 12042 can go to. Allowed values: * IP 12043 address range in CIDR notation. 12044 For example: `192.168.1.0/24` or 12045 `2001:0db8:0123:45::/56` Note that 12046 IPv6 addressing is currently supported 12047 only in certain regions. See IPv6 12048 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12049 * The `cidrBlock` value for a Service, 12050 if you''re setting up a security 12051 list rule for traffic destined for 12052 a particular `Service` through a 12053 service gateway. For example: `oci-phx-objectstorage`.' 12054 type: string 12055 destinationType: 12056 description: 'Type of destination 12057 for the rule. The default is `CIDR_BLOCK`. 12058 Allowed values: * `CIDR_BLOCK`: 12059 If the rule''s `destination` is 12060 an IP address range in CIDR notation. 12061 * `SERVICE_CIDR_BLOCK`: If the rule''s 12062 `destination` is the `cidrBlock` 12063 value for a Service (the rule is 12064 for traffic destined for a particular 12065 `Service` through a service gateway).' 12066 type: string 12067 icmpOptions: 12068 description: 'IcmpOptions Optional 12069 and valid only for ICMP and ICMPv6. 12070 Use to specify a particular ICMP 12071 type and code as defined in: - ICMP 12072 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12073 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12074 If you specify ICMP or ICMPv6 as 12075 the protocol but omit this object, 12076 then all ICMP types and codes are 12077 allowed. If you do provide this 12078 object, the type is required and 12079 the code is optional. To enable 12080 MTU negotiation for ingress internet 12081 traffic via IPv4, make sure to allow 12082 type 3 ("Destination Unreachable") 12083 code 4 ("Fragmentation Needed and 12084 Don''t Fragment was Set"). If you 12085 need to specify multiple codes for 12086 a single type, create a separate 12087 security list rule for each.' 12088 properties: 12089 code: 12090 description: The ICMP code (optional). 12091 type: integer 12092 type: 12093 description: The ICMP type. 12094 type: integer 12095 type: object 12096 isStateless: 12097 description: A stateless rule allows 12098 traffic in one direction. Remember 12099 to add a corresponding stateless 12100 rule in the other direction if you 12101 need to support bidirectional traffic. 12102 For example, if egress traffic allows 12103 TCP destination port 80, there should 12104 be an ingress rule to allow TCP 12105 source port 80. Defaults to false, 12106 which means the rule is stateful 12107 and a corresponding rule is not 12108 necessary for bidirectional traffic. 12109 type: boolean 12110 protocol: 12111 description: The transport protocol. 12112 Specify either `all` or an IPv4 12113 protocol number as defined in Protocol 12114 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12115 Options are supported only for ICMP 12116 ("1"), TCP ("6"), UDP ("17"), and 12117 ICMPv6 ("58"). 12118 type: string 12119 tcpOptions: 12120 description: TcpOptions Optional and 12121 valid only for TCP. Use to specify 12122 particular destination ports for 12123 TCP rules. If you specify TCP as 12124 the protocol but omit this object, 12125 then all destination ports are allowed. 12126 properties: 12127 destinationPortRange: 12128 description: PortRange The representation 12129 of PortRange. 12130 properties: 12131 max: 12132 description: The maximum port 12133 number, which must not be 12134 less than the minimum port 12135 number. To specify a single 12136 port number, set both the 12137 min and max to the same 12138 value. 12139 type: integer 12140 min: 12141 description: The minimum port 12142 number, which must not be 12143 greater than the maximum 12144 port number. 12145 type: integer 12146 type: object 12147 sourcePortRange: 12148 description: PortRange The representation 12149 of PortRange. 12150 properties: 12151 max: 12152 description: The maximum port 12153 number, which must not be 12154 less than the minimum port 12155 number. To specify a single 12156 port number, set both the 12157 min and max to the same 12158 value. 12159 type: integer 12160 min: 12161 description: The minimum port 12162 number, which must not be 12163 greater than the maximum 12164 port number. 12165 type: integer 12166 type: object 12167 type: object 12168 udpOptions: 12169 description: UdpOptions Optional and 12170 valid only for UDP. Use to specify 12171 particular destination ports for 12172 UDP rules. If you specify UDP as 12173 the protocol but omit this object, 12174 then all destination ports are allowed. 12175 properties: 12176 destinationPortRange: 12177 description: PortRange The representation 12178 of PortRange. 12179 properties: 12180 max: 12181 description: The maximum port 12182 number, which must not be 12183 less than the minimum port 12184 number. To specify a single 12185 port number, set both the 12186 min and max to the same 12187 value. 12188 type: integer 12189 min: 12190 description: The minimum port 12191 number, which must not be 12192 greater than the maximum 12193 port number. 12194 type: integer 12195 type: object 12196 sourcePortRange: 12197 description: PortRange The representation 12198 of PortRange. 12199 properties: 12200 max: 12201 description: The maximum port 12202 number, which must not be 12203 less than the minimum port 12204 number. To specify a single 12205 port number, set both the 12206 min and max to the same 12207 value. 12208 type: integer 12209 min: 12210 description: The minimum port 12211 number, which must not be 12212 greater than the maximum 12213 port number. 12214 type: integer 12215 type: object 12216 type: object 12217 type: object 12218 id: 12219 description: 'EgressSecurityRule ID for 12220 NSG. Deprecated: this field is not populated 12221 and used during reconciliation' 12222 type: string 12223 type: object 12224 type: array 12225 id: 12226 description: NSG OCID. 12227 type: string 12228 ingressRules: 12229 description: IngressRules on the NSG. 12230 items: 12231 description: IngressSecurityRuleForNSG is 12232 IngressSecurityRule for NSG 12233 properties: 12234 id: 12235 description: 'IngressSecurityRule ID for 12236 NSG. Deprecated: this field is not populated 12237 and used during reconciliation' 12238 type: string 12239 ingressRule: 12240 description: IngressSecurityRule A rule 12241 for allowing inbound IP packets. 12242 properties: 12243 description: 12244 description: An optional description 12245 of your choice for the rule. 12246 type: string 12247 icmpOptions: 12248 description: 'IcmpOptions Optional 12249 and valid only for ICMP and ICMPv6. 12250 Use to specify a particular ICMP 12251 type and code as defined in: - ICMP 12252 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12253 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12254 If you specify ICMP or ICMPv6 as 12255 the protocol but omit this object, 12256 then all ICMP types and codes are 12257 allowed. If you do provide this 12258 object, the type is required and 12259 the code is optional. To enable 12260 MTU negotiation for ingress internet 12261 traffic via IPv4, make sure to allow 12262 type 3 ("Destination Unreachable") 12263 code 4 ("Fragmentation Needed and 12264 Don''t Fragment was Set"). If you 12265 need to specify multiple codes for 12266 a single type, create a separate 12267 security list rule for each.' 12268 properties: 12269 code: 12270 description: The ICMP code (optional). 12271 type: integer 12272 type: 12273 description: The ICMP type. 12274 type: integer 12275 type: object 12276 isStateless: 12277 description: A stateless rule allows 12278 traffic in one direction. Remember 12279 to add a corresponding stateless 12280 rule in the other direction if you 12281 need to support bidirectional traffic. 12282 For example, if ingress traffic 12283 allows TCP destination port 80, 12284 there should be an egress rule to 12285 allow TCP source port 80. Defaults 12286 to false, which means the rule is 12287 stateful and a corresponding rule 12288 is not necessary for bidirectional 12289 traffic. 12290 type: boolean 12291 protocol: 12292 description: The transport protocol. 12293 Specify either `all` or an IPv4 12294 protocol number as defined in Protocol 12295 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12296 Options are supported only for ICMP 12297 ("1"), TCP ("6"), UDP ("17"), and 12298 ICMPv6 ("58"). 12299 type: string 12300 source: 12301 description: 'Conceptually, this is 12302 the range of IP addresses that a 12303 packet coming into the instance 12304 can come from. Allowed values: * 12305 IP address range in CIDR notation. 12306 For example: `192.168.1.0/24` or 12307 `2001:0db8:0123:45::/56`. IPv6 addressing 12308 is supported for all commercial 12309 and government regions. See IPv6 12310 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12311 * The `cidrBlock` value for a Service, 12312 if you''re setting up a security 12313 list rule for traffic coming from 12314 a particular `Service` through a 12315 service gateway. For example: `oci-phx-objectstorage`.' 12316 type: string 12317 sourceType: 12318 description: 'Type of source for the 12319 rule. The default is `CIDR_BLOCK`. 12320 * `CIDR_BLOCK`: If the rule''s `source` 12321 is an IP address range in CIDR notation. 12322 * `SERVICE_CIDR_BLOCK`: If the rule''s 12323 `source` is the `cidrBlock` value 12324 for a Service (the rule is for traffic 12325 coming from a particular `Service` 12326 through a service gateway).' 12327 type: string 12328 tcpOptions: 12329 description: TcpOptions Optional and 12330 valid only for TCP. Use to specify 12331 particular destination ports for 12332 TCP rules. If you specify TCP as 12333 the protocol but omit this object, 12334 then all destination ports are allowed. 12335 properties: 12336 destinationPortRange: 12337 description: PortRange The representation 12338 of PortRange. 12339 properties: 12340 max: 12341 description: The maximum port 12342 number, which must not be 12343 less than the minimum port 12344 number. To specify a single 12345 port number, set both the 12346 min and max to the same 12347 value. 12348 type: integer 12349 min: 12350 description: The minimum port 12351 number, which must not be 12352 greater than the maximum 12353 port number. 12354 type: integer 12355 type: object 12356 sourcePortRange: 12357 description: PortRange The representation 12358 of PortRange. 12359 properties: 12360 max: 12361 description: The maximum port 12362 number, which must not be 12363 less than the minimum port 12364 number. To specify a single 12365 port number, set both the 12366 min and max to the same 12367 value. 12368 type: integer 12369 min: 12370 description: The minimum port 12371 number, which must not be 12372 greater than the maximum 12373 port number. 12374 type: integer 12375 type: object 12376 type: object 12377 udpOptions: 12378 description: UdpOptions Optional and 12379 valid only for UDP. Use to specify 12380 particular destination ports for 12381 UDP rules. If you specify UDP as 12382 the protocol but omit this object, 12383 then all destination ports are allowed. 12384 properties: 12385 destinationPortRange: 12386 description: PortRange The representation 12387 of PortRange. 12388 properties: 12389 max: 12390 description: The maximum port 12391 number, which must not be 12392 less than the minimum port 12393 number. To specify a single 12394 port number, set both the 12395 min and max to the same 12396 value. 12397 type: integer 12398 min: 12399 description: The minimum port 12400 number, which must not be 12401 greater than the maximum 12402 port number. 12403 type: integer 12404 type: object 12405 sourcePortRange: 12406 description: PortRange The representation 12407 of PortRange. 12408 properties: 12409 max: 12410 description: The maximum port 12411 number, which must not be 12412 less than the minimum port 12413 number. To specify a single 12414 port number, set both the 12415 min and max to the same 12416 value. 12417 type: integer 12418 min: 12419 description: The minimum port 12420 number, which must not be 12421 greater than the maximum 12422 port number. 12423 type: integer 12424 type: object 12425 type: object 12426 type: object 12427 type: object 12428 type: array 12429 name: 12430 description: NSG Name. 12431 type: string 12432 role: 12433 description: Role defines the NSG role (eg. 12434 control-plane, control-plane-endpoint, service-lb, 12435 worker). 12436 type: string 12437 required: 12438 - name 12439 type: object 12440 type: array 12441 x-kubernetes-list-map-keys: 12442 - name 12443 x-kubernetes-list-type: map 12444 privateRouteTableId: 12445 description: ID of Private Route Table. 12446 type: string 12447 publicRouteTableId: 12448 description: ID of Public Route Table. 12449 type: string 12450 serviceGatewayId: 12451 description: ID of Service Gateway. 12452 type: string 12453 subnets: 12454 description: Subnets is the configuration for subnets 12455 required in the VCN. 12456 items: 12457 description: Subnet defines the configuration for 12458 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 12459 properties: 12460 cidr: 12461 description: Subnet CIDR. 12462 type: string 12463 id: 12464 description: Subnet OCID. 12465 type: string 12466 name: 12467 description: Subnet Name. 12468 type: string 12469 role: 12470 description: Role defines the subnet role (eg. 12471 control-plane, control-plane-endpoint, service-lb, 12472 worker). 12473 type: string 12474 securityList: 12475 description: The security list associated with 12476 Subnet. 12477 properties: 12478 egressRules: 12479 description: EgressRules on the SecurityList. 12480 items: 12481 description: EgressSecurityRule A rule 12482 for allowing outbound IP packets. 12483 properties: 12484 description: 12485 description: An optional description 12486 of your choice for the rule. 12487 type: string 12488 destination: 12489 description: 'Conceptually, this is 12490 the range of IP addresses that a 12491 packet originating from the instance 12492 can go to. Allowed values: * IP 12493 address range in CIDR notation. 12494 For example: `192.168.1.0/24` or 12495 `2001:0db8:0123:45::/56` Note that 12496 IPv6 addressing is currently supported 12497 only in certain regions. See IPv6 12498 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12499 * The `cidrBlock` value for a Service, 12500 if you''re setting up a security 12501 list rule for traffic destined for 12502 a particular `Service` through a 12503 service gateway. For example: `oci-phx-objectstorage`.' 12504 type: string 12505 destinationType: 12506 description: 'Type of destination 12507 for the rule. The default is `CIDR_BLOCK`. 12508 Allowed values: * `CIDR_BLOCK`: 12509 If the rule''s `destination` is 12510 an IP address range in CIDR notation. 12511 * `SERVICE_CIDR_BLOCK`: If the rule''s 12512 `destination` is the `cidrBlock` 12513 value for a Service (the rule is 12514 for traffic destined for a particular 12515 `Service` through a service gateway).' 12516 type: string 12517 icmpOptions: 12518 description: 'IcmpOptions Optional 12519 and valid only for ICMP and ICMPv6. 12520 Use to specify a particular ICMP 12521 type and code as defined in: - ICMP 12522 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12523 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12524 If you specify ICMP or ICMPv6 as 12525 the protocol but omit this object, 12526 then all ICMP types and codes are 12527 allowed. If you do provide this 12528 object, the type is required and 12529 the code is optional. To enable 12530 MTU negotiation for ingress internet 12531 traffic via IPv4, make sure to allow 12532 type 3 ("Destination Unreachable") 12533 code 4 ("Fragmentation Needed and 12534 Don''t Fragment was Set"). If you 12535 need to specify multiple codes for 12536 a single type, create a separate 12537 security list rule for each.' 12538 properties: 12539 code: 12540 description: The ICMP code (optional). 12541 type: integer 12542 type: 12543 description: The ICMP type. 12544 type: integer 12545 type: object 12546 isStateless: 12547 description: A stateless rule allows 12548 traffic in one direction. Remember 12549 to add a corresponding stateless 12550 rule in the other direction if you 12551 need to support bidirectional traffic. 12552 For example, if egress traffic allows 12553 TCP destination port 80, there should 12554 be an ingress rule to allow TCP 12555 source port 80. Defaults to false, 12556 which means the rule is stateful 12557 and a corresponding rule is not 12558 necessary for bidirectional traffic. 12559 type: boolean 12560 protocol: 12561 description: The transport protocol. 12562 Specify either `all` or an IPv4 12563 protocol number as defined in Protocol 12564 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12565 Options are supported only for ICMP 12566 ("1"), TCP ("6"), UDP ("17"), and 12567 ICMPv6 ("58"). 12568 type: string 12569 tcpOptions: 12570 description: TcpOptions Optional and 12571 valid only for TCP. Use to specify 12572 particular destination ports for 12573 TCP rules. If you specify TCP as 12574 the protocol but omit this object, 12575 then all destination ports are allowed. 12576 properties: 12577 destinationPortRange: 12578 description: PortRange The representation 12579 of PortRange. 12580 properties: 12581 max: 12582 description: The maximum port 12583 number, which must not be 12584 less than the minimum port 12585 number. To specify a single 12586 port number, set both the 12587 min and max to the same 12588 value. 12589 type: integer 12590 min: 12591 description: The minimum port 12592 number, which must not be 12593 greater than the maximum 12594 port number. 12595 type: integer 12596 type: object 12597 sourcePortRange: 12598 description: PortRange The representation 12599 of PortRange. 12600 properties: 12601 max: 12602 description: The maximum port 12603 number, which must not be 12604 less than the minimum port 12605 number. To specify a single 12606 port number, set both the 12607 min and max to the same 12608 value. 12609 type: integer 12610 min: 12611 description: The minimum port 12612 number, which must not be 12613 greater than the maximum 12614 port number. 12615 type: integer 12616 type: object 12617 type: object 12618 udpOptions: 12619 description: UdpOptions Optional and 12620 valid only for UDP. Use to specify 12621 particular destination ports for 12622 UDP rules. If you specify UDP as 12623 the protocol but omit this object, 12624 then all destination ports are allowed. 12625 properties: 12626 destinationPortRange: 12627 description: PortRange The representation 12628 of PortRange. 12629 properties: 12630 max: 12631 description: The maximum port 12632 number, which must not be 12633 less than the minimum port 12634 number. To specify a single 12635 port number, set both the 12636 min and max to the same 12637 value. 12638 type: integer 12639 min: 12640 description: The minimum port 12641 number, which must not be 12642 greater than the maximum 12643 port number. 12644 type: integer 12645 type: object 12646 sourcePortRange: 12647 description: PortRange The representation 12648 of PortRange. 12649 properties: 12650 max: 12651 description: The maximum port 12652 number, which must not be 12653 less than the minimum port 12654 number. To specify a single 12655 port number, set both the 12656 min and max to the same 12657 value. 12658 type: integer 12659 min: 12660 description: The minimum port 12661 number, which must not be 12662 greater than the maximum 12663 port number. 12664 type: integer 12665 type: object 12666 type: object 12667 type: object 12668 type: array 12669 id: 12670 description: ID of the SecurityList. 12671 type: string 12672 ingressRules: 12673 description: IngressRules on the SecurityList. 12674 items: 12675 description: IngressSecurityRule A rule 12676 for allowing inbound IP packets. 12677 properties: 12678 description: 12679 description: An optional description 12680 of your choice for the rule. 12681 type: string 12682 icmpOptions: 12683 description: 'IcmpOptions Optional 12684 and valid only for ICMP and ICMPv6. 12685 Use to specify a particular ICMP 12686 type and code as defined in: - ICMP 12687 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12688 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12689 If you specify ICMP or ICMPv6 as 12690 the protocol but omit this object, 12691 then all ICMP types and codes are 12692 allowed. If you do provide this 12693 object, the type is required and 12694 the code is optional. To enable 12695 MTU negotiation for ingress internet 12696 traffic via IPv4, make sure to allow 12697 type 3 ("Destination Unreachable") 12698 code 4 ("Fragmentation Needed and 12699 Don''t Fragment was Set"). If you 12700 need to specify multiple codes for 12701 a single type, create a separate 12702 security list rule for each.' 12703 properties: 12704 code: 12705 description: The ICMP code (optional). 