github.com/verrazzano/verrazzano@v1.7.1/platform-operator/capi/infrastructure-oci/v0.13.0/infrastructure-components.yaml (about) 1 # Copyright (c) 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 apiVersion: v1 5 kind: Namespace 6 metadata: 7 labels: 8 cluster.x-k8s.io/provider: infrastructure-oci 9 control-plane: controller-manager 10 name: cluster-api-provider-oci-system 11 --- 12 apiVersion: apiextensions.k8s.io/v1 13 kind: CustomResourceDefinition 14 metadata: 15 annotations: 16 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17 controller-gen.kubebuilder.io/version: v0.10.0 18 labels: 19 cluster.x-k8s.io/provider: infrastructure-oci 20 cluster.x-k8s.io/v1beta1: v1beta1 21 name: ociclusteridentities.infrastructure.cluster.x-k8s.io 22 spec: 23 conversion: 24 strategy: Webhook 25 webhook: 26 clientConfig: 27 service: 28 name: capoci-webhook-service 29 namespace: cluster-api-provider-oci-system 30 path: /convert 31 conversionReviewVersions: 32 - v1 33 - v1beta1 34 group: infrastructure.cluster.x-k8s.io 35 names: 36 kind: OCIClusterIdentity 37 listKind: OCIClusterIdentityList 38 plural: ociclusteridentities 39 singular: ociclusteridentity 40 scope: Namespaced 41 versions: 42 - name: v1beta1 43 schema: 44 openAPIV3Schema: 45 description: OCIClusterIdentity is the Schema for the OCI Cluster Identity 46 API 47 properties: 48 apiVersion: 49 description: 'APIVersion defines the versioned schema of this representation 50 of an object. Servers should convert recognized schemas to the latest 51 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 52 type: string 53 kind: 54 description: 'Kind is a string value representing the REST resource this 55 object represents. Servers may infer this from the endpoint the client 56 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 57 type: string 58 metadata: 59 type: object 60 spec: 61 description: OCIClusterIdentitySpec defines the parameters that are used 62 to create an OCIClusterIdentity. 63 properties: 64 allowedNamespaces: 65 description: AllowedNamespaces is used to identify the namespaces 66 the clusters are allowed to use the identity from. Namespaces can 67 be selected either using an array of namespaces or with label selector. 68 An empty allowedNamespaces object indicates that OCIClusters can 69 use this identity from any namespace. If this object is nil, no 70 namespaces will be allowed (default behaviour, if this field is 71 not provided) A namespace should be either in the NamespaceList 72 or match with Selector to use the identity. 73 nullable: true 74 properties: 75 list: 76 description: A nil or empty list indicates that OCICluster cannot 77 use the identity from any namespace. NamespaceList takes precedence 78 over the Selector. 79 items: 80 type: string 81 nullable: true 82 type: array 83 selector: 84 description: "Selector is a selector of namespaces that OCICluster 85 can use this Identity from. This is a standard Kubernetes LabelSelector, 86 a label query over a set of resources. The result of matchLabels 87 and matchExpressions are ANDed. \n A nil or empty selector indicates 88 that OCICluster cannot use this OCIClusterIdentity from any 89 namespace." 90 properties: 91 matchExpressions: 92 description: matchExpressions is a list of label selector 93 requirements. The requirements are ANDed. 94 items: 95 description: A label selector requirement is a selector 96 that contains values, a key, and an operator that relates 97 the key and values. 98 properties: 99 key: 100 description: key is the label key that the selector 101 applies to. 102 type: string 103 operator: 104 description: operator represents a key's relationship 105 to a set of values. Valid operators are In, NotIn, 106 Exists and DoesNotExist. 107 type: string 108 values: 109 description: values is an array of string values. If 110 the operator is In or NotIn, the values array must 111 be non-empty. If the operator is Exists or DoesNotExist, 112 the values array must be empty. This array is replaced 113 during a strategic merge patch. 114 items: 115 type: string 116 type: array 117 required: 118 - key 119 - operator 120 type: object 121 type: array 122 matchLabels: 123 additionalProperties: 124 type: string 125 description: matchLabels is a map of {key,value} pairs. A 126 single {key,value} in the matchLabels map is equivalent 127 to an element of matchExpressions, whose key field is "key", 128 the operator is "In", and the values array contains only 129 "value". The requirements are ANDed. 130 type: object 131 type: object 132 x-kubernetes-map-type: atomic 133 type: object 134 principalSecret: 135 description: PrincipalSecret is a secret reference which contains 136 the authentication credentials for the principal. 137 properties: 138 name: 139 description: name is unique within a namespace to reference a 140 secret resource. 141 type: string 142 namespace: 143 description: namespace defines the space within which the secret 144 name must be unique. 145 type: string 146 type: object 147 x-kubernetes-map-type: atomic 148 type: 149 description: Type is the type of OCI Principal used. UserPrincipal 150 is the only supported value 151 type: string 152 required: 153 - type 154 type: object 155 status: 156 description: OCIClusterIdentityStatus defines the observed state of OCIClusterIdentity. 157 properties: 158 conditions: 159 description: Conditions defines current service state of the OCIClusterIdentity. 160 items: 161 description: Condition defines an observation of a Cluster API resource 162 operational state. 163 properties: 164 lastTransitionTime: 165 description: Last time the condition transitioned from one status 166 to another. This should be when the underlying condition changed. 167 If that is not known, then using the time when the API field 168 changed is acceptable. 169 format: date-time 170 type: string 171 message: 172 description: A human readable message indicating details about 173 the transition. This field may be empty. 174 type: string 175 reason: 176 description: The reason for the condition's last transition 177 in CamelCase. The specific API may choose whether or not this 178 field is considered a guaranteed API. This field may not be 179 empty. 180 type: string 181 severity: 182 description: Severity provides an explicit classification of 183 Reason code, so the users or machines can immediately understand 184 the current situation and act accordingly. The Severity field 185 MUST be set only when Status=False. 186 type: string 187 status: 188 description: Status of the condition, one of True, False, Unknown. 189 type: string 190 type: 191 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 192 Many .condition.type values are consistent across resources 193 like Available, but because arbitrary conditions can be useful 194 (see .node.status.conditions), the ability to deconflict is 195 important. 196 type: string 197 required: 198 - lastTransitionTime 199 - status 200 - type 201 type: object 202 type: array 203 type: object 204 type: object 205 served: true 206 storage: false 207 subresources: 208 status: {} 209 - name: v1beta2 210 schema: 211 openAPIV3Schema: 212 description: OCIClusterIdentity is the Schema for the OCI Cluster Identity 213 API 214 properties: 215 apiVersion: 216 description: 'APIVersion defines the versioned schema of this representation 217 of an object. Servers should convert recognized schemas to the latest 218 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 219 type: string 220 kind: 221 description: 'Kind is a string value representing the REST resource this 222 object represents. Servers may infer this from the endpoint the client 223 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 224 type: string 225 metadata: 226 type: object 227 spec: 228 description: OCIClusterIdentitySpec defines the parameters that are used 229 to create an OCIClusterIdentity. 230 properties: 231 allowedNamespaces: 232 description: AllowedNamespaces is used to identify the namespaces 233 the clusters are allowed to use the identity from. Namespaces can 234 be selected either using an array of namespaces or with label selector. 235 An empty allowedNamespaces object indicates that OCIClusters can 236 use this identity from any namespace. If this object is nil, no 237 namespaces will be allowed (default behaviour, if this field is 238 not provided) A namespace should be either in the NamespaceList 239 or match with Selector to use the identity. 240 nullable: true 241 properties: 242 list: 243 description: A nil or empty list indicates that OCICluster cannot 244 use the identity from any namespace. NamespaceList takes precedence 245 over the Selector. 246 items: 247 type: string 248 nullable: true 249 type: array 250 selector: 251 description: "Selector is a selector of namespaces that OCICluster 252 can use this Identity from. This is a standard Kubernetes LabelSelector, 253 a label query over a set of resources. The result of matchLabels 254 and matchExpressions are ANDed. \n A nil or empty selector indicates 255 that OCICluster cannot use this OCIClusterIdentity from any 256 namespace." 257 properties: 258 matchExpressions: 259 description: matchExpressions is a list of label selector 260 requirements. The requirements are ANDed. 261 items: 262 description: A label selector requirement is a selector 263 that contains values, a key, and an operator that relates 264 the key and values. 265 properties: 266 key: 267 description: key is the label key that the selector 268 applies to. 269 type: string 270 operator: 271 description: operator represents a key's relationship 272 to a set of values. Valid operators are In, NotIn, 273 Exists and DoesNotExist. 274 type: string 275 values: 276 description: values is an array of string values. If 277 the operator is In or NotIn, the values array must 278 be non-empty. If the operator is Exists or DoesNotExist, 279 the values array must be empty. This array is replaced 280 during a strategic merge patch. 281 items: 282 type: string 283 type: array 284 required: 285 - key 286 - operator 287 type: object 288 type: array 289 matchLabels: 290 additionalProperties: 291 type: string 292 description: matchLabels is a map of {key,value} pairs. A 293 single {key,value} in the matchLabels map is equivalent 294 to an element of matchExpressions, whose key field is "key", 295 the operator is "In", and the values array contains only 296 "value". The requirements are ANDed. 297 type: object 298 type: object 299 x-kubernetes-map-type: atomic 300 type: object 301 principalSecret: 302 description: PrincipalSecret is a secret reference which contains 303 the authentication credentials for the principal. 304 properties: 305 name: 306 description: name is unique within a namespace to reference a 307 secret resource. 308 type: string 309 namespace: 310 description: namespace defines the space within which the secret 311 name must be unique. 312 type: string 313 type: object 314 x-kubernetes-map-type: atomic 315 type: 316 description: Type is the type of OCI Principal used. UserPrincipal 317 is the only supported value 318 type: string 319 required: 320 - type 321 type: object 322 status: 323 description: OCIClusterIdentityStatus defines the observed state of OCIClusterIdentity. 324 properties: 325 conditions: 326 description: Conditions defines current service state of the OCIClusterIdentity. 327 items: 328 description: Condition defines an observation of a Cluster API resource 329 operational state. 330 properties: 331 lastTransitionTime: 332 description: Last time the condition transitioned from one status 333 to another. This should be when the underlying condition changed. 334 If that is not known, then using the time when the API field 335 changed is acceptable. 336 format: date-time 337 type: string 338 message: 339 description: A human readable message indicating details about 340 the transition. This field may be empty. 341 type: string 342 reason: 343 description: The reason for the condition's last transition 344 in CamelCase. The specific API may choose whether or not this 345 field is considered a guaranteed API. This field may not be 346 empty. 347 type: string 348 severity: 349 description: Severity provides an explicit classification of 350 Reason code, so the users or machines can immediately understand 351 the current situation and act accordingly. The Severity field 352 MUST be set only when Status=False. 353 type: string 354 status: 355 description: Status of the condition, one of True, False, Unknown. 356 type: string 357 type: 358 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 359 Many .condition.type values are consistent across resources 360 like Available, but because arbitrary conditions can be useful 361 (see .node.status.conditions), the ability to deconflict is 362 important. 363 type: string 364 required: 365 - lastTransitionTime 366 - status 367 - type 368 type: object 369 type: array 370 type: object 371 type: object 372 served: true 373 storage: true 374 subresources: 375 status: {} 376 --- 377 apiVersion: apiextensions.k8s.io/v1 378 kind: CustomResourceDefinition 379 metadata: 380 annotations: 381 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 382 controller-gen.kubebuilder.io/version: v0.10.0 383 labels: 384 cluster.x-k8s.io/provider: infrastructure-oci 385 cluster.x-k8s.io/v1beta1: v1beta1 386 name: ociclusters.infrastructure.cluster.x-k8s.io 387 spec: 388 conversion: 389 strategy: Webhook 390 webhook: 391 clientConfig: 392 service: 393 name: capoci-webhook-service 394 namespace: cluster-api-provider-oci-system 395 path: /convert 396 conversionReviewVersions: 397 - v1 398 - v1beta1 399 group: infrastructure.cluster.x-k8s.io 400 names: 401 kind: OCICluster 402 listKind: OCIClusterList 403 plural: ociclusters 404 singular: ocicluster 405 scope: Namespaced 406 versions: 407 - name: v1beta1 408 schema: 409 openAPIV3Schema: 410 description: OCICluster is the Schema for the ociclusters API. 411 properties: 412 apiVersion: 413 description: 'APIVersion defines the versioned schema of this representation 414 of an object. Servers should convert recognized schemas to the latest 415 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 416 type: string 417 kind: 418 description: 'Kind is a string value representing the REST resource this 419 object represents. Servers may infer this from the endpoint the client 420 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 421 type: string 422 metadata: 423 type: object 424 spec: 425 description: OCIClusterSpec defines the desired state of OciCluster 426 properties: 427 compartmentId: 428 description: Compartment to create the cluster network. 429 type: string 430 controlPlaneEndpoint: 431 description: ControlPlaneEndpoint represents the endpoint used to 432 communicate with the control plane. 433 properties: 434 host: 435 description: The hostname on which the API server is serving. 436 type: string 437 port: 438 description: The port on which the API server is serving. 439 format: int32 440 type: integer 441 required: 442 - host 443 - port 444 type: object 445 definedTags: 446 additionalProperties: 447 additionalProperties: 448 type: string 449 type: object 450 description: 'Defined tags for this resource. Each key is predefined 451 and scoped to a namespace. For more information, see Resource Tags 452 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 453 Example: `{"Operations": {"CostCenter": "42"}}`' 454 type: object 455 freeformTags: 456 additionalProperties: 457 type: string 458 description: Free-form tags for this resource. 459 type: object 460 identityRef: 461 description: IdentityRef is a reference to an identity(principal) 462 to be used when reconciling this cluster 463 properties: 464 apiVersion: 465 description: API version of the referent. 466 type: string 467 fieldPath: 468 description: 'If referring to a piece of an object instead of 469 an entire object, this string should contain a valid JSON/Go 470 field access statement, such as desiredState.manifest.containers[2]. 471 For example, if the object reference is to a container within 472 a pod, this would take on a value like: "spec.containers{name}" 473 (where "name" refers to the name of the container that triggered 474 the event) or if no container name is specified "spec.containers[2]" 475 (container with index 2 in this pod). This syntax is chosen 476 only to have some well-defined way of referencing a part of 477 an object. TODO: this design is not final and this field is 478 subject to change in the future.' 479 type: string 480 kind: 481 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 482 type: string 483 name: 484 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 485 type: string 486 namespace: 487 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 488 type: string 489 resourceVersion: 490 description: 'Specific resourceVersion to which this reference 491 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 492 type: string 493 uid: 494 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 495 type: string 496 type: object 497 x-kubernetes-map-type: atomic 498 networkSpec: 499 description: NetworkSpec encapsulates all things related to OCI network. 500 properties: 501 apiServerLoadBalancer: 502 description: API Server LB configuration. 503 properties: 504 loadBalancerId: 505 description: ID of Load Balancer. 506 type: string 507 name: 508 description: LoadBalancer Name. 509 type: string 510 type: object 511 skipNetworkManagement: 512 description: SkipNetworkManagement defines if the networking spec(VCN 513 related) specified by the user needs to be reconciled(actioned-upon) 514 or used as it is. APIServerLB will still be reconciled. 515 type: boolean 516 vcn: 517 description: VCN configuration. 518 properties: 519 cidr: 520 description: VCN CIDR. 521 type: string 522 id: 523 description: VCN OCID. 524 type: string 525 internetGatewayId: 526 description: ID of Internet Gateway. 527 type: string 528 name: 529 description: VCN Name. 530 type: string 531 natGatewayId: 532 description: ID of Nat Gateway. 533 type: string 534 networkSecurityGroups: 535 description: NetworkSecurityGroups is the configuration for 536 the Network Security Groups required in the VCN. 537 items: 538 description: NSG defines configuration for a Network Security 539 Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 540 properties: 541 egressRules: 542 description: EgressRules on the NSG. 543 items: 544 description: EgressSecurityRuleForNSG is EgressSecurityRule 545 for NSG. 546 properties: 547 egressRule: 548 description: EgressSecurityRule A rule for allowing 549 outbound IP packets. 550 properties: 551 description: 552 description: An optional description of your 553 choice for the rule. 554 type: string 555 destination: 556 description: 'Conceptually, this is the range 557 of IP addresses that a packet originating 558 from the instance can go to. Allowed values: 559 * IP address range in CIDR notation. For 560 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 561 Note that IPv6 addressing is currently supported 562 only in certain regions. See IPv6 Addresses 563 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 564 * The `cidrBlock` value for a Service, if 565 you''re setting up a security list rule 566 for traffic destined for a particular `Service` 567 through a service gateway. For example: 568 `oci-phx-objectstorage`.' 569 type: string 570 destinationType: 571 description: 'Type of destination for the 572 rule. The default is `CIDR_BLOCK`. Allowed 573 values: * `CIDR_BLOCK`: If the rule''s `destination` 574 is an IP address range in CIDR notation. 575 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 576 is the `cidrBlock` value for a Service (the 577 rule is for traffic destined for a particular 578 `Service` through a service gateway).' 579 type: string 580 icmpOptions: 581 description: 'IcmpOptions Optional and valid 582 only for ICMP and ICMPv6. Use to specify 583 a particular ICMP type and code as defined 584 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 585 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 586 If you specify ICMP or ICMPv6 as the protocol 587 but omit this object, then all ICMP types 588 and codes are allowed. If you do provide 589 this object, the type is required and the 590 code is optional. To enable MTU negotiation 591 for ingress internet traffic via IPv4, make 592 sure to allow type 3 ("Destination Unreachable") 593 code 4 ("Fragmentation Needed and Don''t 594 Fragment was Set"). If you need to specify 595 multiple codes for a single type, create 596 a separate security list rule for each.' 597 properties: 598 code: 599 description: The ICMP code (optional). 600 type: integer 601 type: 602 description: The ICMP type. 603 type: integer 604 type: object 605 isStateless: 606 description: A stateless rule allows traffic 607 in one direction. Remember to add a corresponding 608 stateless rule in the other direction if 609 you need to support bidirectional traffic. 610 For example, if egress traffic allows TCP 611 destination port 80, there should be an 612 ingress rule to allow TCP source port 80. 613 Defaults to false, which means the rule 614 is stateful and a corresponding rule is 615 not necessary for bidirectional traffic. 616 type: boolean 617 protocol: 618 description: The transport protocol. Specify 619 either `all` or an IPv4 protocol number 620 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 621 Options are supported only for ICMP ("1"), 622 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 623 type: string 624 tcpOptions: 625 description: TcpOptions Optional and valid 626 only for TCP. Use to specify particular 627 destination ports for TCP rules. If you 628 specify TCP as the protocol but omit this 629 object, then all destination ports are allowed. 630 properties: 631 destinationPortRange: 632 description: PortRange The representation 633 of PortRange. 634 properties: 635 max: 636 description: The maximum port number, 637 which must not be less than the 638 minimum port number. To specify 639 a single port number, set both the 640 min and max to the same value. 641 type: integer 642 min: 643 description: The minimum port number, 644 which must not be greater than the 645 maximum port number. 646 type: integer 647 type: object 648 sourcePortRange: 649 description: PortRange The representation 650 of PortRange. 651 properties: 652 max: 653 description: The maximum port number, 654 which must not be less than the 655 minimum port number. To specify 656 a single port number, set both the 657 min and max to the same value. 658 type: integer 659 min: 660 description: The minimum port number, 661 which must not be greater than the 662 maximum port number. 663 type: integer 664 type: object 665 type: object 666 udpOptions: 667 description: UdpOptions Optional and valid 668 only for UDP. Use to specify particular 669 destination ports for UDP rules. If you 670 specify UDP as the protocol but omit this 671 object, then all destination ports are allowed. 672 properties: 673 destinationPortRange: 674 description: PortRange The representation 675 of PortRange. 676 properties: 677 max: 678 description: The maximum port number, 679 which must not be less than the 680 minimum port number. To specify 681 a single port number, set both the 682 min and max to the same value. 683 type: integer 684 min: 685 description: The minimum port number, 686 which must not be greater than the 687 maximum port number. 688 type: integer 689 type: object 690 sourcePortRange: 691 description: PortRange The representation 692 of PortRange. 693 properties: 694 max: 695 description: The maximum port number, 696 which must not be less than the 697 minimum port number. To specify 698 a single port number, set both the 699 min and max to the same value. 700 type: integer 701 min: 702 description: The minimum port number, 703 which must not be greater than the 704 maximum port number. 705 type: integer 706 type: object 707 type: object 708 type: object 709 id: 710 description: 'EgressSecurityRule ID for NSG. Deprecated: 711 this field is not populated and used during 712 reconciliation' 713 type: string 714 type: object 715 type: array 716 id: 717 description: NSG OCID. 718 type: string 719 ingressRules: 720 description: IngressRules on the NSG. 721 items: 722 description: IngressSecurityRuleForNSG is IngressSecurityRule 723 for NSG 724 properties: 725 id: 726 description: 'IngressSecurityRule ID for NSG. 727 Deprecated: this field is not populated and 728 used during reconciliation' 729 type: string 730 ingressRule: 731 description: IngressSecurityRule A rule for allowing 732 inbound IP packets. 733 properties: 734 description: 735 description: An optional description of your 736 choice for the rule. 737 type: string 738 icmpOptions: 739 description: 'IcmpOptions Optional and valid 740 only for ICMP and ICMPv6. Use to specify 741 a particular ICMP type and code as defined 742 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 743 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 744 If you specify ICMP or ICMPv6 as the protocol 745 but omit this object, then all ICMP types 746 and codes are allowed. If you do provide 747 this object, the type is required and the 748 code is optional. To enable MTU negotiation 749 for ingress internet traffic via IPv4, make 750 sure to allow type 3 ("Destination Unreachable") 751 code 4 ("Fragmentation Needed and Don''t 752 Fragment was Set"). If you need to specify 753 multiple codes for a single type, create 754 a separate security list rule for each.' 755 properties: 756 code: 757 description: The ICMP code (optional). 758 type: integer 759 type: 760 description: The ICMP type. 761 type: integer 762 type: object 763 isStateless: 764 description: A stateless rule allows traffic 765 in one direction. Remember to add a corresponding 766 stateless rule in the other direction if 767 you need to support bidirectional traffic. 768 For example, if ingress traffic allows TCP 769 destination port 80, there should be an 770 egress rule to allow TCP source port 80. 771 Defaults to false, which means the rule 772 is stateful and a corresponding rule is 773 not necessary for bidirectional traffic. 774 type: boolean 775 protocol: 776 description: The transport protocol. Specify 777 either `all` or an IPv4 protocol number 778 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 779 Options are supported only for ICMP ("1"), 780 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 781 type: string 782 source: 783 description: 'Conceptually, this is the range 784 of IP addresses that a packet coming into 785 the instance can come from. Allowed values: 786 * IP address range in CIDR notation. For 787 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 788 IPv6 addressing is supported for all commercial 789 and government regions. See IPv6 Addresses 790 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 791 * The `cidrBlock` value for a Service, if 792 you''re setting up a security list rule 793 for traffic coming from a particular `Service` 794 through a service gateway. For example: 795 `oci-phx-objectstorage`.' 796 type: string 797 sourceType: 798 description: 'Type of source for the rule. 799 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 800 If the rule''s `source` is an IP address 801 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 802 If the rule''s `source` is the `cidrBlock` 803 value for a Service (the rule is for traffic 804 coming from a particular `Service` through 805 a service gateway).' 806 type: string 807 tcpOptions: 808 description: TcpOptions Optional and valid 809 only for TCP. Use to specify particular 810 destination ports for TCP rules. If you 811 specify TCP as the protocol but omit this 812 object, then all destination ports are allowed. 813 properties: 814 destinationPortRange: 815 description: PortRange The representation 816 of PortRange. 817 properties: 818 max: 819 description: The maximum port number, 820 which must not be less than the 821 minimum port number. To specify 822 a single port number, set both the 823 min and max to the same value. 824 type: integer 825 min: 826 description: The minimum port number, 827 which must not be greater than the 828 maximum port number. 829 type: integer 830 type: object 831 sourcePortRange: 832 description: PortRange The representation 833 of PortRange. 834 properties: 835 max: 836 description: The maximum port number, 837 which must not be less than the 838 minimum port number. To specify 839 a single port number, set both the 840 min and max to the same value. 841 type: integer 842 min: 843 description: The minimum port number, 844 which must not be greater than the 845 maximum port number. 846 type: integer 847 type: object 848 type: object 849 udpOptions: 850 description: UdpOptions Optional and valid 851 only for UDP. Use to specify particular 852 destination ports for UDP rules. If you 853 specify UDP as the protocol but omit this 854 object, then all destination ports are allowed. 855 properties: 856 destinationPortRange: 857 description: PortRange The representation 858 of PortRange. 859 properties: 860 max: 861 description: The maximum port number, 862 which must not be less than the 863 minimum port number. To specify 864 a single port number, set both the 865 min and max to the same value. 866 type: integer 867 min: 868 description: The minimum port number, 869 which must not be greater than the 870 maximum port number. 871 type: integer 872 type: object 873 sourcePortRange: 874 description: PortRange The representation 875 of PortRange. 876 properties: 877 max: 878 description: The maximum port number, 879 which must not be less than the 880 minimum port number. To specify 881 a single port number, set both the 882 min and max to the same value. 883 type: integer 884 min: 885 description: The minimum port number, 886 which must not be greater than the 887 maximum port number. 888 type: integer 889 type: object 890 type: object 891 type: object 892 type: object 893 type: array 894 name: 895 description: NSG Name. 896 type: string 897 role: 898 description: Role defines the NSG role (eg. control-plane, 899 control-plane-endpoint, service-lb, worker). 900 type: string 901 required: 902 - name 903 type: object 904 type: array 905 x-kubernetes-list-map-keys: 906 - name 907 x-kubernetes-list-type: map 908 privateRouteTableId: 909 description: ID of Private Route Table. 910 type: string 911 publicRouteTableId: 912 description: ID of Public Route Table. 913 type: string 914 serviceGatewayId: 915 description: ID of Service Gateway. 916 type: string 917 subnets: 918 description: Subnets is the configuration for subnets required 919 in the VCN. 920 items: 921 description: Subnet defines the configuration for a network's 922 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 923 properties: 924 cidr: 925 description: Subnet CIDR. 926 type: string 927 id: 928 description: Subnet OCID. 929 type: string 930 name: 931 description: Subnet Name. 932 type: string 933 role: 934 description: Role defines the subnet role (eg. control-plane, 935 control-plane-endpoint, service-lb, worker). 936 type: string 937 securityList: 938 description: The security list associated with Subnet. 939 properties: 940 egressRules: 941 description: EgressRules on the SecurityList. 942 items: 943 description: EgressSecurityRule A rule for allowing 944 outbound IP packets. 945 properties: 946 description: 947 description: An optional description of your 948 choice for the rule. 949 type: string 950 destination: 951 description: 'Conceptually, this is the range 952 of IP addresses that a packet originating 953 from the instance can go to. Allowed values: 954 * IP address range in CIDR notation. For 955 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 956 Note that IPv6 addressing is currently supported 957 only in certain regions. See IPv6 Addresses 958 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 959 * The `cidrBlock` value for a Service, if 960 you''re setting up a security list rule 961 for traffic destined for a particular `Service` 962 through a service gateway. For example: 963 `oci-phx-objectstorage`.' 964 type: string 965 destinationType: 966 description: 'Type of destination for the 967 rule. The default is `CIDR_BLOCK`. Allowed 968 values: * `CIDR_BLOCK`: If the rule''s `destination` 969 is an IP address range in CIDR notation. 970 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 971 is the `cidrBlock` value for a Service (the 972 rule is for traffic destined for a particular 973 `Service` through a service gateway).' 974 type: string 975 icmpOptions: 976 description: 'IcmpOptions Optional and valid 977 only for ICMP and ICMPv6. Use to specify 978 a particular ICMP type and code as defined 979 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 980 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 981 If you specify ICMP or ICMPv6 as the protocol 982 but omit this object, then all ICMP types 983 and codes are allowed. If you do provide 984 this object, the type is required and the 985 code is optional. To enable MTU negotiation 986 for ingress internet traffic via IPv4, make 987 sure to allow type 3 ("Destination Unreachable") 988 code 4 ("Fragmentation Needed and Don''t 989 Fragment was Set"). If you need to specify 990 multiple codes for a single type, create 991 a separate security list rule for each.' 992 properties: 993 code: 994 description: The ICMP code (optional). 995 type: integer 996 type: 997 description: The ICMP type. 998 type: integer 999 type: object 1000 isStateless: 1001 description: A stateless rule allows traffic 1002 in one direction. Remember to add a corresponding 1003 stateless rule in the other direction if 1004 you need to support bidirectional traffic. 1005 For example, if egress traffic allows TCP 1006 destination port 80, there should be an 1007 ingress rule to allow TCP source port 80. 1008 Defaults to false, which means the rule 1009 is stateful and a corresponding rule is 1010 not necessary for bidirectional traffic. 1011 type: boolean 1012 protocol: 1013 description: The transport protocol. Specify 1014 either `all` or an IPv4 protocol number 1015 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1016 Options are supported only for ICMP ("1"), 1017 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 1018 type: string 1019 tcpOptions: 1020 description: TcpOptions Optional and valid 1021 only for TCP. Use to specify particular 1022 destination ports for TCP rules. If you 1023 specify TCP as the protocol but omit this 1024 object, then all destination ports are allowed. 1025 properties: 1026 destinationPortRange: 1027 description: PortRange The representation 1028 of PortRange. 1029 properties: 1030 max: 1031 description: The maximum port number, 1032 which must not be less than the 1033 minimum port number. To specify 1034 a single port number, set both the 1035 min and max to the same value. 1036 type: integer 1037 min: 1038 description: The minimum port number, 1039 which must not be greater than the 1040 maximum port number. 1041 type: integer 1042 type: object 1043 sourcePortRange: 1044 description: PortRange The representation 1045 of PortRange. 1046 properties: 1047 max: 1048 description: The maximum port number, 1049 which must not be less than the 1050 minimum port number. To specify 1051 a single port number, set both the 1052 min and max to the same value. 1053 type: integer 1054 min: 1055 description: The minimum port number, 1056 which must not be greater than the 1057 maximum port number. 1058 type: integer 1059 type: object 1060 type: object 1061 udpOptions: 1062 description: UdpOptions Optional and valid 1063 only for UDP. Use to specify particular 1064 destination ports for UDP rules. If you 1065 specify UDP as the protocol but omit this 1066 object, then all destination ports are allowed. 1067 properties: 1068 destinationPortRange: 1069 description: PortRange The representation 1070 of PortRange. 1071 properties: 1072 max: 1073 description: The maximum port number, 1074 which must not be less than the 1075 minimum port number. To specify 1076 a single port number, set both the 1077 min and max to the same value. 1078 type: integer 1079 min: 1080 description: The minimum port number, 1081 which must not be greater than the 1082 maximum port number. 1083 type: integer 1084 type: object 1085 sourcePortRange: 1086 description: PortRange The representation 1087 of PortRange. 1088 properties: 1089 max: 1090 description: The maximum port number, 1091 which must not be less than the 1092 minimum port number. To specify 1093 a single port number, set both the 1094 min and max to the same value. 1095 type: integer 1096 min: 1097 description: The minimum port number, 1098 which must not be greater than the 1099 maximum port number. 1100 type: integer 1101 type: object 1102 type: object 1103 type: object 1104 type: array 1105 id: 1106 description: ID of the SecurityList. 1107 type: string 1108 ingressRules: 1109 description: IngressRules on the SecurityList. 1110 items: 1111 description: IngressSecurityRule A rule for allowing 1112 inbound IP packets. 1113 properties: 1114 description: 1115 description: An optional description of your 1116 choice for the rule. 1117 type: string 1118 icmpOptions: 1119 description: 'IcmpOptions Optional and valid 1120 only for ICMP and ICMPv6. Use to specify 1121 a particular ICMP type and code as defined 1122 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1123 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1124 If you specify ICMP or ICMPv6 as the protocol 1125 but omit this object, then all ICMP types 1126 and codes are allowed. If you do provide 1127 this object, the type is required and the 1128 code is optional. To enable MTU negotiation 1129 for ingress internet traffic via IPv4, make 1130 sure to allow type 3 ("Destination Unreachable") 1131 code 4 ("Fragmentation Needed and Don''t 1132 Fragment was Set"). If you need to specify 1133 multiple codes for a single type, create 1134 a separate security list rule for each.' 1135 properties: 1136 code: 1137 description: The ICMP code (optional). 1138 type: integer 1139 type: 1140 description: The ICMP type. 1141 type: integer 1142 type: object 1143 isStateless: 1144 description: A stateless rule allows traffic 1145 in one direction. Remember to add a corresponding 1146 stateless rule in the other direction if 1147 you need to support bidirectional traffic. 1148 For example, if ingress traffic allows TCP 1149 destination port 80, there should be an 1150 egress rule to allow TCP source port 80. 1151 Defaults to false, which means the rule 1152 is stateful and a corresponding rule is 1153 not necessary for bidirectional traffic. 1154 type: boolean 1155 protocol: 1156 description: The transport protocol. Specify 1157 either `all` or an IPv4 protocol number 1158 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1159 Options are supported only for ICMP ("1"), 1160 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 1161 type: string 1162 source: 1163 description: 'Conceptually, this is the range 1164 of IP addresses that a packet coming into 1165 the instance can come from. Allowed values: 1166 * IP address range in CIDR notation. For 1167 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 1168 IPv6 addressing is supported for all commercial 1169 and government regions. See IPv6 Addresses 1170 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1171 * The `cidrBlock` value for a Service, if 1172 you''re setting up a security list rule 1173 for traffic coming from a particular `Service` 1174 through a service gateway. For example: 1175 `oci-phx-objectstorage`.' 1176 type: string 1177 sourceType: 1178 description: 'Type of source for the rule. 1179 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 1180 If the rule''s `source` is an IP address 1181 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1182 If the rule''s `source` is the `cidrBlock` 1183 value for a Service (the rule is for traffic 1184 coming from a particular `Service` through 1185 a service gateway).' 1186 type: string 1187 tcpOptions: 1188 description: TcpOptions Optional and valid 1189 only for TCP. Use to specify particular 1190 destination ports for TCP rules. If you 1191 specify TCP as the protocol but omit this 1192 object, then all destination ports are allowed. 1193 properties: 1194 destinationPortRange: 1195 description: PortRange The representation 1196 of PortRange. 1197 properties: 1198 max: 1199 description: The maximum port number, 1200 which must not be less than the 1201 minimum port number. To specify 1202 a single port number, set both the 1203 min and max to the same value. 1204 type: integer 1205 min: 1206 description: The minimum port number, 1207 which must not be greater than the 1208 maximum port number. 1209 type: integer 1210 type: object 1211 sourcePortRange: 1212 description: PortRange The representation 1213 of PortRange. 1214 properties: 1215 max: 1216 description: The maximum port number, 1217 which must not be less than the 1218 minimum port number. To specify 1219 a single port number, set both the 1220 min and max to the same value. 1221 type: integer 1222 min: 1223 description: The minimum port number, 1224 which must not be greater than the 1225 maximum port number. 1226 type: integer 1227 type: object 1228 type: object 1229 udpOptions: 1230 description: UdpOptions Optional and valid 1231 only for UDP. Use to specify particular 1232 destination ports for UDP rules. If you 1233 specify UDP as the protocol but omit this 1234 object, then all destination ports are allowed. 1235 properties: 1236 destinationPortRange: 1237 description: PortRange The representation 1238 of PortRange. 1239 properties: 1240 max: 1241 description: The maximum port number, 1242 which must not be less than the 1243 minimum port number. To specify 1244 a single port number, set both the 1245 min and max to the same value. 1246 type: integer 1247 min: 1248 description: The minimum port number, 1249 which must not be greater than the 1250 maximum port number. 1251 type: integer 1252 type: object 1253 sourcePortRange: 1254 description: PortRange The representation 1255 of PortRange. 1256 properties: 1257 max: 1258 description: The maximum port number, 1259 which must not be less than the 1260 minimum port number. To specify 1261 a single port number, set both the 1262 min and max to the same value. 1263 type: integer 1264 min: 1265 description: The minimum port number, 1266 which must not be greater than the 1267 maximum port number. 1268 type: integer 1269 type: object 1270 type: object 1271 type: object 1272 type: array 1273 name: 1274 description: SecurityList Name. 1275 type: string 1276 type: object 1277 type: 1278 description: Type defines the subnet type (e.g. public, 1279 private). 1280 type: string 1281 required: 1282 - name 1283 - role 1284 type: object 1285 type: array 1286 x-kubernetes-list-map-keys: 1287 - name 1288 x-kubernetes-list-type: map 1289 type: object 1290 vcnPeering: 1291 description: VCNPeering configuration. 1292 properties: 1293 drg: 1294 description: DRG configuration refers to the DRG which has 1295 to be created if required. If management cluster and workload 1296 cluster shares the same DRG, this fields is not required 1297 to be specified. 1298 properties: 1299 id: 1300 description: ID is the OCID for the created DRG. 1301 type: string 1302 manage: 1303 description: Manage defines whether the DRG has to be 1304 managed(including create). If set to false(the default) 1305 the ID has to be specified by the user to a valid DRG 1306 ID to which the VCN has to be attached. 1307 type: boolean 1308 name: 1309 description: Name is the name of the created DRG. 1310 type: string 1311 vcnAttachmentId: 1312 description: VcnAttachmentId is the ID of the VCN attachment 1313 of the DRG. The workload cluster VCN can be attached 1314 to either the management cluster VCN if they are sharing 1315 the same DRG or to the workload cluster DRG. 1316 type: string 1317 type: object 1318 peerRouteRules: 1319 description: PeerRouteRules defines the routing rules which 1320 will be added to the private route tables of the workload 1321 cluster VCN. The routes defined here will be directed to 1322 DRG. 1323 items: 1324 description: PeerRouteRule defines a Route Rule to be routed 1325 via a DRG. 1326 properties: 1327 vcnCIDRRange: 1328 description: VCNCIDRRange is the CIDR Range of peer 1329 VCN to which the workload cluster VCN will be peered. 1330 The CIDR range is required to add the route rule in 1331 the workload cluster VCN, the route rule will forward 1332 any traffic to the CIDR to the DRG. 1333 type: string 1334 type: object 1335 type: array 1336 remotePeeringConnections: 1337 description: RemotePeeringConnections defines the RPC connections 1338 which be established with the workload cluster DRG. 1339 items: 1340 description: RemotePeeringConnection is used to peer VCNs 1341 residing in different regions(typically). Remote VCN Peering 1342 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 1343 properties: 1344 managePeerRPC: 1345 description: ManagePeerRPC will define if the Peer VCN 1346 needs to be managed. If set to true a Remote Peering 1347 Connection will be created in the Peer DRG and the 1348 connection will be created between local and peer 1349 RPC. 1350 type: boolean 1351 peerDRGId: 1352 description: PeerDRGId defines the DRG ID of the peer. 1353 type: string 1354 peerRPCConnectionId: 1355 description: PeerRPCConnectionId defines the RPC ID 1356 of peer. If ManagePeerRPC is set to true this will 1357 be created by Cluster API Provider for OCI, otherwise 1358 this has be defined by the user. 1359 type: string 1360 peerRegionName: 1361 description: PeerRegionName defined the region name 1362 of Peer VCN. 1363 type: string 1364 rpcConnectionId: 1365 description: RPCConnectionId is the connection ID of 1366 the connection between peer and local RPC. 1367 type: string 1368 type: object 1369 type: array 1370 type: object 1371 type: object 1372 ociResourceIdentifier: 1373 description: The unique ID which will be used to tag all the resources 1374 created by this Cluster. The tag will be used to identify resources 1375 belonging to this cluster. this will be auto-generated and should 1376 not be set by the user. 1377 type: string 1378 region: 1379 description: Region the cluster operates in. It must be one of available 1380 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 1381 type: string 1382 type: object 1383 status: 1384 description: OCIClusterStatus defines the observed state of OCICluster 1385 properties: 1386 availabilityDomains: 1387 additionalProperties: 1388 description: OCIAvailabilityDomain contains information about an 1389 Availability Domain (AD). 1390 properties: 1391 faultDomains: 1392 description: 'FaultDomains a list of fault domain (FD) names. 1393 Example: ["FAULT-DOMAIN-1"]' 1394 items: 1395 type: string 1396 type: array 1397 name: 1398 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 1399 type: string 1400 type: object 1401 description: AvailabilityDomains encapsulates the clusters Availability 1402 Domain (AD) information in a map where the map key is the AD name 1403 and the struct is details about the AD. 1404 type: object 1405 conditions: 1406 description: NetworkSpec encapsulates all things related to OCI network. 1407 items: 1408 description: Condition defines an observation of a Cluster API resource 1409 operational state. 1410 properties: 1411 lastTransitionTime: 1412 description: Last time the condition transitioned from one status 1413 to another. This should be when the underlying condition changed. 1414 If that is not known, then using the time when the API field 1415 changed is acceptable. 1416 format: date-time 1417 type: string 1418 message: 1419 description: A human readable message indicating details about 1420 the transition. This field may be empty. 1421 type: string 1422 reason: 1423 description: The reason for the condition's last transition 1424 in CamelCase. The specific API may choose whether or not this 1425 field is considered a guaranteed API. This field may not be 1426 empty. 1427 type: string 1428 severity: 1429 description: Severity provides an explicit classification of 1430 Reason code, so the users or machines can immediately understand 1431 the current situation and act accordingly. The Severity field 1432 MUST be set only when Status=False. 1433 type: string 1434 status: 1435 description: Status of the condition, one of True, False, Unknown. 1436 type: string 1437 type: 1438 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1439 Many .condition.type values are consistent across resources 1440 like Available, but because arbitrary conditions can be useful 1441 (see .node.status.conditions), the ability to deconflict is 1442 important. 1443 type: string 1444 required: 1445 - lastTransitionTime 1446 - status 1447 - type 1448 type: object 1449 type: array 1450 failureDomains: 1451 additionalProperties: 1452 description: FailureDomainSpec is the Schema for Cluster API failure 1453 domains. It allows controllers to understand how many failure 1454 domains a cluster can optionally span across. 1455 properties: 1456 attributes: 1457 additionalProperties: 1458 type: string 1459 description: Attributes is a free form map of attributes an 1460 infrastructure provider might use or require. 1461 type: object 1462 controlPlane: 1463 description: ControlPlane determines if this failure domain 1464 is suitable for use by control plane machines. 1465 type: boolean 1466 type: object 1467 description: FailureDomains is a slice of FailureDomains. 1468 type: object 1469 ready: 1470 type: boolean 1471 type: object 1472 type: object 1473 served: true 1474 storage: false 1475 subresources: 1476 status: {} 1477 - name: v1beta2 1478 schema: 1479 openAPIV3Schema: 1480 description: OCICluster is the Schema for the ociclusters API. 1481 properties: 1482 apiVersion: 1483 description: 'APIVersion defines the versioned schema of this representation 1484 of an object. Servers should convert recognized schemas to the latest 1485 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1486 type: string 1487 kind: 1488 description: 'Kind is a string value representing the REST resource this 1489 object represents. Servers may infer this from the endpoint the client 1490 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1491 type: string 1492 metadata: 1493 type: object 1494 spec: 1495 description: OCIClusterSpec defines the desired state of OciCluster 1496 properties: 1497 availabilityDomains: 1498 additionalProperties: 1499 description: OCIAvailabilityDomain contains information about an 1500 Availability Domain (AD). 1501 properties: 1502 faultDomains: 1503 description: 'FaultDomains a list of fault domain (FD) names. 1504 Example: ["FAULT-DOMAIN-1"]' 1505 items: 1506 type: string 1507 type: array 1508 name: 1509 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 1510 type: string 1511 type: object 1512 description: AvailabilityDomains encapsulates the clusters Availability 1513 Domain (AD) information in a map where the map key is the AD name 1514 and the struct is details about the AD. 1515 type: object 1516 clientOverrides: 1517 description: ClientOverrides allows the default client SDK URLs to 1518 be changed. 1519 nullable: true 1520 properties: 1521 certOverride: 1522 description: CertOverride is a secret that contains information 1523 about a cert override used by all the OCI SDK clients. The secret 1524 must contain data with a `cert`property. 1525 nullable: true 1526 properties: 1527 name: 1528 description: name is unique within a namespace to reference 1529 a secret resource. 1530 type: string 1531 namespace: 1532 description: namespace defines the space within which the 1533 secret name must be unique. 1534 type: string 1535 type: object 1536 x-kubernetes-map-type: atomic 1537 computeClientUrl: 1538 description: ComputeClientUrl allows the default compute SDK client 1539 URL to be changed. 1540 nullable: true 1541 type: string 1542 computeManagementClientUrl: 1543 description: ComputeManagementClientUrl allows the default compute 1544 management SDK client URL to be changed. 1545 nullable: true 1546 type: string 1547 containerEngineClientUrl: 1548 description: ContainerEngineClientUrl allows the default container 1549 engine SDK client URL to be changed. 1550 nullable: true 1551 type: string 1552 identityClientUrl: 1553 description: IdentityClientUrl allows the default identity SDK 1554 client URL to be changed. 1555 nullable: true 1556 type: string 1557 loadBalancerClientUrl: 1558 description: LoadBalancerClientUrl allows the default load balancer 1559 SDK client URL to be changed. 1560 nullable: true 1561 type: string 1562 networkLoadBalancerClientUrl: 1563 description: NetworkLoadBalancerClientUrl allows the default NLB 1564 SDK client URL to be changed. 1565 nullable: true 1566 type: string 1567 vCNClientUrl: 1568 description: VCNClientUrl allows the default vcn SDK client URL 1569 to be changed. 1570 nullable: true 1571 type: string 1572 type: object 1573 compartmentId: 1574 description: Compartment to create the cluster network. 1575 type: string 1576 controlPlaneEndpoint: 1577 description: ControlPlaneEndpoint represents the endpoint used to 1578 communicate with the control plane. 1579 properties: 1580 host: 1581 description: The hostname on which the API server is serving. 1582 type: string 1583 port: 1584 description: The port on which the API server is serving. 1585 format: int32 1586 type: integer 1587 required: 1588 - host 1589 - port 1590 type: object 1591 definedTags: 1592 additionalProperties: 1593 additionalProperties: 1594 type: string 1595 type: object 1596 description: 'Defined tags for this resource. Each key is predefined 1597 and scoped to a namespace. For more information, see Resource Tags 1598 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 1599 Example: `{"Operations": {"CostCenter": "42"}}`' 1600 type: object 1601 freeformTags: 1602 additionalProperties: 1603 type: string 1604 description: Free-form tags for this resource. 1605 type: object 1606 identityRef: 1607 description: IdentityRef is a reference to an identity(principal) 1608 to be used when reconciling this cluster 1609 properties: 1610 apiVersion: 1611 description: API version of the referent. 1612 type: string 1613 fieldPath: 1614 description: 'If referring to a piece of an object instead of 1615 an entire object, this string should contain a valid JSON/Go 1616 field access statement, such as desiredState.manifest.containers[2]. 1617 For example, if the object reference is to a container within 1618 a pod, this would take on a value like: "spec.containers{name}" 1619 (where "name" refers to the name of the container that triggered 1620 the event) or if no container name is specified "spec.containers[2]" 1621 (container with index 2 in this pod). This syntax is chosen 1622 only to have some well-defined way of referencing a part of 1623 an object. TODO: this design is not final and this field is 1624 subject to change in the future.' 1625 type: string 1626 kind: 1627 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1628 type: string 1629 name: 1630 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1631 type: string 1632 namespace: 1633 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 1634 type: string 1635 resourceVersion: 1636 description: 'Specific resourceVersion to which this reference 1637 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 1638 type: string 1639 uid: 1640 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 1641 type: string 1642 type: object 1643 x-kubernetes-map-type: atomic 1644 networkSpec: 1645 description: NetworkSpec encapsulates all things related to OCI network. 1646 properties: 1647 apiServerLoadBalancer: 1648 description: API Server LB configuration. 1649 properties: 1650 loadBalancerId: 1651 description: ID of Load Balancer. 1652 type: string 1653 loadBalancerType: 1654 description: 'Type of Load Balancer: NLB (default) or LBaaS.' 1655 type: string 1656 name: 1657 description: LoadBalancer Name. 1658 type: string 1659 type: object 1660 skipNetworkManagement: 1661 description: SkipNetworkManagement defines if the networking spec(VCN 1662 related) specified by the user needs to be reconciled(actioned-upon) 1663 or used as it is. APIServerLB will still be reconciled. 1664 type: boolean 1665 vcn: 1666 description: VCN configuration. 1667 properties: 1668 cidr: 1669 description: VCN CIDR. 1670 type: string 1671 id: 1672 description: VCN OCID. 1673 type: string 1674 internetGateway: 1675 description: Configuration for Internet Gateway. 1676 properties: 1677 id: 1678 description: ID of Internet Gateway. 1679 type: string 1680 skip: 1681 description: Skip specifies whether to skip creating internet 1682 gateway even if any one Subnet is public. 1683 type: boolean 1684 type: object 1685 name: 1686 description: VCN Name. 1687 type: string 1688 natGateway: 1689 description: Configuration for NAT Gateway. 1690 properties: 1691 id: 1692 description: ID of Nat Gateway. 1693 type: string 1694 skip: 1695 description: Skip specifies whether to skip creating NAT 1696 gateway even if any one Subnet is private. 1697 type: boolean 1698 type: object 1699 networkSecurityGroup: 1700 description: Configuration for NSG management. 1701 properties: 1702 list: 1703 description: NetworkSecurityGroup is the configuration 1704 for the Network Security Groups required in the VCN. 1705 items: 1706 description: NSG defines configuration for a Network 1707 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 1708 properties: 1709 egressRules: 1710 description: EgressRules on the NSG. 1711 items: 1712 description: EgressSecurityRuleForNSG is EgressSecurityRule 1713 for NSG. 1714 properties: 1715 egressRule: 1716 description: EgressSecurityRule A rule for 1717 allowing outbound IP packets. 1718 properties: 1719 description: 1720 description: An optional description of 1721 your choice for the rule. 1722 type: string 1723 destination: 1724 description: 'Conceptually, this is the 1725 range of IP addresses that a packet 1726 originating from the instance can go 1727 to. Allowed values: * IP address range 1728 in CIDR notation. For example: `192.168.1.0/24` 1729 or `2001:0db8:0123:45::/56` Note that 1730 IPv6 addressing is currently supported 1731 only in certain regions. See IPv6 Addresses 1732 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1733 * The `cidrBlock` value for a Service, 1734 if you''re setting up a security list 1735 rule for traffic destined for a particular 1736 `Service` through a service gateway. 1737 For example: `oci-phx-objectstorage`.' 1738 type: string 1739 destinationType: 1740 description: 'Type of destination for 1741 the rule. The default is `CIDR_BLOCK`. 1742 Allowed values: * `CIDR_BLOCK`: If the 1743 rule''s `destination` is an IP address 1744 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1745 If the rule''s `destination` is the 1746 `cidrBlock` value for a Service (the 1747 rule is for traffic destined for a particular 1748 `Service` through a service gateway).' 1749 type: string 1750 icmpOptions: 1751 description: 'IcmpOptions Optional and 1752 valid only for ICMP and ICMPv6. Use 1753 to specify a particular ICMP type and 1754 code as defined in: - ICMP Parameters 1755 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1756 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1757 If you specify ICMP or ICMPv6 as the 1758 protocol but omit this object, then 1759 all ICMP types and codes are allowed. 1760 If you do provide this object, the type 1761 is required and the code is optional. 1762 To enable MTU negotiation for ingress 1763 internet traffic via IPv4, make sure 1764 to allow type 3 ("Destination Unreachable") 1765 code 4 ("Fragmentation Needed and Don''t 1766 Fragment was Set"). If you need to specify 1767 multiple codes for a single type, create 1768 a separate security list rule for each.' 1769 properties: 1770 code: 1771 description: The ICMP code (optional). 1772 type: integer 1773 type: 1774 description: The ICMP type. 1775 type: integer 1776 type: object 1777 isStateless: 1778 description: A stateless rule allows traffic 1779 in one direction. Remember to add a 1780 corresponding stateless rule in the 1781 other direction if you need to support 1782 bidirectional traffic. For example, 1783 if egress traffic allows TCP destination 1784 port 80, there should be an ingress 1785 rule to allow TCP source port 80. Defaults 1786 to false, which means the rule is stateful 1787 and a corresponding rule is not necessary 1788 for bidirectional traffic. 1789 type: boolean 1790 protocol: 1791 description: The transport protocol. Specify 1792 either `all` or an IPv4 protocol number 1793 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1794 Options are supported only for ICMP 1795 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 1796 ("58"). 1797 type: string 1798 tcpOptions: 1799 description: TcpOptions Optional and valid 1800 only for TCP. Use to specify particular 1801 destination ports for TCP rules. If 1802 you specify TCP as the protocol but 1803 omit this object, then all destination 1804 ports are allowed. 1805 properties: 1806 destinationPortRange: 1807 description: PortRange The representation 1808 of PortRange. 1809 properties: 1810 max: 1811 description: The maximum port 1812 number, which must not be less 1813 than the minimum port number. 1814 To specify a single port number, 1815 set both the min and max to 1816 the same value. 1817 type: integer 1818 min: 1819 description: The minimum port 1820 number, which must not be greater 1821 than the maximum port number. 1822 type: integer 1823 type: object 1824 sourcePortRange: 1825 description: PortRange The representation 1826 of PortRange. 1827 properties: 1828 max: 1829 description: The maximum port 1830 number, which must not be less 1831 than the minimum port number. 1832 To specify a single port number, 1833 set both the min and max to 1834 the same value. 1835 type: integer 1836 min: 1837 description: The minimum port 1838 number, which must not be greater 1839 than the maximum port number. 1840 type: integer 1841 type: object 1842 type: object 1843 udpOptions: 1844 description: UdpOptions Optional and valid 1845 only for UDP. Use to specify particular 1846 destination ports for UDP rules. If 1847 you specify UDP as the protocol but 1848 omit this object, then all destination 1849 ports are allowed. 1850 properties: 1851 destinationPortRange: 1852 description: PortRange The representation 1853 of PortRange. 1854 properties: 1855 max: 1856 description: The maximum port 1857 number, which must not be less 1858 than the minimum port number. 1859 To specify a single port number, 1860 set both the min and max to 1861 the same value. 1862 type: integer 1863 min: 1864 description: The minimum port 1865 number, which must not be greater 1866 than the maximum port number. 1867 type: integer 1868 type: object 1869 sourcePortRange: 1870 description: PortRange The representation 1871 of PortRange. 1872 properties: 1873 max: 1874 description: The maximum port 1875 number, which must not be less 1876 than the minimum port number. 1877 To specify a single port number, 1878 set both the min and max to 1879 the same value. 1880 type: integer 1881 min: 1882 description: The minimum port 1883 number, which must not be greater 1884 than the maximum port number. 1885 type: integer 1886 type: object 1887 type: object 1888 type: object 1889 type: object 1890 type: array 1891 id: 1892 description: NSG OCID. 1893 type: string 1894 ingressRules: 1895 description: IngressRules on the NSG. 1896 items: 1897 description: IngressSecurityRuleForNSG is IngressSecurityRule 1898 for NSG 1899 properties: 1900 ingressRule: 1901 description: IngressSecurityRule A rule for 1902 allowing inbound IP packets. 1903 properties: 1904 description: 1905 description: An optional description of 1906 your choice for the rule. 1907 type: string 1908 icmpOptions: 1909 description: 'IcmpOptions Optional and 1910 valid only for ICMP and ICMPv6. Use 1911 to specify a particular ICMP type and 1912 code as defined in: - ICMP Parameters 1913 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 1914 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 1915 If you specify ICMP or ICMPv6 as the 1916 protocol but omit this object, then 1917 all ICMP types and codes are allowed. 1918 If you do provide this object, the type 1919 is required and the code is optional. 1920 To enable MTU negotiation for ingress 1921 internet traffic via IPv4, make sure 1922 to allow type 3 ("Destination Unreachable") 1923 code 4 ("Fragmentation Needed and Don''t 1924 Fragment was Set"). If you need to specify 1925 multiple codes for a single type, create 1926 a separate security list rule for each.' 1927 properties: 1928 code: 1929 description: The ICMP code (optional). 1930 type: integer 1931 type: 1932 description: The ICMP type. 1933 type: integer 1934 type: object 1935 isStateless: 1936 description: A stateless rule allows traffic 1937 in one direction. Remember to add a 1938 corresponding stateless rule in the 1939 other direction if you need to support 1940 bidirectional traffic. For example, 1941 if ingress traffic allows TCP destination 1942 port 80, there should be an egress rule 1943 to allow TCP source port 80. Defaults 1944 to false, which means the rule is stateful 1945 and a corresponding rule is not necessary 1946 for bidirectional traffic. 1947 type: boolean 1948 protocol: 1949 description: The transport protocol. Specify 1950 either `all` or an IPv4 protocol number 1951 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 1952 Options are supported only for ICMP 1953 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 1954 ("58"). 1955 type: string 1956 source: 1957 description: 'Conceptually, this is the 1958 range of IP addresses that a packet 1959 coming into the instance can come from. 1960 Allowed values: * IP address range in 1961 CIDR notation. For example: `192.168.1.0/24` 1962 or `2001:0db8:0123:45::/56`. IPv6 addressing 1963 is supported for all commercial and 1964 government regions. See IPv6 Addresses 1965 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 1966 * The `cidrBlock` value for a Service, 1967 if you''re setting up a security list 1968 rule for traffic coming from a particular 1969 `Service` through a service gateway. 1970 For example: `oci-phx-objectstorage`.' 1971 type: string 1972 sourceType: 1973 description: 'Type of source for the rule. 1974 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 1975 If the rule''s `source` is an IP address 1976 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 1977 If the rule''s `source` is the `cidrBlock` 1978 value for a Service (the rule is for 1979 traffic coming from a particular `Service` 1980 through a service gateway).' 1981 type: string 1982 tcpOptions: 1983 description: TcpOptions Optional and valid 1984 only for TCP. Use to specify particular 1985 destination ports for TCP rules. If 1986 you specify TCP as the protocol but 1987 omit this object, then all destination 1988 ports are allowed. 1989 properties: 1990 destinationPortRange: 1991 description: PortRange The representation 1992 of PortRange. 1993 properties: 1994 max: 1995 description: The maximum port 1996 number, which must not be less 1997 than the minimum port number. 1998 To specify a single port number, 1999 set both the min and max to 2000 the same value. 2001 type: integer 2002 min: 2003 description: The minimum port 2004 number, which must not be greater 2005 than the maximum port number. 2006 type: integer 2007 type: object 2008 sourcePortRange: 2009 description: PortRange The representation 2010 of PortRange. 2011 properties: 2012 max: 2013 description: The maximum port 2014 number, which must not be less 2015 than the minimum port number. 2016 To specify a single port number, 2017 set both the min and max to 2018 the same value. 2019 type: integer 2020 min: 2021 description: The minimum port 2022 number, which must not be greater 2023 than the maximum port number. 2024 type: integer 2025 type: object 2026 type: object 2027 udpOptions: 2028 description: UdpOptions Optional and valid 2029 only for UDP. Use to specify particular 2030 destination ports for UDP rules. If 2031 you specify UDP as the protocol but 2032 omit this object, then all destination 2033 ports are allowed. 2034 properties: 2035 destinationPortRange: 2036 description: PortRange The representation 2037 of PortRange. 2038 properties: 2039 max: 2040 description: The maximum port 2041 number, which must not be less 2042 than the minimum port number. 2043 To specify a single port number, 2044 set both the min and max to 2045 the same value. 2046 type: integer 2047 min: 2048 description: The minimum port 2049 number, which must not be greater 2050 than the maximum port number. 2051 type: integer 2052 type: object 2053 sourcePortRange: 2054 description: PortRange The representation 2055 of PortRange. 2056 properties: 2057 max: 2058 description: The maximum port 2059 number, which must not be less 2060 than the minimum port number. 2061 To specify a single port number, 2062 set both the min and max to 2063 the same value. 2064 type: integer 2065 min: 2066 description: The minimum port 2067 number, which must not be greater 2068 than the maximum port number. 2069 type: integer 2070 type: object 2071 type: object 2072 type: object 2073 type: object 2074 type: array 2075 name: 2076 description: NSG Name. 2077 type: string 2078 role: 2079 description: Role defines the NSG role (eg. control-plane, 2080 control-plane-endpoint, service-lb, worker). 2081 type: string 2082 required: 2083 - name 2084 type: object 2085 type: array 2086 x-kubernetes-list-map-keys: 2087 - name 2088 x-kubernetes-list-type: map 2089 skip: 2090 description: Skip specifies whether to skip creating network 2091 security groups. 2092 type: boolean 2093 type: object 2094 routeTable: 2095 description: Configuration for Route table. 2096 properties: 2097 privateRouteTableId: 2098 description: ID of Private Route Table. 2099 type: string 2100 publicRouteTableId: 2101 description: ID of Public Route Table. 2102 type: string 2103 skip: 2104 description: Skip specifies whether to skip creating Route 2105 table. 2106 type: boolean 2107 type: object 2108 serviceGateway: 2109 description: Configuration for Service Gateway. 2110 properties: 2111 id: 2112 description: ID of Service Gateway. 2113 type: string 2114 skip: 2115 description: Skip specifies whether to skip creating Service 2116 gateway. 2117 type: boolean 2118 type: object 2119 subnets: 2120 description: Subnets is the configuration for subnets required 2121 in the VCN. 2122 items: 2123 description: Subnet defines the configuration for a network's 2124 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 2125 properties: 2126 cidr: 2127 description: Subnet CIDR. 2128 type: string 2129 id: 2130 description: Subnet OCID. 2131 type: string 2132 name: 2133 description: Subnet Name. 2134 type: string 2135 role: 2136 description: Role defines the subnet role (eg. control-plane, 2137 control-plane-endpoint, service-lb, worker). 2138 type: string 2139 securityList: 2140 description: The security list associated with Subnet. 2141 properties: 2142 egressRules: 2143 description: EgressRules on the SecurityList. 2144 items: 2145 description: EgressSecurityRule A rule for allowing 2146 outbound IP packets. 2147 properties: 2148 description: 2149 description: An optional description of your 2150 choice for the rule. 2151 type: string 2152 destination: 2153 description: 'Conceptually, this is the range 2154 of IP addresses that a packet originating 2155 from the instance can go to. Allowed values: 2156 * IP address range in CIDR notation. For 2157 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 2158 Note that IPv6 addressing is currently supported 2159 only in certain regions. See IPv6 Addresses 2160 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2161 * The `cidrBlock` value for a Service, if 2162 you''re setting up a security list rule 2163 for traffic destined for a particular `Service` 2164 through a service gateway. For example: 2165 `oci-phx-objectstorage`.' 2166 type: string 2167 destinationType: 2168 description: 'Type of destination for the 2169 rule. The default is `CIDR_BLOCK`. Allowed 2170 values: * `CIDR_BLOCK`: If the rule''s `destination` 2171 is an IP address range in CIDR notation. 2172 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 2173 is the `cidrBlock` value for a Service (the 2174 rule is for traffic destined for a particular 2175 `Service` through a service gateway).' 2176 type: string 2177 icmpOptions: 2178 description: 'IcmpOptions Optional and valid 2179 only for ICMP and ICMPv6. Use to specify 2180 a particular ICMP type and code as defined 2181 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2182 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2183 If you specify ICMP or ICMPv6 as the protocol 2184 but omit this object, then all ICMP types 2185 and codes are allowed. If you do provide 2186 this object, the type is required and the 2187 code is optional. To enable MTU negotiation 2188 for ingress internet traffic via IPv4, make 2189 sure to allow type 3 ("Destination Unreachable") 2190 code 4 ("Fragmentation Needed and Don''t 2191 Fragment was Set"). If you need to specify 2192 multiple codes for a single type, create 2193 a separate security list rule for each.' 2194 properties: 2195 code: 2196 description: The ICMP code (optional). 2197 type: integer 2198 type: 2199 description: The ICMP type. 2200 type: integer 2201 type: object 2202 isStateless: 2203 description: A stateless rule allows traffic 2204 in one direction. Remember to add a corresponding 2205 stateless rule in the other direction if 2206 you need to support bidirectional traffic. 2207 For example, if egress traffic allows TCP 2208 destination port 80, there should be an 2209 ingress rule to allow TCP source port 80. 2210 Defaults to false, which means the rule 2211 is stateful and a corresponding rule is 2212 not necessary for bidirectional traffic. 2213 type: boolean 2214 protocol: 2215 description: The transport protocol. Specify 2216 either `all` or an IPv4 protocol number 2217 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2218 Options are supported only for ICMP ("1"), 2219 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 2220 type: string 2221 tcpOptions: 2222 description: TcpOptions Optional and valid 2223 only for TCP. Use to specify particular 2224 destination ports for TCP rules. If you 2225 specify TCP as the protocol but omit this 2226 object, then all destination ports are allowed. 2227 properties: 2228 destinationPortRange: 2229 description: PortRange The representation 2230 of PortRange. 2231 properties: 2232 max: 2233 description: The maximum port number, 2234 which must not be less than the 2235 minimum port number. To specify 2236 a single port number, set both the 2237 min and max to the same value. 2238 type: integer 2239 min: 2240 description: The minimum port number, 2241 which must not be greater than the 2242 maximum port number. 2243 type: integer 2244 type: object 2245 sourcePortRange: 2246 description: PortRange The representation 2247 of PortRange. 2248 properties: 2249 max: 2250 description: The maximum port number, 2251 which must not be less than the 2252 minimum port number. To specify 2253 a single port number, set both the 2254 min and max to the same value. 2255 type: integer 2256 min: 2257 description: The minimum port number, 2258 which must not be greater than the 2259 maximum port number. 2260 type: integer 2261 type: object 2262 type: object 2263 udpOptions: 2264 description: UdpOptions Optional and valid 2265 only for UDP. Use to specify particular 2266 destination ports for UDP rules. If you 2267 specify UDP as the protocol but omit this 2268 object, then all destination ports are allowed. 2269 properties: 2270 destinationPortRange: 2271 description: PortRange The representation 2272 of PortRange. 2273 properties: 2274 max: 2275 description: The maximum port number, 2276 which must not be less than the 2277 minimum port number. To specify 2278 a single port number, set both the 2279 min and max to the same value. 