sigs.k8s.io/cluster-api-provider-aws@v1.5.5/config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.7.1-0.20211110210727-ab52f76cc7d1 7 creationTimestamp: null 8 name: awsclusters.infrastructure.cluster.x-k8s.io 9 spec: 10 group: infrastructure.cluster.x-k8s.io 11 names: 12 categories: 13 - cluster-api 14 kind: AWSCluster 15 listKind: AWSClusterList 16 plural: awsclusters 17 shortNames: 18 - awsc 19 singular: awscluster 20 scope: Namespaced 21 versions: 22 - additionalPrinterColumns: 23 - description: Cluster to which this AWSCluster belongs 24 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 25 name: Cluster 26 type: string 27 - description: Cluster infrastructure is ready for EC2 instances 28 jsonPath: .status.ready 29 name: Ready 30 type: string 31 - description: AWS VPC the cluster is using 32 jsonPath: .spec.networkSpec.vpc.id 33 name: VPC 34 type: string 35 - description: API Endpoint 36 jsonPath: .spec.controlPlaneEndpoint 37 name: Endpoint 38 priority: 1 39 type: string 40 - description: Bastion IP address for breakglass access 41 jsonPath: .status.bastion.publicIp 42 name: Bastion IP 43 type: string 44 name: v1alpha3 45 schema: 46 openAPIV3Schema: 47 description: AWSCluster is the Schema for the awsclusters API. 48 properties: 49 apiVersion: 50 description: 'APIVersion defines the versioned schema of this representation 51 of an object. Servers should convert recognized schemas to the latest 52 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 53 type: string 54 kind: 55 description: 'Kind is a string value representing the REST resource this 56 object represents. Servers may infer this from the endpoint the client 57 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 58 type: string 59 metadata: 60 type: object 61 spec: 62 description: AWSClusterSpec defines the desired state of AWSCluster. 63 properties: 64 additionalTags: 65 additionalProperties: 66 type: string 67 description: AdditionalTags is an optional set of tags to add to AWS 68 resources managed by the AWS provider, in addition to the ones added 69 by default. 70 type: object 71 bastion: 72 description: Bastion contains options to configure the bastion host. 73 properties: 74 allowedCIDRBlocks: 75 description: AllowedCIDRBlocks is a list of CIDR blocks allowed 76 to access the bastion host. They are set as ingress rules for 77 the Bastion host's Security Group (defaults to 0.0.0.0/0). 78 items: 79 type: string 80 type: array 81 ami: 82 description: AMI will use the specified AMI to boot the bastion. 83 If not specified, the AMI will default to one picked out in 84 public space. 85 type: string 86 disableIngressRules: 87 description: DisableIngressRules will ensure there are no Ingress 88 rules in the bastion host's security group. Requires AllowedCIDRBlocks 89 to be empty. 90 type: boolean 91 enabled: 92 description: Enabled allows this provider to create a bastion 93 host instance with a public ip to access the VPC private network. 94 type: boolean 95 instanceType: 96 description: InstanceType will use the specified instance type 97 for the bastion. If not specified, Cluster API Provider AWS 98 will use t3.micro for all regions except us-east-1, where t2.micro 99 will be the default. 100 type: string 101 type: object 102 controlPlaneEndpoint: 103 description: ControlPlaneEndpoint represents the endpoint used to 104 communicate with the control plane. 105 properties: 106 host: 107 description: The hostname on which the API server is serving. 108 type: string 109 port: 110 description: The port on which the API server is serving. 111 format: int32 112 type: integer 113 required: 114 - host 115 - port 116 type: object 117 controlPlaneLoadBalancer: 118 description: ControlPlaneLoadBalancer is optional configuration for 119 customizing control plane behavior. 120 properties: 121 additionalSecurityGroups: 122 description: AdditionalSecurityGroups sets the security groups 123 used by the load balancer. Expected to be security group IDs 124 This is optional - if not provided new security groups will 125 be created for the load balancer 126 items: 127 type: string 128 type: array 129 crossZoneLoadBalancing: 130 description: "CrossZoneLoadBalancing enables the classic ELB cross 131 availability zone balancing. \n With cross-zone load balancing, 132 each load balancer node for your Classic Load Balancer distributes 133 requests evenly across the registered instances in all enabled 134 Availability Zones. If cross-zone load balancing is disabled, 135 each load balancer node distributes requests evenly across the 136 registered instances in its Availability Zone only. \n Defaults 137 to false." 138 type: boolean 139 scheme: 140 default: internet-facing 141 description: Scheme sets the scheme of the load balancer (defaults 142 to internet-facing) 143 enum: 144 - internet-facing 145 - Internet-facing 146 - internal 147 type: string 148 subnets: 149 description: Subnets sets the subnets that should be applied to 150 the control plane load balancer (defaults to discovered subnets 151 for managed VPCs or an empty set for unmanaged VPCs) 152 items: 153 type: string 154 type: array 155 type: object 156 identityRef: 157 description: IdentityRef is a reference to a identity to be used when 158 reconciling this cluster 159 properties: 160 kind: 161 description: Kind of the identity. 162 enum: 163 - AWSClusterControllerIdentity 164 - AWSClusterRoleIdentity 165 - AWSClusterStaticIdentity 166 type: string 167 name: 168 description: Name of the identity. 169 minLength: 1 170 type: string 171 required: 172 - kind 173 - name 174 type: object 175 imageLookupBaseOS: 176 description: ImageLookupBaseOS is the name of the base operating system 177 used to look up machine images when a machine does not specify an 178 AMI. When set, this will be used for all cluster machines unless 179 a machine specifies a different ImageLookupBaseOS. 180 type: string 181 imageLookupFormat: 182 description: 'ImageLookupFormat is the AMI naming format to look up 183 machine images when a machine does not specify an AMI. When set, 184 this will be used for all cluster machines unless a machine specifies 185 a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} 186 and {{.K8sVersion}} with the base OS and kubernetes version, respectively. 187 The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the 188 default), and the kubernetes version as defined by the packages 189 produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, 190 or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* 191 will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* 192 for a Machine that is targeting kubernetes v1.18.0 and the ubuntu 193 base OS. See also: https://golang.org/pkg/text/template/' 194 type: string 195 imageLookupOrg: 196 description: ImageLookupOrg is the AWS Organization ID to look up 197 machine images when a machine does not specify an AMI. When set, 198 this will be used for all cluster machines unless a machine specifies 199 a different ImageLookupOrg. 200 type: string 201 networkSpec: 202 description: NetworkSpec encapsulates all things related to AWS network. 203 properties: 204 cni: 205 description: CNI configuration 206 properties: 207 cniIngressRules: 208 description: CNIIngressRules specify rules to apply to control 209 plane and worker node security groups. The source for the 210 rule will be set to control plane and worker security group 211 IDs. 212 items: 213 description: CNIIngressRule defines an AWS ingress rule 214 for CNI requirements. 215 properties: 216 description: 217 type: string 218 fromPort: 219 format: int64 220 type: integer 221 protocol: 222 description: SecurityGroupProtocol defines the protocol 223 type for a security group rule. 224 type: string 225 toPort: 226 format: int64 227 type: integer 228 required: 229 - description 230 - fromPort 231 - protocol 232 - toPort 233 type: object 234 type: array 235 type: object 236 securityGroupOverrides: 237 additionalProperties: 238 type: string 239 description: SecurityGroupOverrides is an optional set of security 240 groups to use for cluster instances This is optional - if not 241 provided new security groups will be created for the cluster 242 type: object 243 subnets: 244 description: Subnets configuration. 