12706 type: integer 12707 type: 12708 description: The ICMP type. 12709 type: integer 12710 type: object 12711 isStateless: 12712 description: A stateless rule allows 12713 traffic in one direction. Remember 12714 to add a corresponding stateless 12715 rule in the other direction if you 12716 need to support bidirectional traffic. 12717 For example, if ingress traffic 12718 allows TCP destination port 80, 12719 there should be an egress rule to 12720 allow TCP source port 80. Defaults 12721 to false, which means the rule is 12722 stateful and a corresponding rule 12723 is not necessary for bidirectional 12724 traffic. 12725 type: boolean 12726 protocol: 12727 description: The transport protocol. 12728 Specify either `all` or an IPv4 12729 protocol number as defined in Protocol 12730 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12731 Options are supported only for ICMP 12732 ("1"), TCP ("6"), UDP ("17"), and 12733 ICMPv6 ("58"). 12734 type: string 12735 source: 12736 description: 'Conceptually, this is 12737 the range of IP addresses that a 12738 packet coming into the instance 12739 can come from. Allowed values: * 12740 IP address range in CIDR notation. 12741 For example: `192.168.1.0/24` or 12742 `2001:0db8:0123:45::/56`. IPv6 addressing 12743 is supported for all commercial 12744 and government regions. See IPv6 12745 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12746 * The `cidrBlock` value for a Service, 12747 if you''re setting up a security 12748 list rule for traffic coming from 12749 a particular `Service` through a 12750 service gateway. For example: `oci-phx-objectstorage`.' 12751 type: string 12752 sourceType: 12753 description: 'Type of source for the 12754 rule. The default is `CIDR_BLOCK`. 12755 * `CIDR_BLOCK`: If the rule''s `source` 12756 is an IP address range in CIDR notation. 12757 * `SERVICE_CIDR_BLOCK`: If the rule''s 12758 `source` is the `cidrBlock` value 12759 for a Service (the rule is for traffic 12760 coming from a particular `Service` 12761 through a service gateway).' 12762 type: string 12763 tcpOptions: 12764 description: TcpOptions Optional and 12765 valid only for TCP. Use to specify 12766 particular destination ports for 12767 TCP rules. If you specify TCP as 12768 the protocol but omit this object, 12769 then all destination ports are allowed. 12770 properties: 12771 destinationPortRange: 12772 description: PortRange The representation 12773 of PortRange. 12774 properties: 12775 max: 12776 description: The maximum port 12777 number, which must not be 12778 less than the minimum port 12779 number. To specify a single 12780 port number, set both the 12781 min and max to the same 12782 value. 12783 type: integer 12784 min: 12785 description: The minimum port 12786 number, which must not be 12787 greater than the maximum 12788 port number. 12789 type: integer 12790 type: object 12791 sourcePortRange: 12792 description: PortRange The representation 12793 of PortRange. 12794 properties: 12795 max: 12796 description: The maximum port 12797 number, which must not be 12798 less than the minimum port 12799 number. To specify a single 12800 port number, set both the 12801 min and max to the same 12802 value. 12803 type: integer 12804 min: 12805 description: The minimum port 12806 number, which must not be 12807 greater than the maximum 12808 port number. 12809 type: integer 12810 type: object 12811 type: object 12812 udpOptions: 12813 description: UdpOptions Optional and 12814 valid only for UDP. Use to specify 12815 particular destination ports for 12816 UDP rules. If you specify UDP as 12817 the protocol but omit this object, 12818 then all destination ports are allowed. 12819 properties: 12820 destinationPortRange: 12821 description: PortRange The representation 12822 of PortRange. 12823 properties: 12824 max: 12825 description: The maximum port 12826 number, which must not be 12827 less than the minimum port 12828 number. To specify a single 12829 port number, set both the 12830 min and max to the same 12831 value. 12832 type: integer 12833 min: 12834 description: The minimum port 12835 number, which must not be 12836 greater than the maximum 12837 port number. 12838 type: integer 12839 type: object 12840 sourcePortRange: 12841 description: PortRange The representation 12842 of PortRange. 12843 properties: 12844 max: 12845 description: The maximum port 12846 number, which must not be 12847 less than the minimum port 12848 number. To specify a single 12849 port number, set both the 12850 min and max to the same 12851 value. 12852 type: integer 12853 min: 12854 description: The minimum port 12855 number, which must not be 12856 greater than the maximum 12857 port number. 12858 type: integer 12859 type: object 12860 type: object 12861 type: object 12862 type: array 12863 name: 12864 description: SecurityList Name. 12865 type: string 12866 type: object 12867 type: 12868 description: Type defines the subnet type (e.g. 12869 public, private). 12870 type: string 12871 required: 12872 - name 12873 - role 12874 type: object 12875 type: array 12876 x-kubernetes-list-map-keys: 12877 - name 12878 x-kubernetes-list-type: map 12879 type: object 12880 vcnPeering: 12881 description: VCNPeering configuration. 12882 properties: 12883 drg: 12884 description: DRG configuration refers to the DRG which 12885 has to be created if required. If management cluster 12886 and workload cluster shares the same DRG, this fields 12887 is not required to be specified. 12888 properties: 12889 id: 12890 description: ID is the OCID for the created DRG. 12891 type: string 12892 manage: 12893 description: Manage defines whether the DRG has 12894 to be managed(including create). If set to false(the 12895 default) the ID has to be specified by the user 12896 to a valid DRG ID to which the VCN has to be 12897 attached. 12898 type: boolean 12899 name: 12900 description: Name is the name of the created DRG. 12901 type: string 12902 vcnAttachmentId: 12903 description: VcnAttachmentId is the ID of the 12904 VCN attachment of the DRG. The workload cluster 12905 VCN can be attached to either the management 12906 cluster VCN if they are sharing the same DRG 12907 or to the workload cluster DRG. 12908 type: string 12909 type: object 12910 peerRouteRules: 12911 description: PeerRouteRules defines the routing rules 12912 which will be added to the private route tables 12913 of the workload cluster VCN. The routes defined 12914 here will be directed to DRG. 12915 items: 12916 description: PeerRouteRule defines a Route Rule 12917 to be routed via a DRG. 12918 properties: 12919 vcnCIDRRange: 12920 description: VCNCIDRRange is the CIDR Range 12921 of peer VCN to which the workload cluster 12922 VCN will be peered. The CIDR range is required 12923 to add the route rule in the workload cluster 12924 VCN, the route rule will forward any traffic 12925 to the CIDR to the DRG. 12926 type: string 12927 type: object 12928 type: array 12929 remotePeeringConnections: 12930 description: RemotePeeringConnections defines the 12931 RPC connections which be established with the workload 12932 cluster DRG. 12933 items: 12934 description: RemotePeeringConnection is used to 12935 peer VCNs residing in different regions(typically). 12936 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 12937 properties: 12938 managePeerRPC: 12939 description: ManagePeerRPC will define if the 12940 Peer VCN needs to be managed. If set to true 12941 a Remote Peering Connection will be created 12942 in the Peer DRG and the connection will be 12943 created between local and peer RPC. 12944 type: boolean 12945 peerDRGId: 12946 description: PeerDRGId defines the DRG ID of 12947 the peer. 12948 type: string 12949 peerRPCConnectionId: 12950 description: PeerRPCConnectionId defines the 12951 RPC ID of peer. If ManagePeerRPC is set to 12952 true this will be created by Cluster API Provider 12953 for OCI, otherwise this has be defined by 12954 the user. 12955 type: string 12956 peerRegionName: 12957 description: PeerRegionName defined the region 12958 name of Peer VCN. 12959 type: string 12960 rpcConnectionId: 12961 description: RPCConnectionId is the connection 12962 ID of the connection between peer and local 12963 RPC. 12964 type: string 12965 type: object 12966 type: array 12967 type: object 12968 type: object 12969 ociResourceIdentifier: 12970 description: The unique ID which will be used to tag all the 12971 resources created by this Cluster. The tag will be used 12972 to identify resources belonging to this cluster. this will 12973 be auto-generated and should not be set by the user. 12974 type: string 12975 region: 12976 description: Region the cluster operates in. It must be one 12977 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 12978 type: string 12979 type: object 12980 required: 12981 - spec 12982 type: object 12983 required: 12984 - template 12985 type: object 12986 type: object 12987 served: true 12988 storage: false 12989 - name: v1beta2 12990 schema: 12991 openAPIV3Schema: 12992 description: OCIManagedClusterTemplate is the Schema for the ocimanagedclustertemplates 12993 API. 12994 properties: 12995 apiVersion: 12996 description: 'APIVersion defines the versioned schema of this representation 12997 of an object. Servers should convert recognized schemas to the latest 12998 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 12999 type: string 13000 kind: 13001 description: 'Kind is a string value representing the REST resource this 13002 object represents. Servers may infer this from the endpoint the client 13003 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13004 type: string 13005 metadata: 13006 type: object 13007 spec: 13008 description: OCIManagedClusterTemplateSpec defines the desired state of 13009 OCIManagedClusterTemplate. 13010 properties: 13011 template: 13012 description: OCIManagedClusterSpec describes the data needed to create 13013 an OCIManagedCluster from a template. 13014 properties: 13015 spec: 13016 description: OCIManagedClusterSpec defines the desired state of 13017 OCI OKE Cluster 13018 properties: 13019 availabilityDomains: 13020 additionalProperties: 13021 description: OCIAvailabilityDomain contains information 13022 about an Availability Domain (AD). 13023 properties: 13024 faultDomains: 13025 description: 'FaultDomains a list of fault domain (FD) 13026 names. Example: ["FAULT-DOMAIN-1"]' 13027 items: 13028 type: string 13029 type: array 13030 name: 13031 description: 'Name is the AD''s full name. Example: 13032 Uocm:PHX-AD-1' 13033 type: string 13034 type: object 13035 description: AvailabilityDomains encapsulates the clusters 13036 Availability Domain (AD) information in a map where the 13037 map key is the AD name and the struct is details about the 13038 AD. 13039 type: object 13040 compartmentId: 13041 description: Compartment to create the cluster network. 13042 type: string 13043 controlPlaneEndpoint: 13044 description: ControlPlaneEndpoint represents the endpoint 13045 used to communicate with the control plane. This will not 13046 be set by the user, this will be updated by the Cluster 13047 Reconciler after OKe cluster has been created and the cluster 13048 has an endpoint address 13049 properties: 13050 host: 13051 description: The hostname on which the API server is serving. 13052 type: string 13053 port: 13054 description: The port on which the API server is serving. 13055 format: int32 13056 type: integer 13057 required: 13058 - host 13059 - port 13060 type: object 13061 definedTags: 13062 additionalProperties: 13063 additionalProperties: 13064 type: string 13065 type: object 13066 description: 'Defined tags for this resource. Each key is 13067 predefined and scoped to a namespace. For more information, 13068 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 13069 Example: `{"Operations": {"CostCenter": "42"}}`' 13070 type: object 13071 freeformTags: 13072 additionalProperties: 13073 type: string 13074 description: Free-form tags for this resource. 13075 type: object 13076 hostUrl: 13077 description: ClientOverrides allows the default client SDK 13078 URLs to be changed. 13079 nullable: true 13080 properties: 13081 certOverride: 13082 description: CertOverride is a secret that contains information 13083 about a cert override used by all the OCI SDK clients. 13084 The secret must contain data with a `cert`property. 13085 nullable: true 13086 properties: 13087 name: 13088 description: name is unique within a namespace to 13089 reference a secret resource. 13090 type: string 13091 namespace: 13092 description: namespace defines the space within which 13093 the secret name must be unique. 13094 type: string 13095 type: object 13096 x-kubernetes-map-type: atomic 13097 computeClientUrl: 13098 description: ComputeClientUrl allows the default compute 13099 SDK client URL to be changed. 13100 nullable: true 13101 type: string 13102 computeManagementClientUrl: 13103 description: ComputeManagementClientUrl allows the default 13104 compute management SDK client URL to be changed. 13105 nullable: true 13106 type: string 13107 containerEngineClientUrl: 13108 description: ContainerEngineClientUrl allows the default 13109 container engine SDK client URL to be changed. 13110 nullable: true 13111 type: string 13112 identityClientUrl: 13113 description: IdentityClientUrl allows the default identity 13114 SDK client URL to be changed. 13115 nullable: true 13116 type: string 13117 loadBalancerClientUrl: 13118 description: LoadBalancerClientUrl allows the default 13119 load balancer SDK client URL to be changed. 13120 nullable: true 13121 type: string 13122 networkLoadBalancerClientUrl: 13123 description: NetworkLoadBalancerClientUrl allows the default 13124 NLB SDK client URL to be changed. 13125 nullable: true 13126 type: string 13127 vCNClientUrl: 13128 description: VCNClientUrl allows the default vcn SDK client 13129 URL to be changed. 13130 nullable: true 13131 type: string 13132 type: object 13133 identityRef: 13134 description: IdentityRef is a reference to an identity(principal) 13135 to be used when reconciling this cluster 13136 properties: 13137 apiVersion: 13138 description: API version of the referent. 13139 type: string 13140 fieldPath: 13141 description: 'If referring to a piece of an object instead 13142 of an entire object, this string should contain a valid 13143 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 13144 For example, if the object reference is to a container 13145 within a pod, this would take on a value like: "spec.containers{name}" 13146 (where "name" refers to the name of the container that 13147 triggered the event) or if no container name is specified 13148 "spec.containers[2]" (container with index 2 in this 13149 pod). This syntax is chosen only to have some well-defined 13150 way of referencing a part of an object. TODO: this design 13151 is not final and this field is subject to change in 13152 the future.' 13153 type: string 13154 kind: 13155 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13156 type: string 13157 name: 13158 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 13159 type: string 13160 namespace: 13161 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 13162 type: string 13163 resourceVersion: 13164 description: 'Specific resourceVersion to which this reference 13165 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 13166 type: string 13167 uid: 13168 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 13169 type: string 13170 type: object 13171 x-kubernetes-map-type: atomic 13172 networkSpec: 13173 description: NetworkSpec encapsulates all things related to 13174 OCI network. 13175 properties: 13176 apiServerLoadBalancer: 13177 description: API Server LB configuration. 13178 properties: 13179 loadBalancerId: 13180 description: ID of Load Balancer. 13181 type: string 13182 loadBalancerType: 13183 description: 'Type of Load Balancer: NLB (default) 13184 or LBaaS.' 13185 type: string 13186 name: 13187 description: LoadBalancer Name. 13188 type: string 13189 type: object 13190 skipNetworkManagement: 13191 description: SkipNetworkManagement defines if the networking 13192 spec(VCN related) specified by the user needs to be 13193 reconciled(actioned-upon) or used as it is. APIServerLB 13194 will still be reconciled. 13195 type: boolean 13196 vcn: 13197 description: VCN configuration. 13198 properties: 13199 cidr: 13200 description: VCN CIDR. 13201 type: string 13202 id: 13203 description: VCN OCID. 13204 type: string 13205 internetGateway: 13206 description: Configuration for Internet Gateway. 13207 properties: 13208 id: 13209 description: ID of Internet Gateway. 13210 type: string 13211 skip: 13212 description: Skip specifies whether to skip creating 13213 internet gateway even if any one Subnet is public. 13214 type: boolean 13215 type: object 13216 name: 13217 description: VCN Name. 13218 type: string 13219 natGateway: 13220 description: Configuration for NAT Gateway. 13221 properties: 13222 id: 13223 description: ID of Nat Gateway. 13224 type: string 13225 skip: 13226 description: Skip specifies whether to skip creating 13227 NAT gateway even if any one Subnet is private. 13228 type: boolean 13229 type: object 13230 networkSecurityGroup: 13231 description: Configuration for NSG management. 13232 properties: 13233 list: 13234 description: NetworkSecurityGroup is the configuration 13235 for the Network Security Groups required in 13236 the VCN. 13237 items: 13238 description: NSG defines configuration for a 13239 Network Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 13240 properties: 13241 egressRules: 13242 description: EgressRules on the NSG. 13243 items: 13244 description: EgressSecurityRuleForNSG 13245 is EgressSecurityRule for NSG. 13246 properties: 13247 egressRule: 13248 description: EgressSecurityRule A 13249 rule for allowing outbound IP packets. 13250 properties: 13251 description: 13252 description: An optional description 13253 of your choice for the rule. 13254 type: string 13255 destination: 13256 description: 'Conceptually, this 13257 is the range of IP addresses 13258 that a packet originating from 13259 the instance can go to. Allowed 13260 values: * IP address range in 13261 CIDR notation. For example: 13262 `192.168.1.0/24` or `2001:0db8:0123:45::/56` 13263 Note that IPv6 addressing is 13264 currently supported only in 13265 certain regions. See IPv6 Addresses 13266 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 13267 * The `cidrBlock` value for 13268 a Service, if you''re setting 13269 up a security list rule for 13270 traffic destined for a particular 13271 `Service` through a service 13272 gateway. For example: `oci-phx-objectstorage`.' 13273 type: string 13274 destinationType: 13275 description: 'Type of destination 13276 for the rule. The default is 13277 `CIDR_BLOCK`. Allowed values: 13278 * `CIDR_BLOCK`: If the rule''s 13279 `destination` is an IP address 13280 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 13281 If the rule''s `destination` 13282 is the `cidrBlock` value for 13283 a Service (the rule is for traffic 13284 destined for a particular `Service` 13285 through a service gateway).' 13286 type: string 13287 icmpOptions: 13288 description: 'IcmpOptions Optional 13289 and valid only for ICMP and 13290 ICMPv6. Use to specify a particular 13291 ICMP type and code as defined 13292 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13293 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13294 If you specify ICMP or ICMPv6 13295 as the protocol but omit this 13296 object, then all ICMP types 13297 and codes are allowed. If you 13298 do provide this object, the 13299 type is required and the code 13300 is optional. To enable MTU negotiation 13301 for ingress internet traffic 13302 via IPv4, make sure to allow 13303 type 3 ("Destination Unreachable") 13304 code 4 ("Fragmentation Needed 13305 and Don''t Fragment was Set"). 13306 If you need to specify multiple 13307 codes for a single type, create 13308 a separate security list rule 13309 for each.' 13310 properties: 13311 code: 13312 description: The ICMP code 13313 (optional). 13314 type: integer 13315 type: 13316 description: The ICMP type. 13317 type: integer 13318 type: object 13319 isStateless: 13320 description: A stateless rule 13321 allows traffic in one direction. 13322 Remember to add a corresponding 13323 stateless rule in the other 13324 direction if you need to support 13325 bidirectional traffic. For example, 13326 if egress traffic allows TCP 13327 destination port 80, there should 13328 be an ingress rule to allow 13329 TCP source port 80. Defaults 13330 to false, which means the rule 13331 is stateful and a corresponding 13332 rule is not necessary for bidirectional 13333 traffic. 13334 type: boolean 13335 protocol: 13336 description: The transport protocol. 13337 Specify either `all` or an IPv4 13338 protocol number as defined in 13339 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13340 Options are supported only for 13341 ICMP ("1"), TCP ("6"), UDP ("17"), 13342 and ICMPv6 ("58"). 