2280 type: integer 2281 min: 2282 description: The minimum port number, 2283 which must not be greater than the 2284 maximum port number. 2285 type: integer 2286 type: object 2287 sourcePortRange: 2288 description: PortRange The representation 2289 of PortRange. 2290 properties: 2291 max: 2292 description: The maximum port number, 2293 which must not be less than the 2294 minimum port number. To specify 2295 a single port number, set both the 2296 min and max to the same value. 2297 type: integer 2298 min: 2299 description: The minimum port number, 2300 which must not be greater than the 2301 maximum port number. 2302 type: integer 2303 type: object 2304 type: object 2305 type: object 2306 type: array 2307 id: 2308 description: ID of the SecurityList. 2309 type: string 2310 ingressRules: 2311 description: IngressRules on the SecurityList. 2312 items: 2313 description: IngressSecurityRule A rule for allowing 2314 inbound IP packets. 2315 properties: 2316 description: 2317 description: An optional description of your 2318 choice for the rule. 2319 type: string 2320 icmpOptions: 2321 description: 'IcmpOptions Optional and valid 2322 only for ICMP and ICMPv6. Use to specify 2323 a particular ICMP type and code as defined 2324 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2325 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2326 If you specify ICMP or ICMPv6 as the protocol 2327 but omit this object, then all ICMP types 2328 and codes are allowed. If you do provide 2329 this object, the type is required and the 2330 code is optional. To enable MTU negotiation 2331 for ingress internet traffic via IPv4, make 2332 sure to allow type 3 ("Destination Unreachable") 2333 code 4 ("Fragmentation Needed and Don''t 2334 Fragment was Set"). If you need to specify 2335 multiple codes for a single type, create 2336 a separate security list rule for each.' 2337 properties: 2338 code: 2339 description: The ICMP code (optional). 2340 type: integer 2341 type: 2342 description: The ICMP type. 2343 type: integer 2344 type: object 2345 isStateless: 2346 description: A stateless rule allows traffic 2347 in one direction. Remember to add a corresponding 2348 stateless rule in the other direction if 2349 you need to support bidirectional traffic. 2350 For example, if ingress traffic allows TCP 2351 destination port 80, there should be an 2352 egress rule to allow TCP source port 80. 2353 Defaults to false, which means the rule 2354 is stateful and a corresponding rule is 2355 not necessary for bidirectional traffic. 2356 type: boolean 2357 protocol: 2358 description: The transport protocol. Specify 2359 either `all` or an IPv4 protocol number 2360 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2361 Options are supported only for ICMP ("1"), 2362 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 2363 type: string 2364 source: 2365 description: 'Conceptually, this is the range 2366 of IP addresses that a packet coming into 2367 the instance can come from. Allowed values: 2368 * IP address range in CIDR notation. For 2369 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 2370 IPv6 addressing is supported for all commercial 2371 and government regions. See IPv6 Addresses 2372 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2373 * The `cidrBlock` value for a Service, if 2374 you''re setting up a security list rule 2375 for traffic coming from a particular `Service` 2376 through a service gateway. For example: 2377 `oci-phx-objectstorage`.' 2378 type: string 2379 sourceType: 2380 description: 'Type of source for the rule. 2381 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 2382 If the rule''s `source` is an IP address 2383 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 2384 If the rule''s `source` is the `cidrBlock` 2385 value for a Service (the rule is for traffic 2386 coming from a particular `Service` through 2387 a service gateway).' 2388 type: string 2389 tcpOptions: 2390 description: TcpOptions Optional and valid 2391 only for TCP. Use to specify particular 2392 destination ports for TCP rules. If you 2393 specify TCP as the protocol but omit this 2394 object, then all destination ports are allowed. 2395 properties: 2396 destinationPortRange: 2397 description: PortRange The representation 2398 of PortRange. 2399 properties: 2400 max: 2401 description: The maximum port number, 2402 which must not be less than the 2403 minimum port number. To specify 2404 a single port number, set both the 2405 min and max to the same value. 2406 type: integer 2407 min: 2408 description: The minimum port number, 2409 which must not be greater than the 2410 maximum port number. 2411 type: integer 2412 type: object 2413 sourcePortRange: 2414 description: PortRange The representation 2415 of PortRange. 2416 properties: 2417 max: 2418 description: The maximum port number, 2419 which must not be less than the 2420 minimum port number. To specify 2421 a single port number, set both the 2422 min and max to the same value. 2423 type: integer 2424 min: 2425 description: The minimum port number, 2426 which must not be greater than the 2427 maximum port number. 2428 type: integer 2429 type: object 2430 type: object 2431 udpOptions: 2432 description: UdpOptions Optional and valid 2433 only for UDP. Use to specify particular 2434 destination ports for UDP rules. If you 2435 specify UDP as the protocol but omit this 2436 object, then all destination ports are allowed. 2437 properties: 2438 destinationPortRange: 2439 description: PortRange The representation 2440 of PortRange. 2441 properties: 2442 max: 2443 description: The maximum port number, 2444 which must not be less than the 2445 minimum port number. To specify 2446 a single port number, set both the 2447 min and max to the same value. 2448 type: integer 2449 min: 2450 description: The minimum port number, 2451 which must not be greater than the 2452 maximum port number. 2453 type: integer 2454 type: object 2455 sourcePortRange: 2456 description: PortRange The representation 2457 of PortRange. 2458 properties: 2459 max: 2460 description: The maximum port number, 2461 which must not be less than the 2462 minimum port number. To specify 2463 a single port number, set both the 2464 min and max to the same value. 2465 type: integer 2466 min: 2467 description: The minimum port number, 2468 which must not be greater than the 2469 maximum port number. 2470 type: integer 2471 type: object 2472 type: object 2473 type: object 2474 type: array 2475 name: 2476 description: SecurityList Name. 2477 type: string 2478 type: object 2479 type: 2480 description: Type defines the subnet type (e.g. public, 2481 private). 2482 type: string 2483 required: 2484 - name 2485 - role 2486 type: object 2487 type: array 2488 x-kubernetes-list-map-keys: 2489 - name 2490 x-kubernetes-list-type: map 2491 type: object 2492 vcnPeering: 2493 description: VCNPeering configuration. 2494 properties: 2495 drg: 2496 description: DRG configuration refers to the DRG which has 2497 to be created if required. If management cluster and workload 2498 cluster shares the same DRG, this fields is not required 2499 to be specified. 2500 properties: 2501 id: 2502 description: ID is the OCID for the created DRG. 2503 type: string 2504 manage: 2505 description: Manage defines whether the DRG has to be 2506 managed(including create). If set to false(the default) 2507 the ID has to be specified by the user to a valid DRG 2508 ID to which the VCN has to be attached. 2509 type: boolean 2510 name: 2511 description: Name is the name of the created DRG. 2512 type: string 2513 vcnAttachmentId: 2514 description: VcnAttachmentId is the ID of the VCN attachment 2515 of the DRG. The workload cluster VCN can be attached 2516 to either the management cluster VCN if they are sharing 2517 the same DRG or to the workload cluster DRG. 2518 type: string 2519 type: object 2520 peerRouteRules: 2521 description: PeerRouteRules defines the routing rules which 2522 will be added to the private route tables of the workload 2523 cluster VCN. The routes defined here will be directed to 2524 DRG. 2525 items: 2526 description: PeerRouteRule defines a Route Rule to be routed 2527 via a DRG. 2528 properties: 2529 vcnCIDRRange: 2530 description: VCNCIDRRange is the CIDR Range of peer 2531 VCN to which the workload cluster VCN will be peered. 2532 The CIDR range is required to add the route rule in 2533 the workload cluster VCN, the route rule will forward 2534 any traffic to the CIDR to the DRG. 2535 type: string 2536 type: object 2537 type: array 2538 remotePeeringConnections: 2539 description: RemotePeeringConnections defines the RPC connections 2540 which be established with the workload cluster DRG. 2541 items: 2542 description: RemotePeeringConnection is used to peer VCNs 2543 residing in different regions(typically). Remote VCN Peering 2544 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 2545 properties: 2546 managePeerRPC: 2547 description: ManagePeerRPC will define if the Peer VCN 2548 needs to be managed. If set to true a Remote Peering 2549 Connection will be created in the Peer DRG and the 2550 connection will be created between local and peer 2551 RPC. 2552 type: boolean 2553 peerDRGId: 2554 description: PeerDRGId defines the DRG ID of the peer. 2555 type: string 2556 peerRPCConnectionId: 2557 description: PeerRPCConnectionId defines the RPC ID 2558 of peer. If ManagePeerRPC is set to true this will 2559 be created by Cluster API Provider for OCI, otherwise 2560 this has be defined by the user. 2561 type: string 2562 peerRegionName: 2563 description: PeerRegionName defined the region name 2564 of Peer VCN. 2565 type: string 2566 rpcConnectionId: 2567 description: RPCConnectionId is the connection ID of 2568 the connection between peer and local RPC. 2569 type: string 2570 type: object 2571 type: array 2572 type: object 2573 type: object 2574 ociResourceIdentifier: 2575 description: The unique ID which will be used to tag all the resources 2576 created by this Cluster. The tag will be used to identify resources 2577 belonging to this cluster. this will be auto-generated and should 2578 not be set by the user. 2579 type: string 2580 region: 2581 description: Region the cluster operates in. It must be one of available 2582 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 2583 type: string 2584 type: object 2585 status: 2586 description: OCIClusterStatus defines the observed state of OCICluster 2587 properties: 2588 conditions: 2589 description: NetworkSpec encapsulates all things related to OCI network. 2590 items: 2591 description: Condition defines an observation of a Cluster API resource 2592 operational state. 2593 properties: 2594 lastTransitionTime: 2595 description: Last time the condition transitioned from one status 2596 to another. This should be when the underlying condition changed. 2597 If that is not known, then using the time when the API field 2598 changed is acceptable. 2599 format: date-time 2600 type: string 2601 message: 2602 description: A human readable message indicating details about 2603 the transition. This field may be empty. 2604 type: string 2605 reason: 2606 description: The reason for the condition's last transition 2607 in CamelCase. The specific API may choose whether or not this 2608 field is considered a guaranteed API. This field may not be 2609 empty. 2610 type: string 2611 severity: 2612 description: Severity provides an explicit classification of 2613 Reason code, so the users or machines can immediately understand 2614 the current situation and act accordingly. The Severity field 2615 MUST be set only when Status=False. 2616 type: string 2617 status: 2618 description: Status of the condition, one of True, False, Unknown. 2619 type: string 2620 type: 2621 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 2622 Many .condition.type values are consistent across resources 2623 like Available, but because arbitrary conditions can be useful 2624 (see .node.status.conditions), the ability to deconflict is 2625 important. 2626 type: string 2627 required: 2628 - lastTransitionTime 2629 - status 2630 - type 2631 type: object 2632 type: array 2633 failureDomains: 2634 additionalProperties: 2635 description: FailureDomainSpec is the Schema for Cluster API failure 2636 domains. It allows controllers to understand how many failure 2637 domains a cluster can optionally span across. 2638 properties: 2639 attributes: 2640 additionalProperties: 2641 type: string 2642 description: Attributes is a free form map of attributes an 2643 infrastructure provider might use or require. 2644 type: object 2645 controlPlane: 2646 description: ControlPlane determines if this failure domain 2647 is suitable for use by control plane machines. 2648 type: boolean 2649 type: object 2650 description: FailureDomains is a slice of FailureDomains. 2651 type: object 2652 ready: 2653 type: boolean 2654 type: object 2655 type: object 2656 served: true 2657 storage: true 2658 subresources: 2659 status: {} 2660 --- 2661 apiVersion: apiextensions.k8s.io/v1 2662 kind: CustomResourceDefinition 2663 metadata: 2664 annotations: 2665 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 2666 controller-gen.kubebuilder.io/version: v0.10.0 2667 labels: 2668 cluster.x-k8s.io/provider: infrastructure-oci 2669 cluster.x-k8s.io/v1beta1: v1beta1 2670 name: ociclustertemplates.infrastructure.cluster.x-k8s.io 2671 spec: 2672 conversion: 2673 strategy: Webhook 2674 webhook: 2675 clientConfig: 2676 service: 2677 name: capoci-webhook-service 2678 namespace: cluster-api-provider-oci-system 2679 path: /convert 2680 conversionReviewVersions: 2681 - v1 2682 - v1beta1 2683 group: infrastructure.cluster.x-k8s.io 2684 names: 2685 categories: 2686 - cluster-api 2687 kind: OCIClusterTemplate 2688 listKind: OCIClusterTemplateList 2689 plural: ociclustertemplates 2690 singular: ociclustertemplate 2691 scope: Namespaced 2692 versions: 2693 - name: v1beta1 2694 schema: 2695 openAPIV3Schema: 2696 description: OCIClusterTemplate is the Schema for the ociclustertemplates 2697 API. 2698 properties: 2699 apiVersion: 2700 description: 'APIVersion defines the versioned schema of this representation 2701 of an object. Servers should convert recognized schemas to the latest 2702 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2703 type: string 2704 kind: 2705 description: 'Kind is a string value representing the REST resource this 2706 object represents. Servers may infer this from the endpoint the client 2707 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2708 type: string 2709 metadata: 2710 type: object 2711 spec: 2712 description: OCIClusterTemplateSpec defines the desired state of OCIClusterTemplate. 2713 properties: 2714 template: 2715 description: OCIClusterTemplateResource describes the data needed 2716 to create an OCICluster from a template. 2717 properties: 2718 spec: 2719 description: OCIClusterSpec defines the desired state of OciCluster 2720 properties: 2721 compartmentId: 2722 description: Compartment to create the cluster network. 2723 type: string 2724 controlPlaneEndpoint: 2725 description: ControlPlaneEndpoint represents the endpoint 2726 used to communicate with the control plane. 2727 properties: 2728 host: 2729 description: The hostname on which the API server is serving. 2730 type: string 2731 port: 2732 description: The port on which the API server is serving. 2733 format: int32 2734 type: integer 2735 required: 2736 - host 2737 - port 2738 type: object 2739 definedTags: 2740 additionalProperties: 2741 additionalProperties: 2742 type: string 2743 type: object 2744 description: 'Defined tags for this resource. Each key is 2745 predefined and scoped to a namespace. For more information, 2746 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 2747 Example: `{"Operations": {"CostCenter": "42"}}`' 2748 type: object 2749 freeformTags: 2750 additionalProperties: 2751 type: string 2752 description: Free-form tags for this resource. 2753 type: object 2754 identityRef: 2755 description: IdentityRef is a reference to an identity(principal) 2756 to be used when reconciling this cluster 2757 properties: 2758 apiVersion: 2759 description: API version of the referent. 2760 type: string 2761 fieldPath: 2762 description: 'If referring to a piece of an object instead 2763 of an entire object, this string should contain a valid 2764 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 2765 For example, if the object reference is to a container 2766 within a pod, this would take on a value like: "spec.containers{name}" 2767 (where "name" refers to the name of the container that 2768 triggered the event) or if no container name is specified 2769 "spec.containers[2]" (container with index 2 in this 2770 pod). This syntax is chosen only to have some well-defined 2771 way of referencing a part of an object. TODO: this design 2772 is not final and this field is subject to change in 2773 the future.' 2774 type: string 2775 kind: 2776 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2777 type: string 2778 name: 2779 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 2780 type: string 2781 namespace: 2782 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 2783 type: string 2784 resourceVersion: 2785 description: 'Specific resourceVersion to which this reference 2786 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 2787 type: string 2788 uid: 2789 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 2790 type: string 2791 type: object 2792 x-kubernetes-map-type: atomic 2793 networkSpec: 2794 description: NetworkSpec encapsulates all things related to 2795 OCI network. 2796 properties: 2797 apiServerLoadBalancer: 2798 description: API Server LB configuration. 2799 properties: 2800 loadBalancerId: 2801 description: ID of Load Balancer. 2802 type: string 2803 name: 2804 description: LoadBalancer Name. 2805 type: string 2806 type: object 2807 skipNetworkManagement: 2808 description: SkipNetworkManagement defines if the networking 2809 spec(VCN related) specified by the user needs to be 2810 reconciled(actioned-upon) or used as it is. APIServerLB 2811 will still be reconciled. 2812 type: boolean 2813 vcn: 2814 description: VCN configuration. 2815 properties: 2816 cidr: 2817 description: VCN CIDR. 2818 type: string 2819 id: 2820 description: VCN OCID. 2821 type: string 2822 internetGatewayId: 2823 description: ID of Internet Gateway. 2824 type: string 2825 name: 2826 description: VCN Name. 2827 type: string 2828 natGatewayId: 2829 description: ID of Nat Gateway. 2830 type: string 2831 networkSecurityGroups: 2832 description: NetworkSecurityGroups is the configuration 2833 for the Network Security Groups required in the 2834 VCN. 2835 items: 2836 description: NSG defines configuration for a Network 2837 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 2838 properties: 2839 egressRules: 2840 description: EgressRules on the NSG. 2841 items: 2842 description: EgressSecurityRuleForNSG is EgressSecurityRule 2843 for NSG. 2844 properties: 2845 egressRule: 2846 description: EgressSecurityRule A rule 2847 for allowing outbound IP packets. 2848 properties: 2849 description: 2850 description: An optional description 2851 of your choice for the rule. 2852 type: string 2853 destination: 2854 description: 'Conceptually, this is 2855 the range of IP addresses that a 2856 packet originating from the instance 2857 can go to. Allowed values: * IP 2858 address range in CIDR notation. 2859 For example: `192.168.1.0/24` or 2860 `2001:0db8:0123:45::/56` Note that 2861 IPv6 addressing is currently supported 2862 only in certain regions. See IPv6 2863 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 2864 * The `cidrBlock` value for a Service, 2865 if you''re setting up a security 2866 list rule for traffic destined for 2867 a particular `Service` through a 2868 service gateway. For example: `oci-phx-objectstorage`.' 2869 type: string 2870 destinationType: 2871 description: 'Type of destination 2872 for the rule. The default is `CIDR_BLOCK`. 2873 Allowed values: * `CIDR_BLOCK`: 2874 If the rule''s `destination` is 2875 an IP address range in CIDR notation. 2876 * `SERVICE_CIDR_BLOCK`: If the rule''s 2877 `destination` is the `cidrBlock` 2878 value for a Service (the rule is 2879 for traffic destined for a particular 2880 `Service` through a service gateway).' 2881 type: string 2882 icmpOptions: 2883 description: 'IcmpOptions Optional 2884 and valid only for ICMP and ICMPv6. 2885 Use to specify a particular ICMP 2886 type and code as defined in: - ICMP 2887 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 2888 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 2889 If you specify ICMP or ICMPv6 as 2890 the protocol but omit this object, 2891 then all ICMP types and codes are 2892 allowed. If you do provide this 2893 object, the type is required and 2894 the code is optional. To enable 2895 MTU negotiation for ingress internet 2896 traffic via IPv4, make sure to allow 2897 type 3 ("Destination Unreachable") 2898 code 4 ("Fragmentation Needed and 2899 Don''t Fragment was Set"). If you 2900 need to specify multiple codes for 2901 a single type, create a separate 2902 security list rule for each.' 2903 properties: 2904 code: 2905 description: The ICMP code (optional). 2906 type: integer 2907 type: 2908 description: The ICMP type. 2909 type: integer 2910 type: object 2911 isStateless: 2912 description: A stateless rule allows 2913 traffic in one direction. Remember 2914 to add a corresponding stateless 2915 rule in the other direction if you 2916 need to support bidirectional traffic. 2917 For example, if egress traffic allows 2918 TCP destination port 80, there should 2919 be an ingress rule to allow TCP 2920 source port 80. Defaults to false, 2921 which means the rule is stateful 2922 and a corresponding rule is not 2923 necessary for bidirectional traffic. 2924 type: boolean 2925 protocol: 2926 description: The transport protocol. 2927 Specify either `all` or an IPv4 2928 protocol number as defined in Protocol 2929 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2930 Options are supported only for ICMP 2931 ("1"), TCP ("6"), UDP ("17"), and 2932 ICMPv6 ("58"). 2933 type: string 2934 tcpOptions: 2935 description: TcpOptions Optional and 2936 valid only for TCP. Use to specify 2937 particular destination ports for 2938 TCP rules. If you specify TCP as 2939 the protocol but omit this object, 2940 then all destination ports are allowed. 2941 properties: 2942 destinationPortRange: 2943 description: PortRange The representation 2944 of PortRange. 2945 properties: 2946 max: 2947 description: The maximum port 2948 number, which must not be 2949 less than the minimum port 2950 number. To specify a single 2951 port number, set both the 2952 min and max to the same 2953 value. 2954 type: integer 2955 min: 2956 description: The minimum port 2957 number, which must not be 2958 greater than the maximum 2959 port number. 2960 type: integer 2961 type: object 2962 sourcePortRange: 2963 description: PortRange The representation 2964 of PortRange. 2965 properties: 2966 max: 2967 description: The maximum port 2968 number, which must not be 2969 less than the minimum port 2970 number. To specify a single 2971 port number, set both the 2972 min and max to the same 2973 value. 2974 type: integer 2975 min: 2976 description: The minimum port 2977 number, which must not be 2978 greater than the maximum 2979 port number. 2980 type: integer 2981 type: object 2982 type: object 2983 udpOptions: 2984 description: UdpOptions Optional and 2985 valid only for UDP. Use to specify 2986 particular destination ports for 2987 UDP rules. If you specify UDP as 2988 the protocol but omit this object, 2989 then all destination ports are allowed. 2990 properties: 2991 destinationPortRange: 2992 description: PortRange The representation 2993 of PortRange. 2994 properties: 2995 max: 2996 description: The maximum port 2997 number, which must not be 2998 less than the minimum port 2999 number. To specify a single 3000 port number, set both the 3001 min and max to the same 3002 value. 3003 type: integer 3004 min: 3005 description: The minimum port 3006 number, which must not be 3007 greater than the maximum 3008 port number. 3009 type: integer 3010 type: object 3011 sourcePortRange: 3012 description: PortRange The representation 3013 of PortRange. 3014 properties: 3015 max: 3016 description: The maximum port 3017 number, which must not be 3018 less than the minimum port 3019 number. To specify a single 3020 port number, set both the 3021 min and max to the same 3022 value. 3023 type: integer 3024 min: 3025 description: The minimum port 3026 number, which must not be 3027 greater than the maximum 3028 port number. 3029 type: integer 3030 type: object 3031 type: object 3032 type: object 3033 id: 3034 description: 'EgressSecurityRule ID for 3035 NSG. Deprecated: this field is not populated 3036 and used during reconciliation' 3037 type: string 3038 type: object 3039 type: array 3040 id: 3041 description: NSG OCID. 3042 type: string 3043 ingressRules: 3044 description: IngressRules on the NSG. 3045 items: 3046 description: IngressSecurityRuleForNSG is 3047 IngressSecurityRule for NSG 3048 properties: 3049 id: 3050 description: 'IngressSecurityRule ID for 3051 NSG. Deprecated: this field is not populated 3052 and used during reconciliation' 3053 type: string 3054 ingressRule: 3055 description: IngressSecurityRule A rule 3056 for allowing inbound IP packets. 3057 properties: 3058 description: 3059 description: An optional description 3060 of your choice for the rule. 3061 type: string 3062 icmpOptions: 3063 description: 'IcmpOptions Optional 3064 and valid only for ICMP and ICMPv6. 3065 Use to specify a particular ICMP 3066 type and code as defined in: - ICMP 3067 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3068 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3069 If you specify ICMP or ICMPv6 as 3070 the protocol but omit this object, 3071 then all ICMP types and codes are 3072 allowed. If you do provide this 3073 object, the type is required and 3074 the code is optional. To enable 3075 MTU negotiation for ingress internet 3076 traffic via IPv4, make sure to allow 3077 type 3 ("Destination Unreachable") 3078 code 4 ("Fragmentation Needed and 3079 Don''t Fragment was Set"). If you 3080 need to specify multiple codes for 3081 a single type, create a separate 3082 security list rule for each.' 3083 properties: 3084 code: 3085 description: The ICMP code (optional). 3086 type: integer 3087 type: 3088 description: The ICMP type. 3089 type: integer 3090 type: object 3091 isStateless: 3092 description: A stateless rule allows 3093 traffic in one direction. Remember 3094 to add a corresponding stateless 3095 rule in the other direction if you 3096 need to support bidirectional traffic. 3097 For example, if ingress traffic 3098 allows TCP destination port 80, 3099 there should be an egress rule to 3100 allow TCP source port 80. Defaults 3101 to false, which means the rule is 3102 stateful and a corresponding rule 3103 is not necessary for bidirectional 3104 traffic. 3105 type: boolean 3106 protocol: 3107 description: The transport protocol. 3108 Specify either `all` or an IPv4 3109 protocol number as defined in Protocol 3110 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3111 Options are supported only for ICMP 3112 ("1"), TCP ("6"), UDP ("17"), and 3113 ICMPv6 ("58"). 3114 type: string 3115 source: 3116 description: 'Conceptually, this is 3117 the range of IP addresses that a 3118 packet coming into the instance 3119 can come from. Allowed values: * 3120 IP address range in CIDR notation. 3121 For example: `192.168.1.0/24` or 3122 `2001:0db8:0123:45::/56`. IPv6 addressing 3123 is supported for all commercial 3124 and government regions. See IPv6 3125 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3126 * The `cidrBlock` value for a Service, 3127 if you''re setting up a security 3128 list rule for traffic coming from 3129 a particular `Service` through a 3130 service gateway. For example: `oci-phx-objectstorage`.' 3131 type: string 3132 sourceType: 3133 description: 'Type of source for the 3134 rule. The default is `CIDR_BLOCK`. 3135 * `CIDR_BLOCK`: If the rule''s `source` 3136 is an IP address range in CIDR notation. 3137 * `SERVICE_CIDR_BLOCK`: If the rule''s 3138 `source` is the `cidrBlock` value 3139 for a Service (the rule is for traffic 3140 coming from a particular `Service` 3141 through a service gateway).' 3142 type: string 3143 tcpOptions: 3144 description: TcpOptions Optional and 3145 valid only for TCP. Use to specify 3146 particular destination ports for 3147 TCP rules. If you specify TCP as 3148 the protocol but omit this object, 3149 then all destination ports are allowed. 3150 properties: 3151 destinationPortRange: 3152 description: PortRange The representation 3153 of PortRange. 3154 properties: 3155 max: 3156 description: The maximum port 3157 number, which must not be 3158 less than the minimum port 3159 number. To specify a single 3160 port number, set both the 3161 min and max to the same 3162 value. 3163 type: integer 3164 min: 3165 description: The minimum port 3166 number, which must not be 3167 greater than the maximum 3168 port number. 3169 type: integer 3170 type: object 3171 sourcePortRange: 3172 description: PortRange The representation 3173 of PortRange. 3174 properties: 3175 max: 3176 description: The maximum port 3177 number, which must not be 3178 less than the minimum port 3179 number. To specify a single 3180 port number, set both the 3181 min and max to the same 3182 value. 3183 type: integer 3184 min: 3185 description: The minimum port 3186 number, which must not be 3187 greater than the maximum 3188 port number. 3189 type: integer 3190 type: object 3191 type: object 3192 udpOptions: 3193 description: UdpOptions Optional and 3194 valid only for UDP. Use to specify 3195 particular destination ports for 3196 UDP rules. If you specify UDP as 3197 the protocol but omit this object, 3198 then all destination ports are allowed. 3199 properties: 3200 destinationPortRange: 3201 description: PortRange The representation 3202 of PortRange. 3203 properties: 3204 max: 3205 description: The maximum port 3206 number, which must not be 3207 less than the minimum port 3208 number. To specify a single 3209 port number, set both the 3210 min and max to the same 3211 value. 3212 type: integer 3213 min: 3214 description: The minimum port 3215 number, which must not be 3216 greater than the maximum 3217 port number. 3218 type: integer 3219 type: object 3220 sourcePortRange: 3221 description: PortRange The representation 3222 of PortRange. 3223 properties: 3224 max: 3225 description: The maximum port 3226 number, which must not be 3227 less than the minimum port 3228 number. To specify a single 3229 port number, set both the 3230 min and max to the same 3231 value. 3232 type: integer 3233 min: 3234 description: The minimum port 3235 number, which must not be 3236 greater than the maximum 3237 port number. 3238 type: integer 3239 type: object 3240 type: object 3241 type: object 3242 type: object 3243 type: array 3244 name: 3245 description: NSG Name. 3246 type: string 3247 role: 3248 description: Role defines the NSG role (eg. 3249 control-plane, control-plane-endpoint, service-lb, 3250 worker). 3251 type: string 3252 required: 3253 - name 3254 type: object 3255 type: array 3256 x-kubernetes-list-map-keys: 3257 - name 3258 x-kubernetes-list-type: map 3259 privateRouteTableId: 3260 description: ID of Private Route Table. 3261 type: string 3262 publicRouteTableId: 3263 description: ID of Public Route Table. 3264 type: string 3265 serviceGatewayId: 3266 description: ID of Service Gateway. 3267 type: string 3268 subnets: 3269 description: Subnets is the configuration for subnets 3270 required in the VCN. 3271 items: 3272 description: Subnet defines the configuration for 3273 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 3274 properties: 3275 cidr: 3276 description: Subnet CIDR. 3277 type: string 3278 id: 3279 description: Subnet OCID. 3280 type: string 3281 name: 3282 description: Subnet Name. 3283 type: string 3284 role: 3285 description: Role defines the subnet role (eg. 3286 control-plane, control-plane-endpoint, service-lb, 3287 worker). 3288 type: string 3289 securityList: 3290 description: The security list associated with 3291 Subnet. 3292 properties: 3293 egressRules: 3294 description: EgressRules on the SecurityList. 3295 items: 3296 description: EgressSecurityRule A rule 3297 for allowing outbound IP packets. 3298 properties: 3299 description: 3300 description: An optional description 3301 of your choice for the rule. 3302 type: string 3303 destination: 3304 description: 'Conceptually, this is 3305 the range of IP addresses that a 3306 packet originating from the instance 3307 can go to. Allowed values: * IP 3308 address range in CIDR notation. 3309 For example: `192.168.1.0/24` or 3310 `2001:0db8:0123:45::/56` Note that 3311 IPv6 addressing is currently supported 3312 only in certain regions. See IPv6 3313 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3314 * The `cidrBlock` value for a Service, 3315 if you''re setting up a security 3316 list rule for traffic destined for 3317 a particular `Service` through a 3318 service gateway. For example: `oci-phx-objectstorage`.' 3319 type: string 3320 destinationType: 3321 description: 'Type of destination 3322 for the rule. The default is `CIDR_BLOCK`. 3323 Allowed values: * `CIDR_BLOCK`: 3324 If the rule''s `destination` is 3325 an IP address range in CIDR notation. 3326 * `SERVICE_CIDR_BLOCK`: If the rule''s 3327 `destination` is the `cidrBlock` 3328 value for a Service (the rule is 3329 for traffic destined for a particular 3330 `Service` through a service gateway).' 3331 type: string 3332 icmpOptions: 3333 description: 'IcmpOptions Optional 3334 and valid only for ICMP and ICMPv6. 3335 Use to specify a particular ICMP 3336 type and code as defined in: - ICMP 3337 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3338 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3339 If you specify ICMP or ICMPv6 as 3340 the protocol but omit this object, 3341 then all ICMP types and codes are 3342 allowed. If you do provide this 3343 object, the type is required and 3344 the code is optional. To enable 3345 MTU negotiation for ingress internet 3346 traffic via IPv4, make sure to allow 3347 type 3 ("Destination Unreachable") 3348 code 4 ("Fragmentation Needed and 3349 Don''t Fragment was Set"). If you 3350 need to specify multiple codes for 3351 a single type, create a separate 3352 security list rule for each.' 3353 properties: 3354 code: 3355 description: The ICMP code (optional). 3356 type: integer 3357 type: 3358 description: The ICMP type. 3359 type: integer 3360 type: object 3361 isStateless: 3362 description: A stateless rule allows 3363 traffic in one direction. Remember 3364 to add a corresponding stateless 3365 rule in the other direction if you 3366 need to support bidirectional traffic. 3367 For example, if egress traffic allows 3368 TCP destination port 80, there should 3369 be an ingress rule to allow TCP 3370 source port 80. Defaults to false, 3371 which means the rule is stateful 3372 and a corresponding rule is not 3373 necessary for bidirectional traffic. 3374 type: boolean 3375 protocol: 3376 description: The transport protocol. 3377 Specify either `all` or an IPv4 3378 protocol number as defined in Protocol 3379 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3380 Options are supported only for ICMP 3381 ("1"), TCP ("6"), UDP ("17"), and 3382 ICMPv6 ("58"). 3383 type: string 3384 tcpOptions: 3385 description: TcpOptions Optional and 3386 valid only for TCP. Use to specify 3387 particular destination ports for 3388 TCP rules. If you specify TCP as 3389 the protocol but omit this object, 3390 then all destination ports are allowed. 3391 properties: 3392 destinationPortRange: 3393 description: PortRange The representation 3394 of PortRange. 3395 properties: 3396 max: 3397 description: The maximum port 3398 number, which must not be 3399 less than the minimum port 3400 number. To specify a single 3401 port number, set both the 3402 min and max to the same 3403 value. 3404 type: integer 3405 min: 3406 description: The minimum port 3407 number, which must not be 3408 greater than the maximum 3409 port number. 3410 type: integer 3411 type: object 3412 sourcePortRange: 3413 description: PortRange The representation 3414 of PortRange. 3415 properties: 3416 max: 3417 description: The maximum port 3418 number, which must not be 3419 less than the minimum port 3420 number. To specify a single 3421 port number, set both the 3422 min and max to the same 3423 value. 3424 type: integer 3425 min: 3426 description: The minimum port 3427 number, which must not be 3428 greater than the maximum 3429 port number. 3430 type: integer 3431 type: object 3432 type: object 3433 udpOptions: 3434 description: UdpOptions Optional and 3435 valid only for UDP. Use to specify 3436 particular destination ports for 3437 UDP rules. If you specify UDP as 3438 the protocol but omit this object, 3439 then all destination ports are allowed. 3440 properties: 3441 destinationPortRange: 3442 description: PortRange The representation 3443 of PortRange. 3444 properties: 3445 max: 3446 description: The maximum port 3447 number, which must not be 3448 less than the minimum port 3449 number. To specify a single 3450 port number, set both the 3451 min and max to the same 3452 value. 3453 type: integer 3454 min: 3455 description: The minimum port 3456 number, which must not be 3457 greater than the maximum 3458 port number. 3459 type: integer 3460 type: object 3461 sourcePortRange: 3462 description: PortRange The representation 3463 of PortRange. 3464 properties: 3465 max: 3466 description: The maximum port 3467 number, which must not be 3468 less than the minimum port 3469 number. To specify a single 3470 port number, set both the 3471 min and max to the same 3472 value. 3473 type: integer 3474 min: 3475 description: The minimum port 3476 number, which must not be 3477 greater than the maximum 3478 port number. 3479 type: integer 3480 type: object 3481 type: object 3482 type: object 3483 type: array 3484 id: 3485 description: ID of the SecurityList. 3486 type: string 3487 ingressRules: 3488 description: IngressRules on the SecurityList. 3489 items: 3490 description: IngressSecurityRule A rule 3491 for allowing inbound IP packets. 3492 properties: 3493 description: 3494 description: An optional description 3495 of your choice for the rule. 3496 type: string 3497 icmpOptions: 3498 description: 'IcmpOptions Optional 3499 and valid only for ICMP and ICMPv6. 3500 Use to specify a particular ICMP 3501 type and code as defined in: - ICMP 3502 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 3503 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 3504 If you specify ICMP or ICMPv6 as 3505 the protocol but omit this object, 3506 then all ICMP types and codes are 3507 allowed. If you do provide this 3508 object, the type is required and 3509 the code is optional. To enable 3510 MTU negotiation for ingress internet 3511 traffic via IPv4, make sure to allow 3512 type 3 ("Destination Unreachable") 3513 code 4 ("Fragmentation Needed and 3514 Don''t Fragment was Set"). If you 3515 need to specify multiple codes for 3516 a single type, create a separate 3517 security list rule for each.' 3518 properties: 3519 code: 3520 description: The ICMP code (optional). 3521 type: integer 3522 type: 3523 description: The ICMP type. 3524 type: integer 3525 type: object 3526 isStateless: 3527 description: A stateless rule allows 3528 traffic in one direction. Remember 3529 to add a corresponding stateless 3530 rule in the other direction if you 3531 need to support bidirectional traffic. 3532 For example, if ingress traffic 3533 allows TCP destination port 80, 3534 there should be an egress rule to 3535 allow TCP source port 80. Defaults 3536 to false, which means the rule is 3537 stateful and a corresponding rule 3538 is not necessary for bidirectional 3539 traffic. 3540 type: boolean 3541 protocol: 3542 description: The transport protocol. 3543 Specify either `all` or an IPv4 3544 protocol number as defined in Protocol 3545 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 3546 Options are supported only for ICMP 3547 ("1"), TCP ("6"), UDP ("17"), and 3548 ICMPv6 ("58"). 3549 type: string 3550 source: 3551 description: 'Conceptually, this is 3552 the range of IP addresses that a 3553 packet coming into the instance 3554 can come from. Allowed values: * 3555 IP address range in CIDR notation. 3556 For example: `192.168.1.0/24` or 3557 `2001:0db8:0123:45::/56`. IPv6 addressing 3558 is supported for all commercial 3559 and government regions. See IPv6 3560 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 3561 * The `cidrBlock` value for a Service, 3562 if you''re setting up a security 3563 list rule for traffic coming from 3564 a particular `Service` through a 3565 service gateway. For example: `oci-phx-objectstorage`.' 3566 type: string 3567 sourceType: 3568 description: 'Type of source for the 3569 rule. The default is `CIDR_BLOCK`. 3570 * `CIDR_BLOCK`: If the rule''s `source` 3571 is an IP address range in CIDR notation. 3572 * `SERVICE_CIDR_BLOCK`: If the rule''s 3573 `source` is the `cidrBlock` value 3574 for a Service (the rule is for traffic 3575 coming from a particular `Service` 3576 through a service gateway).' 3577 type: string 3578 tcpOptions: 3579 description: TcpOptions Optional and 3580 valid only for TCP. Use to specify 3581 particular destination ports for 3582 TCP rules. If you specify TCP as 3583 the protocol but omit this object, 3584 then all destination ports are allowed. 3585 properties: 3586 destinationPortRange: 3587 description: PortRange The representation 3588 of PortRange. 3589 properties: 3590 max: 3591 description: The maximum port 3592 number, which must not be 3593 less than the minimum port 3594 number. To specify a single 3595 port number, set both the 3596 min and max to the same 3597 value. 3598 type: integer 3599 min: 3600 description: The minimum port 3601 number, which must not be 3602 greater than the maximum 3603 port number. 3604 type: integer 3605 type: object 3606 sourcePortRange: 3607 description: PortRange The representation 3608 of PortRange. 3609 properties: 3610 max: 3611 description: The maximum port 3612 number, which must not be 3613 less than the minimum port 3614 number. To specify a single 3615 port number, set both the 3616 min and max to the same 3617 value. 3618 type: integer 3619 min: 3620 description: The minimum port 3621 number, which must not be 3622 greater than the maximum 3623 port number. 3624 type: integer 3625 type: object 3626 type: object 3627 udpOptions: 3628 description: UdpOptions Optional and 3629 valid only for UDP. Use to specify 3630 particular destination ports for 3631 UDP rules. If you specify UDP as 3632 the protocol but omit this object, 3633 then all destination ports are allowed. 3634 properties: 3635 destinationPortRange: 3636 description: PortRange The representation 3637 of PortRange. 3638 properties: 3639 max: 3640 description: The maximum port 3641 number, which must not be 3642 less than the minimum port 3643 number. To specify a single 3644 port number, set both the 3645 min and max to the same 3646 value. 3647 type: integer 3648 min: 3649 description: The minimum port 3650 number, which must not be 3651 greater than the maximum 3652 port number. 3653 type: integer 3654 type: object 3655 sourcePortRange: 3656 description: PortRange The representation 3657 of PortRange. 3658 properties: 3659 max: 3660 description: The maximum port 3661 number, which must not be 3662 less than the minimum port 3663 number. To specify a single 3664 port number, set both the 3665 min and max to the same 3666 value. 3667 type: integer 3668 min: 3669 description: The minimum port 3670 number, which must not be 3671 greater than the maximum 3672 port number. 3673 type: integer 3674 type: object 3675 type: object 3676 type: object 3677 type: array 3678 name: 3679 description: SecurityList Name. 3680 type: string 3681 type: object 3682 type: 3683 description: Type defines the subnet type (e.g. 3684 public, private). 3685 type: string 3686 required: 3687 - name 3688 - role 3689 type: object 3690 type: array 3691 x-kubernetes-list-map-keys: 3692 - name 3693 x-kubernetes-list-type: map 3694 type: object 3695 vcnPeering: 3696 description: VCNPeering configuration. 3697 properties: 3698 drg: 3699 description: DRG configuration refers to the DRG which 3700 has to be created if required. If management cluster 3701 and workload cluster shares the same DRG, this fields 3702 is not required to be specified. 3703 properties: 3704 id: 3705 description: ID is the OCID for the created DRG. 3706 type: string 3707 manage: 3708 description: Manage defines whether the DRG has 3709 to be managed(including create). If set to false(the 3710 default) the ID has to be specified by the user 3711 to a valid DRG ID to which the VCN has to be 3712 attached. 3713 type: boolean 3714 name: 3715 description: Name is the name of the created DRG. 3716 type: string 3717 vcnAttachmentId: 3718 description: VcnAttachmentId is the ID of the 3719 VCN attachment of the DRG. The workload cluster 3720 VCN can be attached to either the management 3721 cluster VCN if they are sharing the same DRG 3722 or to the workload cluster DRG. 3723 type: string 3724 type: object 3725 peerRouteRules: 3726 description: PeerRouteRules defines the routing rules 3727 which will be added to the private route tables 3728 of the workload cluster VCN. The routes defined 3729 here will be directed to DRG. 3730 items: 3731 description: PeerRouteRule defines a Route Rule 3732 to be routed via a DRG. 3733 properties: 3734 vcnCIDRRange: 3735 description: VCNCIDRRange is the CIDR Range 3736 of peer VCN to which the workload cluster 3737 VCN will be peered. The CIDR range is required 3738 to add the route rule in the workload cluster 3739 VCN, the route rule will forward any traffic 3740 to the CIDR to the DRG. 3741 type: string 3742 type: object 3743 type: array 3744 remotePeeringConnections: 3745 description: RemotePeeringConnections defines the 3746 RPC connections which be established with the workload 3747 cluster DRG. 3748 items: 3749 description: RemotePeeringConnection is used to 3750 peer VCNs residing in different regions(typically). 3751 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 3752 properties: 3753 managePeerRPC: 3754 description: ManagePeerRPC will define if the 3755 Peer VCN needs to be managed. If set to true 3756 a Remote Peering Connection will be created 3757 in the Peer DRG and the connection will be 3758 created between local and peer RPC. 3759 type: boolean 3760 peerDRGId: 3761 description: PeerDRGId defines the DRG ID of 3762 the peer. 3763 type: string 3764 peerRPCConnectionId: 3765 description: PeerRPCConnectionId defines the 3766 RPC ID of peer. If ManagePeerRPC is set to 3767 true this will be created by Cluster API Provider 3768 for OCI, otherwise this has be defined by 3769 the user. 3770 type: string 3771 peerRegionName: 3772 description: PeerRegionName defined the region 3773 name of Peer VCN. 3774 type: string 3775 rpcConnectionId: 3776 description: RPCConnectionId is the connection 3777 ID of the connection between peer and local 3778 RPC. 3779 type: string 3780 type: object 3781 type: array 3782 type: object 3783 type: object 3784 ociResourceIdentifier: 3785 description: The unique ID which will be used to tag all the 3786 resources created by this Cluster. The tag will be used 3787 to identify resources belonging to this cluster. this will 3788 be auto-generated and should not be set by the user. 3789 type: string 3790 region: 3791 description: Region the cluster operates in. It must be one 3792 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 3793 type: string 3794 type: object 3795 required: 3796 - spec 3797 type: object 3798 required: 3799 - template 3800 type: object 3801 type: object 3802 served: true 3803 storage: false 3804 - name: v1beta2 3805 schema: 3806 openAPIV3Schema: 3807 description: OCIClusterTemplate is the Schema for the ociclustertemplates 3808 API. 3809 properties: 3810 apiVersion: 3811 description: 'APIVersion defines the versioned schema of this representation 3812 of an object. Servers should convert recognized schemas to the latest 3813 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 3814 type: string 3815 kind: 3816 description: 'Kind is a string value representing the REST resource this 3817 object represents. Servers may infer this from the endpoint the client 3818 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3819 type: string 3820 metadata: 3821 type: object 3822 spec: 3823 description: OCIClusterTemplateSpec defines the desired state of OCIClusterTemplate. 3824 properties: 3825 template: 3826 description: OCIClusterTemplateResource describes the data needed 3827 to create an OCICluster from a template. 3828 properties: 3829 spec: 3830 description: OCIClusterSpec defines the desired state of OciCluster 3831 properties: 3832 availabilityDomains: 3833 additionalProperties: 3834 description: OCIAvailabilityDomain contains information 3835 about an Availability Domain (AD). 3836 properties: 3837 faultDomains: 3838 description: 'FaultDomains a list of fault domain (FD) 3839 names. Example: ["FAULT-DOMAIN-1"]' 3840 items: 3841 type: string 3842 type: array 3843 name: 3844 description: 'Name is the AD''s full name. Example: 3845 Uocm:PHX-AD-1' 3846 type: string 3847 type: object 3848 description: AvailabilityDomains encapsulates the clusters 3849 Availability Domain (AD) information in a map where the 3850 map key is the AD name and the struct is details about the 3851 AD. 3852 type: object 3853 clientOverrides: 3854 description: ClientOverrides allows the default client SDK 3855 URLs to be changed. 3856 nullable: true 3857 properties: 3858 certOverride: 3859 description: CertOverride is a secret that contains information 3860 about a cert override used by all the OCI SDK clients. 3861 The secret must contain data with a `cert`property. 3862 nullable: true 3863 properties: 3864 name: 3865 description: name is unique within a namespace to 3866 reference a secret resource. 3867 type: string 3868 namespace: 3869 description: namespace defines the space within which 3870 the secret name must be unique. 3871 type: string 3872 type: object 3873 x-kubernetes-map-type: atomic 3874 computeClientUrl: 3875 description: ComputeClientUrl allows the default compute 3876 SDK client URL to be changed. 3877 nullable: true 3878 type: string 3879 computeManagementClientUrl: 3880 description: ComputeManagementClientUrl allows the default 3881 compute management SDK client URL to be changed. 3882 nullable: true 3883 type: string 3884 containerEngineClientUrl: 3885 description: ContainerEngineClientUrl allows the default 3886 container engine SDK client URL to be changed. 3887 nullable: true 3888 type: string 3889 identityClientUrl: 3890 description: IdentityClientUrl allows the default identity 3891 SDK client URL to be changed. 3892 nullable: true 3893 type: string 3894 loadBalancerClientUrl: 3895 description: LoadBalancerClientUrl allows the default 3896 load balancer SDK client URL to be changed. 3897 nullable: true 3898 type: string 3899 networkLoadBalancerClientUrl: 3900 description: NetworkLoadBalancerClientUrl allows the default 3901 NLB SDK client URL to be changed. 3902 nullable: true 3903 type: string 3904 vCNClientUrl: 3905 description: VCNClientUrl allows the default vcn SDK client 3906 URL to be changed. 3907 nullable: true 3908 type: string 3909 type: object 3910 compartmentId: 3911 description: Compartment to create the cluster network. 3912 type: string 3913 controlPlaneEndpoint: 3914 description: ControlPlaneEndpoint represents the endpoint 3915 used to communicate with the control plane. 3916 properties: 3917 host: 3918 description: The hostname on which the API server is serving. 3919 type: string 3920 port: 3921 description: The port on which the API server is serving. 3922 format: int32 3923 type: integer 3924 required: 3925 - host 3926 - port 3927 type: object 3928 definedTags: 3929 additionalProperties: 3930 additionalProperties: 3931 type: string 3932 type: object 3933 description: 'Defined tags for this resource. Each key is 3934 predefined and scoped to a namespace. For more information, 3935 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 3936 Example: `{"Operations": {"CostCenter": "42"}}`' 3937 type: object 3938 freeformTags: 3939 additionalProperties: 3940 type: string 3941 description: Free-form tags for this resource. 3942 type: object 3943 identityRef: 3944 description: IdentityRef is a reference to an identity(principal) 3945 to be used when reconciling this cluster 3946 properties: 3947 apiVersion: 3948 description: API version of the referent. 3949 type: string 3950 fieldPath: 3951 description: 'If referring to a piece of an object instead 3952 of an entire object, this string should contain a valid 3953 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 3954 For example, if the object reference is to a container 3955 within a pod, this would take on a value like: "spec.containers{name}" 3956 (where "name" refers to the name of the container that 3957 triggered the event) or if no container name is specified 3958 "spec.containers[2]" (container with index 2 in this 3959 pod). This syntax is chosen only to have some well-defined 3960 way of referencing a part of an object. TODO: this design 3961 is not final and this field is subject to change in 3962 the future.' 3963 type: string 3964 kind: 3965 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3966 type: string 3967 name: 3968 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3969 type: string 3970 namespace: 3971 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 3972 type: string 3973 resourceVersion: 3974 description: 'Specific resourceVersion to which this reference 3975 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 3976 type: string 3977 uid: 3978 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 3979 type: string 3980 type: object 3981 x-kubernetes-map-type: atomic 3982 networkSpec: 3983 description: NetworkSpec encapsulates all things related to 3984 OCI network. 3985 properties: 3986 apiServerLoadBalancer: 3987 description: API Server LB configuration. 3988 properties: 3989 loadBalancerId: 3990 description: ID of Load Balancer. 3991 type: string 3992 loadBalancerType: 3993 description: 'Type of Load Balancer: NLB (default) 3994 or LBaaS.' 3995 type: string 3996 name: 3997 description: LoadBalancer Name. 3998 type: string 3999 type: object 4000 skipNetworkManagement: 4001 description: SkipNetworkManagement defines if the networking 4002 spec(VCN related) specified by the user needs to be 4003 reconciled(actioned-upon) or used as it is. APIServerLB 4004 will still be reconciled. 4005 type: boolean 4006 vcn: 4007 description: VCN configuration. 4008 properties: 4009 cidr: 4010 description: VCN CIDR. 4011 type: string 4012 id: 4013 description: VCN OCID. 4014 type: string 4015 internetGateway: 4016 description: Configuration for Internet Gateway. 4017 properties: 4018 id: 4019 description: ID of Internet Gateway. 4020 type: string 4021 skip: 4022 description: Skip specifies whether to skip creating 4023 internet gateway even if any one Subnet is public. 4024 type: boolean 4025 type: object 4026 name: 4027 description: VCN Name. 4028 type: string 4029 natGateway: 4030 description: Configuration for NAT Gateway. 4031 properties: 4032 id: 4033 description: ID of Nat Gateway. 4034 type: string 4035 skip: 4036 description: Skip specifies whether to skip creating 4037 NAT gateway even if any one Subnet is private. 4038 type: boolean 4039 type: object 4040 networkSecurityGroup: 4041 description: Configuration for NSG management. 4042 properties: 4043 list: 4044 description: NetworkSecurityGroup is the configuration 4045 for the Network Security Groups required in 4046 the VCN. 4047 items: 4048 description: NSG defines configuration for a 4049 Network Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 4050 properties: 4051 egressRules: 4052 description: EgressRules on the NSG. 4053 items: 4054 description: EgressSecurityRuleForNSG 4055 is EgressSecurityRule for NSG. 4056 properties: 4057 egressRule: 4058 description: EgressSecurityRule A 4059 rule for allowing outbound IP packets. 4060 properties: 4061 description: 4062 description: An optional description 4063 of your choice for the rule. 4064 type: string 4065 destination: 4066 description: 'Conceptually, this 4067 is the range of IP addresses 4068 that a packet originating from 4069 the instance can go to. Allowed 4070 values: * IP address range in 4071 CIDR notation. For example: 4072 `192.168.1.0/24` or `2001:0db8:0123:45::/56` 4073 Note that IPv6 addressing is 4074 currently supported only in 4075 certain regions. See IPv6 Addresses 4076 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4077 * The `cidrBlock` value for 4078 a Service, if you''re setting 4079 up a security list rule for 4080 traffic destined for a particular 4081 `Service` through a service 4082 gateway. For example: `oci-phx-objectstorage`.' 4083 type: string 4084 destinationType: 4085 description: 'Type of destination 4086 for the rule. The default is 4087 `CIDR_BLOCK`. Allowed values: 4088 * `CIDR_BLOCK`: If the rule''s 4089 `destination` is an IP address 4090 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 4091 If the rule''s `destination` 4092 is the `cidrBlock` value for 4093 a Service (the rule is for traffic 4094 destined for a particular `Service` 4095 through a service gateway).' 4096 type: string 4097 icmpOptions: 4098 description: 'IcmpOptions Optional 4099 and valid only for ICMP and 4100 ICMPv6. Use to specify a particular 4101 ICMP type and code as defined 4102 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4103 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4104 If you specify ICMP or ICMPv6 4105 as the protocol but omit this 4106 object, then all ICMP types 4107 and codes are allowed. If you 4108 do provide this object, the 4109 type is required and the code 4110 is optional. To enable MTU negotiation 4111 for ingress internet traffic 4112 via IPv4, make sure to allow 4113 type 3 ("Destination Unreachable") 4114 code 4 ("Fragmentation Needed 4115 and Don''t Fragment was Set"). 4116 If you need to specify multiple 4117 codes for a single type, create 4118 a separate security list rule 4119 for each.' 4120 properties: 4121 code: 4122 description: The ICMP code 4123 (optional). 4124 type: integer 4125 type: 4126 description: The ICMP type. 4127 type: integer 4128 type: object 4129 isStateless: 4130 description: A stateless rule 4131 allows traffic in one direction. 4132 Remember to add a corresponding 4133 stateless rule in the other 4134 direction if you need to support 4135 bidirectional traffic. For example, 4136 if egress traffic allows TCP 4137 destination port 80, there should 4138 be an ingress rule to allow 4139 TCP source port 80. Defaults 4140 to false, which means the rule 4141 is stateful and a corresponding 4142 rule is not necessary for bidirectional 4143 traffic. 4144 type: boolean 4145 protocol: 4146 description: The transport protocol. 4147 Specify either `all` or an IPv4 4148 protocol number as defined in 4149 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4150 Options are supported only for 4151 ICMP ("1"), TCP ("6"), UDP ("17"), 4152 and ICMPv6 ("58"). 4153 type: string 4154 tcpOptions: 4155 description: TcpOptions Optional 4156 and valid only for TCP. Use 4157 to specify particular destination 4158 ports for TCP rules. If you 4159 specify TCP as the protocol 4160 but omit this object, then all 4161 destination ports are allowed. 4162 properties: 4163 destinationPortRange: 4164 description: PortRange The 4165 representation of PortRange. 4166 properties: 4167 max: 4168 description: The maximum 4169 port number, which must 4170 not be less than the 4171 minimum port number. 4172 To specify a single 4173 port number, set both 4174 the min and max to the 4175 same value. 4176 type: integer 4177 min: 4178 description: The minimum 4179 port number, which must 4180 not be greater than 4181 the maximum port number. 4182 type: integer 4183 type: object 4184 sourcePortRange: 4185 description: PortRange The 4186 representation of PortRange. 4187 properties: 4188 max: 4189 description: The maximum 4190 port number, which must 4191 not be less than the 4192 minimum port number. 4193 To specify a single 4194 port number, set both 4195 the min and max to the 4196 same value. 4197 type: integer 4198 min: 4199 description: The minimum 4200 port number, which must 4201 not be greater than 4202 the maximum port number. 4203 type: integer 4204 type: object 4205 type: object 4206 udpOptions: 4207 description: UdpOptions Optional 4208 and valid only for UDP. Use 4209 to specify particular destination 4210 ports for UDP rules. If you 4211 specify UDP as the protocol 4212 but omit this object, then all 4213 destination ports are allowed. 4214 properties: 4215 destinationPortRange: 4216 description: PortRange The 4217 representation of PortRange. 4218 properties: 4219 max: 4220 description: The maximum 4221 port number, which must 4222 not be less than the 4223 minimum port number. 4224 To specify a single 4225 port number, set both 4226 the min and max to the 4227 same value. 4228 type: integer 4229 min: 4230 description: The minimum 4231 port number, which must 4232 not be greater than 4233 the maximum port number. 4234 type: integer 4235 type: object 4236 sourcePortRange: 4237 description: PortRange The 4238 representation of PortRange. 4239 properties: 4240 max: 4241 description: The maximum 4242 port number, which must 4243 not be less than the 4244 minimum port number. 4245 To specify a single 4246 port number, set both 4247 the min and max to the 4248 same value. 4249 type: integer 4250 min: 4251 description: The minimum 4252 port number, which must 4253 not be greater than 4254 the maximum port number. 4255 type: integer 4256 type: object 4257 type: object 4258 type: object 4259 type: object 4260 type: array 4261 id: 4262 description: NSG OCID. 4263 type: string 4264 ingressRules: 4265 description: IngressRules on the NSG. 4266 items: 4267 description: IngressSecurityRuleForNSG 4268 is IngressSecurityRule for NSG 4269 properties: 4270 ingressRule: 4271 description: IngressSecurityRule A 4272 rule for allowing inbound IP packets. 4273 properties: 4274 description: 4275 description: An optional description 4276 of your choice for the rule. 4277 type: string 4278 icmpOptions: 4279 description: 'IcmpOptions Optional 4280 and valid only for ICMP and 4281 ICMPv6. Use to specify a particular 4282 ICMP type and code as defined 4283 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4284 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4285 If you specify ICMP or ICMPv6 4286 as the protocol but omit this 4287 object, then all ICMP types 4288 and codes are allowed. If you 4289 do provide this object, the 4290 type is required and the code 4291 is optional. To enable MTU negotiation 4292 for ingress internet traffic 4293 via IPv4, make sure to allow 4294 type 3 ("Destination Unreachable") 4295 code 4 ("Fragmentation Needed 4296 and Don''t Fragment was Set"). 4297 If you need to specify multiple 4298 codes for a single type, create 4299 a separate security list rule 4300 for each.' 4301 properties: 4302 code: 4303 description: The ICMP code 4304 (optional). 4305 type: integer 4306 type: 4307 description: The ICMP type. 4308 type: integer 4309 type: object 4310 isStateless: 4311 description: A stateless rule 4312 allows traffic in one direction. 4313 Remember to add a corresponding 4314 stateless rule in the other 4315 direction if you need to support 4316 bidirectional traffic. For example, 4317 if ingress traffic allows TCP 4318 destination port 80, there should 4319 be an egress rule to allow TCP 4320 source port 80. Defaults to 4321 false, which means the rule 4322 is stateful and a corresponding 4323 rule is not necessary for bidirectional 4324 traffic. 4325 type: boolean 4326 protocol: 4327 description: The transport protocol. 4328 Specify either `all` or an IPv4 4329 protocol number as defined in 4330 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4331 Options are supported only for 4332 ICMP ("1"), TCP ("6"), UDP ("17"), 4333 and ICMPv6 ("58"). 4334 type: string 4335 source: 4336 description: 'Conceptually, this 4337 is the range of IP addresses 4338 that a packet coming into the 4339 instance can come from. Allowed 4340 values: * IP address range in 4341 CIDR notation. For example: 4342 `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 4343 IPv6 addressing is supported 4344 for all commercial and government 4345 regions. See IPv6 Addresses 4346 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4347 * The `cidrBlock` value for 4348 a Service, if you''re setting 4349 up a security list rule for 4350 traffic coming from a particular 4351 `Service` through a service 4352 gateway. For example: `oci-phx-objectstorage`.' 4353 type: string 4354 sourceType: 4355 description: 'Type of source for 4356 the rule. The default is `CIDR_BLOCK`. 4357 * `CIDR_BLOCK`: If the rule''s 4358 `source` is an IP address range 4359 in CIDR notation. * `SERVICE_CIDR_BLOCK`: 4360 If the rule''s `source` is the 4361 `cidrBlock` value for a Service 4362 (the rule is for traffic coming 4363 from a particular `Service` 4364 through a service gateway).' 4365 type: string 4366 tcpOptions: 4367 description: TcpOptions Optional 4368 and valid only for TCP. Use 4369 to specify particular destination 4370 ports for TCP rules. If you 4371 specify TCP as the protocol 4372 but omit this object, then all 4373 destination ports are allowed. 4374 properties: 4375 destinationPortRange: 4376 description: PortRange The 4377 representation of PortRange. 4378 properties: 4379 max: 4380 description: The maximum 4381 port number, which must 4382 not be less than the 4383 minimum port number. 4384 To specify a single 4385 port number, set both 4386 the min and max to the 4387 same value. 4388 type: integer 4389 min: 4390 description: The minimum 4391 port number, which must 4392 not be greater than 4393 the maximum port number. 4394 type: integer 4395 type: object 4396 sourcePortRange: 4397 description: PortRange The 4398 representation of PortRange. 4399 properties: 4400 max: 4401 description: The maximum 4402 port number, which must 4403 not be less than the 4404 minimum port number. 4405 To specify a single 4406 port number, set both 4407 the min and max to the 4408 same value. 4409 type: integer 4410 min: 4411 description: The minimum 4412 port number, which must 4413 not be greater than 4414 the maximum port number. 4415 type: integer 4416 type: object 4417 type: object 4418 udpOptions: 4419 description: UdpOptions Optional 4420 and valid only for UDP. Use 4421 to specify particular destination 4422 ports for UDP rules. If you 4423 specify UDP as the protocol 4424 but omit this object, then all 4425 destination ports are allowed. 4426 properties: 4427 destinationPortRange: 4428 description: PortRange The 4429 representation of PortRange. 4430 properties: 4431 max: 4432 description: The maximum 4433 port number, which must 4434 not be less than the 4435 minimum port number. 4436 To specify a single 4437 port number, set both 4438 the min and max to the 4439 same value. 4440 type: integer 4441 min: 4442 description: The minimum 4443 port number, which must 4444 not be greater than 4445 the maximum port number. 4446 type: integer 4447 type: object 4448 sourcePortRange: 4449 description: PortRange The 4450 representation of PortRange. 4451 properties: 4452 max: 4453 description: The maximum 4454 port number, which must 4455 not be less than the 4456 minimum port number. 4457 To specify a single 4458 port number, set both 4459 the min and max to the 4460 same value. 4461 type: integer 4462 min: 4463 description: The minimum 4464 port number, which must 4465 not be greater than 4466 the maximum port number. 4467 type: integer 4468 type: object 4469 type: object 4470 type: object 4471 type: object 4472 type: array 4473 name: 4474 description: NSG Name. 4475 type: string 4476 role: 4477 description: Role defines the NSG role (eg. 4478 control-plane, control-plane-endpoint, 4479 service-lb, worker). 4480 type: string 4481 required: 4482 - name 4483 type: object 4484 type: array 4485 x-kubernetes-list-map-keys: 4486 - name 4487 x-kubernetes-list-type: map 4488 skip: 4489 description: Skip specifies whether to skip creating 4490 network security groups. 4491 type: boolean 4492 type: object 4493 routeTable: 4494 description: Configuration for Route table. 4495 properties: 4496 privateRouteTableId: 4497 description: ID of Private Route Table. 4498 type: string 4499 publicRouteTableId: 4500 description: ID of Public Route Table. 4501 type: string 4502 skip: 4503 description: Skip specifies whether to skip creating 4504 Route table. 4505 type: boolean 4506 type: object 4507 serviceGateway: 4508 description: Configuration for Service Gateway. 4509 properties: 4510 id: 4511 description: ID of Service Gateway. 4512 type: string 4513 skip: 4514 description: Skip specifies whether to skip creating 4515 Service gateway. 4516 type: boolean 4517 type: object 4518 subnets: 4519 description: Subnets is the configuration for subnets 4520 required in the VCN. 4521 items: 4522 description: Subnet defines the configuration for 4523 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 4524 properties: 4525 cidr: 4526 description: Subnet CIDR. 4527 type: string 4528 id: 4529 description: Subnet OCID. 4530 type: string 4531 name: 4532 description: Subnet Name. 4533 type: string 4534 role: 4535 description: Role defines the subnet role (eg. 4536 control-plane, control-plane-endpoint, service-lb, 4537 worker). 4538 type: string 4539 securityList: 4540 description: The security list associated with 4541 Subnet. 4542 properties: 4543 egressRules: 4544 description: EgressRules on the SecurityList. 4545 items: 4546 description: EgressSecurityRule A rule 4547 for allowing outbound IP packets. 4548 properties: 4549 description: 4550 description: An optional description 4551 of your choice for the rule. 4552 type: string 4553 destination: 4554 description: 'Conceptually, this is 4555 the range of IP addresses that a 4556 packet originating from the instance 4557 can go to. Allowed values: * IP 4558 address range in CIDR notation. 4559 For example: `192.168.1.0/24` or 4560 `2001:0db8:0123:45::/56` Note that 4561 IPv6 addressing is currently supported 4562 only in certain regions. See IPv6 4563 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4564 * The `cidrBlock` value for a Service, 4565 if you''re setting up a security 4566 list rule for traffic destined for 4567 a particular `Service` through a 4568 service gateway. For example: `oci-phx-objectstorage`.' 4569 type: string 4570 destinationType: 4571 description: 'Type of destination 4572 for the rule. The default is `CIDR_BLOCK`. 4573 Allowed values: * `CIDR_BLOCK`: 4574 If the rule''s `destination` is 4575 an IP address range in CIDR notation. 4576 * `SERVICE_CIDR_BLOCK`: If the rule''s 4577 `destination` is the `cidrBlock` 4578 value for a Service (the rule is 4579 for traffic destined for a particular 4580 `Service` through a service gateway).' 4581 type: string 4582 icmpOptions: 4583 description: 'IcmpOptions Optional 4584 and valid only for ICMP and ICMPv6. 4585 Use to specify a particular ICMP 4586 type and code as defined in: - ICMP 4587 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4588 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4589 If you specify ICMP or ICMPv6 as 4590 the protocol but omit this object, 4591 then all ICMP types and codes are 4592 allowed. If you do provide this 4593 object, the type is required and 4594 the code is optional. To enable 4595 MTU negotiation for ingress internet 4596 traffic via IPv4, make sure to allow 4597 type 3 ("Destination Unreachable") 4598 code 4 ("Fragmentation Needed and 4599 Don''t Fragment was Set"). If you 4600 need to specify multiple codes for 4601 a single type, create a separate 4602 security list rule for each.' 4603 properties: 4604 code: 4605 description: The ICMP code (optional). 4606 type: integer 4607 type: 4608 description: The ICMP type. 4609 type: integer 4610 type: object 4611 isStateless: 4612 description: A stateless rule allows 4613 traffic in one direction. Remember 4614 to add a corresponding stateless 4615 rule in the other direction if you 4616 need to support bidirectional traffic. 4617 For example, if egress traffic allows 4618 TCP destination port 80, there should 4619 be an ingress rule to allow TCP 4620 source port 80. Defaults to false, 4621 which means the rule is stateful 4622 and a corresponding rule is not 4623 necessary for bidirectional traffic. 4624 type: boolean 4625 protocol: 4626 description: The transport protocol. 4627 Specify either `all` or an IPv4 4628 protocol number as defined in Protocol 4629 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4630 Options are supported only for ICMP 4631 ("1"), TCP ("6"), UDP ("17"), and 4632 ICMPv6 ("58"). 4633 type: string 4634 tcpOptions: 4635 description: TcpOptions Optional and 4636 valid only for TCP. Use to specify 4637 particular destination ports for 4638 TCP rules. If you specify TCP as 4639 the protocol but omit this object, 4640 then all destination ports are allowed. 4641 properties: 4642 destinationPortRange: 4643 description: PortRange The representation 4644 of PortRange. 4645 properties: 4646 max: 4647 description: The maximum port 4648 number, which must not be 4649 less than the minimum port 4650 number. To specify a single 4651 port number, set both the 4652 min and max to the same 4653 value. 4654 type: integer 4655 min: 4656 description: The minimum port 4657 number, which must not be 4658 greater than the maximum 4659 port number. 4660 type: integer 4661 type: object 4662 sourcePortRange: 4663 description: PortRange The representation 4664 of PortRange. 4665 properties: 4666 max: 4667 description: The maximum port 4668 number, which must not be 4669 less than the minimum port 4670 number. To specify a single 4671 port number, set both the 4672 min and max to the same 4673 value. 4674 type: integer 4675 min: 4676 description: The minimum port 4677 number, which must not be 4678 greater than the maximum 4679 port number. 4680 type: integer 4681 type: object 4682 type: object 4683 udpOptions: 4684 description: UdpOptions Optional and 4685 valid only for UDP. Use to specify 4686 particular destination ports for 4687 UDP rules. If you specify UDP as 4688 the protocol but omit this object, 4689 then all destination ports are allowed. 4690 properties: 4691 destinationPortRange: 4692 description: PortRange The representation 4693 of PortRange. 4694 properties: 4695 max: 4696 description: The maximum port 4697 number, which must not be 4698 less than the minimum port 4699 number. To specify a single 4700 port number, set both the 4701 min and max to the same 4702 value. 4703 type: integer 4704 min: 4705 description: The minimum port 4706 number, which must not be 4707 greater than the maximum 4708 port number. 4709 type: integer 4710 type: object 4711 sourcePortRange: 4712 description: PortRange The representation 4713 of PortRange. 4714 properties: 4715 max: 4716 description: The maximum port 4717 number, which must not be 4718 less than the minimum port 4719 number. To specify a single 4720 port number, set both the 4721 min and max to the same 4722 value. 4723 type: integer 4724 min: 4725 description: The minimum port 4726 number, which must not be 4727 greater than the maximum 4728 port number. 4729 type: integer 4730 type: object 4731 type: object 4732 type: object 4733 type: array 4734 id: 4735 description: ID of the SecurityList. 4736 type: string 4737 ingressRules: 4738 description: IngressRules on the SecurityList. 4739 items: 4740 description: IngressSecurityRule A rule 4741 for allowing inbound IP packets. 4742 properties: 4743 description: 4744 description: An optional description 4745 of your choice for the rule. 4746 type: string 4747 icmpOptions: 4748 description: 'IcmpOptions Optional 4749 and valid only for ICMP and ICMPv6. 