k8c.io/api/v3@v3.0.0-20230904060738-b0a93889c0b6/pkg/apis/kubermatic/v1/preset.go (about) 1 /* 2 Copyright 2023 The Kubermatic Kubernetes Platform contributors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1 18 19 import ( 20 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 ) 22 23 // +genclient 24 // +kubebuilder:resource:scope=Cluster 25 // +kubebuilder:object:generate=true 26 // +kubebuilder:object:root=true 27 // +kubebuilder:printcolumn:JSONPath=".metadata.creationTimestamp",name="Age",type="date" 28 29 // Presets are preconfigured cloud provider credentials that can be applied 30 // to new clusters. This frees end users from having to know the actual 31 // credentials used for their clusters. 32 type Preset struct { 33 metav1.TypeMeta `json:",inline"` 34 metav1.ObjectMeta `json:"metadata,omitempty"` 35 36 Spec PresetSpec `json:"spec"` 37 } 38 39 // Presets specifies default presets for supported providers. 40 type PresetSpec struct { 41 Digitalocean *DigitaloceanPreset `json:"digitalocean,omitempty"` 42 Hetzner *HetznerPreset `json:"hetzner,omitempty"` 43 Azure *AzurePreset `json:"azure,omitempty"` 44 VSphere *VSpherePreset `json:"vsphere,omitempty"` 45 AWS *AWSPreset `json:"aws,omitempty"` 46 OpenStack *OpenStackPreset `json:"openstack,omitempty"` 47 Packet *PacketPreset `json:"packet,omitempty"` 48 GCP *GCPPreset `json:"gcp,omitempty"` 49 KubeVirt *KubeVirtPreset `json:"kubevirt,omitempty"` 50 Alibaba *AlibabaPreset `json:"alibaba,omitempty"` 51 Anexia *AnexiaPreset `json:"anexia,omitempty"` 52 Nutanix *NutanixPreset `json:"nutanix,omitempty"` 53 VMwareCloudDirector *VMwareCloudDirectorPreset `json:"vmwareclouddirector,omitempty"` 54 GKE *GKEPreset `json:"gke,omitempty"` 55 EKS *EKSPreset `json:"eks,omitempty"` 56 AKS *AKSPreset `json:"aks,omitempty"` 57 58 Fake *FakePreset `json:"fake,omitempty"` 59 60 // RequiredEmails is a list of e-mail addresses that this presets should 61 // be restricted to. Each item in the list can be either a full e-mail 62 // address or just a domain name. This restriction is only enforced in the 63 // KKP API. 64 RequiredEmails []string `json:"requiredEmails,omitempty"` 65 66 // Projects is a list of project IDs that this preset is limited to. 67 Projects []string `json:"projects,omitempty"` 68 69 // Only enabled presets will be available in the KKP dashboard. 70 Enabled *bool `json:"enabled,omitempty"` 71 } 72 73 type ProviderPreset struct { 74 // Only enabled presets will be available in the KKP dashboard. 75 Enabled *bool `json:"enabled,omitempty"` 76 // If datacenter is set, this preset is only applicable to the 77 // configured datacenter. 78 Datacenter string `json:"datacenter,omitempty"` 79 } 80 81 type DigitaloceanPreset struct { 82 ProviderPreset `json:",inline"` 83 84 // Token is used to authenticate with the DigitalOcean API. 85 Token string `json:"token"` 86 } 87 88 func (s DigitaloceanPreset) IsValid() bool { 89 return len(s.Token) > 0 90 } 91 92 type HetznerPreset struct { 93 ProviderPreset `json:",inline"` 94 95 // Token is used to authenticate with the Hetzner API. 96 Token string `json:"token"` 97 98 // Network is the pre-existing Hetzner network in which the machines are running. 99 // While machines can be in multiple networks, a single one must be chosen for the 100 // HCloud CCM to work. 101 // If this is empty, the network configured on the datacenter will be used. 102 Network string `json:"network,omitempty"` 103 } 104 105 func (s HetznerPreset) IsValid() bool { 106 return len(s.Token) > 0 107 } 108 109 type AzurePreset struct { 110 ProviderPreset `json:",inline"` 111 112 TenantID string `json:"tenantID"` 113 SubscriptionID string `json:"subscriptionID"` 114 ClientID string `json:"clientID"` 115 ClientSecret string `json:"clientSecret"` 116 117 ResourceGroup string `json:"resourceGroup,omitempty"` 118 VNetResourceGroup string `json:"vnetResourceGroup,omitempty"` 119 VNetName string `json:"vnet,omitempty"` 120 SubnetName string `json:"subnet,omitempty"` 121 RouteTableName string `json:"routeTable,omitempty"` 122 SecurityGroup string `json:"securityGroup,omitempty"` 123 // LoadBalancerSKU sets the LB type that will be used for the