245 items: 246 description: SubnetSpec configures an AWS Subnet. 247 properties: 248 availabilityZone: 249 description: AvailabilityZone defines the availability zone 250 to use for this subnet in the cluster's region. 251 type: string 252 cidrBlock: 253 description: CidrBlock is the CIDR block to be used when 254 the provider creates a managed VPC. 255 type: string 256 id: 257 description: ID defines a unique identifier to reference 258 this resource. 259 type: string 260 isPublic: 261 description: IsPublic defines the subnet as a public subnet. 262 A subnet is public when it is associated with a route 263 table that has a route to an internet gateway. 264 type: boolean 265 natGatewayId: 266 description: NatGatewayID is the NAT gateway id associated 267 with the subnet. Ignored unless the subnet is managed 268 by the provider, in which case this is set on the public 269 subnet where the NAT gateway resides. It is then used 270 to determine routes for private subnets in the same AZ 271 as the public subnet. 272 type: string 273 routeTableId: 274 description: RouteTableID is the routing table id associated 275 with the subnet. 276 type: string 277 tags: 278 additionalProperties: 279 type: string 280 description: Tags is a collection of tags describing the 281 resource. 282 type: object 283 type: object 284 type: array 285 vpc: 286 description: VPC configuration. 287 properties: 288 availabilityZoneSelection: 289 default: Ordered 290 description: 'AvailabilityZoneSelection specifies how AZs 291 should be selected if there are more AZs in a region than 292 specified by AvailabilityZoneUsageLimit. There are 2 selection 293 schemes: Ordered - selects based on alphabetical order Random 294 - selects AZs randomly in a region Defaults to Ordered' 295 enum: 296 - Ordered 297 - Random 298 type: string 299 availabilityZoneUsageLimit: 300 default: 3 301 description: AvailabilityZoneUsageLimit specifies the maximum 302 number of availability zones (AZ) that should be used in 303 a region when automatically creating subnets. If a region 304 has more than this number of AZs then this number of AZs 305 will be picked randomly when creating default subnets. Defaults 306 to 3 307 minimum: 1 308 type: integer 309 cidrBlock: 310 description: CidrBlock is the CIDR block to be used when the 311 provider creates a managed VPC. Defaults to 10.0.0.0/16. 312 type: string 313 id: 314 description: ID is the vpc-id of the VPC this provider should 315 use to create resources. 316 type: string 317 internetGatewayId: 318 description: InternetGatewayID is the id of the internet gateway 319 associated with the VPC. 320 type: string 321 tags: 322 additionalProperties: 323 type: string 324 description: Tags is a collection of tags describing the resource. 325 type: object 326 type: object 327 type: object 328 region: 329 description: The AWS Region the cluster lives in. 330 type: string 331 sshKeyName: 332 description: SSHKeyName is the name of the ssh key to attach to the 333 bastion host. Valid values are empty string (do not use SSH keys), 334 a valid SSH key name, or omitted (use the default SSH key name) 335 type: string 336 type: object 337 status: 338 description: AWSClusterStatus defines the observed state of AWSCluster. 339 properties: 340 bastion: 341 description: Instance describes an AWS instance. 342 properties: 343 addresses: 344 description: Addresses contains the AWS instance associated addresses. 345 items: 346 description: MachineAddress contains information for the node's 347 address. 348 properties: 349 address: 350 description: The machine address. 351 type: string 352 type: 353 description: Machine address type, one of Hostname, ExternalIP 354 or InternalIP. 355 type: string 356 required: 357 - address 358 - type 359 type: object 360 type: array 361 availabilityZone: 362 description: Availability zone of instance 363 type: string 364 ebsOptimized: 365 description: Indicates whether the instance is optimized for Amazon 366 EBS I/O. 367 type: boolean 368 enaSupport: 369 description: Specifies whether enhanced networking with ENA is 370 enabled. 371 type: boolean 372 iamProfile: 373 description: The name of the IAM instance profile associated with 374 the instance, if applicable. 375 type: string 376 id: 377 type: string 378 imageId: 379 description: The ID of the AMI used to launch the instance. 380 type: string 381 instanceState: 382 description: The current state of the instance. 383 type: string 384 networkInterfaces: 385 description: Specifies ENIs attached to instance 386 items: 387 type: string 388 type: array 389 nonRootVolumes: 390 description: Configuration options for the non root storage volumes. 391 items: 392 description: Volume encapsulates the configuration options for 393 the storage device 394 properties: 395 deviceName: 396 description: Device name 397 type: string 398 encrypted: 399 description: Encrypted is whether the volume should be encrypted 400 or not. 401 type: boolean 402 encryptionKey: 403 description: EncryptionKey is the KMS key to use to encrypt 404 the volume. Can be either a KMS key ID or ARN. If Encrypted 405 is set and this is omitted, the default AWS key will be 406 used. The key must already exist and be accessible by 407 the controller. 408 type: string 409 iops: 410 description: IOPS is the number of IOPS requested for the 411 disk. Not applicable to all types. 412 format: int64 413 type: integer 414 size: 415 description: Size specifies size (in Gi) of the storage 416 device. Must be greater than the image snapshot size or 417 8 (whichever is greater). 418 format: int64 419 minimum: 8 420 type: integer 421 type: 422 description: Type is the type of the volume (e.g. gp2, io1, 423 etc...). 424 type: string 425 required: 426 - size 427 type: object 428 type: array 429 privateIp: 430 description: The private IPv4 address assigned to the instance. 431 type: string 432 publicIp: 433 description: The public IPv4 address assigned to the instance, 434 if applicable. 435 type: string 436 rootVolume: 437 description: Configuration options for the root storage volume. 438 properties: 439 deviceName: 440 description: Device name 441 type: string 442 encrypted: 443 description: Encrypted is whether the volume should be encrypted 444 or not. 445 type: boolean 446 encryptionKey: 447 description: EncryptionKey is the KMS key to use to encrypt 448 the volume. Can be either a KMS key ID or ARN. If Encrypted 449 is set and this is omitted, the default AWS key will be 450 used. The key must already exist and be accessible by the 451 controller. 452 type: string 453 iops: 454 description: IOPS is the number of IOPS requested for the 455 disk. Not applicable to all types. 456 format: int64 457 type: integer 458 size: 459 description: Size specifies size (in Gi) of the storage device. 460 Must be greater than the image snapshot size or 8 (whichever 461 is greater). 462 format: int64 463 minimum: 8 464 type: integer 465 type: 466 description: Type is the type of the volume (e.g. gp2, io1, 467 etc...). 468 type: string 469 required: 470 - size 471 type: object 472 securityGroupIds: 473 description: SecurityGroupIDs are one or more security group IDs 474 this instance belongs to. 475 items: 476 type: string 477 type: array 478 spotMarketOptions: 479 description: SpotMarketOptions option for configuring instances 480 to be run using AWS Spot instances. 481 properties: 482 maxPrice: 483 description: MaxPrice defines the maximum price the user is 484 willing to pay for Spot VM instances 485 type: string 486 type: object 487 sshKeyName: 488 description: The name of the SSH key pair. 489 type: string 490 subnetId: 491 description: The ID of the subnet of the instance. 