4750 Use to specify a particular ICMP 4751 type and code as defined in: - ICMP 4752 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 4753 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 4754 If you specify ICMP or ICMPv6 as 4755 the protocol but omit this object, 4756 then all ICMP types and codes are 4757 allowed. If you do provide this 4758 object, the type is required and 4759 the code is optional. To enable 4760 MTU negotiation for ingress internet 4761 traffic via IPv4, make sure to allow 4762 type 3 ("Destination Unreachable") 4763 code 4 ("Fragmentation Needed and 4764 Don''t Fragment was Set"). If you 4765 need to specify multiple codes for 4766 a single type, create a separate 4767 security list rule for each.' 4768 properties: 4769 code: 4770 description: The ICMP code (optional). 4771 type: integer 4772 type: 4773 description: The ICMP type. 4774 type: integer 4775 type: object 4776 isStateless: 4777 description: A stateless rule allows 4778 traffic in one direction. Remember 4779 to add a corresponding stateless 4780 rule in the other direction if you 4781 need to support bidirectional traffic. 4782 For example, if ingress traffic 4783 allows TCP destination port 80, 4784 there should be an egress rule to 4785 allow TCP source port 80. Defaults 4786 to false, which means the rule is 4787 stateful and a corresponding rule 4788 is not necessary for bidirectional 4789 traffic. 4790 type: boolean 4791 protocol: 4792 description: The transport protocol. 4793 Specify either `all` or an IPv4 4794 protocol number as defined in Protocol 4795 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 4796 Options are supported only for ICMP 4797 ("1"), TCP ("6"), UDP ("17"), and 4798 ICMPv6 ("58"). 4799 type: string 4800 source: 4801 description: 'Conceptually, this is 4802 the range of IP addresses that a 4803 packet coming into the instance 4804 can come from. Allowed values: * 4805 IP address range in CIDR notation. 4806 For example: `192.168.1.0/24` or 4807 `2001:0db8:0123:45::/56`. IPv6 addressing 4808 is supported for all commercial 4809 and government regions. See IPv6 4810 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 4811 * The `cidrBlock` value for a Service, 4812 if you''re setting up a security 4813 list rule for traffic coming from 4814 a particular `Service` through a 4815 service gateway. For example: `oci-phx-objectstorage`.' 4816 type: string 4817 sourceType: 4818 description: 'Type of source for the 4819 rule. The default is `CIDR_BLOCK`. 4820 * `CIDR_BLOCK`: If the rule''s `source` 4821 is an IP address range in CIDR notation. 4822 * `SERVICE_CIDR_BLOCK`: If the rule''s 4823 `source` is the `cidrBlock` value 4824 for a Service (the rule is for traffic 4825 coming from a particular `Service` 4826 through a service gateway).' 4827 type: string 4828 tcpOptions: 4829 description: TcpOptions Optional and 4830 valid only for TCP. Use to specify 4831 particular destination ports for 4832 TCP rules. If you specify TCP as 4833 the protocol but omit this object, 4834 then all destination ports are allowed. 4835 properties: 4836 destinationPortRange: 4837 description: PortRange The representation 4838 of PortRange. 4839 properties: 4840 max: 4841 description: The maximum port 4842 number, which must not be 4843 less than the minimum port 4844 number. To specify a single 4845 port number, set both the 4846 min and max to the same 4847 value. 4848 type: integer 4849 min: 4850 description: The minimum port 4851 number, which must not be 4852 greater than the maximum 4853 port number. 4854 type: integer 4855 type: object 4856 sourcePortRange: 4857 description: PortRange The representation 4858 of PortRange. 4859 properties: 4860 max: 4861 description: The maximum port 4862 number, which must not be 4863 less than the minimum port 4864 number. To specify a single 4865 port number, set both the 4866 min and max to the same 4867 value. 4868 type: integer 4869 min: 4870 description: The minimum port 4871 number, which must not be 4872 greater than the maximum 4873 port number. 4874 type: integer 4875 type: object 4876 type: object 4877 udpOptions: 4878 description: UdpOptions Optional and 4879 valid only for UDP. Use to specify 4880 particular destination ports for 4881 UDP rules. If you specify UDP as 4882 the protocol but omit this object, 4883 then all destination ports are allowed. 4884 properties: 4885 destinationPortRange: 4886 description: PortRange The representation 4887 of PortRange. 4888 properties: 4889 max: 4890 description: The maximum port 4891 number, which must not be 4892 less than the minimum port 4893 number. To specify a single 4894 port number, set both the 4895 min and max to the same 4896 value. 4897 type: integer 4898 min: 4899 description: The minimum port 4900 number, which must not be 4901 greater than the maximum 4902 port number. 4903 type: integer 4904 type: object 4905 sourcePortRange: 4906 description: PortRange The representation 4907 of PortRange. 4908 properties: 4909 max: 4910 description: The maximum port 4911 number, which must not be 4912 less than the minimum port 4913 number. To specify a single 4914 port number, set both the 4915 min and max to the same 4916 value. 4917 type: integer 4918 min: 4919 description: The minimum port 4920 number, which must not be 4921 greater than the maximum 4922 port number. 4923 type: integer 4924 type: object 4925 type: object 4926 type: object 4927 type: array 4928 name: 4929 description: SecurityList Name. 4930 type: string 4931 type: object 4932 type: 4933 description: Type defines the subnet type (e.g. 4934 public, private). 4935 type: string 4936 required: 4937 - name 4938 - role 4939 type: object 4940 type: array 4941 x-kubernetes-list-map-keys: 4942 - name 4943 x-kubernetes-list-type: map 4944 type: object 4945 vcnPeering: 4946 description: VCNPeering configuration. 4947 properties: 4948 drg: 4949 description: DRG configuration refers to the DRG which 4950 has to be created if required. If management cluster 4951 and workload cluster shares the same DRG, this fields 4952 is not required to be specified. 4953 properties: 4954 id: 4955 description: ID is the OCID for the created DRG. 4956 type: string 4957 manage: 4958 description: Manage defines whether the DRG has 4959 to be managed(including create). If set to false(the 4960 default) the ID has to be specified by the user 4961 to a valid DRG ID to which the VCN has to be 4962 attached. 4963 type: boolean 4964 name: 4965 description: Name is the name of the created DRG. 4966 type: string 4967 vcnAttachmentId: 4968 description: VcnAttachmentId is the ID of the 4969 VCN attachment of the DRG. The workload cluster 4970 VCN can be attached to either the management 4971 cluster VCN if they are sharing the same DRG 4972 or to the workload cluster DRG. 4973 type: string 4974 type: object 4975 peerRouteRules: 4976 description: PeerRouteRules defines the routing rules 4977 which will be added to the private route tables 4978 of the workload cluster VCN. The routes defined 4979 here will be directed to DRG. 4980 items: 4981 description: PeerRouteRule defines a Route Rule 4982 to be routed via a DRG. 4983 properties: 4984 vcnCIDRRange: 4985 description: VCNCIDRRange is the CIDR Range 4986 of peer VCN to which the workload cluster 4987 VCN will be peered. The CIDR range is required 4988 to add the route rule in the workload cluster 4989 VCN, the route rule will forward any traffic 4990 to the CIDR to the DRG. 4991 type: string 4992 type: object 4993 type: array 4994 remotePeeringConnections: 4995 description: RemotePeeringConnections defines the 4996 RPC connections which be established with the workload 4997 cluster DRG. 4998 items: 4999 description: RemotePeeringConnection is used to 5000 peer VCNs residing in different regions(typically). 5001 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 5002 properties: 5003 managePeerRPC: 5004 description: ManagePeerRPC will define if the 5005 Peer VCN needs to be managed. If set to true 5006 a Remote Peering Connection will be created 5007 in the Peer DRG and the connection will be 5008 created between local and peer RPC. 5009 type: boolean 5010 peerDRGId: 5011 description: PeerDRGId defines the DRG ID of 5012 the peer. 5013 type: string 5014 peerRPCConnectionId: 5015 description: PeerRPCConnectionId defines the 5016 RPC ID of peer. If ManagePeerRPC is set to 5017 true this will be created by Cluster API Provider 5018 for OCI, otherwise this has be defined by 5019 the user. 5020 type: string 5021 peerRegionName: 5022 description: PeerRegionName defined the region 5023 name of Peer VCN. 5024 type: string 5025 rpcConnectionId: 5026 description: RPCConnectionId is the connection 5027 ID of the connection between peer and local 5028 RPC. 5029 type: string 5030 type: object 5031 type: array 5032 type: object 5033 type: object 5034 ociResourceIdentifier: 5035 description: The unique ID which will be used to tag all the 5036 resources created by this Cluster. The tag will be used 5037 to identify resources belonging to this cluster. this will 5038 be auto-generated and should not be set by the user. 5039 type: string 5040 region: 5041 description: Region the cluster operates in. It must be one 5042 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 5043 type: string 5044 type: object 5045 required: 5046 - spec 5047 type: object 5048 required: 5049 - template 5050 type: object 5051 type: object 5052 served: true 5053 storage: true 5054 --- 5055 apiVersion: apiextensions.k8s.io/v1 5056 kind: CustomResourceDefinition 5057 metadata: 5058 annotations: 5059 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 5060 controller-gen.kubebuilder.io/version: v0.10.0 5061 labels: 5062 cluster.x-k8s.io/provider: infrastructure-oci 5063 cluster.x-k8s.io/v1beta1: v1beta1 5064 name: ocimachinepoolmachines.infrastructure.cluster.x-k8s.io 5065 spec: 5066 conversion: 5067 strategy: Webhook 5068 webhook: 5069 clientConfig: 5070 service: 5071 name: capoci-webhook-service 5072 namespace: cluster-api-provider-oci-system 5073 path: /convert 5074 conversionReviewVersions: 5075 - v1 5076 - v1beta1 5077 group: infrastructure.cluster.x-k8s.io 5078 names: 5079 kind: OCIMachinePoolMachine 5080 listKind: OCIMachinePoolMachineList 5081 plural: ocimachinepoolmachines 5082 singular: ocimachinepoolmachine 5083 scope: Namespaced 5084 versions: 5085 - name: v1beta1 5086 schema: 5087 openAPIV3Schema: 5088 properties: 5089 apiVersion: 5090 description: 'APIVersion defines the versioned schema of this representation 5091 of an object. Servers should convert recognized schemas to the latest 5092 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5093 type: string 5094 kind: 5095 description: 'Kind is a string value representing the REST resource this 5096 object represents. Servers may infer this from the endpoint the client 5097 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5098 type: string 5099 metadata: 5100 type: object 5101 spec: 5102 description: OCIMachinePoolMachineSpec defines the desired state of OCIMachinePoolMachine 5103 properties: 5104 instanceName: 5105 description: InstanceName is the name of the instance. 5106 type: string 5107 machineType: 5108 description: MachineType is the type of the machine. 5109 type: string 5110 ocid: 5111 description: OCID is the OCID of the associated instance. 5112 type: string 5113 providerID: 5114 description: ProviderID is the Oracle Cloud Identifier of the associated 5115 instance. 5116 type: string 5117 type: object 5118 status: 5119 description: OCIMachinePoolMachineStatus defines the observed state of 5120 OCIMachinePoolMachine 5121 properties: 5122 conditions: 5123 description: Conditions defines current service state of the OCIMachinePool. 5124 items: 5125 description: Condition defines an observation of a Cluster API resource 5126 operational state. 5127 properties: 5128 lastTransitionTime: 5129 description: Last time the condition transitioned from one status 5130 to another. This should be when the underlying condition changed. 5131 If that is not known, then using the time when the API field 5132 changed is acceptable. 5133 format: date-time 5134 type: string 5135 message: 5136 description: A human readable message indicating details about 5137 the transition. This field may be empty. 5138 type: string 5139 reason: 5140 description: The reason for the condition's last transition 5141 in CamelCase. The specific API may choose whether or not this 5142 field is considered a guaranteed API. This field may not be 5143 empty. 5144 type: string 5145 severity: 5146 description: Severity provides an explicit classification of 5147 Reason code, so the users or machines can immediately understand 5148 the current situation and act accordingly. The Severity field 5149 MUST be set only when Status=False. 5150 type: string 5151 status: 5152 description: Status of the condition, one of True, False, Unknown. 5153 type: string 5154 type: 5155 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 5156 Many .condition.type values are consistent across resources 5157 like Available, but because arbitrary conditions can be useful 5158 (see .node.status.conditions), the ability to deconflict is 5159 important. 5160 type: string 5161 required: 5162 - lastTransitionTime 5163 - status 5164 - type 5165 type: object 5166 type: array 5167 ready: 5168 description: Flag set to true when machine is ready. 5169 type: boolean 5170 type: object 5171 type: object 5172 served: true 5173 storage: false 5174 subresources: 5175 status: {} 5176 - name: v1beta2 5177 schema: 5178 openAPIV3Schema: 5179 properties: 5180 apiVersion: 5181 description: 'APIVersion defines the versioned schema of this representation 5182 of an object. Servers should convert recognized schemas to the latest 5183 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5184 type: string 5185 kind: 5186 description: 'Kind is a string value representing the REST resource this 5187 object represents. Servers may infer this from the endpoint the client 5188 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5189 type: string 5190 metadata: 5191 type: object 5192 spec: 5193 description: OCIMachinePoolMachineSpec defines the desired state of OCIMachinePoolMachine 5194 properties: 5195 instanceName: 5196 description: InstanceName is the name of the instance. 5197 type: string 5198 machineType: 5199 description: MachineType is the type of the machine. 5200 type: string 5201 ocid: 5202 description: OCID is the OCID of the associated instance. 5203 type: string 5204 providerID: 5205 description: ProviderID is Oracle Cloud Identifier of the associated 5206 instance. 5207 type: string 5208 type: object 5209 status: 5210 description: OCIMachinePoolMachineStatus defines the observed state of 5211 OCIMachinePoolMachine 5212 properties: 5213 conditions: 5214 description: Conditions defines current service state of the OCIMachinePool. 5215 items: 5216 description: Condition defines an observation of a Cluster API resource 5217 operational state. 5218 properties: 5219 lastTransitionTime: 5220 description: Last time the condition transitioned from one status 5221 to another. This should be when the underlying condition changed. 5222 If that is not known, then using the time when the API field 5223 changed is acceptable. 5224 format: date-time 5225 type: string 5226 message: 5227 description: A human readable message indicating details about 5228 the transition. This field may be empty. 5229 type: string 5230 reason: 5231 description: The reason for the condition's last transition 5232 in CamelCase. The specific API may choose whether or not this 5233 field is considered a guaranteed API. This field may not be 5234 empty. 5235 type: string 5236 severity: 5237 description: Severity provides an explicit classification of 5238 Reason code, so the users or machines can immediately understand 5239 the current situation and act accordingly. The Severity field 5240 MUST be set only when Status=False. 5241 type: string 5242 status: 5243 description: Status of the condition, one of True, False, Unknown. 5244 type: string 5245 type: 5246 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 5247 Many .condition.type values are consistent across resources 5248 like Available, but because arbitrary conditions can be useful 5249 (see .node.status.conditions), the ability to deconflict is 5250 important. 5251 type: string 5252 required: 5253 - lastTransitionTime 5254 - status 5255 - type 5256 type: object 5257 type: array 5258 ready: 5259 description: Flag set to true when machine is ready. 5260 type: boolean 5261 type: object 5262 type: object 5263 served: true 5264 storage: true 5265 subresources: 5266 status: {} 5267 --- 5268 apiVersion: apiextensions.k8s.io/v1 5269 kind: CustomResourceDefinition 5270 metadata: 5271 annotations: 5272 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 5273 controller-gen.kubebuilder.io/version: v0.10.0 5274 labels: 5275 cluster.x-k8s.io/provider: infrastructure-oci 5276 cluster.x-k8s.io/v1beta1: v1beta1 5277 name: ocimachinepools.infrastructure.cluster.x-k8s.io 5278 spec: 5279 conversion: 5280 strategy: Webhook 5281 webhook: 5282 clientConfig: 5283 service: 5284 name: capoci-webhook-service 5285 namespace: cluster-api-provider-oci-system 5286 path: /convert 5287 conversionReviewVersions: 5288 - v1 5289 - v1beta1 5290 group: infrastructure.cluster.x-k8s.io 5291 names: 5292 kind: OCIMachinePool 5293 listKind: OCIMachinePoolList 5294 plural: ocimachinepools 5295 singular: ocimachinepool 5296 scope: Namespaced 5297 versions: 5298 - name: v1beta1 5299 schema: 5300 openAPIV3Schema: 5301 properties: 5302 apiVersion: 5303 description: 'APIVersion defines the versioned schema of this representation 5304 of an object. Servers should convert recognized schemas to the latest 5305 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5306 type: string 5307 kind: 5308 description: 'Kind is a string value representing the REST resource this 5309 object represents. Servers may infer this from the endpoint the client 5310 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5311 type: string 5312 metadata: 5313 type: object 5314 spec: 5315 description: OCIMachinePoolSpec defines the desired state of OCIMachinePool 5316 properties: 5317 instanceConfiguration: 5318 description: InstanceConfiguration defines the configuration of the 5319 instance pool instances. 5320 properties: 5321 agentConfig: 5322 description: AgentConfig defines the options for the Oracle Cloud 5323 Agent software running on the instance. 5324 properties: 5325 areAllPluginsDisabled: 5326 description: AreAllPluginsDisabled defines whether Oracle 5327 Cloud Agent can run all the available plugins. This includes 5328 the management and monitoring plugins. To get a list of 5329 available plugins, use the ListInstanceagentAvailablePlugins 5330 operation in the Oracle Cloud Agent API. For more information 5331 about the available plugins, see Managing Plugins with Oracle 5332 Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5333 type: boolean 5334 isManagementDisabled: 5335 description: 'IsManagementDisabled defines whether Oracle 5336 Cloud Agent can run all the available management plugins. 5337 Default value is false (management plugins are enabled). 5338 These are the management plugins: OS Management Service 5339 Agent and Compute Instance Run Command. The management plugins 5340 are controlled by this parameter and by the per-plugin configuration 5341 in the `pluginsConfig` object. - If `isManagementDisabled` 5342 is true, all of the management plugins are disabled, regardless 5343 of the per-plugin configuration. - If `isManagementDisabled` 5344 is false, all of the management plugins are enabled. You 5345 can optionally disable individual management plugins by 5346 providing a value in the `pluginsConfig` object.' 5347 type: boolean 5348 isMonitoringDisabled: 5349 description: 'IsMonitoringDisabled defines whether Oracle 5350 Cloud Agent can gather performance metrics and monitor the 5351 instance using the monitoring plugins. Default value is 5352 false (monitoring plugins are enabled). These are the monitoring 5353 plugins: Compute Instance Monitoring and Custom Logs Monitoring. 5354 The monitoring plugins are controlled by this parameter 5355 and by the per-plugin configuration in the `pluginsConfig` 5356 object. - If `isMonitoringDisabled` is true, all of the 5357 monitoring plugins are disabled, regardless of the per-plugin 5358 configuration. - If `isMonitoringDisabled` is false, all 5359 of the monitoring plugins are enabled. You can optionally 5360 disable individual monitoring plugins by providing a value 5361 in the `pluginsConfig` object.' 5362 type: boolean 5363 pluginsConfigs: 5364 description: PluginsConfig defines the configuration of plugins 5365 associated with this instance. 5366 items: 5367 description: InstanceAgentPluginConfig defines the configuration 5368 of plugins associated with this instance. 5369 properties: 5370 desiredState: 5371 description: 'DesiredState defines whether the plugin 5372 should be enabled or disabled. To enable the monitoring 5373 and management plugins, the `isMonitoringDisabled` 5374 and `isManagementDisabled` attributes must also be 5375 set to false. The following values are supported: 5376 * `ENABLED` * `DISABLED`' 5377 type: string 5378 name: 5379 description: Name defines the name of the plugin. To 5380 get a list of available plugins, use the ListInstanceagentAvailablePlugins 5381 operation in the Oracle Cloud Agent API. For more 5382 information about the available plugins, see Managing 5383 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 5384 type: string 5385 type: object 5386 type: array 5387 type: object 5388 availabilityConfig: 5389 description: LaunchInstanceAvailabilityConfig defines the options 5390 for VM migration during infrastructure maintenance events and 5391 for defining the availability of a VM instance after a maintenance 5392 event that impacts the underlying hardware. 5393 properties: 5394 isLiveMigrationPreferred: 5395 description: IsLiveMigrationPreferred defines whether to live 5396 migrate supported VM instances to a healthy physical VM 5397 host without disrupting running instances during infrastructure 5398 maintenance events. If null, Oracle chooses the best option 5399 for migrating the VM during infrastructure maintenance events. 5400 type: boolean 5401 recoveryAction: 5402 description: RecoveryAction defines the lifecycle state for 5403 an instance when it is recovered after infrastructure maintenance. 5404 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 5405 state it was in before the maintenance event. If the instance 5406 was running, it is automatically rebooted. This is the default 5407 action when a value is not set. * `STOP_INSTANCE` - The 5408 instance is recovered in the stopped state. 5409 type: string 5410 type: object 5411 capacityReservationId: 5412 description: CapacityReservationId defines the OCID of the compute 5413 capacity reservation this instance is launched under. You can 5414 opt out of all default reservations by specifying an empty string 5415 as input for this field. For more information, see Capacity 5416 Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 5417 type: string 5418 dedicatedVmHostId: 5419 description: DedicatedVmHostId defines the OCID of the dedicated 5420 VM host. 5421 type: string 5422 instanceConfigurationId: 5423 type: string 5424 instanceOptions: 5425 description: InstanceOptions defines the instance options 5426 properties: 5427 areLegacyImdsEndpointsDisabled: 5428 description: Whether to disable the legacy (/v1) instance 5429 metadata service endpoints. Customers who have migrated 5430 to /v2 should set this to true for added security. Default 5431 is false. 5432 type: boolean 5433 type: object 5434 instanceSourceViaImageConfig: 5435 description: InstanceSourceViaImageConfig defines the options 5436 for booting up instances via images 5437 properties: 5438 bootVolumeSizeInGBs: 5439 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 5440 to extend the boot volume size. 5441 format: int64 5442 type: integer 5443 bootVolumeVpusPerGB: 5444 description: 'BootVolumeVpusPerGB defines the number of volume 5445 performance units (VPUs) that will be applied to this volume 5446 per GB, representing the Block Volume service''s elastic 5447 performance options. See Block Volume Performance Levels 5448 (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 5449 for more information. Allowed values: * `10`: Represents 5450 Balanced option. * `20`: Represents Higher Performance option. 5451 * `30`-`120`: Represents the Ultra High Performance option. 5452 For volumes with the auto-tuned performance feature enabled, 5453 this is set to the default (minimum) VPUs/GB.' 5454 format: int64 5455 type: integer 5456 imageId: 5457 description: OCID of the image to be used to launch the instance. 5458 type: string 5459 kmsKeyId: 5460 description: KmsKeyId defines the OCID of the Key Management 5461 key to assign as the master encryption key for the boot 5462 volume. 5463 type: string 5464 type: object 5465 instanceVnicConfiguration: 5466 description: NetworkDetails defines the configuration options 5467 for the network 5468 properties: 5469 assignPrivateDnsRecord: 5470 description: AssignPrivateDnsRecord defines whether the VNIC 5471 should be assigned a DNS record. 5472 type: boolean 5473 assignPublicIp: 5474 description: AssignPublicIp defines whether the instance should 5475 have a public IP address 5476 type: boolean 5477 displayName: 5478 description: DisplayName defines a user-friendly name. Does 5479 not have to be unique, and it's changeable. Avoid entering 5480 confidential information. 5481 type: string 5482 hostnameLabel: 5483 description: HostnameLabel defines the hostname for the VNIC's 5484 primary private IP. Used for DNS. 5485 type: string 5486 nsgId: 5487 description: NSGId defines the ID of the NSG to use. This 5488 parameter takes priority over NsgNames. 5489 type: string 5490 nsgNames: 5491 description: NsgNames defines a list of the nsg names of the 5492 network security groups (NSGs) to add the VNIC to. 5493 items: 5494 type: string 5495 type: array 5496 skipSourceDestCheck: 5497 description: SkipSourceDestCheck defines whether the source/destination 5498 check is disabled on the VNIC. 5499 type: boolean 5500 subnetId: 5501 description: SubnetId defines the ID of the subnet to use. 5502 This parameter takes priority over SubnetName. 5503 type: string 5504 subnetName: 5505 description: SubnetName defines the subnet name to use for 5506 the VNIC 5507 type: string 5508 type: object 5509 isPvEncryptionInTransitEnabled: 5510 default: true 5511 description: Is in transit encryption of volumes required. 5512 type: boolean 5513 launchOptions: 5514 description: LaunchOptions defines the options for tuning the 5515 compatibility and performance of VM shapes 5516 properties: 5517 bootVolumeType: 5518 description: BootVolumeType defines Emulation type for the 5519 boot volume. * `ISCSI` - ISCSI attached block storage device. 5520 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 5521 * `VFIO` - Direct attached Virtual Function storage. This 5522 is the default option for local data volumes on platform 5523 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 5524 is the default for boot volumes and remote block storage 5525 volumes on platform images. 5526 type: string 5527 firmware: 5528 description: Firmware defines the firmware used to boot VM. 5529 Select the option that matches your operating system. * 5530 `BIOS` - Boot VM using BIOS style firmware. This is compatible 5531 with both 32 bit and 64 bit operating systems that boot 5532 using MBR style bootloaders. * `UEFI_64` - Boot VM using 5533 UEFI style firmware compatible with 64 bit operating systems. 5534 This is the default for platform images. 5535 type: string 5536 isConsistentVolumeNamingEnabled: 5537 description: IsConsistentVolumeNamingEnabled defines whether 5538 to enable consistent volume naming feature. Defaults to 5539 false. 5540 type: boolean 5541 networkType: 5542 description: NetworkType defines the emulation type for the 5543 physical network interface card (NIC). * `E1000` - Emulated 5544 Gigabit ethernet controller. Compatible with Linux e1000 5545 network driver. * `VFIO` - Direct attached Virtual Function 5546 network controller. This is the networking type when you 5547 launch an instance using hardware-assisted (SR-IOV) networking. 5548 * `PARAVIRTUALIZED` - VM instances launch with paravirtualized 5549 devices using VirtIO drivers. 5550 type: string 5551 remoteDataVolumeType: 5552 description: RemoteDataVolumeType defines the emulation type 5553 for volume. * `ISCSI` - ISCSI attached block storage device. 5554 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 5555 * `VFIO` - Direct attached Virtual Function storage. This 5556 is the default option for local data volumes on platform 5557 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 5558 is the default for boot volumes and remote block storage 5559 volumes on platform images. 5560 type: string 5561 type: object 5562 metadata: 5563 additionalProperties: 5564 type: string 5565 description: Custom metadata key/value pairs that you provide, 5566 such as the SSH public key required to connect to the instance. 5567 type: object 5568 platformConfig: 5569 description: PlatformConfig defines the platform config parameters 5570 properties: 5571 amdMilanBmPlatformConfig: 5572 description: AmdMilanBmPlatformConfig describe AMD Milan BM 5573 platform configuration 5574 properties: 5575 areVirtualInstructionsEnabled: 5576 description: Whether virtualization instructions are available. 5577 For example, Secure Virtual Machine for AMD shapes or 5578 VT-x for Intel shapes. 5579 type: boolean 5580 isAccessControlServiceEnabled: 5581 description: Whether the Access Control Service is enabled 5582 on the instance. When enabled, the platform can enforce 5583 PCIe device isolation, required for VFIO device pass-through. 5584 type: boolean 5585 isInputOutputMemoryManagementUnitEnabled: 5586 description: Whether the input-output memory management 5587 unit is enabled. 5588 type: boolean 5589 isMeasuredBootEnabled: 5590 description: Whether the Measured Boot feature is enabled 5591 on the instance. 5592 type: boolean 5593 isMemoryEncryptionEnabled: 5594 description: Whether the instance is a confidential instance. 5595 If this value is `true`, the instance is a confidential 5596 instance. The default value is `false`. 5597 type: boolean 5598 isSecureBootEnabled: 5599 description: Whether Secure Boot is enabled on the instance. 5600 type: boolean 5601 isSymmetricMultiThreadingEnabled: 5602 description: Whether symmetric multithreading is enabled 5603 on the instance. Symmetric multithreading is also called 5604 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5605 Intel and AMD processors have two hardware execution 5606 threads per core (OCPU). SMT permits multiple independent 5607 threads of execution, to better use the resources and 5608 increase the efficiency of the CPU. When multithreading 5609 is disabled, only one thread is permitted to run on 5610 each core, which can provide higher or more predictable 5611 performance for some workloads. 5612 type: boolean 5613 isTrustedPlatformModuleEnabled: 5614 description: Whether the Trusted Platform Module (TPM) 5615 is enabled on the instance. 5616 type: boolean 5617 numaNodesPerSocket: 5618 description: 'The number of NUMA nodes per socket (NPS). 5619 The following values are supported: * `NPS0` * `NPS1` 5620 * `NPS2` * `NPS4`' 5621 type: string 5622 percentageOfCoresEnabled: 5623 description: The percentage of cores enabled. Value must 5624 be a multiple of 25%. If the requested percentage results 5625 in a fractional number of cores, the system rounds up 5626 the number of cores across processors and provisions 5627 an instance with a whole number of cores. If the applications 5628 that you run on the instance use a core-based licensing 5629 model and need fewer cores than the full size of the 5630 shape, you can disable cores to reduce your licensing 5631 costs. The instance itself is billed for the full shape, 5632 regardless of whether all cores are enabled. 5633 type: integer 5634 type: object 5635 amdRomeBmGpuPlatformConfig: 5636 description: AmdMilanBmPlatformConfig describe AMD Rome BM 5637 platform configuration 5638 properties: 5639 areVirtualInstructionsEnabled: 5640 description: Whether virtualization instructions are available. 5641 For example, Secure Virtual Machine for AMD shapes or 5642 VT-x for Intel shapes. 5643 type: boolean 5644 isAccessControlServiceEnabled: 5645 description: Whether the Access Control Service is enabled 5646 on the instance. When enabled, the platform can enforce 5647 PCIe device isolation, required for VFIO device pass-through. 5648 type: boolean 5649 isInputOutputMemoryManagementUnitEnabled: 5650 description: Whether the input-output memory management 5651 unit is enabled. 5652 type: boolean 5653 isMeasuredBootEnabled: 5654 description: Whether the Measured Boot feature is enabled 5655 on the instance. 5656 type: boolean 5657 isMemoryEncryptionEnabled: 5658 description: Whether the instance is a confidential instance. 5659 If this value is `true`, the instance is a confidential 5660 instance. The default value is `false`. 5661 type: boolean 5662 isSecureBootEnabled: 5663 description: Whether Secure Boot is enabled on the instance. 5664 type: boolean 5665 isSymmetricMultiThreadingEnabled: 5666 description: Whether symmetric multithreading is enabled 5667 on the instance. Symmetric multithreading is also called 5668 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5669 Intel and AMD processors have two hardware execution 5670 threads per core (OCPU). SMT permits multiple independent 5671 threads of execution, to better use the resources and 5672 increase the efficiency of the CPU. When multithreading 5673 is disabled, only one thread is permitted to run on 5674 each core, which can provide higher or more predictable 5675 performance for some workloads. 5676 type: boolean 5677 isTrustedPlatformModuleEnabled: 5678 description: Whether the Trusted Platform Module (TPM) 5679 is enabled on the instance. 5680 type: boolean 5681 numaNodesPerSocket: 5682 description: 'The number of NUMA nodes per socket (NPS). 5683 The following values are supported: * `NPS0` * `NPS1` 5684 * `NPS2` * `NPS4`' 5685 type: string 5686 type: object 5687 amdRomeBmPlatformConfig: 5688 description: AmdMilanBmPlatformConfig describe AMD Rome BM 5689 platform configuration 5690 properties: 5691 areVirtualInstructionsEnabled: 5692 description: Whether virtualization instructions are available. 5693 For example, Secure Virtual Machine for AMD shapes or 5694 VT-x for Intel shapes. 5695 type: boolean 5696 isAccessControlServiceEnabled: 5697 description: Whether the Access Control Service is enabled 5698 on the instance. When enabled, the platform can enforce 5699 PCIe device isolation, required for VFIO device pass-through. 5700 type: boolean 5701 isInputOutputMemoryManagementUnitEnabled: 5702 description: Whether the input-output memory management 5703 unit is enabled. 5704 type: boolean 5705 isMeasuredBootEnabled: 5706 description: Whether the Measured Boot feature is enabled 5707 on the instance. 5708 type: boolean 5709 isMemoryEncryptionEnabled: 5710 description: Whether the instance is a confidential instance. 5711 If this value is `true`, the instance is a confidential 5712 instance. The default value is `false`. 5713 type: boolean 5714 isSecureBootEnabled: 5715 description: Whether Secure Boot is enabled on the instance. 5716 type: boolean 5717 isSymmetricMultiThreadingEnabled: 5718 description: Whether symmetric multithreading is enabled 5719 on the instance. Symmetric multithreading is also called 5720 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5721 Intel and AMD processors have two hardware execution 5722 threads per core (OCPU). SMT permits multiple independent 5723 threads of execution, to better use the resources and 5724 increase the efficiency of the CPU. When multithreading 5725 is disabled, only one thread is permitted to run on 5726 each core, which can provide higher or more predictable 5727 performance for some workloads. 5728 type: boolean 5729 isTrustedPlatformModuleEnabled: 5730 description: Whether the Trusted Platform Module (TPM) 5731 is enabled on the instance. 5732 type: boolean 5733 numaNodesPerSocket: 5734 description: 'The number of NUMA nodes per socket (NPS). 5735 The following values are supported: * `NPS0` * `NPS1` 5736 * `NPS2` * `NPS4`' 5737 type: string 5738 percentageOfCoresEnabled: 5739 description: The percentage of cores enabled. Value must 5740 be a multiple of 25%. If the requested percentage results 5741 in a fractional number of cores, the system rounds up 5742 the number of cores across processors and provisions 5743 an instance with a whole number of cores. If the applications 5744 that you run on the instance use a core-based licensing 5745 model and need fewer cores than the full size of the 5746 shape, you can disable cores to reduce your licensing 5747 costs. The instance itself is billed for the full shape, 5748 regardless of whether all cores are enabled. 5749 type: integer 5750 type: object 5751 amdVmPlatformConfig: 5752 description: AmdMilanBmPlatformConfig describe AMD VM platform 5753 configuration 5754 properties: 5755 isMeasuredBootEnabled: 5756 description: Whether the Measured Boot feature is enabled 5757 on the instance. 5758 type: boolean 5759 isMemoryEncryptionEnabled: 5760 description: Whether the instance is a confidential instance. 5761 If this value is `true`, the instance is a confidential 5762 instance. The default value is `false`. 5763 type: boolean 5764 isSecureBootEnabled: 5765 description: Whether Secure Boot is enabled on the instance. 5766 type: boolean 5767 isTrustedPlatformModuleEnabled: 5768 description: Whether the Trusted Platform Module (TPM) 5769 is enabled on the instance. 5770 type: boolean 5771 type: object 5772 intelIcelakeBmPlatformConfig: 5773 description: AmdMilanBmPlatformConfig describe Intel Skylke 5774 BM platform configuration 5775 properties: 5776 isInputOutputMemoryManagementUnitEnabled: 5777 description: Whether the input-output memory management 5778 unit is enabled. 5779 type: boolean 5780 isMeasuredBootEnabled: 5781 description: Whether the Measured Boot feature is enabled 5782 on the instance. 5783 type: boolean 5784 isMemoryEncryptionEnabled: 5785 description: Whether the instance is a confidential instance. 5786 If this value is `true`, the instance is a confidential 5787 instance. The default value is `false`. 5788 type: boolean 5789 isSecureBootEnabled: 5790 description: Whether Secure Boot is enabled on the instance. 5791 type: boolean 5792 isSymmetricMultiThreadingEnabled: 5793 description: Whether symmetric multithreading is enabled 5794 on the instance. Symmetric multithreading is also called 5795 simultaneous multithreading (SMT) or Intel Hyper-Threading. 5796 Intel and AMD processors have two hardware execution 5797 threads per core (OCPU). SMT permits multiple independent 5798 threads of execution, to better use the resources and 5799 increase the efficiency of the CPU. When multithreading 5800 is disabled, only one thread is permitted to run on 5801 each core, which can provide higher or more predictable 5802 performance for some workloads. 5803 type: boolean 5804 isTrustedPlatformModuleEnabled: 5805 description: Whether the Trusted Platform Module (TPM) 5806 is enabled on the instance. 5807 type: boolean 5808 numaNodesPerSocket: 5809 description: 'The number of NUMA nodes per socket (NPS). 5810 The following values are supported: * `NPS1` * `NPS2`' 5811 type: string 5812 percentageOfCoresEnabled: 5813 description: The percentage of cores enabled. Value must 5814 be a multiple of 25%. If the requested percentage results 5815 in a fractional number of cores, the system rounds up 5816 the number of cores across processors and provisions 5817 an instance with a whole number of cores. If the applications 5818 that you run on the instance use a core-based licensing 5819 model and need fewer cores than the full size of the 5820 shape, you can disable cores to reduce your licensing 5821 costs. The instance itself is billed for the full shape, 5822 regardless of whether all cores are enabled. 5823 type: integer 5824 type: object 5825 intelSkylakeBmPlatformConfig: 5826 description: AmdMilanBmPlatformConfig describe Intel Skylke 5827 BM platform configuration 5828 properties: 5829 isMeasuredBootEnabled: 5830 description: Whether the Measured Boot feature is enabled 5831 on the instance. 5832 type: boolean 5833 isMemoryEncryptionEnabled: 5834 description: Whether the instance is a confidential instance. 5835 If this value is `true`, the instance is a confidential 5836 instance. The default value is `false`. 5837 type: boolean 5838 isSecureBootEnabled: 5839 description: Whether Secure Boot is enabled on the instance. 5840 type: boolean 5841 isTrustedPlatformModuleEnabled: 5842 description: Whether the Trusted Platform Module (TPM) 5843 is enabled on the instance. 5844 type: boolean 5845 type: object 5846 intelVmPlatformConfig: 5847 description: AmdMilanBmPlatformConfig describe Intel VM platform 5848 configuration 5849 properties: 5850 isMeasuredBootEnabled: 5851 description: Whether the Measured Boot feature is enabled 5852 on the instance. 5853 type: boolean 5854 isMemoryEncryptionEnabled: 5855 description: Whether the instance is a confidential instance. 5856 If this value is `true`, the instance is a confidential 5857 instance. The default value is `false`. 5858 type: boolean 5859 isSecureBootEnabled: 5860 description: Whether Secure Boot is enabled on the instance. 5861 type: boolean 5862 isTrustedPlatformModuleEnabled: 5863 description: Whether the Trusted Platform Module (TPM) 5864 is enabled on the instance. 5865 type: boolean 5866 type: object 5867 platformConfigType: 5868 description: The type of platform configuration. Valid values 5869 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 5870 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 5871 Based on the enum, exactly one of the specific configuration 5872 types must be set 5873 type: string 5874 type: object 5875 preemptibleInstanceConfig: 5876 description: PreemptibleInstanceConfig Configuration options for 5877 preemptible instances. 5878 properties: 5879 terminatePreemptionAction: 5880 description: TerminatePreemptionAction terminates the preemptible 5881 instance when it is interrupted for eviction. 5882 properties: 5883 preserveBootVolume: 5884 description: PreserveBootVolume defines whether to preserve 5885 the boot volume that was used to launch the preemptible 5886 instance when the instance is terminated. Defaults to 5887 false if not specified. 5888 type: boolean 5889 type: object 5890 type: object 5891 shape: 5892 type: string 5893 shapeConfig: 5894 description: The shape configuration of the instance, applicable 5895 for flex instances. 5896 properties: 5897 baselineOcpuUtilization: 5898 description: 'The baseline OCPU utilization for a subcore 5899 burstable VM instance. Leave this attribute blank for a 5900 non-burstable instance, or explicitly specify non-burstable 5901 with `BASELINE_1_1`. The following values are supported: 5902 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` 5903 - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline 5904 usage is an entire OCPU. This represents a non-burstable 5905 instance.' 5906 type: string 5907 memoryInGBs: 5908 description: The total amount of memory available to the instance, 5909 in gigabytes. 5910 type: string 5911 nvmes: 5912 description: Nvmes defines the number of NVMe drives to be 5913 used for storage. A single drive has 6.8 TB available. 5914 type: integer 5915 ocpus: 5916 description: The total number of OCPUs available to the instance. 5917 type: string 5918 type: object 5919 type: object 5920 ocid: 5921 description: OCID is the OCID of the associated InstancePool 5922 type: string 5923 placementDetails: 5924 description: PlacementDetails defines the placement details of the 5925 instance pool. 5926 items: 5927 properties: 5928 availabilityDomain: 5929 description: The availability domain to place instances. 5930 type: integer 5931 required: 5932 - availabilityDomain 5933 type: object 5934 type: array 5935 providerID: 5936 description: ProviderID is the OCID of the associated InstancePool 5937 in a provider format 5938 type: string 5939 providerIDList: 5940 description: ProviderIDList are the identification IDs of machine 5941 instances provided by the provider. This field must match the provider 5942 IDs as seen on the node objects corresponding to a machine pool's 5943 machine instances. 5944 items: 5945 type: string 5946 type: array 5947 type: object 5948 status: 5949 description: OCIMachinePoolStatus defines the observed state of OCIMachinePool 5950 properties: 5951 conditions: 5952 description: Conditions defines current service state of the OCIMachinePool. 5953 items: 5954 description: Condition defines an observation of a Cluster API resource 5955 operational state. 5956 properties: 5957 lastTransitionTime: 5958 description: Last time the condition transitioned from one status 5959 to another. This should be when the underlying condition changed. 5960 If that is not known, then using the time when the API field 5961 changed is acceptable. 5962 format: date-time 5963 type: string 5964 message: 5965 description: A human readable message indicating details about 5966 the transition. This field may be empty. 5967 type: string 5968 reason: 5969 description: The reason for the condition's last transition 5970 in CamelCase. The specific API may choose whether or not this 5971 field is considered a guaranteed API. This field may not be 5972 empty. 5973 type: string 5974 severity: 5975 description: Severity provides an explicit classification of 5976 Reason code, so the users or machines can immediately understand 5977 the current situation and act accordingly. The Severity field 5978 MUST be set only when Status=False. 5979 type: string 5980 status: 5981 description: Status of the condition, one of True, False, Unknown. 5982 type: string 5983 type: 5984 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 5985 Many .condition.type values are consistent across resources 5986 like Available, but because arbitrary conditions can be useful 5987 (see .node.status.conditions), the ability to deconflict is 5988 important. 5989 type: string 5990 required: 5991 - lastTransitionTime 5992 - status 5993 - type 5994 type: object 5995 type: array 5996 failureMessage: 5997 type: string 5998 failureReason: 5999 description: MachineStatusError defines errors states for Machine 6000 objects. 6001 type: string 6002 infrastructureMachineKind: 6003 description: InfrastructureMachineKind is the kind of the infrastructure 6004 resources behind MachinePool Machines. 6005 type: string 6006 ready: 6007 description: Ready is true when the provider resource is ready. 6008 type: boolean 6009 replicas: 6010 description: Replicas is the most recently observed number of replicas 6011 format: int32 6012 type: integer 6013 type: object 6014 type: object 6015 served: true 6016 storage: false 6017 subresources: 6018 status: {} 6019 - name: v1beta2 6020 schema: 6021 openAPIV3Schema: 6022 properties: 6023 apiVersion: 6024 description: 'APIVersion defines the versioned schema of this representation 6025 of an object. Servers should convert recognized schemas to the latest 6026 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6027 type: string 6028 kind: 6029 description: 'Kind is a string value representing the REST resource this 6030 object represents. Servers may infer this from the endpoint the client 6031 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6032 type: string 6033 metadata: 6034 type: object 6035 spec: 6036 description: OCIMachinePoolSpec defines the desired state of OCIMachinePool 6037 properties: 6038 instanceConfiguration: 6039 description: InstanceConfiguration defines the configuration of the 6040 instance pool instances. 6041 properties: 6042 agentConfig: 6043 description: AgentConfig defines the options for the Oracle Cloud 6044 Agent software running on the instance. 6045 properties: 6046 areAllPluginsDisabled: 6047 description: AreAllPluginsDisabled defines whether Oracle 6048 Cloud Agent can run all the available plugins. This includes 6049 the management and monitoring plugins. To get a list of 6050 available plugins, use the ListInstanceagentAvailablePlugins 6051 operation in the Oracle Cloud Agent API. For more information 6052 about the available plugins, see Managing Plugins with Oracle 6053 Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6054 type: boolean 6055 isManagementDisabled: 6056 description: 'IsManagementDisabled defines whether Oracle 6057 Cloud Agent can run all the available management plugins. 6058 Default value is false (management plugins are enabled). 6059 These are the management plugins: OS Management Service 6060 Agent and Compute Instance Run Command. The management plugins 6061 are controlled by this parameter and by the per-plugin configuration 6062 in the `pluginsConfig` object. - If `isManagementDisabled` 6063 is true, all of the management plugins are disabled, regardless 6064 of the per-plugin configuration. - If `isManagementDisabled` 6065 is false, all of the management plugins are enabled. You 6066 can optionally disable individual management plugins by 6067 providing a value in the `pluginsConfig` object.' 6068 type: boolean 6069 isMonitoringDisabled: 6070 description: 'IsMonitoringDisabled defines whether Oracle 6071 Cloud Agent can gather performance metrics and monitor the 6072 instance using the monitoring plugins. Default value is 6073 false (monitoring plugins are enabled). These are the monitoring 6074 plugins: Compute Instance Monitoring and Custom Logs Monitoring. 6075 The monitoring plugins are controlled by this parameter 6076 and by the per-plugin configuration in the `pluginsConfig` 6077 object. - If `isMonitoringDisabled` is true, all of the 6078 monitoring plugins are disabled, regardless of the per-plugin 6079 configuration. - If `isMonitoringDisabled` is false, all 6080 of the monitoring plugins are enabled. You can optionally 6081 disable individual monitoring plugins by providing a value 6082 in the `pluginsConfig` object.' 6083 type: boolean 6084 pluginsConfigs: 6085 description: PluginsConfig defines the configuration of plugins 6086 associated with this instance. 6087 items: 6088 description: InstanceAgentPluginConfig defines the configuration 6089 of plugins associated with this instance. 6090 properties: 6091 desiredState: 6092 description: 'DesiredState defines whether the plugin 6093 should be enabled or disabled. To enable the monitoring 6094 and management plugins, the `isMonitoringDisabled` 6095 and `isManagementDisabled` attributes must also be 6096 set to false. The following values are supported: 6097 * `ENABLED` * `DISABLED`' 6098 type: string 6099 name: 6100 description: Name defines the name of the plugin. To 6101 get a list of available plugins, use the ListInstanceagentAvailablePlugins 6102 operation in the Oracle Cloud Agent API. For more 6103 information about the available plugins, see Managing 6104 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6105 type: string 6106 type: object 6107 type: array 6108 type: object 6109 availabilityConfig: 6110 description: LaunchInstanceAvailabilityConfig defines the options 6111 for VM migration during infrastructure maintenance events and 6112 for defining the availability of a VM instance after a maintenance 6113 event that impacts the underlying hardware. 6114 properties: 6115 isLiveMigrationPreferred: 6116 description: IsLiveMigrationPreferred defines whether to live 6117 migrate supported VM instances to a healthy physical VM 6118 host without disrupting running instances during infrastructure 6119 maintenance events. If null, Oracle chooses the best option 6120 for migrating the VM during infrastructure maintenance events. 6121 type: boolean 6122 recoveryAction: 6123 description: RecoveryAction defines the lifecycle state for 6124 an instance when it is recovered after infrastructure maintenance. 6125 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 6126 state it was in before the maintenance event. If the instance 6127 was running, it is automatically rebooted. This is the default 6128 action when a value is not set. * `STOP_INSTANCE` - The 6129 instance is recovered in the stopped state. 6130 type: string 6131 type: object 6132 capacityReservationId: 6133 description: CapacityReservationId defines the OCID of the compute 6134 capacity reservation this instance is launched under. You can 6135 opt out of all default reservations by specifying an empty string 6136 as input for this field. For more information, see Capacity 6137 Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 6138 type: string 6139 dedicatedVmHostId: 6140 description: DedicatedVmHostId defines the OCID of the dedicated 6141 VM host. 6142 type: string 6143 instanceConfigurationId: 6144 type: string 6145 instanceOptions: 6146 description: InstanceOptions defines the instance options 6147 properties: 6148 areLegacyImdsEndpointsDisabled: 6149 description: Whether to disable the legacy (/v1) instance 6150 metadata service endpoints. Customers who have migrated 6151 to /v2 should set this to true for added security. Default 6152 is false. 6153 type: boolean 6154 type: object 6155 instanceSourceViaImageConfig: 6156 description: InstanceSourceViaImageConfig defines the options 6157 for booting up instances via images 6158 properties: 6159 bootVolumeSizeInGBs: 6160 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 6161 to extend the boot volume size. 6162 format: int64 6163 type: integer 6164 bootVolumeVpusPerGB: 6165 description: 'BootVolumeVpusPerGB defines the number of volume 6166 performance units (VPUs) that will be applied to this volume 6167 per GB, representing the Block Volume service''s elastic 6168 performance options. See Block Volume Performance Levels 6169 (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 6170 for more information. Allowed values: * `10`: Represents 6171 Balanced option. * `20`: Represents Higher Performance option. 6172 * `30`-`120`: Represents the Ultra High Performance option. 6173 For volumes with the auto-tuned performance feature enabled, 6174 this is set to the default (minimum) VPUs/GB.' 6175 format: int64 6176 type: integer 6177 imageId: 6178 description: OCID of the image to be used to launch the instance. 6179 type: string 6180 kmsKeyId: 6181 description: KmsKeyId defines the OCID of the Key Management 6182 key to assign as the master encryption key for the boot 6183 volume. 6184 type: string 6185 type: object 6186 instanceVnicConfiguration: 6187 description: NetworkDetails defines the configuration options 6188 for the network 6189 properties: 6190 assignPrivateDnsRecord: 6191 description: AssignPrivateDnsRecord defines whether the VNIC 6192 should be assigned a DNS record. 6193 type: boolean 6194 assignPublicIp: 6195 description: AssignPublicIp defines whether the instance should 6196 have a public IP address 6197 type: boolean 6198 displayName: 6199 description: DisplayName defines a user-friendly name. Does 6200 not have to be unique, and it's changeable. Avoid entering 6201 confidential information. 6202 type: string 6203 hostnameLabel: 6204 description: HostnameLabel defines the hostname for the VNIC's 6205 primary private IP. Used for DNS. 6206 type: string 6207 nsgId: 6208 description: NSGId defines the ID of the NSG to use. This 6209 parameter takes priority over NsgNames. 6210 type: string 6211 nsgNames: 6212 description: NsgNames defines a list of the nsg names of the 6213 network security groups (NSGs) to add the VNIC to. 6214 items: 6215 type: string 6216 type: array 6217 skipSourceDestCheck: 6218 description: SkipSourceDestCheck defines whether the source/destination 6219 check is disabled on the VNIC. 6220 type: boolean 6221 subnetId: 6222 description: SubnetId defines the ID of the subnet to use. 6223 This parameter takes priority over SubnetName. 6224 type: string 6225 subnetName: 6226 description: SubnetName defines the subnet name to use for 6227 the VNIC 6228 type: string 6229 type: object 6230 isPvEncryptionInTransitEnabled: 6231 description: Is in transit encryption of volumes required. 6232 type: boolean 6233 launchOptions: 6234 description: LaunchOptions defines the options for tuning the 6235 compatibility and performance of VM shapes 6236 properties: 6237 bootVolumeType: 6238 description: BootVolumeType defines Emulation type for the 6239 boot volume. * `ISCSI` - ISCSI attached block storage device. 6240 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 6241 * `VFIO` - Direct attached Virtual Function storage. This 6242 is the default option for local data volumes on platform 6243 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 6244 is the default for boot volumes and remote block storage 6245 volumes on platform images. 6246 type: string 6247 firmware: 6248 description: Firmware defines the firmware used to boot VM. 6249 Select the option that matches your operating system. * 6250 `BIOS` - Boot VM using BIOS style firmware. This is compatible 6251 with both 32 bit and 64 bit operating systems that boot 6252 using MBR style bootloaders. * `UEFI_64` - Boot VM using 6253 UEFI style firmware compatible with 64 bit operating systems. 6254 This is the default for platform images. 6255 type: string 6256 isConsistentVolumeNamingEnabled: 6257 description: IsConsistentVolumeNamingEnabled defines whether 6258 to enable consistent volume naming feature. Defaults to 6259 false. 6260 type: boolean 6261 networkType: 6262 description: NetworkType defines the emulation type for the 6263 physical network interface card (NIC). * `E1000` - Emulated 6264 Gigabit ethernet controller. Compatible with Linux e1000 6265 network driver. * `VFIO` - Direct attached Virtual Function 6266 network controller. This is the networking type when you 6267 launch an instance using hardware-assisted (SR-IOV) networking. 6268 * `PARAVIRTUALIZED` - VM instances launch with paravirtualized 6269 devices using VirtIO drivers. 6270 type: string 6271 remoteDataVolumeType: 6272 description: RemoteDataVolumeType defines the emulation type 6273 for volume. * `ISCSI` - ISCSI attached block storage device. 6274 * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated IDE disk. 6275 * `VFIO` - Direct attached Virtual Function storage. This 6276 is the default option for local data volumes on platform 6277 images. * `PARAVIRTUALIZED` - Paravirtualized disk. This 6278 is the default for boot volumes and remote block storage 6279 volumes on platform images. 6280 type: string 6281 type: object 6282 metadata: 6283 additionalProperties: 6284 type: string 6285 description: Custom metadata key/value pairs that you provide, 6286 such as the SSH public key required to connect to the instance. 6287 type: object 6288 platformConfig: 6289 description: PlatformConfig defines the platform config parameters 6290 properties: 6291 amdMilanBmPlatformConfig: 6292 description: AmdMilanBmPlatformConfig describe AMD Milan BM 6293 platform configuration 6294 properties: 6295 areVirtualInstructionsEnabled: 6296 description: Whether virtualization instructions are available. 6297 For example, Secure Virtual Machine for AMD shapes or 6298 VT-x for Intel shapes. 6299 type: boolean 6300 isAccessControlServiceEnabled: 6301 description: Whether the Access Control Service is enabled 6302 on the instance. When enabled, the platform can enforce 6303 PCIe device isolation, required for VFIO device pass-through. 6304 type: boolean 6305 isInputOutputMemoryManagementUnitEnabled: 6306 description: Whether the input-output memory management 6307 unit is enabled. 6308 type: boolean 6309 isMeasuredBootEnabled: 6310 description: Whether the Measured Boot feature is enabled 6311 on the instance. 6312 type: boolean 6313 isMemoryEncryptionEnabled: 6314 description: Whether the instance is a confidential instance. 6315 If this value is `true`, the instance is a confidential 6316 instance. The default value is `false`. 6317 type: boolean 6318 isSecureBootEnabled: 6319 description: Whether Secure Boot is enabled on the instance. 6320 type: boolean 6321 isSymmetricMultiThreadingEnabled: 6322 description: Whether symmetric multithreading is enabled 6323 on the instance. Symmetric multithreading is also called 6324 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6325 Intel and AMD processors have two hardware execution 6326 threads per core (OCPU). SMT permits multiple independent 6327 threads of execution, to better use the resources and 6328 increase the efficiency of the CPU. When multithreading 6329 is disabled, only one thread is permitted to run on 6330 each core, which can provide higher or more predictable 6331 performance for some workloads. 6332 type: boolean 6333 isTrustedPlatformModuleEnabled: 6334 description: Whether the Trusted Platform Module (TPM) 6335 is enabled on the instance. 6336 type: boolean 6337 numaNodesPerSocket: 6338 description: 'The number of NUMA nodes per socket (NPS). 6339 The following values are supported: * `NPS0` * `NPS1` 6340 * `NPS2` * `NPS4`' 6341 type: string 6342 percentageOfCoresEnabled: 6343 description: The percentage of cores enabled. Value must 6344 be a multiple of 25%. If the requested percentage results 6345 in a fractional number of cores, the system rounds up 6346 the number of cores across processors and provisions 6347 an instance with a whole number of cores. If the applications 6348 that you run on the instance use a core-based licensing 6349 model and need fewer cores than the full size of the 6350 shape, you can disable cores to reduce your licensing 6351 costs. The instance itself is billed for the full shape, 6352 regardless of whether all cores are enabled. 6353 type: integer 6354 type: object 6355 amdRomeBmGpuPlatformConfig: 6356 description: AmdMilanBmPlatformConfig describe AMD Rome BM 6357 platform configuration 6358 properties: 6359 areVirtualInstructionsEnabled: 6360 description: Whether virtualization instructions are available. 6361 For example, Secure Virtual Machine for AMD shapes or 6362 VT-x for Intel shapes. 6363 type: boolean 6364 isAccessControlServiceEnabled: 6365 description: Whether the Access Control Service is enabled 6366 on the instance. When enabled, the platform can enforce 6367 PCIe device isolation, required for VFIO device pass-through. 6368 type: boolean 6369 isInputOutputMemoryManagementUnitEnabled: 6370 description: Whether the input-output memory management 6371 unit is enabled. 6372 type: boolean 6373 isMeasuredBootEnabled: 6374 description: Whether the Measured Boot feature is enabled 6375 on the instance. 6376 type: boolean 6377 isMemoryEncryptionEnabled: 6378 description: Whether the instance is a confidential instance. 6379 If this value is `true`, the instance is a confidential 6380 instance. The default value is `false`. 6381 type: boolean 6382 isSecureBootEnabled: 6383 description: Whether Secure Boot is enabled on the instance. 6384 type: boolean 6385 isSymmetricMultiThreadingEnabled: 6386 description: Whether symmetric multithreading is enabled 6387 on the instance. Symmetric multithreading is also called 6388 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6389 Intel and AMD processors have two hardware execution 6390 threads per core (OCPU). SMT permits multiple independent 6391 threads of execution, to better use the resources and 6392 increase the efficiency of the CPU. When multithreading 6393 is disabled, only one thread is permitted to run on 6394 each core, which can provide higher or more predictable 6395 performance for some workloads. 6396 type: boolean 6397 isTrustedPlatformModuleEnabled: 6398 description: Whether the Trusted Platform Module (TPM) 6399 is enabled on the instance. 6400 type: boolean 6401 numaNodesPerSocket: 6402 description: 'The number of NUMA nodes per socket (NPS). 6403 The following values are supported: * `NPS0` * `NPS1` 6404 * `NPS2` * `NPS4`' 6405 type: string 6406 type: object 6407 amdRomeBmPlatformConfig: 6408 description: AmdMilanBmPlatformConfig describe AMD Rome BM 6409 platform configuration 6410 properties: 6411 areVirtualInstructionsEnabled: 6412 description: Whether virtualization instructions are available. 6413 For example, Secure Virtual Machine for AMD shapes or 6414 VT-x for Intel shapes. 6415 type: boolean 6416 isAccessControlServiceEnabled: 6417 description: Whether the Access Control Service is enabled 6418 on the instance. When enabled, the platform can enforce 6419 PCIe device isolation, required for VFIO device pass-through. 6420 type: boolean 6421 isInputOutputMemoryManagementUnitEnabled: 6422 description: Whether the input-output memory management 6423 unit is enabled. 6424 type: boolean 6425 isMeasuredBootEnabled: 6426 description: Whether the Measured Boot feature is enabled 6427 on the instance. 6428 type: boolean 6429 isMemoryEncryptionEnabled: 6430 description: Whether the instance is a confidential instance. 6431 If this value is `true`, the instance is a confidential 6432 instance. The default value is `false`. 6433 type: boolean 6434 isSecureBootEnabled: 6435 description: Whether Secure Boot is enabled on the instance. 6436 type: boolean 6437 isSymmetricMultiThreadingEnabled: 6438 description: Whether symmetric multithreading is enabled 6439 on the instance. Symmetric multithreading is also called 6440 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6441 Intel and AMD processors have two hardware execution 6442 threads per core (OCPU). SMT permits multiple independent 6443 threads of execution, to better use the resources and 6444 increase the efficiency of the CPU. When multithreading 6445 is disabled, only one thread is permitted to run on 6446 each core, which can provide higher or more predictable 6447 performance for some workloads. 6448 type: boolean 6449 isTrustedPlatformModuleEnabled: 6450 description: Whether the Trusted Platform Module (TPM) 6451 is enabled on the instance. 6452 type: boolean 6453 numaNodesPerSocket: 6454 description: 'The number of NUMA nodes per socket (NPS). 6455 The following values are supported: * `NPS0` * `NPS1` 6456 * `NPS2` * `NPS4`' 6457 type: string 6458 percentageOfCoresEnabled: 6459 description: The percentage of cores enabled. Value must 6460 be a multiple of 25%. If the requested percentage results 6461 in a fractional number of cores, the system rounds up 6462 the number of cores across processors and provisions 6463 an instance with a whole number of cores. If the applications 6464 that you run on the instance use a core-based licensing 6465 model and need fewer cores than the full size of the 6466 shape, you can disable cores to reduce your licensing 6467 costs. The instance itself is billed for the full shape, 6468 regardless of whether all cores are enabled. 6469 type: integer 6470 type: object 6471 amdVmPlatformConfig: 6472 description: AmdMilanBmPlatformConfig describe AMD VM platform 6473 configuration 6474 properties: 6475 isMeasuredBootEnabled: 6476 description: Whether the Measured Boot feature is enabled 6477 on the instance. 6478 type: boolean 6479 isMemoryEncryptionEnabled: 6480 description: Whether the instance is a confidential instance. 6481 If this value is `true`, the instance is a confidential 6482 instance. The default value is `false`. 6483 type: boolean 6484 isSecureBootEnabled: 6485 description: Whether Secure Boot is enabled on the instance. 6486 type: boolean 6487 isTrustedPlatformModuleEnabled: 6488 description: Whether the Trusted Platform Module (TPM) 6489 is enabled on the instance. 6490 type: boolean 6491 type: object 6492 intelIcelakeBmPlatformConfig: 6493 description: AmdMilanBmPlatformConfig describe Intel Skylke 6494 BM platform configuration 6495 properties: 6496 isInputOutputMemoryManagementUnitEnabled: 6497 description: Whether the input-output memory management 6498 unit is enabled. 6499 type: boolean 6500 isMeasuredBootEnabled: 6501 description: Whether the Measured Boot feature is enabled 6502 on the instance. 6503 type: boolean 6504 isMemoryEncryptionEnabled: 6505 description: Whether the instance is a confidential instance. 6506 If this value is `true`, the instance is a confidential 6507 instance. The default value is `false`. 6508 type: boolean 6509 isSecureBootEnabled: 6510 description: Whether Secure Boot is enabled on the instance. 6511 type: boolean 6512 isSymmetricMultiThreadingEnabled: 6513 description: Whether symmetric multithreading is enabled 6514 on the instance. Symmetric multithreading is also called 6515 simultaneous multithreading (SMT) or Intel Hyper-Threading. 6516 Intel and AMD processors have two hardware execution 6517 threads per core (OCPU). SMT permits multiple independent 6518 threads of execution, to better use the resources and 6519 increase the efficiency of the CPU. When multithreading 6520 is disabled, only one thread is permitted to run on 6521 each core, which can provide higher or more predictable 6522 performance for some workloads. 6523 type: boolean 6524 isTrustedPlatformModuleEnabled: 6525 description: Whether the Trusted Platform Module (TPM) 6526 is enabled on the instance. 6527 type: boolean 6528 numaNodesPerSocket: 6529 description: 'The number of NUMA nodes per socket (NPS). 6530 The following values are supported: * `NPS1` * `NPS2`' 6531 type: string 6532 percentageOfCoresEnabled: 6533 description: The percentage of cores enabled. Value must 6534 be a multiple of 25%. If the requested percentage results 6535 in a fractional number of cores, the system rounds up 6536 the number of cores across processors and provisions 6537 an instance with a whole number of cores. If the applications 6538 that you run on the instance use a core-based licensing 6539 model and need fewer cores than the full size of the 6540 shape, you can disable cores to reduce your licensing 6541 costs. The instance itself is billed for the full shape, 6542 regardless of whether all cores are enabled. 6543 type: integer 6544 type: object 6545 intelSkylakeBmPlatformConfig: 6546 description: AmdMilanBmPlatformConfig describe Intel Skylke 6547 BM platform configuration 6548 properties: 6549 isMeasuredBootEnabled: 6550 description: Whether the Measured Boot feature is enabled 6551 on the instance. 6552 type: boolean 6553 isMemoryEncryptionEnabled: 6554 description: Whether the instance is a confidential instance. 6555 If this value is `true`, the instance is a confidential 6556 instance. The default value is `false`. 6557 type: boolean 6558 isSecureBootEnabled: 6559 description: Whether Secure Boot is enabled on the instance. 6560 type: boolean 6561 isTrustedPlatformModuleEnabled: 6562 description: Whether the Trusted Platform Module (TPM) 6563 is enabled on the instance. 6564 type: boolean 6565 type: object 6566 intelVmPlatformConfig: 6567 description: AmdMilanBmPlatformConfig describe Intel VM platform 6568 configuration 6569 properties: 6570 isMeasuredBootEnabled: 6571 description: Whether the Measured Boot feature is enabled 6572 on the instance. 6573 type: boolean 6574 isMemoryEncryptionEnabled: 6575 description: Whether the instance is a confidential instance. 6576 If this value is `true`, the instance is a confidential 6577 instance. The default value is `false`. 6578 type: boolean 6579 isSecureBootEnabled: 6580 description: Whether Secure Boot is enabled on the instance. 6581 type: boolean 6582 isTrustedPlatformModuleEnabled: 6583 description: Whether the Trusted Platform Module (TPM) 6584 is enabled on the instance. 6585 type: boolean 6586 type: object 6587 platformConfigType: 6588 description: The type of platform configuration. Valid values 6589 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 6590 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 6591 Based on the enum, exactly one of the specific configuration 6592 types must be set 6593 type: string 6594 type: object 6595 preemptibleInstanceConfig: 6596 description: PreemptibleInstanceConfig Configuration options for 6597 preemptible instances. 6598 properties: 6599 terminatePreemptionAction: 6600 description: TerminatePreemptionAction terminates the preemptible 6601 instance when it is interrupted for eviction. 6602 properties: 6603 preserveBootVolume: 6604 description: PreserveBootVolume defines whether to preserve 6605 the boot volume that was used to launch the preemptible 6606 instance when the instance is terminated. Defaults to 6607 false if not specified. 6608 type: boolean 6609 type: object 6610 type: object 6611 shape: 6612 type: string 6613 shapeConfig: 6614 description: The shape configuration of the instance, applicable 6615 for flex instances. 6616 properties: 6617 baselineOcpuUtilization: 6618 description: 'The baseline OCPU utilization for a subcore 6619 burstable VM instance. Leave this attribute blank for a 6620 non-burstable instance, or explicitly specify non-burstable 6621 with `BASELINE_1_1`. The following values are supported: 6622 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - `BASELINE_1_2` 6623 - baseline usage is 1/2 of an OCPU. - `BASELINE_1_1` - baseline 6624 usage is an entire OCPU. This represents a non-burstable 6625 instance.' 6626 type: string 6627 memoryInGBs: 6628 description: The total amount of memory available to the instance, 6629 in gigabytes. 6630 type: string 6631 nvmes: 6632 description: Nvmes defines the number of NVMe drives to be 6633 used for storage. A single drive has 6.8 TB available. 6634 type: integer 6635 ocpus: 6636 description: The total number of OCPUs available to the instance. 6637 type: string 6638 type: object 6639 type: object 6640 ocid: 6641 description: OCID is the OCID of the associated InstancePool 6642 type: string 6643 placementDetails: 6644 description: PlacementDetails defines the placement details of the 6645 instance pool. 6646 items: 6647 properties: 6648 availabilityDomain: 6649 description: The availability domain to place instances. 6650 type: integer 6651 required: 6652 - availabilityDomain 6653 type: object 6654 type: array 6655 providerID: 6656 description: ProviderID is the OCID of the associated InstancePool 6657 in a provider format 6658 type: string 6659 providerIDList: 6660 description: ProviderIDList are the identification IDs of machine 6661 instances provided by the provider. This field must match the provider 6662 IDs as seen on the node objects corresponding to a machine pool's 6663 machine instances. 6664 items: 6665 type: string 6666 type: array 6667 type: object 6668 status: 6669 description: OCIMachinePoolStatus defines the observed state of OCIMachinePool 6670 properties: 6671 conditions: 6672 description: Conditions defines current service state of the OCIMachinePool. 6673 items: 6674 description: Condition defines an observation of a Cluster API resource 6675 operational state. 6676 properties: 6677 lastTransitionTime: 6678 description: Last time the condition transitioned from one status 6679 to another. This should be when the underlying condition changed. 6680 If that is not known, then using the time when the API field 6681 changed is acceptable. 6682 format: date-time 6683 type: string 6684 message: 6685 description: A human readable message indicating details about 6686 the transition. This field may be empty. 6687 type: string 6688 reason: 6689 description: The reason for the condition's last transition 6690 in CamelCase. The specific API may choose whether or not this 6691 field is considered a guaranteed API. This field may not be 6692 empty. 6693 type: string 6694 severity: 6695 description: Severity provides an explicit classification of 6696 Reason code, so the users or machines can immediately understand 6697 the current situation and act accordingly. The Severity field 6698 MUST be set only when Status=False. 6699 type: string 6700 status: 6701 description: Status of the condition, one of True, False, Unknown. 