13343 type: string 13344 tcpOptions: 13345 description: TcpOptions Optional 13346 and valid only for TCP. Use 13347 to specify particular destination 13348 ports for TCP rules. If you 13349 specify TCP as the protocol 13350 but omit this object, then all 13351 destination ports are allowed. 13352 properties: 13353 destinationPortRange: 13354 description: PortRange The 13355 representation of PortRange. 13356 properties: 13357 max: 13358 description: The maximum 13359 port number, which must 13360 not be less than the 13361 minimum port number. 13362 To specify a single 13363 port number, set both 13364 the min and max to the 13365 same value. 13366 type: integer 13367 min: 13368 description: The minimum 13369 port number, which must 13370 not be greater than 13371 the maximum port number. 13372 type: integer 13373 type: object 13374 sourcePortRange: 13375 description: PortRange The 13376 representation of PortRange. 13377 properties: 13378 max: 13379 description: The maximum 13380 port number, which must 13381 not be less than the 13382 minimum port number. 13383 To specify a single 13384 port number, set both 13385 the min and max to the 13386 same value. 13387 type: integer 13388 min: 13389 description: The minimum 13390 port number, which must 13391 not be greater than 13392 the maximum port number. 13393 type: integer 13394 type: object 13395 type: object 13396 udpOptions: 13397 description: UdpOptions Optional 13398 and valid only for UDP. Use 13399 to specify particular destination 13400 ports for UDP rules. If you 13401 specify UDP as the protocol 13402 but omit this object, then all 13403 destination ports are allowed. 13404 properties: 13405 destinationPortRange: 13406 description: PortRange The 13407 representation of PortRange. 13408 properties: 13409 max: 13410 description: The maximum 13411 port number, which must 13412 not be less than the 13413 minimum port number. 13414 To specify a single 13415 port number, set both 13416 the min and max to the 13417 same value. 13418 type: integer 13419 min: 13420 description: The minimum 13421 port number, which must 13422 not be greater than 13423 the maximum port number. 13424 type: integer 13425 type: object 13426 sourcePortRange: 13427 description: PortRange The 13428 representation of PortRange. 13429 properties: 13430 max: 13431 description: The maximum 13432 port number, which must 13433 not be less than the 13434 minimum port number. 13435 To specify a single 13436 port number, set both 13437 the min and max to the 13438 same value. 13439 type: integer 13440 min: 13441 description: The minimum 13442 port number, which must 13443 not be greater than 13444 the maximum port number. 13445 type: integer 13446 type: object 13447 type: object 13448 type: object 13449 type: object 13450 type: array 13451 id: 13452 description: NSG OCID. 13453 type: string 13454 ingressRules: 13455 description: IngressRules on the NSG. 13456 items: 13457 description: IngressSecurityRuleForNSG 13458 is IngressSecurityRule for NSG 13459 properties: 13460 ingressRule: 13461 description: IngressSecurityRule A 13462 rule for allowing inbound IP packets. 13463 properties: 13464 description: 13465 description: An optional description 13466 of your choice for the rule. 13467 type: string 13468 icmpOptions: 13469 description: 'IcmpOptions Optional 13470 and valid only for ICMP and 13471 ICMPv6. Use to specify a particular 13472 ICMP type and code as defined 13473 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13474 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13475 If you specify ICMP or ICMPv6 13476 as the protocol but omit this 13477 object, then all ICMP types 13478 and codes are allowed. If you 13479 do provide this object, the 13480 type is required and the code 13481 is optional. To enable MTU negotiation 13482 for ingress internet traffic 13483 via IPv4, make sure to allow 13484 type 3 ("Destination Unreachable") 13485 code 4 ("Fragmentation Needed 13486 and Don''t Fragment was Set"). 13487 If you need to specify multiple 13488 codes for a single type, create 13489 a separate security list rule 13490 for each.' 13491 properties: 13492 code: 13493 description: The ICMP code 13494 (optional). 13495 type: integer 13496 type: 13497 description: The ICMP type. 13498 type: integer 13499 type: object 13500 isStateless: 13501 description: A stateless rule 13502 allows traffic in one direction. 13503 Remember to add a corresponding 13504 stateless rule in the other 13505 direction if you need to support 13506 bidirectional traffic. For example, 13507 if ingress traffic allows TCP 13508 destination port 80, there should 13509 be an egress rule to allow TCP 13510 source port 80. Defaults to 13511 false, which means the rule 13512 is stateful and a corresponding 13513 rule is not necessary for bidirectional 13514 traffic. 13515 type: boolean 13516 protocol: 13517 description: The transport protocol. 13518 Specify either `all` or an IPv4 13519 protocol number as defined in 13520 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13521 Options are supported only for 13522 ICMP ("1"), TCP ("6"), UDP ("17"), 13523 and ICMPv6 ("58"). 13524 type: string 13525 source: 13526 description: 'Conceptually, this 13527 is the range of IP addresses 13528 that a packet coming into the 13529 instance can come from. Allowed 13530 values: * IP address range in 13531 CIDR notation. For example: 13532 `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 13533 IPv6 addressing is supported 13534 for all commercial and government 13535 regions. See IPv6 Addresses 13536 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 13537 * The `cidrBlock` value for 13538 a Service, if you''re setting 13539 up a security list rule for 13540 traffic coming from a particular 13541 `Service` through a service 13542 gateway. For example: `oci-phx-objectstorage`.' 13543 type: string 13544 sourceType: 13545 description: 'Type of source for 13546 the rule. The default is `CIDR_BLOCK`. 13547 * `CIDR_BLOCK`: If the rule''s 13548 `source` is an IP address range 13549 in CIDR notation. * `SERVICE_CIDR_BLOCK`: 13550 If the rule''s `source` is the 13551 `cidrBlock` value for a Service 13552 (the rule is for traffic coming 13553 from a particular `Service` 13554 through a service gateway).' 13555 type: string 13556 tcpOptions: 13557 description: TcpOptions Optional 13558 and valid only for TCP. Use 13559 to specify particular destination 13560 ports for TCP rules. If you 13561 specify TCP as the protocol 13562 but omit this object, then all 13563 destination ports are allowed. 13564 properties: 13565 destinationPortRange: 13566 description: PortRange The 13567 representation of PortRange. 13568 properties: 13569 max: 13570 description: The maximum 13571 port number, which must 13572 not be less than the 13573 minimum port number. 13574 To specify a single 13575 port number, set both 13576 the min and max to the 13577 same value. 13578 type: integer 13579 min: 13580 description: The minimum 13581 port number, which must 13582 not be greater than 13583 the maximum port number. 13584 type: integer 13585 type: object 13586 sourcePortRange: 13587 description: PortRange The 13588 representation of PortRange. 13589 properties: 13590 max: 13591 description: The maximum 13592 port number, which must 13593 not be less than the 13594 minimum port number. 13595 To specify a single 13596 port number, set both 13597 the min and max to the 13598 same value. 13599 type: integer 13600 min: 13601 description: The minimum 13602 port number, which must 13603 not be greater than 13604 the maximum port number. 13605 type: integer 13606 type: object 13607 type: object 13608 udpOptions: 13609 description: UdpOptions Optional 13610 and valid only for UDP. Use 13611 to specify particular destination 13612 ports for UDP rules. If you 13613 specify UDP as the protocol 13614 but omit this object, then all 13615 destination ports are allowed. 13616 properties: 13617 destinationPortRange: 13618 description: PortRange The 13619 representation of PortRange. 13620 properties: 13621 max: 13622 description: The maximum 13623 port number, which must 13624 not be less than the 13625 minimum port number. 13626 To specify a single 13627 port number, set both 13628 the min and max to the 13629 same value. 13630 type: integer 13631 min: 13632 description: The minimum 13633 port number, which must 13634 not be greater than 13635 the maximum port number. 13636 type: integer 13637 type: object 13638 sourcePortRange: 13639 description: PortRange The 13640 representation of PortRange. 13641 properties: 13642 max: 13643 description: The maximum 13644 port number, which must 13645 not be less than the 13646 minimum port number. 13647 To specify a single 13648 port number, set both 13649 the min and max to the 13650 same value. 13651 type: integer 13652 min: 13653 description: The minimum 13654 port number, which must 13655 not be greater than 13656 the maximum port number. 13657 type: integer 13658 type: object 13659 type: object 13660 type: object 13661 type: object 13662 type: array 13663 name: 13664 description: NSG Name. 13665 type: string 13666 role: 13667 description: Role defines the NSG role (eg. 13668 control-plane, control-plane-endpoint, 13669 service-lb, worker). 13670 type: string 13671 required: 13672 - name 13673 type: object 13674 type: array 13675 x-kubernetes-list-map-keys: 13676 - name 13677 x-kubernetes-list-type: map 13678 skip: 13679 description: Skip specifies whether to skip creating 13680 network security groups. 13681 type: boolean 13682 type: object 13683 routeTable: 13684 description: Configuration for Route table. 13685 properties: 13686 privateRouteTableId: 13687 description: ID of Private Route Table. 13688 type: string 13689 publicRouteTableId: 13690 description: ID of Public Route Table. 13691 type: string 13692 skip: 13693 description: Skip specifies whether to skip creating 13694 Route table. 13695 type: boolean 13696 type: object 13697 serviceGateway: 13698 description: Configuration for Service Gateway. 13699 properties: 13700 id: 13701 description: ID of Service Gateway. 13702 type: string 13703 skip: 13704 description: Skip specifies whether to skip creating 13705 Service gateway. 13706 type: boolean 13707 type: object 13708 subnets: 13709 description: Subnets is the configuration for subnets 13710 required in the VCN. 13711 items: 13712 description: Subnet defines the configuration for 13713 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 13714 properties: 13715 cidr: 13716 description: Subnet CIDR. 13717 type: string 13718 id: 13719 description: Subnet OCID. 13720 type: string 13721 name: 13722 description: Subnet Name. 13723 type: string 13724 role: 13725 description: Role defines the subnet role (eg. 13726 control-plane, control-plane-endpoint, service-lb, 13727 worker). 13728 type: string 13729 securityList: 13730 description: The security list associated with 13731 Subnet. 13732 properties: 13733 egressRules: 13734 description: EgressRules on the SecurityList. 13735 items: 13736 description: EgressSecurityRule A rule 13737 for allowing outbound IP packets. 13738 properties: 13739 description: 13740 description: An optional description 13741 of your choice for the rule. 13742 type: string 13743 destination: 13744 description: 'Conceptually, this is 13745 the range of IP addresses that a 13746 packet originating from the instance 13747 can go to. Allowed values: * IP 13748 address range in CIDR notation. 13749 For example: `192.168.1.0/24` or 13750 `2001:0db8:0123:45::/56` Note that 13751 IPv6 addressing is currently supported 13752 only in certain regions. See IPv6 13753 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 13754 * The `cidrBlock` value for a Service, 13755 if you''re setting up a security 13756 list rule for traffic destined for 13757 a particular `Service` through a 13758 service gateway. For example: `oci-phx-objectstorage`.' 13759 type: string 13760 destinationType: 13761 description: 'Type of destination 13762 for the rule. The default is `CIDR_BLOCK`. 13763 Allowed values: * `CIDR_BLOCK`: 13764 If the rule''s `destination` is 13765 an IP address range in CIDR notation. 13766 * `SERVICE_CIDR_BLOCK`: If the rule''s 13767 `destination` is the `cidrBlock` 13768 value for a Service (the rule is 13769 for traffic destined for a particular 13770 `Service` through a service gateway).' 13771 type: string 13772 icmpOptions: 13773 description: 'IcmpOptions Optional 13774 and valid only for ICMP and ICMPv6. 13775 Use to specify a particular ICMP 13776 type and code as defined in: - ICMP 13777 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13778 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13779 If you specify ICMP or ICMPv6 as 13780 the protocol but omit this object, 13781 then all ICMP types and codes are 13782 allowed. If you do provide this 13783 object, the type is required and 13784 the code is optional. To enable 13785 MTU negotiation for ingress internet 13786 traffic via IPv4, make sure to allow 13787 type 3 ("Destination Unreachable") 13788 code 4 ("Fragmentation Needed and 13789 Don''t Fragment was Set"). If you 13790 need to specify multiple codes for 13791 a single type, create a separate 13792 security list rule for each.' 13793 properties: 13794 code: 13795 description: The ICMP code (optional). 13796 type: integer 13797 type: 13798 description: The ICMP type. 13799 type: integer 13800 type: object 13801 isStateless: 13802 description: A stateless rule allows 13803 traffic in one direction. Remember 13804 to add a corresponding stateless 13805 rule in the other direction if you 13806 need to support bidirectional traffic. 13807 For example, if egress traffic allows 13808 TCP destination port 80, there should 13809 be an ingress rule to allow TCP 13810 source port 80. Defaults to false, 13811 which means the rule is stateful 13812 and a corresponding rule is not 13813 necessary for bidirectional traffic. 13814 type: boolean 13815 protocol: 13816 description: The transport protocol. 13817 Specify either `all` or an IPv4 13818 protocol number as defined in Protocol 13819 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13820 Options are supported only for ICMP 13821 ("1"), TCP ("6"), UDP ("17"), and 13822 ICMPv6 ("58"). 13823 type: string 13824 tcpOptions: 13825 description: TcpOptions Optional and 13826 valid only for TCP. Use to specify 13827 particular destination ports for 13828 TCP rules. If you specify TCP as 13829 the protocol but omit this object, 13830 then all destination ports are allowed. 13831 properties: 13832 destinationPortRange: 13833 description: PortRange The representation 13834 of PortRange. 13835 properties: 13836 max: 13837 description: The maximum port 13838 number, which must not be 13839 less than the minimum port 13840 number. To specify a single 13841 port number, set both the 13842 min and max to the same 13843 value. 13844 type: integer 13845 min: 13846 description: The minimum port 13847 number, which must not be 13848 greater than the maximum 13849 port number. 13850 type: integer 13851 type: object 13852 sourcePortRange: 13853 description: PortRange The representation 13854 of PortRange. 13855 properties: 13856 max: 13857 description: The maximum port 13858 number, which must not be 13859 less than the minimum port 13860 number. To specify a single 13861 port number, set both the 13862 min and max to the same 13863 value. 13864 type: integer 13865 min: 13866 description: The minimum port 13867 number, which must not be 13868 greater than the maximum 13869 port number. 13870 type: integer 13871 type: object 13872 type: object 13873 udpOptions: 13874 description: UdpOptions Optional and 13875 valid only for UDP. Use to specify 13876 particular destination ports for 13877 UDP rules. If you specify UDP as 13878 the protocol but omit this object, 13879 then all destination ports are allowed. 13880 properties: 13881 destinationPortRange: 13882 description: PortRange The representation 13883 of PortRange. 13884 properties: 13885 max: 13886 description: The maximum port 13887 number, which must not be 13888 less than the minimum port 13889 number. To specify a single 13890 port number, set both the 13891 min and max to the same 13892 value. 13893 type: integer 13894 min: 13895 description: The minimum port 13896 number, which must not be 13897 greater than the maximum 13898 port number. 13899 type: integer 13900 type: object 13901 sourcePortRange: 13902 description: PortRange The representation 13903 of PortRange. 13904 properties: 13905 max: 13906 description: The maximum port 13907 number, which must not be 13908 less than the minimum port 13909 number. To specify a single 13910 port number, set both the 13911 min and max to the same 13912 value. 13913 type: integer 13914 min: 13915 description: The minimum port 13916 number, which must not be 13917 greater than the maximum 13918 port number. 13919 type: integer 13920 type: object 13921 type: object 13922 type: object 13923 type: array 13924 id: 13925 description: ID of the SecurityList. 13926 type: string 13927 ingressRules: 13928 description: IngressRules on the SecurityList. 13929 items: 13930 description: IngressSecurityRule A rule 13931 for allowing inbound IP packets. 13932 properties: 13933 description: 13934 description: An optional description 13935 of your choice for the rule. 13936 type: string 13937 icmpOptions: 13938 description: 'IcmpOptions Optional 13939 and valid only for ICMP and ICMPv6. 13940 Use to specify a particular ICMP 13941 type and code as defined in: - ICMP 13942 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13943 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13944 If you specify ICMP or ICMPv6 as 13945 the protocol but omit this object, 13946 then all ICMP types and codes are 13947 allowed. If you do provide this 13948 object, the type is required and 13949 the code is optional. To enable 13950 MTU negotiation for ingress internet 13951 traffic via IPv4, make sure to allow 13952 type 3 ("Destination Unreachable") 13953 code 4 ("Fragmentation Needed and 13954 Don''t Fragment was Set"). If you 13955 need to specify multiple codes for 13956 a single type, create a separate 13957 security list rule for each.' 13958 properties: 13959 code: 13960 description: The ICMP code (optional). 13961 type: integer 13962 type: 13963 description: The ICMP type. 13964 type: integer 13965 type: object 13966 isStateless: 13967 description: A stateless rule allows 13968 traffic in one direction. Remember 13969 to add a corresponding stateless 13970 rule in the other direction if you 13971 need to support bidirectional traffic. 13972 For example, if ingress traffic 13973 allows TCP destination port 80, 13974 there should be an egress rule to 13975 allow TCP source port 80. Defaults 13976 to false, which means the rule is 13977 stateful and a corresponding rule 13978 is not necessary for bidirectional 13979 traffic. 13980 type: boolean 13981 protocol: 13982 description: The transport protocol. 13983 Specify either `all` or an IPv4 13984 protocol number as defined in Protocol 13985 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13986 Options are supported only for ICMP 13987 ("1"), TCP ("6"), UDP ("17"), and 13988 ICMPv6 ("58"). 13989 type: string 13990 source: 13991 description: 'Conceptually, this is 13992 the range of IP addresses that a 13993 packet coming into the instance 13994 can come from. Allowed values: * 13995 IP address range in CIDR notation. 13996 For example: `192.168.1.0/24` or 13997 `2001:0db8:0123:45::/56`. IPv6 addressing 13998 is supported for all commercial 13999 and government regions. See IPv6 14000 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 14001 * The `cidrBlock` value for a Service, 14002 if you''re setting up a security 14003 list rule for traffic coming from 14004 a particular `Service` through a 14005 service gateway. For example: `oci-phx-objectstorage`.' 14006 type: string 14007 sourceType: 14008 description: 'Type of source for the 14009 rule. The default is `CIDR_BLOCK`. 14010 * `CIDR_BLOCK`: If the rule''s `source` 14011 is an IP address range in CIDR notation. 14012 * `SERVICE_CIDR_BLOCK`: If the rule''s 14013 `source` is the `cidrBlock` value 14014 for a Service (the rule is for traffic 14015 coming from a particular `Service` 14016 through a service gateway).' 14017 type: string 14018 tcpOptions: 14019 description: TcpOptions Optional and 14020 valid only for TCP. Use to specify 14021 particular destination ports for 14022 TCP rules. If you specify TCP as 14023 the protocol but omit this object, 14024 then all destination ports are allowed. 14025 properties: 14026 destinationPortRange: 14027 description: PortRange The representation 14028 of PortRange. 14029 properties: 14030 max: 14031 description: The maximum port 14032 number, which must not be 14033 less than the minimum port 14034 number. To specify a single 14035 port number, set both the 14036 min and max to the same 14037 value. 