Azure cluster; 124 // if empty, "basic" will be used. 125 LoadBalancerSKU AzureLBSKU `json:"loadBalancerSKU"` //nolint:tagliatelle 126 } 127 128 func (s AzurePreset) IsValid() bool { 129 return len(s.TenantID) > 0 && 130 len(s.SubscriptionID) > 0 && 131 len(s.ClientID) > 0 && 132 len(s.ClientSecret) > 0 133 } 134 135 type VSpherePreset struct { 136 ProviderPreset `json:",inline"` 137 138 Username string `json:"username"` 139 Password string `json:"password"` 140 141 VMNetName string `json:"vmNetName,omitempty"` 142 Datastore string `json:"datastore,omitempty"` 143 DatastoreCluster string `json:"datastoreCluster,omitempty"` 144 ResourcePool string `json:"resourcePool,omitempty"` 145 } 146 147 func (s VSpherePreset) IsValid() bool { 148 return len(s.Username) > 0 && len(s.Password) > 0 149 } 150 151 type VMwareCloudDirectorPreset struct { 152 ProviderPreset `json:",inline"` 153 154 Username string `json:"username,omitempty"` 155 Password string `json:"password,omitempty"` 156 APIToken string `json:"apiToken,omitempty"` 157 VDC string `json:"vdc"` 158 Organization string `json:"organization"` 159 OVDCNetwork string `json:"ovdcNetwork"` 160 } 161 162 func (s VMwareCloudDirectorPreset) IsValid() bool { 163 return ((len(s.Username) > 0 && 164 len(s.Password) > 0) || 165 len(s.APIToken) > 0) && 166 len(s.VDC) > 0 && 167 len(s.Organization) > 0 && 168 len(s.OVDCNetwork) > 0 169 } 170 171 type AWSPreset struct { 172 ProviderPreset `json:",inline"` 173 174 // Access Key ID to authenticate against AWS. 175 AccessKeyID string `json:"accessKeyID"` 176 // Secret Access Key to authenticate against AWS. 177 SecretAccessKey string `json:"secretAccessKey"` 178 179 AssumeRoleARN string `json:"assumeRoleARN,omitempty"` //nolint:tagliatelle 180 AssumeRoleExternalID string `json:"assumeRoleExternalID,omitempty"` 181 182 // AWS VPC to use. Must be configured. 183 VPCID string `json:"vpcID,omitempty"` 184 // Route table to use. This can be configured, but if left empty will be 185 // automatically filled in during reconciliation. 186 RouteTableID string `json:"routeTableID,omitempty"` 187 // Instance profile to use. This can be configured, but if left empty will be 188 // automatically filled in during reconciliation. 189 InstanceProfileName string `json:"instanceProfileName,omitempty"` 190 // Security group to use. This can be configured, but if left empty will be 191 // automatically filled in during reconciliation. 192 SecurityGroupID string `json:"securityGroupID,omitempty"` 193 // ARN to use. This can be configured, but if left empty will be 194 // automatically filled in during reconciliation. 195 ControlPlaneRoleARN string `json:"roleARN,omitempty"` //nolint:tagliatelle 196 } 197 198 func (s AWSPreset) IsValid() bool { 199 return len(s.AccessKeyID) > 0 && len(s.SecretAccessKey) > 0 200 } 201 202 type OpenStackPreset struct { 203 ProviderPreset `json:",inline"` 204 205 UseToken bool `json:"useToken,omitempty"` 206 207 ApplicationCredentialID string `json:"applicationCredentialID,omitempty"` 208 ApplicationCredentialSecret string `json:"applicationCredentialSecret,omitempty"` 209 210 Username string `json:"username,omitempty"` 211 Password string `json:"password,omitempty"` 212 Project string `json:"project,omitempty"` 213 ProjectID string `json:"projectID,omitempty"` 214 Domain string `json:"domain"` 215 216 Network string `json:"network,omitempty"` 217 SecurityGroups string `json:"securityGroups,omitempty"` 218 FloatingIPPool string `json:"floatingIPPool,omitempty"` 219 RouterID string `json:"routerID,omitempty"` 220 SubnetID string `json:"subnetID,omitempty"` 221 } 222 223 func (s OpenStackPreset) IsValid() bool { 224 if s.UseToken { 225 return true 226 } 227 228 if len(s.ApplicationCredentialID) > 0 { 229 return len(s.ApplicationCredentialSecret) > 0 230 } 231 232 return len(s.Username) > 0 && 233 len(s.Password) > 0 && 234 (len(s.Project) > 0 || len(s.ProjectID) > 0) && 235 len(s.Domain) > 0 236 } 237 238 type PacketPreset struct { 239 ProviderPreset `json:",inline"` 240 241 APIKey string `json:"apiKey"` 242 ProjectID string `json:"projectID"` 243 244 BillingCycle string `json:"billingCycle,omitempty"` 245 } 246 