492 type: string 493 tags: 494 additionalProperties: 495 type: string 496 description: The tags associated with the instance. 497 type: object 498 tenancy: 499 description: Tenancy indicates if instance should run on shared 500 or single-tenant hardware. 501 type: string 502 type: 503 description: The instance type. 504 type: string 505 userData: 506 description: UserData is the raw data script passed to the instance 507 which is run upon bootstrap. This field must not be base64 encoded 508 and should only be used when running a new instance. 509 type: string 510 required: 511 - id 512 type: object 513 conditions: 514 description: Conditions provide observations of the operational state 515 of a Cluster API resource. 516 items: 517 description: Condition defines an observation of a Cluster API resource 518 operational state. 519 properties: 520 lastTransitionTime: 521 description: Last time the condition transitioned from one status 522 to another. This should be when the underlying condition changed. 523 If that is not known, then using the time when the API field 524 changed is acceptable. 525 format: date-time 526 type: string 527 message: 528 description: A human readable message indicating details about 529 the transition. This field may be empty. 530 type: string 531 reason: 532 description: The reason for the condition's last transition 533 in CamelCase. The specific API may choose whether or not this 534 field is considered a guaranteed API. This field may not be 535 empty. 536 type: string 537 severity: 538 description: Severity provides an explicit classification of 539 Reason code, so the users or machines can immediately understand 540 the current situation and act accordingly. The Severity field 541 MUST be set only when Status=False. 542 type: string 543 status: 544 description: Status of the condition, one of True, False, Unknown. 545 type: string 546 type: 547 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 548 Many .condition.type values are consistent across resources 549 like Available, but because arbitrary conditions can be useful 550 (see .node.status.conditions), the ability to deconflict is 551 important. 552 type: string 553 required: 554 - status 555 - type 556 type: object 557 type: array 558 failureDomains: 559 additionalProperties: 560 description: FailureDomainSpec is the Schema for Cluster API failure 561 domains. It allows controllers to understand how many failure 562 domains a cluster can optionally span across. 563 properties: 564 attributes: 565 additionalProperties: 566 type: string 567 description: Attributes is a free form map of attributes an 568 infrastructure provider might use or require. 569 type: object 570 controlPlane: 571 description: ControlPlane determines if this failure domain 572 is suitable for use by control plane machines. 573 type: boolean 574 type: object 575 description: FailureDomains is a slice of FailureDomains. 576 type: object 577 network: 578 description: Network encapsulates AWS networking resources. 579 properties: 580 apiServerElb: 581 description: APIServerELB is the Kubernetes api server classic 582 load balancer. 583 properties: 584 attributes: 585 description: Attributes defines extra attributes associated 586 with the load balancer. 587 properties: 588 crossZoneLoadBalancing: 589 description: CrossZoneLoadBalancing enables the classic 590 load balancer load balancing. 591 type: boolean 592 idleTimeout: 593 description: IdleTimeout is time that the connection is 594 allowed to be idle (no data has been sent over the connection) 595 before it is closed by the load balancer. 596 format: int64 597 type: integer 598 type: object 599 availabilityZones: 600 description: AvailabilityZones is an array of availability 601 zones in the VPC attached to the load balancer. 602 items: 603 type: string 604 type: array 605 dnsName: 606 description: DNSName is the dns name of the load balancer. 607 type: string 608 healthChecks: 609 description: HealthCheck is the classic elb health check associated 610 with the load balancer. 611 properties: 612 healthyThreshold: 613 format: int64 614 type: integer 615 interval: 616 description: A Duration represents the elapsed time between 617 two instants as an int64 nanosecond count. The representation 618 limits the largest representable duration to approximately 619 290 years. 620 format: int64 621 type: integer 622 target: 623 type: string 624 timeout: 625 description: A Duration represents the elapsed time between 626 two instants as an int64 nanosecond count. The representation 627 limits the largest representable duration to approximately 628 290 years. 629 format: int64 630 type: integer 631 unhealthyThreshold: 632 format: int64 633 type: integer 634 required: 635 - healthyThreshold 636 - interval 637 - target 638 - timeout 639 - unhealthyThreshold 640 type: object 641 listeners: 642 description: Listeners is an array of classic elb listeners 643 associated with the load balancer. There must be at least 644 one. 645 items: 646 description: ClassicELBListener defines an AWS classic load 647 balancer listener. 648 properties: 649 instancePort: 650 format: int64 651 type: integer 652 instanceProtocol: 653 description: ClassicELBProtocol defines listener protocols 654 for a classic load balancer. 655 type: string 656 port: 657 format: int64 658 type: integer 659 protocol: 660 description: ClassicELBProtocol defines listener protocols 661 for a classic load balancer. 662 type: string 663 required: 664 - instancePort 665 - instanceProtocol 666 - port 667 - protocol 668 type: object 669 type: array 670 name: 671 description: The name of the load balancer. It must be unique 672 within the set of load balancers defined in the region. 673 It also serves as identifier. 674 type: string 675 scheme: 676 description: Scheme is the load balancer scheme, either internet-facing 677 or private. 678 type: string 679 securityGroupIds: 680 description: SecurityGroupIDs is an array of security groups 681 assigned to the load balancer. 682 items: 683 type: string 684 type: array 685 subnetIds: 686 description: SubnetIDs is an array of subnets in the VPC attached 687 to the load balancer. 688 items: 689 type: string 690 type: array 691 tags: 692 additionalProperties: 693 type: string 694 description: Tags is a map of tags associated with the load 695 balancer. 696 type: object 697 type: object 698 securityGroups: 699 additionalProperties: 700 description: SecurityGroup defines an AWS security group. 701 properties: 702 id: 703 description: ID is a unique identifier. 704 type: string 705 ingressRule: 706 description: IngressRules is the inbound rules associated 707 with the security group. 708 items: 709 description: IngressRule defines an AWS ingress rule for 710 security groups. 711 properties: 712 cidrBlocks: 713 description: List of CIDR blocks to allow access from. 714 Cannot be specified with SourceSecurityGroupID. 715 items: 716 type: string 717 type: array 718 description: 719 type: string 720 fromPort: 721 format: int64 722 type: integer 723 protocol: 724 description: SecurityGroupProtocol defines the protocol 725 type for a security group rule. 726 type: string 727 sourceSecurityGroupIds: 728 description: The security group id to allow access 729 from. Cannot be specified with CidrBlocks. 730 items: 731 type: string 732 type: array 733 toPort: 734 format: int64 735 type: integer 736 required: 737 - description 738 - fromPort 739 - protocol 740 - toPort 741 type: object 742 type: array 743 name: 744 description: Name is the security group name. 745 type: string 746 tags: 747 additionalProperties: 748 type: string 749 description: Tags is a map of tags associated with the security 750 group. 