14038 type: integer 14039 min: 14040 description: The minimum port 14041 number, which must not be 14042 greater than the maximum 14043 port number. 14044 type: integer 14045 type: object 14046 sourcePortRange: 14047 description: PortRange The representation 14048 of PortRange. 14049 properties: 14050 max: 14051 description: The maximum port 14052 number, which must not be 14053 less than the minimum port 14054 number. To specify a single 14055 port number, set both the 14056 min and max to the same 14057 value. 14058 type: integer 14059 min: 14060 description: The minimum port 14061 number, which must not be 14062 greater than the maximum 14063 port number. 14064 type: integer 14065 type: object 14066 type: object 14067 udpOptions: 14068 description: UdpOptions Optional and 14069 valid only for UDP. Use to specify 14070 particular destination ports for 14071 UDP rules. If you specify UDP as 14072 the protocol but omit this object, 14073 then all destination ports are allowed. 14074 properties: 14075 destinationPortRange: 14076 description: PortRange The representation 14077 of PortRange. 14078 properties: 14079 max: 14080 description: The maximum port 14081 number, which must not be 14082 less than the minimum port 14083 number. To specify a single 14084 port number, set both the 14085 min and max to the same 14086 value. 14087 type: integer 14088 min: 14089 description: The minimum port 14090 number, which must not be 14091 greater than the maximum 14092 port number. 14093 type: integer 14094 type: object 14095 sourcePortRange: 14096 description: PortRange The representation 14097 of PortRange. 14098 properties: 14099 max: 14100 description: The maximum port 14101 number, which must not be 14102 less than the minimum port 14103 number. To specify a single 14104 port number, set both the 14105 min and max to the same 14106 value. 14107 type: integer 14108 min: 14109 description: The minimum port 14110 number, which must not be 14111 greater than the maximum 14112 port number. 14113 type: integer 14114 type: object 14115 type: object 14116 type: object 14117 type: array 14118 name: 14119 description: SecurityList Name. 14120 type: string 14121 type: object 14122 type: 14123 description: Type defines the subnet type (e.g. 14124 public, private). 14125 type: string 14126 required: 14127 - name 14128 - role 14129 type: object 14130 type: array 14131 x-kubernetes-list-map-keys: 14132 - name 14133 x-kubernetes-list-type: map 14134 type: object 14135 vcnPeering: 14136 description: VCNPeering configuration. 14137 properties: 14138 drg: 14139 description: DRG configuration refers to the DRG which 14140 has to be created if required. If management cluster 14141 and workload cluster shares the same DRG, this fields 14142 is not required to be specified. 14143 properties: 14144 id: 14145 description: ID is the OCID for the created DRG. 14146 type: string 14147 manage: 14148 description: Manage defines whether the DRG has 14149 to be managed(including create). If set to false(the 14150 default) the ID has to be specified by the user 14151 to a valid DRG ID to which the VCN has to be 14152 attached. 14153 type: boolean 14154 name: 14155 description: Name is the name of the created DRG. 14156 type: string 14157 vcnAttachmentId: 14158 description: VcnAttachmentId is the ID of the 14159 VCN attachment of the DRG. The workload cluster 14160 VCN can be attached to either the management 14161 cluster VCN if they are sharing the same DRG 14162 or to the workload cluster DRG. 14163 type: string 14164 type: object 14165 peerRouteRules: 14166 description: PeerRouteRules defines the routing rules 14167 which will be added to the private route tables 14168 of the workload cluster VCN. The routes defined 14169 here will be directed to DRG. 14170 items: 14171 description: PeerRouteRule defines a Route Rule 14172 to be routed via a DRG. 14173 properties: 14174 vcnCIDRRange: 14175 description: VCNCIDRRange is the CIDR Range 14176 of peer VCN to which the workload cluster 14177 VCN will be peered. The CIDR range is required 14178 to add the route rule in the workload cluster 14179 VCN, the route rule will forward any traffic 14180 to the CIDR to the DRG. 14181 type: string 14182 type: object 14183 type: array 14184 remotePeeringConnections: 14185 description: RemotePeeringConnections defines the 14186 RPC connections which be established with the workload 14187 cluster DRG. 14188 items: 14189 description: RemotePeeringConnection is used to 14190 peer VCNs residing in different regions(typically). 14191 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 14192 properties: 14193 managePeerRPC: 14194 description: ManagePeerRPC will define if the 14195 Peer VCN needs to be managed. If set to true 14196 a Remote Peering Connection will be created 14197 in the Peer DRG and the connection will be 14198 created between local and peer RPC. 14199 type: boolean 14200 peerDRGId: 14201 description: PeerDRGId defines the DRG ID of 14202 the peer. 14203 type: string 14204 peerRPCConnectionId: 14205 description: PeerRPCConnectionId defines the 14206 RPC ID of peer. If ManagePeerRPC is set to 14207 true this will be created by Cluster API Provider 14208 for OCI, otherwise this has be defined by 14209 the user. 14210 type: string 14211 peerRegionName: 14212 description: PeerRegionName defined the region 14213 name of Peer VCN. 14214 type: string 14215 rpcConnectionId: 14216 description: RPCConnectionId is the connection 14217 ID of the connection between peer and local 14218 RPC. 14219 type: string 14220 type: object 14221 type: array 14222 type: object 14223 type: object 14224 ociResourceIdentifier: 14225 description: The unique ID which will be used to tag all the 14226 resources created by this Cluster. The tag will be used 14227 to identify resources belonging to this cluster. this will 14228 be auto-generated and should not be set by the user. 14229 type: string 14230 region: 14231 description: Region the cluster operates in. It must be one 14232 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 14233 type: string 14234 type: object 14235 required: 14236 - spec 14237 type: object 14238 required: 14239 - template 14240 type: object 14241 type: object 14242 served: true 14243 storage: true 14244 --- 14245 apiVersion: apiextensions.k8s.io/v1 14246 kind: CustomResourceDefinition 14247 metadata: 14248 annotations: 14249 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 14250 controller-gen.kubebuilder.io/version: v0.10.0 14251 labels: 14252 cluster.x-k8s.io/provider: infrastructure-oci 14253 cluster.x-k8s.io/v1beta1: v1beta1 14254 name: ocimanagedcontrolplanes.infrastructure.cluster.x-k8s.io 14255 spec: 14256 conversion: 14257 strategy: Webhook 14258 webhook: 14259 clientConfig: 14260 service: 14261 name: capoci-webhook-service 14262 namespace: cluster-api-provider-oci-system 14263 path: /convert 14264 conversionReviewVersions: 14265 - v1 14266 - v1beta1 14267 group: infrastructure.cluster.x-k8s.io 14268 names: 14269 kind: OCIManagedControlPlane 14270 listKind: OCIManagedControlPlaneList 14271 plural: ocimanagedcontrolplanes 14272 singular: ocimanagedcontrolplane 14273 scope: Namespaced 14274 versions: 14275 - name: v1beta1 14276 schema: 14277 openAPIV3Schema: 14278 description: OCIManagedControlPlane is the Schema for the ocimanagedcontrolplane 14279 API. 14280 properties: 14281 apiVersion: 14282 description: 'APIVersion defines the versioned schema of this representation 14283 of an object. Servers should convert recognized schemas to the latest 14284 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14285 type: string 14286 kind: 14287 description: 'Kind is a string value representing the REST resource this 14288 object represents. Servers may infer this from the endpoint the client 14289 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14290 type: string 14291 metadata: 14292 type: object 14293 spec: 14294 description: OCIManagedControlPlaneSpec defines the desired state of OCIManagedControlPlane. 14295 The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14296 properties: 14297 clusterOptions: 14298 description: ClusterOptions defines Optional attributes for the cluster. 14299 properties: 14300 addOnOptions: 14301 description: AddOnOptions defines the properties that define options 14302 for supported add-ons. 14303 properties: 14304 isKubernetesDashboardEnabled: 14305 description: IsKubernetesDashboardEnabled defines whether 14306 or not to enable the Kubernetes Dashboard add-on. 14307 type: boolean 14308 isTillerEnabled: 14309 description: IsKubernetesDashboardEnabled defines whether 14310 or not to enable the Tiller add-on. 14311 type: boolean 14312 type: object 14313 admissionControllerOptions: 14314 description: AdmissionControllerOptions defines the properties 14315 that define supported admission controllers. 14316 properties: 14317 isPodSecurityPolicyEnabled: 14318 description: IsPodSecurityPolicyEnabled defines whether or 14319 not to enable the Pod Security Policy admission controller. 14320 type: boolean 14321 type: object 14322 type: object 14323 clusterPodNetworkOptions: 14324 description: ClusterPodNetworkOptions defines the available CNIs and 14325 network options for existing and new node pools of the cluster 14326 items: 14327 description: ClusterPodNetworkOptions defines the available CNIs 14328 and network options for existing and new node pools of the cluster 14329 properties: 14330 cniType: 14331 description: The CNI to be used are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY 14332 type: string 14333 type: object 14334 type: array 14335 controlPlaneEndpoint: 14336 description: ControlPlaneEndpoint represents the endpoint used to 14337 communicate with the control plane. 14338 properties: 14339 host: 14340 description: The hostname on which the API server is serving. 14341 type: string 14342 port: 14343 description: The port on which the API server is serving. 14344 format: int32 14345 type: integer 14346 required: 14347 - host 14348 - port 14349 type: object 14350 id: 14351 description: ID of the OKEcluster. 14352 type: string 14353 imagePolicyConfig: 14354 description: ImagePolicyConfig defines the properties that define 14355 a image verification policy. 14356 properties: 14357 isPolicyEnabled: 14358 description: IsPolicyEnabled defines Whether the image verification 14359 policy is enabled. 14360 type: boolean 14361 keyDetails: 14362 description: KeyDetails defines a list of KMS key details. 14363 items: 14364 description: KeyDetails defines the properties that define the 14365 kms keys used by OKE for Image Signature verification. 14366 properties: 14367 keyDetails: 14368 description: KmsKeyId defines the OCID of the KMS key that 14369 will be used to verify whether the images are signed by 14370 an approved source. 14371 type: string 14372 type: object 14373 type: array 14374 type: object 14375 kmsKeyId: 14376 description: KmsKeyId defines the OCID of the KMS key to be used as 14377 the master encryption key for Kubernetes secret encryption. When 14378 used, 14379 type: string 14380 version: 14381 description: Version represents the version of the Kubernetes Cluster 14382 Control Plane. 14383 type: string 14384 type: object 14385 status: 14386 description: OCIManagedControlPlaneStatus defines the observed state of 14387 OCIManagedControlPlane 14388 properties: 14389 conditions: 14390 description: NetworkSpec encapsulates all things related to OCI network. 14391 items: 14392 description: Condition defines an observation of a Cluster API resource 14393 operational state. 14394 properties: 14395 lastTransitionTime: 14396 description: Last time the condition transitioned from one status 14397 to another. This should be when the underlying condition changed. 14398 If that is not known, then using the time when the API field 14399 changed is acceptable. 14400 format: date-time 14401 type: string 14402 message: 14403 description: A human readable message indicating details about 14404 the transition. This field may be empty. 14405 type: string 14406 reason: 14407 description: The reason for the condition's last transition 14408 in CamelCase. The specific API may choose whether or not this 14409 field is considered a guaranteed API. This field may not be 14410 empty. 14411 type: string 14412 severity: 14413 description: Severity provides an explicit classification of 14414 Reason code, so the users or machines can immediately understand 14415 the current situation and act accordingly. The Severity field 14416 MUST be set only when Status=False. 14417 type: string 14418 status: 14419 description: Status of the condition, one of True, False, Unknown. 14420 type: string 14421 type: 14422 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 14423 Many .condition.type values are consistent across resources 14424 like Available, but because arbitrary conditions can be useful 14425 (see .node.status.conditions), the ability to deconflict is 14426 important. 14427 type: string 14428 required: 14429 - lastTransitionTime 14430 - status 14431 - type 14432 type: object 14433 type: array 14434 initialized: 14435 description: Initialized denotes whether or not the control plane 14436 has the uploaded kubernetes config-map. 14437 type: boolean 14438 ready: 14439 type: boolean 14440 version: 14441 description: Version represents the current Kubernetes version for 14442 the control plane. 14443 type: string 14444 type: object 14445 type: object 14446 served: true 14447 storage: false 14448 subresources: 14449 status: {} 14450 - name: v1beta2 14451 schema: 14452 openAPIV3Schema: 14453 description: OCIManagedControlPlane is the Schema for the ocimanagedcontrolplane 14454 API. 14455 properties: 14456 apiVersion: 14457 description: 'APIVersion defines the versioned schema of this representation 14458 of an object. Servers should convert recognized schemas to the latest 14459 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14460 type: string 14461 kind: 14462 description: 'Kind is a string value representing the REST resource this 14463 object represents. Servers may infer this from the endpoint the client 14464 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14465 type: string 14466 metadata: 14467 type: object 14468 spec: 14469 description: OCIManagedControlPlaneSpec defines the desired state of OCIManagedControlPlane. 14470 The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14471 properties: 14472 addons: 14473 description: The list of addons to be applied to the OKE cluster. 14474 items: 14475 description: Addon defines the properties of an addon. 14476 properties: 14477 configurations: 14478 description: Configurations defines a list of configurations 14479 of the addon. 14480 items: 14481 description: AddonConfiguration defines a configuration of 14482 an addon. 14483 properties: 14484 key: 14485 description: The key of the configuration. 14486 type: string 14487 value: 14488 description: The value of the configuration. 14489 type: string 14490 type: object 14491 type: array 14492 name: 14493 description: Name represents the name of the addon. 14494 type: string 14495 version: 14496 description: Version represents the version of the addon. 14497 type: string 14498 required: 14499 - name 14500 type: object 14501 type: array 14502 x-kubernetes-list-map-keys: 14503 - name 14504 x-kubernetes-list-type: map 14505 clusterOptions: 14506 description: ClusterOptions defines Optional attributes for the cluster. 14507 properties: 14508 addOnOptions: 14509 description: AddOnOptions defines the properties that define options 14510 for supported add-ons. 14511 properties: 14512 isKubernetesDashboardEnabled: 14513 description: IsKubernetesDashboardEnabled defines whether 14514 or not to enable the Kubernetes Dashboard add-on. 14515 type: boolean 14516 isTillerEnabled: 14517 description: IsKubernetesDashboardEnabled defines whether 14518 or not to enable the Tiller add-on. 14519 type: boolean 14520 type: object 14521 admissionControllerOptions: 14522 description: AdmissionControllerOptions defines the properties 14523 that define supported admission controllers. 14524 properties: 14525 isPodSecurityPolicyEnabled: 14526 description: IsPodSecurityPolicyEnabled defines whether or 14527 not to enable the Pod Security Policy admission controller. 14528 type: boolean 14529 type: object 14530 type: object 14531 clusterPodNetworkOptions: 14532 description: ClusterPodNetworkOptions defines the available CNIs and 14533 network options for existing and new node pools of the cluster 14534 items: 14535 description: ClusterPodNetworkOptions defines the available CNIs 14536 and network options for existing and new node pools of the cluster 14537 properties: 14538 cniType: 14539 description: The CNI to be used are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY 14540 type: string 14541 type: object 14542 type: array 14543 clusterType: 14544 description: ClusterTypeEnum defines the type of cluster. Supported 14545 types are * `BASIC_CLUSTER` * `ENHANCED_CLUSTER` 14546 type: string 14547 controlPlaneEndpoint: 14548 description: ControlPlaneEndpoint represents the endpoint used to 14549 communicate with the control plane. 14550 properties: 14551 host: 14552 description: The hostname on which the API server is serving. 14553 type: string 14554 port: 14555 description: The port on which the API server is serving. 14556 format: int32 14557 type: integer 14558 required: 14559 - host 14560 - port 14561 type: object 14562 id: 14563 description: ID of the OKEcluster. 14564 type: string 14565 imagePolicyConfig: 14566 description: ImagePolicyConfig defines the properties that define 14567 a image verification policy. 14568 properties: 14569 isPolicyEnabled: 14570 description: IsPolicyEnabled defines Whether the image verification 14571 policy is enabled. 14572 type: boolean 14573 keyDetails: 14574 description: KeyDetails defines a list of KMS key details. 14575 items: 14576 description: KeyDetails defines the properties that define the 14577 kms keys used by OKE for Image Signature verification. 14578 properties: 14579 keyDetails: 14580 description: KmsKeyId defines the OCID of the KMS key that 14581 will be used to verify whether the images are signed by 14582 an approved source. 14583 type: string 14584 type: object 14585 type: array 14586 type: object 14587 kmsKeyId: 14588 description: KmsKeyId defines the OCID of the KMS key to be used as 14589 the master encryption key for Kubernetes secret encryption. When 14590 used, 14591 type: string 14592 version: 14593 description: Version represents the version of the Kubernetes Cluster 14594 Control Plane. 14595 type: string 14596 type: object 14597 status: 14598 description: OCIManagedControlPlaneStatus defines the observed state of 14599 OCIManagedControlPlane 14600 properties: 14601 addonStatus: 14602 additionalProperties: 14603 description: AddonStatus defines the status of an Addon. 14604 properties: 14605 addonError: 14606 description: AddonError defines the error encountered by the 14607 Addon. 14608 properties: 14609 code: 14610 description: Code defines a short error code that defines 14611 the upstream error, meant for programmatic parsing. 14612 type: string 14613 message: 14614 description: Message defines a human-readable error string 14615 of the upstream error. 14616 type: string 14617 status: 14618 description: Status defines the status of the HTTP response 14619 encountered in the upstream error. 14620 type: string 14621 type: object 14622 currentlyInstalledVersion: 14623 description: Version represents the version of the addon. 14624 type: string 14625 lifecycleState: 14626 description: LifecycleState defines the lifecycle state of the 14627 addon. 14628 type: string 14629 type: object 14630 description: AddonStatus represents the status of the addon. 14631 type: object 14632 conditions: 14633 description: NetworkSpec encapsulates all things related to OCI network. 14634 items: 14635 description: Condition defines an observation of a Cluster API resource 14636 operational state. 14637 properties: 14638 lastTransitionTime: 14639 description: Last time the condition transitioned from one status 14640 to another. This should be when the underlying condition changed. 14641 If that is not known, then using the time when the API field 14642 changed is acceptable. 14643 format: date-time 14644 type: string 14645 message: 14646 description: A human readable message indicating details about 14647 the transition. This field may be empty. 14648 type: string 14649 reason: 14650 description: The reason for the condition's last transition 14651 in CamelCase. The specific API may choose whether or not this 14652 field is considered a guaranteed API. This field may not be 14653 empty. 14654 type: string 14655 severity: 14656 description: Severity provides an explicit classification of 14657 Reason code, so the users or machines can immediately understand 14658 the current situation and act accordingly. The Severity field 14659 MUST be set only when Status=False. 