6702 type: string 6703 type: 6704 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 6705 Many .condition.type values are consistent across resources 6706 like Available, but because arbitrary conditions can be useful 6707 (see .node.status.conditions), the ability to deconflict is 6708 important. 6709 type: string 6710 required: 6711 - lastTransitionTime 6712 - status 6713 - type 6714 type: object 6715 type: array 6716 failureMessage: 6717 type: string 6718 failureReason: 6719 description: MachineStatusError defines errors states for Machine 6720 objects. 6721 type: string 6722 infrastructureMachineKind: 6723 description: InfrastructureMachineKind is the kind of the infrastructure 6724 resources behind MachinePool Machines. 6725 type: string 6726 ready: 6727 description: Ready is true when the provider resource is ready. 6728 type: boolean 6729 replicas: 6730 description: Replicas is the most recently observed number of replicas 6731 format: int32 6732 type: integer 6733 type: object 6734 type: object 6735 served: true 6736 storage: true 6737 subresources: 6738 status: {} 6739 --- 6740 apiVersion: apiextensions.k8s.io/v1 6741 kind: CustomResourceDefinition 6742 metadata: 6743 annotations: 6744 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 6745 controller-gen.kubebuilder.io/version: v0.10.0 6746 labels: 6747 cluster.x-k8s.io/provider: infrastructure-oci 6748 cluster.x-k8s.io/v1beta1: v1beta1 6749 name: ocimachines.infrastructure.cluster.x-k8s.io 6750 spec: 6751 conversion: 6752 strategy: Webhook 6753 webhook: 6754 clientConfig: 6755 service: 6756 name: capoci-webhook-service 6757 namespace: cluster-api-provider-oci-system 6758 path: /convert 6759 conversionReviewVersions: 6760 - v1 6761 - v1beta1 6762 group: infrastructure.cluster.x-k8s.io 6763 names: 6764 kind: OCIMachine 6765 listKind: OCIMachineList 6766 plural: ocimachines 6767 singular: ocimachine 6768 scope: Namespaced 6769 versions: 6770 - name: v1beta1 6771 schema: 6772 openAPIV3Schema: 6773 description: OCIMachine is the Schema for the ocimachines API. 6774 properties: 6775 apiVersion: 6776 description: 'APIVersion defines the versioned schema of this representation 6777 of an object. Servers should convert recognized schemas to the latest 6778 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6779 type: string 6780 kind: 6781 description: 'Kind is a string value representing the REST resource this 6782 object represents. Servers may infer this from the endpoint the client 6783 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6784 type: string 6785 metadata: 6786 type: object 6787 spec: 6788 description: OCIMachineSpec defines the desired state of OCIMachine Please 6789 read the API https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance 6790 for more information about the parameters below 6791 properties: 6792 agentConfig: 6793 description: AgentConfig defines the options for the Oracle Cloud 6794 Agent software running on the instance. 6795 properties: 6796 areAllPluginsDisabled: 6797 description: AreAllPluginsDisabled defines whether Oracle Cloud 6798 Agent can run all the available plugins. This includes the management 6799 and monitoring plugins. To get a list of available plugins, 6800 use the ListInstanceagentAvailablePlugins operation in the Oracle 6801 Cloud Agent API. For more information about the available plugins, 6802 see Managing Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6803 type: boolean 6804 isManagementDisabled: 6805 description: 'IsManagementDisabled defines whether Oracle Cloud 6806 Agent can run all the available management plugins. Default 6807 value is false (management plugins are enabled). These are the 6808 management plugins: OS Management Service Agent and Compute 6809 Instance Run Command. The management plugins are controlled 6810 by this parameter and by the per-plugin configuration in the 6811 `pluginsConfig` object. - If `isManagementDisabled` is true, 6812 all of the management plugins are disabled, regardless of the 6813 per-plugin configuration. - If `isManagementDisabled` is false, 6814 all of the management plugins are enabled. You can optionally 6815 disable individual management plugins by providing a value in 6816 the `pluginsConfig` object.' 6817 type: boolean 6818 isMonitoringDisabled: 6819 description: 'IsMonitoringDisabled defines whether Oracle Cloud 6820 Agent can gather performance metrics and monitor the instance 6821 using the monitoring plugins. Default value is false (monitoring 6822 plugins are enabled). These are the monitoring plugins: Compute 6823 Instance Monitoring and Custom Logs Monitoring. The monitoring 6824 plugins are controlled by this parameter and by the per-plugin 6825 configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` 6826 is true, all of the monitoring plugins are disabled, regardless 6827 of the per-plugin configuration. - If `isMonitoringDisabled` 6828 is false, all of the monitoring plugins are enabled. You can 6829 optionally disable individual monitoring plugins by providing 6830 a value in the `pluginsConfig` object.' 6831 type: boolean 6832 pluginsConfigs: 6833 description: PluginsConfig defines the configuration of plugins 6834 associated with this instance. 6835 items: 6836 description: InstanceAgentPluginConfig defines the configuration 6837 of plugins associated with this instance. 6838 properties: 6839 desiredState: 6840 description: 'DesiredState defines whether the plugin should 6841 be enabled or disabled. To enable the monitoring and management 6842 plugins, the `isMonitoringDisabled` and `isManagementDisabled` 6843 attributes must also be set to false. The following values 6844 are supported: * `ENABLED` * `DISABLED`' 6845 type: string 6846 name: 6847 description: Name defines the name of the plugin. To get 6848 a list of available plugins, use the ListInstanceagentAvailablePlugins 6849 operation in the Oracle Cloud Agent API. For more information 6850 about the available plugins, see Managing Plugins with 6851 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 6852 type: string 6853 type: object 6854 type: array 6855 type: object 6856 availabilityConfig: 6857 description: LaunchInstanceAvailabilityConfig defines the options 6858 for VM migration during infrastructure maintenance events and for 6859 defining the availability of a VM instance after a maintenance event 6860 that impacts the underlying hardware. 6861 properties: 6862 isLiveMigrationPreferred: 6863 description: IsLiveMigrationPreferred defines whether to live 6864 migrate supported VM instances to a healthy physical VM host 6865 without disrupting running instances during infrastructure maintenance 6866 events. If null, Oracle chooses the best option for migrating 6867 the VM during infrastructure maintenance events. 6868 type: boolean 6869 recoveryAction: 6870 description: RecoveryAction defines the lifecycle state for an 6871 instance when it is recovered after infrastructure maintenance. 6872 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 6873 state it was in before the maintenance event. If the instance 6874 was running, it is automatically rebooted. This is the default 6875 action when a value is not set. * `STOP_INSTANCE` - The instance 6876 is recovered in the stopped state. 6877 type: string 6878 type: object 6879 bootVolumeSizeInGBs: 6880 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 6881 to extend the boot volume size. 6882 type: string 6883 capacityReservationId: 6884 description: CapacityReservationId defines the OCID of the compute 6885 capacity reservation this instance is launched under. You can opt 6886 out of all default reservations by specifying an empty string as 6887 input for this field. For more information, see Capacity Reservations 6888 (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 6889 type: string 6890 compartmentId: 6891 description: Compartment to launch the instance in. 6892 type: string 6893 computeClusterId: 6894 description: ComputeClusterId refers to OCID of the compute cluster 6895 that the instance will be created in. Please refer https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/compute-clusters.htm 6896 for more details 6897 type: string 6898 dedicatedVmHostId: 6899 description: DedicatedVmHostId defines the OCID of the dedicated VM 6900 host. 6901 type: string 6902 definedTags: 6903 additionalProperties: 6904 additionalProperties: 6905 type: string 6906 type: object 6907 description: 'Defined tags for this resource. Each key is predefined 6908 and scoped to a namespace. For more information, see Resource Tags 6909 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 6910 Example: `{"Operations": {"CostCenter": "42"}}`' 6911 type: object 6912 freeformTags: 6913 additionalProperties: 6914 type: string 6915 description: Free-form tags for this resource. 6916 type: object 6917 imageId: 6918 description: OCID of the image to be used to launch the instance. 6919 type: string 6920 instanceId: 6921 description: OCID of launched compute instance. 6922 type: string 6923 instanceOptions: 6924 description: InstanceOptions defines the instance options 6925 properties: 6926 areLegacyImdsEndpointsDisabled: 6927 description: Whether to disable the legacy (/v1) instance metadata 6928 service endpoints. Customers who have migrated to /v2 should 6929 set this to true for added security. Default is false. 6930 type: boolean 6931 type: object 6932 instanceSourceViaImageConfig: 6933 description: InstanceSourceViaImageConfig defines the options for 6934 booting up instances via images 6935 properties: 6936 bootVolumeVpusPerGB: 6937 description: 'BootVolumeVpusPerGB defines the number of volume 6938 performance units (VPUs) that will be applied to this volume 6939 per GB, representing the Block Volume service''s elastic performance 6940 options. See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 6941 for more information. Allowed values: * `10`: Represents Balanced 6942 option. * `20`: Represents Higher Performance option. * `30`-`120`: 6943 Represents the Ultra High Performance option. For volumes with 6944 the auto-tuned performance feature enabled, this is set to the 6945 default (minimum) VPUs/GB.' 6946 format: int64 6947 type: integer 6948 kmsKeyId: 6949 description: KmsKeyId defines the OCID of the Key Management key 6950 to assign as the master encryption key for the boot volume. 6951 type: string 6952 type: object 6953 ipxeScript: 6954 description: IpxeScript is the custom iPXE script that will run when 6955 the instance boots. 6956 type: string 6957 isPvEncryptionInTransitEnabled: 6958 description: Is in transit encryption of volumes required. 6959 type: boolean 6960 launchOptions: 6961 description: LaunchOptions defines the options for tuning the compatibility 6962 and performance of VM shapes 6963 properties: 6964 bootVolumeType: 6965 description: BootVolumeType defines Emulation type for the boot 6966 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 6967 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 6968 - Direct attached Virtual Function storage. This is the default 6969 option for local data volumes on platform images. * `PARAVIRTUALIZED` 6970 - Paravirtualized disk. This is the default for boot volumes 6971 and remote block storage volumes on platform images. 6972 type: string 6973 firmware: 6974 description: Firmware defines the firmware used to boot VM. Select 6975 the option that matches your operating system. * `BIOS` - Boot 6976 VM using BIOS style firmware. This is compatible with both 32 6977 bit and 64 bit operating systems that boot using MBR style bootloaders. 6978 * `UEFI_64` - Boot VM using UEFI style firmware compatible with 6979 64 bit operating systems. This is the default for platform images. 6980 type: string 6981 isConsistentVolumeNamingEnabled: 6982 description: IsConsistentVolumeNamingEnabled defines whether to 6983 enable consistent volume naming feature. Defaults to false. 6984 type: boolean 6985 networkType: 6986 description: NetworkType defines the emulation type for the physical 6987 network interface card (NIC). * `E1000` - Emulated Gigabit ethernet 6988 controller. Compatible with Linux e1000 network driver. * `VFIO` 6989 - Direct attached Virtual Function network controller. This 6990 is the networking type when you launch an instance using hardware-assisted 6991 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch 6992 with paravirtualized devices using VirtIO drivers. 6993 type: string 6994 remoteDataVolumeType: 6995 description: RemoteDataVolumeType defines the emulation type for 6996 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 6997 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 6998 - Direct attached Virtual Function storage. This is the default 6999 option for local data volumes on platform images. * `PARAVIRTUALIZED` 7000 - Paravirtualized disk. This is the default for boot volumes 7001 and remote block storage volumes on platform images. 7002 type: string 7003 type: object 7004 metadata: 7005 additionalProperties: 7006 type: string 7007 description: Custom metadata key/value pairs that you provide, such 7008 as the SSH public key required to connect to the instance. 7009 type: object 7010 networkDetails: 7011 description: NetworkDetails defines the configuration options for 7012 the network 7013 properties: 7014 assignPrivateDnsRecord: 7015 description: AssignPrivateDnsRecord defines whether the VNIC should 7016 be assigned a DNS record. 7017 type: boolean 7018 assignPublicIp: 7019 description: AssignPublicIp defines whether the instance should 7020 have a public IP address 7021 type: boolean 7022 displayName: 7023 description: DisplayName defines a user-friendly name. Does not 7024 have to be unique, and it's changeable. Avoid entering confidential 7025 information. 7026 type: string 7027 hostnameLabel: 7028 description: HostnameLabel defines the hostname for the VNIC's 7029 primary private IP. Used for DNS. 7030 type: string 7031 nsgId: 7032 description: NSGId defines the ID of the NSG to use. This parameter 7033 takes priority over NsgNames. 7034 type: string 7035 nsgNames: 7036 description: NsgNames defines a list of the nsg names of the network 7037 security groups (NSGs) to add the VNIC to. 7038 items: 7039 type: string 7040 type: array 7041 skipSourceDestCheck: 7042 description: SkipSourceDestCheck defines whether the source/destination 7043 check is disabled on the VNIC. 7044 type: boolean 7045 subnetId: 7046 description: SubnetId defines the ID of the subnet to use. This 7047 parameter takes priority over SubnetName. 7048 type: string 7049 subnetName: 7050 description: SubnetName defines the subnet name to use for the 7051 VNIC 7052 type: string 7053 type: object 7054 nsgName: 7055 description: The name of NSG to use. The name here refers to the NSGs 7056 defined in the OCICluster Spec. Optional, only if multiple NSGs 7057 of a type is defined, else the first element is used. Deprecated, 7058 please use NetworkDetails.NSGNames 7059 type: string 7060 platformConfig: 7061 description: PlatformConfig defines the platform config parameters 7062 properties: 7063 amdMilanBmPlatformConfig: 7064 description: AmdMilanBmPlatformConfig describe AMD Milan BM platform 7065 configuration 7066 properties: 7067 areVirtualInstructionsEnabled: 7068 description: Whether virtualization instructions are available. 7069 For example, Secure Virtual Machine for AMD shapes or VT-x 7070 for Intel shapes. 7071 type: boolean 7072 isAccessControlServiceEnabled: 7073 description: Whether the Access Control Service is enabled 7074 on the instance. When enabled, the platform can enforce 7075 PCIe device isolation, required for VFIO device pass-through. 7076 type: boolean 7077 isInputOutputMemoryManagementUnitEnabled: 7078 description: Whether the input-output memory management unit 7079 is enabled. 7080 type: boolean 7081 isMeasuredBootEnabled: 7082 description: Whether the Measured Boot feature is enabled 7083 on the instance. 7084 type: boolean 7085 isMemoryEncryptionEnabled: 7086 description: Whether the instance is a confidential instance. 7087 If this value is `true`, the instance is a confidential 7088 instance. The default value is `false`. 7089 type: boolean 7090 isSecureBootEnabled: 7091 description: Whether Secure Boot is enabled on the instance. 7092 type: boolean 7093 isSymmetricMultiThreadingEnabled: 7094 description: Whether symmetric multithreading is enabled on 7095 the instance. Symmetric multithreading is also called simultaneous 7096 multithreading (SMT) or Intel Hyper-Threading. Intel and 7097 AMD processors have two hardware execution threads per core 7098 (OCPU). SMT permits multiple independent threads of execution, 7099 to better use the resources and increase the efficiency 7100 of the CPU. When multithreading is disabled, only one thread 7101 is permitted to run on each core, which can provide higher 7102 or more predictable performance for some workloads. 7103 type: boolean 7104 isTrustedPlatformModuleEnabled: 7105 description: Whether the Trusted Platform Module (TPM) is 7106 enabled on the instance. 7107 type: boolean 7108 numaNodesPerSocket: 7109 description: 'The number of NUMA nodes per socket (NPS). The 7110 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7111 * `NPS4`' 7112 type: string 7113 percentageOfCoresEnabled: 7114 description: The percentage of cores enabled. Value must be 7115 a multiple of 25%. If the requested percentage results in 7116 a fractional number of cores, the system rounds up the number 7117 of cores across processors and provisions an instance with 7118 a whole number of cores. If the applications that you run 7119 on the instance use a core-based licensing model and need 7120 fewer cores than the full size of the shape, you can disable 7121 cores to reduce your licensing costs. The instance itself 7122 is billed for the full shape, regardless of whether all 7123 cores are enabled. 7124 type: integer 7125 type: object 7126 amdRomeBmGpuPlatformConfig: 7127 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7128 configuration 7129 properties: 7130 areVirtualInstructionsEnabled: 7131 description: Whether virtualization instructions are available. 7132 For example, Secure Virtual Machine for AMD shapes or VT-x 7133 for Intel shapes. 7134 type: boolean 7135 isAccessControlServiceEnabled: 7136 description: Whether the Access Control Service is enabled 7137 on the instance. When enabled, the platform can enforce 7138 PCIe device isolation, required for VFIO device pass-through. 7139 type: boolean 7140 isInputOutputMemoryManagementUnitEnabled: 7141 description: Whether the input-output memory management unit 7142 is enabled. 7143 type: boolean 7144 isMeasuredBootEnabled: 7145 description: Whether the Measured Boot feature is enabled 7146 on the instance. 7147 type: boolean 7148 isMemoryEncryptionEnabled: 7149 description: Whether the instance is a confidential instance. 7150 If this value is `true`, the instance is a confidential 7151 instance. The default value is `false`. 7152 type: boolean 7153 isSecureBootEnabled: 7154 description: Whether Secure Boot is enabled on the instance. 7155 type: boolean 7156 isSymmetricMultiThreadingEnabled: 7157 description: Whether symmetric multithreading is enabled on 7158 the instance. Symmetric multithreading is also called simultaneous 7159 multithreading (SMT) or Intel Hyper-Threading. Intel and 7160 AMD processors have two hardware execution threads per core 7161 (OCPU). SMT permits multiple independent threads of execution, 7162 to better use the resources and increase the efficiency 7163 of the CPU. When multithreading is disabled, only one thread 7164 is permitted to run on each core, which can provide higher 7165 or more predictable performance for some workloads. 7166 type: boolean 7167 isTrustedPlatformModuleEnabled: 7168 description: Whether the Trusted Platform Module (TPM) is 7169 enabled on the instance. 7170 type: boolean 7171 numaNodesPerSocket: 7172 description: 'The number of NUMA nodes per socket (NPS). The 7173 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7174 * `NPS4`' 7175 type: string 7176 type: object 7177 amdRomeBmPlatformConfig: 7178 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7179 configuration 7180 properties: 7181 areVirtualInstructionsEnabled: 7182 description: Whether virtualization instructions are available. 7183 For example, Secure Virtual Machine for AMD shapes or VT-x 7184 for Intel shapes. 7185 type: boolean 7186 isAccessControlServiceEnabled: 7187 description: Whether the Access Control Service is enabled 7188 on the instance. When enabled, the platform can enforce 7189 PCIe device isolation, required for VFIO device pass-through. 7190 type: boolean 7191 isInputOutputMemoryManagementUnitEnabled: 7192 description: Whether the input-output memory management unit 7193 is enabled. 7194 type: boolean 7195 isMeasuredBootEnabled: 7196 description: Whether the Measured Boot feature is enabled 7197 on the instance. 7198 type: boolean 7199 isMemoryEncryptionEnabled: 7200 description: Whether the instance is a confidential instance. 7201 If this value is `true`, the instance is a confidential 7202 instance. The default value is `false`. 7203 type: boolean 7204 isSecureBootEnabled: 7205 description: Whether Secure Boot is enabled on the instance. 7206 type: boolean 7207 isSymmetricMultiThreadingEnabled: 7208 description: Whether symmetric multithreading is enabled on 7209 the instance. Symmetric multithreading is also called simultaneous 7210 multithreading (SMT) or Intel Hyper-Threading. Intel and 7211 AMD processors have two hardware execution threads per core 7212 (OCPU). SMT permits multiple independent threads of execution, 7213 to better use the resources and increase the efficiency 7214 of the CPU. When multithreading is disabled, only one thread 7215 is permitted to run on each core, which can provide higher 7216 or more predictable performance for some workloads. 7217 type: boolean 7218 isTrustedPlatformModuleEnabled: 7219 description: Whether the Trusted Platform Module (TPM) is 7220 enabled on the instance. 7221 type: boolean 7222 numaNodesPerSocket: 7223 description: 'The number of NUMA nodes per socket (NPS). The 7224 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7225 * `NPS4`' 7226 type: string 7227 percentageOfCoresEnabled: 7228 description: The percentage of cores enabled. Value must be 7229 a multiple of 25%. If the requested percentage results in 7230 a fractional number of cores, the system rounds up the number 7231 of cores across processors and provisions an instance with 7232 a whole number of cores. If the applications that you run 7233 on the instance use a core-based licensing model and need 7234 fewer cores than the full size of the shape, you can disable 7235 cores to reduce your licensing costs. The instance itself 7236 is billed for the full shape, regardless of whether all 7237 cores are enabled. 7238 type: integer 7239 type: object 7240 amdVmPlatformConfig: 7241 description: AmdMilanBmPlatformConfig describe AMD VM platform 7242 configuration 7243 properties: 7244 isMeasuredBootEnabled: 7245 description: Whether the Measured Boot feature is enabled 7246 on the instance. 7247 type: boolean 7248 isMemoryEncryptionEnabled: 7249 description: Whether the instance is a confidential instance. 7250 If this value is `true`, the instance is a confidential 7251 instance. The default value is `false`. 7252 type: boolean 7253 isSecureBootEnabled: 7254 description: Whether Secure Boot is enabled on the instance. 7255 type: boolean 7256 isTrustedPlatformModuleEnabled: 7257 description: Whether the Trusted Platform Module (TPM) is 7258 enabled on the instance. 7259 type: boolean 7260 type: object 7261 intelIcelakeBmPlatformConfig: 7262 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7263 platform configuration 7264 properties: 7265 isInputOutputMemoryManagementUnitEnabled: 7266 description: Whether the input-output memory management unit 7267 is enabled. 7268 type: boolean 7269 isMeasuredBootEnabled: 7270 description: Whether the Measured Boot feature is enabled 7271 on the instance. 7272 type: boolean 7273 isMemoryEncryptionEnabled: 7274 description: Whether the instance is a confidential instance. 7275 If this value is `true`, the instance is a confidential 7276 instance. The default value is `false`. 7277 type: boolean 7278 isSecureBootEnabled: 7279 description: Whether Secure Boot is enabled on the instance. 7280 type: boolean 7281 isSymmetricMultiThreadingEnabled: 7282 description: Whether symmetric multithreading is enabled on 7283 the instance. Symmetric multithreading is also called simultaneous 7284 multithreading (SMT) or Intel Hyper-Threading. Intel and 7285 AMD processors have two hardware execution threads per core 7286 (OCPU). SMT permits multiple independent threads of execution, 7287 to better use the resources and increase the efficiency 7288 of the CPU. When multithreading is disabled, only one thread 7289 is permitted to run on each core, which can provide higher 7290 or more predictable performance for some workloads. 7291 type: boolean 7292 isTrustedPlatformModuleEnabled: 7293 description: Whether the Trusted Platform Module (TPM) is 7294 enabled on the instance. 7295 type: boolean 7296 numaNodesPerSocket: 7297 description: 'The number of NUMA nodes per socket (NPS). The 7298 following values are supported: * `NPS1` * `NPS2`' 7299 type: string 7300 percentageOfCoresEnabled: 7301 description: The percentage of cores enabled. Value must be 7302 a multiple of 25%. If the requested percentage results in 7303 a fractional number of cores, the system rounds up the number 7304 of cores across processors and provisions an instance with 7305 a whole number of cores. If the applications that you run 7306 on the instance use a core-based licensing model and need 7307 fewer cores than the full size of the shape, you can disable 7308 cores to reduce your licensing costs. The instance itself 7309 is billed for the full shape, regardless of whether all 7310 cores are enabled. 7311 type: integer 7312 type: object 7313 intelSkylakeBmPlatformConfig: 7314 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 7315 platform configuration 7316 properties: 7317 isMeasuredBootEnabled: 7318 description: Whether the Measured Boot feature is enabled 7319 on the instance. 7320 type: boolean 7321 isMemoryEncryptionEnabled: 7322 description: Whether the instance is a confidential instance. 7323 If this value is `true`, the instance is a confidential 7324 instance. The default value is `false`. 7325 type: boolean 7326 isSecureBootEnabled: 7327 description: Whether Secure Boot is enabled on the instance. 7328 type: boolean 7329 isTrustedPlatformModuleEnabled: 7330 description: Whether the Trusted Platform Module (TPM) is 7331 enabled on the instance. 7332 type: boolean 7333 type: object 7334 intelVmPlatformConfig: 7335 description: AmdMilanBmPlatformConfig describe Intel VM platform 7336 configuration 7337 properties: 7338 isMeasuredBootEnabled: 7339 description: Whether the Measured Boot feature is enabled 7340 on the instance. 7341 type: boolean 7342 isMemoryEncryptionEnabled: 7343 description: Whether the instance is a confidential instance. 7344 If this value is `true`, the instance is a confidential 7345 instance. The default value is `false`. 7346 type: boolean 7347 isSecureBootEnabled: 7348 description: Whether Secure Boot is enabled on the instance. 7349 type: boolean 7350 isTrustedPlatformModuleEnabled: 7351 description: Whether the Trusted Platform Module (TPM) is 7352 enabled on the instance. 7353 type: boolean 7354 type: object 7355 platformConfigType: 7356 description: The type of platform configuration. Valid values 7357 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 7358 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 7359 Based on the enum, exactly one of the specific configuration 7360 types must be set 7361 type: string 7362 type: object 7363 preemptibleInstanceConfig: 7364 description: PreemptibleInstanceConfig Configuration options for preemptible 7365 instances. 7366 properties: 7367 terminatePreemptionAction: 7368 description: TerminatePreemptionAction terminates the preemptible 7369 instance when it is interrupted for eviction. 7370 properties: 7371 preserveBootVolume: 7372 description: PreserveBootVolume defines whether to preserve 7373 the boot volume that was used to launch the preemptible 7374 instance when the instance is terminated. Defaults to false 7375 if not specified. 7376 type: boolean 7377 type: object 7378 type: object 7379 providerID: 7380 description: Provider ID of the instance, this will be set by Cluster 7381 API provider itself, users should not set this parameter. 7382 type: string 7383 shape: 7384 description: Shape of the instance. 7385 type: string 7386 shapeConfig: 7387 description: The shape configuration of rhe instance, applicable for 7388 flex instances. 7389 properties: 7390 baselineOcpuUtilization: 7391 description: 'The baseline OCPU utilization for a subcore burstable 7392 VM instance. Leave this attribute blank for a non-burstable 7393 instance, or explicitly specify non-burstable with `BASELINE_1_1`. 7394 The following values are supported: - `BASELINE_1_8` - baseline 7395 usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 7396 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire 7397 OCPU. This represents a non-burstable instance.' 7398 type: string 7399 memoryInGBs: 7400 description: The total amount of memory available to the instance, 7401 in gigabytes. 7402 type: string 7403 nvmes: 7404 description: Nvmes defines the number of NVMe drives to be used 7405 for storage. A single drive has 6.8 TB available. 7406 type: integer 7407 ocpus: 7408 description: The total number of OCPUs available to the instance. 7409 type: string 7410 type: object 7411 subnetName: 7412 description: The name of the subnet to use. The name here refers to 7413 the subnets defined in the OCICluster Spec. Optional, only if multiple 7414 subnets of a type is defined, else the first element is used. 7415 type: string 7416 vnicAttachments: 7417 description: VnicAttachments defines the configuration options for 7418 the vnic(s) attached to the machine The network bandwidth and number 7419 of VNICs scale proportionately with the number of OCPUs. 7420 items: 7421 properties: 7422 assignPublicIp: 7423 description: AssignPublicIp defines whether the vnic should 7424 have a public IP address 7425 type: boolean 7426 displayName: 7427 description: DisplayName defines a user-friendly name. Does 7428 not have to be unique. Avoid entering confidential information. 7429 type: string 7430 nicIndex: 7431 description: NicIndex defines which physical Network Interface 7432 Card (NIC) to use You can determine which NICs are active 7433 for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 7434 type: integer 7435 subnetName: 7436 description: SubnetName defines the subnet name to use for the 7437 VNIC Defaults to the "worker" subnet if not provided 7438 type: string 7439 vnicAttachmentId: 7440 description: VnicAttachmentId defines the ID of the VnicAttachment 7441 type: string 7442 required: 7443 - displayName 7444 type: object 7445 type: array 7446 type: object 7447 status: 7448 description: OCIMachineStatus defines the observed state of OCIMachine. 7449 properties: 7450 addresses: 7451 description: Addresses contains the addresses of the associated OCI 7452 instance. 7453 items: 7454 description: MachineAddress contains information for the node's 7455 address. 7456 properties: 7457 address: 7458 description: The machine address. 7459 type: string 7460 type: 7461 description: Machine address type, one of Hostname, ExternalIP, 7462 InternalIP, ExternalDNS or InternalDNS. 7463 type: string 7464 required: 7465 - address 7466 - type 7467 type: object 7468 type: array 7469 conditions: 7470 description: Conditions defines current service state of the OCIMachine. 7471 items: 7472 description: Condition defines an observation of a Cluster API resource 7473 operational state. 7474 properties: 7475 lastTransitionTime: 7476 description: Last time the condition transitioned from one status 7477 to another. This should be when the underlying condition changed. 7478 If that is not known, then using the time when the API field 7479 changed is acceptable. 7480 format: date-time 7481 type: string 7482 message: 7483 description: A human readable message indicating details about 7484 the transition. This field may be empty. 7485 type: string 7486 reason: 7487 description: The reason for the condition's last transition 7488 in CamelCase. The specific API may choose whether or not this 7489 field is considered a guaranteed API. This field may not be 7490 empty. 7491 type: string 7492 severity: 7493 description: Severity provides an explicit classification of 7494 Reason code, so the users or machines can immediately understand 7495 the current situation and act accordingly. The Severity field 7496 MUST be set only when Status=False. 7497 type: string 7498 status: 7499 description: Status of the condition, one of True, False, Unknown. 7500 type: string 7501 type: 7502 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 7503 Many .condition.type values are consistent across resources 7504 like Available, but because arbitrary conditions can be useful 7505 (see .node.status.conditions), the ability to deconflict is 7506 important. 7507 type: string 7508 required: 7509 - lastTransitionTime 7510 - status 7511 - type 7512 type: object 7513 type: array 7514 createBackendWorkRequestId: 7515 description: Create Backend OPC work request ID for the machine backend. 7516 type: string 7517 deleteBackendWorkRequestId: 7518 description: Delete Backend OPC work request ID for the machine backend. 7519 type: string 7520 failureMessage: 7521 description: The error message corresponding to the error on the machine. 7522 type: string 7523 failureReason: 7524 description: Error status on the machine. 7525 type: string 7526 launchInstanceWorkRequestId: 7527 description: Launch instance work request ID. 7528 type: string 7529 ready: 7530 description: Flag set to true when machine is ready. 7531 type: boolean 7532 type: object 7533 type: object 7534 served: true 7535 storage: false 7536 subresources: 7537 status: {} 7538 - name: v1beta2 7539 schema: 7540 openAPIV3Schema: 7541 description: OCIMachine is the Schema for the ocimachines API. 7542 properties: 7543 apiVersion: 7544 description: 'APIVersion defines the versioned schema of this representation 7545 of an object. Servers should convert recognized schemas to the latest 7546 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 7547 type: string 7548 kind: 7549 description: 'Kind is a string value representing the REST resource this 7550 object represents. Servers may infer this from the endpoint the client 7551 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 7552 type: string 7553 metadata: 7554 type: object 7555 spec: 7556 description: OCIMachineSpec defines the desired state of OCIMachine Please 7557 read the API https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance 7558 for more information about the parameters below 7559 properties: 7560 agentConfig: 7561 description: AgentConfig defines the options for the Oracle Cloud 7562 Agent software running on the instance. 7563 properties: 7564 areAllPluginsDisabled: 7565 description: AreAllPluginsDisabled defines whether Oracle Cloud 7566 Agent can run all the available plugins. This includes the management 7567 and monitoring plugins. To get a list of available plugins, 7568 use the ListInstanceagentAvailablePlugins operation in the Oracle 7569 Cloud Agent API. For more information about the available plugins, 7570 see Managing Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 7571 type: boolean 7572 isManagementDisabled: 7573 description: 'IsManagementDisabled defines whether Oracle Cloud 7574 Agent can run all the available management plugins. Default 7575 value is false (management plugins are enabled). These are the 7576 management plugins: OS Management Service Agent and Compute 7577 Instance Run Command. The management plugins are controlled 7578 by this parameter and by the per-plugin configuration in the 7579 `pluginsConfig` object. - If `isManagementDisabled` is true, 7580 all of the management plugins are disabled, regardless of the 7581 per-plugin configuration. - If `isManagementDisabled` is false, 7582 all of the management plugins are enabled. You can optionally 7583 disable individual management plugins by providing a value in 7584 the `pluginsConfig` object.' 7585 type: boolean 7586 isMonitoringDisabled: 7587 description: 'IsMonitoringDisabled defines whether Oracle Cloud 7588 Agent can gather performance metrics and monitor the instance 7589 using the monitoring plugins. Default value is false (monitoring 7590 plugins are enabled). These are the monitoring plugins: Compute 7591 Instance Monitoring and Custom Logs Monitoring. The monitoring 7592 plugins are controlled by this parameter and by the per-plugin 7593 configuration in the `pluginsConfig` object. - If `isMonitoringDisabled` 7594 is true, all of the monitoring plugins are disabled, regardless 7595 of the per-plugin configuration. - If `isMonitoringDisabled` 7596 is false, all of the monitoring plugins are enabled. You can 7597 optionally disable individual monitoring plugins by providing 7598 a value in the `pluginsConfig` object.' 7599 type: boolean 7600 pluginsConfigs: 7601 description: PluginsConfig defines the configuration of plugins 7602 associated with this instance. 7603 items: 7604 description: InstanceAgentPluginConfig defines the configuration 7605 of plugins associated with this instance. 7606 properties: 7607 desiredState: 7608 description: 'DesiredState defines whether the plugin should 7609 be enabled or disabled. To enable the monitoring and management 7610 plugins, the `isMonitoringDisabled` and `isManagementDisabled` 7611 attributes must also be set to false. The following values 7612 are supported: * `ENABLED` * `DISABLED`' 7613 type: string 7614 name: 7615 description: Name defines the name of the plugin. To get 7616 a list of available plugins, use the ListInstanceagentAvailablePlugins 7617 operation in the Oracle Cloud Agent API. For more information 7618 about the available plugins, see Managing Plugins with 7619 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 7620 type: string 7621 type: object 7622 type: array 7623 type: object 7624 availabilityConfig: 7625 description: LaunchInstanceAvailabilityConfig defines the options 7626 for VM migration during infrastructure maintenance events and for 7627 defining the availability of a VM instance after a maintenance event 7628 that impacts the underlying hardware. 7629 properties: 7630 isLiveMigrationPreferred: 7631 description: IsLiveMigrationPreferred defines whether to live 7632 migrate supported VM instances to a healthy physical VM host 7633 without disrupting running instances during infrastructure maintenance 7634 events. If null, Oracle chooses the best option for migrating 7635 the VM during infrastructure maintenance events. 7636 type: boolean 7637 recoveryAction: 7638 description: RecoveryAction defines the lifecycle state for an 7639 instance when it is recovered after infrastructure maintenance. 7640 * `RESTORE_INSTANCE` - The instance is restored to the lifecycle 7641 state it was in before the maintenance event. If the instance 7642 was running, it is automatically rebooted. This is the default 7643 action when a value is not set. * `STOP_INSTANCE` - The instance 7644 is recovered in the stopped state. 7645 type: string 7646 type: object 7647 bootVolumeSizeInGBs: 7648 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 7649 to extend the boot volume size. 7650 type: string 7651 capacityReservationId: 7652 description: CapacityReservationId defines the OCID of the compute 7653 capacity reservation this instance is launched under. You can opt 7654 out of all default reservations by specifying an empty string as 7655 input for this field. For more information, see Capacity Reservations 7656 (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 7657 type: string 7658 compartmentId: 7659 description: Compartment to launch the instance in. 7660 type: string 7661 computeClusterId: 7662 description: ComputeClusterId refers to OCID of the compute cluster 7663 that the instance will be created in. Please refer https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/compute-clusters.htm 7664 for more details 7665 type: string 7666 dedicatedVmHostId: 7667 description: DedicatedVmHostId defines the OCID of the dedicated VM 7668 host. 7669 type: string 7670 definedTags: 7671 additionalProperties: 7672 additionalProperties: 7673 type: string 7674 type: object 7675 description: 'Defined tags for this resource. Each key is predefined 7676 and scoped to a namespace. For more information, see Resource Tags 7677 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 7678 Example: `{"Operations": {"CostCenter": "42"}}`' 7679 type: object 7680 freeformTags: 7681 additionalProperties: 7682 type: string 7683 description: Free-form tags for this resource. 7684 type: object 7685 imageId: 7686 description: OCID of the image to be used to launch the instance. 7687 type: string 7688 instanceId: 7689 description: OCID of launched compute instance. 7690 type: string 7691 instanceOptions: 7692 description: InstanceOptions defines the instance options 7693 properties: 7694 areLegacyImdsEndpointsDisabled: 7695 description: Whether to disable the legacy (/v1) instance metadata 7696 service endpoints. Customers who have migrated to /v2 should 7697 set this to true for added security. Default is false. 7698 type: boolean 7699 type: object 7700 instanceSourceViaImageConfig: 7701 description: InstanceSourceViaImageConfig defines the options for 7702 booting up instances via images 7703 properties: 7704 bootVolumeVpusPerGB: 7705 description: 'BootVolumeVpusPerGB defines the number of volume 7706 performance units (VPUs) that will be applied to this volume 7707 per GB, representing the Block Volume service''s elastic performance 7708 options. See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 7709 for more information. Allowed values: * `10`: Represents Balanced 7710 option. * `20`: Represents Higher Performance option. * `30`-`120`: 7711 Represents the Ultra High Performance option. For volumes with 7712 the auto-tuned performance feature enabled, this is set to the 7713 default (minimum) VPUs/GB.' 7714 format: int64 7715 type: integer 7716 kmsKeyId: 7717 description: KmsKeyId defines the OCID of the Key Management key 7718 to assign as the master encryption key for the boot volume. 7719 type: string 7720 type: object 7721 ipxeScript: 7722 description: IpxeScript is the custom iPXE script that will run when 7723 the instance boots. 7724 type: string 7725 isPvEncryptionInTransitEnabled: 7726 description: Is in transit encryption of volumes required. 7727 type: boolean 7728 launchOptions: 7729 description: LaunchOptions defines the options for tuning the compatibility 7730 and performance of VM shapes 7731 properties: 7732 bootVolumeType: 7733 description: BootVolumeType defines Emulation type for the boot 7734 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 7735 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 7736 - Direct attached Virtual Function storage. This is the default 7737 option for local data volumes on platform images. * `PARAVIRTUALIZED` 7738 - Paravirtualized disk. This is the default for boot volumes 7739 and remote block storage volumes on platform images. 7740 type: string 7741 firmware: 7742 description: Firmware defines the firmware used to boot VM. Select 7743 the option that matches your operating system. * `BIOS` - Boot 7744 VM using BIOS style firmware. This is compatible with both 32 7745 bit and 64 bit operating systems that boot using MBR style bootloaders. 7746 * `UEFI_64` - Boot VM using UEFI style firmware compatible with 7747 64 bit operating systems. This is the default for platform images. 7748 type: string 7749 isConsistentVolumeNamingEnabled: 7750 description: IsConsistentVolumeNamingEnabled defines whether to 7751 enable consistent volume naming feature. Defaults to false. 7752 type: boolean 7753 networkType: 7754 description: NetworkType defines the emulation type for the physical 7755 network interface card (NIC). * `E1000` - Emulated Gigabit ethernet 7756 controller. Compatible with Linux e1000 network driver. * `VFIO` 7757 - Direct attached Virtual Function network controller. This 7758 is the networking type when you launch an instance using hardware-assisted 7759 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances launch 7760 with paravirtualized devices using VirtIO drivers. 7761 type: string 7762 remoteDataVolumeType: 7763 description: RemoteDataVolumeType defines the emulation type for 7764 volume. * `ISCSI` - ISCSI attached block storage device. * `SCSI` 7765 - Emulated SCSI disk. * `IDE` - Emulated IDE disk. * `VFIO` 7766 - Direct attached Virtual Function storage. This is the default 7767 option for local data volumes on platform images. * `PARAVIRTUALIZED` 7768 - Paravirtualized disk. This is the default for boot volumes 7769 and remote block storage volumes on platform images. 7770 type: string 7771 type: object 7772 metadata: 7773 additionalProperties: 7774 type: string 7775 description: Custom metadata key/value pairs that you provide, such 7776 as the SSH public key required to connect to the instance. 7777 type: object 7778 networkDetails: 7779 description: NetworkDetails defines the configuration options for 7780 the network 7781 properties: 7782 assignPrivateDnsRecord: 7783 description: AssignPrivateDnsRecord defines whether the VNIC should 7784 be assigned a DNS record. 7785 type: boolean 7786 assignPublicIp: 7787 description: AssignPublicIp defines whether the instance should 7788 have a public IP address 7789 type: boolean 7790 displayName: 7791 description: DisplayName defines a user-friendly name. Does not 7792 have to be unique, and it's changeable. Avoid entering confidential 7793 information. 7794 type: string 7795 hostnameLabel: 7796 description: HostnameLabel defines the hostname for the VNIC's 7797 primary private IP. Used for DNS. 7798 type: string 7799 nsgId: 7800 description: NSGId defines the ID of the NSG to use. This parameter 7801 takes priority over NsgNames. 7802 type: string 7803 nsgNames: 7804 description: NsgNames defines a list of the nsg names of the network 7805 security groups (NSGs) to add the VNIC to. 7806 items: 7807 type: string 7808 type: array 7809 skipSourceDestCheck: 7810 description: SkipSourceDestCheck defines whether the source/destination 7811 check is disabled on the VNIC. 7812 type: boolean 7813 subnetId: 7814 description: SubnetId defines the ID of the subnet to use. This 7815 parameter takes priority over SubnetName. 7816 type: string 7817 subnetName: 7818 description: SubnetName defines the subnet name to use for the 7819 VNIC 7820 type: string 7821 type: object 7822 platformConfig: 7823 description: PlatformConfig defines the platform config parameters 7824 properties: 7825 amdMilanBmPlatformConfig: 7826 description: AmdMilanBmPlatformConfig describe AMD Milan BM platform 7827 configuration 7828 properties: 7829 areVirtualInstructionsEnabled: 7830 description: Whether virtualization instructions are available. 7831 For example, Secure Virtual Machine for AMD shapes or VT-x 7832 for Intel shapes. 7833 type: boolean 7834 isAccessControlServiceEnabled: 7835 description: Whether the Access Control Service is enabled 7836 on the instance. When enabled, the platform can enforce 7837 PCIe device isolation, required for VFIO device pass-through. 7838 type: boolean 7839 isInputOutputMemoryManagementUnitEnabled: 7840 description: Whether the input-output memory management unit 7841 is enabled. 7842 type: boolean 7843 isMeasuredBootEnabled: 7844 description: Whether the Measured Boot feature is enabled 7845 on the instance. 7846 type: boolean 7847 isMemoryEncryptionEnabled: 7848 description: Whether the instance is a confidential instance. 7849 If this value is `true`, the instance is a confidential 7850 instance. The default value is `false`. 7851 type: boolean 7852 isSecureBootEnabled: 7853 description: Whether Secure Boot is enabled on the instance. 7854 type: boolean 7855 isSymmetricMultiThreadingEnabled: 7856 description: Whether symmetric multithreading is enabled on 7857 the instance. Symmetric multithreading is also called simultaneous 7858 multithreading (SMT) or Intel Hyper-Threading. Intel and 7859 AMD processors have two hardware execution threads per core 7860 (OCPU). SMT permits multiple independent threads of execution, 7861 to better use the resources and increase the efficiency 7862 of the CPU. When multithreading is disabled, only one thread 7863 is permitted to run on each core, which can provide higher 7864 or more predictable performance for some workloads. 7865 type: boolean 7866 isTrustedPlatformModuleEnabled: 7867 description: Whether the Trusted Platform Module (TPM) is 7868 enabled on the instance. 7869 type: boolean 7870 numaNodesPerSocket: 7871 description: 'The number of NUMA nodes per socket (NPS). The 7872 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7873 * `NPS4`' 7874 type: string 7875 percentageOfCoresEnabled: 7876 description: The percentage of cores enabled. Value must be 7877 a multiple of 25%. If the requested percentage results in 7878 a fractional number of cores, the system rounds up the number 7879 of cores across processors and provisions an instance with 7880 a whole number of cores. If the applications that you run 7881 on the instance use a core-based licensing model and need 7882 fewer cores than the full size of the shape, you can disable 7883 cores to reduce your licensing costs. The instance itself 7884 is billed for the full shape, regardless of whether all 7885 cores are enabled. 7886 type: integer 7887 type: object 7888 amdRomeBmGpuPlatformConfig: 7889 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7890 configuration 7891 properties: 7892 areVirtualInstructionsEnabled: 7893 description: Whether virtualization instructions are available. 7894 For example, Secure Virtual Machine for AMD shapes or VT-x 7895 for Intel shapes. 7896 type: boolean 7897 isAccessControlServiceEnabled: 7898 description: Whether the Access Control Service is enabled 7899 on the instance. When enabled, the platform can enforce 7900 PCIe device isolation, required for VFIO device pass-through. 7901 type: boolean 7902 isInputOutputMemoryManagementUnitEnabled: 7903 description: Whether the input-output memory management unit 7904 is enabled. 7905 type: boolean 7906 isMeasuredBootEnabled: 7907 description: Whether the Measured Boot feature is enabled 7908 on the instance. 7909 type: boolean 7910 isMemoryEncryptionEnabled: 7911 description: Whether the instance is a confidential instance. 7912 If this value is `true`, the instance is a confidential 7913 instance. The default value is `false`. 7914 type: boolean 7915 isSecureBootEnabled: 7916 description: Whether Secure Boot is enabled on the instance. 7917 type: boolean 7918 isSymmetricMultiThreadingEnabled: 7919 description: Whether symmetric multithreading is enabled on 7920 the instance. Symmetric multithreading is also called simultaneous 7921 multithreading (SMT) or Intel Hyper-Threading. Intel and 7922 AMD processors have two hardware execution threads per core 7923 (OCPU). SMT permits multiple independent threads of execution, 7924 to better use the resources and increase the efficiency 7925 of the CPU. When multithreading is disabled, only one thread 7926 is permitted to run on each core, which can provide higher 7927 or more predictable performance for some workloads. 7928 type: boolean 7929 isTrustedPlatformModuleEnabled: 7930 description: Whether the Trusted Platform Module (TPM) is 7931 enabled on the instance. 7932 type: boolean 7933 numaNodesPerSocket: 7934 description: 'The number of NUMA nodes per socket (NPS). The 7935 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7936 * `NPS4`' 7937 type: string 7938 type: object 7939 amdRomeBmPlatformConfig: 7940 description: AmdMilanBmPlatformConfig describe AMD Rome BM platform 7941 configuration 7942 properties: 7943 areVirtualInstructionsEnabled: 7944 description: Whether virtualization instructions are available. 7945 For example, Secure Virtual Machine for AMD shapes or VT-x 7946 for Intel shapes. 7947 type: boolean 7948 isAccessControlServiceEnabled: 7949 description: Whether the Access Control Service is enabled 7950 on the instance. When enabled, the platform can enforce 7951 PCIe device isolation, required for VFIO device pass-through. 7952 type: boolean 7953 isInputOutputMemoryManagementUnitEnabled: 7954 description: Whether the input-output memory management unit 7955 is enabled. 7956 type: boolean 7957 isMeasuredBootEnabled: 7958 description: Whether the Measured Boot feature is enabled 7959 on the instance. 7960 type: boolean 7961 isMemoryEncryptionEnabled: 7962 description: Whether the instance is a confidential instance. 7963 If this value is `true`, the instance is a confidential 7964 instance. The default value is `false`. 7965 type: boolean 7966 isSecureBootEnabled: 7967 description: Whether Secure Boot is enabled on the instance. 7968 type: boolean 7969 isSymmetricMultiThreadingEnabled: 7970 description: Whether symmetric multithreading is enabled on 7971 the instance. Symmetric multithreading is also called simultaneous 7972 multithreading (SMT) or Intel Hyper-Threading. Intel and 7973 AMD processors have two hardware execution threads per core 7974 (OCPU). SMT permits multiple independent threads of execution, 7975 to better use the resources and increase the efficiency 7976 of the CPU. When multithreading is disabled, only one thread 7977 is permitted to run on each core, which can provide higher 7978 or more predictable performance for some workloads. 7979 type: boolean 7980 isTrustedPlatformModuleEnabled: 7981 description: Whether the Trusted Platform Module (TPM) is 7982 enabled on the instance. 7983 type: boolean 7984 numaNodesPerSocket: 7985 description: 'The number of NUMA nodes per socket (NPS). The 7986 following values are supported: * `NPS0` * `NPS1` * `NPS2` 7987 * `NPS4`' 7988 type: string 7989 percentageOfCoresEnabled: 7990 description: The percentage of cores enabled. Value must be 7991 a multiple of 25%. If the requested percentage results in 7992 a fractional number of cores, the system rounds up the number 7993 of cores across processors and provisions an instance with 7994 a whole number of cores. If the applications that you run 7995 on the instance use a core-based licensing model and need 7996 fewer cores than the full size of the shape, you can disable 7997 cores to reduce your licensing costs. The instance itself 7998 is billed for the full shape, regardless of whether all 7999 cores are enabled. 8000 type: integer 8001 type: object 8002 amdVmPlatformConfig: 8003 description: AmdMilanBmPlatformConfig describe AMD VM platform 8004 configuration 8005 properties: 8006 isMeasuredBootEnabled: 8007 description: Whether the Measured Boot feature is enabled 8008 on the instance. 8009 type: boolean 8010 isMemoryEncryptionEnabled: 8011 description: Whether the instance is a confidential instance. 8012 If this value is `true`, the instance is a confidential 8013 instance. The default value is `false`. 8014 type: boolean 8015 isSecureBootEnabled: 8016 description: Whether Secure Boot is enabled on the instance. 8017 type: boolean 8018 isTrustedPlatformModuleEnabled: 8019 description: Whether the Trusted Platform Module (TPM) is 8020 enabled on the instance. 8021 type: boolean 8022 type: object 8023 intelIcelakeBmPlatformConfig: 8024 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 8025 platform configuration 8026 properties: 8027 isInputOutputMemoryManagementUnitEnabled: 8028 description: Whether the input-output memory management unit 8029 is enabled. 8030 type: boolean 8031 isMeasuredBootEnabled: 8032 description: Whether the Measured Boot feature is enabled 8033 on the instance. 8034 type: boolean 8035 isMemoryEncryptionEnabled: 8036 description: Whether the instance is a confidential instance. 8037 If this value is `true`, the instance is a confidential 8038 instance. The default value is `false`. 8039 type: boolean 8040 isSecureBootEnabled: 8041 description: Whether Secure Boot is enabled on the instance. 8042 type: boolean 8043 isSymmetricMultiThreadingEnabled: 8044 description: Whether symmetric multithreading is enabled on 8045 the instance. Symmetric multithreading is also called simultaneous 8046 multithreading (SMT) or Intel Hyper-Threading. Intel and 8047 AMD processors have two hardware execution threads per core 8048 (OCPU). SMT permits multiple independent threads of execution, 8049 to better use the resources and increase the efficiency 8050 of the CPU. When multithreading is disabled, only one thread 8051 is permitted to run on each core, which can provide higher 8052 or more predictable performance for some workloads. 8053 type: boolean 8054 isTrustedPlatformModuleEnabled: 8055 description: Whether the Trusted Platform Module (TPM) is 8056 enabled on the instance. 8057 type: boolean 8058 numaNodesPerSocket: 8059 description: 'The number of NUMA nodes per socket (NPS). The 8060 following values are supported: * `NPS1` * `NPS2`' 8061 type: string 8062 percentageOfCoresEnabled: 8063 description: The percentage of cores enabled. Value must be 8064 a multiple of 25%. If the requested percentage results in 8065 a fractional number of cores, the system rounds up the number 8066 of cores across processors and provisions an instance with 8067 a whole number of cores. If the applications that you run 8068 on the instance use a core-based licensing model and need 8069 fewer cores than the full size of the shape, you can disable 8070 cores to reduce your licensing costs. The instance itself 8071 is billed for the full shape, regardless of whether all 8072 cores are enabled. 8073 type: integer 8074 type: object 8075 intelSkylakeBmPlatformConfig: 8076 description: AmdMilanBmPlatformConfig describe Intel Skylke BM 8077 platform configuration 8078 properties: 8079 isMeasuredBootEnabled: 8080 description: Whether the Measured Boot feature is enabled 8081 on the instance. 8082 type: boolean 8083 isMemoryEncryptionEnabled: 8084 description: Whether the instance is a confidential instance. 8085 If this value is `true`, the instance is a confidential 8086 instance. The default value is `false`. 8087 type: boolean 8088 isSecureBootEnabled: 8089 description: Whether Secure Boot is enabled on the instance. 8090 type: boolean 8091 isTrustedPlatformModuleEnabled: 8092 description: Whether the Trusted Platform Module (TPM) is 8093 enabled on the instance. 8094 type: boolean 8095 type: object 8096 intelVmPlatformConfig: 8097 description: AmdMilanBmPlatformConfig describe Intel VM platform 8098 configuration 8099 properties: 8100 isMeasuredBootEnabled: 8101 description: Whether the Measured Boot feature is enabled 8102 on the instance. 8103 type: boolean 8104 isMemoryEncryptionEnabled: 8105 description: Whether the instance is a confidential instance. 8106 If this value is `true`, the instance is a confidential 8107 instance. The default value is `false`. 8108 type: boolean 8109 isSecureBootEnabled: 8110 description: Whether Secure Boot is enabled on the instance. 8111 type: boolean 8112 isTrustedPlatformModuleEnabled: 8113 description: Whether the Trusted Platform Module (TPM) is 8114 enabled on the instance. 8115 type: boolean 8116 type: object 8117 platformConfigType: 8118 description: The type of platform configuration. Valid values 8119 are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 8120 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 8121 Based on the enum, exactly one of the specific configuration 8122 types must be set 8123 type: string 8124 type: object 8125 preemptibleInstanceConfig: 8126 description: PreemptibleInstanceConfig Configuration options for preemptible 8127 instances. 8128 properties: 8129 terminatePreemptionAction: 8130 description: TerminatePreemptionAction terminates the preemptible 8131 instance when it is interrupted for eviction. 8132 properties: 8133 preserveBootVolume: 8134 description: PreserveBootVolume defines whether to preserve 8135 the boot volume that was used to launch the preemptible 8136 instance when the instance is terminated. Defaults to false 8137 if not specified. 8138 type: boolean 8139 type: object 8140 type: object 8141 providerID: 8142 description: Provider ID of the instance, this will be set by Cluster 8143 API provider itself, users should not set this parameter. 8144 type: string 8145 shape: 8146 description: Shape of the instance. 8147 type: string 8148 shapeConfig: 8149 description: The shape configuration of rhe instance, applicable for 8150 flex instances. 8151 properties: 8152 baselineOcpuUtilization: 8153 description: 'The baseline OCPU utilization for a subcore burstable 8154 VM instance. Leave this attribute blank for a non-burstable 8155 instance, or explicitly specify non-burstable with `BASELINE_1_1`. 8156 The following values are supported: - `BASELINE_1_8` - baseline 8157 usage is 1/8 of an OCPU. - `BASELINE_1_2` - baseline usage is 8158 1/2 of an OCPU. - `BASELINE_1_1` - baseline usage is an entire 8159 OCPU. This represents a non-burstable instance.' 8160 type: string 8161 memoryInGBs: 8162 description: The total amount of memory available to the instance, 8163 in gigabytes. 8164 type: string 8165 nvmes: 8166 description: Nvmes defines the number of NVMe drives to be used 8167 for storage. A single drive has 6.8 TB available. 8168 type: integer 8169 ocpus: 8170 description: The total number of OCPUs available to the instance. 8171 type: string 8172 type: object 8173 subnetName: 8174 description: The name of the subnet to use. The name here refers to 8175 the subnets defined in the OCICluster Spec. Optional, only if multiple 8176 subnets of a type is defined, else the first element is used. 8177 type: string 8178 vnicAttachments: 8179 description: VnicAttachments defines the configuration options for 8180 the vnic(s) attached to the machine The network bandwidth and number 8181 of VNICs scale proportionately with the number of OCPUs. 8182 items: 8183 properties: 8184 assignPublicIp: 8185 description: AssignPublicIp defines whether the vnic should 8186 have a public IP address 8187 type: boolean 8188 displayName: 8189 description: DisplayName defines a user-friendly name. Does 8190 not have to be unique. Avoid entering confidential information. 8191 type: string 8192 nicIndex: 8193 description: NicIndex defines which physical Network Interface 8194 Card (NIC) to use You can determine which NICs are active 8195 for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 8196 type: integer 8197 subnetName: 8198 description: SubnetName defines the subnet name to use for the 8199 VNIC Defaults to the "worker" subnet if not provided 8200 type: string 8201 vnicAttachmentId: 8202 description: VnicAttachmentId defines the ID of the VnicAttachment 8203 type: string 8204 required: 8205 - displayName 8206 type: object 8207 type: array 8208 type: object 8209 status: 8210 description: OCIMachineStatus defines the observed state of OCIMachine. 8211 properties: 8212 addresses: 8213 description: Addresses contains the addresses of the associated OCI 8214 instance. 8215 items: 8216 description: MachineAddress contains information for the node's 8217 address. 8218 properties: 8219 address: 8220 description: The machine address. 8221 type: string 8222 type: 8223 description: Machine address type, one of Hostname, ExternalIP, 8224 InternalIP, ExternalDNS or InternalDNS. 8225 type: string 8226 required: 8227 - address 8228 - type 8229 type: object 8230 type: array 8231 conditions: 8232 description: Conditions defines current service state of the OCIMachine. 8233 items: 8234 description: Condition defines an observation of a Cluster API resource 8235 operational state. 8236 properties: 8237 lastTransitionTime: 8238 description: Last time the condition transitioned from one status 8239 to another. This should be when the underlying condition changed. 8240 If that is not known, then using the time when the API field 8241 changed is acceptable. 8242 format: date-time 8243 type: string 8244 message: 8245 description: A human readable message indicating details about 8246 the transition. This field may be empty. 8247 type: string 8248 reason: 8249 description: The reason for the condition's last transition 8250 in CamelCase. The specific API may choose whether or not this 8251 field is considered a guaranteed API. This field may not be 8252 empty. 8253 type: string 8254 severity: 8255 description: Severity provides an explicit classification of 8256 Reason code, so the users or machines can immediately understand 8257 the current situation and act accordingly. The Severity field 8258 MUST be set only when Status=False. 8259 type: string 8260 status: 8261 description: Status of the condition, one of True, False, Unknown. 8262 type: string 8263 type: 8264 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 8265 Many .condition.type values are consistent across resources 8266 like Available, but because arbitrary conditions can be useful 8267 (see .node.status.conditions), the ability to deconflict is 8268 important. 8269 type: string 8270 required: 8271 - lastTransitionTime 8272 - status 8273 - type 8274 type: object 8275 type: array 8276 createBackendWorkRequestId: 8277 description: Create Backend OPC work request ID for the machine backend. 8278 type: string 8279 deleteBackendWorkRequestId: 8280 description: Delete Backend OPC work request ID for the machine backend. 8281 type: string 8282 failureMessage: 8283 description: The error message corresponding to the error on the machine. 8284 type: string 8285 failureReason: 8286 description: Error status on the machine. 8287 type: string 8288 launchInstanceWorkRequestId: 8289 description: Launch instance work request ID. 8290 type: string 8291 ready: 8292 description: Flag set to true when machine is ready. 8293 type: boolean 8294 type: object 8295 type: object 8296 served: true 8297 storage: true 8298 subresources: 8299 status: {} 8300 --- 8301 apiVersion: apiextensions.k8s.io/v1 8302 kind: CustomResourceDefinition 8303 metadata: 8304 annotations: 8305 controller-gen.kubebuilder.io/version: v0.10.0 8306 creationTimestamp: null 8307 labels: 8308 cluster.x-k8s.io/provider: infrastructure-oci 8309 cluster.x-k8s.io/v1beta1: v1beta1 8310 name: ocimachinetemplates.infrastructure.cluster.x-k8s.io 8311 spec: 8312 group: infrastructure.cluster.x-k8s.io 8313 names: 8314 categories: 8315 - cluster-api 8316 kind: OCIMachineTemplate 8317 listKind: OCIMachineTemplateList 8318 plural: ocimachinetemplates 8319 singular: ocimachinetemplate 8320 scope: Namespaced 8321 versions: 8322 - name: v1beta1 8323 schema: 8324 openAPIV3Schema: 8325 description: OCIMachineTemplate is the schema for the OCI compute instance 8326 machine template. 8327 properties: 8328 apiVersion: 8329 description: 'APIVersion defines the versioned schema of this representation 8330 of an object. Servers should convert recognized schemas to the latest 8331 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 8332 type: string 8333 kind: 8334 description: 'Kind is a string value representing the REST resource this 8335 object represents. Servers may infer this from the endpoint the client 8336 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 8337 type: string 8338 metadata: 8339 type: object 8340 spec: 8341 description: OCIMachineTemplateSpec defines the desired state of OCIMachineTemplate. 8342 properties: 8343 template: 8344 description: OCIMachineTemplateResource describes the data needed 8345 to create an OCIMachine from a template. 8346 properties: 8347 spec: 8348 description: Spec is the specification of the desired behavior 8349 of the machine. 8350 properties: 8351 agentConfig: 8352 description: AgentConfig defines the options for the Oracle 8353 Cloud Agent software running on the instance. 8354 properties: 8355 areAllPluginsDisabled: 8356 description: AreAllPluginsDisabled defines whether Oracle 8357 Cloud Agent can run all the available plugins. This 8358 includes the management and monitoring plugins. To get 8359 a list of available plugins, use the ListInstanceagentAvailablePlugins 8360 operation in the Oracle Cloud Agent API. For more information 8361 about the available plugins, see Managing Plugins with 8362 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8363 type: boolean 8364 isManagementDisabled: 8365 description: 'IsManagementDisabled defines whether Oracle 8366 Cloud Agent can run all the available management plugins. 8367 Default value is false (management plugins are enabled). 8368 These are the management plugins: OS Management Service 8369 Agent and Compute Instance Run Command. The management 8370 plugins are controlled by this parameter and by the 8371 per-plugin configuration in the `pluginsConfig` object. 8372 - If `isManagementDisabled` is true, all of the management 8373 plugins are disabled, regardless of the per-plugin configuration. 8374 - If `isManagementDisabled` is false, all of the management 8375 plugins are enabled. You can optionally disable individual 8376 management plugins by providing a value in the `pluginsConfig` 8377 object.' 8378 type: boolean 8379 isMonitoringDisabled: 8380 description: 'IsMonitoringDisabled defines whether Oracle 8381 Cloud Agent can gather performance metrics and monitor 8382 the instance using the monitoring plugins. Default value 8383 is false (monitoring plugins are enabled). These are 8384 the monitoring plugins: Compute Instance Monitoring 8385 and Custom Logs Monitoring. The monitoring plugins are 8386 controlled by this parameter and by the per-plugin configuration 8387 in the `pluginsConfig` object. - If `isMonitoringDisabled` 8388 is true, all of the monitoring plugins are disabled, 8389 regardless of the per-plugin configuration. - If `isMonitoringDisabled` 8390 is false, all of the monitoring plugins are enabled. 8391 You can optionally disable individual monitoring plugins 8392 by providing a value in the `pluginsConfig` object.' 8393 type: boolean 8394 pluginsConfigs: 8395 description: PluginsConfig defines the configuration of 8396 plugins associated with this instance. 8397 items: 8398 description: InstanceAgentPluginConfig defines the configuration 8399 of plugins associated with this instance. 8400 properties: 8401 desiredState: 8402 description: 'DesiredState defines whether the plugin 8403 should be enabled or disabled. To enable the monitoring 8404 and management plugins, the `isMonitoringDisabled` 8405 and `isManagementDisabled` attributes must also 8406 be set to false. The following values are supported: 8407 * `ENABLED` * `DISABLED`' 8408 type: string 8409 name: 8410 description: Name defines the name of the plugin. 8411 To get a list of available plugins, use the ListInstanceagentAvailablePlugins 8412 operation in the Oracle Cloud Agent API. For more 8413 information about the available plugins, see Managing 8414 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 8415 type: string 8416 type: object 8417 type: array 8418 type: object 8419 availabilityConfig: 8420 description: LaunchInstanceAvailabilityConfig defines the 8421 options for VM migration during infrastructure maintenance 8422 events and for defining the availability of a VM instance 8423 after a maintenance event that impacts the underlying hardware. 8424 properties: 8425 isLiveMigrationPreferred: 8426 description: IsLiveMigrationPreferred defines whether 8427 to live migrate supported VM instances to a healthy 8428 physical VM host without disrupting running instances 8429 during infrastructure maintenance events. If null, Oracle 8430 chooses the best option for migrating the VM during 8431 infrastructure maintenance events. 8432 type: boolean 8433 recoveryAction: 8434 description: RecoveryAction defines the lifecycle state 8435 for an instance when it is recovered after infrastructure 8436 maintenance. * `RESTORE_INSTANCE` - The instance is 8437 restored to the lifecycle state it was in before the 8438 maintenance event. If the instance was running, it is 8439 automatically rebooted. This is the default action when 8440 a value is not set. * `STOP_INSTANCE` - The instance 8441 is recovered in the stopped state. 8442 type: string 8443 type: object 8444 bootVolumeSizeInGBs: 8445 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 8446 to extend the boot volume size. 8447 type: string 8448 capacityReservationId: 8449 description: CapacityReservationId defines the OCID of the 8450 compute capacity reservation this instance is launched under. 8451 You can opt out of all default reservations by specifying 8452 an empty string as input for this field. For more information, 8453 see Capacity Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 8454 type: string 8455 compartmentId: 8456 description: Compartment to launch the instance in. 8457 type: string 8458 computeClusterId: 8459 description: ComputeClusterId refers to OCID of the compute 8460 cluster that the instance will be created in. Please refer 8461 https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/compute-clusters.htm 8462 for more details 8463 type: string 8464 dedicatedVmHostId: 8465 description: DedicatedVmHostId defines the OCID of the dedicated 8466 VM host. 8467 type: string 8468 definedTags: 8469 additionalProperties: 8470 additionalProperties: 8471 type: string 8472 type: object 8473 description: 'Defined tags for this resource. Each key is 8474 predefined and scoped to a namespace. For more information, 8475 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 8476 Example: `{"Operations": {"CostCenter": "42"}}`' 8477 type: object 8478 freeformTags: 8479 additionalProperties: 8480 type: string 8481 description: Free-form tags for this resource. 8482 type: object 8483 imageId: 8484 description: OCID of the image to be used to launch the instance. 8485 type: string 8486 instanceId: 8487 description: OCID of launched compute instance. 8488 type: string 8489 instanceOptions: 8490 description: InstanceOptions defines the instance options 8491 properties: 8492 areLegacyImdsEndpointsDisabled: 8493 description: Whether to disable the legacy (/v1) instance 8494 metadata service endpoints. Customers who have migrated 8495 to /v2 should set this to true for added security. Default 8496 is false. 8497 type: boolean 8498 type: object 8499 instanceSourceViaImageConfig: 8500 description: InstanceSourceViaImageConfig defines the options 8501 for booting up instances via images 8502 properties: 8503 bootVolumeVpusPerGB: 8504 description: 'BootVolumeVpusPerGB defines the number of 8505 volume performance units (VPUs) that will be applied 8506 to this volume per GB, representing the Block Volume 8507 service''s elastic performance options. See Block Volume 8508 Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 8509 for more information. Allowed values: * `10`: Represents 8510 Balanced option. * `20`: Represents Higher Performance 8511 option. * `30`-`120`: Represents the Ultra High Performance 8512 option. For volumes with the auto-tuned performance 8513 feature enabled, this is set to the default (minimum) 8514 VPUs/GB.' 8515 format: int64 8516 type: integer 8517 kmsKeyId: 8518 description: KmsKeyId defines the OCID of the Key Management 8519 key to assign as the master encryption key for the boot 8520 volume. 8521 type: string 8522 type: object 8523 ipxeScript: 8524 description: IpxeScript is the custom iPXE script that will 8525 run when the instance boots. 8526 type: string 8527 isPvEncryptionInTransitEnabled: 8528 description: Is in transit encryption of volumes required. 8529 type: boolean 8530 launchOptions: 8531 description: LaunchOptions defines the options for tuning 8532 the compatibility and performance of VM shapes 8533 properties: 8534 bootVolumeType: 8535 description: BootVolumeType defines Emulation type for 8536 the boot volume. * `ISCSI` - ISCSI attached block storage 8537 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 8538 IDE disk. * `VFIO` - Direct attached Virtual Function 8539 storage. This is the default option for local data volumes 8540 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 8541 disk. This is the default for boot volumes and remote 8542 block storage volumes on platform images. 