751 type: object 752 required: 753 - id 754 - name 755 type: object 756 description: SecurityGroups is a map from the role/kind of the 757 security group to its unique name, if any. 758 type: object 759 type: object 760 ready: 761 default: false 762 type: boolean 763 required: 764 - ready 765 type: object 766 type: object 767 served: true 768 storage: false 769 subresources: 770 status: {} 771 - additionalPrinterColumns: 772 - description: Cluster to which this AWSCluster belongs 773 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 774 name: Cluster 775 type: string 776 - description: Cluster infrastructure is ready for EC2 instances 777 jsonPath: .status.ready 778 name: Ready 779 type: string 780 - description: AWS VPC the cluster is using 781 jsonPath: .spec.network.vpc.id 782 name: VPC 783 type: string 784 - description: API Endpoint 785 jsonPath: .spec.controlPlaneEndpoint 786 name: Endpoint 787 priority: 1 788 type: string 789 - description: Bastion IP address for breakglass access 790 jsonPath: .status.bastion.publicIp 791 name: Bastion IP 792 type: string 793 name: v1alpha4 794 schema: 795 openAPIV3Schema: 796 description: AWSCluster is the Schema for the awsclusters API. 797 properties: 798 apiVersion: 799 description: 'APIVersion defines the versioned schema of this representation 800 of an object. Servers should convert recognized schemas to the latest 801 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 802 type: string 803 kind: 804 description: 'Kind is a string value representing the REST resource this 805 object represents. Servers may infer this from the endpoint the client 806 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 807 type: string 808 metadata: 809 type: object 810 spec: 811 description: AWSClusterSpec defines the desired state of AWSCluster 812 properties: 813 additionalTags: 814 additionalProperties: 815 type: string 816 description: AdditionalTags is an optional set of tags to add to AWS 817 resources managed by the AWS provider, in addition to the ones added 818 by default. 819 type: object 820 bastion: 821 description: Bastion contains options to configure the bastion host. 822 properties: 823 allowedCIDRBlocks: 824 description: AllowedCIDRBlocks is a list of CIDR blocks allowed 825 to access the bastion host. They are set as ingress rules for 826 the Bastion host's Security Group (defaults to 0.0.0.0/0). 827 items: 828 type: string 829 type: array 830 ami: 831 description: AMI will use the specified AMI to boot the bastion. 832 If not specified, the AMI will default to one picked out in 833 public space. 834 type: string 835 disableIngressRules: 836 description: DisableIngressRules will ensure there are no Ingress 837 rules in the bastion host's security group. Requires AllowedCIDRBlocks 838 to be empty. 839 type: boolean 840 enabled: 841 description: Enabled allows this provider to create a bastion 842 host instance with a public ip to access the VPC private network. 843 type: boolean 844 instanceType: 845 description: InstanceType will use the specified instance type 846 for the bastion. If not specified, Cluster API Provider AWS 847 will use t3.micro for all regions except us-east-1, where t2.micro 848 will be the default. 849 type: string 850 type: object 851 controlPlaneEndpoint: 852 description: ControlPlaneEndpoint represents the endpoint used to 853 communicate with the control plane. 854 properties: 855 host: 856 description: The hostname on which the API server is serving. 857 type: string 858 port: 859 description: The port on which the API server is serving. 860 format: int32 861 type: integer 862 required: 863 - host 864 - port 865 type: object 866 controlPlaneLoadBalancer: 867 description: ControlPlaneLoadBalancer is optional configuration for 868 customizing control plane behavior. 869 properties: 870 additionalSecurityGroups: 871 description: AdditionalSecurityGroups sets the security groups 872 used by the load balancer. Expected to be security group IDs 873 This is optional - if not provided new security groups will 874 be created for the load balancer 875 items: 876 type: string 877 type: array 878 crossZoneLoadBalancing: 879 description: "CrossZoneLoadBalancing enables the classic ELB cross 880 availability zone balancing. \n With cross-zone load balancing, 881 each load balancer node for your Classic Load Balancer distributes 882 requests evenly across the registered instances in all enabled 883 Availability Zones. If cross-zone load balancing is disabled, 884 each load balancer node distributes requests evenly across the 885 registered instances in its Availability Zone only. \n Defaults 886 to false." 887 type: boolean 888 scheme: 889 default: internet-facing 890 description: Scheme sets the scheme of the load balancer (defaults 891 to internet-facing) 892 enum: 893 - internet-facing 894 - Internet-facing 895 - internal 896 type: string 897 subnets: 898 description: Subnets sets the subnets that should be applied to 899 the control plane load balancer (defaults to discovered subnets 900 for managed VPCs or an empty set for unmanaged VPCs) 901 items: 902 type: string 903 type: array 904 type: object 905 identityRef: 906 description: IdentityRef is a reference to a identity to be used when 907 reconciling this cluster 908 properties: 909 kind: 910 description: Kind of the identity. 911 enum: 912 - AWSClusterControllerIdentity 913 - AWSClusterRoleIdentity 914 - AWSClusterStaticIdentity 915 type: string 916 name: 917 description: Name of the identity. 918 minLength: 1 919 type: string 920 required: 921 - kind 922 - name 923 type: object 924 imageLookupBaseOS: 925 description: ImageLookupBaseOS is the name of the base operating system 926 used to look up machine images when a machine does not specify an 927 AMI. When set, this will be used for all cluster machines unless 928 a machine specifies a different ImageLookupBaseOS. 929 type: string 930 imageLookupFormat: 931 description: 'ImageLookupFormat is the AMI naming format to look up 932 machine images when a machine does not specify an AMI. When set, 933 this will be used for all cluster machines unless a machine specifies 934 a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} 935 and {{.K8sVersion}} with the base OS and kubernetes version, respectively. 936 The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the 937 default), and the kubernetes version as defined by the packages 938 produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, 939 or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* 940 will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* 941 for a Machine that is targeting kubernetes v1.18.0 and the ubuntu 942 base OS. See also: https://golang.org/pkg/text/template/' 943 type: string 944 imageLookupOrg: 945 description: ImageLookupOrg is the AWS Organization ID to look up 946 machine images when a machine does not specify an AMI. When set, 947 this will be used for all cluster machines unless a machine specifies 948 a different ImageLookupOrg. 949 type: string 950 network: 951 description: NetworkSpec encapsulates all things related to AWS network. 952 properties: 953 cni: 954 description: CNI configuration 955 properties: 956 cniIngressRules: 957 description: CNIIngressRules specify rules to apply to control 958 plane and worker node security groups. The source for the 959 rule will be set to control plane and worker security group 960 IDs. 961 items: 962 description: CNIIngressRule defines an AWS ingress rule 963 for CNI requirements. 964 properties: 965 description: 966 type: string 967 fromPort: 968 format: int64 969 type: integer 970 protocol: 971 description: SecurityGroupProtocol defines the protocol 972 type for a security group rule. 973 type: string 974 toPort: 975 format: int64 976 type: integer 977 required: 978 - description 979 - fromPort 980 - protocol 981 - toPort 982 type: object 983 type: array 984 type: object 985 securityGroupOverrides: 986 additionalProperties: 987 type: string 988 description: SecurityGroupOverrides is an optional set of security 989 groups to use for cluster instances This is optional - if not 990 provided new security groups will be created for the cluster 991 type: object 992 subnets: 993 description: Subnets configuration. 