14660 type: string 14661 status: 14662 description: Status of the condition, one of True, False, Unknown. 14663 type: string 14664 type: 14665 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 14666 Many .condition.type values are consistent across resources 14667 like Available, but because arbitrary conditions can be useful 14668 (see .node.status.conditions), the ability to deconflict is 14669 important. 14670 type: string 14671 required: 14672 - lastTransitionTime 14673 - status 14674 - type 14675 type: object 14676 type: array 14677 initialized: 14678 description: Initialized denotes whether or not the control plane 14679 has the uploaded kubernetes config-map. 14680 type: boolean 14681 ready: 14682 type: boolean 14683 version: 14684 description: Version represents the current Kubernetes version for 14685 the control plane. 14686 type: string 14687 type: object 14688 type: object 14689 served: true 14690 storage: true 14691 subresources: 14692 status: {} 14693 --- 14694 apiVersion: apiextensions.k8s.io/v1 14695 kind: CustomResourceDefinition 14696 metadata: 14697 annotations: 14698 controller-gen.kubebuilder.io/version: v0.10.0 14699 creationTimestamp: null 14700 labels: 14701 cluster.x-k8s.io/provider: infrastructure-oci 14702 cluster.x-k8s.io/v1beta1: v1beta1 14703 name: ocimanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io 14704 spec: 14705 group: infrastructure.cluster.x-k8s.io 14706 names: 14707 categories: 14708 - cluster-api 14709 kind: OCIManagedControlPlaneTemplate 14710 listKind: OCIManagedControlPlaneTemplateList 14711 plural: ocimanagedcontrolplanetemplates 14712 singular: ocimanagedcontrolplanetemplate 14713 scope: Namespaced 14714 versions: 14715 - name: v1beta1 14716 schema: 14717 openAPIV3Schema: 14718 description: OCIManagedControlPlaneTemplate is the Schema for the OCIManagedControlPlaneTemplates 14719 API. 14720 properties: 14721 apiVersion: 14722 description: 'APIVersion defines the versioned schema of this representation 14723 of an object. Servers should convert recognized schemas to the latest 14724 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14725 type: string 14726 kind: 14727 description: 'Kind is a string value representing the REST resource this 14728 object represents. Servers may infer this from the endpoint the client 14729 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14730 type: string 14731 metadata: 14732 type: object 14733 spec: 14734 description: OCIManagedControlPlaneTemplateSpec defines the desired state 14735 of OCIManagedControlPlaneTemplate. 14736 properties: 14737 template: 14738 description: OCIManagedControlPlaneSpec describes the data needed 14739 to create an OCIManagedControlPlane from a template. 14740 properties: 14741 spec: 14742 description: OCIManagedControlPlaneSpec defines the desired state 14743 of OCIManagedControlPlane. The properties are generated from 14744 https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14745 properties: 14746 clusterOptions: 14747 description: ClusterOptions defines Optional attributes for 14748 the cluster. 14749 properties: 14750 addOnOptions: 14751 description: AddOnOptions defines the properties that 14752 define options for supported add-ons. 14753 properties: 14754 isKubernetesDashboardEnabled: 14755 description: IsKubernetesDashboardEnabled defines 14756 whether or not to enable the Kubernetes Dashboard 14757 add-on. 14758 type: boolean 14759 isTillerEnabled: 14760 description: IsKubernetesDashboardEnabled defines 14761 whether or not to enable the Tiller add-on. 14762 type: boolean 14763 type: object 14764 admissionControllerOptions: 14765 description: AdmissionControllerOptions defines the properties 14766 that define supported admission controllers. 14767 properties: 14768 isPodSecurityPolicyEnabled: 14769 description: IsPodSecurityPolicyEnabled defines whether 14770 or not to enable the Pod Security Policy admission 14771 controller. 14772 type: boolean 14773 type: object 14774 type: object 14775 clusterPodNetworkOptions: 14776 description: ClusterPodNetworkOptions defines the available 14777 CNIs and network options for existing and new node pools 14778 of the cluster 14779 items: 14780 description: ClusterPodNetworkOptions defines the available 14781 CNIs and network options for existing and new node pools 14782 of the cluster 14783 properties: 14784 cniType: 14785 description: The CNI to be used are OCI_VCN_IP_NATIVE 14786 and FLANNEL_OVERLAY 14787 type: string 14788 type: object 14789 type: array 14790 controlPlaneEndpoint: 14791 description: ControlPlaneEndpoint represents the endpoint 14792 used to communicate with the control plane. 14793 properties: 14794 host: 14795 description: The hostname on which the API server is serving. 14796 type: string 14797 port: 14798 description: The port on which the API server is serving. 14799 format: int32 14800 type: integer 14801 required: 14802 - host 14803 - port 14804 type: object 14805 id: 14806 description: ID of the OKEcluster. 14807 type: string 14808 imagePolicyConfig: 14809 description: ImagePolicyConfig defines the properties that 14810 define a image verification policy. 14811 properties: 14812 isPolicyEnabled: 14813 description: IsPolicyEnabled defines Whether the image 14814 verification policy is enabled. 14815 type: boolean 14816 keyDetails: 14817 description: KeyDetails defines a list of KMS key details. 14818 items: 14819 description: KeyDetails defines the properties that 14820 define the kms keys used by OKE for Image Signature 14821 verification. 14822 properties: 14823 keyDetails: 14824 description: KmsKeyId defines the OCID of the KMS 14825 key that will be used to verify whether the images 14826 are signed by an approved source. 14827 type: string 14828 type: object 14829 type: array 14830 type: object 14831 kmsKeyId: 14832 description: KmsKeyId defines the OCID of the KMS key to be 14833 used as the master encryption key for Kubernetes secret 14834 encryption. When used, 14835 type: string 14836 version: 14837 description: Version represents the version of the Kubernetes 14838 Cluster Control Plane. 14839 type: string 14840 type: object 14841 required: 14842 - spec 14843 type: object 14844 required: 14845 - template 14846 type: object 14847 type: object 14848 served: true 14849 storage: false 14850 - name: v1beta2 14851 schema: 14852 openAPIV3Schema: 14853 description: OCIManagedControlPlaneTemplate is the Schema for the OCIManagedControlPlaneTemplates 14854 API. 14855 properties: 14856 apiVersion: 14857 description: 'APIVersion defines the versioned schema of this representation 14858 of an object. Servers should convert recognized schemas to the latest 14859 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14860 type: string 14861 kind: 14862 description: 'Kind is a string value representing the REST resource this 14863 object represents. Servers may infer this from the endpoint the client 14864 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14865 type: string 14866 metadata: 14867 type: object 14868 spec: 14869 description: OCIManagedControlPlaneTemplateSpec defines the desired state 14870 of OCIManagedControlPlaneTemplate. 14871 properties: 14872 template: 14873 description: OCIManagedControlPlaneSpec describes the data needed 14874 to create an OCIManagedControlPlane from a template. 14875 properties: 14876 spec: 14877 description: OCIManagedControlPlaneSpec defines the desired state 14878 of OCIManagedControlPlane. The properties are generated from 14879 https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14880 properties: 14881 addons: 14882 description: The list of addons to be applied to the OKE cluster. 14883 items: 14884 description: Addon defines the properties of an addon. 14885 properties: 14886 configurations: 14887 description: Configurations defines a list of configurations 14888 of the addon. 14889 items: 14890 description: AddonConfiguration defines a configuration 14891 of an addon. 14892 properties: 14893 key: 14894 description: The key of the configuration. 14895 type: string 14896 value: 14897 description: The value of the configuration. 14898 type: string 14899 type: object 14900 type: array 14901 name: 14902 description: Name represents the name of the addon. 14903 type: string 14904 version: 14905 description: Version represents the version of the addon. 14906 type: string 14907 required: 14908 - name 14909 type: object 14910 type: array 14911 x-kubernetes-list-map-keys: 14912 - name 14913 x-kubernetes-list-type: map 14914 clusterOptions: 14915 description: ClusterOptions defines Optional attributes for 14916 the cluster. 14917 properties: 14918 addOnOptions: 14919 description: AddOnOptions defines the properties that 14920 define options for supported add-ons. 14921 properties: 14922 isKubernetesDashboardEnabled: 14923 description: IsKubernetesDashboardEnabled defines 14924 whether or not to enable the Kubernetes Dashboard 14925 add-on. 14926 type: boolean 14927 isTillerEnabled: 14928 description: IsKubernetesDashboardEnabled defines 14929 whether or not to enable the Tiller add-on. 14930 type: boolean 14931 type: object 14932 admissionControllerOptions: 14933 description: AdmissionControllerOptions defines the properties 14934 that define supported admission controllers. 14935 properties: 14936 isPodSecurityPolicyEnabled: 14937 description: IsPodSecurityPolicyEnabled defines whether 14938 or not to enable the Pod Security Policy admission 14939 controller. 14940 type: boolean 14941 type: object 14942 type: object 14943 clusterPodNetworkOptions: 14944 description: ClusterPodNetworkOptions defines the available 14945 CNIs and network options for existing and new node pools 14946 of the cluster 14947 items: 14948 description: ClusterPodNetworkOptions defines the available 14949 CNIs and network options for existing and new node pools 14950 of the cluster 14951 properties: 14952 cniType: 14953 description: The CNI to be used are OCI_VCN_IP_NATIVE 14954 and FLANNEL_OVERLAY 14955 type: string 14956 type: object 14957 type: array 14958 clusterType: 14959 description: ClusterTypeEnum defines the type of cluster. 14960 Supported types are * `BASIC_CLUSTER` * `ENHANCED_CLUSTER` 14961 type: string 14962 controlPlaneEndpoint: 14963 description: ControlPlaneEndpoint represents the endpoint 14964 used to communicate with the control plane. 14965 properties: 14966 host: 14967 description: The hostname on which the API server is serving. 14968 type: string 14969 port: 14970 description: The port on which the API server is serving. 14971 format: int32 14972 type: integer 14973 required: 14974 - host 14975 - port 14976 type: object 14977 id: 14978 description: ID of the OKEcluster. 14979 type: string 14980 imagePolicyConfig: 14981 description: ImagePolicyConfig defines the properties that 14982 define a image verification policy. 14983 properties: 14984 isPolicyEnabled: 14985 description: IsPolicyEnabled defines Whether the image 14986 verification policy is enabled. 14987 type: boolean 14988 keyDetails: 14989 description: KeyDetails defines a list of KMS key details. 14990 items: 14991 description: KeyDetails defines the properties that 14992 define the kms keys used by OKE for Image Signature 14993 verification. 14994 properties: 14995 keyDetails: 14996 description: KmsKeyId defines the OCID of the KMS 14997 key that will be used to verify whether the images 14998 are signed by an approved source. 14999 type: string 15000 type: object 15001 type: array 15002 type: object 15003 kmsKeyId: 15004 description: KmsKeyId defines the OCID of the KMS key to be 15005 used as the master encryption key for Kubernetes secret 15006 encryption. When used, 15007 type: string 15008 version: 15009 description: Version represents the version of the Kubernetes 15010 Cluster Control Plane. 15011 type: string 15012 type: object 15013 required: 15014 - spec 15015 type: object 15016 required: 15017 - template 15018 type: object 15019 type: object 15020 served: true 15021 storage: true 15022 --- 15023 apiVersion: apiextensions.k8s.io/v1 15024 kind: CustomResourceDefinition 15025 metadata: 15026 annotations: 15027 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 15028 controller-gen.kubebuilder.io/version: v0.10.0 15029 labels: 15030 cluster.x-k8s.io/provider: infrastructure-oci 15031 cluster.x-k8s.io/v1beta1: v1beta1 15032 name: ocimanagedmachinepools.infrastructure.cluster.x-k8s.io 15033 spec: 15034 conversion: 15035 strategy: Webhook 15036 webhook: 15037 clientConfig: 15038 service: 15039 name: capoci-webhook-service 15040 namespace: cluster-api-provider-oci-system 15041 path: /convert 15042 conversionReviewVersions: 15043 - v1 15044 - v1beta1 15045 group: infrastructure.cluster.x-k8s.io 15046 names: 15047 kind: OCIManagedMachinePool 15048 listKind: OCIManagedMachinePoolList 15049 plural: ocimanagedmachinepools 15050 singular: ocimanagedmachinepool 15051 scope: Namespaced 15052 versions: 15053 - name: v1beta1 15054 schema: 15055 openAPIV3Schema: 15056 description: OCIManagedMachinePool is the Schema for the ocimanagedmachinepool 15057 API. 15058 properties: 15059 apiVersion: 15060 description: 'APIVersion defines the versioned schema of this representation 15061 of an object. Servers should convert recognized schemas to the latest 15062 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15063 type: string 15064 kind: 15065 description: 'Kind is a string value representing the REST resource this 15066 object represents. Servers may infer this from the endpoint the client 15067 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15068 type: string 15069 metadata: 15070 type: object 15071 spec: 15072 description: OCIManagedMachinePoolSpec defines the desired state of an 15073 OCI managed machine pool. An OCIManagedMachinePool translates to an 15074 OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15075 properties: 15076 id: 15077 description: ID is the OCID of the associated NodePool 15078 type: string 15079 initialNodeLabels: 15080 description: InitialNodeLabels defines a list of key/value pairs to 15081 add to nodes after they join the Kubernetes cluster. 15082 items: 15083 description: KeyValue The properties that define a key value pair. 15084 properties: 15085 key: 15086 description: The key of the pair. 15087 type: string 15088 value: 15089 description: The value of the pair. 15090 type: string 15091 type: object 15092 type: array 15093 nodeEvictionNodePoolSettings: 15094 description: NodeEvictionNodePoolSettings defines the eviction settings. 15095 properties: 15096 evictionGraceDuration: 15097 description: 'EvictionGraceDuration defines the duration after 15098 which OKE will give up eviction of the pods on the node. PT0M 15099 will indicate you want to delete the node without cordon and 15100 drain. Default PT60M, Min PT0M, Max: PT60M. Format ISO 8601 15101 e.g PT30M' 15102 type: string 15103 isForceDeleteAfterGraceDuration: 15104 description: IsForceDeleteAfterGraceDuration defines if the underlying 15105 compute instance should be deleted if you cannot evict all the 15106 pods in grace period 15107 type: boolean 15108 type: object 15109 nodeMetadata: 15110 additionalProperties: 15111 type: string 15112 description: NodeMetadata defines a list of key/value pairs to add 15113 to each underlying OCI instance in the node pool on launch. 15114 type: object 15115 nodePoolNodeConfig: 15116 description: NodePoolNodeConfig defines the configuration of nodes 15117 in the node pool. 15118 properties: 15119 isPvEncryptionInTransitEnabled: 15120 description: IsPvEncryptionInTransitEnabled defines whether in 15121 transit encryption should be enabled on the nodes. 15122 type: boolean 15123 kmsKeyId: 15124 description: KmsKeyId defines whether in transit encryption should 15125 be enabled on the nodes. 15126 type: string 15127 nodePoolPodNetworkOptionDetails: 15128 description: NodePoolPodNetworkOptionDetails defines the pod networking 15129 details of the node pool 15130 properties: 15131 cniType: 15132 description: CniType describes the CNI plugin used by this 15133 node pool. Allowed values are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY. 15134 type: string 15135 vcnIpNativePodNetworkOptions: 15136 description: VcnIpNativePodNetworkOptions describes the network 15137 options specific to using the OCI VCN Native CNI 15138 properties: 15139 maxPodsPerNode: 15140 description: MemoryInGBs defines the max number of pods 15141 per node in the node pool. This value will be limited 15142 by the number of VNICs attachable to the node pool shape 15143 type: integer 15144 nsgNames: 15145 description: NSGNames defines the NSGs associated with 15146 the native pod network. 15147 items: 15148 type: string 15149 type: array 15150 subnetNames: 15151 description: SubnetNames defines the Subnets associated 15152 with the native pod network. 15153 items: 15154 type: string 15155 type: array 15156 type: object 15157 type: object 15158 nsgNames: 15159 description: NsgNames defines the names of NSGs which will be 15160 associated with the nodes. the NSGs are defined in OCIManagedCluster 15161 object. 15162 items: 15163 type: string 15164 type: array 15165 placementConfigs: 15166 description: PlacementConfigs defines the placement configurations 15167 for the node pool. 15168 items: 15169 description: PlacementConfig defines the placement configurations 15170 for the node pool. 15171 properties: 15172 availabilityDomain: 15173 description: AvailabilityDomain defines the availability 15174 domain in which to place nodes. 15175 type: string 15176 capacityReservationId: 15177 description: CapacityReservationId defines the OCID of the 15178 compute capacity reservation in which to place the compute 15179 instance. 15180 type: string 15181 faultDomains: 15182 description: FaultDomains defines the list of fault domains 15183 in which to place nodes. 15184 items: 15185 type: string 15186 type: array 15187 subnetName: 15188 description: SubnetName defines the name of the subnet which 15189 need ot be associated with the Nodepool. The subnets are 15190 defined in the OCiManagedCluster object. 15191 type: string 15192 type: object 15193 type: array 15194 type: object 15195 nodeShape: 15196 description: NodeShape defines the name of the node shape of the nodes 15197 in the node pool. 15198 type: string 15199 nodeShapeConfig: 15200 description: NodeShapeConfig defines the configuration of the shape 15201 to launch nodes in the node pool. 15202 properties: 15203 memoryInGBs: 15204 description: MemoryInGBs defines the total amount of memory available 15205 to each node, in gigabytes. 15206 type: string 15207 ocpus: 15208 description: Ocpus defines the total number of OCPUs available 15209 to each node in the node pool. 15210 type: string 15211 type: object 15212 nodeSourceViaImage: 15213 description: NodeSourceViaImage defines the image configuration of 15214 the nodes in the nodepool. 15215 properties: 15216 bootVolumeSizeInGBs: 15217 description: BootVolumeSizeInGBs defines the size of the boot 15218 volume in GBs. 15219 format: int64 15220 type: integer 15221 imageId: 15222 description: ImageId defines the OCID of the image used to boot 15223 the node. 15224 type: string 15225 type: object 15226 providerID: 15227 description: ProviderID is the OCID of the associated NodePool in 15228 a provider format 15229 type: string 15230 providerIDList: 15231 description: ProviderIDList are the identification IDs of machine 15232 instances provided by the provider. This field must match the provider 15233 IDs as seen on the node objects corresponding to a machine pool's 15234 machine instances. 15235 items: 15236 type: string 15237 type: array 15238 sshPublicKey: 15239 description: SshPublicKey defines the SSH public key on each node 15240 in the node pool on launch. 15241 type: string 15242 version: 15243 description: Version represents the version of the OKE node pool. 15244 type: string 15245 type: object 15246 status: 15247 description: OCIManagedMachinePoolStatus defines the observed state of 15248 OCIManagedMachinePool 15249 properties: 15250 conditions: 15251 description: NetworkSpec encapsulates all things related to OCI network. 15252 items: 15253 description: Condition defines an observation of a Cluster API resource 15254 operational state. 15255 properties: 15256 lastTransitionTime: 15257 description: Last time the condition transitioned from one status 15258 to another. This should be when the underlying condition changed. 15259 If that is not known, then using the time when the API field 15260 changed is acceptable. 15261 format: date-time 15262 type: string 15263 message: 15264 description: A human readable message indicating details about 15265 the transition. This field may be empty. 15266 type: string 15267 reason: 15268 description: The reason for the condition's last transition 15269 in CamelCase. The specific API may choose whether or not this 15270 field is considered a guaranteed API. This field may not be 15271 empty. 