8543 type: string 8544 firmware: 8545 description: Firmware defines the firmware used to boot 8546 VM. Select the option that matches your operating system. 8547 * `BIOS` - Boot VM using BIOS style firmware. This is 8548 compatible with both 32 bit and 64 bit operating systems 8549 that boot using MBR style bootloaders. * `UEFI_64` - 8550 Boot VM using UEFI style firmware compatible with 64 8551 bit operating systems. This is the default for platform 8552 images. 8553 type: string 8554 isConsistentVolumeNamingEnabled: 8555 description: IsConsistentVolumeNamingEnabled defines whether 8556 to enable consistent volume naming feature. Defaults 8557 to false. 8558 type: boolean 8559 networkType: 8560 description: NetworkType defines the emulation type for 8561 the physical network interface card (NIC). * `E1000` 8562 - Emulated Gigabit ethernet controller. Compatible with 8563 Linux e1000 network driver. * `VFIO` - Direct attached 8564 Virtual Function network controller. This is the networking 8565 type when you launch an instance using hardware-assisted 8566 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances 8567 launch with paravirtualized devices using VirtIO drivers. 8568 type: string 8569 remoteDataVolumeType: 8570 description: RemoteDataVolumeType defines the emulation 8571 type for volume. * `ISCSI` - ISCSI attached block storage 8572 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 8573 IDE disk. * `VFIO` - Direct attached Virtual Function 8574 storage. This is the default option for local data volumes 8575 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 8576 disk. This is the default for boot volumes and remote 8577 block storage volumes on platform images. 8578 type: string 8579 type: object 8580 metadata: 8581 additionalProperties: 8582 type: string 8583 description: Custom metadata key/value pairs that you provide, 8584 such as the SSH public key required to connect to the instance. 8585 type: object 8586 networkDetails: 8587 description: NetworkDetails defines the configuration options 8588 for the network 8589 properties: 8590 assignPrivateDnsRecord: 8591 description: AssignPrivateDnsRecord defines whether the 8592 VNIC should be assigned a DNS record. 8593 type: boolean 8594 assignPublicIp: 8595 description: AssignPublicIp defines whether the instance 8596 should have a public IP address 8597 type: boolean 8598 displayName: 8599 description: DisplayName defines a user-friendly name. 8600 Does not have to be unique, and it's changeable. Avoid 8601 entering confidential information. 8602 type: string 8603 hostnameLabel: 8604 description: HostnameLabel defines the hostname for the 8605 VNIC's primary private IP. Used for DNS. 8606 type: string 8607 nsgId: 8608 description: NSGId defines the ID of the NSG to use. This 8609 parameter takes priority over NsgNames. 8610 type: string 8611 nsgNames: 8612 description: NsgNames defines a list of the nsg names 8613 of the network security groups (NSGs) to add the VNIC 8614 to. 8615 items: 8616 type: string 8617 type: array 8618 skipSourceDestCheck: 8619 description: SkipSourceDestCheck defines whether the source/destination 8620 check is disabled on the VNIC. 8621 type: boolean 8622 subnetId: 8623 description: SubnetId defines the ID of the subnet to 8624 use. This parameter takes priority over SubnetName. 8625 type: string 8626 subnetName: 8627 description: SubnetName defines the subnet name to use 8628 for the VNIC 8629 type: string 8630 type: object 8631 nsgName: 8632 description: The name of NSG to use. The name here refers 8633 to the NSGs defined in the OCICluster Spec. Optional, only 8634 if multiple NSGs of a type is defined, else the first element 8635 is used. Deprecated, please use NetworkDetails.NSGNames 8636 type: string 8637 platformConfig: 8638 description: PlatformConfig defines the platform config parameters 8639 properties: 8640 amdMilanBmPlatformConfig: 8641 description: AmdMilanBmPlatformConfig describe AMD Milan 8642 BM platform configuration 8643 properties: 8644 areVirtualInstructionsEnabled: 8645 description: Whether virtualization instructions are 8646 available. For example, Secure Virtual Machine for 8647 AMD shapes or VT-x for Intel shapes. 8648 type: boolean 8649 isAccessControlServiceEnabled: 8650 description: Whether the Access Control Service is 8651 enabled on the instance. When enabled, the platform 8652 can enforce PCIe device isolation, required for 8653 VFIO device pass-through. 8654 type: boolean 8655 isInputOutputMemoryManagementUnitEnabled: 8656 description: Whether the input-output memory management 8657 unit is enabled. 8658 type: boolean 8659 isMeasuredBootEnabled: 8660 description: Whether the Measured Boot feature is 8661 enabled on the instance. 8662 type: boolean 8663 isMemoryEncryptionEnabled: 8664 description: Whether the instance is a confidential 8665 instance. If this value is `true`, the instance 8666 is a confidential instance. The default value is 8667 `false`. 8668 type: boolean 8669 isSecureBootEnabled: 8670 description: Whether Secure Boot is enabled on the 8671 instance. 8672 type: boolean 8673 isSymmetricMultiThreadingEnabled: 8674 description: Whether symmetric multithreading is enabled 8675 on the instance. Symmetric multithreading is also 8676 called simultaneous multithreading (SMT) or Intel 8677 Hyper-Threading. Intel and AMD processors have two 8678 hardware execution threads per core (OCPU). SMT 8679 permits multiple independent threads of execution, 8680 to better use the resources and increase the efficiency 8681 of the CPU. When multithreading is disabled, only 8682 one thread is permitted to run on each core, which 8683 can provide higher or more predictable performance 8684 for some workloads. 8685 type: boolean 8686 isTrustedPlatformModuleEnabled: 8687 description: Whether the Trusted Platform Module (TPM) 8688 is enabled on the instance. 8689 type: boolean 8690 numaNodesPerSocket: 8691 description: 'The number of NUMA nodes per socket 8692 (NPS). The following values are supported: * `NPS0` 8693 * `NPS1` * `NPS2` * `NPS4`' 8694 type: string 8695 percentageOfCoresEnabled: 8696 description: The percentage of cores enabled. Value 8697 must be a multiple of 25%. If the requested percentage 8698 results in a fractional number of cores, the system 8699 rounds up the number of cores across processors 8700 and provisions an instance with a whole number of 8701 cores. If the applications that you run on the instance 8702 use a core-based licensing model and need fewer 8703 cores than the full size of the shape, you can disable 8704 cores to reduce your licensing costs. The instance 8705 itself is billed for the full shape, regardless 8706 of whether all cores are enabled. 8707 type: integer 8708 type: object 8709 amdRomeBmGpuPlatformConfig: 8710 description: AmdMilanBmPlatformConfig describe AMD Rome 8711 BM platform configuration 8712 properties: 8713 areVirtualInstructionsEnabled: 8714 description: Whether virtualization instructions are 8715 available. For example, Secure Virtual Machine for 8716 AMD shapes or VT-x for Intel shapes. 8717 type: boolean 8718 isAccessControlServiceEnabled: 8719 description: Whether the Access Control Service is 8720 enabled on the instance. When enabled, the platform 8721 can enforce PCIe device isolation, required for 8722 VFIO device pass-through. 8723 type: boolean 8724 isInputOutputMemoryManagementUnitEnabled: 8725 description: Whether the input-output memory management 8726 unit is enabled. 8727 type: boolean 8728 isMeasuredBootEnabled: 8729 description: Whether the Measured Boot feature is 8730 enabled on the instance. 8731 type: boolean 8732 isMemoryEncryptionEnabled: 8733 description: Whether the instance is a confidential 8734 instance. If this value is `true`, the instance 8735 is a confidential instance. The default value is 8736 `false`. 8737 type: boolean 8738 isSecureBootEnabled: 8739 description: Whether Secure Boot is enabled on the 8740 instance. 8741 type: boolean 8742 isSymmetricMultiThreadingEnabled: 8743 description: Whether symmetric multithreading is enabled 8744 on the instance. Symmetric multithreading is also 8745 called simultaneous multithreading (SMT) or Intel 8746 Hyper-Threading. Intel and AMD processors have two 8747 hardware execution threads per core (OCPU). SMT 8748 permits multiple independent threads of execution, 8749 to better use the resources and increase the efficiency 8750 of the CPU. When multithreading is disabled, only 8751 one thread is permitted to run on each core, which 8752 can provide higher or more predictable performance 8753 for some workloads. 8754 type: boolean 8755 isTrustedPlatformModuleEnabled: 8756 description: Whether the Trusted Platform Module (TPM) 8757 is enabled on the instance. 8758 type: boolean 8759 numaNodesPerSocket: 8760 description: 'The number of NUMA nodes per socket 8761 (NPS). The following values are supported: * `NPS0` 8762 * `NPS1` * `NPS2` * `NPS4`' 8763 type: string 8764 type: object 8765 amdRomeBmPlatformConfig: 8766 description: AmdMilanBmPlatformConfig describe AMD Rome 8767 BM platform configuration 8768 properties: 8769 areVirtualInstructionsEnabled: 8770 description: Whether virtualization instructions are 8771 available. For example, Secure Virtual Machine for 8772 AMD shapes or VT-x for Intel shapes. 8773 type: boolean 8774 isAccessControlServiceEnabled: 8775 description: Whether the Access Control Service is 8776 enabled on the instance. When enabled, the platform 8777 can enforce PCIe device isolation, required for 8778 VFIO device pass-through. 8779 type: boolean 8780 isInputOutputMemoryManagementUnitEnabled: 8781 description: Whether the input-output memory management 8782 unit is enabled. 8783 type: boolean 8784 isMeasuredBootEnabled: 8785 description: Whether the Measured Boot feature is 8786 enabled on the instance. 8787 type: boolean 8788 isMemoryEncryptionEnabled: 8789 description: Whether the instance is a confidential 8790 instance. If this value is `true`, the instance 8791 is a confidential instance. The default value is 8792 `false`. 8793 type: boolean 8794 isSecureBootEnabled: 8795 description: Whether Secure Boot is enabled on the 8796 instance. 8797 type: boolean 8798 isSymmetricMultiThreadingEnabled: 8799 description: Whether symmetric multithreading is enabled 8800 on the instance. Symmetric multithreading is also 8801 called simultaneous multithreading (SMT) or Intel 8802 Hyper-Threading. Intel and AMD processors have two 8803 hardware execution threads per core (OCPU). SMT 8804 permits multiple independent threads of execution, 8805 to better use the resources and increase the efficiency 8806 of the CPU. When multithreading is disabled, only 8807 one thread is permitted to run on each core, which 8808 can provide higher or more predictable performance 8809 for some workloads. 8810 type: boolean 8811 isTrustedPlatformModuleEnabled: 8812 description: Whether the Trusted Platform Module (TPM) 8813 is enabled on the instance. 8814 type: boolean 8815 numaNodesPerSocket: 8816 description: 'The number of NUMA nodes per socket 8817 (NPS). The following values are supported: * `NPS0` 8818 * `NPS1` * `NPS2` * `NPS4`' 8819 type: string 8820 percentageOfCoresEnabled: 8821 description: The percentage of cores enabled. Value 8822 must be a multiple of 25%. If the requested percentage 8823 results in a fractional number of cores, the system 8824 rounds up the number of cores across processors 8825 and provisions an instance with a whole number of 8826 cores. If the applications that you run on the instance 8827 use a core-based licensing model and need fewer 8828 cores than the full size of the shape, you can disable 8829 cores to reduce your licensing costs. The instance 8830 itself is billed for the full shape, regardless 8831 of whether all cores are enabled. 8832 type: integer 8833 type: object 8834 amdVmPlatformConfig: 8835 description: AmdMilanBmPlatformConfig describe AMD VM 8836 platform configuration 8837 properties: 8838 isMeasuredBootEnabled: 8839 description: Whether the Measured Boot feature is 8840 enabled on the instance. 8841 type: boolean 8842 isMemoryEncryptionEnabled: 8843 description: Whether the instance is a confidential 8844 instance. If this value is `true`, the instance 8845 is a confidential instance. The default value is 8846 `false`. 8847 type: boolean 8848 isSecureBootEnabled: 8849 description: Whether Secure Boot is enabled on the 8850 instance. 8851 type: boolean 8852 isTrustedPlatformModuleEnabled: 8853 description: Whether the Trusted Platform Module (TPM) 8854 is enabled on the instance. 8855 type: boolean 8856 type: object 8857 intelIcelakeBmPlatformConfig: 8858 description: AmdMilanBmPlatformConfig describe Intel Skylke 8859 BM platform configuration 8860 properties: 8861 isInputOutputMemoryManagementUnitEnabled: 8862 description: Whether the input-output memory management 8863 unit is enabled. 8864 type: boolean 8865 isMeasuredBootEnabled: 8866 description: Whether the Measured Boot feature is 8867 enabled on the instance. 8868 type: boolean 8869 isMemoryEncryptionEnabled: 8870 description: Whether the instance is a confidential 8871 instance. If this value is `true`, the instance 8872 is a confidential instance. The default value is 8873 `false`. 8874 type: boolean 8875 isSecureBootEnabled: 8876 description: Whether Secure Boot is enabled on the 8877 instance. 8878 type: boolean 8879 isSymmetricMultiThreadingEnabled: 8880 description: Whether symmetric multithreading is enabled 8881 on the instance. Symmetric multithreading is also 8882 called simultaneous multithreading (SMT) or Intel 8883 Hyper-Threading. Intel and AMD processors have two 8884 hardware execution threads per core (OCPU). SMT 8885 permits multiple independent threads of execution, 8886 to better use the resources and increase the efficiency 8887 of the CPU. When multithreading is disabled, only 8888 one thread is permitted to run on each core, which 8889 can provide higher or more predictable performance 8890 for some workloads. 8891 type: boolean 8892 isTrustedPlatformModuleEnabled: 8893 description: Whether the Trusted Platform Module (TPM) 8894 is enabled on the instance. 8895 type: boolean 8896 numaNodesPerSocket: 8897 description: 'The number of NUMA nodes per socket 8898 (NPS). The following values are supported: * `NPS1` 8899 * `NPS2`' 8900 type: string 8901 percentageOfCoresEnabled: 8902 description: The percentage of cores enabled. Value 8903 must be a multiple of 25%. If the requested percentage 8904 results in a fractional number of cores, the system 8905 rounds up the number of cores across processors 8906 and provisions an instance with a whole number of 8907 cores. If the applications that you run on the instance 8908 use a core-based licensing model and need fewer 8909 cores than the full size of the shape, you can disable 8910 cores to reduce your licensing costs. The instance 8911 itself is billed for the full shape, regardless 8912 of whether all cores are enabled. 8913 type: integer 8914 type: object 8915 intelSkylakeBmPlatformConfig: 8916 description: AmdMilanBmPlatformConfig describe Intel Skylke 8917 BM platform configuration 8918 properties: 8919 isMeasuredBootEnabled: 8920 description: Whether the Measured Boot feature is 8921 enabled on the instance. 8922 type: boolean 8923 isMemoryEncryptionEnabled: 8924 description: Whether the instance is a confidential 8925 instance. If this value is `true`, the instance 8926 is a confidential instance. The default value is 8927 `false`. 8928 type: boolean 8929 isSecureBootEnabled: 8930 description: Whether Secure Boot is enabled on the 8931 instance. 8932 type: boolean 8933 isTrustedPlatformModuleEnabled: 8934 description: Whether the Trusted Platform Module (TPM) 8935 is enabled on the instance. 8936 type: boolean 8937 type: object 8938 intelVmPlatformConfig: 8939 description: AmdMilanBmPlatformConfig describe Intel VM 8940 platform configuration 8941 properties: 8942 isMeasuredBootEnabled: 8943 description: Whether the Measured Boot feature is 8944 enabled on the instance. 8945 type: boolean 8946 isMemoryEncryptionEnabled: 8947 description: Whether the instance is a confidential 8948 instance. If this value is `true`, the instance 8949 is a confidential instance. The default value is 8950 `false`. 8951 type: boolean 8952 isSecureBootEnabled: 8953 description: Whether Secure Boot is enabled on the 8954 instance. 8955 type: boolean 8956 isTrustedPlatformModuleEnabled: 8957 description: Whether the Trusted Platform Module (TPM) 8958 is enabled on the instance. 8959 type: boolean 8960 type: object 8961 platformConfigType: 8962 description: The type of platform configuration. Valid 8963 values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 8964 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 8965 Based on the enum, exactly one of the specific configuration 8966 types must be set 8967 type: string 8968 type: object 8969 preemptibleInstanceConfig: 8970 description: PreemptibleInstanceConfig Configuration options 8971 for preemptible instances. 8972 properties: 8973 terminatePreemptionAction: 8974 description: TerminatePreemptionAction terminates the 8975 preemptible instance when it is interrupted for eviction. 8976 properties: 8977 preserveBootVolume: 8978 description: PreserveBootVolume defines whether to 8979 preserve the boot volume that was used to launch 8980 the preemptible instance when the instance is terminated. 8981 Defaults to false if not specified. 8982 type: boolean 8983 type: object 8984 type: object 8985 providerID: 8986 description: Provider ID of the instance, this will be set 8987 by Cluster API provider itself, users should not set this 8988 parameter. 8989 type: string 8990 shape: 8991 description: Shape of the instance. 8992 type: string 8993 shapeConfig: 8994 description: The shape configuration of rhe instance, applicable 8995 for flex instances. 8996 properties: 8997 baselineOcpuUtilization: 8998 description: 'The baseline OCPU utilization for a subcore 8999 burstable VM instance. Leave this attribute blank for 9000 a non-burstable instance, or explicitly specify non-burstable 9001 with `BASELINE_1_1`. The following values are supported: 9002 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. 9003 - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. 9004 - `BASELINE_1_1` - baseline usage is an entire OCPU. 9005 This represents a non-burstable instance.' 9006 type: string 9007 memoryInGBs: 9008 description: The total amount of memory available to the 9009 instance, in gigabytes. 9010 type: string 9011 nvmes: 9012 description: Nvmes defines the number of NVMe drives to 9013 be used for storage. A single drive has 6.8 TB available. 9014 type: integer 9015 ocpus: 9016 description: The total number of OCPUs available to the 9017 instance. 9018 type: string 9019 type: object 9020 subnetName: 9021 description: The name of the subnet to use. The name here 9022 refers to the subnets defined in the OCICluster Spec. Optional, 9023 only if multiple subnets of a type is defined, else the 9024 first element is used. 9025 type: string 9026 vnicAttachments: 9027 description: VnicAttachments defines the configuration options 9028 for the vnic(s) attached to the machine The network bandwidth 9029 and number of VNICs scale proportionately with the number 9030 of OCPUs. 9031 items: 9032 properties: 9033 assignPublicIp: 9034 description: AssignPublicIp defines whether the vnic 9035 should have a public IP address 9036 type: boolean 9037 displayName: 9038 description: DisplayName defines a user-friendly name. 9039 Does not have to be unique. Avoid entering confidential 9040 information. 9041 type: string 9042 nicIndex: 9043 description: NicIndex defines which physical Network 9044 Interface Card (NIC) to use You can determine which 9045 NICs are active for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 9046 type: integer 9047 subnetName: 9048 description: SubnetName defines the subnet name to use 9049 for the VNIC Defaults to the "worker" subnet if not 9050 provided 9051 type: string 9052 vnicAttachmentId: 9053 description: VnicAttachmentId defines the ID of the 9054 VnicAttachment 9055 type: string 9056 required: 9057 - displayName 9058 type: object 9059 type: array 9060 type: object 9061 required: 9062 - spec 9063 type: object 9064 required: 9065 - template 9066 type: object 9067 type: object 9068 served: true 9069 storage: false 9070 - name: v1beta2 9071 schema: 9072 openAPIV3Schema: 9073 description: OCIMachineTemplate is the schema for the OCI compute instance 9074 machine template. 9075 properties: 9076 apiVersion: 9077 description: 'APIVersion defines the versioned schema of this representation 9078 of an object. Servers should convert recognized schemas to the latest 9079 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9080 type: string 9081 kind: 9082 description: 'Kind is a string value representing the REST resource this 9083 object represents. Servers may infer this from the endpoint the client 9084 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9085 type: string 9086 metadata: 9087 type: object 9088 spec: 9089 description: OCIMachineTemplateSpec defines the desired state of OCIMachineTemplate. 9090 properties: 9091 template: 9092 description: OCIMachineTemplateResource describes the data needed 9093 to create an OCIMachine from a template. 9094 properties: 9095 spec: 9096 description: Spec is the specification of the desired behavior 9097 of the machine. 9098 properties: 9099 agentConfig: 9100 description: AgentConfig defines the options for the Oracle 9101 Cloud Agent software running on the instance. 9102 properties: 9103 areAllPluginsDisabled: 9104 description: AreAllPluginsDisabled defines whether Oracle 9105 Cloud Agent can run all the available plugins. This 9106 includes the management and monitoring plugins. To get 9107 a list of available plugins, use the ListInstanceagentAvailablePlugins 9108 operation in the Oracle Cloud Agent API. For more information 9109 about the available plugins, see Managing Plugins with 9110 Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 9111 type: boolean 9112 isManagementDisabled: 9113 description: 'IsManagementDisabled defines whether Oracle 9114 Cloud Agent can run all the available management plugins. 9115 Default value is false (management plugins are enabled). 9116 These are the management plugins: OS Management Service 9117 Agent and Compute Instance Run Command. The management 9118 plugins are controlled by this parameter and by the 9119 per-plugin configuration in the `pluginsConfig` object. 9120 - If `isManagementDisabled` is true, all of the management 9121 plugins are disabled, regardless of the per-plugin configuration. 9122 - If `isManagementDisabled` is false, all of the management 9123 plugins are enabled. You can optionally disable individual 9124 management plugins by providing a value in the `pluginsConfig` 9125 object.' 9126 type: boolean 9127 isMonitoringDisabled: 9128 description: 'IsMonitoringDisabled defines whether Oracle 9129 Cloud Agent can gather performance metrics and monitor 9130 the instance using the monitoring plugins. Default value 9131 is false (monitoring plugins are enabled). These are 9132 the monitoring plugins: Compute Instance Monitoring 9133 and Custom Logs Monitoring. The monitoring plugins are 9134 controlled by this parameter and by the per-plugin configuration 9135 in the `pluginsConfig` object. - If `isMonitoringDisabled` 9136 is true, all of the monitoring plugins are disabled, 9137 regardless of the per-plugin configuration. - If `isMonitoringDisabled` 9138 is false, all of the monitoring plugins are enabled. 9139 You can optionally disable individual monitoring plugins 9140 by providing a value in the `pluginsConfig` object.' 9141 type: boolean 9142 pluginsConfigs: 9143 description: PluginsConfig defines the configuration of 9144 plugins associated with this instance. 9145 items: 9146 description: InstanceAgentPluginConfig defines the configuration 9147 of plugins associated with this instance. 9148 properties: 9149 desiredState: 9150 description: 'DesiredState defines whether the plugin 9151 should be enabled or disabled. To enable the monitoring 9152 and management plugins, the `isMonitoringDisabled` 9153 and `isManagementDisabled` attributes must also 9154 be set to false. The following values are supported: 9155 * `ENABLED` * `DISABLED`' 9156 type: string 9157 name: 9158 description: Name defines the name of the plugin. 9159 To get a list of available plugins, use the ListInstanceagentAvailablePlugins 9160 operation in the Oracle Cloud Agent API. For more 9161 information about the available plugins, see Managing 9162 Plugins with Oracle Cloud Agent (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/manage-plugins.htm). 9163 type: string 9164 type: object 9165 type: array 9166 type: object 9167 availabilityConfig: 9168 description: LaunchInstanceAvailabilityConfig defines the 9169 options for VM migration during infrastructure maintenance 9170 events and for defining the availability of a VM instance 9171 after a maintenance event that impacts the underlying hardware. 9172 properties: 9173 isLiveMigrationPreferred: 9174 description: IsLiveMigrationPreferred defines whether 9175 to live migrate supported VM instances to a healthy 9176 physical VM host without disrupting running instances 9177 during infrastructure maintenance events. If null, Oracle 9178 chooses the best option for migrating the VM during 9179 infrastructure maintenance events. 9180 type: boolean 9181 recoveryAction: 9182 description: RecoveryAction defines the lifecycle state 9183 for an instance when it is recovered after infrastructure 9184 maintenance. * `RESTORE_INSTANCE` - The instance is 9185 restored to the lifecycle state it was in before the 9186 maintenance event. If the instance was running, it is 9187 automatically rebooted. This is the default action when 9188 a value is not set. * `STOP_INSTANCE` - The instance 9189 is recovered in the stopped state. 9190 type: string 9191 type: object 9192 bootVolumeSizeInGBs: 9193 description: The size of boot volume. Please see https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/extendingbootpartition.htm 9194 to extend the boot volume size. 9195 type: string 9196 capacityReservationId: 9197 description: CapacityReservationId defines the OCID of the 9198 compute capacity reservation this instance is launched under. 9199 You can opt out of all default reservations by specifying 9200 an empty string as input for this field. For more information, 9201 see Capacity Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). 9202 type: string 9203 compartmentId: 9204 description: Compartment to launch the instance in. 9205 type: string 9206 computeClusterId: 9207 description: ComputeClusterId refers to OCID of the compute 9208 cluster that the instance will be created in. Please refer 9209 https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/compute-clusters.htm 9210 for more details 9211 type: string 9212 dedicatedVmHostId: 9213 description: DedicatedVmHostId defines the OCID of the dedicated 9214 VM host. 9215 type: string 9216 definedTags: 9217 additionalProperties: 9218 additionalProperties: 9219 type: string 9220 type: object 9221 description: 'Defined tags for this resource. Each key is 9222 predefined and scoped to a namespace. For more information, 9223 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 9224 Example: `{"Operations": {"CostCenter": "42"}}`' 9225 type: object 9226 freeformTags: 9227 additionalProperties: 9228 type: string 9229 description: Free-form tags for this resource. 9230 type: object 9231 imageId: 9232 description: OCID of the image to be used to launch the instance. 9233 type: string 9234 instanceId: 9235 description: OCID of launched compute instance. 9236 type: string 9237 instanceOptions: 9238 description: InstanceOptions defines the instance options 9239 properties: 9240 areLegacyImdsEndpointsDisabled: 9241 description: Whether to disable the legacy (/v1) instance 9242 metadata service endpoints. Customers who have migrated 9243 to /v2 should set this to true for added security. Default 9244 is false. 9245 type: boolean 9246 type: object 9247 instanceSourceViaImageConfig: 9248 description: InstanceSourceViaImageConfig defines the options 9249 for booting up instances via images 9250 properties: 9251 bootVolumeVpusPerGB: 9252 description: 'BootVolumeVpusPerGB defines the number of 9253 volume performance units (VPUs) that will be applied 9254 to this volume per GB, representing the Block Volume 9255 service''s elastic performance options. See Block Volume 9256 Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) 9257 for more information. Allowed values: * `10`: Represents 9258 Balanced option. * `20`: Represents Higher Performance 9259 option. * `30`-`120`: Represents the Ultra High Performance 9260 option. For volumes with the auto-tuned performance 9261 feature enabled, this is set to the default (minimum) 9262 VPUs/GB.' 9263 format: int64 9264 type: integer 9265 kmsKeyId: 9266 description: KmsKeyId defines the OCID of the Key Management 9267 key to assign as the master encryption key for the boot 9268 volume. 9269 type: string 9270 type: object 9271 ipxeScript: 9272 description: IpxeScript is the custom iPXE script that will 9273 run when the instance boots. 9274 type: string 9275 isPvEncryptionInTransitEnabled: 9276 description: Is in transit encryption of volumes required. 9277 type: boolean 9278 launchOptions: 9279 description: LaunchOptions defines the options for tuning 9280 the compatibility and performance of VM shapes 9281 properties: 9282 bootVolumeType: 9283 description: BootVolumeType defines Emulation type for 9284 the boot volume. * `ISCSI` - ISCSI attached block storage 9285 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 9286 IDE disk. * `VFIO` - Direct attached Virtual Function 9287 storage. This is the default option for local data volumes 9288 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 9289 disk. This is the default for boot volumes and remote 9290 block storage volumes on platform images. 9291 type: string 9292 firmware: 9293 description: Firmware defines the firmware used to boot 9294 VM. Select the option that matches your operating system. 9295 * `BIOS` - Boot VM using BIOS style firmware. This is 9296 compatible with both 32 bit and 64 bit operating systems 9297 that boot using MBR style bootloaders. * `UEFI_64` - 9298 Boot VM using UEFI style firmware compatible with 64 9299 bit operating systems. This is the default for platform 9300 images. 9301 type: string 9302 isConsistentVolumeNamingEnabled: 9303 description: IsConsistentVolumeNamingEnabled defines whether 9304 to enable consistent volume naming feature. Defaults 9305 to false. 9306 type: boolean 9307 networkType: 9308 description: NetworkType defines the emulation type for 9309 the physical network interface card (NIC). * `E1000` 9310 - Emulated Gigabit ethernet controller. Compatible with 9311 Linux e1000 network driver. * `VFIO` - Direct attached 9312 Virtual Function network controller. This is the networking 9313 type when you launch an instance using hardware-assisted 9314 (SR-IOV) networking. * `PARAVIRTUALIZED` - VM instances 9315 launch with paravirtualized devices using VirtIO drivers. 9316 type: string 9317 remoteDataVolumeType: 9318 description: RemoteDataVolumeType defines the emulation 9319 type for volume. * `ISCSI` - ISCSI attached block storage 9320 device. * `SCSI` - Emulated SCSI disk. * `IDE` - Emulated 9321 IDE disk. * `VFIO` - Direct attached Virtual Function 9322 storage. This is the default option for local data volumes 9323 on platform images. * `PARAVIRTUALIZED` - Paravirtualized 9324 disk. This is the default for boot volumes and remote 9325 block storage volumes on platform images. 9326 type: string 9327 type: object 9328 metadata: 9329 additionalProperties: 9330 type: string 9331 description: Custom metadata key/value pairs that you provide, 9332 such as the SSH public key required to connect to the instance. 9333 type: object 9334 networkDetails: 9335 description: NetworkDetails defines the configuration options 9336 for the network 9337 properties: 9338 assignPrivateDnsRecord: 9339 description: AssignPrivateDnsRecord defines whether the 9340 VNIC should be assigned a DNS record. 9341 type: boolean 9342 assignPublicIp: 9343 description: AssignPublicIp defines whether the instance 9344 should have a public IP address 9345 type: boolean 9346 displayName: 9347 description: DisplayName defines a user-friendly name. 9348 Does not have to be unique, and it's changeable. Avoid 9349 entering confidential information. 9350 type: string 9351 hostnameLabel: 9352 description: HostnameLabel defines the hostname for the 9353 VNIC's primary private IP. Used for DNS. 9354 type: string 9355 nsgId: 9356 description: NSGId defines the ID of the NSG to use. This 9357 parameter takes priority over NsgNames. 9358 type: string 9359 nsgNames: 9360 description: NsgNames defines a list of the nsg names 9361 of the network security groups (NSGs) to add the VNIC 9362 to. 9363 items: 9364 type: string 9365 type: array 9366 skipSourceDestCheck: 9367 description: SkipSourceDestCheck defines whether the source/destination 9368 check is disabled on the VNIC. 9369 type: boolean 9370 subnetId: 9371 description: SubnetId defines the ID of the subnet to 9372 use. This parameter takes priority over SubnetName. 9373 type: string 9374 subnetName: 9375 description: SubnetName defines the subnet name to use 9376 for the VNIC 9377 type: string 9378 type: object 9379 platformConfig: 9380 description: PlatformConfig defines the platform config parameters 9381 properties: 9382 amdMilanBmPlatformConfig: 9383 description: AmdMilanBmPlatformConfig describe AMD Milan 9384 BM platform configuration 9385 properties: 9386 areVirtualInstructionsEnabled: 9387 description: Whether virtualization instructions are 9388 available. For example, Secure Virtual Machine for 9389 AMD shapes or VT-x for Intel shapes. 9390 type: boolean 9391 isAccessControlServiceEnabled: 9392 description: Whether the Access Control Service is 9393 enabled on the instance. When enabled, the platform 9394 can enforce PCIe device isolation, required for 9395 VFIO device pass-through. 9396 type: boolean 9397 isInputOutputMemoryManagementUnitEnabled: 9398 description: Whether the input-output memory management 9399 unit is enabled. 9400 type: boolean 9401 isMeasuredBootEnabled: 9402 description: Whether the Measured Boot feature is 9403 enabled on the instance. 9404 type: boolean 9405 isMemoryEncryptionEnabled: 9406 description: Whether the instance is a confidential 9407 instance. If this value is `true`, the instance 9408 is a confidential instance. The default value is 9409 `false`. 9410 type: boolean 9411 isSecureBootEnabled: 9412 description: Whether Secure Boot is enabled on the 9413 instance. 9414 type: boolean 9415 isSymmetricMultiThreadingEnabled: 9416 description: Whether symmetric multithreading is enabled 9417 on the instance. Symmetric multithreading is also 9418 called simultaneous multithreading (SMT) or Intel 9419 Hyper-Threading. Intel and AMD processors have two 9420 hardware execution threads per core (OCPU). SMT 9421 permits multiple independent threads of execution, 9422 to better use the resources and increase the efficiency 9423 of the CPU. When multithreading is disabled, only 9424 one thread is permitted to run on each core, which 9425 can provide higher or more predictable performance 9426 for some workloads. 9427 type: boolean 9428 isTrustedPlatformModuleEnabled: 9429 description: Whether the Trusted Platform Module (TPM) 9430 is enabled on the instance. 9431 type: boolean 9432 numaNodesPerSocket: 9433 description: 'The number of NUMA nodes per socket 9434 (NPS). The following values are supported: * `NPS0` 9435 * `NPS1` * `NPS2` * `NPS4`' 9436 type: string 9437 percentageOfCoresEnabled: 9438 description: The percentage of cores enabled. Value 9439 must be a multiple of 25%. If the requested percentage 9440 results in a fractional number of cores, the system 9441 rounds up the number of cores across processors 9442 and provisions an instance with a whole number of 9443 cores. If the applications that you run on the instance 9444 use a core-based licensing model and need fewer 9445 cores than the full size of the shape, you can disable 9446 cores to reduce your licensing costs. The instance 9447 itself is billed for the full shape, regardless 9448 of whether all cores are enabled. 9449 type: integer 9450 type: object 9451 amdRomeBmGpuPlatformConfig: 9452 description: AmdMilanBmPlatformConfig describe AMD Rome 9453 BM platform configuration 9454 properties: 9455 areVirtualInstructionsEnabled: 9456 description: Whether virtualization instructions are 9457 available. For example, Secure Virtual Machine for 9458 AMD shapes or VT-x for Intel shapes. 9459 type: boolean 9460 isAccessControlServiceEnabled: 9461 description: Whether the Access Control Service is 9462 enabled on the instance. When enabled, the platform 9463 can enforce PCIe device isolation, required for 9464 VFIO device pass-through. 9465 type: boolean 9466 isInputOutputMemoryManagementUnitEnabled: 9467 description: Whether the input-output memory management 9468 unit is enabled. 9469 type: boolean 9470 isMeasuredBootEnabled: 9471 description: Whether the Measured Boot feature is 9472 enabled on the instance. 9473 type: boolean 9474 isMemoryEncryptionEnabled: 9475 description: Whether the instance is a confidential 9476 instance. If this value is `true`, the instance 9477 is a confidential instance. The default value is 9478 `false`. 9479 type: boolean 9480 isSecureBootEnabled: 9481 description: Whether Secure Boot is enabled on the 9482 instance. 9483 type: boolean 9484 isSymmetricMultiThreadingEnabled: 9485 description: Whether symmetric multithreading is enabled 9486 on the instance. Symmetric multithreading is also 9487 called simultaneous multithreading (SMT) or Intel 9488 Hyper-Threading. Intel and AMD processors have two 9489 hardware execution threads per core (OCPU). SMT 9490 permits multiple independent threads of execution, 9491 to better use the resources and increase the efficiency 9492 of the CPU. When multithreading is disabled, only 9493 one thread is permitted to run on each core, which 9494 can provide higher or more predictable performance 9495 for some workloads. 9496 type: boolean 9497 isTrustedPlatformModuleEnabled: 9498 description: Whether the Trusted Platform Module (TPM) 9499 is enabled on the instance. 9500 type: boolean 9501 numaNodesPerSocket: 9502 description: 'The number of NUMA nodes per socket 9503 (NPS). The following values are supported: * `NPS0` 9504 * `NPS1` * `NPS2` * `NPS4`' 9505 type: string 9506 type: object 9507 amdRomeBmPlatformConfig: 9508 description: AmdMilanBmPlatformConfig describe AMD Rome 9509 BM platform configuration 9510 properties: 9511 areVirtualInstructionsEnabled: 9512 description: Whether virtualization instructions are 9513 available. For example, Secure Virtual Machine for 9514 AMD shapes or VT-x for Intel shapes. 9515 type: boolean 9516 isAccessControlServiceEnabled: 9517 description: Whether the Access Control Service is 9518 enabled on the instance. When enabled, the platform 9519 can enforce PCIe device isolation, required for 9520 VFIO device pass-through. 9521 type: boolean 9522 isInputOutputMemoryManagementUnitEnabled: 9523 description: Whether the input-output memory management 9524 unit is enabled. 9525 type: boolean 9526 isMeasuredBootEnabled: 9527 description: Whether the Measured Boot feature is 9528 enabled on the instance. 9529 type: boolean 9530 isMemoryEncryptionEnabled: 9531 description: Whether the instance is a confidential 9532 instance. If this value is `true`, the instance 9533 is a confidential instance. The default value is 9534 `false`. 9535 type: boolean 9536 isSecureBootEnabled: 9537 description: Whether Secure Boot is enabled on the 9538 instance. 9539 type: boolean 9540 isSymmetricMultiThreadingEnabled: 9541 description: Whether symmetric multithreading is enabled 9542 on the instance. Symmetric multithreading is also 9543 called simultaneous multithreading (SMT) or Intel 9544 Hyper-Threading. Intel and AMD processors have two 9545 hardware execution threads per core (OCPU). SMT 9546 permits multiple independent threads of execution, 9547 to better use the resources and increase the efficiency 9548 of the CPU. When multithreading is disabled, only 9549 one thread is permitted to run on each core, which 9550 can provide higher or more predictable performance 9551 for some workloads. 9552 type: boolean 9553 isTrustedPlatformModuleEnabled: 9554 description: Whether the Trusted Platform Module (TPM) 9555 is enabled on the instance. 9556 type: boolean 9557 numaNodesPerSocket: 9558 description: 'The number of NUMA nodes per socket 9559 (NPS). The following values are supported: * `NPS0` 9560 * `NPS1` * `NPS2` * `NPS4`' 9561 type: string 9562 percentageOfCoresEnabled: 9563 description: The percentage of cores enabled. Value 9564 must be a multiple of 25%. If the requested percentage 9565 results in a fractional number of cores, the system 9566 rounds up the number of cores across processors 9567 and provisions an instance with a whole number of 9568 cores. If the applications that you run on the instance 9569 use a core-based licensing model and need fewer 9570 cores than the full size of the shape, you can disable 9571 cores to reduce your licensing costs. The instance 9572 itself is billed for the full shape, regardless 9573 of whether all cores are enabled. 9574 type: integer 9575 type: object 9576 amdVmPlatformConfig: 9577 description: AmdMilanBmPlatformConfig describe AMD VM 9578 platform configuration 9579 properties: 9580 isMeasuredBootEnabled: 9581 description: Whether the Measured Boot feature is 9582 enabled on the instance. 9583 type: boolean 9584 isMemoryEncryptionEnabled: 9585 description: Whether the instance is a confidential 9586 instance. If this value is `true`, the instance 9587 is a confidential instance. The default value is 9588 `false`. 9589 type: boolean 9590 isSecureBootEnabled: 9591 description: Whether Secure Boot is enabled on the 9592 instance. 9593 type: boolean 9594 isTrustedPlatformModuleEnabled: 9595 description: Whether the Trusted Platform Module (TPM) 9596 is enabled on the instance. 9597 type: boolean 9598 type: object 9599 intelIcelakeBmPlatformConfig: 9600 description: AmdMilanBmPlatformConfig describe Intel Skylke 9601 BM platform configuration 9602 properties: 9603 isInputOutputMemoryManagementUnitEnabled: 9604 description: Whether the input-output memory management 9605 unit is enabled. 9606 type: boolean 9607 isMeasuredBootEnabled: 9608 description: Whether the Measured Boot feature is 9609 enabled on the instance. 9610 type: boolean 9611 isMemoryEncryptionEnabled: 9612 description: Whether the instance is a confidential 9613 instance. If this value is `true`, the instance 9614 is a confidential instance. The default value is 9615 `false`. 9616 type: boolean 9617 isSecureBootEnabled: 9618 description: Whether Secure Boot is enabled on the 9619 instance. 9620 type: boolean 9621 isSymmetricMultiThreadingEnabled: 9622 description: Whether symmetric multithreading is enabled 9623 on the instance. Symmetric multithreading is also 9624 called simultaneous multithreading (SMT) or Intel 9625 Hyper-Threading. Intel and AMD processors have two 9626 hardware execution threads per core (OCPU). SMT 9627 permits multiple independent threads of execution, 9628 to better use the resources and increase the efficiency 9629 of the CPU. When multithreading is disabled, only 9630 one thread is permitted to run on each core, which 9631 can provide higher or more predictable performance 9632 for some workloads. 9633 type: boolean 9634 isTrustedPlatformModuleEnabled: 9635 description: Whether the Trusted Platform Module (TPM) 9636 is enabled on the instance. 9637 type: boolean 9638 numaNodesPerSocket: 9639 description: 'The number of NUMA nodes per socket 9640 (NPS). The following values are supported: * `NPS1` 9641 * `NPS2`' 9642 type: string 9643 percentageOfCoresEnabled: 9644 description: The percentage of cores enabled. Value 9645 must be a multiple of 25%. If the requested percentage 9646 results in a fractional number of cores, the system 9647 rounds up the number of cores across processors 9648 and provisions an instance with a whole number of 9649 cores. If the applications that you run on the instance 9650 use a core-based licensing model and need fewer 9651 cores than the full size of the shape, you can disable 9652 cores to reduce your licensing costs. The instance 9653 itself is billed for the full shape, regardless 9654 of whether all cores are enabled. 9655 type: integer 9656 type: object 9657 intelSkylakeBmPlatformConfig: 9658 description: AmdMilanBmPlatformConfig describe Intel Skylke 9659 BM platform configuration 9660 properties: 9661 isMeasuredBootEnabled: 9662 description: Whether the Measured Boot feature is 9663 enabled on the instance. 9664 type: boolean 9665 isMemoryEncryptionEnabled: 9666 description: Whether the instance is a confidential 9667 instance. If this value is `true`, the instance 9668 is a confidential instance. The default value is 9669 `false`. 9670 type: boolean 9671 isSecureBootEnabled: 9672 description: Whether Secure Boot is enabled on the 9673 instance. 9674 type: boolean 9675 isTrustedPlatformModuleEnabled: 9676 description: Whether the Trusted Platform Module (TPM) 9677 is enabled on the instance. 9678 type: boolean 9679 type: object 9680 intelVmPlatformConfig: 9681 description: AmdMilanBmPlatformConfig describe Intel VM 9682 platform configuration 9683 properties: 9684 isMeasuredBootEnabled: 9685 description: Whether the Measured Boot feature is 9686 enabled on the instance. 9687 type: boolean 9688 isMemoryEncryptionEnabled: 9689 description: Whether the instance is a confidential 9690 instance. If this value is `true`, the instance 9691 is a confidential instance. The default value is 9692 `false`. 9693 type: boolean 9694 isSecureBootEnabled: 9695 description: Whether Secure Boot is enabled on the 9696 instance. 9697 type: boolean 9698 isTrustedPlatformModuleEnabled: 9699 description: Whether the Trusted Platform Module (TPM) 9700 is enabled on the instance. 9701 type: boolean 9702 type: object 9703 platformConfigType: 9704 description: The type of platform configuration. Valid 9705 values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM` 9706 * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM` 9707 Based on the enum, exactly one of the specific configuration 9708 types must be set 9709 type: string 9710 type: object 9711 preemptibleInstanceConfig: 9712 description: PreemptibleInstanceConfig Configuration options 9713 for preemptible instances. 9714 properties: 9715 terminatePreemptionAction: 9716 description: TerminatePreemptionAction terminates the 9717 preemptible instance when it is interrupted for eviction. 9718 properties: 9719 preserveBootVolume: 9720 description: PreserveBootVolume defines whether to 9721 preserve the boot volume that was used to launch 9722 the preemptible instance when the instance is terminated. 9723 Defaults to false if not specified. 9724 type: boolean 9725 type: object 9726 type: object 9727 providerID: 9728 description: Provider ID of the instance, this will be set 9729 by Cluster API provider itself, users should not set this 9730 parameter. 9731 type: string 9732 shape: 9733 description: Shape of the instance. 9734 type: string 9735 shapeConfig: 9736 description: The shape configuration of rhe instance, applicable 9737 for flex instances. 9738 properties: 9739 baselineOcpuUtilization: 9740 description: 'The baseline OCPU utilization for a subcore 9741 burstable VM instance. Leave this attribute blank for 9742 a non-burstable instance, or explicitly specify non-burstable 9743 with `BASELINE_1_1`. The following values are supported: 9744 - `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. 9745 - `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. 9746 - `BASELINE_1_1` - baseline usage is an entire OCPU. 9747 This represents a non-burstable instance.' 9748 type: string 9749 memoryInGBs: 9750 description: The total amount of memory available to the 9751 instance, in gigabytes. 9752 type: string 9753 nvmes: 9754 description: Nvmes defines the number of NVMe drives to 9755 be used for storage. A single drive has 6.8 TB available. 9756 type: integer 9757 ocpus: 9758 description: The total number of OCPUs available to the 9759 instance. 9760 type: string 9761 type: object 9762 subnetName: 9763 description: The name of the subnet to use. The name here 9764 refers to the subnets defined in the OCICluster Spec. Optional, 9765 only if multiple subnets of a type is defined, else the 9766 first element is used. 9767 type: string 9768 vnicAttachments: 9769 description: VnicAttachments defines the configuration options 9770 for the vnic(s) attached to the machine The network bandwidth 9771 and number of VNICs scale proportionately with the number 9772 of OCPUs. 9773 items: 9774 properties: 9775 assignPublicIp: 9776 description: AssignPublicIp defines whether the vnic 9777 should have a public IP address 9778 type: boolean 9779 displayName: 9780 description: DisplayName defines a user-friendly name. 9781 Does not have to be unique. Avoid entering confidential 9782 information. 9783 type: string 9784 nicIndex: 9785 description: NicIndex defines which physical Network 9786 Interface Card (NIC) to use You can determine which 9787 NICs are active for a shape by reviewing the https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm 9788 type: integer 9789 subnetName: 9790 description: SubnetName defines the subnet name to use 9791 for the VNIC Defaults to the "worker" subnet if not 9792 provided 9793 type: string 9794 vnicAttachmentId: 9795 description: VnicAttachmentId defines the ID of the 9796 VnicAttachment 9797 type: string 9798 required: 9799 - displayName 9800 type: object 9801 type: array 9802 type: object 9803 required: 9804 - spec 9805 type: object 9806 required: 9807 - template 9808 type: object 9809 type: object 9810 served: true 9811 storage: true 9812 --- 9813 apiVersion: apiextensions.k8s.io/v1 9814 kind: CustomResourceDefinition 9815 metadata: 9816 annotations: 9817 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 9818 controller-gen.kubebuilder.io/version: v0.10.0 9819 labels: 9820 cluster.x-k8s.io/provider: infrastructure-oci 9821 cluster.x-k8s.io/v1beta1: v1beta1 9822 name: ocimanagedclusters.infrastructure.cluster.x-k8s.io 9823 spec: 9824 conversion: 9825 strategy: Webhook 9826 webhook: 9827 clientConfig: 9828 service: 9829 name: capoci-webhook-service 9830 namespace: cluster-api-provider-oci-system 9831 path: /convert 9832 conversionReviewVersions: 9833 - v1 9834 - v1beta1 9835 group: infrastructure.cluster.x-k8s.io 9836 names: 9837 kind: OCIManagedCluster 9838 listKind: OCIManagedClusterList 9839 plural: ocimanagedclusters 9840 singular: ocimanagedcluster 9841 scope: Namespaced 9842 versions: 9843 - name: v1beta1 9844 schema: 9845 openAPIV3Schema: 9846 description: OCIManagedCluster is the Schema for the ocimanagedclusters API. 9847 properties: 9848 apiVersion: 9849 description: 'APIVersion defines the versioned schema of this representation 9850 of an object. Servers should convert recognized schemas to the latest 9851 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9852 type: string 9853 kind: 9854 description: 'Kind is a string value representing the REST resource this 9855 object represents. Servers may infer this from the endpoint the client 9856 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9857 type: string 9858 metadata: 9859 type: object 9860 spec: 9861 description: OCIManagedClusterSpec defines the desired state of OCI OKE 9862 Cluster 9863 properties: 9864 compartmentId: 9865 description: Compartment to create the cluster network. 9866 type: string 9867 controlPlaneEndpoint: 9868 description: ControlPlaneEndpoint represents the endpoint used to 9869 communicate with the control plane. This will not be set by the 9870 user, this will be updated by the Cluster Reconciler after OKe cluster 9871 has been created and the cluster has an endpoint address 9872 properties: 9873 host: 9874 description: The hostname on which the API server is serving. 9875 type: string 9876 port: 9877 description: The port on which the API server is serving. 9878 format: int32 9879 type: integer 9880 required: 9881 - host 9882 - port 9883 type: object 9884 definedTags: 9885 additionalProperties: 9886 additionalProperties: 9887 type: string 9888 type: object 9889 description: 'Defined tags for this resource. Each key is predefined 9890 and scoped to a namespace. For more information, see Resource Tags 9891 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 9892 Example: `{"Operations": {"CostCenter": "42"}}`' 9893 type: object 9894 freeformTags: 9895 additionalProperties: 9896 type: string 9897 description: Free-form tags for this resource. 9898 type: object 9899 identityRef: 9900 description: IdentityRef is a reference to an identity(principal) 9901 to be used when reconciling this cluster 9902 properties: 9903 apiVersion: 9904 description: API version of the referent. 9905 type: string 9906 fieldPath: 9907 description: 'If referring to a piece of an object instead of 9908 an entire object, this string should contain a valid JSON/Go 9909 field access statement, such as desiredState.manifest.containers[2]. 9910 For example, if the object reference is to a container within 9911 a pod, this would take on a value like: "spec.containers{name}" 9912 (where "name" refers to the name of the container that triggered 9913 the event) or if no container name is specified "spec.containers[2]" 9914 (container with index 2 in this pod). This syntax is chosen 9915 only to have some well-defined way of referencing a part of 9916 an object. TODO: this design is not final and this field is 9917 subject to change in the future.' 9918 type: string 9919 kind: 9920 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9921 type: string 9922 name: 9923 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 9924 type: string 9925 namespace: 9926 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 9927 type: string 9928 resourceVersion: 9929 description: 'Specific resourceVersion to which this reference 9930 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 9931 type: string 9932 uid: 9933 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 9934 type: string 9935 type: object 9936 x-kubernetes-map-type: atomic 9937 networkSpec: 9938 description: NetworkSpec encapsulates all things related to OCI network. 9939 properties: 9940 apiServerLoadBalancer: 9941 description: API Server LB configuration. 9942 properties: 9943 loadBalancerId: 9944 description: ID of Load Balancer. 9945 type: string 9946 name: 9947 description: LoadBalancer Name. 9948 type: string 9949 type: object 9950 skipNetworkManagement: 9951 description: SkipNetworkManagement defines if the networking spec(VCN 9952 related) specified by the user needs to be reconciled(actioned-upon) 9953 or used as it is. APIServerLB will still be reconciled. 9954 type: boolean 9955 vcn: 9956 description: VCN configuration. 9957 properties: 9958 cidr: 9959 description: VCN CIDR. 9960 type: string 9961 id: 9962 description: VCN OCID. 9963 type: string 9964 internetGatewayId: 9965 description: ID of Internet Gateway. 9966 type: string 9967 name: 9968 description: VCN Name. 9969 type: string 9970 natGatewayId: 9971 description: ID of Nat Gateway. 9972 type: string 9973 networkSecurityGroups: 9974 description: NetworkSecurityGroups is the configuration for 9975 the Network Security Groups required in the VCN. 9976 items: 9977 description: NSG defines configuration for a Network Security 9978 Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 9979 properties: 9980 egressRules: 9981 description: EgressRules on the NSG. 9982 items: 9983 description: EgressSecurityRuleForNSG is EgressSecurityRule 9984 for NSG. 9985 properties: 9986 egressRule: 9987 description: EgressSecurityRule A rule for allowing 9988 outbound IP packets. 9989 properties: 9990 description: 9991 description: An optional description of your 9992 choice for the rule. 9993 type: string 9994 destination: 9995 description: 'Conceptually, this is the range 9996 of IP addresses that a packet originating 9997 from the instance can go to. Allowed values: 9998 * IP address range in CIDR notation. For 9999 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 10000 Note that IPv6 addressing is currently supported 10001 only in certain regions. See IPv6 Addresses 10002 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10003 * The `cidrBlock` value for a Service, if 10004 you''re setting up a security list rule 10005 for traffic destined for a particular `Service` 10006 through a service gateway. For example: 10007 `oci-phx-objectstorage`.' 10008 type: string 10009 destinationType: 10010 description: 'Type of destination for the 10011 rule. The default is `CIDR_BLOCK`. Allowed 10012 values: * `CIDR_BLOCK`: If the rule''s `destination` 10013 is an IP address range in CIDR notation. 10014 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 10015 is the `cidrBlock` value for a Service (the 10016 rule is for traffic destined for a particular 10017 `Service` through a service gateway).' 10018 type: string 10019 icmpOptions: 10020 description: 'IcmpOptions Optional and valid 10021 only for ICMP and ICMPv6. Use to specify 10022 a particular ICMP type and code as defined 10023 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10024 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10025 If you specify ICMP or ICMPv6 as the protocol 10026 but omit this object, then all ICMP types 10027 and codes are allowed. If you do provide 10028 this object, the type is required and the 10029 code is optional. To enable MTU negotiation 10030 for ingress internet traffic via IPv4, make 10031 sure to allow type 3 ("Destination Unreachable") 10032 code 4 ("Fragmentation Needed and Don''t 10033 Fragment was Set"). If you need to specify 10034 multiple codes for a single type, create 10035 a separate security list rule for each.' 10036 properties: 10037 code: 10038 description: The ICMP code (optional). 10039 type: integer 10040 type: 10041 description: The ICMP type. 10042 type: integer 10043 type: object 10044 isStateless: 10045 description: A stateless rule allows traffic 10046 in one direction. Remember to add a corresponding 10047 stateless rule in the other direction if 10048 you need to support bidirectional traffic. 10049 For example, if egress traffic allows TCP 10050 destination port 80, there should be an 10051 ingress rule to allow TCP source port 80. 10052 Defaults to false, which means the rule 10053 is stateful and a corresponding rule is 10054 not necessary for bidirectional traffic. 10055 type: boolean 10056 protocol: 10057 description: The transport protocol. Specify 10058 either `all` or an IPv4 protocol number 10059 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10060 Options are supported only for ICMP ("1"), 10061 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10062 type: string 10063 tcpOptions: 10064 description: TcpOptions Optional and valid 10065 only for TCP. Use to specify particular 10066 destination ports for TCP rules. If you 10067 specify TCP as the protocol but omit this 10068 object, then all destination ports are allowed. 10069 properties: 10070 destinationPortRange: 10071 description: PortRange The representation 10072 of PortRange. 10073 properties: 10074 max: 10075 description: The maximum port number, 10076 which must not be less than the 10077 minimum port number. To specify 10078 a single port number, set both the 10079 min and max to the same value. 10080 type: integer 10081 min: 10082 description: The minimum port number, 10083 which must not be greater than the 10084 maximum port number. 10085 type: integer 10086 type: object 10087 sourcePortRange: 10088 description: PortRange The representation 10089 of PortRange. 10090 properties: 10091 max: 10092 description: The maximum port number, 10093 which must not be less than the 10094 minimum port number. To specify 10095 a single port number, set both the 10096 min and max to the same value. 10097 type: integer 10098 min: 10099 description: The minimum port number, 10100 which must not be greater than the 10101 maximum port number. 10102 type: integer 10103 type: object 10104 type: object 10105 udpOptions: 10106 description: UdpOptions Optional and valid 10107 only for UDP. Use to specify particular 10108 destination ports for UDP rules. If you 10109 specify UDP as the protocol but omit this 10110 object, then all destination ports are allowed. 10111 properties: 10112 destinationPortRange: 10113 description: PortRange The representation 10114 of PortRange. 10115 properties: 10116 max: 10117 description: The maximum port number, 10118 which must not be less than the 10119 minimum port number. To specify 10120 a single port number, set both the 10121 min and max to the same value. 10122 type: integer 10123 min: 10124 description: The minimum port number, 10125 which must not be greater than the 10126 maximum port number. 10127 type: integer 10128 type: object 10129 sourcePortRange: 10130 description: PortRange The representation 10131 of PortRange. 10132 properties: 10133 max: 10134 description: The maximum port number, 10135 which must not be less than the 10136 minimum port number. To specify 10137 a single port number, set both the 10138 min and max to the same value. 10139 type: integer 10140 min: 10141 description: The minimum port number, 10142 which must not be greater than the 10143 maximum port number. 10144 type: integer 10145 type: object 10146 type: object 10147 type: object 10148 id: 10149 description: 'EgressSecurityRule ID for NSG. Deprecated: 10150 this field is not populated and used during 10151 reconciliation' 10152 type: string 10153 type: object 10154 type: array 10155 id: 10156 description: NSG OCID. 10157 type: string 10158 ingressRules: 10159 description: IngressRules on the NSG. 10160 items: 10161 description: IngressSecurityRuleForNSG is IngressSecurityRule 10162 for NSG 10163 properties: 10164 id: 10165 description: 'IngressSecurityRule ID for NSG. 10166 Deprecated: this field is not populated and 10167 used during reconciliation' 10168 type: string 10169 ingressRule: 10170 description: IngressSecurityRule A rule for allowing 10171 inbound IP packets. 10172 properties: 10173 description: 10174 description: An optional description of your 10175 choice for the rule. 10176 type: string 10177 icmpOptions: 10178 description: 'IcmpOptions Optional and valid 10179 only for ICMP and ICMPv6. Use to specify 10180 a particular ICMP type and code as defined 10181 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10182 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10183 If you specify ICMP or ICMPv6 as the protocol 10184 but omit this object, then all ICMP types 10185 and codes are allowed. If you do provide 10186 this object, the type is required and the 10187 code is optional. To enable MTU negotiation 10188 for ingress internet traffic via IPv4, make 10189 sure to allow type 3 ("Destination Unreachable") 10190 code 4 ("Fragmentation Needed and Don''t 10191 Fragment was Set"). If you need to specify 10192 multiple codes for a single type, create 10193 a separate security list rule for each.' 10194 properties: 10195 code: 10196 description: The ICMP code (optional). 10197 type: integer 10198 type: 10199 description: The ICMP type. 10200 type: integer 10201 type: object 10202 isStateless: 10203 description: A stateless rule allows traffic 10204 in one direction. Remember to add a corresponding 10205 stateless rule in the other direction if 10206 you need to support bidirectional traffic. 10207 For example, if ingress traffic allows TCP 10208 destination port 80, there should be an 10209 egress rule to allow TCP source port 80. 10210 Defaults to false, which means the rule 10211 is stateful and a corresponding rule is 10212 not necessary for bidirectional traffic. 10213 type: boolean 10214 protocol: 10215 description: The transport protocol. Specify 10216 either `all` or an IPv4 protocol number 10217 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10218 Options are supported only for ICMP ("1"), 10219 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10220 type: string 10221 source: 10222 description: 'Conceptually, this is the range 10223 of IP addresses that a packet coming into 10224 the instance can come from. Allowed values: 10225 * IP address range in CIDR notation. For 10226 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 10227 IPv6 addressing is supported for all commercial 10228 and government regions. See IPv6 Addresses 10229 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10230 * The `cidrBlock` value for a Service, if 10231 you''re setting up a security list rule 10232 for traffic coming from a particular `Service` 10233 through a service gateway. For example: 10234 `oci-phx-objectstorage`.' 10235 type: string 10236 sourceType: 10237 description: 'Type of source for the rule. 10238 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 10239 If the rule''s `source` is an IP address 10240 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 10241 If the rule''s `source` is the `cidrBlock` 10242 value for a Service (the rule is for traffic 10243 coming from a particular `Service` through 10244 a service gateway).' 10245 type: string 10246 tcpOptions: 10247 description: TcpOptions Optional and valid 10248 only for TCP. Use to specify particular 10249 destination ports for TCP rules. If you 10250 specify TCP as the protocol but omit this 10251 object, then all destination ports are allowed. 10252 properties: 10253 destinationPortRange: 10254 description: PortRange The representation 10255 of PortRange. 10256 properties: 10257 max: 10258 description: The maximum port number, 10259 which must not be less than the 10260 minimum port number. To specify 10261 a single port number, set both the 10262 min and max to the same value. 10263 type: integer 10264 min: 10265 description: The minimum port number, 10266 which must not be greater than the 10267 maximum port number. 10268 type: integer 10269 type: object 10270 sourcePortRange: 10271 description: PortRange The representation 10272 of PortRange. 10273 properties: 10274 max: 10275 description: The maximum port number, 10276 which must not be less than the 10277 minimum port number. To specify 10278 a single port number, set both the 10279 min and max to the same value. 10280 type: integer 10281 min: 10282 description: The minimum port number, 10283 which must not be greater than the 10284 maximum port number. 10285 type: integer 10286 type: object 10287 type: object 10288 udpOptions: 10289 description: UdpOptions Optional and valid 10290 only for UDP. Use to specify particular 10291 destination ports for UDP rules. If you 10292 specify UDP as the protocol but omit this 10293 object, then all destination ports are allowed. 10294 properties: 10295 destinationPortRange: 10296 description: PortRange The representation 10297 of PortRange. 10298 properties: 10299 max: 10300 description: The maximum port number, 10301 which must not be less than the 10302 minimum port number. To specify 10303 a single port number, set both the 10304 min and max to the same value. 10305 type: integer 10306 min: 10307 description: The minimum port number, 10308 which must not be greater than the 10309 maximum port number. 10310 type: integer 10311 type: object 10312 sourcePortRange: 10313 description: PortRange The representation 10314 of PortRange. 10315 properties: 10316 max: 10317 description: The maximum port number, 10318 which must not be less than the 10319 minimum port number. To specify 10320 a single port number, set both the 10321 min and max to the same value. 10322 type: integer 10323 min: 10324 description: The minimum port number, 10325 which must not be greater than the 10326 maximum port number. 10327 type: integer 10328 type: object 10329 type: object 10330 type: object 10331 type: object 10332 type: array 10333 name: 10334 description: NSG Name. 10335 type: string 10336 role: 10337 description: Role defines the NSG role (eg. control-plane, 10338 control-plane-endpoint, service-lb, worker). 10339 type: string 10340 required: 10341 - name 10342 type: object 10343 type: array 10344 x-kubernetes-list-map-keys: 10345 - name 10346 x-kubernetes-list-type: map 10347 privateRouteTableId: 10348 description: ID of Private Route Table. 10349 type: string 10350 publicRouteTableId: 10351 description: ID of Public Route Table. 10352 type: string 10353 serviceGatewayId: 10354 description: ID of Service Gateway. 10355 type: string 10356 subnets: 10357 description: Subnets is the configuration for subnets required 10358 in the VCN. 10359 items: 10360 description: Subnet defines the configuration for a network's 10361 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 10362 properties: 10363 cidr: 10364 description: Subnet CIDR. 10365 type: string 10366 id: 10367 description: Subnet OCID. 10368 type: string 10369 name: 10370 description: Subnet Name. 10371 type: string 10372 role: 10373 description: Role defines the subnet role (eg. control-plane, 10374 control-plane-endpoint, service-lb, worker). 10375 type: string 10376 securityList: 10377 description: The security list associated with Subnet. 10378 properties: 10379 egressRules: 10380 description: EgressRules on the SecurityList. 10381 items: 10382 description: EgressSecurityRule A rule for allowing 10383 outbound IP packets. 10384 properties: 10385 description: 10386 description: An optional description of your 10387 choice for the rule. 10388 type: string 10389 destination: 10390 description: 'Conceptually, this is the range 10391 of IP addresses that a packet originating 10392 from the instance can go to. Allowed values: 10393 * IP address range in CIDR notation. For 10394 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 10395 Note that IPv6 addressing is currently supported 10396 only in certain regions. See IPv6 Addresses 10397 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10398 * The `cidrBlock` value for a Service, if 10399 you''re setting up a security list rule 10400 for traffic destined for a particular `Service` 10401 through a service gateway. For example: 10402 `oci-phx-objectstorage`.' 10403 type: string 10404 destinationType: 10405 description: 'Type of destination for the 10406 rule. The default is `CIDR_BLOCK`. Allowed 10407 values: * `CIDR_BLOCK`: If the rule''s `destination` 10408 is an IP address range in CIDR notation. 10409 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 10410 is the `cidrBlock` value for a Service (the 10411 rule is for traffic destined for a particular 10412 `Service` through a service gateway).' 10413 type: string 10414 icmpOptions: 10415 description: 'IcmpOptions Optional and valid 10416 only for ICMP and ICMPv6. Use to specify 10417 a particular ICMP type and code as defined 10418 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10419 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10420 If you specify ICMP or ICMPv6 as the protocol 10421 but omit this object, then all ICMP types 10422 and codes are allowed. If you do provide 10423 this object, the type is required and the 10424 code is optional. To enable MTU negotiation 10425 for ingress internet traffic via IPv4, make 10426 sure to allow type 3 ("Destination Unreachable") 10427 code 4 ("Fragmentation Needed and Don''t 10428 Fragment was Set"). If you need to specify 10429 multiple codes for a single type, create 10430 a separate security list rule for each.' 10431 properties: 10432 code: 10433 description: The ICMP code (optional). 10434 type: integer 10435 type: 10436 description: The ICMP type. 10437 type: integer 10438 type: object 10439 isStateless: 10440 description: A stateless rule allows traffic 10441 in one direction. Remember to add a corresponding 10442 stateless rule in the other direction if 10443 you need to support bidirectional traffic. 10444 For example, if egress traffic allows TCP 10445 destination port 80, there should be an 10446 ingress rule to allow TCP source port 80. 10447 Defaults to false, which means the rule 10448 is stateful and a corresponding rule is 10449 not necessary for bidirectional traffic. 10450 type: boolean 10451 protocol: 10452 description: The transport protocol. Specify 10453 either `all` or an IPv4 protocol number 10454 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10455 Options are supported only for ICMP ("1"), 10456 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10457 type: string 10458 tcpOptions: 10459 description: TcpOptions Optional and valid 10460 only for TCP. Use to specify particular 10461 destination ports for TCP rules. If you 10462 specify TCP as the protocol but omit this 10463 object, then all destination ports are allowed. 10464 properties: 10465 destinationPortRange: 10466 description: PortRange The representation 10467 of PortRange. 10468 properties: 10469 max: 10470 description: The maximum port number, 10471 which must not be less than the 10472 minimum port number. To specify 10473 a single port number, set both the 10474 min and max to the same value. 10475 type: integer 10476 min: 10477 description: The minimum port number, 10478 which must not be greater than the 10479 maximum port number. 10480 type: integer 10481 type: object 10482 sourcePortRange: 10483 description: PortRange The representation 10484 of PortRange. 10485 properties: 10486 max: 10487 description: The maximum port number, 10488 which must not be less than the 10489 minimum port number. To specify 10490 a single port number, set both the 10491 min and max to the same value. 10492 type: integer 10493 min: 10494 description: The minimum port number, 10495 which must not be greater than the 10496 maximum port number. 10497 type: integer 10498 type: object 10499 type: object 10500 udpOptions: 10501 description: UdpOptions Optional and valid 10502 only for UDP. Use to specify particular 10503 destination ports for UDP rules. If you 10504 specify UDP as the protocol but omit this 10505 object, then all destination ports are allowed. 10506 properties: 10507 destinationPortRange: 10508 description: PortRange The representation 10509 of PortRange. 10510 properties: 10511 max: 10512 description: The maximum port number, 10513 which must not be less than the 10514 minimum port number. To specify 10515 a single port number, set both the 10516 min and max to the same value. 10517 type: integer 10518 min: 10519 description: The minimum port number, 10520 which must not be greater than the 10521 maximum port number. 10522 type: integer 10523 type: object 10524 sourcePortRange: 10525 description: PortRange The representation 10526 of PortRange. 10527 properties: 10528 max: 10529 description: The maximum port number, 10530 which must not be less than the 10531 minimum port number. To specify 10532 a single port number, set both the 10533 min and max to the same value. 10534 type: integer 10535 min: 10536 description: The minimum port number, 10537 which must not be greater than the 10538 maximum port number. 10539 type: integer 10540 type: object 10541 type: object 10542 type: object 10543 type: array 10544 id: 10545 description: ID of the SecurityList. 10546 type: string 10547 ingressRules: 10548 description: IngressRules on the SecurityList. 10549 items: 10550 description: IngressSecurityRule A rule for allowing 10551 inbound IP packets. 10552 properties: 10553 description: 10554 description: An optional description of your 10555 choice for the rule. 10556 type: string 10557 icmpOptions: 10558 description: 'IcmpOptions Optional and valid 10559 only for ICMP and ICMPv6. Use to specify 10560 a particular ICMP type and code as defined 10561 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 10562 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 10563 If you specify ICMP or ICMPv6 as the protocol 10564 but omit this object, then all ICMP types 10565 and codes are allowed. If you do provide 10566 this object, the type is required and the 10567 code is optional. To enable MTU negotiation 10568 for ingress internet traffic via IPv4, make 10569 sure to allow type 3 ("Destination Unreachable") 10570 code 4 ("Fragmentation Needed and Don''t 10571 Fragment was Set"). If you need to specify 10572 multiple codes for a single type, create 10573 a separate security list rule for each.' 10574 properties: 10575 code: 10576 description: The ICMP code (optional). 