247 func (s PacketPreset) IsValid() bool { 248 return len(s.APIKey) > 0 && len(s.ProjectID) > 0 249 } 250 251 type GCPPreset struct { 252 ProviderPreset `json:",inline"` 253 254 ServiceAccount string `json:"serviceAccount"` 255 256 Network string `json:"network,omitempty"` 257 Subnetwork string `json:"subnetwork,omitempty"` 258 } 259 260 func (s GCPPreset) IsValid() bool { 261 return len(s.ServiceAccount) > 0 262 } 263 264 type FakePreset struct { 265 ProviderPreset `json:",inline"` 266 267 Token string `json:"token"` 268 } 269 270 func (s FakePreset) IsValid() bool { 271 return len(s.Token) > 0 272 } 273 274 type KubeVirtPreset struct { 275 ProviderPreset `json:",inline"` 276 277 Kubeconfig string `json:"kubeconfig"` 278 } 279 280 func (s KubeVirtPreset) IsValid() bool { 281 return len(s.Kubeconfig) > 0 282 } 283 284 type AlibabaPreset struct { 285 ProviderPreset `json:",inline"` 286 287 // Access Key ID to authenticate against Alibaba. 288 AccessKeyID string `json:"accessKeyID"` 289 // Access Key Secret to authenticate against Alibaba. 290 AccessKeySecret string `json:"accessKeySecret"` 291 } 292 293 func (s AlibabaPreset) IsValid() bool { 294 return len(s.AccessKeyID) > 0 && 295 len(s.AccessKeySecret) > 0 296 } 297 298 type AnexiaPreset struct { 299 ProviderPreset `json:",inline"` 300 301 // Token is used to authenticate with the Anexia API. 302 Token string `json:"token"` 303 } 304 305 func (s AnexiaPreset) IsValid() bool { 306 return len(s.Token) > 0 307 } 308 309 type NutanixPreset struct { 310 ProviderPreset `json:",inline"` 311 312 // ProxyURL is used to optionally configure a HTTP proxy to access Nutanix Prism Central. 313 ProxyURL string `json:"proxyURL,omitempty"` 314 // Username is the username to access the Nutanix Prism Central API. 315 Username string `json:"username"` 316 // Password is the password corresponding to the provided user. 317 Password string `json:"password"` 318 319 // ClusterName is the Nutanix cluster to deploy resources and nodes to. 320 ClusterName string `json:"clusterName"` 321 // ProjectName is the optional Nutanix project to use. If none is given, 322 // no project will be used. 323 ProjectName string `json:"projectName,omitempty"` 324 325 // Prism Element Username for csi driver 326 CSIUsername string `json:"csiUsername,omitempty"` 327 328 // Prism Element Password for csi driver 329 CSIPassword string `json:"csiPassword,omitempty"` 330 331 // CSIEndpoint to access Nutanix Prism Element for csi driver 332 CSIEndpoint string `json:"csiEndpoint,omitempty"` 333 334 // CSIPort to use when connecting to the Nutanix Prism Element endpoint (defaults to 9440) 335 CSIPort *int32 `json:"csiPort,omitempty"` 336 } 337 338 func (s NutanixPreset) IsValid() bool { 339 return len(s.Username) > 0 && len(s.Password) > 0 340 } 341 342 type GKEPreset struct { 343 ProviderPreset `json:",inline"` 344 345 ServiceAccount string `json:"serviceAccount"` 346 } 347 348 func (s GKEPreset) IsValid() bool { 349 return len(s.ServiceAccount) > 0 350 } 351 352 type EKSPreset struct { 353 ProviderPreset `json:",inline"` 354 355 AccessKeyID string `json:"accessKeyID"` 356 SecretAccessKey string `json:"secretAccessKey"` 357 AssumeRoleARN string `json:"assumeRoleARN,omitempty"` //nolint:tagliatelle 358 AssumeRoleExternalID string `json:"assumeRoleExternalID,omitempty"` 359 } 360 361 func (s EKSPreset) IsValid() bool { 362 return len(s.AccessKeyID) > 0 && 363 len(s.SecretAccessKey) > 0 364 } 365 366 type AKSPreset struct { 367 ProviderPreset `json:",inline"` 368 369 TenantID string `json:"tenantID"` 370 SubscriptionID string `json:"subscriptionID"` 371 ClientID string `json:"clientID"` 372 ClientSecret string `json:"clientSecret"` 373 } 374 375 func (s AKSPreset) IsValid() bool { 376 return len(s.TenantID) > 0 && 377 len(s.SubscriptionID) > 0 && 378 len(s.ClientID) > 0 && 379 len(s.ClientSecret) > 0 380 } 381 382 // +kubebuilder:object:generate=true 383 // +kubebuilder:object:root=true 384 385 // PresetList is the type representing a PresetList. 386 type PresetList struct { 387 metav1.TypeMeta `json:",inline"` 388 metav1.ListMeta `json:"metadata,omitempty"` 389 390 Items []Preset `json:"items"` 391 }