15272 type: string 15273 severity: 15274 description: Severity provides an explicit classification of 15275 Reason code, so the users or machines can immediately understand 15276 the current situation and act accordingly. The Severity field 15277 MUST be set only when Status=False. 15278 type: string 15279 status: 15280 description: Status of the condition, one of True, False, Unknown. 15281 type: string 15282 type: 15283 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 15284 Many .condition.type values are consistent across resources 15285 like Available, but because arbitrary conditions can be useful 15286 (see .node.status.conditions), the ability to deconflict is 15287 important. 15288 type: string 15289 required: 15290 - lastTransitionTime 15291 - status 15292 - type 15293 type: object 15294 type: array 15295 failureMessages: 15296 items: 15297 type: string 15298 type: array 15299 failureReason: 15300 description: MachineStatusError defines errors states for Machine 15301 objects. 15302 type: string 15303 ready: 15304 type: boolean 15305 replicas: 15306 description: Replicas is the most recently observed number of replicas 15307 format: int32 15308 type: integer 15309 type: object 15310 type: object 15311 served: true 15312 storage: false 15313 subresources: 15314 status: {} 15315 - name: v1beta2 15316 schema: 15317 openAPIV3Schema: 15318 description: OCIManagedMachinePool is the Schema for the ocimanagedmachinepool 15319 API. 15320 properties: 15321 apiVersion: 15322 description: 'APIVersion defines the versioned schema of this representation 15323 of an object. Servers should convert recognized schemas to the latest 15324 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15325 type: string 15326 kind: 15327 description: 'Kind is a string value representing the REST resource this 15328 object represents. Servers may infer this from the endpoint the client 15329 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15330 type: string 15331 metadata: 15332 type: object 15333 spec: 15334 description: OCIManagedMachinePoolSpec defines the desired state of an 15335 OCI managed machine pool. An OCIManagedMachinePool translates to an 15336 OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15337 properties: 15338 id: 15339 description: ID is the OCID of the associated NodePool 15340 type: string 15341 initialNodeLabels: 15342 description: InitialNodeLabels defines a list of key/value pairs to 15343 add to nodes after they join the Kubernetes cluster. 15344 items: 15345 description: KeyValue The properties that define a key value pair. 15346 properties: 15347 key: 15348 description: The key of the pair. 15349 type: string 15350 value: 15351 description: The value of the pair. 15352 type: string 15353 type: object 15354 type: array 15355 nodeEvictionNodePoolSettings: 15356 description: NodeEvictionNodePoolSettings defines the eviction settings. 15357 properties: 15358 evictionGraceDuration: 15359 description: 'EvictionGraceDuration defines the duration after 15360 which OKE will give up eviction of the pods on the node. PT0M 15361 will indicate you want to delete the node without cordon and 15362 drain. Default PT60M, Min PT0M, Max: PT60M. Format ISO 8601 15363 e.g PT30M' 15364 type: string 15365 isForceDeleteAfterGraceDuration: 15366 description: IsForceDeleteAfterGraceDuration defines if the underlying 15367 compute instance should be deleted if you cannot evict all the 15368 pods in grace period 15369 type: boolean 15370 type: object 15371 nodeMetadata: 15372 additionalProperties: 15373 type: string 15374 description: NodeMetadata defines a list of key/value pairs to add 15375 to each underlying OCI instance in the node pool on launch. 15376 type: object 15377 nodePoolCyclingDetails: 15378 description: NodePoolCyclingDetails defines the node pool recycling 15379 options. 15380 properties: 15381 isNodeCyclingEnabled: 15382 description: IsNodeCyclingEnabled refers if nodes in the nodepool 15383 will be cycled to have new changes. 15384 type: boolean 15385 maximumSurge: 15386 description: MaximumSurge refers to the maximum additional new 15387 compute instances that would be temporarily created and added 15388 to nodepool during the cycling nodepool process. OKE supports 15389 both integer and percentage input. Defaults to 1, Ranges from 15390 0 to Nodepool size or 0% to 100% 15391 type: string 15392 maximumUnavailable: 15393 description: Maximum active nodes that would be terminated from 15394 nodepool during the cycling nodepool process. OKE supports both 15395 integer and percentage input. Defaults to 0, Ranges from 0 to 15396 Nodepool size or 0% to 100% 15397 type: string 15398 type: object 15399 nodePoolNodeConfig: 15400 description: NodePoolNodeConfig defines the configuration of nodes 15401 in the node pool. 15402 properties: 15403 isPvEncryptionInTransitEnabled: 15404 description: IsPvEncryptionInTransitEnabled defines whether in 15405 transit encryption should be enabled on the nodes. 15406 type: boolean 15407 kmsKeyId: 15408 description: KmsKeyId defines whether in transit encryption should 15409 be enabled on the nodes. 15410 type: string 15411 nodePoolPodNetworkOptionDetails: 15412 description: NodePoolPodNetworkOptionDetails defines the pod networking 15413 details of the node pool 15414 properties: 15415 cniType: 15416 description: CniType describes the CNI plugin used by this 15417 node pool. Allowed values are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY. 15418 type: string 15419 vcnIpNativePodNetworkOptions: 15420 description: VcnIpNativePodNetworkOptions describes the network 15421 options specific to using the OCI VCN Native CNI 15422 properties: 15423 maxPodsPerNode: 15424 description: MemoryInGBs defines the max number of pods 15425 per node in the node pool. This value will be limited 15426 by the number of VNICs attachable to the node pool shape 15427 type: integer 15428 nsgNames: 15429 description: NSGNames defines the NSGs associated with 15430 the native pod network. 15431 items: 15432 type: string 15433 type: array 15434 subnetNames: 15435 description: SubnetNames defines the Subnets associated 15436 with the native pod network. 15437 items: 15438 type: string 15439 type: array 15440 type: object 15441 type: object 15442 nsgNames: 15443 description: NsgNames defines the names of NSGs which will be 15444 associated with the nodes. the NSGs are defined in OCIManagedCluster 15445 object. 15446 items: 15447 type: string 15448 type: array 15449 placementConfigs: 15450 description: PlacementConfigs defines the placement configurations 15451 for the node pool. 15452 items: 15453 description: PlacementConfig defines the placement configurations 15454 for the node pool. 15455 properties: 15456 availabilityDomain: 15457 description: AvailabilityDomain defines the availability 15458 domain in which to place nodes. 15459 type: string 15460 capacityReservationId: 15461 description: CapacityReservationId defines the OCID of the 15462 compute capacity reservation in which to place the compute 15463 instance. 15464 type: string 15465 faultDomains: 15466 description: FaultDomains defines the list of fault domains 15467 in which to place nodes. 15468 items: 15469 type: string 15470 type: array 15471 subnetName: 15472 description: SubnetName defines the name of the subnet which 15473 need ot be associated with the Nodepool. The subnets are 15474 defined in the OCiManagedCluster object. 15475 type: string 15476 type: object 15477 type: array 15478 type: object 15479 nodeShape: 15480 description: NodeShape defines the name of the node shape of the nodes 15481 in the node pool. 15482 type: string 15483 nodeShapeConfig: 15484 description: NodeShapeConfig defines the configuration of the shape 15485 to launch nodes in the node pool. 15486 properties: 15487 memoryInGBs: 15488 description: MemoryInGBs defines the total amount of memory available 15489 to each node, in gigabytes. 15490 type: string 15491 ocpus: 15492 description: Ocpus defines the total number of OCPUs available 15493 to each node in the node pool. 15494 type: string 15495 type: object 15496 nodeSourceViaImage: 15497 description: NodeSourceViaImage defines the image configuration of 15498 the nodes in the nodepool. 15499 properties: 15500 bootVolumeSizeInGBs: 15501 description: BootVolumeSizeInGBs defines the size of the boot 15502 volume in GBs. 15503 format: int64 15504 type: integer 15505 imageId: 15506 description: ImageId defines the OCID of the image used to boot 15507 the node. 15508 type: string 15509 type: object 15510 providerID: 15511 description: ProviderID is the OCID of the associated NodePool in 15512 a provider format 15513 type: string 15514 providerIDList: 15515 description: ProviderIDList are the identification IDs of machine 15516 instances provided by the provider. This field must match the provider 15517 IDs as seen on the node objects corresponding to a machine pool's 15518 machine instances. 15519 items: 15520 type: string 15521 type: array 15522 sshPublicKey: 15523 description: SshPublicKey defines the SSH public key on each node 15524 in the node pool on launch. 15525 type: string 15526 version: 15527 description: Version represents the version of the OKE node pool. 15528 type: string 15529 type: object 15530 status: 15531 description: OCIManagedMachinePoolStatus defines the observed state of 15532 OCIManagedMachinePool 15533 properties: 15534 conditions: 15535 description: NetworkSpec encapsulates all things related to OCI network. 15536 items: 15537 description: Condition defines an observation of a Cluster API resource 15538 operational state. 15539 properties: 15540 lastTransitionTime: 15541 description: Last time the condition transitioned from one status 15542 to another. This should be when the underlying condition changed. 15543 If that is not known, then using the time when the API field 15544 changed is acceptable. 15545 format: date-time 15546 type: string 15547 message: 15548 description: A human readable message indicating details about 15549 the transition. This field may be empty. 15550 type: string 15551 reason: 15552 description: The reason for the condition's last transition 15553 in CamelCase. The specific API may choose whether or not this 15554 field is considered a guaranteed API. This field may not be 15555 empty. 15556 type: string 15557 severity: 15558 description: Severity provides an explicit classification of 15559 Reason code, so the users or machines can immediately understand 15560 the current situation and act accordingly. The Severity field 15561 MUST be set only when Status=False. 15562 type: string 15563 status: 15564 description: Status of the condition, one of True, False, Unknown. 15565 type: string 15566 type: 15567 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 15568 Many .condition.type values are consistent across resources 15569 like Available, but because arbitrary conditions can be useful 15570 (see .node.status.conditions), the ability to deconflict is 15571 important. 15572 type: string 15573 required: 15574 - lastTransitionTime 15575 - status 15576 - type 15577 type: object 15578 type: array 15579 failureMessages: 15580 items: 15581 type: string 15582 type: array 15583 failureReason: 15584 description: MachineStatusError defines errors states for Machine 15585 objects. 15586 type: string 15587 ready: 15588 type: boolean 15589 replicas: 15590 description: Replicas is the most recently observed number of replicas 15591 format: int32 15592 type: integer 15593 type: object 15594 type: object 15595 served: true 15596 storage: true 15597 subresources: 15598 status: {} 15599 --- 15600 apiVersion: apiextensions.k8s.io/v1 15601 kind: CustomResourceDefinition 15602 metadata: 15603 annotations: 15604 controller-gen.kubebuilder.io/version: v0.10.0 15605 creationTimestamp: null 15606 labels: 15607 cluster.x-k8s.io/provider: infrastructure-oci 15608 cluster.x-k8s.io/v1beta1: v1beta1 15609 name: ocimanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io 15610 spec: 15611 group: infrastructure.cluster.x-k8s.io 15612 names: 15613 categories: 15614 - cluster-api 15615 kind: OCIManagedMachinePoolTemplate 15616 listKind: OCIManagedMachinePoolTemplateList 15617 plural: ocimanagedmachinepooltemplates 15618 singular: ocimanagedmachinepooltemplate 15619 scope: Namespaced 15620 versions: 15621 - name: v1beta1 15622 schema: 15623 openAPIV3Schema: 15624 description: OCIManagedMachinePoolTemplate is the Schema for the OCIManagedMachinePoolTemplates 15625 API. 15626 properties: 15627 apiVersion: 15628 description: 'APIVersion defines the versioned schema of this representation 15629 of an object. Servers should convert recognized schemas to the latest 15630 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15631 type: string 15632 kind: 15633 description: 'Kind is a string value representing the REST resource this 15634 object represents. Servers may infer this from the endpoint the client 15635 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15636 type: string 15637 metadata: 15638 type: object 15639 spec: 15640 description: OCIManagedMachinePoolTemplateSpec defines the desired state 15641 of OCIManagedMachinePoolTemplate. 15642 properties: 15643 template: 15644 description: OCIManagedMachinePoolSpec describes the data needed to 15645 create an OCIManagedMachinePool from a template. 15646 properties: 15647 spec: 15648 description: OCIManagedMachinePoolSpec defines the desired state 15649 of an OCI managed machine pool. An OCIManagedMachinePool translates 15650 to an OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15651 properties: 15652 id: 15653 description: ID is the OCID of the associated NodePool 15654 type: string 15655 initialNodeLabels: 15656 description: InitialNodeLabels defines a list of key/value 15657 pairs to add to nodes after they join the Kubernetes cluster. 15658 items: 15659 description: KeyValue The properties that define a key value 15660 pair. 15661 properties: 15662 key: 15663 description: The key of the pair. 15664 type: string 15665 value: 15666 description: The value of the pair. 15667 type: string 15668 type: object 15669 type: array 15670 nodeEvictionNodePoolSettings: 15671 description: NodeEvictionNodePoolSettings defines the eviction 15672 settings. 15673 properties: 15674 evictionGraceDuration: 15675 description: 'EvictionGraceDuration defines the duration 15676 after which OKE will give up eviction of the pods on 15677 the node. PT0M will indicate you want to delete the 15678 node without cordon and drain. Default PT60M, Min PT0M, 15679 Max: PT60M. Format ISO 8601 e.g PT30M' 15680 type: string 15681 isForceDeleteAfterGraceDuration: 15682 description: IsForceDeleteAfterGraceDuration defines if 15683 the underlying compute instance should be deleted if 15684 you cannot evict all the pods in grace period 15685 type: boolean 15686 type: object 15687 nodeMetadata: 15688 additionalProperties: 15689 type: string 15690 description: NodeMetadata defines a list of key/value pairs 15691 to add to each underlying OCI instance in the node pool 15692 on launch. 15693 type: object 15694 nodePoolNodeConfig: 15695 description: NodePoolNodeConfig defines the configuration 15696 of nodes in the node pool. 15697 properties: 15698 isPvEncryptionInTransitEnabled: 15699 description: IsPvEncryptionInTransitEnabled defines whether 15700 in transit encryption should be enabled on the nodes. 15701 type: boolean 15702 kmsKeyId: 15703 description: KmsKeyId defines whether in transit encryption 15704 should be enabled on the nodes. 15705 type: string 15706 nodePoolPodNetworkOptionDetails: 15707 description: NodePoolPodNetworkOptionDetails defines the 15708 pod networking details of the node pool 15709 properties: 15710 cniType: 15711 description: CniType describes the CNI plugin used 15712 by this node pool. Allowed values are OCI_VCN_IP_NATIVE 15713 and FLANNEL_OVERLAY. 15714 type: string 15715 vcnIpNativePodNetworkOptions: 15716 description: VcnIpNativePodNetworkOptions describes 15717 the network options specific to using the OCI VCN 15718 Native CNI 15719 properties: 15720 maxPodsPerNode: 15721 description: MemoryInGBs defines the max number 15722 of pods per node in the node pool. This value 15723 will be limited by the number of VNICs attachable 15724 to the node pool shape 15725 type: integer 15726 nsgNames: 15727 description: NSGNames defines the NSGs associated 15728 with the native pod network. 15729 items: 15730 type: string 15731 type: array 15732 subnetNames: 15733 description: SubnetNames defines the Subnets associated 15734 with the native pod network. 15735 items: 15736 type: string 15737 type: array 15738 type: object 15739 type: object 15740 nsgNames: 15741 description: NsgNames defines the names of NSGs which 15742 will be associated with the nodes. the NSGs are defined 15743 in OCIManagedCluster object. 15744 items: 15745 type: string 15746 type: array 15747 placementConfigs: 15748 description: PlacementConfigs defines the placement configurations 15749 for the node pool. 15750 items: 15751 description: PlacementConfig defines the placement configurations 15752 for the node pool. 15753 properties: 15754 availabilityDomain: 15755 description: AvailabilityDomain defines the availability 15756 domain in which to place nodes. 15757 type: string 15758 capacityReservationId: 15759 description: CapacityReservationId defines the OCID 15760 of the compute capacity reservation in which to 15761 place the compute instance. 15762 type: string 15763 faultDomains: 15764 description: FaultDomains defines the list of fault 15765 domains in which to place nodes. 15766 items: 15767 type: string 15768 type: array 15769 subnetName: 15770 description: SubnetName defines the name of the 15771 subnet which need ot be associated with the Nodepool. 15772 The subnets are defined in the OCiManagedCluster 15773 object. 15774 type: string 15775 type: object 15776 type: array 15777 type: object 15778 nodeShape: 15779 description: NodeShape defines the name of the node shape 15780 of the nodes in the node pool. 15781 type: string 15782 nodeShapeConfig: 15783 description: NodeShapeConfig defines the configuration of 15784 the shape to launch nodes in the node pool. 15785 properties: 15786 memoryInGBs: 15787 description: MemoryInGBs defines the total amount of memory 15788 available to each node, in gigabytes. 15789 type: string 15790 ocpus: 15791 description: Ocpus defines the total number of OCPUs available 15792 to each node in the node pool. 15793 type: string 15794 type: object 15795 nodeSourceViaImage: 15796 description: NodeSourceViaImage defines the image configuration 15797 of the nodes in the nodepool. 15798 properties: 15799 bootVolumeSizeInGBs: 15800 description: BootVolumeSizeInGBs defines the size of the 15801 boot volume in GBs. 15802 format: int64 15803 type: integer 15804 imageId: 15805 description: ImageId defines the OCID of the image used 15806 to boot the node. 15807 type: string 15808 type: object 15809 providerID: 15810 description: ProviderID is the OCID of the associated NodePool 15811 in a provider format 15812 type: string 15813 providerIDList: 15814 description: ProviderIDList are the identification IDs of 15815 machine instances provided by the provider. This field must 15816 match the provider IDs as seen on the node objects corresponding 15817 to a machine pool's machine instances. 15818 items: 15819 type: string 15820 type: array 15821 sshPublicKey: 15822 description: SshPublicKey defines the SSH public key on each 15823 node in the node pool on launch. 15824 type: string 15825 version: 15826 description: Version represents the version of the OKE node 15827 pool. 15828 type: string 15829 type: object 15830 required: 15831 - spec 15832 type: object 15833 required: 15834 - template 15835 type: object 15836 type: object 15837 served: true 15838 storage: false 15839 - name: v1beta2 15840 schema: 15841 openAPIV3Schema: 15842 description: OCIManagedMachinePoolTemplate is the Schema for the OCIManagedMachinePoolTemplates 15843 API. 15844 properties: 15845 apiVersion: 15846 description: 'APIVersion defines the versioned schema of this representation 15847 of an object. Servers should convert recognized schemas to the latest 15848 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15849 type: string 15850 kind: 15851 description: 'Kind is a string value representing the REST resource this 15852 object represents. Servers may infer this from the endpoint the client 15853 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15854 type: string 15855 metadata: 15856 type: object 15857 spec: 15858 description: OCIManagedMachinePoolTemplateSpec defines the desired state 15859 of OCIManagedMachinePoolTemplate. 15860 properties: 15861 template: 15862 description: OCIManagedMachinePoolSpec describes the data needed to 15863 create an OCIManagedMachinePool from a template. 