994 items: 995 description: SubnetSpec configures an AWS Subnet. 996 properties: 997 availabilityZone: 998 description: AvailabilityZone defines the availability zone 999 to use for this subnet in the cluster's region. 1000 type: string 1001 cidrBlock: 1002 description: CidrBlock is the CIDR block to be used when 1003 the provider creates a managed VPC. 1004 type: string 1005 id: 1006 description: ID defines a unique identifier to reference 1007 this resource. 1008 type: string 1009 isPublic: 1010 description: IsPublic defines the subnet as a public subnet. 1011 A subnet is public when it is associated with a route 1012 table that has a route to an internet gateway. 1013 type: boolean 1014 natGatewayId: 1015 description: NatGatewayID is the NAT gateway id associated 1016 with the subnet. Ignored unless the subnet is managed 1017 by the provider, in which case this is set on the public 1018 subnet where the NAT gateway resides. It is then used 1019 to determine routes for private subnets in the same AZ 1020 as the public subnet. 1021 type: string 1022 routeTableId: 1023 description: RouteTableID is the routing table id associated 1024 with the subnet. 1025 type: string 1026 tags: 1027 additionalProperties: 1028 type: string 1029 description: Tags is a collection of tags describing the 1030 resource. 1031 type: object 1032 type: object 1033 type: array 1034 vpc: 1035 description: VPC configuration. 1036 properties: 1037 availabilityZoneSelection: 1038 default: Ordered 1039 description: 'AvailabilityZoneSelection specifies how AZs 1040 should be selected if there are more AZs in a region than 1041 specified by AvailabilityZoneUsageLimit. There are 2 selection 1042 schemes: Ordered - selects based on alphabetical order Random 1043 - selects AZs randomly in a region Defaults to Ordered' 1044 enum: 1045 - Ordered 1046 - Random 1047 type: string 1048 availabilityZoneUsageLimit: 1049 default: 3 1050 description: AvailabilityZoneUsageLimit specifies the maximum 1051 number of availability zones (AZ) that should be used in 1052 a region when automatically creating subnets. If a region 1053 has more than this number of AZs then this number of AZs 1054 will be picked randomly when creating default subnets. Defaults 1055 to 3 1056 minimum: 1 1057 type: integer 1058 cidrBlock: 1059 description: CidrBlock is the CIDR block to be used when the 1060 provider creates a managed VPC. Defaults to 10.0.0.0/16. 1061 type: string 1062 id: 1063 description: ID is the vpc-id of the VPC this provider should 1064 use to create resources. 1065 type: string 1066 internetGatewayId: 1067 description: InternetGatewayID is the id of the internet gateway 1068 associated with the VPC. 1069 type: string 1070 tags: 1071 additionalProperties: 1072 type: string 1073 description: Tags is a collection of tags describing the resource. 1074 type: object 1075 type: object 1076 type: object 1077 region: 1078 description: The AWS Region the cluster lives in. 1079 type: string 1080 sshKeyName: 1081 description: SSHKeyName is the name of the ssh key to attach to the 1082 bastion host. Valid values are empty string (do not use SSH keys), 1083 a valid SSH key name, or omitted (use the default SSH key name) 1084 type: string 1085 type: object 1086 status: 1087 description: AWSClusterStatus defines the observed state of AWSCluster 1088 properties: 1089 bastion: 1090 description: Instance describes an AWS instance. 1091 properties: 1092 addresses: 1093 description: Addresses contains the AWS instance associated addresses. 1094 items: 1095 description: MachineAddress contains information for the node's 1096 address. 1097 properties: 1098 address: 1099 description: The machine address. 1100 type: string 1101 type: 1102 description: Machine address type, one of Hostname, ExternalIP 1103 or InternalIP. 1104 type: string 1105 required: 1106 - address 1107 - type 1108 type: object 1109 type: array 1110 availabilityZone: 1111 description: Availability zone of instance 1112 type: string 1113 ebsOptimized: 1114 description: Indicates whether the instance is optimized for Amazon 1115 EBS I/O. 1116 type: boolean 1117 enaSupport: 1118 description: Specifies whether enhanced networking with ENA is 1119 enabled. 1120 type: boolean 1121 iamProfile: 1122 description: The name of the IAM instance profile associated with 1123 the instance, if applicable. 1124 type: string 1125 id: 1126 type: string 1127 imageId: 1128 description: The ID of the AMI used to launch the instance. 1129 type: string 1130 instanceState: 1131 description: The current state of the instance. 1132 type: string 1133 networkInterfaces: 1134 description: Specifies ENIs attached to instance 1135 items: 1136 type: string 1137 type: array 1138 nonRootVolumes: 1139 description: Configuration options for the non root storage volumes. 1140 items: 1141 description: Volume encapsulates the configuration options for 1142 the storage device 1143 properties: 1144 deviceName: 1145 description: Device name 1146 type: string 1147 encrypted: 1148 description: Encrypted is whether the volume should be encrypted 1149 or not. 1150 type: boolean 1151 encryptionKey: 1152 description: EncryptionKey is the KMS key to use to encrypt 1153 the volume. Can be either a KMS key ID or ARN. If Encrypted 1154 is set and this is omitted, the default AWS key will be 1155 used. The key must already exist and be accessible by 1156 the controller. 1157 type: string 1158 iops: 1159 description: IOPS is the number of IOPS requested for the 1160 disk. Not applicable to all types. 1161 format: int64 1162 type: integer 1163 size: 1164 description: Size specifies size (in Gi) of the storage 1165 device. Must be greater than the image snapshot size or 1166 8 (whichever is greater). 1167 format: int64 1168 minimum: 8 1169 type: integer 1170 throughput: 1171 description: Throughput to provision in MiB/s supported 1172 for the volume type. Not applicable to all types. 1173 format: int64 1174 type: integer 1175 type: 1176 description: Type is the type of the volume (e.g. gp2, io1, 1177 etc...). 1178 type: string 1179 required: 1180 - size 1181 type: object 1182 type: array 1183 privateIp: 1184 description: The private IPv4 address assigned to the instance. 1185 type: string 1186 publicIp: 1187 description: The public IPv4 address assigned to the instance, 1188 if applicable. 1189 type: string 1190 rootVolume: 1191 description: Configuration options for the root storage volume. 1192 properties: 1193 deviceName: 1194 description: Device name 1195 type: string 1196 encrypted: 1197 description: Encrypted is whether the volume should be encrypted 1198 or not. 1199 type: boolean 1200 encryptionKey: 1201 description: EncryptionKey is the KMS key to use to encrypt 1202 the volume. Can be either a KMS key ID or ARN. If Encrypted 1203 is set and this is omitted, the default AWS key will be 1204 used. The key must already exist and be accessible by the 1205 controller. 1206 type: string 1207 iops: 1208 description: IOPS is the number of IOPS requested for the 1209 disk. Not applicable to all types. 1210 format: int64 1211 type: integer 1212 size: 1213 description: Size specifies size (in Gi) of the storage device. 1214 Must be greater than the image snapshot size or 8 (whichever 1215 is greater). 1216 format: int64 1217 minimum: 8 1218 type: integer 1219 throughput: 1220 description: Throughput to provision in MiB/s supported for 1221 the volume type. Not applicable to all types. 1222 format: int64 1223 type: integer 1224 type: 1225 description: Type is the type of the volume (e.g. gp2, io1, 1226 etc...). 