10577 type: integer 10578 type: 10579 description: The ICMP type. 10580 type: integer 10581 type: object 10582 isStateless: 10583 description: A stateless rule allows traffic 10584 in one direction. Remember to add a corresponding 10585 stateless rule in the other direction if 10586 you need to support bidirectional traffic. 10587 For example, if ingress traffic allows TCP 10588 destination port 80, there should be an 10589 egress rule to allow TCP source port 80. 10590 Defaults to false, which means the rule 10591 is stateful and a corresponding rule is 10592 not necessary for bidirectional traffic. 10593 type: boolean 10594 protocol: 10595 description: The transport protocol. Specify 10596 either `all` or an IPv4 protocol number 10597 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 10598 Options are supported only for ICMP ("1"), 10599 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 10600 type: string 10601 source: 10602 description: 'Conceptually, this is the range 10603 of IP addresses that a packet coming into 10604 the instance can come from. Allowed values: 10605 * IP address range in CIDR notation. For 10606 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 10607 IPv6 addressing is supported for all commercial 10608 and government regions. See IPv6 Addresses 10609 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 10610 * The `cidrBlock` value for a Service, if 10611 you''re setting up a security list rule 10612 for traffic coming from a particular `Service` 10613 through a service gateway. For example: 10614 `oci-phx-objectstorage`.' 10615 type: string 10616 sourceType: 10617 description: 'Type of source for the rule. 10618 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 10619 If the rule''s `source` is an IP address 10620 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 10621 If the rule''s `source` is the `cidrBlock` 10622 value for a Service (the rule is for traffic 10623 coming from a particular `Service` through 10624 a service gateway).' 10625 type: string 10626 tcpOptions: 10627 description: TcpOptions Optional and valid 10628 only for TCP. Use to specify particular 10629 destination ports for TCP rules. If you 10630 specify TCP as the protocol but omit this 10631 object, then all destination ports are allowed. 10632 properties: 10633 destinationPortRange: 10634 description: PortRange The representation 10635 of PortRange. 10636 properties: 10637 max: 10638 description: The maximum port number, 10639 which must not be less than the 10640 minimum port number. To specify 10641 a single port number, set both the 10642 min and max to the same value. 10643 type: integer 10644 min: 10645 description: The minimum port number, 10646 which must not be greater than the 10647 maximum port number. 10648 type: integer 10649 type: object 10650 sourcePortRange: 10651 description: PortRange The representation 10652 of PortRange. 10653 properties: 10654 max: 10655 description: The maximum port number, 10656 which must not be less than the 10657 minimum port number. To specify 10658 a single port number, set both the 10659 min and max to the same value. 10660 type: integer 10661 min: 10662 description: The minimum port number, 10663 which must not be greater than the 10664 maximum port number. 10665 type: integer 10666 type: object 10667 type: object 10668 udpOptions: 10669 description: UdpOptions Optional and valid 10670 only for UDP. Use to specify particular 10671 destination ports for UDP rules. If you 10672 specify UDP as the protocol but omit this 10673 object, then all destination ports are allowed. 10674 properties: 10675 destinationPortRange: 10676 description: PortRange The representation 10677 of PortRange. 10678 properties: 10679 max: 10680 description: The maximum port number, 10681 which must not be less than the 10682 minimum port number. To specify 10683 a single port number, set both the 10684 min and max to the same value. 10685 type: integer 10686 min: 10687 description: The minimum port number, 10688 which must not be greater than the 10689 maximum port number. 10690 type: integer 10691 type: object 10692 sourcePortRange: 10693 description: PortRange The representation 10694 of PortRange. 10695 properties: 10696 max: 10697 description: The maximum port number, 10698 which must not be less than the 10699 minimum port number. To specify 10700 a single port number, set both the 10701 min and max to the same value. 10702 type: integer 10703 min: 10704 description: The minimum port number, 10705 which must not be greater than the 10706 maximum port number. 10707 type: integer 10708 type: object 10709 type: object 10710 type: object 10711 type: array 10712 name: 10713 description: SecurityList Name. 10714 type: string 10715 type: object 10716 type: 10717 description: Type defines the subnet type (e.g. public, 10718 private). 10719 type: string 10720 required: 10721 - name 10722 - role 10723 type: object 10724 type: array 10725 x-kubernetes-list-map-keys: 10726 - name 10727 x-kubernetes-list-type: map 10728 type: object 10729 vcnPeering: 10730 description: VCNPeering configuration. 10731 properties: 10732 drg: 10733 description: DRG configuration refers to the DRG which has 10734 to be created if required. If management cluster and workload 10735 cluster shares the same DRG, this fields is not required 10736 to be specified. 10737 properties: 10738 id: 10739 description: ID is the OCID for the created DRG. 10740 type: string 10741 manage: 10742 description: Manage defines whether the DRG has to be 10743 managed(including create). If set to false(the default) 10744 the ID has to be specified by the user to a valid DRG 10745 ID to which the VCN has to be attached. 10746 type: boolean 10747 name: 10748 description: Name is the name of the created DRG. 10749 type: string 10750 vcnAttachmentId: 10751 description: VcnAttachmentId is the ID of the VCN attachment 10752 of the DRG. The workload cluster VCN can be attached 10753 to either the management cluster VCN if they are sharing 10754 the same DRG or to the workload cluster DRG. 10755 type: string 10756 type: object 10757 peerRouteRules: 10758 description: PeerRouteRules defines the routing rules which 10759 will be added to the private route tables of the workload 10760 cluster VCN. The routes defined here will be directed to 10761 DRG. 10762 items: 10763 description: PeerRouteRule defines a Route Rule to be routed 10764 via a DRG. 10765 properties: 10766 vcnCIDRRange: 10767 description: VCNCIDRRange is the CIDR Range of peer 10768 VCN to which the workload cluster VCN will be peered. 10769 The CIDR range is required to add the route rule in 10770 the workload cluster VCN, the route rule will forward 10771 any traffic to the CIDR to the DRG. 10772 type: string 10773 type: object 10774 type: array 10775 remotePeeringConnections: 10776 description: RemotePeeringConnections defines the RPC connections 10777 which be established with the workload cluster DRG. 10778 items: 10779 description: RemotePeeringConnection is used to peer VCNs 10780 residing in different regions(typically). Remote VCN Peering 10781 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 10782 properties: 10783 managePeerRPC: 10784 description: ManagePeerRPC will define if the Peer VCN 10785 needs to be managed. If set to true a Remote Peering 10786 Connection will be created in the Peer DRG and the 10787 connection will be created between local and peer 10788 RPC. 10789 type: boolean 10790 peerDRGId: 10791 description: PeerDRGId defines the DRG ID of the peer. 10792 type: string 10793 peerRPCConnectionId: 10794 description: PeerRPCConnectionId defines the RPC ID 10795 of peer. If ManagePeerRPC is set to true this will 10796 be created by Cluster API Provider for OCI, otherwise 10797 this has be defined by the user. 10798 type: string 10799 peerRegionName: 10800 description: PeerRegionName defined the region name 10801 of Peer VCN. 10802 type: string 10803 rpcConnectionId: 10804 description: RPCConnectionId is the connection ID of 10805 the connection between peer and local RPC. 10806 type: string 10807 type: object 10808 type: array 10809 type: object 10810 type: object 10811 ociResourceIdentifier: 10812 description: The unique ID which will be used to tag all the resources 10813 created by this Cluster. The tag will be used to identify resources 10814 belonging to this cluster. this will be auto-generated and should 10815 not be set by the user. 10816 type: string 10817 region: 10818 description: Region the cluster operates in. It must be one of available 10819 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 10820 type: string 10821 type: object 10822 status: 10823 description: OCIManagedClusterStatus defines the observed state of OCICluster 10824 properties: 10825 availabilityDomains: 10826 additionalProperties: 10827 description: OCIAvailabilityDomain contains information about an 10828 Availability Domain (AD). 10829 properties: 10830 faultDomains: 10831 description: 'FaultDomains a list of fault domain (FD) names. 10832 Example: ["FAULT-DOMAIN-1"]' 10833 items: 10834 type: string 10835 type: array 10836 name: 10837 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 10838 type: string 10839 type: object 10840 description: AvailabilityDomains encapsulates the clusters Availability 10841 Domain (AD) information in a map where the map key is the AD name 10842 and the struct is details about the AD. 10843 type: object 10844 conditions: 10845 description: NetworkSpec encapsulates all things related to OCI network. 10846 items: 10847 description: Condition defines an observation of a Cluster API resource 10848 operational state. 10849 properties: 10850 lastTransitionTime: 10851 description: Last time the condition transitioned from one status 10852 to another. This should be when the underlying condition changed. 10853 If that is not known, then using the time when the API field 10854 changed is acceptable. 10855 format: date-time 10856 type: string 10857 message: 10858 description: A human readable message indicating details about 10859 the transition. This field may be empty. 10860 type: string 10861 reason: 10862 description: The reason for the condition's last transition 10863 in CamelCase. The specific API may choose whether or not this 10864 field is considered a guaranteed API. This field may not be 10865 empty. 10866 type: string 10867 severity: 10868 description: Severity provides an explicit classification of 10869 Reason code, so the users or machines can immediately understand 10870 the current situation and act accordingly. The Severity field 10871 MUST be set only when Status=False. 10872 type: string 10873 status: 10874 description: Status of the condition, one of True, False, Unknown. 10875 type: string 10876 type: 10877 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 10878 Many .condition.type values are consistent across resources 10879 like Available, but because arbitrary conditions can be useful 10880 (see .node.status.conditions), the ability to deconflict is 10881 important. 10882 type: string 10883 required: 10884 - lastTransitionTime 10885 - status 10886 - type 10887 type: object 10888 type: array 10889 failureDomains: 10890 additionalProperties: 10891 description: FailureDomainSpec is the Schema for Cluster API failure 10892 domains. It allows controllers to understand how many failure 10893 domains a cluster can optionally span across. 10894 properties: 10895 attributes: 10896 additionalProperties: 10897 type: string 10898 description: Attributes is a free form map of attributes an 10899 infrastructure provider might use or require. 10900 type: object 10901 controlPlane: 10902 description: ControlPlane determines if this failure domain 10903 is suitable for use by control plane machines. 10904 type: boolean 10905 type: object 10906 description: FailureDomains is a slice of FailureDomains. 10907 type: object 10908 ready: 10909 type: boolean 10910 type: object 10911 type: object 10912 served: true 10913 storage: false 10914 subresources: 10915 status: {} 10916 - name: v1beta2 10917 schema: 10918 openAPIV3Schema: 10919 description: OCIManagedCluster is the Schema for the ocimanagedclusters API. 10920 properties: 10921 apiVersion: 10922 description: 'APIVersion defines the versioned schema of this representation 10923 of an object. Servers should convert recognized schemas to the latest 10924 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 10925 type: string 10926 kind: 10927 description: 'Kind is a string value representing the REST resource this 10928 object represents. Servers may infer this from the endpoint the client 10929 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 10930 type: string 10931 metadata: 10932 type: object 10933 spec: 10934 description: OCIManagedClusterSpec defines the desired state of OCI OKE 10935 Cluster 10936 properties: 10937 availabilityDomains: 10938 additionalProperties: 10939 description: OCIAvailabilityDomain contains information about an 10940 Availability Domain (AD). 10941 properties: 10942 faultDomains: 10943 description: 'FaultDomains a list of fault domain (FD) names. 10944 Example: ["FAULT-DOMAIN-1"]' 10945 items: 10946 type: string 10947 type: array 10948 name: 10949 description: 'Name is the AD''s full name. Example: Uocm:PHX-AD-1' 10950 type: string 10951 type: object 10952 description: AvailabilityDomains encapsulates the clusters Availability 10953 Domain (AD) information in a map where the map key is the AD name 10954 and the struct is details about the AD. 10955 type: object 10956 compartmentId: 10957 description: Compartment to create the cluster network. 10958 type: string 10959 controlPlaneEndpoint: 10960 description: ControlPlaneEndpoint represents the endpoint used to 10961 communicate with the control plane. This will not be set by the 10962 user, this will be updated by the Cluster Reconciler after OKe cluster 10963 has been created and the cluster has an endpoint address 10964 properties: 10965 host: 10966 description: The hostname on which the API server is serving. 10967 type: string 10968 port: 10969 description: The port on which the API server is serving. 10970 format: int32 10971 type: integer 10972 required: 10973 - host 10974 - port 10975 type: object 10976 definedTags: 10977 additionalProperties: 10978 additionalProperties: 10979 type: string 10980 type: object 10981 description: 'Defined tags for this resource. Each key is predefined 10982 and scoped to a namespace. For more information, see Resource Tags 10983 (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 10984 Example: `{"Operations": {"CostCenter": "42"}}`' 10985 type: object 10986 freeformTags: 10987 additionalProperties: 10988 type: string 10989 description: Free-form tags for this resource. 10990 type: object 10991 hostUrl: 10992 description: ClientOverrides allows the default client SDK URLs to 10993 be changed. 10994 nullable: true 10995 properties: 10996 certOverride: 10997 description: CertOverride is a secret that contains information 10998 about a cert override used by all the OCI SDK clients. The secret 10999 must contain data with a `cert`property. 11000 nullable: true 11001 properties: 11002 name: 11003 description: name is unique within a namespace to reference 11004 a secret resource. 11005 type: string 11006 namespace: 11007 description: namespace defines the space within which the 11008 secret name must be unique. 11009 type: string 11010 type: object 11011 x-kubernetes-map-type: atomic 11012 computeClientUrl: 11013 description: ComputeClientUrl allows the default compute SDK client 11014 URL to be changed. 11015 nullable: true 11016 type: string 11017 computeManagementClientUrl: 11018 description: ComputeManagementClientUrl allows the default compute 11019 management SDK client URL to be changed. 11020 nullable: true 11021 type: string 11022 containerEngineClientUrl: 11023 description: ContainerEngineClientUrl allows the default container 11024 engine SDK client URL to be changed. 11025 nullable: true 11026 type: string 11027 identityClientUrl: 11028 description: IdentityClientUrl allows the default identity SDK 11029 client URL to be changed. 11030 nullable: true 11031 type: string 11032 loadBalancerClientUrl: 11033 description: LoadBalancerClientUrl allows the default load balancer 11034 SDK client URL to be changed. 11035 nullable: true 11036 type: string 11037 networkLoadBalancerClientUrl: 11038 description: NetworkLoadBalancerClientUrl allows the default NLB 11039 SDK client URL to be changed. 11040 nullable: true 11041 type: string 11042 vCNClientUrl: 11043 description: VCNClientUrl allows the default vcn SDK client URL 11044 to be changed. 11045 nullable: true 11046 type: string 11047 type: object 11048 identityRef: 11049 description: IdentityRef is a reference to an identity(principal) 11050 to be used when reconciling this cluster 11051 properties: 11052 apiVersion: 11053 description: API version of the referent. 11054 type: string 11055 fieldPath: 11056 description: 'If referring to a piece of an object instead of 11057 an entire object, this string should contain a valid JSON/Go 11058 field access statement, such as desiredState.manifest.containers[2]. 11059 For example, if the object reference is to a container within 11060 a pod, this would take on a value like: "spec.containers{name}" 11061 (where "name" refers to the name of the container that triggered 11062 the event) or if no container name is specified "spec.containers[2]" 11063 (container with index 2 in this pod). This syntax is chosen 11064 only to have some well-defined way of referencing a part of 11065 an object. TODO: this design is not final and this field is 11066 subject to change in the future.' 11067 type: string 11068 kind: 11069 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 11070 type: string 11071 name: 11072 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 11073 type: string 11074 namespace: 11075 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 11076 type: string 11077 resourceVersion: 11078 description: 'Specific resourceVersion to which this reference 11079 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 11080 type: string 11081 uid: 11082 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 11083 type: string 11084 type: object 11085 x-kubernetes-map-type: atomic 11086 networkSpec: 11087 description: NetworkSpec encapsulates all things related to OCI network. 11088 properties: 11089 apiServerLoadBalancer: 11090 description: API Server LB configuration. 11091 properties: 11092 loadBalancerId: 11093 description: ID of Load Balancer. 11094 type: string 11095 loadBalancerType: 11096 description: 'Type of Load Balancer: NLB (default) or LBaaS.' 11097 type: string 11098 name: 11099 description: LoadBalancer Name. 11100 type: string 11101 type: object 11102 skipNetworkManagement: 11103 description: SkipNetworkManagement defines if the networking spec(VCN 11104 related) specified by the user needs to be reconciled(actioned-upon) 11105 or used as it is. APIServerLB will still be reconciled. 11106 type: boolean 11107 vcn: 11108 description: VCN configuration. 11109 properties: 11110 cidr: 11111 description: VCN CIDR. 11112 type: string 11113 id: 11114 description: VCN OCID. 11115 type: string 11116 internetGateway: 11117 description: Configuration for Internet Gateway. 11118 properties: 11119 id: 11120 description: ID of Internet Gateway. 11121 type: string 11122 skip: 11123 description: Skip specifies whether to skip creating internet 11124 gateway even if any one Subnet is public. 11125 type: boolean 11126 type: object 11127 name: 11128 description: VCN Name. 11129 type: string 11130 natGateway: 11131 description: Configuration for NAT Gateway. 11132 properties: 11133 id: 11134 description: ID of Nat Gateway. 11135 type: string 11136 skip: 11137 description: Skip specifies whether to skip creating NAT 11138 gateway even if any one Subnet is private. 11139 type: boolean 11140 type: object 11141 networkSecurityGroup: 11142 description: Configuration for NSG management. 11143 properties: 11144 list: 11145 description: NetworkSecurityGroup is the configuration 11146 for the Network Security Groups required in the VCN. 11147 items: 11148 description: NSG defines configuration for a Network 11149 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 11150 properties: 11151 egressRules: 11152 description: EgressRules on the NSG. 11153 items: 11154 description: EgressSecurityRuleForNSG is EgressSecurityRule 11155 for NSG. 11156 properties: 11157 egressRule: 11158 description: EgressSecurityRule A rule for 11159 allowing outbound IP packets. 11160 properties: 11161 description: 11162 description: An optional description of 11163 your choice for the rule. 11164 type: string 11165 destination: 11166 description: 'Conceptually, this is the 11167 range of IP addresses that a packet 11168 originating from the instance can go 11169 to. Allowed values: * IP address range 11170 in CIDR notation. For example: `192.168.1.0/24` 11171 or `2001:0db8:0123:45::/56` Note that 11172 IPv6 addressing is currently supported 11173 only in certain regions. See IPv6 Addresses 11174 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11175 * The `cidrBlock` value for a Service, 11176 if you''re setting up a security list 11177 rule for traffic destined for a particular 11178 `Service` through a service gateway. 11179 For example: `oci-phx-objectstorage`.' 11180 type: string 11181 destinationType: 11182 description: 'Type of destination for 11183 the rule. The default is `CIDR_BLOCK`. 11184 Allowed values: * `CIDR_BLOCK`: If the 11185 rule''s `destination` is an IP address 11186 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 11187 If the rule''s `destination` is the 11188 `cidrBlock` value for a Service (the 11189 rule is for traffic destined for a particular 11190 `Service` through a service gateway).' 11191 type: string 11192 icmpOptions: 11193 description: 'IcmpOptions Optional and 11194 valid only for ICMP and ICMPv6. Use 11195 to specify a particular ICMP type and 11196 code as defined in: - ICMP Parameters 11197 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11198 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11199 If you specify ICMP or ICMPv6 as the 11200 protocol but omit this object, then 11201 all ICMP types and codes are allowed. 11202 If you do provide this object, the type 11203 is required and the code is optional. 11204 To enable MTU negotiation for ingress 11205 internet traffic via IPv4, make sure 11206 to allow type 3 ("Destination Unreachable") 11207 code 4 ("Fragmentation Needed and Don''t 11208 Fragment was Set"). If you need to specify 11209 multiple codes for a single type, create 11210 a separate security list rule for each.' 11211 properties: 11212 code: 11213 description: The ICMP code (optional). 11214 type: integer 11215 type: 11216 description: The ICMP type. 11217 type: integer 11218 type: object 11219 isStateless: 11220 description: A stateless rule allows traffic 11221 in one direction. Remember to add a 11222 corresponding stateless rule in the 11223 other direction if you need to support 11224 bidirectional traffic. For example, 11225 if egress traffic allows TCP destination 11226 port 80, there should be an ingress 11227 rule to allow TCP source port 80. Defaults 11228 to false, which means the rule is stateful 11229 and a corresponding rule is not necessary 11230 for bidirectional traffic. 11231 type: boolean 11232 protocol: 11233 description: The transport protocol. Specify 11234 either `all` or an IPv4 protocol number 11235 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11236 Options are supported only for ICMP 11237 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 11238 ("58"). 11239 type: string 11240 tcpOptions: 11241 description: TcpOptions Optional and valid 11242 only for TCP. Use to specify particular 11243 destination ports for TCP rules. If 11244 you specify TCP as the protocol but 11245 omit this object, then all destination 11246 ports are allowed. 11247 properties: 11248 destinationPortRange: 11249 description: PortRange The representation 11250 of PortRange. 11251 properties: 11252 max: 11253 description: The maximum port 11254 number, which must not be less 11255 than the minimum port number. 11256 To specify a single port number, 11257 set both the min and max to 11258 the same value. 11259 type: integer 11260 min: 11261 description: The minimum port 11262 number, which must not be greater 11263 than the maximum port number. 11264 type: integer 11265 type: object 11266 sourcePortRange: 11267 description: PortRange The representation 11268 of PortRange. 11269 properties: 11270 max: 11271 description: The maximum port 11272 number, which must not be less 11273 than the minimum port number. 11274 To specify a single port number, 11275 set both the min and max to 11276 the same value. 11277 type: integer 11278 min: 11279 description: The minimum port 11280 number, which must not be greater 11281 than the maximum port number. 11282 type: integer 11283 type: object 11284 type: object 11285 udpOptions: 11286 description: UdpOptions Optional and valid 11287 only for UDP. Use to specify particular 11288 destination ports for UDP rules. If 11289 you specify UDP as the protocol but 11290 omit this object, then all destination 11291 ports are allowed. 11292 properties: 11293 destinationPortRange: 11294 description: PortRange The representation 11295 of PortRange. 11296 properties: 11297 max: 11298 description: The maximum port 11299 number, which must not be less 11300 than the minimum port number. 11301 To specify a single port number, 11302 set both the min and max to 11303 the same value. 11304 type: integer 11305 min: 11306 description: The minimum port 11307 number, which must not be greater 11308 than the maximum port number. 11309 type: integer 11310 type: object 11311 sourcePortRange: 11312 description: PortRange The representation 11313 of PortRange. 11314 properties: 11315 max: 11316 description: The maximum port 11317 number, which must not be less 11318 than the minimum port number. 11319 To specify a single port number, 11320 set both the min and max to 11321 the same value. 11322 type: integer 11323 min: 11324 description: The minimum port 11325 number, which must not be greater 11326 than the maximum port number. 11327 type: integer 11328 type: object 11329 type: object 11330 type: object 11331 type: object 11332 type: array 11333 id: 11334 description: NSG OCID. 11335 type: string 11336 ingressRules: 11337 description: IngressRules on the NSG. 11338 items: 11339 description: IngressSecurityRuleForNSG is IngressSecurityRule 11340 for NSG 11341 properties: 11342 ingressRule: 11343 description: IngressSecurityRule A rule for 11344 allowing inbound IP packets. 11345 properties: 11346 description: 11347 description: An optional description of 11348 your choice for the rule. 11349 type: string 11350 icmpOptions: 11351 description: 'IcmpOptions Optional and 11352 valid only for ICMP and ICMPv6. Use 11353 to specify a particular ICMP type and 11354 code as defined in: - ICMP Parameters 11355 (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11356 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11357 If you specify ICMP or ICMPv6 as the 11358 protocol but omit this object, then 11359 all ICMP types and codes are allowed. 11360 If you do provide this object, the type 11361 is required and the code is optional. 11362 To enable MTU negotiation for ingress 11363 internet traffic via IPv4, make sure 11364 to allow type 3 ("Destination Unreachable") 11365 code 4 ("Fragmentation Needed and Don''t 11366 Fragment was Set"). If you need to specify 11367 multiple codes for a single type, create 11368 a separate security list rule for each.' 11369 properties: 11370 code: 11371 description: The ICMP code (optional). 11372 type: integer 11373 type: 11374 description: The ICMP type. 11375 type: integer 11376 type: object 11377 isStateless: 11378 description: A stateless rule allows traffic 11379 in one direction. Remember to add a 11380 corresponding stateless rule in the 11381 other direction if you need to support 11382 bidirectional traffic. For example, 11383 if ingress traffic allows TCP destination 11384 port 80, there should be an egress rule 11385 to allow TCP source port 80. Defaults 11386 to false, which means the rule is stateful 11387 and a corresponding rule is not necessary 11388 for bidirectional traffic. 11389 type: boolean 11390 protocol: 11391 description: The transport protocol. Specify 11392 either `all` or an IPv4 protocol number 11393 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11394 Options are supported only for ICMP 11395 ("1"), TCP ("6"), UDP ("17"), and ICMPv6 11396 ("58"). 11397 type: string 11398 source: 11399 description: 'Conceptually, this is the 11400 range of IP addresses that a packet 11401 coming into the instance can come from. 11402 Allowed values: * IP address range in 11403 CIDR notation. For example: `192.168.1.0/24` 11404 or `2001:0db8:0123:45::/56`. IPv6 addressing 11405 is supported for all commercial and 11406 government regions. See IPv6 Addresses 11407 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11408 * The `cidrBlock` value for a Service, 11409 if you''re setting up a security list 11410 rule for traffic coming from a particular 11411 `Service` through a service gateway. 11412 For example: `oci-phx-objectstorage`.' 11413 type: string 11414 sourceType: 11415 description: 'Type of source for the rule. 11416 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 11417 If the rule''s `source` is an IP address 11418 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 11419 If the rule''s `source` is the `cidrBlock` 11420 value for a Service (the rule is for 11421 traffic coming from a particular `Service` 11422 through a service gateway).' 11423 type: string 11424 tcpOptions: 11425 description: TcpOptions Optional and valid 11426 only for TCP. Use to specify particular 11427 destination ports for TCP rules. If 11428 you specify TCP as the protocol but 11429 omit this object, then all destination 11430 ports are allowed. 11431 properties: 11432 destinationPortRange: 11433 description: PortRange The representation 11434 of PortRange. 11435 properties: 11436 max: 11437 description: The maximum port 11438 number, which must not be less 11439 than the minimum port number. 11440 To specify a single port number, 11441 set both the min and max to 11442 the same value. 11443 type: integer 11444 min: 11445 description: The minimum port 11446 number, which must not be greater 11447 than the maximum port number. 11448 type: integer 11449 type: object 11450 sourcePortRange: 11451 description: PortRange The representation 11452 of PortRange. 11453 properties: 11454 max: 11455 description: The maximum port 11456 number, which must not be less 11457 than the minimum port number. 11458 To specify a single port number, 11459 set both the min and max to 11460 the same value. 11461 type: integer 11462 min: 11463 description: The minimum port 11464 number, which must not be greater 11465 than the maximum port number. 11466 type: integer 11467 type: object 11468 type: object 11469 udpOptions: 11470 description: UdpOptions Optional and valid 11471 only for UDP. Use to specify particular 11472 destination ports for UDP rules. If 11473 you specify UDP as the protocol but 11474 omit this object, then all destination 11475 ports are allowed. 11476 properties: 11477 destinationPortRange: 11478 description: PortRange The representation 11479 of PortRange. 11480 properties: 11481 max: 11482 description: The maximum port 11483 number, which must not be less 11484 than the minimum port number. 11485 To specify a single port number, 11486 set both the min and max to 11487 the same value. 11488 type: integer 11489 min: 11490 description: The minimum port 11491 number, which must not be greater 11492 than the maximum port number. 11493 type: integer 11494 type: object 11495 sourcePortRange: 11496 description: PortRange The representation 11497 of PortRange. 11498 properties: 11499 max: 11500 description: The maximum port 11501 number, which must not be less 11502 than the minimum port number. 11503 To specify a single port number, 11504 set both the min and max to 11505 the same value. 11506 type: integer 11507 min: 11508 description: The minimum port 11509 number, which must not be greater 11510 than the maximum port number. 11511 type: integer 11512 type: object 11513 type: object 11514 type: object 11515 type: object 11516 type: array 11517 name: 11518 description: NSG Name. 11519 type: string 11520 role: 11521 description: Role defines the NSG role (eg. control-plane, 11522 control-plane-endpoint, service-lb, worker). 11523 type: string 11524 required: 11525 - name 11526 type: object 11527 type: array 11528 x-kubernetes-list-map-keys: 11529 - name 11530 x-kubernetes-list-type: map 11531 skip: 11532 description: Skip specifies whether to skip creating network 11533 security groups. 11534 type: boolean 11535 type: object 11536 routeTable: 11537 description: Configuration for Route table. 11538 properties: 11539 privateRouteTableId: 11540 description: ID of Private Route Table. 11541 type: string 11542 publicRouteTableId: 11543 description: ID of Public Route Table. 11544 type: string 11545 skip: 11546 description: Skip specifies whether to skip creating Route 11547 table. 11548 type: boolean 11549 type: object 11550 serviceGateway: 11551 description: Configuration for Service Gateway. 11552 properties: 11553 id: 11554 description: ID of Service Gateway. 11555 type: string 11556 skip: 11557 description: Skip specifies whether to skip creating Service 11558 gateway. 11559 type: boolean 11560 type: object 11561 subnets: 11562 description: Subnets is the configuration for subnets required 11563 in the VCN. 11564 items: 11565 description: Subnet defines the configuration for a network's 11566 subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 11567 properties: 11568 cidr: 11569 description: Subnet CIDR. 11570 type: string 11571 id: 11572 description: Subnet OCID. 11573 type: string 11574 name: 11575 description: Subnet Name. 11576 type: string 11577 role: 11578 description: Role defines the subnet role (eg. control-plane, 11579 control-plane-endpoint, service-lb, worker). 11580 type: string 11581 securityList: 11582 description: The security list associated with Subnet. 11583 properties: 11584 egressRules: 11585 description: EgressRules on the SecurityList. 11586 items: 11587 description: EgressSecurityRule A rule for allowing 11588 outbound IP packets. 11589 properties: 11590 description: 11591 description: An optional description of your 11592 choice for the rule. 11593 type: string 11594 destination: 11595 description: 'Conceptually, this is the range 11596 of IP addresses that a packet originating 11597 from the instance can go to. Allowed values: 11598 * IP address range in CIDR notation. For 11599 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 11600 Note that IPv6 addressing is currently supported 11601 only in certain regions. See IPv6 Addresses 11602 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11603 * The `cidrBlock` value for a Service, if 11604 you''re setting up a security list rule 11605 for traffic destined for a particular `Service` 11606 through a service gateway. For example: 11607 `oci-phx-objectstorage`.' 11608 type: string 11609 destinationType: 11610 description: 'Type of destination for the 11611 rule. The default is `CIDR_BLOCK`. Allowed 11612 values: * `CIDR_BLOCK`: If the rule''s `destination` 11613 is an IP address range in CIDR notation. 11614 * `SERVICE_CIDR_BLOCK`: If the rule''s `destination` 11615 is the `cidrBlock` value for a Service (the 11616 rule is for traffic destined for a particular 11617 `Service` through a service gateway).' 11618 type: string 11619 icmpOptions: 11620 description: 'IcmpOptions Optional and valid 11621 only for ICMP and ICMPv6. Use to specify 11622 a particular ICMP type and code as defined 11623 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11624 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11625 If you specify ICMP or ICMPv6 as the protocol 11626 but omit this object, then all ICMP types 11627 and codes are allowed. If you do provide 11628 this object, the type is required and the 11629 code is optional. To enable MTU negotiation 11630 for ingress internet traffic via IPv4, make 11631 sure to allow type 3 ("Destination Unreachable") 11632 code 4 ("Fragmentation Needed and Don''t 11633 Fragment was Set"). If you need to specify 11634 multiple codes for a single type, create 11635 a separate security list rule for each.' 11636 properties: 11637 code: 11638 description: The ICMP code (optional). 11639 type: integer 11640 type: 11641 description: The ICMP type. 11642 type: integer 11643 type: object 11644 isStateless: 11645 description: A stateless rule allows traffic 11646 in one direction. Remember to add a corresponding 11647 stateless rule in the other direction if 11648 you need to support bidirectional traffic. 11649 For example, if egress traffic allows TCP 11650 destination port 80, there should be an 11651 ingress rule to allow TCP source port 80. 11652 Defaults to false, which means the rule 11653 is stateful and a corresponding rule is 11654 not necessary for bidirectional traffic. 11655 type: boolean 11656 protocol: 11657 description: The transport protocol. Specify 11658 either `all` or an IPv4 protocol number 11659 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11660 Options are supported only for ICMP ("1"), 11661 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 11662 type: string 11663 tcpOptions: 11664 description: TcpOptions Optional and valid 11665 only for TCP. Use to specify particular 11666 destination ports for TCP rules. If you 11667 specify TCP as the protocol but omit this 11668 object, then all destination ports are allowed. 11669 properties: 11670 destinationPortRange: 11671 description: PortRange The representation 11672 of PortRange. 11673 properties: 11674 max: 11675 description: The maximum port number, 11676 which must not be less than the 11677 minimum port number. To specify 11678 a single port number, set both the 11679 min and max to the same value. 11680 type: integer 11681 min: 11682 description: The minimum port number, 11683 which must not be greater than the 11684 maximum port number. 11685 type: integer 11686 type: object 11687 sourcePortRange: 11688 description: PortRange The representation 11689 of PortRange. 11690 properties: 11691 max: 11692 description: The maximum port number, 11693 which must not be less than the 11694 minimum port number. To specify 11695 a single port number, set both the 11696 min and max to the same value. 11697 type: integer 11698 min: 11699 description: The minimum port number, 11700 which must not be greater than the 11701 maximum port number. 11702 type: integer 11703 type: object 11704 type: object 11705 udpOptions: 11706 description: UdpOptions Optional and valid 11707 only for UDP. Use to specify particular 11708 destination ports for UDP rules. If you 11709 specify UDP as the protocol but omit this 11710 object, then all destination ports are allowed. 11711 properties: 11712 destinationPortRange: 11713 description: PortRange The representation 11714 of PortRange. 11715 properties: 11716 max: 11717 description: The maximum port number, 11718 which must not be less than the 11719 minimum port number. To specify 11720 a single port number, set both the 11721 min and max to the same value. 11722 type: integer 11723 min: 11724 description: The minimum port number, 11725 which must not be greater than the 11726 maximum port number. 11727 type: integer 11728 type: object 11729 sourcePortRange: 11730 description: PortRange The representation 11731 of PortRange. 11732 properties: 11733 max: 11734 description: The maximum port number, 11735 which must not be less than the 11736 minimum port number. To specify 11737 a single port number, set both the 11738 min and max to the same value. 11739 type: integer 11740 min: 11741 description: The minimum port number, 11742 which must not be greater than the 11743 maximum port number. 11744 type: integer 11745 type: object 11746 type: object 11747 type: object 11748 type: array 11749 id: 11750 description: ID of the SecurityList. 11751 type: string 11752 ingressRules: 11753 description: IngressRules on the SecurityList. 11754 items: 11755 description: IngressSecurityRule A rule for allowing 11756 inbound IP packets. 11757 properties: 11758 description: 11759 description: An optional description of your 11760 choice for the rule. 11761 type: string 11762 icmpOptions: 11763 description: 'IcmpOptions Optional and valid 11764 only for ICMP and ICMPv6. Use to specify 11765 a particular ICMP type and code as defined 11766 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 11767 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 11768 If you specify ICMP or ICMPv6 as the protocol 11769 but omit this object, then all ICMP types 11770 and codes are allowed. If you do provide 11771 this object, the type is required and the 11772 code is optional. To enable MTU negotiation 11773 for ingress internet traffic via IPv4, make 11774 sure to allow type 3 ("Destination Unreachable") 11775 code 4 ("Fragmentation Needed and Don''t 11776 Fragment was Set"). If you need to specify 11777 multiple codes for a single type, create 11778 a separate security list rule for each.' 11779 properties: 11780 code: 11781 description: The ICMP code (optional). 11782 type: integer 11783 type: 11784 description: The ICMP type. 11785 type: integer 11786 type: object 11787 isStateless: 11788 description: A stateless rule allows traffic 11789 in one direction. Remember to add a corresponding 11790 stateless rule in the other direction if 11791 you need to support bidirectional traffic. 11792 For example, if ingress traffic allows TCP 11793 destination port 80, there should be an 11794 egress rule to allow TCP source port 80. 11795 Defaults to false, which means the rule 11796 is stateful and a corresponding rule is 11797 not necessary for bidirectional traffic. 11798 type: boolean 11799 protocol: 11800 description: The transport protocol. Specify 11801 either `all` or an IPv4 protocol number 11802 as defined in Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 11803 Options are supported only for ICMP ("1"), 11804 TCP ("6"), UDP ("17"), and ICMPv6 ("58"). 11805 type: string 11806 source: 11807 description: 'Conceptually, this is the range 11808 of IP addresses that a packet coming into 11809 the instance can come from. Allowed values: 11810 * IP address range in CIDR notation. For 11811 example: `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 11812 IPv6 addressing is supported for all commercial 11813 and government regions. See IPv6 Addresses 11814 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 11815 * The `cidrBlock` value for a Service, if 11816 you''re setting up a security list rule 11817 for traffic coming from a particular `Service` 11818 through a service gateway. For example: 11819 `oci-phx-objectstorage`.' 11820 type: string 11821 sourceType: 11822 description: 'Type of source for the rule. 11823 The default is `CIDR_BLOCK`. * `CIDR_BLOCK`: 11824 If the rule''s `source` is an IP address 11825 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 11826 If the rule''s `source` is the `cidrBlock` 11827 value for a Service (the rule is for traffic 11828 coming from a particular `Service` through 11829 a service gateway).' 11830 type: string 11831 tcpOptions: 11832 description: TcpOptions Optional and valid 11833 only for TCP. Use to specify particular 11834 destination ports for TCP rules. If you 11835 specify TCP as the protocol but omit this 11836 object, then all destination ports are allowed. 11837 properties: 11838 destinationPortRange: 11839 description: PortRange The representation 11840 of PortRange. 11841 properties: 11842 max: 11843 description: The maximum port number, 11844 which must not be less than the 11845 minimum port number. To specify 11846 a single port number, set both the 11847 min and max to the same value. 11848 type: integer 11849 min: 11850 description: The minimum port number, 11851 which must not be greater than the 11852 maximum port number. 11853 type: integer 11854 type: object 11855 sourcePortRange: 11856 description: PortRange The representation 11857 of PortRange. 11858 properties: 11859 max: 11860 description: The maximum port number, 11861 which must not be less than the 11862 minimum port number. To specify 11863 a single port number, set both the 11864 min and max to the same value. 11865 type: integer 11866 min: 11867 description: The minimum port number, 11868 which must not be greater than the 11869 maximum port number. 11870 type: integer 11871 type: object 11872 type: object 11873 udpOptions: 11874 description: UdpOptions Optional and valid 11875 only for UDP. Use to specify particular 11876 destination ports for UDP rules. If you 11877 specify UDP as the protocol but omit this 11878 object, then all destination ports are allowed. 11879 properties: 11880 destinationPortRange: 11881 description: PortRange The representation 11882 of PortRange. 11883 properties: 11884 max: 11885 description: The maximum port number, 11886 which must not be less than the 11887 minimum port number. To specify 11888 a single port number, set both the 11889 min and max to the same value. 11890 type: integer 11891 min: 11892 description: The minimum port number, 11893 which must not be greater than the 11894 maximum port number. 11895 type: integer 11896 type: object 11897 sourcePortRange: 11898 description: PortRange The representation 11899 of PortRange. 11900 properties: 11901 max: 11902 description: The maximum port number, 11903 which must not be less than the 11904 minimum port number. To specify 11905 a single port number, set both the 11906 min and max to the same value. 11907 type: integer 11908 min: 11909 description: The minimum port number, 11910 which must not be greater than the 11911 maximum port number. 11912 type: integer 11913 type: object 11914 type: object 11915 type: object 11916 type: array 11917 name: 11918 description: SecurityList Name. 11919 type: string 11920 type: object 11921 type: 11922 description: Type defines the subnet type (e.g. public, 11923 private). 11924 type: string 11925 required: 11926 - name 11927 - role 11928 type: object 11929 type: array 11930 x-kubernetes-list-map-keys: 11931 - name 11932 x-kubernetes-list-type: map 11933 type: object 11934 vcnPeering: 11935 description: VCNPeering configuration. 11936 properties: 11937 drg: 11938 description: DRG configuration refers to the DRG which has 11939 to be created if required. If management cluster and workload 11940 cluster shares the same DRG, this fields is not required 11941 to be specified. 11942 properties: 11943 id: 11944 description: ID is the OCID for the created DRG. 11945 type: string 11946 manage: 11947 description: Manage defines whether the DRG has to be 11948 managed(including create). If set to false(the default) 11949 the ID has to be specified by the user to a valid DRG 11950 ID to which the VCN has to be attached. 11951 type: boolean 11952 name: 11953 description: Name is the name of the created DRG. 11954 type: string 11955 vcnAttachmentId: 11956 description: VcnAttachmentId is the ID of the VCN attachment 11957 of the DRG. The workload cluster VCN can be attached 11958 to either the management cluster VCN if they are sharing 11959 the same DRG or to the workload cluster DRG. 11960 type: string 11961 type: object 11962 peerRouteRules: 11963 description: PeerRouteRules defines the routing rules which 11964 will be added to the private route tables of the workload 11965 cluster VCN. The routes defined here will be directed to 11966 DRG. 11967 items: 11968 description: PeerRouteRule defines a Route Rule to be routed 11969 via a DRG. 11970 properties: 11971 vcnCIDRRange: 11972 description: VCNCIDRRange is the CIDR Range of peer 11973 VCN to which the workload cluster VCN will be peered. 11974 The CIDR range is required to add the route rule in 11975 the workload cluster VCN, the route rule will forward 11976 any traffic to the CIDR to the DRG. 11977 type: string 11978 type: object 11979 type: array 11980 remotePeeringConnections: 11981 description: RemotePeeringConnections defines the RPC connections 11982 which be established with the workload cluster DRG. 11983 items: 11984 description: RemotePeeringConnection is used to peer VCNs 11985 residing in different regions(typically). Remote VCN Peering 11986 is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 11987 properties: 11988 managePeerRPC: 11989 description: ManagePeerRPC will define if the Peer VCN 11990 needs to be managed. If set to true a Remote Peering 11991 Connection will be created in the Peer DRG and the 11992 connection will be created between local and peer 11993 RPC. 11994 type: boolean 11995 peerDRGId: 11996 description: PeerDRGId defines the DRG ID of the peer. 11997 type: string 11998 peerRPCConnectionId: 11999 description: PeerRPCConnectionId defines the RPC ID 12000 of peer. If ManagePeerRPC is set to true this will 12001 be created by Cluster API Provider for OCI, otherwise 12002 this has be defined by the user. 12003 type: string 12004 peerRegionName: 12005 description: PeerRegionName defined the region name 12006 of Peer VCN. 12007 type: string 12008 rpcConnectionId: 12009 description: RPCConnectionId is the connection ID of 12010 the connection between peer and local RPC. 12011 type: string 12012 type: object 12013 type: array 12014 type: object 12015 type: object 12016 ociResourceIdentifier: 12017 description: The unique ID which will be used to tag all the resources 12018 created by this Cluster. The tag will be used to identify resources 12019 belonging to this cluster. this will be auto-generated and should 12020 not be set by the user. 12021 type: string 12022 region: 12023 description: Region the cluster operates in. It must be one of available 12024 regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 12025 type: string 12026 type: object 12027 status: 12028 description: OCIManagedClusterStatus defines the observed state of OCICluster 12029 properties: 12030 conditions: 12031 description: NetworkSpec encapsulates all things related to OCI network. 12032 items: 12033 description: Condition defines an observation of a Cluster API resource 12034 operational state. 12035 properties: 12036 lastTransitionTime: 12037 description: Last time the condition transitioned from one status 12038 to another. This should be when the underlying condition changed. 12039 If that is not known, then using the time when the API field 12040 changed is acceptable. 12041 format: date-time 12042 type: string 12043 message: 12044 description: A human readable message indicating details about 12045 the transition. This field may be empty. 12046 type: string 12047 reason: 12048 description: The reason for the condition's last transition 12049 in CamelCase. The specific API may choose whether or not this 12050 field is considered a guaranteed API. This field may not be 12051 empty. 12052 type: string 12053 severity: 12054 description: Severity provides an explicit classification of 12055 Reason code, so the users or machines can immediately understand 12056 the current situation and act accordingly. The Severity field 12057 MUST be set only when Status=False. 12058 type: string 12059 status: 12060 description: Status of the condition, one of True, False, Unknown. 12061 type: string 12062 type: 12063 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 12064 Many .condition.type values are consistent across resources 12065 like Available, but because arbitrary conditions can be useful 12066 (see .node.status.conditions), the ability to deconflict is 12067 important. 12068 type: string 12069 required: 12070 - lastTransitionTime 12071 - status 12072 - type 12073 type: object 12074 type: array 12075 failureDomains: 12076 additionalProperties: 12077 description: FailureDomainSpec is the Schema for Cluster API failure 12078 domains. It allows controllers to understand how many failure 12079 domains a cluster can optionally span across. 12080 properties: 12081 attributes: 12082 additionalProperties: 12083 type: string 12084 description: Attributes is a free form map of attributes an 12085 infrastructure provider might use or require. 12086 type: object 12087 controlPlane: 12088 description: ControlPlane determines if this failure domain 12089 is suitable for use by control plane machines. 12090 type: boolean 12091 type: object 12092 description: FailureDomains is a slice of FailureDomains. 12093 type: object 12094 ready: 12095 type: boolean 12096 type: object 12097 type: object 12098 served: true 12099 storage: true 12100 subresources: 12101 status: {} 12102 --- 12103 apiVersion: apiextensions.k8s.io/v1 12104 kind: CustomResourceDefinition 12105 metadata: 12106 annotations: 12107 controller-gen.kubebuilder.io/version: v0.10.0 12108 creationTimestamp: null 12109 labels: 12110 cluster.x-k8s.io/provider: infrastructure-oci 12111 cluster.x-k8s.io/v1beta1: v1beta1 12112 name: ocimanagedclustertemplates.infrastructure.cluster.x-k8s.io 12113 spec: 12114 group: infrastructure.cluster.x-k8s.io 12115 names: 12116 categories: 12117 - cluster-api 12118 kind: OCIManagedClusterTemplate 12119 listKind: OCIManagedClusterTemplateList 12120 plural: ocimanagedclustertemplates 12121 singular: ocimanagedclustertemplate 12122 scope: Namespaced 12123 versions: 12124 - name: v1beta1 12125 schema: 12126 openAPIV3Schema: 12127 description: OCIManagedClusterTemplate is the Schema for the ocimanagedclustertemplates 12128 API. 12129 properties: 12130 apiVersion: 12131 description: 'APIVersion defines the versioned schema of this representation 12132 of an object. Servers should convert recognized schemas to the latest 12133 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 12134 type: string 12135 kind: 12136 description: 'Kind is a string value representing the REST resource this 12137 object represents. Servers may infer this from the endpoint the client 12138 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 12139 type: string 12140 metadata: 12141 type: object 12142 spec: 12143 description: OCIManagedClusterTemplateSpec defines the desired state of 12144 OCIManagedClusterTemplate. 12145 properties: 12146 template: 12147 description: OCIManagedClusterSpec describes the data needed to create 12148 an OCIManagedCluster from a template. 12149 properties: 12150 spec: 12151 description: OCIManagedClusterSpec defines the desired state of 12152 OCI OKE Cluster 12153 properties: 12154 compartmentId: 12155 description: Compartment to create the cluster network. 12156 type: string 12157 controlPlaneEndpoint: 12158 description: ControlPlaneEndpoint represents the endpoint 12159 used to communicate with the control plane. This will not 12160 be set by the user, this will be updated by the Cluster 12161 Reconciler after OKe cluster has been created and the cluster 12162 has an endpoint address 12163 properties: 12164 host: 12165 description: The hostname on which the API server is serving. 12166 type: string 12167 port: 12168 description: The port on which the API server is serving. 12169 format: int32 12170 type: integer 12171 required: 12172 - host 12173 - port 12174 type: object 12175 definedTags: 12176 additionalProperties: 12177 additionalProperties: 12178 type: string 12179 type: object 12180 description: 'Defined tags for this resource. Each key is 12181 predefined and scoped to a namespace. For more information, 12182 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 12183 Example: `{"Operations": {"CostCenter": "42"}}`' 12184 type: object 12185 freeformTags: 12186 additionalProperties: 12187 type: string 12188 description: Free-form tags for this resource. 12189 type: object 12190 identityRef: 12191 description: IdentityRef is a reference to an identity(principal) 12192 to be used when reconciling this cluster 12193 properties: 12194 apiVersion: 12195 description: API version of the referent. 12196 type: string 12197 fieldPath: 12198 description: 'If referring to a piece of an object instead 12199 of an entire object, this string should contain a valid 12200 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 12201 For example, if the object reference is to a container 12202 within a pod, this would take on a value like: "spec.containers{name}" 12203 (where "name" refers to the name of the container that 12204 triggered the event) or if no container name is specified 12205 "spec.containers[2]" (container with index 2 in this 12206 pod). This syntax is chosen only to have some well-defined 12207 way of referencing a part of an object. TODO: this design 12208 is not final and this field is subject to change in 12209 the future.' 12210 type: string 12211 kind: 12212 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 12213 type: string 12214 name: 12215 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 12216 type: string 12217 namespace: 12218 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 12219 type: string 12220 resourceVersion: 12221 description: 'Specific resourceVersion to which this reference 12222 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 12223 type: string 12224 uid: 12225 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 12226 type: string 12227 type: object 12228 x-kubernetes-map-type: atomic 12229 networkSpec: 12230 description: NetworkSpec encapsulates all things related to 12231 OCI network. 12232 properties: 12233 apiServerLoadBalancer: 12234 description: API Server LB configuration. 12235 properties: 12236 loadBalancerId: 12237 description: ID of Load Balancer. 12238 type: string 12239 name: 12240 description: LoadBalancer Name. 12241 type: string 12242 type: object 12243 skipNetworkManagement: 12244 description: SkipNetworkManagement defines if the networking 12245 spec(VCN related) specified by the user needs to be 12246 reconciled(actioned-upon) or used as it is. APIServerLB 12247 will still be reconciled. 12248 type: boolean 12249 vcn: 12250 description: VCN configuration. 12251 properties: 12252 cidr: 12253 description: VCN CIDR. 12254 type: string 12255 id: 12256 description: VCN OCID. 12257 type: string 12258 internetGatewayId: 12259 description: ID of Internet Gateway. 12260 type: string 12261 name: 12262 description: VCN Name. 12263 type: string 12264 natGatewayId: 12265 description: ID of Nat Gateway. 12266 type: string 12267 networkSecurityGroups: 12268 description: NetworkSecurityGroups is the configuration 12269 for the Network Security Groups required in the 12270 VCN. 12271 items: 12272 description: NSG defines configuration for a Network 12273 Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 12274 properties: 12275 egressRules: 12276 description: EgressRules on the NSG. 12277 items: 12278 description: EgressSecurityRuleForNSG is EgressSecurityRule 12279 for NSG. 12280 properties: 12281 egressRule: 12282 description: EgressSecurityRule A rule 12283 for allowing outbound IP packets. 12284 properties: 12285 description: 12286 description: An optional description 12287 of your choice for the rule. 12288 type: string 12289 destination: 12290 description: 'Conceptually, this is 12291 the range of IP addresses that a 12292 packet originating from the instance 12293 can go to. Allowed values: * IP 12294 address range in CIDR notation. 12295 For example: `192.168.1.0/24` or 12296 `2001:0db8:0123:45::/56` Note that 12297 IPv6 addressing is currently supported 12298 only in certain regions. See IPv6 12299 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12300 * The `cidrBlock` value for a Service, 12301 if you''re setting up a security 12302 list rule for traffic destined for 12303 a particular `Service` through a 12304 service gateway. For example: `oci-phx-objectstorage`.' 12305 type: string 12306 destinationType: 12307 description: 'Type of destination 12308 for the rule. The default is `CIDR_BLOCK`. 12309 Allowed values: * `CIDR_BLOCK`: 12310 If the rule''s `destination` is 12311 an IP address range in CIDR notation. 12312 * `SERVICE_CIDR_BLOCK`: If the rule''s 12313 `destination` is the `cidrBlock` 12314 value for a Service (the rule is 12315 for traffic destined for a particular 12316 `Service` through a service gateway).' 12317 type: string 12318 icmpOptions: 12319 description: 'IcmpOptions Optional 12320 and valid only for ICMP and ICMPv6. 12321 Use to specify a particular ICMP 12322 type and code as defined in: - ICMP 12323 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12324 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12325 If you specify ICMP or ICMPv6 as 12326 the protocol but omit this object, 12327 then all ICMP types and codes are 12328 allowed. If you do provide this 12329 object, the type is required and 12330 the code is optional. To enable 12331 MTU negotiation for ingress internet 12332 traffic via IPv4, make sure to allow 12333 type 3 ("Destination Unreachable") 12334 code 4 ("Fragmentation Needed and 12335 Don''t Fragment was Set"). If you 12336 need to specify multiple codes for 12337 a single type, create a separate 12338 security list rule for each.' 12339 properties: 12340 code: 12341 description: The ICMP code (optional). 12342 type: integer 12343 type: 12344 description: The ICMP type. 12345 type: integer 12346 type: object 12347 isStateless: 12348 description: A stateless rule allows 12349 traffic in one direction. Remember 12350 to add a corresponding stateless 12351 rule in the other direction if you 12352 need to support bidirectional traffic. 12353 For example, if egress traffic allows 12354 TCP destination port 80, there should 12355 be an ingress rule to allow TCP 12356 source port 80. Defaults to false, 12357 which means the rule is stateful 12358 and a corresponding rule is not 12359 necessary for bidirectional traffic. 12360 type: boolean 12361 protocol: 12362 description: The transport protocol. 12363 Specify either `all` or an IPv4 12364 protocol number as defined in Protocol 12365 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12366 Options are supported only for ICMP 12367 ("1"), TCP ("6"), UDP ("17"), and 12368 ICMPv6 ("58"). 12369 type: string 12370 tcpOptions: 12371 description: TcpOptions Optional and 12372 valid only for TCP. Use to specify 12373 particular destination ports for 12374 TCP rules. If you specify TCP as 12375 the protocol but omit this object, 12376 then all destination ports are allowed. 12377 properties: 12378 destinationPortRange: 12379 description: PortRange The representation 12380 of PortRange. 12381 properties: 12382 max: 12383 description: The maximum port 12384 number, which must not be 12385 less than the minimum port 12386 number. To specify a single 12387 port number, set both the 12388 min and max to the same 12389 value. 12390 type: integer 12391 min: 12392 description: The minimum port 12393 number, which must not be 12394 greater than the maximum 12395 port number. 12396 type: integer 12397 type: object 12398 sourcePortRange: 12399 description: PortRange The representation 12400 of PortRange. 12401 properties: 12402 max: 12403 description: The maximum port 12404 number, which must not be 12405 less than the minimum port 12406 number. To specify a single 12407 port number, set both the 12408 min and max to the same 12409 value. 12410 type: integer 12411 min: 12412 description: The minimum port 12413 number, which must not be 12414 greater than the maximum 12415 port number. 12416 type: integer 12417 type: object 12418 type: object 12419 udpOptions: 12420 description: UdpOptions Optional and 12421 valid only for UDP. Use to specify 12422 particular destination ports for 12423 UDP rules. If you specify UDP as 12424 the protocol but omit this object, 12425 then all destination ports are allowed. 12426 properties: 12427 destinationPortRange: 12428 description: PortRange The representation 12429 of PortRange. 12430 properties: 12431 max: 12432 description: The maximum port 12433 number, which must not be 12434 less than the minimum port 12435 number. To specify a single 12436 port number, set both the 12437 min and max to the same 12438 value. 12439 type: integer 12440 min: 12441 description: The minimum port 12442 number, which must not be 12443 greater than the maximum 12444 port number. 12445 type: integer 12446 type: object 12447 sourcePortRange: 12448 description: PortRange The representation 12449 of PortRange. 12450 properties: 12451 max: 12452 description: The maximum port 12453 number, which must not be 12454 less than the minimum port 12455 number. To specify a single 12456 port number, set both the 12457 min and max to the same 12458 value. 12459 type: integer 12460 min: 12461 description: The minimum port 12462 number, which must not be 12463 greater than the maximum 12464 port number. 12465 type: integer 12466 type: object 12467 type: object 12468 type: object 12469 id: 12470 description: 'EgressSecurityRule ID for 12471 NSG. Deprecated: this field is not populated 12472 and used during reconciliation' 12473 type: string 12474 type: object 12475 type: array 12476 id: 12477 description: NSG OCID. 12478 type: string 12479 ingressRules: 12480 description: IngressRules on the NSG. 12481 items: 12482 description: IngressSecurityRuleForNSG is 12483 IngressSecurityRule for NSG 12484 properties: 12485 id: 12486 description: 'IngressSecurityRule ID for 12487 NSG. Deprecated: this field is not populated 12488 and used during reconciliation' 12489 type: string 12490 ingressRule: 12491 description: IngressSecurityRule A rule 12492 for allowing inbound IP packets. 12493 properties: 12494 description: 12495 description: An optional description 12496 of your choice for the rule. 12497 type: string 12498 icmpOptions: 12499 description: 'IcmpOptions Optional 12500 and valid only for ICMP and ICMPv6. 12501 Use to specify a particular ICMP 12502 type and code as defined in: - ICMP 12503 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12504 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12505 If you specify ICMP or ICMPv6 as 12506 the protocol but omit this object, 12507 then all ICMP types and codes are 12508 allowed. If you do provide this 12509 object, the type is required and 12510 the code is optional. To enable 12511 MTU negotiation for ingress internet 12512 traffic via IPv4, make sure to allow 12513 type 3 ("Destination Unreachable") 12514 code 4 ("Fragmentation Needed and 12515 Don''t Fragment was Set"). If you 12516 need to specify multiple codes for 12517 a single type, create a separate 12518 security list rule for each.' 12519 properties: 12520 code: 12521 description: The ICMP code (optional). 12522 type: integer 12523 type: 12524 description: The ICMP type. 12525 type: integer 12526 type: object 12527 isStateless: 12528 description: A stateless rule allows 12529 traffic in one direction. Remember 12530 to add a corresponding stateless 12531 rule in the other direction if you 12532 need to support bidirectional traffic. 12533 For example, if ingress traffic 12534 allows TCP destination port 80, 12535 there should be an egress rule to 12536 allow TCP source port 80. Defaults 12537 to false, which means the rule is 12538 stateful and a corresponding rule 12539 is not necessary for bidirectional 12540 traffic. 12541 type: boolean 12542 protocol: 12543 description: The transport protocol. 12544 Specify either `all` or an IPv4 12545 protocol number as defined in Protocol 12546 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12547 Options are supported only for ICMP 12548 ("1"), TCP ("6"), UDP ("17"), and 12549 ICMPv6 ("58"). 12550 type: string 12551 source: 12552 description: 'Conceptually, this is 12553 the range of IP addresses that a 12554 packet coming into the instance 12555 can come from. Allowed values: * 12556 IP address range in CIDR notation. 12557 For example: `192.168.1.0/24` or 12558 `2001:0db8:0123:45::/56`. IPv6 addressing 12559 is supported for all commercial 12560 and government regions. See IPv6 12561 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12562 * The `cidrBlock` value for a Service, 12563 if you''re setting up a security 12564 list rule for traffic coming from 12565 a particular `Service` through a 12566 service gateway. For example: `oci-phx-objectstorage`.' 12567 type: string 12568 sourceType: 12569 description: 'Type of source for the 12570 rule. The default is `CIDR_BLOCK`. 12571 * `CIDR_BLOCK`: If the rule''s `source` 12572 is an IP address range in CIDR notation. 12573 * `SERVICE_CIDR_BLOCK`: If the rule''s 12574 `source` is the `cidrBlock` value 12575 for a Service (the rule is for traffic 12576 coming from a particular `Service` 12577 through a service gateway).' 12578 type: string 12579 tcpOptions: 12580 description: TcpOptions Optional and 12581 valid only for TCP. Use to specify 12582 particular destination ports for 12583 TCP rules. If you specify TCP as 12584 the protocol but omit this object, 12585 then all destination ports are allowed. 12586 properties: 12587 destinationPortRange: 12588 description: PortRange The representation 12589 of PortRange. 12590 properties: 12591 max: 12592 description: The maximum port 12593 number, which must not be 12594 less than the minimum port 12595 number. To specify a single 12596 port number, set both the 12597 min and max to the same 12598 value. 12599 type: integer 12600 min: 12601 description: The minimum port 12602 number, which must not be 12603 greater than the maximum 12604 port number. 12605 type: integer 12606 type: object 12607 sourcePortRange: 12608 description: PortRange The representation 12609 of PortRange. 12610 properties: 12611 max: 12612 description: The maximum port 12613 number, which must not be 12614 less than the minimum port 12615 number. To specify a single 12616 port number, set both the 12617 min and max to the same 12618 value. 12619 type: integer 12620 min: 12621 description: The minimum port 12622 number, which must not be 12623 greater than the maximum 12624 port number. 12625 type: integer 12626 type: object 12627 type: object 12628 udpOptions: 12629 description: UdpOptions Optional and 12630 valid only for UDP. Use to specify 12631 particular destination ports for 12632 UDP rules. If you specify UDP as 12633 the protocol but omit this object, 12634 then all destination ports are allowed. 12635 properties: 12636 destinationPortRange: 12637 description: PortRange The representation 12638 of PortRange. 12639 properties: 12640 max: 12641 description: The maximum port 12642 number, which must not be 12643 less than the minimum port 12644 number. To specify a single 12645 port number, set both the 12646 min and max to the same 12647 value. 12648 type: integer 12649 min: 12650 description: The minimum port 12651 number, which must not be 12652 greater than the maximum 12653 port number. 12654 type: integer 12655 type: object 12656 sourcePortRange: 12657 description: PortRange The representation 12658 of PortRange. 12659 properties: 12660 max: 12661 description: The maximum port 12662 number, which must not be 12663 less than the minimum port 12664 number. To specify a single 12665 port number, set both the 12666 min and max to the same 12667 value. 12668 type: integer 12669 min: 12670 description: The minimum port 12671 number, which must not be 12672 greater than the maximum 12673 port number. 12674 type: integer 12675 type: object 12676 type: object 12677 type: object 12678 type: object 12679 type: array 12680 name: 12681 description: NSG Name. 12682 type: string 12683 role: 12684 description: Role defines the NSG role (eg. 12685 control-plane, control-plane-endpoint, service-lb, 12686 worker). 12687 type: string 12688 required: 12689 - name 12690 type: object 12691 type: array 12692 x-kubernetes-list-map-keys: 12693 - name 12694 x-kubernetes-list-type: map 12695 privateRouteTableId: 12696 description: ID of Private Route Table. 12697 type: string 12698 publicRouteTableId: 12699 description: ID of Public Route Table. 12700 type: string 12701 serviceGatewayId: 12702 description: ID of Service Gateway. 12703 type: string 12704 subnets: 12705 description: Subnets is the configuration for subnets 12706 required in the VCN. 12707 items: 12708 description: Subnet defines the configuration for 12709 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 12710 properties: 12711 cidr: 12712 description: Subnet CIDR. 12713 type: string 12714 id: 12715 description: Subnet OCID. 12716 type: string 12717 name: 12718 description: Subnet Name. 12719 type: string 12720 role: 12721 description: Role defines the subnet role (eg. 12722 control-plane, control-plane-endpoint, service-lb, 12723 worker). 12724 type: string 12725 securityList: 12726 description: The security list associated with 12727 Subnet. 12728 properties: 12729 egressRules: 12730 description: EgressRules on the SecurityList. 12731 items: 12732 description: EgressSecurityRule A rule 12733 for allowing outbound IP packets. 12734 properties: 12735 description: 12736 description: An optional description 12737 of your choice for the rule. 12738 type: string 12739 destination: 12740 description: 'Conceptually, this is 12741 the range of IP addresses that a 12742 packet originating from the instance 12743 can go to. Allowed values: * IP 12744 address range in CIDR notation. 12745 For example: `192.168.1.0/24` or 12746 `2001:0db8:0123:45::/56` Note that 12747 IPv6 addressing is currently supported 12748 only in certain regions. See IPv6 12749 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12750 * The `cidrBlock` value for a Service, 12751 if you''re setting up a security 12752 list rule for traffic destined for 12753 a particular `Service` through a 12754 service gateway. For example: `oci-phx-objectstorage`.' 12755 type: string 12756 destinationType: 12757 description: 'Type of destination 12758 for the rule. The default is `CIDR_BLOCK`. 12759 Allowed values: * `CIDR_BLOCK`: 12760 If the rule''s `destination` is 12761 an IP address range in CIDR notation. 12762 * `SERVICE_CIDR_BLOCK`: If the rule''s 12763 `destination` is the `cidrBlock` 12764 value for a Service (the rule is 12765 for traffic destined for a particular 12766 `Service` through a service gateway).' 12767 type: string 12768 icmpOptions: 12769 description: 'IcmpOptions Optional 12770 and valid only for ICMP and ICMPv6. 12771 Use to specify a particular ICMP 12772 type and code as defined in: - ICMP 12773 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12774 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12775 If you specify ICMP or ICMPv6 as 12776 the protocol but omit this object, 12777 then all ICMP types and codes are 12778 allowed. If you do provide this 12779 object, the type is required and 12780 the code is optional. To enable 12781 MTU negotiation for ingress internet 12782 traffic via IPv4, make sure to allow 12783 type 3 ("Destination Unreachable") 12784 code 4 ("Fragmentation Needed and 12785 Don''t Fragment was Set"). If you 12786 need to specify multiple codes for 12787 a single type, create a separate 12788 security list rule for each.' 12789 properties: 12790 code: 12791 description: The ICMP code (optional). 12792 type: integer 12793 type: 12794 description: The ICMP type. 12795 type: integer 12796 type: object 12797 isStateless: 12798 description: A stateless rule allows 12799 traffic in one direction. Remember 12800 to add a corresponding stateless 12801 rule in the other direction if you 12802 need to support bidirectional traffic. 12803 For example, if egress traffic allows 12804 TCP destination port 80, there should 12805 be an ingress rule to allow TCP 12806 source port 80. Defaults to false, 12807 which means the rule is stateful 12808 and a corresponding rule is not 12809 necessary for bidirectional traffic. 