15864 properties: 15865 spec: 15866 description: OCIManagedMachinePoolSpec defines the desired state 15867 of an OCI managed machine pool. An OCIManagedMachinePool translates 15868 to an OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15869 properties: 15870 id: 15871 description: ID is the OCID of the associated NodePool 15872 type: string 15873 initialNodeLabels: 15874 description: InitialNodeLabels defines a list of key/value 15875 pairs to add to nodes after they join the Kubernetes cluster. 15876 items: 15877 description: KeyValue The properties that define a key value 15878 pair. 15879 properties: 15880 key: 15881 description: The key of the pair. 15882 type: string 15883 value: 15884 description: The value of the pair. 15885 type: string 15886 type: object 15887 type: array 15888 nodeEvictionNodePoolSettings: 15889 description: NodeEvictionNodePoolSettings defines the eviction 15890 settings. 15891 properties: 15892 evictionGraceDuration: 15893 description: 'EvictionGraceDuration defines the duration 15894 after which OKE will give up eviction of the pods on 15895 the node. PT0M will indicate you want to delete the 15896 node without cordon and drain. Default PT60M, Min PT0M, 15897 Max: PT60M. Format ISO 8601 e.g PT30M' 15898 type: string 15899 isForceDeleteAfterGraceDuration: 15900 description: IsForceDeleteAfterGraceDuration defines if 15901 the underlying compute instance should be deleted if 15902 you cannot evict all the pods in grace period 15903 type: boolean 15904 type: object 15905 nodeMetadata: 15906 additionalProperties: 15907 type: string 15908 description: NodeMetadata defines a list of key/value pairs 15909 to add to each underlying OCI instance in the node pool 15910 on launch. 15911 type: object 15912 nodePoolCyclingDetails: 15913 description: NodePoolCyclingDetails defines the node pool 15914 recycling options. 15915 properties: 15916 isNodeCyclingEnabled: 15917 description: IsNodeCyclingEnabled refers if nodes in the 15918 nodepool will be cycled to have new changes. 15919 type: boolean 15920 maximumSurge: 15921 description: MaximumSurge refers to the maximum additional 15922 new compute instances that would be temporarily created 15923 and added to nodepool during the cycling nodepool process. 15924 OKE supports both integer and percentage input. Defaults 15925 to 1, Ranges from 0 to Nodepool size or 0% to 100% 15926 type: string 15927 maximumUnavailable: 15928 description: Maximum active nodes that would be terminated 15929 from nodepool during the cycling nodepool process. OKE 15930 supports both integer and percentage input. Defaults 15931 to 0, Ranges from 0 to Nodepool size or 0% to 100% 15932 type: string 15933 type: object 15934 nodePoolNodeConfig: 15935 description: NodePoolNodeConfig defines the configuration 15936 of nodes in the node pool. 15937 properties: 15938 isPvEncryptionInTransitEnabled: 15939 description: IsPvEncryptionInTransitEnabled defines whether 15940 in transit encryption should be enabled on the nodes. 15941 type: boolean 15942 kmsKeyId: 15943 description: KmsKeyId defines whether in transit encryption 15944 should be enabled on the nodes. 15945 type: string 15946 nodePoolPodNetworkOptionDetails: 15947 description: NodePoolPodNetworkOptionDetails defines the 15948 pod networking details of the node pool 15949 properties: 15950 cniType: 15951 description: CniType describes the CNI plugin used 15952 by this node pool. Allowed values are OCI_VCN_IP_NATIVE 15953 and FLANNEL_OVERLAY. 15954 type: string 15955 vcnIpNativePodNetworkOptions: 15956 description: VcnIpNativePodNetworkOptions describes 15957 the network options specific to using the OCI VCN 15958 Native CNI 15959 properties: 15960 maxPodsPerNode: 15961 description: MemoryInGBs defines the max number 15962 of pods per node in the node pool. This value 15963 will be limited by the number of VNICs attachable 15964 to the node pool shape 15965 type: integer 15966 nsgNames: 15967 description: NSGNames defines the NSGs associated 15968 with the native pod network. 15969 items: 15970 type: string 15971 type: array 15972 subnetNames: 15973 description: SubnetNames defines the Subnets associated 15974 with the native pod network. 15975 items: 15976 type: string 15977 type: array 15978 type: object 15979 type: object 15980 nsgNames: 15981 description: NsgNames defines the names of NSGs which 15982 will be associated with the nodes. the NSGs are defined 15983 in OCIManagedCluster object. 15984 items: 15985 type: string 15986 type: array 15987 placementConfigs: 15988 description: PlacementConfigs defines the placement configurations 15989 for the node pool. 15990 items: 15991 description: PlacementConfig defines the placement configurations 15992 for the node pool. 15993 properties: 15994 availabilityDomain: 15995 description: AvailabilityDomain defines the availability 15996 domain in which to place nodes. 15997 type: string 15998 capacityReservationId: 15999 description: CapacityReservationId defines the OCID 16000 of the compute capacity reservation in which to 16001 place the compute instance. 16002 type: string 16003 faultDomains: 16004 description: FaultDomains defines the list of fault 16005 domains in which to place nodes. 16006 items: 16007 type: string 16008 type: array 16009 subnetName: 16010 description: SubnetName defines the name of the 16011 subnet which need ot be associated with the Nodepool. 16012 The subnets are defined in the OCiManagedCluster 16013 object. 16014 type: string 16015 type: object 16016 type: array 16017 type: object 16018 nodeShape: 16019 description: NodeShape defines the name of the node shape 16020 of the nodes in the node pool. 16021 type: string 16022 nodeShapeConfig: 16023 description: NodeShapeConfig defines the configuration of 16024 the shape to launch nodes in the node pool. 16025 properties: 16026 memoryInGBs: 16027 description: MemoryInGBs defines the total amount of memory 16028 available to each node, in gigabytes. 16029 type: string 16030 ocpus: 16031 description: Ocpus defines the total number of OCPUs available 16032 to each node in the node pool. 16033 type: string 16034 type: object 16035 nodeSourceViaImage: 16036 description: NodeSourceViaImage defines the image configuration 16037 of the nodes in the nodepool. 16038 properties: 16039 bootVolumeSizeInGBs: 16040 description: BootVolumeSizeInGBs defines the size of the 16041 boot volume in GBs. 16042 format: int64 16043 type: integer 16044 imageId: 16045 description: ImageId defines the OCID of the image used 16046 to boot the node. 16047 type: string 16048 type: object 16049 providerID: 16050 description: ProviderID is the OCID of the associated NodePool 16051 in a provider format 16052 type: string 16053 providerIDList: 16054 description: ProviderIDList are the identification IDs of 16055 machine instances provided by the provider. This field must 16056 match the provider IDs as seen on the node objects corresponding 16057 to a machine pool's machine instances. 16058 items: 16059 type: string 16060 type: array 16061 sshPublicKey: 16062 description: SshPublicKey defines the SSH public key on each 16063 node in the node pool on launch. 16064 type: string 16065 version: 16066 description: Version represents the version of the OKE node 16067 pool. 16068 type: string 16069 type: object 16070 required: 16071 - spec 16072 type: object 16073 required: 16074 - template 16075 type: object 16076 type: object 16077 served: true 16078 storage: true 16079 --- 16080 apiVersion: apiextensions.k8s.io/v1 16081 kind: CustomResourceDefinition 16082 metadata: 16083 annotations: 16084 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 16085 controller-gen.kubebuilder.io/version: v0.10.0 16086 labels: 16087 cluster.x-k8s.io/provider: infrastructure-oci 16088 cluster.x-k8s.io/v1beta1: v1beta1 16089 name: ocivirtualmachinepools.infrastructure.cluster.x-k8s.io 16090 spec: 16091 conversion: 16092 strategy: Webhook 16093 webhook: 16094 clientConfig: 16095 service: 16096 name: capoci-webhook-service 16097 namespace: cluster-api-provider-oci-system 16098 path: /convert 16099 conversionReviewVersions: 16100 - v1 16101 - v1beta1 16102 group: infrastructure.cluster.x-k8s.io 16103 names: 16104 kind: OCIVirtualMachinePool 16105 listKind: OCIVirtualMachinePoolList 16106 plural: ocivirtualmachinepools 16107 singular: ocivirtualmachinepool 16108 scope: Namespaced 16109 versions: 16110 - name: v1beta1 16111 schema: 16112 openAPIV3Schema: 16113 description: OCIVirtualMachinePool is the Schema for the ocivirtualmachinepool 16114 API. 16115 properties: 16116 apiVersion: 16117 description: 'APIVersion defines the versioned schema of this representation 16118 of an object. Servers should convert recognized schemas to the latest 16119 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16120 type: string 16121 kind: 16122 description: 'Kind is a string value representing the REST resource this 16123 object represents. Servers may infer this from the endpoint the client 16124 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16125 type: string 16126 metadata: 16127 type: object 16128 spec: 16129 description: OCIVirtualMachinePoolSpec defines the desired state of an 16130 OCI virtual machine pool. An OCIVirtualMachinePool translates to an 16131 OKE Virtual node poo;. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateVirtualNodePoolDetails 16132 properties: 16133 id: 16134 description: ID is the OCID of the associated NodePool 16135 type: string 16136 initialVirtualNodeLabels: 16137 description: InitialNodeLabels defines a list of key/value pairs to 16138 add to nodes after they join the Kubernetes cluster. 16139 items: 16140 description: KeyValue The properties that define a key value pair. 16141 properties: 16142 key: 16143 description: The key of the pair. 16144 type: string 16145 value: 16146 description: The value of the pair. 16147 type: string 16148 type: object 16149 type: array 16150 nsgNames: 16151 description: NsgNames defines the names of NSGs which will be associated 16152 with the nodes. the NSGs are defined in OCIManagedCluster object. 16153 items: 16154 type: string 16155 type: array 16156 placementConfigs: 16157 description: PlacementConfigs defines the placement configurations 16158 for the node pool. 16159 items: 16160 description: VirtualNodepoolPlacementConfig defines the placement 16161 configurations for the virtual node pool. 16162 properties: 16163 availabilityDomain: 16164 type: string 16165 faultDomains: 16166 description: FaultDomains defines the list of fault domains 16167 in which to place nodes. 16168 items: 16169 type: string 16170 type: array 16171 subnetName: 16172 description: SubnetName defines the name of the subnet which 16173 need to be associated with the Virtual Node Pool. The subnets 16174 are defined in the OCiManagedCluster object. 16175 type: string 16176 type: object 16177 type: array 16178 podConfiguration: 16179 description: PodConfiguration defines pod configuration 16180 properties: 16181 nsgNames: 16182 description: NsgNames defines the names of NSGs which will be 16183 associated with the pods. 16184 items: 16185 type: string 16186 type: array 16187 shape: 16188 description: Shape described the shape of the pods. 16189 type: string 16190 subnetName: 16191 description: SubnetName described the regional subnet where pods' 16192 VNIC will be placed. 16193 type: string 16194 type: object 16195 providerID: 16196 description: ProviderID is the OCID of the associated NodePool in 16197 a provider format 16198 type: string 16199 providerIDList: 16200 description: ProviderIDList are the identification IDs of machine 16201 instances provided by the provider. This field must match the provider 16202 IDs as seen on the node objects corresponding to a machine pool's 16203 machine instances. 16204 items: 16205 type: string 16206 type: array 16207 taints: 16208 description: Taints describes the taints will be applied to the Virtual 16209 Nodes of this Virtual Node Pool for Kubernetes scheduling. 16210 items: 16211 description: Taint describes a taint. 16212 properties: 16213 effect: 16214 description: The effect of the pair. 16215 type: string 16216 key: 16217 description: The key of the pair. 16218 type: string 16219 value: 16220 description: The value of the pair. 16221 type: string 16222 type: object 16223 type: array 16224 type: object 16225 status: 16226 description: OCIVirtualMachinePoolStatus defines the observed state of 16227 OCIVirtualMachinePool 16228 properties: 16229 conditions: 16230 description: NetworkSpec encapsulates all things related to OCI network. 16231 items: 16232 description: Condition defines an observation of a Cluster API resource 16233 operational state. 16234 properties: 16235 lastTransitionTime: 16236 description: Last time the condition transitioned from one status 16237 to another. This should be when the underlying condition changed. 16238 If that is not known, then using the time when the API field 16239 changed is acceptable. 16240 format: date-time 16241 type: string 16242 message: 16243 description: A human readable message indicating details about 16244 the transition. This field may be empty. 16245 type: string 16246 reason: 16247 description: The reason for the condition's last transition 16248 in CamelCase. The specific API may choose whether or not this 16249 field is considered a guaranteed API. This field may not be 16250 empty. 16251 type: string 16252 severity: 16253 description: Severity provides an explicit classification of 16254 Reason code, so the users or machines can immediately understand 16255 the current situation and act accordingly. The Severity field 16256 MUST be set only when Status=False. 16257 type: string 16258 status: 16259 description: Status of the condition, one of True, False, Unknown. 16260 type: string 16261 type: 16262 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 16263 Many .condition.type values are consistent across resources 16264 like Available, but because arbitrary conditions can be useful 16265 (see .node.status.conditions), the ability to deconflict is 16266 important. 16267 type: string 16268 required: 16269 - lastTransitionTime 16270 - status 16271 - type 16272 type: object 16273 type: array 16274 failureMessages: 16275 description: FailureMessages contains the verbose erorr messages related 16276 to the virtual machine pool failures. 16277 items: 16278 type: string 16279 type: array 16280 failureReason: 16281 description: FailureReason will contains the CAPI MachinePoolStatusFailure 16282 if the virtual machine pool has hit an error condition. 16283 type: string 16284 ready: 16285 type: boolean 16286 replicas: 16287 description: Replicas is the most recently observed number of replicas 16288 format: int32 16289 type: integer 16290 type: object 16291 type: object 16292 served: true 16293 storage: false 16294 subresources: 16295 status: {} 16296 - name: v1beta2 16297 schema: 16298 openAPIV3Schema: 16299 description: OCIVirtualMachinePool is the Schema for the ocivirtualmachinepool 16300 API. 16301 properties: 16302 apiVersion: 16303 description: 'APIVersion defines the versioned schema of this representation 16304 of an object. Servers should convert recognized schemas to the latest 16305 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16306 type: string 16307 kind: 16308 description: 'Kind is a string value representing the REST resource this 16309 object represents. Servers may infer this from the endpoint the client 16310 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16311 type: string 16312 metadata: 16313 type: object 16314 spec: 16315 description: OCIVirtualMachinePoolSpec defines the desired state of an 16316 OCI virtual machine pool. An OCIVirtualMachinePool translates to an 16317 OKE Virtual node poo;. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateVirtualNodePoolDetails 16318 properties: 16319 id: 16320 description: ID is the OCID of the associated NodePool 16321 type: string 16322 initialVirtualNodeLabels: 16323 description: InitialVirtualNodeLabels defines a list of key/value 16324 pairs to add to nodes after they join the Kubernetes cluster. 16325 items: 16326 description: KeyValue The properties that define a key value pair. 16327 properties: 16328 key: 16329 description: The key of the pair. 16330 type: string 16331 value: 16332 description: The value of the pair. 16333 type: string 16334 type: object 16335 type: array 16336 nsgNames: 16337 description: NsgNames defines the names of NSGs which will be associated 16338 with the nodes. the NSGs are defined in OCIManagedCluster object. 16339 items: 16340 type: string 16341 type: array 16342 placementConfigs: 16343 description: PlacementConfigs defines the placement configurations 16344 for the node pool. 16345 items: 16346 description: VirtualNodepoolPlacementConfig defines the placement 16347 configurations for the virtual node pool. 16348 properties: 16349 availabilityDomain: 16350 type: string 16351 faultDomains: 16352 description: FaultDomains defines the list of fault domains 16353 in which to place nodes. 16354 items: 16355 type: string 16356 type: array 16357 subnetName: 16358 description: SubnetName defines the name of the subnet which 16359 need to be associated with the Virtual Node Pool. The subnets 16360 are defined in the OCiManagedCluster object. 16361 type: string 16362 type: object 16363 type: array 16364 podConfiguration: 16365 description: PodConfiguration defines pod configuration 16366 properties: 16367 nsgNames: 16368 description: NsgNames defines the names of NSGs which will be 16369 associated with the pods. 16370 items: 16371 type: string 16372 type: array 16373 shape: 16374 description: Shape described the shape of the pods. 16375 type: string 16376 subnetName: 16377 description: SubnetName described the regional subnet where pods' 16378 VNIC will be placed. 16379 type: string 16380 type: object 16381 providerID: 16382 description: ProviderID is the OCID of the associated NodePool in 16383 a provider format 16384 type: string 16385 providerIDList: 16386 description: ProviderIDList are the identification IDs of machine 16387 instances provided by the provider. This field must match the provider 16388 IDs as seen on the node objects corresponding to a machine pool's 16389 machine instances. 16390 items: 16391 type: string 16392 type: array 16393 taints: 16394 description: Taints describes the taints will be applied to the Virtual 16395 Nodes of this Virtual Node Pool for Kubernetes scheduling. 16396 items: 16397 description: Taint describes a taint. 16398 properties: 16399 effect: 16400 description: The effect of the pair. 16401 type: string 16402 key: 16403 description: The key of the pair. 16404 type: string 16405 value: 16406 description: The value of the pair. 16407 type: string 16408 type: object 16409 type: array 16410 type: object 16411 status: 16412 description: OCIVirtualMachinePoolStatus defines the observed state of 16413 OCIVirtualMachinePool 16414 properties: 16415 conditions: 16416 description: NetworkSpec encapsulates all things related to OCI network. 16417 items: 16418 description: Condition defines an observation of a Cluster API resource 16419 operational state. 16420 properties: 16421 lastTransitionTime: 16422 description: Last time the condition transitioned from one status 16423 to another. This should be when the underlying condition changed. 16424 If that is not known, then using the time when the API field 16425 changed is acceptable. 16426 format: date-time 16427 type: string 16428 message: 16429 description: A human readable message indicating details about 16430 the transition. This field may be empty. 16431 type: string 16432 reason: 16433 description: The reason for the condition's last transition 16434 in CamelCase. The specific API may choose whether or not this 16435 field is considered a guaranteed API. This field may not be 16436 empty. 16437 type: string 16438 severity: 16439 description: Severity provides an explicit classification of 16440 Reason code, so the users or machines can immediately understand 16441 the current situation and act accordingly. The Severity field 16442 MUST be set only when Status=False. 16443 type: string 16444 status: 16445 description: Status of the condition, one of True, False, Unknown. 16446 type: string 16447 type: 16448 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 16449 Many .condition.type values are consistent across resources 16450 like Available, but because arbitrary conditions can be useful 16451 (see .node.status.conditions), the ability to deconflict is 16452 important. 16453 type: string 16454 required: 16455 - lastTransitionTime 16456 - status 16457 - type 16458 type: object 16459 type: array 16460 failureMessages: 16461 description: FailureMessages contains the verbose erorr messages related 16462 to the virtual machine pool failures. 16463 items: 16464 type: string 16465 type: array 16466 failureReason: 16467 description: FailureReason will contains the CAPI MachinePoolStatusFailure 16468 if the virtual machine pool has hit an error condition. 