1227 type: string 1228 required: 1229 - size 1230 type: object 1231 securityGroupIds: 1232 description: SecurityGroupIDs are one or more security group IDs 1233 this instance belongs to. 1234 items: 1235 type: string 1236 type: array 1237 spotMarketOptions: 1238 description: SpotMarketOptions option for configuring instances 1239 to be run using AWS Spot instances. 1240 properties: 1241 maxPrice: 1242 description: MaxPrice defines the maximum price the user is 1243 willing to pay for Spot VM instances 1244 type: string 1245 type: object 1246 sshKeyName: 1247 description: The name of the SSH key pair. 1248 type: string 1249 subnetId: 1250 description: The ID of the subnet of the instance. 1251 type: string 1252 tags: 1253 additionalProperties: 1254 type: string 1255 description: The tags associated with the instance. 1256 type: object 1257 tenancy: 1258 description: Tenancy indicates if instance should run on shared 1259 or single-tenant hardware. 1260 type: string 1261 type: 1262 description: The instance type. 1263 type: string 1264 userData: 1265 description: UserData is the raw data script passed to the instance 1266 which is run upon bootstrap. This field must not be base64 encoded 1267 and should only be used when running a new instance. 1268 type: string 1269 volumeIDs: 1270 description: IDs of the instance's volumes 1271 items: 1272 type: string 1273 type: array 1274 required: 1275 - id 1276 type: object 1277 conditions: 1278 description: Conditions provide observations of the operational state 1279 of a Cluster API resource. 1280 items: 1281 description: Condition defines an observation of a Cluster API resource 1282 operational state. 1283 properties: 1284 lastTransitionTime: 1285 description: Last time the condition transitioned from one status 1286 to another. This should be when the underlying condition changed. 1287 If that is not known, then using the time when the API field 1288 changed is acceptable. 1289 format: date-time 1290 type: string 1291 message: 1292 description: A human readable message indicating details about 1293 the transition. This field may be empty. 1294 type: string 1295 reason: 1296 description: The reason for the condition's last transition 1297 in CamelCase. The specific API may choose whether or not this 1298 field is considered a guaranteed API. This field may not be 1299 empty. 1300 type: string 1301 severity: 1302 description: Severity provides an explicit classification of 1303 Reason code, so the users or machines can immediately understand 1304 the current situation and act accordingly. The Severity field 1305 MUST be set only when Status=False. 1306 type: string 1307 status: 1308 description: Status of the condition, one of True, False, Unknown. 1309 type: string 1310 type: 1311 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1312 Many .condition.type values are consistent across resources 1313 like Available, but because arbitrary conditions can be useful 1314 (see .node.status.conditions), the ability to deconflict is 1315 important. 1316 type: string 1317 required: 1318 - status 1319 - type 1320 type: object 1321 type: array 1322 failureDomains: 1323 additionalProperties: 1324 description: FailureDomainSpec is the Schema for Cluster API failure 1325 domains. It allows controllers to understand how many failure 1326 domains a cluster can optionally span across. 1327 properties: 1328 attributes: 1329 additionalProperties: 1330 type: string 1331 description: Attributes is a free form map of attributes an 1332 infrastructure provider might use or require. 1333 type: object 1334 controlPlane: 1335 description: ControlPlane determines if this failure domain 1336 is suitable for use by control plane machines. 1337 type: boolean 1338 type: object 1339 description: FailureDomains is a slice of FailureDomains. 1340 type: object 1341 networkStatus: 1342 description: NetworkStatus encapsulates AWS networking resources. 1343 properties: 1344 apiServerElb: 1345 description: APIServerELB is the Kubernetes api server classic 1346 load balancer. 1347 properties: 1348 attributes: 1349 description: Attributes defines extra attributes associated 1350 with the load balancer. 1351 properties: 1352 crossZoneLoadBalancing: 1353 description: CrossZoneLoadBalancing enables the classic 1354 load balancer load balancing. 1355 type: boolean 1356 idleTimeout: 1357 description: IdleTimeout is time that the connection is 1358 allowed to be idle (no data has been sent over the connection) 1359 before it is closed by the load balancer. 1360 format: int64 1361 type: integer 1362 type: object 1363 availabilityZones: 1364 description: AvailabilityZones is an array of availability 1365 zones in the VPC attached to the load balancer. 1366 items: 1367 type: string 1368 type: array 1369 dnsName: 1370 description: DNSName is the dns name of the load balancer. 1371 type: string 1372 healthChecks: 1373 description: HealthCheck is the classic elb health check associated 1374 with the load balancer. 1375 properties: 1376 healthyThreshold: 1377 format: int64 1378 type: integer 1379 interval: 1380 description: A Duration represents the elapsed time between 1381 two instants as an int64 nanosecond count. The representation 1382 limits the largest representable duration to approximately 1383 290 years. 1384 format: int64 1385 type: integer 1386 target: 1387 type: string 1388 timeout: 1389 description: A Duration represents the elapsed time between 1390 two instants as an int64 nanosecond count. The representation 1391 limits the largest representable duration to approximately 1392 290 years. 1393 format: int64 1394 type: integer 1395 unhealthyThreshold: 1396 format: int64 1397 type: integer 1398 required: 1399 - healthyThreshold 1400 - interval 1401 - target 1402 - timeout 1403 - unhealthyThreshold 1404 type: object 1405 listeners: 1406 description: Listeners is an array of classic elb listeners 1407 associated with the load balancer. There must be at least 1408 one. 1409 items: 1410 description: ClassicELBListener defines an AWS classic load 1411 balancer listener. 1412 properties: 1413 instancePort: 1414 format: int64 1415 type: integer 1416 instanceProtocol: 1417 description: ClassicELBProtocol defines listener protocols 1418 for a classic load balancer. 1419 type: string 1420 port: 1421 format: int64 1422 type: integer 1423 protocol: 1424 description: ClassicELBProtocol defines listener protocols 1425 for a classic load balancer. 1426 type: string 1427 required: 1428 - instancePort 1429 - instanceProtocol 1430 - port 1431 - protocol 1432 type: object 1433 type: array 1434 name: 1435 description: The name of the load balancer. It must be unique 1436 within the set of load balancers defined in the region. 1437 It also serves as identifier. 1438 type: string 1439 scheme: 1440 description: Scheme is the load balancer scheme, either internet-facing 1441 or private. 1442 type: string 1443 securityGroupIds: 1444 description: SecurityGroupIDs is an array of security groups 1445 assigned to the load balancer. 1446 items: 1447 type: string 1448 type: array 1449 subnetIds: 1450 description: SubnetIDs is an array of subnets in the VPC attached 1451 to the load balancer. 1452 items: 1453 type: string 1454 type: array 1455 tags: 1456 additionalProperties: 1457 type: string 1458 description: Tags is a map of tags associated with the load 1459 balancer. 1460 type: object 1461 type: object 1462 securityGroups: 1463 additionalProperties: 1464 description: SecurityGroup defines an AWS security group. 1465 properties: 1466 id: 1467 description: ID is a unique identifier. 1468 type: string 1469 ingressRule: 1470 description: IngressRules is the inbound rules associated 1471 with the security group. 1472 items: 1473 description: IngressRule defines an AWS ingress rule for 1474 security groups. 1475 properties: 1476 cidrBlocks: 1477 description: List of CIDR blocks to allow access from. 1478 Cannot be specified with SourceSecurityGroupID. 