12810 type: boolean 12811 protocol: 12812 description: The transport protocol. 12813 Specify either `all` or an IPv4 12814 protocol number as defined in Protocol 12815 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12816 Options are supported only for ICMP 12817 ("1"), TCP ("6"), UDP ("17"), and 12818 ICMPv6 ("58"). 12819 type: string 12820 tcpOptions: 12821 description: TcpOptions Optional and 12822 valid only for TCP. Use to specify 12823 particular destination ports for 12824 TCP rules. If you specify TCP as 12825 the protocol but omit this object, 12826 then all destination ports are allowed. 12827 properties: 12828 destinationPortRange: 12829 description: PortRange The representation 12830 of PortRange. 12831 properties: 12832 max: 12833 description: The maximum port 12834 number, which must not be 12835 less than the minimum port 12836 number. To specify a single 12837 port number, set both the 12838 min and max to the same 12839 value. 12840 type: integer 12841 min: 12842 description: The minimum port 12843 number, which must not be 12844 greater than the maximum 12845 port number. 12846 type: integer 12847 type: object 12848 sourcePortRange: 12849 description: PortRange The representation 12850 of PortRange. 12851 properties: 12852 max: 12853 description: The maximum port 12854 number, which must not be 12855 less than the minimum port 12856 number. To specify a single 12857 port number, set both the 12858 min and max to the same 12859 value. 12860 type: integer 12861 min: 12862 description: The minimum port 12863 number, which must not be 12864 greater than the maximum 12865 port number. 12866 type: integer 12867 type: object 12868 type: object 12869 udpOptions: 12870 description: UdpOptions Optional and 12871 valid only for UDP. Use to specify 12872 particular destination ports for 12873 UDP rules. If you specify UDP as 12874 the protocol but omit this object, 12875 then all destination ports are allowed. 12876 properties: 12877 destinationPortRange: 12878 description: PortRange The representation 12879 of PortRange. 12880 properties: 12881 max: 12882 description: The maximum port 12883 number, which must not be 12884 less than the minimum port 12885 number. To specify a single 12886 port number, set both the 12887 min and max to the same 12888 value. 12889 type: integer 12890 min: 12891 description: The minimum port 12892 number, which must not be 12893 greater than the maximum 12894 port number. 12895 type: integer 12896 type: object 12897 sourcePortRange: 12898 description: PortRange The representation 12899 of PortRange. 12900 properties: 12901 max: 12902 description: The maximum port 12903 number, which must not be 12904 less than the minimum port 12905 number. To specify a single 12906 port number, set both the 12907 min and max to the same 12908 value. 12909 type: integer 12910 min: 12911 description: The minimum port 12912 number, which must not be 12913 greater than the maximum 12914 port number. 12915 type: integer 12916 type: object 12917 type: object 12918 type: object 12919 type: array 12920 id: 12921 description: ID of the SecurityList. 12922 type: string 12923 ingressRules: 12924 description: IngressRules on the SecurityList. 12925 items: 12926 description: IngressSecurityRule A rule 12927 for allowing inbound IP packets. 12928 properties: 12929 description: 12930 description: An optional description 12931 of your choice for the rule. 12932 type: string 12933 icmpOptions: 12934 description: 'IcmpOptions Optional 12935 and valid only for ICMP and ICMPv6. 12936 Use to specify a particular ICMP 12937 type and code as defined in: - ICMP 12938 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 12939 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 12940 If you specify ICMP or ICMPv6 as 12941 the protocol but omit this object, 12942 then all ICMP types and codes are 12943 allowed. If you do provide this 12944 object, the type is required and 12945 the code is optional. To enable 12946 MTU negotiation for ingress internet 12947 traffic via IPv4, make sure to allow 12948 type 3 ("Destination Unreachable") 12949 code 4 ("Fragmentation Needed and 12950 Don''t Fragment was Set"). If you 12951 need to specify multiple codes for 12952 a single type, create a separate 12953 security list rule for each.' 12954 properties: 12955 code: 12956 description: The ICMP code (optional). 12957 type: integer 12958 type: 12959 description: The ICMP type. 12960 type: integer 12961 type: object 12962 isStateless: 12963 description: A stateless rule allows 12964 traffic in one direction. Remember 12965 to add a corresponding stateless 12966 rule in the other direction if you 12967 need to support bidirectional traffic. 12968 For example, if ingress traffic 12969 allows TCP destination port 80, 12970 there should be an egress rule to 12971 allow TCP source port 80. Defaults 12972 to false, which means the rule is 12973 stateful and a corresponding rule 12974 is not necessary for bidirectional 12975 traffic. 12976 type: boolean 12977 protocol: 12978 description: The transport protocol. 12979 Specify either `all` or an IPv4 12980 protocol number as defined in Protocol 12981 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 12982 Options are supported only for ICMP 12983 ("1"), TCP ("6"), UDP ("17"), and 12984 ICMPv6 ("58"). 12985 type: string 12986 source: 12987 description: 'Conceptually, this is 12988 the range of IP addresses that a 12989 packet coming into the instance 12990 can come from. Allowed values: * 12991 IP address range in CIDR notation. 12992 For example: `192.168.1.0/24` or 12993 `2001:0db8:0123:45::/56`. IPv6 addressing 12994 is supported for all commercial 12995 and government regions. See IPv6 12996 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 12997 * The `cidrBlock` value for a Service, 12998 if you''re setting up a security 12999 list rule for traffic coming from 13000 a particular `Service` through a 13001 service gateway. For example: `oci-phx-objectstorage`.' 13002 type: string 13003 sourceType: 13004 description: 'Type of source for the 13005 rule. The default is `CIDR_BLOCK`. 13006 * `CIDR_BLOCK`: If the rule''s `source` 13007 is an IP address range in CIDR notation. 13008 * `SERVICE_CIDR_BLOCK`: If the rule''s 13009 `source` is the `cidrBlock` value 13010 for a Service (the rule is for traffic 13011 coming from a particular `Service` 13012 through a service gateway).' 13013 type: string 13014 tcpOptions: 13015 description: TcpOptions Optional and 13016 valid only for TCP. Use to specify 13017 particular destination ports for 13018 TCP rules. If you specify TCP as 13019 the protocol but omit this object, 13020 then all destination ports are allowed. 13021 properties: 13022 destinationPortRange: 13023 description: PortRange The representation 13024 of PortRange. 13025 properties: 13026 max: 13027 description: The maximum port 13028 number, which must not be 13029 less than the minimum port 13030 number. To specify a single 13031 port number, set both the 13032 min and max to the same 13033 value. 13034 type: integer 13035 min: 13036 description: The minimum port 13037 number, which must not be 13038 greater than the maximum 13039 port number. 13040 type: integer 13041 type: object 13042 sourcePortRange: 13043 description: PortRange The representation 13044 of PortRange. 13045 properties: 13046 max: 13047 description: The maximum port 13048 number, which must not be 13049 less than the minimum port 13050 number. To specify a single 13051 port number, set both the 13052 min and max to the same 13053 value. 13054 type: integer 13055 min: 13056 description: The minimum port 13057 number, which must not be 13058 greater than the maximum 13059 port number. 13060 type: integer 13061 type: object 13062 type: object 13063 udpOptions: 13064 description: UdpOptions Optional and 13065 valid only for UDP. Use to specify 13066 particular destination ports for 13067 UDP rules. If you specify UDP as 13068 the protocol but omit this object, 13069 then all destination ports are allowed. 13070 properties: 13071 destinationPortRange: 13072 description: PortRange The representation 13073 of PortRange. 13074 properties: 13075 max: 13076 description: The maximum port 13077 number, which must not be 13078 less than the minimum port 13079 number. To specify a single 13080 port number, set both the 13081 min and max to the same 13082 value. 13083 type: integer 13084 min: 13085 description: The minimum port 13086 number, which must not be 13087 greater than the maximum 13088 port number. 13089 type: integer 13090 type: object 13091 sourcePortRange: 13092 description: PortRange The representation 13093 of PortRange. 13094 properties: 13095 max: 13096 description: The maximum port 13097 number, which must not be 13098 less than the minimum port 13099 number. To specify a single 13100 port number, set both the 13101 min and max to the same 13102 value. 13103 type: integer 13104 min: 13105 description: The minimum port 13106 number, which must not be 13107 greater than the maximum 13108 port number. 13109 type: integer 13110 type: object 13111 type: object 13112 type: object 13113 type: array 13114 name: 13115 description: SecurityList Name. 13116 type: string 13117 type: object 13118 type: 13119 description: Type defines the subnet type (e.g. 13120 public, private). 13121 type: string 13122 required: 13123 - name 13124 - role 13125 type: object 13126 type: array 13127 x-kubernetes-list-map-keys: 13128 - name 13129 x-kubernetes-list-type: map 13130 type: object 13131 vcnPeering: 13132 description: VCNPeering configuration. 13133 properties: 13134 drg: 13135 description: DRG configuration refers to the DRG which 13136 has to be created if required. If management cluster 13137 and workload cluster shares the same DRG, this fields 13138 is not required to be specified. 13139 properties: 13140 id: 13141 description: ID is the OCID for the created DRG. 13142 type: string 13143 manage: 13144 description: Manage defines whether the DRG has 13145 to be managed(including create). If set to false(the 13146 default) the ID has to be specified by the user 13147 to a valid DRG ID to which the VCN has to be 13148 attached. 13149 type: boolean 13150 name: 13151 description: Name is the name of the created DRG. 13152 type: string 13153 vcnAttachmentId: 13154 description: VcnAttachmentId is the ID of the 13155 VCN attachment of the DRG. The workload cluster 13156 VCN can be attached to either the management 13157 cluster VCN if they are sharing the same DRG 13158 or to the workload cluster DRG. 13159 type: string 13160 type: object 13161 peerRouteRules: 13162 description: PeerRouteRules defines the routing rules 13163 which will be added to the private route tables 13164 of the workload cluster VCN. The routes defined 13165 here will be directed to DRG. 13166 items: 13167 description: PeerRouteRule defines a Route Rule 13168 to be routed via a DRG. 13169 properties: 13170 vcnCIDRRange: 13171 description: VCNCIDRRange is the CIDR Range 13172 of peer VCN to which the workload cluster 13173 VCN will be peered. The CIDR range is required 13174 to add the route rule in the workload cluster 13175 VCN, the route rule will forward any traffic 13176 to the CIDR to the DRG. 13177 type: string 13178 type: object 13179 type: array 13180 remotePeeringConnections: 13181 description: RemotePeeringConnections defines the 13182 RPC connections which be established with the workload 13183 cluster DRG. 13184 items: 13185 description: RemotePeeringConnection is used to 13186 peer VCNs residing in different regions(typically). 13187 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 13188 properties: 13189 managePeerRPC: 13190 description: ManagePeerRPC will define if the 13191 Peer VCN needs to be managed. If set to true 13192 a Remote Peering Connection will be created 13193 in the Peer DRG and the connection will be 13194 created between local and peer RPC. 13195 type: boolean 13196 peerDRGId: 13197 description: PeerDRGId defines the DRG ID of 13198 the peer. 13199 type: string 13200 peerRPCConnectionId: 13201 description: PeerRPCConnectionId defines the 13202 RPC ID of peer. If ManagePeerRPC is set to 13203 true this will be created by Cluster API Provider 13204 for OCI, otherwise this has be defined by 13205 the user. 13206 type: string 13207 peerRegionName: 13208 description: PeerRegionName defined the region 13209 name of Peer VCN. 13210 type: string 13211 rpcConnectionId: 13212 description: RPCConnectionId is the connection 13213 ID of the connection between peer and local 13214 RPC. 13215 type: string 13216 type: object 13217 type: array 13218 type: object 13219 type: object 13220 ociResourceIdentifier: 13221 description: The unique ID which will be used to tag all the 13222 resources created by this Cluster. The tag will be used 13223 to identify resources belonging to this cluster. this will 13224 be auto-generated and should not be set by the user. 13225 type: string 13226 region: 13227 description: Region the cluster operates in. It must be one 13228 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 13229 type: string 13230 type: object 13231 required: 13232 - spec 13233 type: object 13234 required: 13235 - template 13236 type: object 13237 type: object 13238 served: true 13239 storage: false 13240 - name: v1beta2 13241 schema: 13242 openAPIV3Schema: 13243 description: OCIManagedClusterTemplate is the Schema for the ocimanagedclustertemplates 13244 API. 13245 properties: 13246 apiVersion: 13247 description: 'APIVersion defines the versioned schema of this representation 13248 of an object. Servers should convert recognized schemas to the latest 13249 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 13250 type: string 13251 kind: 13252 description: 'Kind is a string value representing the REST resource this 13253 object represents. Servers may infer this from the endpoint the client 13254 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13255 type: string 13256 metadata: 13257 type: object 13258 spec: 13259 description: OCIManagedClusterTemplateSpec defines the desired state of 13260 OCIManagedClusterTemplate. 13261 properties: 13262 template: 13263 description: OCIManagedClusterSpec describes the data needed to create 13264 an OCIManagedCluster from a template. 13265 properties: 13266 spec: 13267 description: OCIManagedClusterSpec defines the desired state of 13268 OCI OKE Cluster 13269 properties: 13270 availabilityDomains: 13271 additionalProperties: 13272 description: OCIAvailabilityDomain contains information 13273 about an Availability Domain (AD). 13274 properties: 13275 faultDomains: 13276 description: 'FaultDomains a list of fault domain (FD) 13277 names. Example: ["FAULT-DOMAIN-1"]' 13278 items: 13279 type: string 13280 type: array 13281 name: 13282 description: 'Name is the AD''s full name. Example: 13283 Uocm:PHX-AD-1' 13284 type: string 13285 type: object 13286 description: AvailabilityDomains encapsulates the clusters 13287 Availability Domain (AD) information in a map where the 13288 map key is the AD name and the struct is details about the 13289 AD. 13290 type: object 13291 compartmentId: 13292 description: Compartment to create the cluster network. 13293 type: string 13294 controlPlaneEndpoint: 13295 description: ControlPlaneEndpoint represents the endpoint 13296 used to communicate with the control plane. This will not 13297 be set by the user, this will be updated by the Cluster 13298 Reconciler after OKe cluster has been created and the cluster 13299 has an endpoint address 13300 properties: 13301 host: 13302 description: The hostname on which the API server is serving. 13303 type: string 13304 port: 13305 description: The port on which the API server is serving. 13306 format: int32 13307 type: integer 13308 required: 13309 - host 13310 - port 13311 type: object 13312 definedTags: 13313 additionalProperties: 13314 additionalProperties: 13315 type: string 13316 type: object 13317 description: 'Defined tags for this resource. Each key is 13318 predefined and scoped to a namespace. For more information, 13319 see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). 13320 Example: `{"Operations": {"CostCenter": "42"}}`' 13321 type: object 13322 freeformTags: 13323 additionalProperties: 13324 type: string 13325 description: Free-form tags for this resource. 13326 type: object 13327 hostUrl: 13328 description: ClientOverrides allows the default client SDK 13329 URLs to be changed. 13330 nullable: true 13331 properties: 13332 certOverride: 13333 description: CertOverride is a secret that contains information 13334 about a cert override used by all the OCI SDK clients. 13335 The secret must contain data with a `cert`property. 13336 nullable: true 13337 properties: 13338 name: 13339 description: name is unique within a namespace to 13340 reference a secret resource. 13341 type: string 13342 namespace: 13343 description: namespace defines the space within which 13344 the secret name must be unique. 13345 type: string 13346 type: object 13347 x-kubernetes-map-type: atomic 13348 computeClientUrl: 13349 description: ComputeClientUrl allows the default compute 13350 SDK client URL to be changed. 13351 nullable: true 13352 type: string 13353 computeManagementClientUrl: 13354 description: ComputeManagementClientUrl allows the default 13355 compute management SDK client URL to be changed. 13356 nullable: true 13357 type: string 13358 containerEngineClientUrl: 13359 description: ContainerEngineClientUrl allows the default 13360 container engine SDK client URL to be changed. 13361 nullable: true 13362 type: string 13363 identityClientUrl: 13364 description: IdentityClientUrl allows the default identity 13365 SDK client URL to be changed. 13366 nullable: true 13367 type: string 13368 loadBalancerClientUrl: 13369 description: LoadBalancerClientUrl allows the default 13370 load balancer SDK client URL to be changed. 13371 nullable: true 13372 type: string 13373 networkLoadBalancerClientUrl: 13374 description: NetworkLoadBalancerClientUrl allows the default 13375 NLB SDK client URL to be changed. 13376 nullable: true 13377 type: string 13378 vCNClientUrl: 13379 description: VCNClientUrl allows the default vcn SDK client 13380 URL to be changed. 13381 nullable: true 13382 type: string 13383 type: object 13384 identityRef: 13385 description: IdentityRef is a reference to an identity(principal) 13386 to be used when reconciling this cluster 13387 properties: 13388 apiVersion: 13389 description: API version of the referent. 13390 type: string 13391 fieldPath: 13392 description: 'If referring to a piece of an object instead 13393 of an entire object, this string should contain a valid 13394 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 13395 For example, if the object reference is to a container 13396 within a pod, this would take on a value like: "spec.containers{name}" 13397 (where "name" refers to the name of the container that 13398 triggered the event) or if no container name is specified 13399 "spec.containers[2]" (container with index 2 in this 13400 pod). This syntax is chosen only to have some well-defined 13401 way of referencing a part of an object. TODO: this design 13402 is not final and this field is subject to change in 13403 the future.' 13404 type: string 13405 kind: 13406 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13407 type: string 13408 name: 13409 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 13410 type: string 13411 namespace: 13412 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 13413 type: string 13414 resourceVersion: 13415 description: 'Specific resourceVersion to which this reference 13416 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 13417 type: string 13418 uid: 13419 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 13420 type: string 13421 type: object 13422 x-kubernetes-map-type: atomic 13423 networkSpec: 13424 description: NetworkSpec encapsulates all things related to 13425 OCI network. 13426 properties: 13427 apiServerLoadBalancer: 13428 description: API Server LB configuration. 13429 properties: 13430 loadBalancerId: 13431 description: ID of Load Balancer. 13432 type: string 13433 loadBalancerType: 13434 description: 'Type of Load Balancer: NLB (default) 13435 or LBaaS.' 13436 type: string 13437 name: 13438 description: LoadBalancer Name. 13439 type: string 13440 type: object 13441 skipNetworkManagement: 13442 description: SkipNetworkManagement defines if the networking 13443 spec(VCN related) specified by the user needs to be 13444 reconciled(actioned-upon) or used as it is. APIServerLB 13445 will still be reconciled. 13446 type: boolean 13447 vcn: 13448 description: VCN configuration. 13449 properties: 13450 cidr: 13451 description: VCN CIDR. 13452 type: string 13453 id: 13454 description: VCN OCID. 13455 type: string 13456 internetGateway: 13457 description: Configuration for Internet Gateway. 13458 properties: 13459 id: 13460 description: ID of Internet Gateway. 13461 type: string 13462 skip: 13463 description: Skip specifies whether to skip creating 13464 internet gateway even if any one Subnet is public. 13465 type: boolean 13466 type: object 13467 name: 13468 description: VCN Name. 13469 type: string 13470 natGateway: 13471 description: Configuration for NAT Gateway. 13472 properties: 13473 id: 13474 description: ID of Nat Gateway. 13475 type: string 13476 skip: 13477 description: Skip specifies whether to skip creating 13478 NAT gateway even if any one Subnet is private. 13479 type: boolean 13480 type: object 13481 networkSecurityGroup: 13482 description: Configuration for NSG management. 13483 properties: 13484 list: 13485 description: NetworkSecurityGroup is the configuration 13486 for the Network Security Groups required in 13487 the VCN. 13488 items: 13489 description: NSG defines configuration for a 13490 Network Security Group. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm 13491 properties: 13492 egressRules: 13493 description: EgressRules on the NSG. 13494 items: 13495 description: EgressSecurityRuleForNSG 13496 is EgressSecurityRule for NSG. 13497 properties: 13498 egressRule: 13499 description: EgressSecurityRule A 13500 rule for allowing outbound IP packets. 13501 properties: 13502 description: 13503 description: An optional description 13504 of your choice for the rule. 13505 type: string 13506 destination: 13507 description: 'Conceptually, this 13508 is the range of IP addresses 13509 that a packet originating from 13510 the instance can go to. Allowed 13511 values: * IP address range in 13512 CIDR notation. For example: 13513 `192.168.1.0/24` or `2001:0db8:0123:45::/56` 13514 Note that IPv6 addressing is 13515 currently supported only in 13516 certain regions. See IPv6 Addresses 13517 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 13518 * The `cidrBlock` value for 13519 a Service, if you''re setting 13520 up a security list rule for 13521 traffic destined for a particular 13522 `Service` through a service 13523 gateway. For example: `oci-phx-objectstorage`.' 13524 type: string 13525 destinationType: 13526 description: 'Type of destination 13527 for the rule. The default is 13528 `CIDR_BLOCK`. Allowed values: 13529 * `CIDR_BLOCK`: If the rule''s 13530 `destination` is an IP address 13531 range in CIDR notation. * `SERVICE_CIDR_BLOCK`: 13532 If the rule''s `destination` 13533 is the `cidrBlock` value for 13534 a Service (the rule is for traffic 13535 destined for a particular `Service` 13536 through a service gateway).' 13537 type: string 13538 icmpOptions: 13539 description: 'IcmpOptions Optional 13540 and valid only for ICMP and 13541 ICMPv6. Use to specify a particular 13542 ICMP type and code as defined 13543 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13544 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13545 If you specify ICMP or ICMPv6 13546 as the protocol but omit this 13547 object, then all ICMP types 13548 and codes are allowed. If you 13549 do provide this object, the 13550 type is required and the code 13551 is optional. To enable MTU negotiation 13552 for ingress internet traffic 13553 via IPv4, make sure to allow 13554 type 3 ("Destination Unreachable") 13555 code 4 ("Fragmentation Needed 13556 and Don''t Fragment was Set"). 13557 If you need to specify multiple 13558 codes for a single type, create 13559 a separate security list rule 13560 for each.' 13561 properties: 13562 code: 13563 description: The ICMP code 13564 (optional). 13565 type: integer 13566 type: 13567 description: The ICMP type. 13568 type: integer 13569 type: object 13570 isStateless: 13571 description: A stateless rule 13572 allows traffic in one direction. 13573 Remember to add a corresponding 13574 stateless rule in the other 13575 direction if you need to support 13576 bidirectional traffic. For example, 13577 if egress traffic allows TCP 13578 destination port 80, there should 13579 be an ingress rule to allow 13580 TCP source port 80. Defaults 13581 to false, which means the rule 13582 is stateful and a corresponding 13583 rule is not necessary for bidirectional 13584 traffic. 13585 type: boolean 13586 protocol: 13587 description: The transport protocol. 13588 Specify either `all` or an IPv4 13589 protocol number as defined in 13590 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13591 Options are supported only for 13592 ICMP ("1"), TCP ("6"), UDP ("17"), 13593 and ICMPv6 ("58"). 13594 type: string 13595 tcpOptions: 13596 description: TcpOptions Optional 13597 and valid only for TCP. Use 13598 to specify particular destination 13599 ports for TCP rules. If you 13600 specify TCP as the protocol 13601 but omit this object, then all 13602 destination ports are allowed. 13603 properties: 13604 destinationPortRange: 13605 description: PortRange The 13606 representation of PortRange. 13607 properties: 13608 max: 13609 description: The maximum 13610 port number, which must 13611 not be less than the 13612 minimum port number. 13613 To specify a single 13614 port number, set both 13615 the min and max to the 13616 same value. 13617 type: integer 13618 min: 13619 description: The minimum 13620 port number, which must 13621 not be greater than 13622 the maximum port number. 13623 type: integer 13624 type: object 13625 sourcePortRange: 13626 description: PortRange The 13627 representation of PortRange. 13628 properties: 13629 max: 13630 description: The maximum 13631 port number, which must 13632 not be less than the 13633 minimum port number. 13634 To specify a single 13635 port number, set both 13636 the min and max to the 13637 same value. 13638 type: integer 13639 min: 13640 description: The minimum 13641 port number, which must 13642 not be greater than 13643 the maximum port number. 13644 type: integer 13645 type: object 13646 type: object 13647 udpOptions: 13648 description: UdpOptions Optional 13649 and valid only for UDP. Use 13650 to specify particular destination 13651 ports for UDP rules. If you 13652 specify UDP as the protocol 13653 but omit this object, then all 13654 destination ports are allowed. 13655 properties: 13656 destinationPortRange: 13657 description: PortRange The 13658 representation of PortRange. 13659 properties: 13660 max: 13661 description: The maximum 13662 port number, which must 13663 not be less than the 13664 minimum port number. 13665 To specify a single 13666 port number, set both 13667 the min and max to the 13668 same value. 13669 type: integer 13670 min: 13671 description: The minimum 13672 port number, which must 13673 not be greater than 13674 the maximum port number. 13675 type: integer 13676 type: object 13677 sourcePortRange: 13678 description: PortRange The 13679 representation of PortRange. 13680 properties: 13681 max: 13682 description: The maximum 13683 port number, which must 13684 not be less than the 13685 minimum port number. 13686 To specify a single 13687 port number, set both 13688 the min and max to the 13689 same value. 13690 type: integer 13691 min: 13692 description: The minimum 13693 port number, which must 13694 not be greater than 13695 the maximum port number. 13696 type: integer 13697 type: object 13698 type: object 13699 type: object 13700 type: object 13701 type: array 13702 id: 13703 description: NSG OCID. 13704 type: string 13705 ingressRules: 13706 description: IngressRules on the NSG. 13707 items: 13708 description: IngressSecurityRuleForNSG 13709 is IngressSecurityRule for NSG 13710 properties: 13711 ingressRule: 13712 description: IngressSecurityRule A 13713 rule for allowing inbound IP packets. 13714 properties: 13715 description: 13716 description: An optional description 13717 of your choice for the rule. 13718 type: string 13719 icmpOptions: 13720 description: 'IcmpOptions Optional 13721 and valid only for ICMP and 13722 ICMPv6. Use to specify a particular 13723 ICMP type and code as defined 13724 in: - ICMP Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 13725 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 13726 If you specify ICMP or ICMPv6 13727 as the protocol but omit this 13728 object, then all ICMP types 13729 and codes are allowed. If you 13730 do provide this object, the 13731 type is required and the code 13732 is optional. To enable MTU negotiation 13733 for ingress internet traffic 13734 via IPv4, make sure to allow 13735 type 3 ("Destination Unreachable") 13736 code 4 ("Fragmentation Needed 13737 and Don''t Fragment was Set"). 13738 If you need to specify multiple 13739 codes for a single type, create 13740 a separate security list rule 13741 for each.' 13742 properties: 13743 code: 13744 description: The ICMP code 13745 (optional). 13746 type: integer 13747 type: 13748 description: The ICMP type. 13749 type: integer 13750 type: object 13751 isStateless: 13752 description: A stateless rule 13753 allows traffic in one direction. 13754 Remember to add a corresponding 13755 stateless rule in the other 13756 direction if you need to support 13757 bidirectional traffic. For example, 13758 if ingress traffic allows TCP 13759 destination port 80, there should 13760 be an egress rule to allow TCP 13761 source port 80. Defaults to 13762 false, which means the rule 13763 is stateful and a corresponding 13764 rule is not necessary for bidirectional 13765 traffic. 13766 type: boolean 13767 protocol: 13768 description: The transport protocol. 13769 Specify either `all` or an IPv4 13770 protocol number as defined in 13771 Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 13772 Options are supported only for 13773 ICMP ("1"), TCP ("6"), UDP ("17"), 13774 and ICMPv6 ("58"). 13775 type: string 13776 source: 13777 description: 'Conceptually, this 13778 is the range of IP addresses 13779 that a packet coming into the 13780 instance can come from. Allowed 13781 values: * IP address range in 13782 CIDR notation. For example: 13783 `192.168.1.0/24` or `2001:0db8:0123:45::/56`. 13784 IPv6 addressing is supported 13785 for all commercial and government 13786 regions. See IPv6 Addresses 13787 (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 13788 * The `cidrBlock` value for 13789 a Service, if you''re setting 13790 up a security list rule for 13791 traffic coming from a particular 13792 `Service` through a service 13793 gateway. For example: `oci-phx-objectstorage`.' 13794 type: string 13795 sourceType: 13796 description: 'Type of source for 13797 the rule. The default is `CIDR_BLOCK`. 13798 * `CIDR_BLOCK`: If the rule''s 13799 `source` is an IP address range 13800 in CIDR notation. * `SERVICE_CIDR_BLOCK`: 13801 If the rule''s `source` is the 13802 `cidrBlock` value for a Service 13803 (the rule is for traffic coming 13804 from a particular `Service` 13805 through a service gateway).' 13806 type: string 13807 tcpOptions: 13808 description: TcpOptions Optional 13809 and valid only for TCP. Use 13810 to specify particular destination 13811 ports for TCP rules. If you 13812 specify TCP as the protocol 13813 but omit this object, then all 13814 destination ports are allowed. 13815 properties: 13816 destinationPortRange: 13817 description: PortRange The 13818 representation of PortRange. 13819 properties: 13820 max: 13821 description: The maximum 13822 port number, which must 13823 not be less than the 13824 minimum port number. 13825 To specify a single 13826 port number, set both 13827 the min and max to the 13828 same value. 13829 type: integer 13830 min: 13831 description: The minimum 13832 port number, which must 13833 not be greater than 13834 the maximum port number. 13835 type: integer 13836 type: object 13837 sourcePortRange: 13838 description: PortRange The 13839 representation of PortRange. 13840 properties: 13841 max: 13842 description: The maximum 13843 port number, which must 13844 not be less than the 13845 minimum port number. 13846 To specify a single 13847 port number, set both 13848 the min and max to the 13849 same value. 13850 type: integer 13851 min: 13852 description: The minimum 13853 port number, which must 13854 not be greater than 13855 the maximum port number. 13856 type: integer 13857 type: object 13858 type: object 13859 udpOptions: 13860 description: UdpOptions Optional 13861 and valid only for UDP. Use 13862 to specify particular destination 13863 ports for UDP rules. If you 13864 specify UDP as the protocol 13865 but omit this object, then all 13866 destination ports are allowed. 13867 properties: 13868 destinationPortRange: 13869 description: PortRange The 13870 representation of PortRange. 13871 properties: 13872 max: 13873 description: The maximum 13874 port number, which must 13875 not be less than the 13876 minimum port number. 13877 To specify a single 13878 port number, set both 13879 the min and max to the 13880 same value. 13881 type: integer 13882 min: 13883 description: The minimum 13884 port number, which must 13885 not be greater than 13886 the maximum port number. 13887 type: integer 13888 type: object 13889 sourcePortRange: 13890 description: PortRange The 13891 representation of PortRange. 13892 properties: 13893 max: 13894 description: The maximum 13895 port number, which must 13896 not be less than the 13897 minimum port number. 13898 To specify a single 13899 port number, set both 13900 the min and max to the 13901 same value. 13902 type: integer 13903 min: 13904 description: The minimum 13905 port number, which must 13906 not be greater than 13907 the maximum port number. 13908 type: integer 13909 type: object 13910 type: object 13911 type: object 13912 type: object 13913 type: array 13914 name: 13915 description: NSG Name. 13916 type: string 13917 role: 13918 description: Role defines the NSG role (eg. 13919 control-plane, control-plane-endpoint, 13920 service-lb, worker). 13921 type: string 13922 required: 13923 - name 13924 type: object 13925 type: array 13926 x-kubernetes-list-map-keys: 13927 - name 13928 x-kubernetes-list-type: map 13929 skip: 13930 description: Skip specifies whether to skip creating 13931 network security groups. 13932 type: boolean 13933 type: object 13934 routeTable: 13935 description: Configuration for Route table. 13936 properties: 13937 privateRouteTableId: 13938 description: ID of Private Route Table. 13939 type: string 13940 publicRouteTableId: 13941 description: ID of Public Route Table. 13942 type: string 13943 skip: 13944 description: Skip specifies whether to skip creating 13945 Route table. 13946 type: boolean 13947 type: object 13948 serviceGateway: 13949 description: Configuration for Service Gateway. 13950 properties: 13951 id: 13952 description: ID of Service Gateway. 13953 type: string 13954 skip: 13955 description: Skip specifies whether to skip creating 13956 Service gateway. 13957 type: boolean 13958 type: object 13959 subnets: 13960 description: Subnets is the configuration for subnets 13961 required in the VCN. 13962 items: 13963 description: Subnet defines the configuration for 13964 a network's subnet https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs_topic-Overview_of_VCNs_and_Subnets.htm#Overview 13965 properties: 13966 cidr: 13967 description: Subnet CIDR. 13968 type: string 13969 id: 13970 description: Subnet OCID. 13971 type: string 13972 name: 13973 description: Subnet Name. 13974 type: string 13975 role: 13976 description: Role defines the subnet role (eg. 13977 control-plane, control-plane-endpoint, service-lb, 13978 worker). 13979 type: string 13980 securityList: 13981 description: The security list associated with 13982 Subnet. 13983 properties: 13984 egressRules: 13985 description: EgressRules on the SecurityList. 13986 items: 13987 description: EgressSecurityRule A rule 13988 for allowing outbound IP packets. 13989 properties: 13990 description: 13991 description: An optional description 13992 of your choice for the rule. 13993 type: string 13994 destination: 13995 description: 'Conceptually, this is 13996 the range of IP addresses that a 13997 packet originating from the instance 13998 can go to. Allowed values: * IP 13999 address range in CIDR notation. 14000 For example: `192.168.1.0/24` or 14001 `2001:0db8:0123:45::/56` Note that 14002 IPv6 addressing is currently supported 14003 only in certain regions. See IPv6 14004 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 14005 * The `cidrBlock` value for a Service, 14006 if you''re setting up a security 14007 list rule for traffic destined for 14008 a particular `Service` through a 14009 service gateway. For example: `oci-phx-objectstorage`.' 14010 type: string 14011 destinationType: 14012 description: 'Type of destination 14013 for the rule. The default is `CIDR_BLOCK`. 14014 Allowed values: * `CIDR_BLOCK`: 14015 If the rule''s `destination` is 14016 an IP address range in CIDR notation. 14017 * `SERVICE_CIDR_BLOCK`: If the rule''s 14018 `destination` is the `cidrBlock` 14019 value for a Service (the rule is 14020 for traffic destined for a particular 14021 `Service` through a service gateway).' 14022 type: string 14023 icmpOptions: 14024 description: 'IcmpOptions Optional 14025 and valid only for ICMP and ICMPv6. 14026 Use to specify a particular ICMP 14027 type and code as defined in: - ICMP 14028 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 14029 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 14030 If you specify ICMP or ICMPv6 as 14031 the protocol but omit this object, 14032 then all ICMP types and codes are 14033 allowed. If you do provide this 14034 object, the type is required and 14035 the code is optional. To enable 14036 MTU negotiation for ingress internet 14037 traffic via IPv4, make sure to allow 14038 type 3 ("Destination Unreachable") 14039 code 4 ("Fragmentation Needed and 14040 Don''t Fragment was Set"). If you 14041 need to specify multiple codes for 14042 a single type, create a separate 14043 security list rule for each.' 14044 properties: 14045 code: 14046 description: The ICMP code (optional). 14047 type: integer 14048 type: 14049 description: The ICMP type. 14050 type: integer 14051 type: object 14052 isStateless: 14053 description: A stateless rule allows 14054 traffic in one direction. Remember 14055 to add a corresponding stateless 14056 rule in the other direction if you 14057 need to support bidirectional traffic. 14058 For example, if egress traffic allows 14059 TCP destination port 80, there should 14060 be an ingress rule to allow TCP 14061 source port 80. Defaults to false, 14062 which means the rule is stateful 14063 and a corresponding rule is not 14064 necessary for bidirectional traffic. 14065 type: boolean 14066 protocol: 14067 description: The transport protocol. 14068 Specify either `all` or an IPv4 14069 protocol number as defined in Protocol 14070 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 14071 Options are supported only for ICMP 14072 ("1"), TCP ("6"), UDP ("17"), and 14073 ICMPv6 ("58"). 14074 type: string 14075 tcpOptions: 14076 description: TcpOptions Optional and 14077 valid only for TCP. Use to specify 14078 particular destination ports for 14079 TCP rules. If you specify TCP as 14080 the protocol but omit this object, 14081 then all destination ports are allowed. 14082 properties: 14083 destinationPortRange: 14084 description: PortRange The representation 14085 of PortRange. 14086 properties: 14087 max: 14088 description: The maximum port 14089 number, which must not be 14090 less than the minimum port 14091 number. To specify a single 14092 port number, set both the 14093 min and max to the same 14094 value. 14095 type: integer 14096 min: 14097 description: The minimum port 14098 number, which must not be 14099 greater than the maximum 14100 port number. 14101 type: integer 14102 type: object 14103 sourcePortRange: 14104 description: PortRange The representation 14105 of PortRange. 14106 properties: 14107 max: 14108 description: The maximum port 14109 number, which must not be 14110 less than the minimum port 14111 number. To specify a single 14112 port number, set both the 14113 min and max to the same 14114 value. 14115 type: integer 14116 min: 14117 description: The minimum port 14118 number, which must not be 14119 greater than the maximum 14120 port number. 14121 type: integer 14122 type: object 14123 type: object 14124 udpOptions: 14125 description: UdpOptions Optional and 14126 valid only for UDP. Use to specify 14127 particular destination ports for 14128 UDP rules. If you specify UDP as 14129 the protocol but omit this object, 14130 then all destination ports are allowed. 14131 properties: 14132 destinationPortRange: 14133 description: PortRange The representation 14134 of PortRange. 14135 properties: 14136 max: 14137 description: The maximum port 14138 number, which must not be 14139 less than the minimum port 14140 number. To specify a single 14141 port number, set both the 14142 min and max to the same 14143 value. 14144 type: integer 14145 min: 14146 description: The minimum port 14147 number, which must not be 14148 greater than the maximum 14149 port number. 14150 type: integer 14151 type: object 14152 sourcePortRange: 14153 description: PortRange The representation 14154 of PortRange. 14155 properties: 14156 max: 14157 description: The maximum port 14158 number, which must not be 14159 less than the minimum port 14160 number. To specify a single 14161 port number, set both the 14162 min and max to the same 14163 value. 14164 type: integer 14165 min: 14166 description: The minimum port 14167 number, which must not be 14168 greater than the maximum 14169 port number. 14170 type: integer 14171 type: object 14172 type: object 14173 type: object 14174 type: array 14175 id: 14176 description: ID of the SecurityList. 14177 type: string 14178 ingressRules: 14179 description: IngressRules on the SecurityList. 14180 items: 14181 description: IngressSecurityRule A rule 14182 for allowing inbound IP packets. 14183 properties: 14184 description: 14185 description: An optional description 14186 of your choice for the rule. 14187 type: string 14188 icmpOptions: 14189 description: 'IcmpOptions Optional 14190 and valid only for ICMP and ICMPv6. 14191 Use to specify a particular ICMP 14192 type and code as defined in: - ICMP 14193 Parameters (http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml) 14194 - ICMPv6 Parameters (https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml) 14195 If you specify ICMP or ICMPv6 as 14196 the protocol but omit this object, 14197 then all ICMP types and codes are 14198 allowed. If you do provide this 14199 object, the type is required and 14200 the code is optional. To enable 14201 MTU negotiation for ingress internet 14202 traffic via IPv4, make sure to allow 14203 type 3 ("Destination Unreachable") 14204 code 4 ("Fragmentation Needed and 14205 Don''t Fragment was Set"). If you 14206 need to specify multiple codes for 14207 a single type, create a separate 14208 security list rule for each.' 14209 properties: 14210 code: 14211 description: The ICMP code (optional). 14212 type: integer 14213 type: 14214 description: The ICMP type. 14215 type: integer 14216 type: object 14217 isStateless: 14218 description: A stateless rule allows 14219 traffic in one direction. Remember 14220 to add a corresponding stateless 14221 rule in the other direction if you 14222 need to support bidirectional traffic. 14223 For example, if ingress traffic 14224 allows TCP destination port 80, 14225 there should be an egress rule to 14226 allow TCP source port 80. Defaults 14227 to false, which means the rule is 14228 stateful and a corresponding rule 14229 is not necessary for bidirectional 14230 traffic. 14231 type: boolean 14232 protocol: 14233 description: The transport protocol. 14234 Specify either `all` or an IPv4 14235 protocol number as defined in Protocol 14236 Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 14237 Options are supported only for ICMP 14238 ("1"), TCP ("6"), UDP ("17"), and 14239 ICMPv6 ("58"). 14240 type: string 14241 source: 14242 description: 'Conceptually, this is 14243 the range of IP addresses that a 14244 packet coming into the instance 14245 can come from. Allowed values: * 14246 IP address range in CIDR notation. 14247 For example: `192.168.1.0/24` or 14248 `2001:0db8:0123:45::/56`. IPv6 addressing 14249 is supported for all commercial 14250 and government regions. See IPv6 14251 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm). 14252 * The `cidrBlock` value for a Service, 14253 if you''re setting up a security 14254 list rule for traffic coming from 14255 a particular `Service` through a 14256 service gateway. For example: `oci-phx-objectstorage`.' 14257 type: string 14258 sourceType: 14259 description: 'Type of source for the 14260 rule. The default is `CIDR_BLOCK`. 14261 * `CIDR_BLOCK`: If the rule''s `source` 14262 is an IP address range in CIDR notation. 14263 * `SERVICE_CIDR_BLOCK`: If the rule''s 14264 `source` is the `cidrBlock` value 14265 for a Service (the rule is for traffic 14266 coming from a particular `Service` 14267 through a service gateway).' 14268 type: string 14269 tcpOptions: 14270 description: TcpOptions Optional and 14271 valid only for TCP. Use to specify 14272 particular destination ports for 14273 TCP rules. If you specify TCP as 14274 the protocol but omit this object, 14275 then all destination ports are allowed. 14276 properties: 14277 destinationPortRange: 14278 description: PortRange The representation 14279 of PortRange. 14280 properties: 14281 max: 14282 description: The maximum port 14283 number, which must not be 14284 less than the minimum port 14285 number. To specify a single 14286 port number, set both the 14287 min and max to the same 14288 value. 14289 type: integer 14290 min: 14291 description: The minimum port 14292 number, which must not be 14293 greater than the maximum 14294 port number. 14295 type: integer 14296 type: object 14297 sourcePortRange: 14298 description: PortRange The representation 14299 of PortRange. 14300 properties: 14301 max: 14302 description: The maximum port 14303 number, which must not be 14304 less than the minimum port 14305 number. To specify a single 14306 port number, set both the 14307 min and max to the same 14308 value. 14309 type: integer 14310 min: 14311 description: The minimum port 14312 number, which must not be 14313 greater than the maximum 14314 port number. 14315 type: integer 14316 type: object 14317 type: object 14318 udpOptions: 14319 description: UdpOptions Optional and 14320 valid only for UDP. Use to specify 14321 particular destination ports for 14322 UDP rules. If you specify UDP as 14323 the protocol but omit this object, 14324 then all destination ports are allowed. 14325 properties: 14326 destinationPortRange: 14327 description: PortRange The representation 14328 of PortRange. 14329 properties: 14330 max: 14331 description: The maximum port 14332 number, which must not be 14333 less than the minimum port 14334 number. To specify a single 14335 port number, set both the 14336 min and max to the same 14337 value. 14338 type: integer 14339 min: 14340 description: The minimum port 14341 number, which must not be 14342 greater than the maximum 14343 port number. 14344 type: integer 14345 type: object 14346 sourcePortRange: 14347 description: PortRange The representation 14348 of PortRange. 14349 properties: 14350 max: 14351 description: The maximum port 14352 number, which must not be 14353 less than the minimum port 14354 number. To specify a single 14355 port number, set both the 14356 min and max to the same 14357 value. 14358 type: integer 14359 min: 14360 description: The minimum port 14361 number, which must not be 14362 greater than the maximum 14363 port number. 14364 type: integer 14365 type: object 14366 type: object 14367 type: object 14368 type: array 14369 name: 14370 description: SecurityList Name. 14371 type: string 14372 type: object 14373 type: 14374 description: Type defines the subnet type (e.g. 14375 public, private). 14376 type: string 14377 required: 14378 - name 14379 - role 14380 type: object 14381 type: array 14382 x-kubernetes-list-map-keys: 14383 - name 14384 x-kubernetes-list-type: map 14385 type: object 14386 vcnPeering: 14387 description: VCNPeering configuration. 14388 properties: 14389 drg: 14390 description: DRG configuration refers to the DRG which 14391 has to be created if required. If management cluster 14392 and workload cluster shares the same DRG, this fields 14393 is not required to be specified. 14394 properties: 14395 id: 14396 description: ID is the OCID for the created DRG. 14397 type: string 14398 manage: 14399 description: Manage defines whether the DRG has 14400 to be managed(including create). If set to false(the 14401 default) the ID has to be specified by the user 14402 to a valid DRG ID to which the VCN has to be 14403 attached. 14404 type: boolean 14405 name: 14406 description: Name is the name of the created DRG. 14407 type: string 14408 vcnAttachmentId: 14409 description: VcnAttachmentId is the ID of the 14410 VCN attachment of the DRG. The workload cluster 14411 VCN can be attached to either the management 14412 cluster VCN if they are sharing the same DRG 14413 or to the workload cluster DRG. 14414 type: string 14415 type: object 14416 peerRouteRules: 14417 description: PeerRouteRules defines the routing rules 14418 which will be added to the private route tables 14419 of the workload cluster VCN. The routes defined 14420 here will be directed to DRG. 14421 items: 14422 description: PeerRouteRule defines a Route Rule 14423 to be routed via a DRG. 14424 properties: 14425 vcnCIDRRange: 14426 description: VCNCIDRRange is the CIDR Range 14427 of peer VCN to which the workload cluster 14428 VCN will be peered. The CIDR range is required 14429 to add the route rule in the workload cluster 14430 VCN, the route rule will forward any traffic 14431 to the CIDR to the DRG. 14432 type: string 14433 type: object 14434 type: array 14435 remotePeeringConnections: 14436 description: RemotePeeringConnections defines the 14437 RPC connections which be established with the workload 14438 cluster DRG. 14439 items: 14440 description: RemotePeeringConnection is used to 14441 peer VCNs residing in different regions(typically). 14442 Remote VCN Peering is explained here - https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm 14443 properties: 14444 managePeerRPC: 14445 description: ManagePeerRPC will define if the 14446 Peer VCN needs to be managed. If set to true 14447 a Remote Peering Connection will be created 14448 in the Peer DRG and the connection will be 14449 created between local and peer RPC. 14450 type: boolean 14451 peerDRGId: 14452 description: PeerDRGId defines the DRG ID of 14453 the peer. 14454 type: string 14455 peerRPCConnectionId: 14456 description: PeerRPCConnectionId defines the 14457 RPC ID of peer. If ManagePeerRPC is set to 14458 true this will be created by Cluster API Provider 14459 for OCI, otherwise this has be defined by 14460 the user. 14461 type: string 14462 peerRegionName: 14463 description: PeerRegionName defined the region 14464 name of Peer VCN. 14465 type: string 14466 rpcConnectionId: 14467 description: RPCConnectionId is the connection 14468 ID of the connection between peer and local 14469 RPC. 14470 type: string 14471 type: object 14472 type: array 14473 type: object 14474 type: object 14475 ociResourceIdentifier: 14476 description: The unique ID which will be used to tag all the 14477 resources created by this Cluster. The tag will be used 14478 to identify resources belonging to this cluster. this will 14479 be auto-generated and should not be set by the user. 14480 type: string 14481 region: 14482 description: Region the cluster operates in. It must be one 14483 of available regions in Region Identifier format. See https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm 14484 type: string 14485 type: object 14486 required: 14487 - spec 14488 type: object 14489 required: 14490 - template 14491 type: object 14492 type: object 14493 served: true 14494 storage: true 14495 --- 14496 apiVersion: apiextensions.k8s.io/v1 14497 kind: CustomResourceDefinition 14498 metadata: 14499 annotations: 14500 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 14501 controller-gen.kubebuilder.io/version: v0.10.0 14502 labels: 14503 cluster.x-k8s.io/provider: infrastructure-oci 14504 cluster.x-k8s.io/v1beta1: v1beta1 14505 name: ocimanagedcontrolplanes.infrastructure.cluster.x-k8s.io 14506 spec: 14507 conversion: 14508 strategy: Webhook 14509 webhook: 14510 clientConfig: 14511 service: 14512 name: capoci-webhook-service 14513 namespace: cluster-api-provider-oci-system 14514 path: /convert 14515 conversionReviewVersions: 14516 - v1 14517 - v1beta1 14518 group: infrastructure.cluster.x-k8s.io 14519 names: 14520 kind: OCIManagedControlPlane 14521 listKind: OCIManagedControlPlaneList 14522 plural: ocimanagedcontrolplanes 14523 singular: ocimanagedcontrolplane 14524 scope: Namespaced 14525 versions: 14526 - name: v1beta1 14527 schema: 14528 openAPIV3Schema: 14529 description: OCIManagedControlPlane is the Schema for the ocimanagedcontrolplane 14530 API. 14531 properties: 14532 apiVersion: 14533 description: 'APIVersion defines the versioned schema of this representation 14534 of an object. Servers should convert recognized schemas to the latest 14535 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14536 type: string 14537 kind: 14538 description: 'Kind is a string value representing the REST resource this 14539 object represents. Servers may infer this from the endpoint the client 14540 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14541 type: string 14542 metadata: 14543 type: object 14544 spec: 14545 description: OCIManagedControlPlaneSpec defines the desired state of OCIManagedControlPlane. 14546 The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14547 properties: 14548 clusterOptions: 14549 description: ClusterOptions defines Optional attributes for the cluster. 14550 properties: 14551 addOnOptions: 14552 description: AddOnOptions defines the properties that define options 14553 for supported add-ons. 14554 properties: 14555 isKubernetesDashboardEnabled: 14556 description: IsKubernetesDashboardEnabled defines whether 14557 or not to enable the Kubernetes Dashboard add-on. 14558 type: boolean 14559 isTillerEnabled: 14560 description: IsKubernetesDashboardEnabled defines whether 14561 or not to enable the Tiller add-on. 14562 type: boolean 14563 type: object 14564 admissionControllerOptions: 14565 description: AdmissionControllerOptions defines the properties 14566 that define supported admission controllers. 14567 properties: 14568 isPodSecurityPolicyEnabled: 14569 description: IsPodSecurityPolicyEnabled defines whether or 14570 not to enable the Pod Security Policy admission controller. 14571 type: boolean 14572 type: object 14573 type: object 14574 clusterPodNetworkOptions: 14575 description: ClusterPodNetworkOptions defines the available CNIs and 14576 network options for existing and new node pools of the cluster 14577 items: 14578 description: ClusterPodNetworkOptions defines the available CNIs 14579 and network options for existing and new node pools of the cluster 14580 properties: 14581 cniType: 14582 description: The CNI to be used are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY 14583 type: string 14584 type: object 14585 type: array 14586 controlPlaneEndpoint: 14587 description: ControlPlaneEndpoint represents the endpoint used to 14588 communicate with the control plane. 14589 properties: 14590 host: 14591 description: The hostname on which the API server is serving. 14592 type: string 14593 port: 14594 description: The port on which the API server is serving. 14595 format: int32 14596 type: integer 14597 required: 14598 - host 14599 - port 14600 type: object 14601 id: 14602 description: ID of the OKEcluster. 14603 type: string 14604 imagePolicyConfig: 14605 description: ImagePolicyConfig defines the properties that define 14606 a image verification policy. 14607 properties: 14608 isPolicyEnabled: 14609 description: IsPolicyEnabled defines Whether the image verification 14610 policy is enabled. 14611 type: boolean 14612 keyDetails: 14613 description: KeyDetails defines a list of KMS key details. 14614 items: 14615 description: KeyDetails defines the properties that define the 14616 kms keys used by OKE for Image Signature verification. 14617 properties: 14618 keyDetails: 14619 description: KmsKeyId defines the OCID of the KMS key that 14620 will be used to verify whether the images are signed by 14621 an approved source. 14622 type: string 14623 type: object 14624 type: array 14625 type: object 14626 kmsKeyId: 14627 description: KmsKeyId defines the OCID of the KMS key to be used as 14628 the master encryption key for Kubernetes secret encryption. When 14629 used, 14630 type: string 14631 version: 14632 description: Version represents the version of the Kubernetes Cluster 14633 Control Plane. 14634 type: string 14635 type: object 14636 status: 14637 description: OCIManagedControlPlaneStatus defines the observed state of 14638 OCIManagedControlPlane 14639 properties: 14640 conditions: 14641 description: NetworkSpec encapsulates all things related to OCI network. 14642 items: 14643 description: Condition defines an observation of a Cluster API resource 14644 operational state. 14645 properties: 14646 lastTransitionTime: 14647 description: Last time the condition transitioned from one status 14648 to another. This should be when the underlying condition changed. 14649 If that is not known, then using the time when the API field 14650 changed is acceptable. 14651 format: date-time 14652 type: string 14653 message: 14654 description: A human readable message indicating details about 14655 the transition. This field may be empty. 14656 type: string 14657 reason: 14658 description: The reason for the condition's last transition 14659 in CamelCase. The specific API may choose whether or not this 14660 field is considered a guaranteed API. This field may not be 14661 empty. 14662 type: string 14663 severity: 14664 description: Severity provides an explicit classification of 14665 Reason code, so the users or machines can immediately understand 14666 the current situation and act accordingly. The Severity field 14667 MUST be set only when Status=False. 14668 type: string 14669 status: 14670 description: Status of the condition, one of True, False, Unknown. 14671 type: string 14672 type: 14673 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 14674 Many .condition.type values are consistent across resources 14675 like Available, but because arbitrary conditions can be useful 14676 (see .node.status.conditions), the ability to deconflict is 14677 important. 14678 type: string 14679 required: 14680 - lastTransitionTime 14681 - status 14682 - type 14683 type: object 14684 type: array 14685 initialized: 14686 description: Initialized denotes whether or not the control plane 14687 has the uploaded kubernetes config-map. 14688 type: boolean 14689 ready: 14690 type: boolean 14691 version: 14692 description: Version represents the current Kubernetes version for 14693 the control plane. 14694 type: string 14695 type: object 14696 type: object 14697 served: true 14698 storage: false 14699 subresources: 14700 status: {} 14701 - name: v1beta2 14702 schema: 14703 openAPIV3Schema: 14704 description: OCIManagedControlPlane is the Schema for the ocimanagedcontrolplane 14705 API. 14706 properties: 14707 apiVersion: 14708 description: 'APIVersion defines the versioned schema of this representation 14709 of an object. Servers should convert recognized schemas to the latest 14710 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14711 type: string 14712 kind: 14713 description: 'Kind is a string value representing the REST resource this 14714 object represents. Servers may infer this from the endpoint the client 14715 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14716 type: string 14717 metadata: 14718 type: object 14719 spec: 14720 description: OCIManagedControlPlaneSpec defines the desired state of OCIManagedControlPlane. 14721 The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14722 properties: 14723 addons: 14724 description: The list of addons to be applied to the OKE cluster. 14725 items: 14726 description: Addon defines the properties of an addon. 14727 properties: 14728 configurations: 14729 description: Configurations defines a list of configurations 14730 of the addon. 14731 items: 14732 description: AddonConfiguration defines a configuration of 14733 an addon. 14734 properties: 14735 key: 14736 description: The key of the configuration. 14737 type: string 14738 value: 14739 description: The value of the configuration. 14740 type: string 14741 type: object 14742 type: array 14743 name: 14744 description: Name represents the name of the addon. 14745 type: string 14746 version: 14747 description: Version represents the version of the addon. 14748 type: string 14749 required: 14750 - name 14751 type: object 14752 type: array 14753 x-kubernetes-list-map-keys: 14754 - name 14755 x-kubernetes-list-type: map 14756 clusterOptions: 14757 description: ClusterOptions defines Optional attributes for the cluster. 14758 properties: 14759 addOnOptions: 14760 description: AddOnOptions defines the properties that define options 14761 for supported add-ons. 14762 properties: 14763 isKubernetesDashboardEnabled: 14764 description: IsKubernetesDashboardEnabled defines whether 14765 or not to enable the Kubernetes Dashboard add-on. 14766 type: boolean 14767 isTillerEnabled: 14768 description: IsKubernetesDashboardEnabled defines whether 14769 or not to enable the Tiller add-on. 14770 type: boolean 14771 type: object 14772 admissionControllerOptions: 14773 description: AdmissionControllerOptions defines the properties 14774 that define supported admission controllers. 14775 properties: 14776 isPodSecurityPolicyEnabled: 14777 description: IsPodSecurityPolicyEnabled defines whether or 14778 not to enable the Pod Security Policy admission controller. 14779 type: boolean 14780 type: object 14781 type: object 14782 clusterPodNetworkOptions: 14783 description: ClusterPodNetworkOptions defines the available CNIs and 14784 network options for existing and new node pools of the cluster 14785 items: 14786 description: ClusterPodNetworkOptions defines the available CNIs 14787 and network options for existing and new node pools of the cluster 14788 properties: 14789 cniType: 14790 description: The CNI to be used are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY 14791 type: string 14792 type: object 14793 type: array 14794 clusterType: 14795 description: ClusterTypeEnum defines the type of cluster. Supported 14796 types are * `BASIC_CLUSTER` * `ENHANCED_CLUSTER` 14797 type: string 14798 controlPlaneEndpoint: 14799 description: ControlPlaneEndpoint represents the endpoint used to 14800 communicate with the control plane. 14801 properties: 14802 host: 14803 description: The hostname on which the API server is serving. 14804 type: string 14805 port: 14806 description: The port on which the API server is serving. 14807 format: int32 14808 type: integer 14809 required: 14810 - host 14811 - port 14812 type: object 14813 id: 14814 description: ID of the OKEcluster. 14815 type: string 14816 imagePolicyConfig: 14817 description: ImagePolicyConfig defines the properties that define 14818 a image verification policy. 14819 properties: 14820 isPolicyEnabled: 14821 description: IsPolicyEnabled defines Whether the image verification 14822 policy is enabled. 14823 type: boolean 14824 keyDetails: 14825 description: KeyDetails defines a list of KMS key details. 14826 items: 14827 description: KeyDetails defines the properties that define the 14828 kms keys used by OKE for Image Signature verification. 14829 properties: 14830 keyDetails: 14831 description: KmsKeyId defines the OCID of the KMS key that 14832 will be used to verify whether the images are signed by 14833 an approved source. 14834 type: string 14835 type: object 14836 type: array 14837 type: object 14838 kmsKeyId: 14839 description: KmsKeyId defines the OCID of the KMS key to be used as 14840 the master encryption key for Kubernetes secret encryption. When 14841 used, 14842 type: string 14843 version: 14844 description: Version represents the version of the Kubernetes Cluster 14845 Control Plane. 14846 type: string 14847 type: object 14848 status: 14849 description: OCIManagedControlPlaneStatus defines the observed state of 14850 OCIManagedControlPlane 14851 properties: 14852 addonStatus: 14853 additionalProperties: 14854 description: AddonStatus defines the status of an Addon. 14855 properties: 14856 addonError: 14857 description: AddonError defines the error encountered by the 14858 Addon. 14859 properties: 14860 code: 14861 description: Code defines a short error code that defines 14862 the upstream error, meant for programmatic parsing. 14863 type: string 14864 message: 14865 description: Message defines a human-readable error string 14866 of the upstream error. 14867 type: string 14868 status: 14869 description: Status defines the status of the HTTP response 14870 encountered in the upstream error. 14871 type: string 14872 type: object 14873 currentlyInstalledVersion: 14874 description: Version represents the version of the addon. 14875 type: string 14876 lifecycleState: 14877 description: LifecycleState defines the lifecycle state of the 14878 addon. 14879 type: string 14880 type: object 14881 description: AddonStatus represents the status of the addon. 14882 type: object 14883 conditions: 14884 description: NetworkSpec encapsulates all things related to OCI network. 14885 items: 14886 description: Condition defines an observation of a Cluster API resource 14887 operational state. 14888 properties: 14889 lastTransitionTime: 14890 description: Last time the condition transitioned from one status 14891 to another. This should be when the underlying condition changed. 14892 If that is not known, then using the time when the API field 14893 changed is acceptable. 14894 format: date-time 14895 type: string 14896 message: 14897 description: A human readable message indicating details about 14898 the transition. This field may be empty. 14899 type: string 14900 reason: 14901 description: The reason for the condition's last transition 14902 in CamelCase. The specific API may choose whether or not this 14903 field is considered a guaranteed API. This field may not be 14904 empty. 14905 type: string 14906 severity: 14907 description: Severity provides an explicit classification of 14908 Reason code, so the users or machines can immediately understand 14909 the current situation and act accordingly. The Severity field 14910 MUST be set only when Status=False. 14911 type: string 14912 status: 14913 description: Status of the condition, one of True, False, Unknown. 14914 type: string 14915 type: 14916 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 14917 Many .condition.type values are consistent across resources 14918 like Available, but because arbitrary conditions can be useful 14919 (see .node.status.conditions), the ability to deconflict is 14920 important. 14921 type: string 14922 required: 14923 - lastTransitionTime 14924 - status 14925 - type 14926 type: object 14927 type: array 14928 initialized: 14929 description: Initialized denotes whether or not the control plane 14930 has the uploaded kubernetes config-map. 14931 type: boolean 14932 ready: 14933 type: boolean 14934 version: 14935 description: Version represents the current Kubernetes version for 14936 the control plane. 14937 type: string 14938 type: object 14939 type: object 14940 served: true 14941 storage: true 14942 subresources: 14943 status: {} 14944 --- 14945 apiVersion: apiextensions.k8s.io/v1 14946 kind: CustomResourceDefinition 14947 metadata: 14948 annotations: 14949 controller-gen.kubebuilder.io/version: v0.10.0 14950 creationTimestamp: null 14951 labels: 14952 cluster.x-k8s.io/provider: infrastructure-oci 14953 cluster.x-k8s.io/v1beta1: v1beta1 14954 name: ocimanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io 14955 spec: 14956 group: infrastructure.cluster.x-k8s.io 14957 names: 14958 categories: 14959 - cluster-api 14960 kind: OCIManagedControlPlaneTemplate 14961 listKind: OCIManagedControlPlaneTemplateList 14962 plural: ocimanagedcontrolplanetemplates 14963 singular: ocimanagedcontrolplanetemplate 14964 scope: Namespaced 14965 versions: 14966 - name: v1beta1 14967 schema: 14968 openAPIV3Schema: 14969 description: OCIManagedControlPlaneTemplate is the Schema for the OCIManagedControlPlaneTemplates 14970 API. 14971 properties: 14972 apiVersion: 14973 description: 'APIVersion defines the versioned schema of this representation 14974 of an object. Servers should convert recognized schemas to the latest 14975 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 14976 type: string 14977 kind: 14978 description: 'Kind is a string value representing the REST resource this 14979 object represents. Servers may infer this from the endpoint the client 14980 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 14981 type: string 14982 metadata: 14983 type: object 14984 spec: 14985 description: OCIManagedControlPlaneTemplateSpec defines the desired state 14986 of OCIManagedControlPlaneTemplate. 14987 properties: 14988 template: 14989 description: OCIManagedControlPlaneSpec describes the data needed 14990 to create an OCIManagedControlPlane from a template. 14991 properties: 14992 spec: 14993 description: OCIManagedControlPlaneSpec defines the desired state 14994 of OCIManagedControlPlane. The properties are generated from 14995 https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 14996 properties: 14997 clusterOptions: 14998 description: ClusterOptions defines Optional attributes for 14999 the cluster. 15000 properties: 15001 addOnOptions: 15002 description: AddOnOptions defines the properties that 15003 define options for supported add-ons. 15004 properties: 15005 isKubernetesDashboardEnabled: 15006 description: IsKubernetesDashboardEnabled defines 15007 whether or not to enable the Kubernetes Dashboard 15008 add-on. 15009 type: boolean 15010 isTillerEnabled: 15011 description: IsKubernetesDashboardEnabled defines 15012 whether or not to enable the Tiller add-on. 15013 type: boolean 15014 type: object 15015 admissionControllerOptions: 15016 description: AdmissionControllerOptions defines the properties 15017 that define supported admission controllers. 15018 properties: 15019 isPodSecurityPolicyEnabled: 15020 description: IsPodSecurityPolicyEnabled defines whether 15021 or not to enable the Pod Security Policy admission 15022 controller. 15023 type: boolean 15024 type: object 15025 type: object 15026 clusterPodNetworkOptions: 15027 description: ClusterPodNetworkOptions defines the available 15028 CNIs and network options for existing and new node pools 15029 of the cluster 15030 items: 15031 description: ClusterPodNetworkOptions defines the available 15032 CNIs and network options for existing and new node pools 15033 of the cluster 15034 properties: 15035 cniType: 15036 description: The CNI to be used are OCI_VCN_IP_NATIVE 15037 and FLANNEL_OVERLAY 15038 type: string 15039 type: object 15040 type: array 15041 controlPlaneEndpoint: 15042 description: ControlPlaneEndpoint represents the endpoint 15043 used to communicate with the control plane. 15044 properties: 15045 host: 15046 description: The hostname on which the API server is serving. 15047 type: string 15048 port: 15049 description: The port on which the API server is serving. 15050 format: int32 15051 type: integer 15052 required: 15053 - host 15054 - port 15055 type: object 15056 id: 15057 description: ID of the OKEcluster. 15058 type: string 15059 imagePolicyConfig: 15060 description: ImagePolicyConfig defines the properties that 15061 define a image verification policy. 15062 properties: 15063 isPolicyEnabled: 15064 description: IsPolicyEnabled defines Whether the image 15065 verification policy is enabled. 15066 type: boolean 15067 keyDetails: 15068 description: KeyDetails defines a list of KMS key details. 15069 items: 15070 description: KeyDetails defines the properties that 15071 define the kms keys used by OKE for Image Signature 15072 verification. 15073 properties: 15074 keyDetails: 15075 description: KmsKeyId defines the OCID of the KMS 15076 key that will be used to verify whether the images 15077 are signed by an approved source. 15078 type: string 15079 type: object 15080 type: array 15081 type: object 15082 kmsKeyId: 15083 description: KmsKeyId defines the OCID of the KMS key to be 15084 used as the master encryption key for Kubernetes secret 15085 encryption. When used, 15086 type: string 15087 version: 15088 description: Version represents the version of the Kubernetes 15089 Cluster Control Plane. 15090 type: string 15091 type: object 15092 required: 15093 - spec 15094 type: object 15095 required: 15096 - template 15097 type: object 15098 type: object 15099 served: true 15100 storage: false 15101 - name: v1beta2 15102 schema: 15103 openAPIV3Schema: 15104 description: OCIManagedControlPlaneTemplate is the Schema for the OCIManagedControlPlaneTemplates 15105 API. 15106 properties: 15107 apiVersion: 15108 description: 'APIVersion defines the versioned schema of this representation 15109 of an object. Servers should convert recognized schemas to the latest 15110 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15111 type: string 15112 kind: 15113 description: 'Kind is a string value representing the REST resource this 15114 object represents. Servers may infer this from the endpoint the client 15115 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15116 type: string 15117 metadata: 15118 type: object 15119 spec: 15120 description: OCIManagedControlPlaneTemplateSpec defines the desired state 15121 of OCIManagedControlPlaneTemplate. 15122 properties: 15123 template: 15124 description: OCIManagedControlPlaneSpec describes the data needed 15125 to create an OCIManagedControlPlane from a template. 15126 properties: 15127 spec: 15128 description: OCIManagedControlPlaneSpec defines the desired state 15129 of OCIManagedControlPlane. The properties are generated from 15130 https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateClusterDetails 15131 properties: 15132 addons: 15133 description: The list of addons to be applied to the OKE cluster. 15134 items: 15135 description: Addon defines the properties of an addon. 15136 properties: 15137 configurations: 15138 description: Configurations defines a list of configurations 15139 of the addon. 15140 items: 15141 description: AddonConfiguration defines a configuration 15142 of an addon. 15143 properties: 15144 key: 15145 description: The key of the configuration. 15146 type: string 15147 value: 15148 description: The value of the configuration. 15149 type: string 15150 type: object 15151 type: array 15152 name: 15153 description: Name represents the name of the addon. 15154 type: string 15155 version: 15156 description: Version represents the version of the addon. 15157 type: string 15158 required: 15159 - name 15160 type: object 15161 type: array 15162 x-kubernetes-list-map-keys: 15163 - name 15164 x-kubernetes-list-type: map 15165 clusterOptions: 15166 description: ClusterOptions defines Optional attributes for 15167 the cluster. 