16469 type: string 16470 ready: 16471 type: boolean 16472 replicas: 16473 description: Replicas is the most recently observed number of replicas 16474 format: int32 16475 type: integer 16476 type: object 16477 type: object 16478 served: true 16479 storage: true 16480 subresources: 16481 status: {} 16482 --- 16483 apiVersion: v1 16484 kind: ServiceAccount 16485 metadata: 16486 labels: 16487 cluster.x-k8s.io/provider: infrastructure-oci 16488 name: capoci-controller-manager 16489 namespace: cluster-api-provider-oci-system 16490 --- 16491 apiVersion: rbac.authorization.k8s.io/v1 16492 kind: Role 16493 metadata: 16494 labels: 16495 cluster.x-k8s.io/provider: infrastructure-oci 16496 name: capoci-leader-election-role 16497 namespace: cluster-api-provider-oci-system 16498 rules: 16499 - apiGroups: 16500 - "" 16501 resources: 16502 - configmaps 16503 verbs: 16504 - get 16505 - list 16506 - watch 16507 - create 16508 - update 16509 - patch 16510 - delete 16511 - apiGroups: 16512 - coordination.k8s.io 16513 resources: 16514 - leases 16515 verbs: 16516 - get 16517 - list 16518 - watch 16519 - create 16520 - update 16521 - patch 16522 - delete 16523 - apiGroups: 16524 - "" 16525 resources: 16526 - events 16527 verbs: 16528 - create 16529 - patch 16530 --- 16531 apiVersion: rbac.authorization.k8s.io/v1 16532 kind: ClusterRole 16533 metadata: 16534 creationTimestamp: null 16535 labels: 16536 cluster.x-k8s.io/provider: infrastructure-oci 16537 name: capoci-manager-role 16538 rules: 16539 - apiGroups: 16540 - infrastructure.cluster.x-k8s.io 16541 resources: 16542 - ociclusters 16543 verbs: 16544 - create 16545 - delete 16546 - get 16547 - list 16548 - patch 16549 - update 16550 - watch 16551 - apiGroups: 16552 - "" 16553 resources: 16554 - events 16555 verbs: 16556 - create 16557 - get 16558 - list 16559 - patch 16560 - update 16561 - watch 16562 - apiGroups: 16563 - infrastructure.cluster.x-k8s.io 16564 resources: 16565 - ociclusters/finalizers 16566 verbs: 16567 - update 16568 - apiGroups: 16569 - infrastructure.cluster.x-k8s.io 16570 resources: 16571 - ociclusters/status 16572 verbs: 16573 - get 16574 - patch 16575 - update 16576 - apiGroups: 16577 - infrastructure.cluster.x-k8s.io 16578 resources: 16579 - ocimachines 16580 verbs: 16581 - create 16582 - delete 16583 - get 16584 - list 16585 - patch 16586 - update 16587 - watch 16588 - apiGroups: 16589 - infrastructure.cluster.x-k8s.io 16590 resources: 16591 - ocimachines/finalizers 16592 verbs: 16593 - update 16594 - apiGroups: 16595 - infrastructure.cluster.x-k8s.io 16596 resources: 16597 - ocimachines/status 16598 verbs: 16599 - get 16600 - patch 16601 - update 16602 - apiGroups: 16603 - infrastructure.cluster.x-k8s.io 16604 resources: 16605 - ocimachinepools 16606 verbs: 16607 - create 16608 - delete 16609 - get 16610 - list 16611 - patch 16612 - update 16613 - watch 16614 - apiGroups: 16615 - infrastructure.cluster.x-k8s.io 16616 resources: 16617 - ocimachinepools 16618 - ocimachinepools/status 16619 verbs: 16620 - get 16621 - list 16622 - watch 16623 - apiGroups: 16624 - infrastructure.cluster.x-k8s.io 16625 resources: 16626 - ocimachinepools/status 16627 verbs: 16628 - get 16629 - patch 16630 - update 16631 - apiGroups: 16632 - infrastructure.cluster.x-k8s.io 16633 resources: 16634 - ocimachinepools/status 16635 verbs: 16636 - get 16637 - patch 16638 - update 16639 - apiGroups: 16640 - cluster.x-k8s.io 16641 resources: 16642 - machines 16643 - machines/status 16644 verbs: 16645 - get 16646 - list 16647 - watch 16648 - apiGroups: 16649 - cluster.x-k8s.io 16650 resources: 16651 - clusters 16652 - clusters/status 16653 verbs: 16654 - get 16655 - list 16656 - watch 16657 - apiGroups: 16658 - cluster.x-k8s.io 16659 resources: 16660 - machinepools 16661 - machinepools/status 16662 verbs: 16663 - get 16664 - list 16665 - watch 16666 - apiGroups: 16667 - "" 16668 resources: 16669 - secrets 16670 verbs: 16671 - create 16672 - delete 16673 - get 16674 - list 16675 - patch 16676 - update 16677 - watch 16678 - apiGroups: 16679 - infrastructure.cluster.x-k8s.io 16680 resources: 16681 - ocimanagedclusters 16682 verbs: 16683 - create 16684 - delete 16685 - get 16686 - list 16687 - patch 16688 - update 16689 - watch 16690 - apiGroups: 16691 - infrastructure.cluster.x-k8s.io 16692 resources: 16693 - ocimanagedclusters/finalizers 16694 verbs: 16695 - update 16696 - apiGroups: 16697 - infrastructure.cluster.x-k8s.io 16698 resources: 16699 - ocimanagedclusters/status 16700 verbs: 16701 - get 16702 - patch 16703 - update 16704 - apiGroups: 16705 - infrastructure.cluster.x-k8s.io 16706 resources: 16707 - ocimanagedcontrolplanes 16708 verbs: 16709 - create 16710 - delete 16711 - get 16712 - list 16713 - patch 16714 - update 16715 - watch 16716 - apiGroups: 16717 - infrastructure.cluster.x-k8s.io 16718 resources: 16719 - ocimanagedcontrolplanes/finalizers 16720 verbs: 16721 - update 16722 - apiGroups: 16723 - infrastructure.cluster.x-k8s.io 16724 resources: 16725 - ocimanagedcontrolplanes/status 16726 verbs: 16727 - get 16728 - patch 16729 - update 16730 - apiGroups: 16731 - infrastructure.cluster.x-k8s.io 16732 resources: 16733 - ocimanagedmachinepools 16734 verbs: 16735 - create 16736 - delete 16737 - get 16738 - list 16739 - patch 16740 - update 16741 - watch 16742 - apiGroups: 16743 - infrastructure.cluster.x-k8s.io 16744 resources: 16745 - ocimanagedmachinepools/finalizers 16746 verbs: 16747 - update 16748 - apiGroups: 16749 - infrastructure.cluster.x-k8s.io 16750 resources: 16751 - ocimanagedmachinepools/status 16752 verbs: 16753 - get 16754 - patch 16755 - update 16756 - apiGroups: 16757 - infrastructure.cluster.x-k8s.io 16758 resources: 16759 - ociclusteridentities 16760 verbs: 16761 - get 16762 - list 16763 - watch 16764 - apiGroups: 16765 - infrastructure.cluster.x-k8s.io 16766 resources: 16767 - ocivirtualmachinepools 16768 verbs: 16769 - create 16770 - delete 16771 - get 16772 - list 16773 - patch 16774 - update 16775 - watch 16776 - apiGroups: 16777 - infrastructure.cluster.x-k8s.io 16778 resources: 16779 - ocivirtualmachinepools/finalizers 16780 verbs: 16781 - update 16782 - apiGroups: 16783 - infrastructure.cluster.x-k8s.io 16784 resources: 16785 - ocivirtualmachinepools/status 16786 verbs: 16787 - get 16788 - patch 16789 - update 16790 --- 16791 apiVersion: rbac.authorization.k8s.io/v1 16792 kind: ClusterRole 16793 metadata: 16794 labels: 16795 cluster.x-k8s.io/provider: infrastructure-oci 16796 name: capoci-metrics-reader 16797 rules: 16798 - nonResourceURLs: 16799 - /metrics 16800 verbs: 16801 - get 16802 --- 16803 apiVersion: rbac.authorization.k8s.io/v1 16804 kind: ClusterRole 16805 metadata: 16806 labels: 16807 cluster.x-k8s.io/provider: infrastructure-oci 16808 name: capoci-proxy-role 16809 rules: 16810 - apiGroups: 16811 - authentication.k8s.io 16812 resources: 16813 - tokenreviews 16814 verbs: 16815 - create 16816 - apiGroups: 16817 - authorization.k8s.io 16818 resources: 16819 - subjectaccessreviews 16820 verbs: 16821 - create 16822 --- 16823 apiVersion: rbac.authorization.k8s.io/v1 16824 kind: RoleBinding 16825 metadata: 16826 labels: 16827 cluster.x-k8s.io/provider: infrastructure-oci 16828 name: capoci-leader-election-rolebinding 16829 namespace: cluster-api-provider-oci-system 16830 roleRef: 16831 apiGroup: rbac.authorization.k8s.io 16832 kind: Role 16833 name: capoci-leader-election-role 16834 subjects: 16835 - kind: ServiceAccount 16836 name: capoci-controller-manager 16837 namespace: cluster-api-provider-oci-system 16838 --- 16839 apiVersion: rbac.authorization.k8s.io/v1 16840 kind: ClusterRoleBinding 16841 metadata: 16842 labels: 16843 cluster.x-k8s.io/provider: infrastructure-oci 16844 name: capoci-manager-rolebinding 16845 roleRef: 16846 apiGroup: rbac.authorization.k8s.io 16847 kind: ClusterRole 16848 name: capoci-manager-role 16849 subjects: 16850 - kind: ServiceAccount 16851 name: capoci-controller-manager 16852 namespace: cluster-api-provider-oci-system 16853 --- 16854 apiVersion: rbac.authorization.k8s.io/v1 16855 kind: ClusterRoleBinding 16856 metadata: 16857 labels: 16858 cluster.x-k8s.io/provider: infrastructure-oci 16859 name: capoci-proxy-rolebinding 16860 roleRef: 16861 apiGroup: rbac.authorization.k8s.io 16862 kind: ClusterRole 16863 name: capoci-proxy-role 16864 subjects: 16865 - kind: ServiceAccount 16866 name: capoci-controller-manager 16867 namespace: cluster-api-provider-oci-system 16868 --- 16869 apiVersion: v1 16870 data: 16871 controller_manager_config.yaml: | 16872 apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 16873 kind: ControllerManagerConfig 16874 health: 16875 healthProbeBindAddress: :8081 16876 metrics: 16877 bindAddress: 127.0.0.1:8080 16878 webhook: 16879 port: 9443 16880 leaderElection: 16881 leaderElect: true 16882 resourceName: 237d8a8a.cluster.x-k8s.io 16883 kind: ConfigMap 16884 metadata: 16885 labels: 16886 cluster.x-k8s.io/provider: infrastructure-oci 16887 name: capoci-manager-config 16888 namespace: cluster-api-provider-oci-system 16889 --- 16890 apiVersion: v1 16891 data: 16892 fingerprint: ${OCI_CREDENTIALS_FINGERPRINT_B64:=""} 16893 key: ${OCI_CREDENTIALS_KEY_B64:=""} 16894 passphrase: ${OCI_CREDENTIALS_PASSPHRASE_B64:=""} 16895 region: ${OCI_REGION_B64:=""} 16896 tenancy: ${OCI_TENANCY_ID_B64:=""} 16897 useInstancePrincipal: ${USE_INSTANCE_PRINCIPAL_B64:="ZmFsc2U="} 16898 user: ${OCI_USER_ID_B64:=""} 16899 kind: Secret 16900 metadata: 16901 labels: 16902 cluster.x-k8s.io/provider: infrastructure-oci 16903 name: capoci-auth-config 16904 namespace: cluster-api-provider-oci-system 16905 type: Opaque 16906 --- 16907 apiVersion: v1 16908 kind: Service 16909 metadata: 16910 labels: 16911 cluster.x-k8s.io/provider: infrastructure-oci 16912 control-plane: controller-manager 16913 name: capoci-controller-manager-metrics-service 16914 namespace: cluster-api-provider-oci-system 16915 spec: 16916 ports: 16917 - name: https 16918 port: 8443 16919 targetPort: https 16920 selector: 16921 cluster.x-k8s.io/provider: infrastructure-oci 16922 control-plane: controller-manager 16923 --- 16924 apiVersion: v1 16925 kind: Service 16926 metadata: 16927 labels: 16928 cluster.x-k8s.io/provider: infrastructure-oci 16929 name: capoci-webhook-service 16930 namespace: cluster-api-provider-oci-system 16931 spec: 16932 ports: 16933 - port: 443 16934 targetPort: webhook-server 16935 selector: 16936 cluster.x-k8s.io/provider: infrastructure-oci 16937 --- 16938 apiVersion: apps/v1 16939 kind: Deployment 16940 metadata: 16941 labels: 16942 cluster.x-k8s.io/provider: infrastructure-oci 16943 control-plane: controller-manager 16944 name: capoci-controller-manager 16945 namespace: cluster-api-provider-oci-system 16946 spec: 16947 replicas: 1 16948 selector: 16949 matchLabels: 16950 cluster.x-k8s.io/provider: infrastructure-oci 16951 control-plane: controller-manager 16952 template: 16953 metadata: 16954 labels: 16955 cluster.x-k8s.io/provider: infrastructure-oci 16956 control-plane: controller-manager 16957 spec: 16958 affinity: 16959 nodeAffinity: 16960 preferredDuringSchedulingIgnoredDuringExecution: 16961 - preference: 16962 matchExpressions: 16963 - key: ${K8S_CP_LABEL:=node-role.kubernetes.io/control-plane} 16964 operator: Exists 16965 weight: 10 16966 - preference: 16967 matchExpressions: 16968 - key: node-role.kubernetes.io/master 16969 operator: Exists 16970 weight: 10 16971 containers: 16972 - args: 16973 - --leader-elect 16974 - --feature-gates=MachinePool=${EXP_MACHINE_POOL:=false} 16975 - --metrics-bind-address=127.0.0.1:8080 16976 - --logging-format=${LOG_FORMAT:=text} 16977 - --init-oci-clients-on-startup=${INIT_OCI_CLIENTS_ON_STARTUP:=true} 16978 command: 16979 - /manager 16980 env: 16981 - name: AUTH_CONFIG_DIR 16982 value: /etc/oci 16983 image: ghcr.io/oracle/cluster-api-oci-controller:v0.12.1 16984 imagePullPolicy: IfNotPresent 16985 livenessProbe: 16986 httpGet: 16987 path: /healthz 16988 port: 8081 16989 initialDelaySeconds: 15 16990 periodSeconds: 20 16991 name: manager 16992 ports: 16993 - containerPort: 9443 16994 name: webhook-server 16995 protocol: TCP 16996 readinessProbe: 16997 httpGet: 16998 path: /readyz 16999 port: 8081 17000 initialDelaySeconds: 5 17001 periodSeconds: 10 17002 securityContext: 17003 allowPrivilegeEscalation: false 17004 capabilities: 17005 drop: 17006 - ALL 17007 privileged: false 17008 runAsGroup: 65532 17009 runAsUser: 65532 17010 volumeMounts: 17011 - mountPath: /tmp/k8s-webhook-server/serving-certs 17012 name: cert 17013 readOnly: true 17014 - mountPath: /etc/oci 17015 name: auth-config-dir 17016 readOnly: true 17017 securityContext: 17018 runAsNonRoot: true 17019 seccompProfile: 17020 type: RuntimeDefault 17021 serviceAccountName: capoci-controller-manager 17022 terminationGracePeriodSeconds: 10 17023 tolerations: 17024 - effect: NoSchedule 17025 key: node-role.kubernetes.io/master 17026 - effect: NoSchedule 17027 key: node-role.kubernetes.io/control-plane 17028 volumes: 17029 - name: cert 17030 secret: 17031 defaultMode: 420 17032 secretName: capoci-webhook-service-cert 17033 - name: auth-config-dir 17034 secret: 17035 secretName: capoci-auth-config 17036 --- 17037 apiVersion: cert-manager.io/v1 17038 kind: Certificate 17039 metadata: 17040 labels: 17041 cluster.x-k8s.io/provider: infrastructure-oci 17042 name: capoci-serving-cert 17043 namespace: cluster-api-provider-oci-system 17044 spec: 17045 dnsNames: 17046 - capoci-webhook-service.cluster-api-provider-oci-system.svc 17047 - capoci-webhook-service.cluster-api-provider-oci-system.svc.cluster.local 17048 issuerRef: 17049 kind: Issuer 17050 name: capoci-selfsigned-issuer 17051 secretName: capoci-webhook-service-cert 17052 --- 17053 apiVersion: cert-manager.io/v1 17054 kind: Issuer 17055 metadata: 17056 labels: 17057 cluster.x-k8s.io/provider: infrastructure-oci 17058 name: capoci-selfsigned-issuer 17059 namespace: cluster-api-provider-oci-system 17060 spec: 17061 selfSigned: {} 17062 --- 17063 apiVersion: admissionregistration.k8s.io/v1 17064 kind: MutatingWebhookConfiguration 17065 metadata: 17066 annotations: 17067 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17068 labels: 17069 cluster.x-k8s.io/provider: infrastructure-oci 17070 name: capoci-mutating-webhook-configuration 17071 webhooks: 17072 - admissionReviewVersions: 17073 - v1beta1 17074 clientConfig: 17075 service: 17076 name: capoci-webhook-service 17077 namespace: cluster-api-provider-oci-system 17078 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocicluster 17079 failurePolicy: Fail 17080 matchPolicy: Equivalent 17081 name: default.ocicluster.infrastructure.cluster.x-k8s.io 17082 rules: 17083 - apiGroups: 17084 - infrastructure.cluster.x-k8s.io 17085 apiVersions: 17086 - v1beta2 17087 operations: 17088 - CREATE 17089 - UPDATE 17090 resources: 17091 - ociclusters 17092 sideEffects: None 17093 - admissionReviewVersions: 17094 - v1beta1 17095 clientConfig: 17096 service: 17097 name: capoci-webhook-service 17098 namespace: cluster-api-provider-oci-system 17099 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcluster 17100 failurePolicy: Fail 17101 matchPolicy: Equivalent 17102 name: default.ocimanagedcluster.infrastructure.cluster.x-k8s.io 17103 rules: 17104 - apiGroups: 17105 - infrastructure.cluster.x-k8s.io 17106 apiVersions: 17107 - v1beta2 17108 operations: 17109 - CREATE 17110 - UPDATE 17111 resources: 17112 - ocimanagedclusters 17113 sideEffects: None 17114 - admissionReviewVersions: 17115 - v1beta1 17116 clientConfig: 17117 service: 17118 name: capoci-webhook-service 17119 namespace: cluster-api-provider-oci-system 17120 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcontrolplane 17121 failurePolicy: Fail 17122 matchPolicy: Equivalent 17123 name: default.ocimanagedcontrolplane.infrastructure.cluster.x-k8s.io 17124 rules: 17125 - apiGroups: 17126 - infrastructure.cluster.x-k8s.io 17127 apiVersions: 17128 - v1beta2 17129 operations: 17130 - CREATE 17131 - UPDATE 17132 resources: 17133 - ocimanagedcontrolplanes 17134 sideEffects: None 17135 - admissionReviewVersions: 17136 - v1beta1 17137 clientConfig: 17138 service: 17139 name: capoci-webhook-service 17140 namespace: cluster-api-provider-oci-system 17141 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedmachinepool 17142 failurePolicy: Fail 17143 matchPolicy: Equivalent 17144 name: default.ocimanagedmachinepool.infrastructure.cluster.x-k8s.io 17145 rules: 17146 - apiGroups: 17147 - infrastructure.cluster.x-k8s.io 17148 apiVersions: 17149 - v1beta2 17150 operations: 17151 - CREATE 17152 - UPDATE 17153 resources: 17154 - ocimanagedmachinepools 17155 sideEffects: None 17156 - admissionReviewVersions: 17157 - v1beta1 17158 clientConfig: 17159 service: 17160 name: capoci-webhook-service 17161 namespace: cluster-api-provider-oci-system 17162 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocivirtualmachinepool 17163 failurePolicy: Fail 17164 matchPolicy: Equivalent 17165 name: default.ocivirtualmachinepool.infrastructure.cluster.x-k8s.io 17166 rules: 17167 - apiGroups: 17168 - infrastructure.cluster.x-k8s.io 17169 apiVersions: 17170 - v1beta2 17171 operations: 17172 - CREATE 17173 - UPDATE 17174 resources: 17175 - ocivirtualmachinepools 17176 sideEffects: None 17177 --- 17178 apiVersion: admissionregistration.k8s.io/v1 17179 kind: ValidatingWebhookConfiguration 17180 metadata: 17181 annotations: 17182 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17183 labels: 17184 cluster.x-k8s.io/provider: infrastructure-oci 17185 name: capoci-validating-webhook-configuration 17186 webhooks: 17187 - admissionReviewVersions: 17188 - v1beta1 17189 clientConfig: 17190 service: 17191 name: capoci-webhook-service 17192 namespace: cluster-api-provider-oci-system 17193 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocicluster 17194 failurePolicy: Fail 17195 matchPolicy: Equivalent 17196 name: validation.ocicluster.infrastructure.cluster.x-k8s.io 17197 rules: 17198 - apiGroups: 17199 - infrastructure.cluster.x-k8s.io 17200 apiVersions: 17201 - v1beta2 17202 operations: 17203 - CREATE 17204 - UPDATE 17205 resources: 17206 - ociclusters 17207 sideEffects: None 17208 - admissionReviewVersions: 17209 - v1beta1 17210 clientConfig: 17211 service: 17212 name: capoci-webhook-service 17213 namespace: cluster-api-provider-oci-system 17214 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimachinetemplate 17215 failurePolicy: Fail 17216 matchPolicy: Equivalent 17217 name: validation.ocimachinetemplate.infrastructure.cluster.x-k8s.io 17218 rules: 17219 - apiGroups: 17220 - infrastructure.cluster.x-k8s.io 17221 apiVersions: 17222 - v1beta2 17223 operations: 17224 - CREATE 17225 - UPDATE 17226 resources: 17227 - ocimachinetemplates 17228 sideEffects: None 17229 - admissionReviewVersions: 17230 - v1beta1 17231 clientConfig: 17232 service: 17233 name: capoci-webhook-service 17234 namespace: cluster-api-provider-oci-system 17235 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcluster 17236 failurePolicy: Fail 17237 matchPolicy: Equivalent 17238 name: validation.ocimanagedcluster.infrastructure.cluster.x-k8s.io 17239 rules: 17240 - apiGroups: 17241 - infrastructure.cluster.x-k8s.io 17242 apiVersions: 17243 - v1beta2 17244 operations: 17245 - CREATE 17246 - UPDATE 17247 resources: 17248 - ocimanagedclusters 17249 sideEffects: None 17250 - admissionReviewVersions: 17251 - v1beta1 17252 clientConfig: 17253 service: 17254 name: capoci-webhook-service 17255 namespace: cluster-api-provider-oci-system 17256 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcontrolplane 17257 failurePolicy: Fail 17258 matchPolicy: Equivalent 17259 name: validation.ocimanagedcontrolplane.infrastructure.cluster.x-k8s.io 17260 rules: 17261 - apiGroups: 17262 - infrastructure.cluster.x-k8s.io 17263 apiVersions: 17264 - v1beta2 17265 operations: 17266 - CREATE 17267 - UPDATE 17268 resources: 17269 - ocimanagedcontrolplanes 17270 sideEffects: None 17271 - admissionReviewVersions: 17272 - v1beta1 17273 clientConfig: 17274 service: 17275 name: capoci-webhook-service 17276 namespace: cluster-api-provider-oci-system 17277 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedmachinepool 17278 failurePolicy: Fail 17279 matchPolicy: Equivalent 17280 name: validation.ocimanagedmachinepool.infrastructure.cluster.x-k8s.io 17281 rules: 17282 - apiGroups: 17283 - infrastructure.cluster.x-k8s.io 17284 apiVersions: 17285 - v1beta2 17286 operations: 17287 - CREATE 17288 - UPDATE 17289 resources: 17290 - ocimanagedmachinepools 17291 sideEffects: None 17292 - admissionReviewVersions: 17293 - v1beta1 17294 clientConfig: 17295 service: 17296 name: capoci-webhook-service 17297 namespace: cluster-api-provider-oci-system 17298 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocivirtualmachinepool 17299 failurePolicy: Fail 17300 matchPolicy: Equivalent 17301 name: validation.ocivirtualmachinepool.infrastructure.cluster.x-k8s.io 17302 rules: 17303 - apiGroups: 17304 - infrastructure.cluster.x-k8s.io 17305 apiVersions: 17306 - v1beta2 17307 operations: 17308 - CREATE 17309 - UPDATE 17310 resources: 17311 - ocivirtualmachinepools 17312 sideEffects: None