1479 items: 1480 type: string 1481 type: array 1482 description: 1483 type: string 1484 fromPort: 1485 format: int64 1486 type: integer 1487 protocol: 1488 description: SecurityGroupProtocol defines the protocol 1489 type for a security group rule. 1490 type: string 1491 sourceSecurityGroupIds: 1492 description: The security group id to allow access 1493 from. Cannot be specified with CidrBlocks. 1494 items: 1495 type: string 1496 type: array 1497 toPort: 1498 format: int64 1499 type: integer 1500 required: 1501 - description 1502 - fromPort 1503 - protocol 1504 - toPort 1505 type: object 1506 type: array 1507 name: 1508 description: Name is the security group name. 1509 type: string 1510 tags: 1511 additionalProperties: 1512 type: string 1513 description: Tags is a map of tags associated with the security 1514 group. 1515 type: object 1516 required: 1517 - id 1518 - name 1519 type: object 1520 description: SecurityGroups is a map from the role/kind of the 1521 security group to its unique name, if any. 1522 type: object 1523 type: object 1524 ready: 1525 default: false 1526 type: boolean 1527 required: 1528 - ready 1529 type: object 1530 type: object 1531 served: true 1532 storage: false 1533 subresources: 1534 status: {} 1535 - additionalPrinterColumns: 1536 - description: Cluster to which this AWSCluster belongs 1537 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 1538 name: Cluster 1539 type: string 1540 - description: Cluster infrastructure is ready for EC2 instances 1541 jsonPath: .status.ready 1542 name: Ready 1543 type: string 1544 - description: AWS VPC the cluster is using 1545 jsonPath: .spec.network.vpc.id 1546 name: VPC 1547 type: string 1548 - description: API Endpoint 1549 jsonPath: .spec.controlPlaneEndpoint 1550 name: Endpoint 1551 priority: 1 1552 type: string 1553 - description: Bastion IP address for breakglass access 1554 jsonPath: .status.bastion.publicIp 1555 name: Bastion IP 1556 type: string 1557 name: v1beta1 1558 schema: 1559 openAPIV3Schema: 1560 description: AWSCluster is the schema for Amazon EC2 based Kubernetes Cluster 1561 API. 1562 properties: 1563 apiVersion: 1564 description: 'APIVersion defines the versioned schema of this representation 1565 of an object. Servers should convert recognized schemas to the latest 1566 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1567 type: string 1568 kind: 1569 description: 'Kind is a string value representing the REST resource this 1570 object represents. Servers may infer this from the endpoint the client 1571 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1572 type: string 1573 metadata: 1574 type: object 1575 spec: 1576 description: AWSClusterSpec defines the desired state of an EC2-based 1577 Kubernetes cluster. 1578 properties: 1579 additionalTags: 1580 additionalProperties: 1581 type: string 1582 description: AdditionalTags is an optional set of tags to add to AWS 1583 resources managed by the AWS provider, in addition to the ones added 1584 by default. 1585 type: object 1586 bastion: 1587 description: Bastion contains options to configure the bastion host. 1588 properties: 1589 allowedCIDRBlocks: 1590 description: AllowedCIDRBlocks is a list of CIDR blocks allowed 1591 to access the bastion host. They are set as ingress rules for 1592 the Bastion host's Security Group (defaults to 0.0.0.0/0). 1593 items: 1594 type: string 1595 type: array 1596 ami: 1597 description: AMI will use the specified AMI to boot the bastion. 1598 If not specified, the AMI will default to one picked out in 1599 public space. 1600 type: string 1601 disableIngressRules: 1602 description: DisableIngressRules will ensure there are no Ingress 1603 rules in the bastion host's security group. Requires AllowedCIDRBlocks 1604 to be empty. 1605 type: boolean 1606 enabled: 1607 description: Enabled allows this provider to create a bastion 1608 host instance with a public ip to access the VPC private network. 1609 type: boolean 1610 instanceType: 1611 description: InstanceType will use the specified instance type 1612 for the bastion. If not specified, Cluster API Provider AWS 1613 will use t3.micro for all regions except us-east-1, where t2.micro 1614 will be the default. 1615 type: string 1616 type: object 1617 controlPlaneEndpoint: 1618 description: ControlPlaneEndpoint represents the endpoint used to 1619 communicate with the control plane. 1620 properties: 1621 host: 1622 description: The hostname on which the API server is serving. 1623 type: string 1624 port: 1625 description: The port on which the API server is serving. 1626 format: int32 1627 type: integer 1628 required: 1629 - host 1630 - port 1631 type: object 1632 controlPlaneLoadBalancer: 1633 description: ControlPlaneLoadBalancer is optional configuration for 1634 customizing control plane behavior. 1635 properties: 1636 additionalSecurityGroups: 1637 description: AdditionalSecurityGroups sets the security groups 1638 used by the load balancer. Expected to be security group IDs 1639 This is optional - if not provided new security groups will 1640 be created for the load balancer 1641 items: 1642 type: string 1643 type: array 1644 crossZoneLoadBalancing: 1645 description: "CrossZoneLoadBalancing enables the classic ELB cross 1646 availability zone balancing. \n With cross-zone load balancing, 1647 each load balancer node for your Classic Load Balancer distributes 1648 requests evenly across the registered instances in all enabled 1649 Availability Zones. If cross-zone load balancing is disabled, 1650 each load balancer node distributes requests evenly across the 1651 registered instances in its Availability Zone only. \n Defaults 1652 to false." 1653 type: boolean 1654 healthCheckProtocol: 1655 description: HealthCheckProtocol sets the protocol type for classic 1656 ELB health check target default value is ClassicELBProtocolSSL 1657 type: string 1658 name: 1659 description: Name sets the name of the classic ELB load balancer. 1660 As per AWS, the name must be unique within your set of load 1661 balancers for the region, must have a maximum of 32 characters, 1662 must contain only alphanumeric characters or hyphens, and cannot 1663 begin or end with a hyphen. Once set, the value cannot be changed. 1664 maxLength: 32 1665 pattern: ^[A-Za-z0-9]([A-Za-z0-9]{0,31}|[-A-Za-z0-9]{0,30}[A-Za-z0-9])$ 1666 type: string 1667 scheme: 1668 default: internet-facing 1669 description: Scheme sets the scheme of the load balancer (defaults 1670 to internet-facing) 1671 enum: 1672 - internet-facing 1673 - internal 1674 type: string 1675 subnets: 1676 description: Subnets sets the subnets that should be applied to 1677 the control plane load balancer (defaults to discovered subnets 1678 for managed VPCs or an empty set for unmanaged VPCs) 1679 items: 1680 type: string 1681 type: array 1682 type: object 1683 identityRef: 1684 description: IdentityRef is a reference to a identity to be used when 1685 reconciling this cluster 1686 properties: 1687 kind: 1688 description: Kind of the identity. 1689 enum: 1690 - AWSClusterControllerIdentity 1691 - AWSClusterRoleIdentity 1692 - AWSClusterStaticIdentity 1693 type: string 1694 name: 1695 description: Name of the identity. 1696 minLength: 1 1697 type: string 1698 required: 1699 - kind 1700 - name 1701 type: object 1702 imageLookupBaseOS: 1703 description: ImageLookupBaseOS is the name of the base operating system 1704 used to look up machine images when a machine does not specify an 1705 AMI. When set, this will be used for all cluster machines unless 1706 a machine specifies a different ImageLookupBaseOS. 1707 type: string 1708 imageLookupFormat: 1709 description: 'ImageLookupFormat is the AMI naming format to look up 1710 machine images when a machine does not specify an AMI. When set, 1711 this will be used for all cluster machines unless a machine specifies 1712 a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} 1713 and {{.K8sVersion}} with the base OS and kubernetes version, respectively. 