15168 properties: 15169 addOnOptions: 15170 description: AddOnOptions defines the properties that 15171 define options for supported add-ons. 15172 properties: 15173 isKubernetesDashboardEnabled: 15174 description: IsKubernetesDashboardEnabled defines 15175 whether or not to enable the Kubernetes Dashboard 15176 add-on. 15177 type: boolean 15178 isTillerEnabled: 15179 description: IsKubernetesDashboardEnabled defines 15180 whether or not to enable the Tiller add-on. 15181 type: boolean 15182 type: object 15183 admissionControllerOptions: 15184 description: AdmissionControllerOptions defines the properties 15185 that define supported admission controllers. 15186 properties: 15187 isPodSecurityPolicyEnabled: 15188 description: IsPodSecurityPolicyEnabled defines whether 15189 or not to enable the Pod Security Policy admission 15190 controller. 15191 type: boolean 15192 type: object 15193 type: object 15194 clusterPodNetworkOptions: 15195 description: ClusterPodNetworkOptions defines the available 15196 CNIs and network options for existing and new node pools 15197 of the cluster 15198 items: 15199 description: ClusterPodNetworkOptions defines the available 15200 CNIs and network options for existing and new node pools 15201 of the cluster 15202 properties: 15203 cniType: 15204 description: The CNI to be used are OCI_VCN_IP_NATIVE 15205 and FLANNEL_OVERLAY 15206 type: string 15207 type: object 15208 type: array 15209 clusterType: 15210 description: ClusterTypeEnum defines the type of cluster. 15211 Supported types are * `BASIC_CLUSTER` * `ENHANCED_CLUSTER` 15212 type: string 15213 controlPlaneEndpoint: 15214 description: ControlPlaneEndpoint represents the endpoint 15215 used to communicate with the control plane. 15216 properties: 15217 host: 15218 description: The hostname on which the API server is serving. 15219 type: string 15220 port: 15221 description: The port on which the API server is serving. 15222 format: int32 15223 type: integer 15224 required: 15225 - host 15226 - port 15227 type: object 15228 id: 15229 description: ID of the OKEcluster. 15230 type: string 15231 imagePolicyConfig: 15232 description: ImagePolicyConfig defines the properties that 15233 define a image verification policy. 15234 properties: 15235 isPolicyEnabled: 15236 description: IsPolicyEnabled defines Whether the image 15237 verification policy is enabled. 15238 type: boolean 15239 keyDetails: 15240 description: KeyDetails defines a list of KMS key details. 15241 items: 15242 description: KeyDetails defines the properties that 15243 define the kms keys used by OKE for Image Signature 15244 verification. 15245 properties: 15246 keyDetails: 15247 description: KmsKeyId defines the OCID of the KMS 15248 key that will be used to verify whether the images 15249 are signed by an approved source. 15250 type: string 15251 type: object 15252 type: array 15253 type: object 15254 kmsKeyId: 15255 description: KmsKeyId defines the OCID of the KMS key to be 15256 used as the master encryption key for Kubernetes secret 15257 encryption. When used, 15258 type: string 15259 version: 15260 description: Version represents the version of the Kubernetes 15261 Cluster Control Plane. 15262 type: string 15263 type: object 15264 required: 15265 - spec 15266 type: object 15267 required: 15268 - template 15269 type: object 15270 type: object 15271 served: true 15272 storage: true 15273 --- 15274 apiVersion: apiextensions.k8s.io/v1 15275 kind: CustomResourceDefinition 15276 metadata: 15277 annotations: 15278 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 15279 controller-gen.kubebuilder.io/version: v0.10.0 15280 labels: 15281 cluster.x-k8s.io/provider: infrastructure-oci 15282 cluster.x-k8s.io/v1beta1: v1beta1 15283 name: ocimanagedmachinepools.infrastructure.cluster.x-k8s.io 15284 spec: 15285 conversion: 15286 strategy: Webhook 15287 webhook: 15288 clientConfig: 15289 service: 15290 name: capoci-webhook-service 15291 namespace: cluster-api-provider-oci-system 15292 path: /convert 15293 conversionReviewVersions: 15294 - v1 15295 - v1beta1 15296 group: infrastructure.cluster.x-k8s.io 15297 names: 15298 kind: OCIManagedMachinePool 15299 listKind: OCIManagedMachinePoolList 15300 plural: ocimanagedmachinepools 15301 singular: ocimanagedmachinepool 15302 scope: Namespaced 15303 versions: 15304 - name: v1beta1 15305 schema: 15306 openAPIV3Schema: 15307 description: OCIManagedMachinePool is the Schema for the ocimanagedmachinepool 15308 API. 15309 properties: 15310 apiVersion: 15311 description: 'APIVersion defines the versioned schema of this representation 15312 of an object. Servers should convert recognized schemas to the latest 15313 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15314 type: string 15315 kind: 15316 description: 'Kind is a string value representing the REST resource this 15317 object represents. Servers may infer this from the endpoint the client 15318 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15319 type: string 15320 metadata: 15321 type: object 15322 spec: 15323 description: OCIManagedMachinePoolSpec defines the desired state of an 15324 OCI managed machine pool. An OCIManagedMachinePool translates to an 15325 OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15326 properties: 15327 id: 15328 description: ID is the OCID of the associated NodePool 15329 type: string 15330 initialNodeLabels: 15331 description: InitialNodeLabels defines a list of key/value pairs to 15332 add to nodes after they join the Kubernetes cluster. 15333 items: 15334 description: KeyValue The properties that define a key value pair. 15335 properties: 15336 key: 15337 description: The key of the pair. 15338 type: string 15339 value: 15340 description: The value of the pair. 15341 type: string 15342 type: object 15343 type: array 15344 nodeEvictionNodePoolSettings: 15345 description: NodeEvictionNodePoolSettings defines the eviction settings. 15346 properties: 15347 evictionGraceDuration: 15348 description: 'EvictionGraceDuration defines the duration after 15349 which OKE will give up eviction of the pods on the node. PT0M 15350 will indicate you want to delete the node without cordon and 15351 drain. Default PT60M, Min PT0M, Max: PT60M. Format ISO 8601 15352 e.g PT30M' 15353 type: string 15354 isForceDeleteAfterGraceDuration: 15355 description: IsForceDeleteAfterGraceDuration defines if the underlying 15356 compute instance should be deleted if you cannot evict all the 15357 pods in grace period 15358 type: boolean 15359 type: object 15360 nodeMetadata: 15361 additionalProperties: 15362 type: string 15363 description: NodeMetadata defines a list of key/value pairs to add 15364 to each underlying OCI instance in the node pool on launch. 15365 type: object 15366 nodePoolNodeConfig: 15367 description: NodePoolNodeConfig defines the configuration of nodes 15368 in the node pool. 15369 properties: 15370 isPvEncryptionInTransitEnabled: 15371 description: IsPvEncryptionInTransitEnabled defines whether in 15372 transit encryption should be enabled on the nodes. 15373 type: boolean 15374 kmsKeyId: 15375 description: KmsKeyId defines whether in transit encryption should 15376 be enabled on the nodes. 15377 type: string 15378 nodePoolPodNetworkOptionDetails: 15379 description: NodePoolPodNetworkOptionDetails defines the pod networking 15380 details of the node pool 15381 properties: 15382 cniType: 15383 description: CniType describes the CNI plugin used by this 15384 node pool. Allowed values are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY. 15385 type: string 15386 vcnIpNativePodNetworkOptions: 15387 description: VcnIpNativePodNetworkOptions describes the network 15388 options specific to using the OCI VCN Native CNI 15389 properties: 15390 maxPodsPerNode: 15391 description: MemoryInGBs defines the max number of pods 15392 per node in the node pool. This value will be limited 15393 by the number of VNICs attachable to the node pool shape 15394 type: integer 15395 nsgNames: 15396 description: NSGNames defines the NSGs associated with 15397 the native pod network. 15398 items: 15399 type: string 15400 type: array 15401 subnetNames: 15402 description: SubnetNames defines the Subnets associated 15403 with the native pod network. 15404 items: 15405 type: string 15406 type: array 15407 type: object 15408 type: object 15409 nsgNames: 15410 description: NsgNames defines the names of NSGs which will be 15411 associated with the nodes. the NSGs are defined in OCIManagedCluster 15412 object. 15413 items: 15414 type: string 15415 type: array 15416 placementConfigs: 15417 description: PlacementConfigs defines the placement configurations 15418 for the node pool. 15419 items: 15420 description: PlacementConfig defines the placement configurations 15421 for the node pool. 15422 properties: 15423 availabilityDomain: 15424 description: AvailabilityDomain defines the availability 15425 domain in which to place nodes. 15426 type: string 15427 capacityReservationId: 15428 description: CapacityReservationId defines the OCID of the 15429 compute capacity reservation in which to place the compute 15430 instance. 15431 type: string 15432 faultDomains: 15433 description: FaultDomains defines the list of fault domains 15434 in which to place nodes. 15435 items: 15436 type: string 15437 type: array 15438 subnetName: 15439 description: SubnetName defines the name of the subnet which 15440 need ot be associated with the Nodepool. The subnets are 15441 defined in the OCiManagedCluster object. 15442 type: string 15443 type: object 15444 type: array 15445 type: object 15446 nodeShape: 15447 description: NodeShape defines the name of the node shape of the nodes 15448 in the node pool. 15449 type: string 15450 nodeShapeConfig: 15451 description: NodeShapeConfig defines the configuration of the shape 15452 to launch nodes in the node pool. 15453 properties: 15454 memoryInGBs: 15455 description: MemoryInGBs defines the total amount of memory available 15456 to each node, in gigabytes. 15457 type: string 15458 ocpus: 15459 description: Ocpus defines the total number of OCPUs available 15460 to each node in the node pool. 15461 type: string 15462 type: object 15463 nodeSourceViaImage: 15464 description: NodeSourceViaImage defines the image configuration of 15465 the nodes in the nodepool. 15466 properties: 15467 bootVolumeSizeInGBs: 15468 description: BootVolumeSizeInGBs defines the size of the boot 15469 volume in GBs. 15470 format: int64 15471 type: integer 15472 imageId: 15473 description: ImageId defines the OCID of the image used to boot 15474 the node. 15475 type: string 15476 type: object 15477 providerID: 15478 description: ProviderID is the OCID of the associated NodePool in 15479 a provider format 15480 type: string 15481 providerIDList: 15482 description: ProviderIDList are the identification IDs of machine 15483 instances provided by the provider. This field must match the provider 15484 IDs as seen on the node objects corresponding to a machine pool's 15485 machine instances. 15486 items: 15487 type: string 15488 type: array 15489 sshPublicKey: 15490 description: SshPublicKey defines the SSH public key on each node 15491 in the node pool on launch. 15492 type: string 15493 version: 15494 description: Version represents the version of the OKE node pool. 15495 type: string 15496 type: object 15497 status: 15498 description: OCIManagedMachinePoolStatus defines the observed state of 15499 OCIManagedMachinePool 15500 properties: 15501 conditions: 15502 description: NetworkSpec encapsulates all things related to OCI network. 15503 items: 15504 description: Condition defines an observation of a Cluster API resource 15505 operational state. 15506 properties: 15507 lastTransitionTime: 15508 description: Last time the condition transitioned from one status 15509 to another. This should be when the underlying condition changed. 15510 If that is not known, then using the time when the API field 15511 changed is acceptable. 15512 format: date-time 15513 type: string 15514 message: 15515 description: A human readable message indicating details about 15516 the transition. This field may be empty. 15517 type: string 15518 reason: 15519 description: The reason for the condition's last transition 15520 in CamelCase. The specific API may choose whether or not this 15521 field is considered a guaranteed API. This field may not be 15522 empty. 15523 type: string 15524 severity: 15525 description: Severity provides an explicit classification of 15526 Reason code, so the users or machines can immediately understand 15527 the current situation and act accordingly. The Severity field 15528 MUST be set only when Status=False. 15529 type: string 15530 status: 15531 description: Status of the condition, one of True, False, Unknown. 15532 type: string 15533 type: 15534 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 15535 Many .condition.type values are consistent across resources 15536 like Available, but because arbitrary conditions can be useful 15537 (see .node.status.conditions), the ability to deconflict is 15538 important. 15539 type: string 15540 required: 15541 - lastTransitionTime 15542 - status 15543 - type 15544 type: object 15545 type: array 15546 failureMessages: 15547 items: 15548 type: string 15549 type: array 15550 failureReason: 15551 description: MachineStatusError defines errors states for Machine 15552 objects. 15553 type: string 15554 infrastructureMachineKind: 15555 description: InfrastructureMachineKind is the kind of the infrastructure 15556 resources behind MachinePool Machines. 15557 type: string 15558 ready: 15559 type: boolean 15560 replicas: 15561 description: Replicas is the most recently observed number of replicas 15562 format: int32 15563 type: integer 15564 type: object 15565 type: object 15566 served: true 15567 storage: false 15568 subresources: 15569 status: {} 15570 - name: v1beta2 15571 schema: 15572 openAPIV3Schema: 15573 description: OCIManagedMachinePool is the Schema for the ocimanagedmachinepool 15574 API. 15575 properties: 15576 apiVersion: 15577 description: 'APIVersion defines the versioned schema of this representation 15578 of an object. Servers should convert recognized schemas to the latest 15579 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15580 type: string 15581 kind: 15582 description: 'Kind is a string value representing the REST resource this 15583 object represents. Servers may infer this from the endpoint the client 15584 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15585 type: string 15586 metadata: 15587 type: object 15588 spec: 15589 description: OCIManagedMachinePoolSpec defines the desired state of an 15590 OCI managed machine pool. An OCIManagedMachinePool translates to an 15591 OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15592 properties: 15593 id: 15594 description: ID is the OCID of the associated NodePool 15595 type: string 15596 initialNodeLabels: 15597 description: InitialNodeLabels defines a list of key/value pairs to 15598 add to nodes after they join the Kubernetes cluster. 15599 items: 15600 description: KeyValue The properties that define a key value pair. 15601 properties: 15602 key: 15603 description: The key of the pair. 15604 type: string 15605 value: 15606 description: The value of the pair. 15607 type: string 15608 type: object 15609 type: array 15610 nodeEvictionNodePoolSettings: 15611 description: NodeEvictionNodePoolSettings defines the eviction settings. 15612 properties: 15613 evictionGraceDuration: 15614 description: 'EvictionGraceDuration defines the duration after 15615 which OKE will give up eviction of the pods on the node. PT0M 15616 will indicate you want to delete the node without cordon and 15617 drain. Default PT60M, Min PT0M, Max: PT60M. Format ISO 8601 15618 e.g PT30M' 15619 type: string 15620 isForceDeleteAfterGraceDuration: 15621 description: IsForceDeleteAfterGraceDuration defines if the underlying 15622 compute instance should be deleted if you cannot evict all the 15623 pods in grace period 15624 type: boolean 15625 type: object 15626 nodeMetadata: 15627 additionalProperties: 15628 type: string 15629 description: NodeMetadata defines a list of key/value pairs to add 15630 to each underlying OCI instance in the node pool on launch. 15631 type: object 15632 nodePoolCyclingDetails: 15633 description: NodePoolCyclingDetails defines the node pool recycling 15634 options. 15635 properties: 15636 isNodeCyclingEnabled: 15637 description: IsNodeCyclingEnabled refers if nodes in the nodepool 15638 will be cycled to have new changes. 15639 type: boolean 15640 maximumSurge: 15641 description: MaximumSurge refers to the maximum additional new 15642 compute instances that would be temporarily created and added 15643 to nodepool during the cycling nodepool process. OKE supports 15644 both integer and percentage input. Defaults to 1, Ranges from 15645 0 to Nodepool size or 0% to 100% 15646 type: string 15647 maximumUnavailable: 15648 description: Maximum active nodes that would be terminated from 15649 nodepool during the cycling nodepool process. OKE supports both 15650 integer and percentage input. Defaults to 0, Ranges from 0 to 15651 Nodepool size or 0% to 100% 15652 type: string 15653 type: object 15654 nodePoolNodeConfig: 15655 description: NodePoolNodeConfig defines the configuration of nodes 15656 in the node pool. 15657 properties: 15658 isPvEncryptionInTransitEnabled: 15659 description: IsPvEncryptionInTransitEnabled defines whether in 15660 transit encryption should be enabled on the nodes. 15661 type: boolean 15662 kmsKeyId: 15663 description: KmsKeyId defines whether in transit encryption should 15664 be enabled on the nodes. 15665 type: string 15666 nodePoolPodNetworkOptionDetails: 15667 description: NodePoolPodNetworkOptionDetails defines the pod networking 15668 details of the node pool 15669 properties: 15670 cniType: 15671 description: CniType describes the CNI plugin used by this 15672 node pool. Allowed values are OCI_VCN_IP_NATIVE and FLANNEL_OVERLAY. 15673 type: string 15674 vcnIpNativePodNetworkOptions: 15675 description: VcnIpNativePodNetworkOptions describes the network 15676 options specific to using the OCI VCN Native CNI 15677 properties: 15678 maxPodsPerNode: 15679 description: MemoryInGBs defines the max number of pods 15680 per node in the node pool. This value will be limited 15681 by the number of VNICs attachable to the node pool shape 15682 type: integer 15683 nsgNames: 15684 description: NSGNames defines the NSGs associated with 15685 the native pod network. 15686 items: 15687 type: string 15688 type: array 15689 subnetNames: 15690 description: SubnetNames defines the Subnets associated 15691 with the native pod network. 15692 items: 15693 type: string 15694 type: array 15695 type: object 15696 type: object 15697 nsgNames: 15698 description: NsgNames defines the names of NSGs which will be 15699 associated with the nodes. the NSGs are defined in OCIManagedCluster 15700 object. 15701 items: 15702 type: string 15703 type: array 15704 placementConfigs: 15705 description: PlacementConfigs defines the placement configurations 15706 for the node pool. 15707 items: 15708 description: PlacementConfig defines the placement configurations 15709 for the node pool. 15710 properties: 15711 availabilityDomain: 15712 description: AvailabilityDomain defines the availability 15713 domain in which to place nodes. 15714 type: string 15715 capacityReservationId: 15716 description: CapacityReservationId defines the OCID of the 15717 compute capacity reservation in which to place the compute 15718 instance. 15719 type: string 15720 faultDomains: 15721 description: FaultDomains defines the list of fault domains 15722 in which to place nodes. 15723 items: 15724 type: string 15725 type: array 15726 subnetName: 15727 description: SubnetName defines the name of the subnet which 15728 need ot be associated with the Nodepool. The subnets are 15729 defined in the OCiManagedCluster object. 15730 type: string 15731 type: object 15732 type: array 15733 type: object 15734 nodeShape: 15735 description: NodeShape defines the name of the node shape of the nodes 15736 in the node pool. 15737 type: string 15738 nodeShapeConfig: 15739 description: NodeShapeConfig defines the configuration of the shape 15740 to launch nodes in the node pool. 15741 properties: 15742 memoryInGBs: 15743 description: MemoryInGBs defines the total amount of memory available 15744 to each node, in gigabytes. 15745 type: string 15746 ocpus: 15747 description: Ocpus defines the total number of OCPUs available 15748 to each node in the node pool. 15749 type: string 15750 type: object 15751 nodeSourceViaImage: 15752 description: NodeSourceViaImage defines the image configuration of 15753 the nodes in the nodepool. 15754 properties: 15755 bootVolumeSizeInGBs: 15756 description: BootVolumeSizeInGBs defines the size of the boot 15757 volume in GBs. 15758 format: int64 15759 type: integer 15760 imageId: 15761 description: ImageId defines the OCID of the image used to boot 15762 the node. 15763 type: string 15764 type: object 15765 providerID: 15766 description: ProviderID is the OCID of the associated NodePool in 15767 a provider format 15768 type: string 15769 providerIDList: 15770 description: ProviderIDList are the identification IDs of machine 15771 instances provided by the provider. This field must match the provider 15772 IDs as seen on the node objects corresponding to a machine pool's 15773 machine instances. 15774 items: 15775 type: string 15776 type: array 15777 sshPublicKey: 15778 description: SshPublicKey defines the SSH public key on each node 15779 in the node pool on launch. 15780 type: string 15781 version: 15782 description: Version represents the version of the OKE node pool. 15783 type: string 15784 type: object 15785 status: 15786 description: OCIManagedMachinePoolStatus defines the observed state of 15787 OCIManagedMachinePool 15788 properties: 15789 conditions: 15790 description: NetworkSpec encapsulates all things related to OCI network. 15791 items: 15792 description: Condition defines an observation of a Cluster API resource 15793 operational state. 15794 properties: 15795 lastTransitionTime: 15796 description: Last time the condition transitioned from one status 15797 to another. This should be when the underlying condition changed. 15798 If that is not known, then using the time when the API field 15799 changed is acceptable. 15800 format: date-time 15801 type: string 15802 message: 15803 description: A human readable message indicating details about 15804 the transition. This field may be empty. 15805 type: string 15806 reason: 15807 description: The reason for the condition's last transition 15808 in CamelCase. The specific API may choose whether or not this 15809 field is considered a guaranteed API. This field may not be 15810 empty. 15811 type: string 15812 severity: 15813 description: Severity provides an explicit classification of 15814 Reason code, so the users or machines can immediately understand 15815 the current situation and act accordingly. The Severity field 15816 MUST be set only when Status=False. 15817 type: string 15818 status: 15819 description: Status of the condition, one of True, False, Unknown. 15820 type: string 15821 type: 15822 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 15823 Many .condition.type values are consistent across resources 15824 like Available, but because arbitrary conditions can be useful 15825 (see .node.status.conditions), the ability to deconflict is 15826 important. 15827 type: string 15828 required: 15829 - lastTransitionTime 15830 - status 15831 - type 15832 type: object 15833 type: array 15834 failureMessages: 15835 items: 15836 type: string 15837 type: array 15838 failureReason: 15839 description: MachineStatusError defines errors states for Machine 15840 objects. 15841 type: string 15842 infrastructureMachineKind: 15843 description: InfrastructureMachineKind is the kind of the infrastructure 15844 resources behind MachinePool Machines. 15845 type: string 15846 ready: 15847 type: boolean 15848 replicas: 15849 description: Replicas is the most recently observed number of replicas 15850 format: int32 15851 type: integer 15852 type: object 15853 type: object 15854 served: true 15855 storage: true 15856 subresources: 15857 status: {} 15858 --- 15859 apiVersion: apiextensions.k8s.io/v1 15860 kind: CustomResourceDefinition 15861 metadata: 15862 annotations: 15863 controller-gen.kubebuilder.io/version: v0.10.0 15864 creationTimestamp: null 15865 labels: 15866 cluster.x-k8s.io/provider: infrastructure-oci 15867 cluster.x-k8s.io/v1beta1: v1beta1 15868 name: ocimanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io 15869 spec: 15870 group: infrastructure.cluster.x-k8s.io 15871 names: 15872 categories: 15873 - cluster-api 15874 kind: OCIManagedMachinePoolTemplate 15875 listKind: OCIManagedMachinePoolTemplateList 15876 plural: ocimanagedmachinepooltemplates 15877 singular: ocimanagedmachinepooltemplate 15878 scope: Namespaced 15879 versions: 15880 - name: v1beta1 15881 schema: 15882 openAPIV3Schema: 15883 description: OCIManagedMachinePoolTemplate is the Schema for the OCIManagedMachinePoolTemplates 15884 API. 15885 properties: 15886 apiVersion: 15887 description: 'APIVersion defines the versioned schema of this representation 15888 of an object. Servers should convert recognized schemas to the latest 15889 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15890 type: string 15891 kind: 15892 description: 'Kind is a string value representing the REST resource this 15893 object represents. Servers may infer this from the endpoint the client 15894 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15895 type: string 15896 metadata: 15897 type: object 15898 spec: 15899 description: OCIManagedMachinePoolTemplateSpec defines the desired state 15900 of OCIManagedMachinePoolTemplate. 15901 properties: 15902 template: 15903 description: OCIManagedMachinePoolSpec describes the data needed to 15904 create an OCIManagedMachinePool from a template. 15905 properties: 15906 spec: 15907 description: OCIManagedMachinePoolSpec defines the desired state 15908 of an OCI managed machine pool. An OCIManagedMachinePool translates 15909 to an OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 15910 properties: 15911 id: 15912 description: ID is the OCID of the associated NodePool 15913 type: string 15914 initialNodeLabels: 15915 description: InitialNodeLabels defines a list of key/value 15916 pairs to add to nodes after they join the Kubernetes cluster. 15917 items: 15918 description: KeyValue The properties that define a key value 15919 pair. 15920 properties: 15921 key: 15922 description: The key of the pair. 15923 type: string 15924 value: 15925 description: The value of the pair. 15926 type: string 15927 type: object 15928 type: array 15929 nodeEvictionNodePoolSettings: 15930 description: NodeEvictionNodePoolSettings defines the eviction 15931 settings. 15932 properties: 15933 evictionGraceDuration: 15934 description: 'EvictionGraceDuration defines the duration 15935 after which OKE will give up eviction of the pods on 15936 the node. PT0M will indicate you want to delete the 15937 node without cordon and drain. Default PT60M, Min PT0M, 15938 Max: PT60M. Format ISO 8601 e.g PT30M' 15939 type: string 15940 isForceDeleteAfterGraceDuration: 15941 description: IsForceDeleteAfterGraceDuration defines if 15942 the underlying compute instance should be deleted if 15943 you cannot evict all the pods in grace period 15944 type: boolean 15945 type: object 15946 nodeMetadata: 15947 additionalProperties: 15948 type: string 15949 description: NodeMetadata defines a list of key/value pairs 15950 to add to each underlying OCI instance in the node pool 15951 on launch. 15952 type: object 15953 nodePoolNodeConfig: 15954 description: NodePoolNodeConfig defines the configuration 15955 of nodes in the node pool. 15956 properties: 15957 isPvEncryptionInTransitEnabled: 15958 description: IsPvEncryptionInTransitEnabled defines whether 15959 in transit encryption should be enabled on the nodes. 15960 type: boolean 15961 kmsKeyId: 15962 description: KmsKeyId defines whether in transit encryption 15963 should be enabled on the nodes. 15964 type: string 15965 nodePoolPodNetworkOptionDetails: 15966 description: NodePoolPodNetworkOptionDetails defines the 15967 pod networking details of the node pool 15968 properties: 15969 cniType: 15970 description: CniType describes the CNI plugin used 15971 by this node pool. Allowed values are OCI_VCN_IP_NATIVE 15972 and FLANNEL_OVERLAY. 15973 type: string 15974 vcnIpNativePodNetworkOptions: 15975 description: VcnIpNativePodNetworkOptions describes 15976 the network options specific to using the OCI VCN 15977 Native CNI 15978 properties: 15979 maxPodsPerNode: 15980 description: MemoryInGBs defines the max number 15981 of pods per node in the node pool. This value 15982 will be limited by the number of VNICs attachable 15983 to the node pool shape 15984 type: integer 15985 nsgNames: 15986 description: NSGNames defines the NSGs associated 15987 with the native pod network. 15988 items: 15989 type: string 15990 type: array 15991 subnetNames: 15992 description: SubnetNames defines the Subnets associated 15993 with the native pod network. 15994 items: 15995 type: string 15996 type: array 15997 type: object 15998 type: object 15999 nsgNames: 16000 description: NsgNames defines the names of NSGs which 16001 will be associated with the nodes. the NSGs are defined 16002 in OCIManagedCluster object. 16003 items: 16004 type: string 16005 type: array 16006 placementConfigs: 16007 description: PlacementConfigs defines the placement configurations 16008 for the node pool. 16009 items: 16010 description: PlacementConfig defines the placement configurations 16011 for the node pool. 16012 properties: 16013 availabilityDomain: 16014 description: AvailabilityDomain defines the availability 16015 domain in which to place nodes. 16016 type: string 16017 capacityReservationId: 16018 description: CapacityReservationId defines the OCID 16019 of the compute capacity reservation in which to 16020 place the compute instance. 16021 type: string 16022 faultDomains: 16023 description: FaultDomains defines the list of fault 16024 domains in which to place nodes. 16025 items: 16026 type: string 16027 type: array 16028 subnetName: 16029 description: SubnetName defines the name of the 16030 subnet which need ot be associated with the Nodepool. 16031 The subnets are defined in the OCiManagedCluster 16032 object. 16033 type: string 16034 type: object 16035 type: array 16036 type: object 16037 nodeShape: 16038 description: NodeShape defines the name of the node shape 16039 of the nodes in the node pool. 16040 type: string 16041 nodeShapeConfig: 16042 description: NodeShapeConfig defines the configuration of 16043 the shape to launch nodes in the node pool. 16044 properties: 16045 memoryInGBs: 16046 description: MemoryInGBs defines the total amount of memory 16047 available to each node, in gigabytes. 16048 type: string 16049 ocpus: 16050 description: Ocpus defines the total number of OCPUs available 16051 to each node in the node pool. 16052 type: string 16053 type: object 16054 nodeSourceViaImage: 16055 description: NodeSourceViaImage defines the image configuration 16056 of the nodes in the nodepool. 16057 properties: 16058 bootVolumeSizeInGBs: 16059 description: BootVolumeSizeInGBs defines the size of the 16060 boot volume in GBs. 16061 format: int64 16062 type: integer 16063 imageId: 16064 description: ImageId defines the OCID of the image used 16065 to boot the node. 16066 type: string 16067 type: object 16068 providerID: 16069 description: ProviderID is the OCID of the associated NodePool 16070 in a provider format 16071 type: string 16072 providerIDList: 16073 description: ProviderIDList are the identification IDs of 16074 machine instances provided by the provider. This field must 16075 match the provider IDs as seen on the node objects corresponding 16076 to a machine pool's machine instances. 16077 items: 16078 type: string 16079 type: array 16080 sshPublicKey: 16081 description: SshPublicKey defines the SSH public key on each 16082 node in the node pool on launch. 16083 type: string 16084 version: 16085 description: Version represents the version of the OKE node 16086 pool. 16087 type: string 16088 type: object 16089 required: 16090 - spec 16091 type: object 16092 required: 16093 - template 16094 type: object 16095 type: object 16096 served: true 16097 storage: false 16098 - name: v1beta2 16099 schema: 16100 openAPIV3Schema: 16101 description: OCIManagedMachinePoolTemplate is the Schema for the OCIManagedMachinePoolTemplates 16102 API. 16103 properties: 16104 apiVersion: 16105 description: 'APIVersion defines the versioned schema of this representation 16106 of an object. Servers should convert recognized schemas to the latest 16107 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16108 type: string 16109 kind: 16110 description: 'Kind is a string value representing the REST resource this 16111 object represents. Servers may infer this from the endpoint the client 16112 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16113 type: string 16114 metadata: 16115 type: object 16116 spec: 16117 description: OCIManagedMachinePoolTemplateSpec defines the desired state 16118 of OCIManagedMachinePoolTemplate. 16119 properties: 16120 template: 16121 description: OCIManagedMachinePoolSpec describes the data needed to 16122 create an OCIManagedMachinePool from a template. 16123 properties: 16124 spec: 16125 description: OCIManagedMachinePoolSpec defines the desired state 16126 of an OCI managed machine pool. An OCIManagedMachinePool translates 16127 to an OKE NodePool. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateNodePoolDetails 16128 properties: 16129 id: 16130 description: ID is the OCID of the associated NodePool 16131 type: string 16132 initialNodeLabels: 16133 description: InitialNodeLabels defines a list of key/value 16134 pairs to add to nodes after they join the Kubernetes cluster. 16135 items: 16136 description: KeyValue The properties that define a key value 16137 pair. 16138 properties: 16139 key: 16140 description: The key of the pair. 16141 type: string 16142 value: 16143 description: The value of the pair. 16144 type: string 16145 type: object 16146 type: array 16147 nodeEvictionNodePoolSettings: 16148 description: NodeEvictionNodePoolSettings defines the eviction 16149 settings. 16150 properties: 16151 evictionGraceDuration: 16152 description: 'EvictionGraceDuration defines the duration 16153 after which OKE will give up eviction of the pods on 16154 the node. PT0M will indicate you want to delete the 16155 node without cordon and drain. Default PT60M, Min PT0M, 16156 Max: PT60M. Format ISO 8601 e.g PT30M' 16157 type: string 16158 isForceDeleteAfterGraceDuration: 16159 description: IsForceDeleteAfterGraceDuration defines if 16160 the underlying compute instance should be deleted if 16161 you cannot evict all the pods in grace period 16162 type: boolean 16163 type: object 16164 nodeMetadata: 16165 additionalProperties: 16166 type: string 16167 description: NodeMetadata defines a list of key/value pairs 16168 to add to each underlying OCI instance in the node pool 16169 on launch. 16170 type: object 16171 nodePoolCyclingDetails: 16172 description: NodePoolCyclingDetails defines the node pool 16173 recycling options. 16174 properties: 16175 isNodeCyclingEnabled: 16176 description: IsNodeCyclingEnabled refers if nodes in the 16177 nodepool will be cycled to have new changes. 16178 type: boolean 16179 maximumSurge: 16180 description: MaximumSurge refers to the maximum additional 16181 new compute instances that would be temporarily created 16182 and added to nodepool during the cycling nodepool process. 16183 OKE supports both integer and percentage input. Defaults 16184 to 1, Ranges from 0 to Nodepool size or 0% to 100% 16185 type: string 16186 maximumUnavailable: 16187 description: Maximum active nodes that would be terminated 16188 from nodepool during the cycling nodepool process. OKE 16189 supports both integer and percentage input. Defaults 16190 to 0, Ranges from 0 to Nodepool size or 0% to 100% 16191 type: string 16192 type: object 16193 nodePoolNodeConfig: 16194 description: NodePoolNodeConfig defines the configuration 16195 of nodes in the node pool. 16196 properties: 16197 isPvEncryptionInTransitEnabled: 16198 description: IsPvEncryptionInTransitEnabled defines whether 16199 in transit encryption should be enabled on the nodes. 16200 type: boolean 16201 kmsKeyId: 16202 description: KmsKeyId defines whether in transit encryption 16203 should be enabled on the nodes. 16204 type: string 16205 nodePoolPodNetworkOptionDetails: 16206 description: NodePoolPodNetworkOptionDetails defines the 16207 pod networking details of the node pool 16208 properties: 16209 cniType: 16210 description: CniType describes the CNI plugin used 16211 by this node pool. Allowed values are OCI_VCN_IP_NATIVE 16212 and FLANNEL_OVERLAY. 16213 type: string 16214 vcnIpNativePodNetworkOptions: 16215 description: VcnIpNativePodNetworkOptions describes 16216 the network options specific to using the OCI VCN 16217 Native CNI 16218 properties: 16219 maxPodsPerNode: 16220 description: MemoryInGBs defines the max number 16221 of pods per node in the node pool. This value 16222 will be limited by the number of VNICs attachable 16223 to the node pool shape 16224 type: integer 16225 nsgNames: 16226 description: NSGNames defines the NSGs associated 16227 with the native pod network. 16228 items: 16229 type: string 16230 type: array 16231 subnetNames: 16232 description: SubnetNames defines the Subnets associated 16233 with the native pod network. 16234 items: 16235 type: string 16236 type: array 16237 type: object 16238 type: object 16239 nsgNames: 16240 description: NsgNames defines the names of NSGs which 16241 will be associated with the nodes. the NSGs are defined 16242 in OCIManagedCluster object. 16243 items: 16244 type: string 16245 type: array 16246 placementConfigs: 16247 description: PlacementConfigs defines the placement configurations 16248 for the node pool. 16249 items: 16250 description: PlacementConfig defines the placement configurations 16251 for the node pool. 16252 properties: 16253 availabilityDomain: 16254 description: AvailabilityDomain defines the availability 16255 domain in which to place nodes. 16256 type: string 16257 capacityReservationId: 16258 description: CapacityReservationId defines the OCID 16259 of the compute capacity reservation in which to 16260 place the compute instance. 16261 type: string 16262 faultDomains: 16263 description: FaultDomains defines the list of fault 16264 domains in which to place nodes. 16265 items: 16266 type: string 16267 type: array 16268 subnetName: 16269 description: SubnetName defines the name of the 16270 subnet which need ot be associated with the Nodepool. 16271 The subnets are defined in the OCiManagedCluster 16272 object. 16273 type: string 16274 type: object 16275 type: array 16276 type: object 16277 nodeShape: 16278 description: NodeShape defines the name of the node shape 16279 of the nodes in the node pool. 16280 type: string 16281 nodeShapeConfig: 16282 description: NodeShapeConfig defines the configuration of 16283 the shape to launch nodes in the node pool. 16284 properties: 16285 memoryInGBs: 16286 description: MemoryInGBs defines the total amount of memory 16287 available to each node, in gigabytes. 16288 type: string 16289 ocpus: 16290 description: Ocpus defines the total number of OCPUs available 16291 to each node in the node pool. 16292 type: string 16293 type: object 16294 nodeSourceViaImage: 16295 description: NodeSourceViaImage defines the image configuration 16296 of the nodes in the nodepool. 16297 properties: 16298 bootVolumeSizeInGBs: 16299 description: BootVolumeSizeInGBs defines the size of the 16300 boot volume in GBs. 16301 format: int64 16302 type: integer 16303 imageId: 16304 description: ImageId defines the OCID of the image used 16305 to boot the node. 16306 type: string 16307 type: object 16308 providerID: 16309 description: ProviderID is the OCID of the associated NodePool 16310 in a provider format 16311 type: string 16312 providerIDList: 16313 description: ProviderIDList are the identification IDs of 16314 machine instances provided by the provider. This field must 16315 match the provider IDs as seen on the node objects corresponding 16316 to a machine pool's machine instances. 16317 items: 16318 type: string 16319 type: array 16320 sshPublicKey: 16321 description: SshPublicKey defines the SSH public key on each 16322 node in the node pool on launch. 16323 type: string 16324 version: 16325 description: Version represents the version of the OKE node 16326 pool. 16327 type: string 16328 type: object 16329 required: 16330 - spec 16331 type: object 16332 required: 16333 - template 16334 type: object 16335 type: object 16336 served: true 16337 storage: true 16338 --- 16339 apiVersion: apiextensions.k8s.io/v1 16340 kind: CustomResourceDefinition 16341 metadata: 16342 annotations: 16343 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 16344 controller-gen.kubebuilder.io/version: v0.10.0 16345 labels: 16346 cluster.x-k8s.io/provider: infrastructure-oci 16347 cluster.x-k8s.io/v1beta1: v1beta1 16348 name: ocivirtualmachinepools.infrastructure.cluster.x-k8s.io 16349 spec: 16350 conversion: 16351 strategy: Webhook 16352 webhook: 16353 clientConfig: 16354 service: 16355 name: capoci-webhook-service 16356 namespace: cluster-api-provider-oci-system 16357 path: /convert 16358 conversionReviewVersions: 16359 - v1 16360 - v1beta1 16361 group: infrastructure.cluster.x-k8s.io 16362 names: 16363 kind: OCIVirtualMachinePool 16364 listKind: OCIVirtualMachinePoolList 16365 plural: ocivirtualmachinepools 16366 singular: ocivirtualmachinepool 16367 scope: Namespaced 16368 versions: 16369 - name: v1beta1 16370 schema: 16371 openAPIV3Schema: 16372 description: OCIVirtualMachinePool is the Schema for the ocivirtualmachinepool 16373 API. 16374 properties: 16375 apiVersion: 16376 description: 'APIVersion defines the versioned schema of this representation 16377 of an object. Servers should convert recognized schemas to the latest 16378 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16379 type: string 16380 kind: 16381 description: 'Kind is a string value representing the REST resource this 16382 object represents. Servers may infer this from the endpoint the client 16383 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16384 type: string 16385 metadata: 16386 type: object 16387 spec: 16388 description: OCIVirtualMachinePoolSpec defines the desired state of an 16389 OCI virtual machine pool. An OCIVirtualMachinePool translates to an 16390 OKE Virtual node poo;. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateVirtualNodePoolDetails 16391 properties: 16392 id: 16393 description: ID is the OCID of the associated NodePool 16394 type: string 16395 initialVirtualNodeLabels: 16396 description: InitialNodeLabels defines a list of key/value pairs to 16397 add to nodes after they join the Kubernetes cluster. 16398 items: 16399 description: KeyValue The properties that define a key value pair. 16400 properties: 16401 key: 16402 description: The key of the pair. 16403 type: string 16404 value: 16405 description: The value of the pair. 16406 type: string 16407 type: object 16408 type: array 16409 nsgNames: 16410 description: NsgNames defines the names of NSGs which will be associated 16411 with the nodes. the NSGs are defined in OCIManagedCluster object. 16412 items: 16413 type: string 16414 type: array 16415 placementConfigs: 16416 description: PlacementConfigs defines the placement configurations 16417 for the node pool. 16418 items: 16419 description: VirtualNodepoolPlacementConfig defines the placement 16420 configurations for the virtual node pool. 16421 properties: 16422 availabilityDomain: 16423 type: string 16424 faultDomains: 16425 description: FaultDomains defines the list of fault domains 16426 in which to place nodes. 16427 items: 16428 type: string 16429 type: array 16430 subnetName: 16431 description: SubnetName defines the name of the subnet which 16432 need to be associated with the Virtual Node Pool. The subnets 16433 are defined in the OCiManagedCluster object. 16434 type: string 16435 type: object 16436 type: array 16437 podConfiguration: 16438 description: PodConfiguration defines pod configuration 16439 properties: 16440 nsgNames: 16441 description: NsgNames defines the names of NSGs which will be 16442 associated with the pods. 16443 items: 16444 type: string 16445 type: array 16446 shape: 16447 description: Shape described the shape of the pods. 16448 type: string 16449 subnetName: 16450 description: SubnetName described the regional subnet where pods' 16451 VNIC will be placed. 16452 type: string 16453 type: object 16454 providerID: 16455 description: ProviderID is the OCID of the associated NodePool in 16456 a provider format 16457 type: string 16458 providerIDList: 16459 description: ProviderIDList are the identification IDs of machine 16460 instances provided by the provider. This field must match the provider 16461 IDs as seen on the node objects corresponding to a machine pool's 16462 machine instances. 16463 items: 16464 type: string 16465 type: array 16466 taints: 16467 description: Taints describes the taints will be applied to the Virtual 16468 Nodes of this Virtual Node Pool for Kubernetes scheduling. 16469 items: 16470 description: Taint describes a taint. 16471 properties: 16472 effect: 16473 description: The effect of the pair. 16474 type: string 16475 key: 16476 description: The key of the pair. 16477 type: string 16478 value: 16479 description: The value of the pair. 16480 type: string 16481 type: object 16482 type: array 16483 type: object 16484 status: 16485 description: OCIVirtualMachinePoolStatus defines the observed state of 16486 OCIVirtualMachinePool 16487 properties: 16488 conditions: 16489 description: NetworkSpec encapsulates all things related to OCI network. 16490 items: 16491 description: Condition defines an observation of a Cluster API resource 16492 operational state. 16493 properties: 16494 lastTransitionTime: 16495 description: Last time the condition transitioned from one status 16496 to another. This should be when the underlying condition changed. 16497 If that is not known, then using the time when the API field 16498 changed is acceptable. 16499 format: date-time 16500 type: string 16501 message: 16502 description: A human readable message indicating details about 16503 the transition. This field may be empty. 16504 type: string 16505 reason: 16506 description: The reason for the condition's last transition 16507 in CamelCase. The specific API may choose whether or not this 16508 field is considered a guaranteed API. This field may not be 16509 empty. 16510 type: string 16511 severity: 16512 description: Severity provides an explicit classification of 16513 Reason code, so the users or machines can immediately understand 16514 the current situation and act accordingly. The Severity field 16515 MUST be set only when Status=False. 16516 type: string 16517 status: 16518 description: Status of the condition, one of True, False, Unknown. 16519 type: string 16520 type: 16521 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 16522 Many .condition.type values are consistent across resources 16523 like Available, but because arbitrary conditions can be useful 16524 (see .node.status.conditions), the ability to deconflict is 16525 important. 16526 type: string 16527 required: 16528 - lastTransitionTime 16529 - status 16530 - type 16531 type: object 16532 type: array 16533 failureMessages: 16534 description: FailureMessages contains the verbose erorr messages related 16535 to the virtual machine pool failures. 16536 items: 16537 type: string 16538 type: array 16539 failureReason: 16540 description: FailureReason will contains the CAPI MachinePoolStatusFailure 16541 if the virtual machine pool has hit an error condition. 16542 type: string 16543 infrastructureMachineKind: 16544 description: InfrastructureMachineKind is the kind of the infrastructure 16545 resources behind MachinePool Machines. 16546 type: string 16547 ready: 16548 type: boolean 16549 replicas: 16550 description: Replicas is the most recently observed number of replicas 16551 format: int32 16552 type: integer 16553 type: object 16554 type: object 16555 served: true 16556 storage: false 16557 subresources: 16558 status: {} 16559 - name: v1beta2 16560 schema: 16561 openAPIV3Schema: 16562 description: OCIVirtualMachinePool is the Schema for the ocivirtualmachinepool 16563 API. 16564 properties: 16565 apiVersion: 16566 description: 'APIVersion defines the versioned schema of this representation 16567 of an object. Servers should convert recognized schemas to the latest 16568 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16569 type: string 16570 kind: 16571 description: 'Kind is a string value representing the REST resource this 16572 object represents. Servers may infer this from the endpoint the client 16573 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16574 type: string 16575 metadata: 16576 type: object 16577 spec: 16578 description: OCIVirtualMachinePoolSpec defines the desired state of an 16579 OCI virtual machine pool. An OCIVirtualMachinePool translates to an 16580 OKE Virtual node poo;. The properties are generated from https://docs.oracle.com/en-us/iaas/api/#/en/containerengine/20180222/datatypes/CreateVirtualNodePoolDetails 16581 properties: 16582 id: 16583 description: ID is the OCID of the associated NodePool 16584 type: string 16585 initialVirtualNodeLabels: 16586 description: InitialVirtualNodeLabels defines a list of key/value 16587 pairs to add to nodes after they join the Kubernetes cluster. 16588 items: 16589 description: KeyValue The properties that define a key value pair. 16590 properties: 16591 key: 16592 description: The key of the pair. 16593 type: string 16594 value: 16595 description: The value of the pair. 16596 type: string 16597 type: object 16598 type: array 16599 nsgNames: 16600 description: NsgNames defines the names of NSGs which will be associated 16601 with the nodes. the NSGs are defined in OCIManagedCluster object. 16602 items: 16603 type: string 16604 type: array 16605 placementConfigs: 16606 description: PlacementConfigs defines the placement configurations 16607 for the node pool. 16608 items: 16609 description: VirtualNodepoolPlacementConfig defines the placement 16610 configurations for the virtual node pool. 16611 properties: 16612 availabilityDomain: 16613 type: string 16614 faultDomains: 16615 description: FaultDomains defines the list of fault domains 16616 in which to place nodes. 16617 items: 16618 type: string 16619 type: array 16620 subnetName: 16621 description: SubnetName defines the name of the subnet which 16622 need to be associated with the Virtual Node Pool. The subnets 16623 are defined in the OCiManagedCluster object. 16624 type: string 16625 type: object 16626 type: array 16627 podConfiguration: 16628 description: PodConfiguration defines pod configuration 16629 properties: 16630 nsgNames: 16631 description: NsgNames defines the names of NSGs which will be 16632 associated with the pods. 16633 items: 16634 type: string 16635 type: array 16636 shape: 16637 description: Shape described the shape of the pods. 16638 type: string 16639 subnetName: 16640 description: SubnetName described the regional subnet where pods' 16641 VNIC will be placed. 16642 type: string 16643 type: object 16644 providerID: 16645 description: ProviderID is the OCID of the associated NodePool in 16646 a provider format 16647 type: string 16648 providerIDList: 16649 description: ProviderIDList are the identification IDs of machine 16650 instances provided by the provider. This field must match the provider 16651 IDs as seen on the node objects corresponding to a machine pool's 16652 machine instances. 16653 items: 16654 type: string 16655 type: array 16656 taints: 16657 description: Taints describes the taints will be applied to the Virtual 16658 Nodes of this Virtual Node Pool for Kubernetes scheduling. 16659 items: 16660 description: Taint describes a taint. 16661 properties: 16662 effect: 16663 description: The effect of the pair. 16664 type: string 16665 key: 16666 description: The key of the pair. 16667 type: string 16668 value: 16669 description: The value of the pair. 16670 type: string 16671 type: object 16672 type: array 16673 type: object 16674 status: 16675 description: OCIVirtualMachinePoolStatus defines the observed state of 16676 OCIVirtualMachinePool 16677 properties: 16678 conditions: 16679 description: NetworkSpec encapsulates all things related to OCI network. 16680 items: 16681 description: Condition defines an observation of a Cluster API resource 16682 operational state. 16683 properties: 16684 lastTransitionTime: 16685 description: Last time the condition transitioned from one status 16686 to another. This should be when the underlying condition changed. 16687 If that is not known, then using the time when the API field 16688 changed is acceptable. 16689 format: date-time 16690 type: string 16691 message: 16692 description: A human readable message indicating details about 16693 the transition. This field may be empty. 16694 type: string 16695 reason: 16696 description: The reason for the condition's last transition 16697 in CamelCase. The specific API may choose whether or not this 16698 field is considered a guaranteed API. This field may not be 16699 empty. 16700 type: string 16701 severity: 16702 description: Severity provides an explicit classification of 16703 Reason code, so the users or machines can immediately understand 16704 the current situation and act accordingly. The Severity field 16705 MUST be set only when Status=False. 16706 type: string 16707 status: 16708 description: Status of the condition, one of True, False, Unknown. 16709 type: string 16710 type: 16711 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 16712 Many .condition.type values are consistent across resources 16713 like Available, but because arbitrary conditions can be useful 16714 (see .node.status.conditions), the ability to deconflict is 16715 important. 16716 type: string 16717 required: 16718 - lastTransitionTime 16719 - status 16720 - type 16721 type: object 16722 type: array 16723 failureMessages: 16724 description: FailureMessages contains the verbose erorr messages related 16725 to the virtual machine pool failures. 16726 items: 16727 type: string 16728 type: array 16729 failureReason: 16730 description: FailureReason will contains the CAPI MachinePoolStatusFailure 16731 if the virtual machine pool has hit an error condition. 16732 type: string 16733 infrastructureMachineKind: 16734 description: InfrastructureMachineKind is the kind of the infrastructure 16735 resources behind MachinePool Machines. 16736 type: string 16737 ready: 16738 type: boolean 16739 replicas: 16740 description: Replicas is the most recently observed number of replicas 16741 format: int32 16742 type: integer 16743 type: object 16744 type: object 16745 served: true 16746 storage: true 16747 subresources: 16748 status: {} 16749 --- 16750 apiVersion: v1 16751 kind: ServiceAccount 16752 metadata: 16753 labels: 16754 cluster.x-k8s.io/provider: infrastructure-oci 16755 name: capoci-controller-manager 16756 namespace: cluster-api-provider-oci-system 16757 --- 16758 apiVersion: rbac.authorization.k8s.io/v1 16759 kind: Role 16760 metadata: 16761 labels: 16762 cluster.x-k8s.io/provider: infrastructure-oci 16763 name: capoci-leader-election-role 16764 namespace: cluster-api-provider-oci-system 16765 rules: 16766 - apiGroups: 16767 - "" 16768 resources: 16769 - configmaps 16770 verbs: 16771 - get 16772 - list 16773 - watch 16774 - create 16775 - update 16776 - patch 16777 - delete 16778 - apiGroups: 16779 - coordination.k8s.io 16780 resources: 16781 - leases 16782 verbs: 16783 - get 16784 - list 16785 - watch 16786 - create 16787 - update 16788 - patch 16789 - delete 16790 - apiGroups: 16791 - "" 16792 resources: 16793 - events 16794 verbs: 16795 - create 16796 - patch 16797 --- 16798 apiVersion: rbac.authorization.k8s.io/v1 16799 kind: ClusterRole 16800 metadata: 16801 creationTimestamp: null 16802 labels: 16803 cluster.x-k8s.io/provider: infrastructure-oci 16804 name: capoci-manager-role 16805 rules: 16806 - apiGroups: 16807 - infrastructure.cluster.x-k8s.io 16808 resources: 16809 - ociclusters 16810 verbs: 16811 - create 16812 - delete 16813 - get 16814 - list 16815 - patch 16816 - update 16817 - watch 16818 - apiGroups: 16819 - "" 16820 resources: 16821 - events 16822 verbs: 16823 - create 16824 - get 16825 - list 16826 - patch 16827 - update 16828 - watch 16829 - apiGroups: 16830 - infrastructure.cluster.x-k8s.io 16831 resources: 16832 - ociclusters/finalizers 16833 verbs: 16834 - update 16835 - apiGroups: 16836 - infrastructure.cluster.x-k8s.io 16837 resources: 16838 - ociclusters/status 16839 verbs: 16840 - get 16841 - patch 16842 - update 16843 - apiGroups: 16844 - infrastructure.cluster.x-k8s.io 16845 resources: 16846 - ocimachines 16847 verbs: 16848 - create 16849 - delete 16850 - get 16851 - list 16852 - patch 16853 - update 16854 - watch 16855 - apiGroups: 16856 - infrastructure.cluster.x-k8s.io 16857 resources: 16858 - ocimachines/finalizers 16859 verbs: 16860 - update 16861 - apiGroups: 16862 - infrastructure.cluster.x-k8s.io 16863 resources: 16864 - ocimachines/status 16865 verbs: 16866 - get 16867 - patch 16868 - update 16869 - apiGroups: 16870 - infrastructure.cluster.x-k8s.io 16871 resources: 16872 - ocimachinepools 16873 verbs: 16874 - create 16875 - delete 16876 - get 16877 - list 16878 - patch 16879 - update 16880 - watch 16881 - apiGroups: 16882 - infrastructure.cluster.x-k8s.io 16883 resources: 16884 - ocimachinepools 16885 - ocimachinepools/status 16886 verbs: 16887 - get 16888 - list 16889 - watch 16890 - apiGroups: 16891 - infrastructure.cluster.x-k8s.io 16892 resources: 16893 - ocimachinepools/status 16894 verbs: 16895 - get 16896 - patch 16897 - update 16898 - apiGroups: 16899 - infrastructure.cluster.x-k8s.io 16900 resources: 16901 - ocimachinepools/status 16902 verbs: 16903 - get 16904 - patch 16905 - update 16906 - apiGroups: 16907 - cluster.x-k8s.io 16908 resources: 16909 - machines 16910 - machines/status 16911 verbs: 16912 - get 16913 - list 16914 - watch 16915 - delete 16916 - apiGroups: 16917 - cluster.x-k8s.io 16918 resources: 16919 - clusters 16920 - clusters/status 16921 verbs: 16922 - get 16923 - list 16924 - watch 16925 - apiGroups: 16926 - cluster.x-k8s.io 16927 resources: 16928 - machinepools 16929 - machinepools/status 16930 verbs: 16931 - get 16932 - list 16933 - watch 16934 - apiGroups: 16935 - "" 16936 resources: 16937 - secrets 16938 verbs: 16939 - create 16940 - delete 16941 - get 16942 - list 16943 - patch 16944 - update 16945 - watch 16946 - apiGroups: 16947 - infrastructure.cluster.x-k8s.io 16948 resources: 16949 - ocimanagedclusters 16950 verbs: 16951 - create 16952 - delete 16953 - get 16954 - list 16955 - patch 16956 - update 16957 - watch 16958 - apiGroups: 16959 - infrastructure.cluster.x-k8s.io 16960 resources: 16961 - ocimanagedclusters/finalizers 16962 verbs: 16963 - update 16964 - apiGroups: 16965 - infrastructure.cluster.x-k8s.io 16966 resources: 16967 - ocimanagedclusters/status 16968 verbs: 16969 - get 16970 - patch 16971 - update 16972 - apiGroups: 16973 - infrastructure.cluster.x-k8s.io 16974 resources: 16975 - ocimanagedcontrolplanes 16976 verbs: 16977 - create 16978 - delete 16979 - get 16980 - list 16981 - patch 16982 - update 16983 - watch 16984 - apiGroups: 16985 - infrastructure.cluster.x-k8s.io 16986 resources: 16987 - ocimanagedcontrolplanes/finalizers 16988 verbs: 16989 - update 16990 - apiGroups: 16991 - infrastructure.cluster.x-k8s.io 16992 resources: 16993 - ocimanagedcontrolplanes/status 16994 verbs: 16995 - get 16996 - patch 16997 - update 16998 - apiGroups: 16999 - infrastructure.cluster.x-k8s.io 17000 resources: 17001 - ocimanagedmachinepools 17002 verbs: 17003 - create 17004 - delete 17005 - get 17006 - list 17007 - patch 17008 - update 17009 - watch 17010 - apiGroups: 17011 - infrastructure.cluster.x-k8s.io 17012 resources: 17013 - ocimanagedmachinepools/finalizers 17014 verbs: 17015 - update 17016 - apiGroups: 17017 - infrastructure.cluster.x-k8s.io 17018 resources: 17019 - ocimanagedmachinepools/status 17020 verbs: 17021 - get 17022 - patch 17023 - update 17024 - apiGroups: 17025 - infrastructure.cluster.x-k8s.io 17026 resources: 17027 - ociclusteridentities 17028 verbs: 17029 - get 17030 - list 17031 - watch 17032 - apiGroups: 17033 - infrastructure.cluster.x-k8s.io 17034 resources: 17035 - ocivirtualmachinepools 17036 verbs: 17037 - create 17038 - delete 17039 - get 17040 - list 17041 - patch 17042 - update 17043 - watch 17044 - apiGroups: 17045 - infrastructure.cluster.x-k8s.io 17046 resources: 17047 - ocivirtualmachinepools/finalizers 17048 verbs: 17049 - update 17050 - apiGroups: 17051 - infrastructure.cluster.x-k8s.io 17052 resources: 17053 - ocivirtualmachinepools/status 17054 verbs: 17055 - get 17056 - patch 17057 - update 17058 - apiGroups: 17059 - infrastructure.cluster.x-k8s.io 17060 resources: 17061 - ocimachinepoolmachines 17062 verbs: 17063 - create 17064 - delete 17065 - get 17066 - list 17067 - patch 17068 - update 17069 - watch 17070 - apiGroups: 17071 - infrastructure.cluster.x-k8s.io 17072 resources: 17073 - ocimachinepoolmachines/status 17074 verbs: 17075 - get 17076 - patch 17077 - update 17078 --- 17079 apiVersion: rbac.authorization.k8s.io/v1 17080 kind: ClusterRole 17081 metadata: 17082 labels: 17083 cluster.x-k8s.io/provider: infrastructure-oci 17084 name: capoci-metrics-reader 17085 rules: 17086 - nonResourceURLs: 17087 - /metrics 17088 verbs: 17089 - get 17090 --- 17091 apiVersion: rbac.authorization.k8s.io/v1 17092 kind: ClusterRole 17093 metadata: 17094 labels: 17095 cluster.x-k8s.io/provider: infrastructure-oci 17096 name: capoci-proxy-role 17097 rules: 17098 - apiGroups: 17099 - authentication.k8s.io 17100 resources: 17101 - tokenreviews 17102 verbs: 17103 - create 17104 - apiGroups: 17105 - authorization.k8s.io 17106 resources: 17107 - subjectaccessreviews 17108 verbs: 17109 - create 17110 --- 17111 apiVersion: rbac.authorization.k8s.io/v1 17112 kind: RoleBinding 17113 metadata: 17114 labels: 17115 cluster.x-k8s.io/provider: infrastructure-oci 17116 name: capoci-leader-election-rolebinding 17117 namespace: cluster-api-provider-oci-system 17118 roleRef: 17119 apiGroup: rbac.authorization.k8s.io 17120 kind: Role 17121 name: capoci-leader-election-role 17122 subjects: 17123 - kind: ServiceAccount 17124 name: capoci-controller-manager 17125 namespace: cluster-api-provider-oci-system 17126 --- 17127 apiVersion: rbac.authorization.k8s.io/v1 17128 kind: ClusterRoleBinding 17129 metadata: 17130 labels: 17131 cluster.x-k8s.io/provider: infrastructure-oci 17132 name: capoci-manager-rolebinding 17133 roleRef: 17134 apiGroup: rbac.authorization.k8s.io 17135 kind: ClusterRole 17136 name: capoci-manager-role 17137 subjects: 17138 - kind: ServiceAccount 17139 name: capoci-controller-manager 17140 namespace: cluster-api-provider-oci-system 17141 --- 17142 apiVersion: rbac.authorization.k8s.io/v1 17143 kind: ClusterRoleBinding 17144 metadata: 17145 labels: 17146 cluster.x-k8s.io/provider: infrastructure-oci 17147 name: capoci-proxy-rolebinding 17148 roleRef: 17149 apiGroup: rbac.authorization.k8s.io 17150 kind: ClusterRole 17151 name: capoci-proxy-role 17152 subjects: 17153 - kind: ServiceAccount 17154 name: capoci-controller-manager 17155 namespace: cluster-api-provider-oci-system 17156 --- 17157 apiVersion: v1 17158 data: 17159 controller_manager_config.yaml: | 17160 apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 17161 kind: ControllerManagerConfig 17162 health: 17163 healthProbeBindAddress: :8081 17164 metrics: 17165 bindAddress: 127.0.0.1:8080 17166 webhook: 17167 port: 9443 17168 leaderElection: 17169 leaderElect: true 17170 resourceName: 237d8a8a.cluster.x-k8s.io 17171 kind: ConfigMap 17172 metadata: 17173 labels: 17174 cluster.x-k8s.io/provider: infrastructure-oci 17175 name: capoci-manager-config 17176 namespace: cluster-api-provider-oci-system 17177 --- 17178 apiVersion: v1 17179 data: 17180 fingerprint: ${OCI_CREDENTIALS_FINGERPRINT_B64:=""} 17181 key: ${OCI_CREDENTIALS_KEY_B64:=""} 17182 passphrase: ${OCI_CREDENTIALS_PASSPHRASE_B64:=""} 17183 region: ${OCI_REGION_B64:=""} 17184 tenancy: ${OCI_TENANCY_ID_B64:=""} 17185 useInstancePrincipal: ${USE_INSTANCE_PRINCIPAL_B64:="ZmFsc2U="} 17186 user: ${OCI_USER_ID_B64:=""} 17187 kind: Secret 17188 metadata: 17189 labels: 17190 cluster.x-k8s.io/provider: infrastructure-oci 17191 name: capoci-auth-config 17192 namespace: cluster-api-provider-oci-system 17193 type: Opaque 17194 --- 17195 apiVersion: v1 17196 kind: Service 17197 metadata: 17198 labels: 17199 cluster.x-k8s.io/provider: infrastructure-oci 17200 control-plane: controller-manager 17201 name: capoci-controller-manager-metrics-service 17202 namespace: cluster-api-provider-oci-system 17203 spec: 17204 ports: 17205 - name: https 17206 port: 8443 17207 targetPort: https 17208 selector: 17209 cluster.x-k8s.io/provider: infrastructure-oci 17210 control-plane: controller-manager 17211 --- 17212 apiVersion: v1 17213 kind: Service 17214 metadata: 17215 labels: 17216 cluster.x-k8s.io/provider: infrastructure-oci 17217 name: capoci-webhook-service 17218 namespace: cluster-api-provider-oci-system 17219 spec: 17220 ports: 17221 - port: 443 17222 targetPort: webhook-server 17223 selector: 17224 cluster.x-k8s.io/provider: infrastructure-oci 17225 --- 17226 apiVersion: apps/v1 17227 kind: Deployment 17228 metadata: 17229 labels: 17230 cluster.x-k8s.io/provider: infrastructure-oci 17231 control-plane: controller-manager 17232 name: capoci-controller-manager 17233 namespace: cluster-api-provider-oci-system 17234 spec: 17235 replicas: 1 17236 selector: 17237 matchLabels: 17238 cluster.x-k8s.io/provider: infrastructure-oci 17239 control-plane: controller-manager 17240 template: 17241 metadata: 17242 labels: 17243 cluster.x-k8s.io/provider: infrastructure-oci 17244 control-plane: controller-manager 17245 spec: 17246 affinity: 17247 nodeAffinity: 17248 preferredDuringSchedulingIgnoredDuringExecution: 17249 - preference: 17250 matchExpressions: 17251 - key: ${K8S_CP_LABEL:=node-role.kubernetes.io/control-plane} 17252 operator: Exists 17253 weight: 10 17254 - preference: 17255 matchExpressions: 17256 - key: node-role.kubernetes.io/master 17257 operator: Exists 17258 weight: 10 17259 containers: 17260 - args: 17261 - --leader-elect 17262 - --feature-gates=MachinePool=${EXP_MACHINE_POOL:=false} 17263 - --metrics-bind-address=127.0.0.1:8080 17264 - --logging-format=${LOG_FORMAT:=text} 17265 - --init-oci-clients-on-startup=${INIT_OCI_CLIENTS_ON_STARTUP:=true} 17266 - --enable-instance-metadata-service-lookup=${ENABLE_INSTANCE_METADATA_SERVICE_LOOKUP:=false} 17267 command: 17268 - /manager 17269 env: 17270 - name: AUTH_CONFIG_DIR 17271 value: /etc/oci 17272 image: ghcr.io/oracle/cluster-api-oci-controller:v0.13.0 17273 imagePullPolicy: IfNotPresent 17274 livenessProbe: 17275 httpGet: 17276 path: /healthz 17277 port: 8081 17278 initialDelaySeconds: 15 17279 periodSeconds: 20 17280 name: manager 17281 ports: 17282 - containerPort: 9443 17283 name: webhook-server 17284 protocol: TCP 17285 readinessProbe: 17286 httpGet: 17287 path: /readyz 17288 port: 8081 17289 initialDelaySeconds: 5 17290 periodSeconds: 10 17291 securityContext: 17292 allowPrivilegeEscalation: false 17293 capabilities: 17294 drop: 17295 - ALL 17296 privileged: false 17297 runAsGroup: 65532 17298 runAsUser: 65532 17299 volumeMounts: 17300 - mountPath: /tmp/k8s-webhook-server/serving-certs 17301 name: cert 17302 readOnly: true 17303 - mountPath: /etc/oci 17304 name: auth-config-dir 17305 readOnly: true 17306 securityContext: 17307 runAsNonRoot: true 17308 seccompProfile: 17309 type: RuntimeDefault 17310 serviceAccountName: capoci-controller-manager 17311 terminationGracePeriodSeconds: 10 17312 tolerations: 17313 - effect: NoSchedule 17314 key: node-role.kubernetes.io/master 17315 - effect: NoSchedule 17316 key: node-role.kubernetes.io/control-plane 17317 volumes: 17318 - name: cert 17319 secret: 17320 defaultMode: 420 17321 secretName: capoci-webhook-service-cert 17322 - name: auth-config-dir 17323 secret: 17324 secretName: capoci-auth-config 17325 --- 17326 apiVersion: cert-manager.io/v1 17327 kind: Certificate 17328 metadata: 17329 labels: 17330 cluster.x-k8s.io/provider: infrastructure-oci 17331 name: capoci-serving-cert 17332 namespace: cluster-api-provider-oci-system 17333 spec: 17334 dnsNames: 17335 - capoci-webhook-service.cluster-api-provider-oci-system.svc 17336 - capoci-webhook-service.cluster-api-provider-oci-system.svc.cluster.local 17337 issuerRef: 17338 kind: Issuer 17339 name: capoci-selfsigned-issuer 17340 secretName: capoci-webhook-service-cert 17341 --- 17342 apiVersion: cert-manager.io/v1 17343 kind: Issuer 17344 metadata: 17345 labels: 17346 cluster.x-k8s.io/provider: infrastructure-oci 17347 name: capoci-selfsigned-issuer 17348 namespace: cluster-api-provider-oci-system 17349 spec: 17350 selfSigned: {} 17351 --- 17352 apiVersion: admissionregistration.k8s.io/v1 17353 kind: MutatingWebhookConfiguration 17354 metadata: 17355 annotations: 17356 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17357 labels: 17358 cluster.x-k8s.io/provider: infrastructure-oci 17359 name: capoci-mutating-webhook-configuration 17360 webhooks: 17361 - admissionReviewVersions: 17362 - v1beta1 17363 clientConfig: 17364 service: 17365 name: capoci-webhook-service 17366 namespace: cluster-api-provider-oci-system 17367 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocicluster 17368 failurePolicy: Fail 17369 matchPolicy: Equivalent 17370 name: default.ocicluster.infrastructure.cluster.x-k8s.io 17371 rules: 17372 - apiGroups: 17373 - infrastructure.cluster.x-k8s.io 17374 apiVersions: 17375 - v1beta2 17376 operations: 17377 - CREATE 17378 - UPDATE 17379 resources: 17380 - ociclusters 17381 sideEffects: None 17382 - admissionReviewVersions: 17383 - v1beta1 17384 clientConfig: 17385 service: 17386 name: capoci-webhook-service 17387 namespace: cluster-api-provider-oci-system 17388 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcluster 17389 failurePolicy: Fail 17390 matchPolicy: Equivalent 17391 name: default.ocimanagedcluster.infrastructure.cluster.x-k8s.io 17392 rules: 17393 - apiGroups: 17394 - infrastructure.cluster.x-k8s.io 17395 apiVersions: 17396 - v1beta2 17397 operations: 17398 - CREATE 17399 - UPDATE 17400 resources: 17401 - ocimanagedclusters 17402 sideEffects: None 17403 - admissionReviewVersions: 17404 - v1beta1 17405 clientConfig: 17406 service: 17407 name: capoci-webhook-service 17408 namespace: cluster-api-provider-oci-system 17409 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcontrolplane 17410 failurePolicy: Fail 17411 matchPolicy: Equivalent 17412 name: default.ocimanagedcontrolplane.infrastructure.cluster.x-k8s.io 17413 rules: 17414 - apiGroups: 17415 - infrastructure.cluster.x-k8s.io 17416 apiVersions: 17417 - v1beta2 17418 operations: 17419 - CREATE 17420 - UPDATE 17421 resources: 17422 - ocimanagedcontrolplanes 17423 sideEffects: None 17424 - admissionReviewVersions: 17425 - v1beta1 17426 clientConfig: 17427 service: 17428 name: capoci-webhook-service 17429 namespace: cluster-api-provider-oci-system 17430 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedmachinepool 17431 failurePolicy: Fail 17432 matchPolicy: Equivalent 17433 name: default.ocimanagedmachinepool.infrastructure.cluster.x-k8s.io 17434 rules: 17435 - apiGroups: 17436 - infrastructure.cluster.x-k8s.io 17437 apiVersions: 17438 - v1beta2 17439 operations: 17440 - CREATE 17441 - UPDATE 17442 resources: 17443 - ocimanagedmachinepools 17444 sideEffects: None 17445 - admissionReviewVersions: 17446 - v1beta1 17447 clientConfig: 17448 service: 17449 name: capoci-webhook-service 17450 namespace: cluster-api-provider-oci-system 17451 path: /mutate-infrastructure-cluster-x-k8s-io-v1beta2-ocivirtualmachinepool 17452 failurePolicy: Fail 17453 matchPolicy: Equivalent 17454 name: default.ocivirtualmachinepool.infrastructure.cluster.x-k8s.io 17455 rules: 17456 - apiGroups: 17457 - infrastructure.cluster.x-k8s.io 17458 apiVersions: 17459 - v1beta2 17460 operations: 17461 - CREATE 17462 - UPDATE 17463 resources: 17464 - ocivirtualmachinepools 17465 sideEffects: None 17466 --- 17467 apiVersion: admissionregistration.k8s.io/v1 17468 kind: ValidatingWebhookConfiguration 17469 metadata: 17470 annotations: 17471 cert-manager.io/inject-ca-from: cluster-api-provider-oci-system/capoci-serving-cert 17472 labels: 17473 cluster.x-k8s.io/provider: infrastructure-oci 17474 name: capoci-validating-webhook-configuration 17475 webhooks: 17476 - admissionReviewVersions: 17477 - v1beta1 17478 clientConfig: 17479 service: 17480 name: capoci-webhook-service 17481 namespace: cluster-api-provider-oci-system 17482 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocicluster 17483 failurePolicy: Fail 17484 matchPolicy: Equivalent 17485 name: validation.ocicluster.infrastructure.cluster.x-k8s.io 17486 rules: 17487 - apiGroups: 17488 - infrastructure.cluster.x-k8s.io 17489 apiVersions: 17490 - v1beta2 17491 operations: 17492 - CREATE 17493 - UPDATE 17494 resources: 17495 - ociclusters 17496 sideEffects: None 17497 - admissionReviewVersions: 17498 - v1beta1 17499 clientConfig: 17500 service: 17501 name: capoci-webhook-service 17502 namespace: cluster-api-provider-oci-system 17503 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimachinetemplate 17504 failurePolicy: Fail 17505 matchPolicy: Equivalent 17506 name: validation.ocimachinetemplate.infrastructure.cluster.x-k8s.io 17507 rules: 17508 - apiGroups: 17509 - infrastructure.cluster.x-k8s.io 17510 apiVersions: 17511 - v1beta2 17512 operations: 17513 - CREATE 17514 - UPDATE 17515 resources: 17516 - ocimachinetemplates 17517 sideEffects: None 17518 - admissionReviewVersions: 17519 - v1beta1 17520 clientConfig: 17521 service: 17522 name: capoci-webhook-service 17523 namespace: cluster-api-provider-oci-system 17524 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcluster 17525 failurePolicy: Fail 17526 matchPolicy: Equivalent 17527 name: validation.ocimanagedcluster.infrastructure.cluster.x-k8s.io 17528 rules: 17529 - apiGroups: 17530 - infrastructure.cluster.x-k8s.io 17531 apiVersions: 17532 - v1beta2 17533 operations: 17534 - CREATE 17535 - UPDATE 17536 resources: 17537 - ocimanagedclusters 17538 sideEffects: None 17539 - admissionReviewVersions: 17540 - v1beta1 17541 clientConfig: 17542 service: 17543 name: capoci-webhook-service 17544 namespace: cluster-api-provider-oci-system 17545 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedcontrolplane 17546 failurePolicy: Fail 17547 matchPolicy: Equivalent 17548 name: validation.ocimanagedcontrolplane.infrastructure.cluster.x-k8s.io 17549 rules: 17550 - apiGroups: 17551 - infrastructure.cluster.x-k8s.io 17552 apiVersions: 17553 - v1beta2 17554 operations: 17555 - CREATE 17556 - UPDATE 17557 resources: 17558 - ocimanagedcontrolplanes 17559 sideEffects: None 17560 - admissionReviewVersions: 17561 - v1beta1 17562 clientConfig: 17563 service: 17564 name: capoci-webhook-service 17565 namespace: cluster-api-provider-oci-system 17566 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocimanagedmachinepool 17567 failurePolicy: Fail 17568 matchPolicy: Equivalent 17569 name: validation.ocimanagedmachinepool.infrastructure.cluster.x-k8s.io 17570 rules: 17571 - apiGroups: 17572 - infrastructure.cluster.x-k8s.io 17573 apiVersions: 17574 - v1beta2 17575 operations: 17576 - CREATE 17577 - UPDATE 17578 resources: 17579 - ocimanagedmachinepools 17580 sideEffects: None 17581 - admissionReviewVersions: 17582 - v1beta1 17583 clientConfig: 17584 service: 17585 name: capoci-webhook-service 17586 namespace: cluster-api-provider-oci-system 17587 path: /validate-infrastructure-cluster-x-k8s-io-v1beta2-ocivirtualmachinepool 17588 failurePolicy: Fail 17589 matchPolicy: Equivalent 17590 name: validation.ocivirtualmachinepool.infrastructure.cluster.x-k8s.io 17591 rules: 17592 - apiGroups: 17593 - infrastructure.cluster.x-k8s.io 17594 apiVersions: 17595 - v1beta2 17596 operations: 17597 - CREATE 17598 - UPDATE 17599 resources: 17600 - ocivirtualmachinepools 17601 sideEffects: None