1714 The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the 1715 default), and the kubernetes version as defined by the packages 1716 produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, 1717 or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* 1718 will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* 1719 for a Machine that is targeting kubernetes v1.18.0 and the ubuntu 1720 base OS. See also: https://golang.org/pkg/text/template/' 1721 type: string 1722 imageLookupOrg: 1723 description: ImageLookupOrg is the AWS Organization ID to look up 1724 machine images when a machine does not specify an AMI. When set, 1725 this will be used for all cluster machines unless a machine specifies 1726 a different ImageLookupOrg. 1727 type: string 1728 network: 1729 description: NetworkSpec encapsulates all things related to AWS network. 1730 properties: 1731 cni: 1732 description: CNI configuration 1733 properties: 1734 cniIngressRules: 1735 description: CNIIngressRules specify rules to apply to control 1736 plane and worker node security groups. The source for the 1737 rule will be set to control plane and worker security group 1738 IDs. 1739 items: 1740 description: CNIIngressRule defines an AWS ingress rule 1741 for CNI requirements. 1742 properties: 1743 description: 1744 type: string 1745 fromPort: 1746 format: int64 1747 type: integer 1748 protocol: 1749 description: SecurityGroupProtocol defines the protocol 1750 type for a security group rule. 1751 type: string 1752 toPort: 1753 format: int64 1754 type: integer 1755 required: 1756 - description 1757 - fromPort 1758 - protocol 1759 - toPort 1760 type: object 1761 type: array 1762 type: object 1763 securityGroupOverrides: 1764 additionalProperties: 1765 type: string 1766 description: SecurityGroupOverrides is an optional set of security 1767 groups to use for cluster instances This is optional - if not 1768 provided new security groups will be created for the cluster 1769 type: object 1770 subnets: 1771 description: Subnets configuration. 1772 items: 1773 description: SubnetSpec configures an AWS Subnet. 1774 properties: 1775 availabilityZone: 1776 description: AvailabilityZone defines the availability zone 1777 to use for this subnet in the cluster's region. 1778 type: string 1779 cidrBlock: 1780 description: CidrBlock is the CIDR block to be used when 1781 the provider creates a managed VPC. 1782 type: string 1783 id: 1784 description: ID defines a unique identifier to reference 1785 this resource. 1786 type: string 1787 isPublic: 1788 description: IsPublic defines the subnet as a public subnet. 1789 A subnet is public when it is associated with a route 1790 table that has a route to an internet gateway. 1791 type: boolean 1792 natGatewayId: 1793 description: NatGatewayID is the NAT gateway id associated 1794 with the subnet. Ignored unless the subnet is managed 1795 by the provider, in which case this is set on the public 1796 subnet where the NAT gateway resides. It is then used 1797 to determine routes for private subnets in the same AZ 1798 as the public subnet. 1799 type: string 1800 routeTableId: 1801 description: RouteTableID is the routing table id associated 1802 with the subnet. 1803 type: string 1804 tags: 1805 additionalProperties: 1806 type: string 1807 description: Tags is a collection of tags describing the 1808 resource. 1809 type: object 1810 type: object 1811 type: array 1812 vpc: 1813 description: VPC configuration. 1814 properties: 1815 availabilityZoneSelection: 1816 default: Ordered 1817 description: 'AvailabilityZoneSelection specifies how AZs 1818 should be selected if there are more AZs in a region than 1819 specified by AvailabilityZoneUsageLimit. There are 2 selection 1820 schemes: Ordered - selects based on alphabetical order Random 1821 - selects AZs randomly in a region Defaults to Ordered' 1822 enum: 1823 - Ordered 1824 - Random 1825 type: string 1826 availabilityZoneUsageLimit: 1827 default: 3 1828 description: AvailabilityZoneUsageLimit specifies the maximum 1829 number of availability zones (AZ) that should be used in 1830 a region when automatically creating subnets. If a region 1831 has more than this number of AZs then this number of AZs 1832 will be picked randomly when creating default subnets. Defaults 1833 to 3 1834 minimum: 1 1835 type: integer 1836 cidrBlock: 1837 description: CidrBlock is the CIDR block to be used when the 1838 provider creates a managed VPC. Defaults to 10.0.0.0/16. 1839 type: string 1840 id: 1841 description: ID is the vpc-id of the VPC this provider should 1842 use to create resources. 1843 type: string 1844 internetGatewayId: 1845 description: InternetGatewayID is the id of the internet gateway 1846 associated with the VPC. 1847 type: string 1848 tags: 1849 additionalProperties: 1850 type: string 1851 description: Tags is a collection of tags describing the resource. 1852 type: object 1853 type: object 1854 type: object 1855 region: 1856 description: The AWS Region the cluster lives in. 1857 type: string 1858 s3Bucket: 1859 description: S3Bucket contains options to configure a supporting S3 1860 bucket for this cluster - currently used for nodes requiring Ignition 1861 (https://coreos.github.io/ignition/) for bootstrapping (requires 1862 BootstrapFormatIgnition feature flag to be enabled). 1863 properties: 1864 controlPlaneIAMInstanceProfile: 1865 description: ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, 1866 which will be allowed to read control-plane node bootstrap data 1867 from S3 Bucket. 1868 type: string 1869 name: 1870 description: Name defines name of S3 Bucket to be created. 1871 maxLength: 63 1872 minLength: 3 1873 pattern: ^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$ 1874 type: string 1875 nodesIAMInstanceProfiles: 1876 description: NodesIAMInstanceProfiles is a list of IAM instance 1877 profiles, which will be allowed to read worker nodes bootstrap 1878 data from S3 Bucket. 1879 items: 1880 type: string 1881 type: array 1882 required: 1883 - controlPlaneIAMInstanceProfile 1884 - name 1885 - nodesIAMInstanceProfiles 1886 type: object 1887 sshKeyName: 1888 description: SSHKeyName is the name of the ssh key to attach to the 1889 bastion host. Valid values are empty string (do not use SSH keys), 1890 a valid SSH key name, or omitted (use the default SSH key name) 1891 type: string 1892 type: object 1893 status: 1894 description: AWSClusterStatus defines the observed state of AWSCluster. 1895 properties: 1896 bastion: 1897 description: Instance describes an AWS instance. 1898 properties: 1899 addresses: 1900 description: Addresses contains the AWS instance associated addresses. 1901 items: 1902 description: MachineAddress contains information for the node's 1903 address. 1904 properties: 1905 address: 1906 description: The machine address. 1907 type: string 1908 type: 1909 description: Machine address type, one of Hostname, ExternalIP 1910 or InternalIP. 1911 type: string 1912 required: 1913 - address 1914 - type 1915 type: object 1916 type: array 1917 availabilityZone: 1918 description: Availability zone of instance 1919 type: string 1920 ebsOptimized: 1921 description: Indicates whether the instance is optimized for Amazon 1922 EBS I/O. 1923 type: boolean 1924 enaSupport: 1925 description: Specifies whether enhanced networking with ENA is 1926 enabled. 1927 type: boolean 1928 iamProfile: 1929 description: The name of the IAM instance profile associated with 1930 the instance, if applicable. 1931 type: string 1932 id: 1933 type: string 1934 imageId: 1935 description: The ID of the AMI used to launch the instance. 1936 type: string 1937 instanceState: 1938 description: The current state of the instance. 1939 type: string 1940 networkInterfaces: 1941 description: Specifies ENIs attached to instance 1942 items: 1943 type: string 1944 type: array 1945 nonRootVolumes: 1946 description: Configuration options for the non root storage volumes. 1947 items: 1948 description: Volume encapsulates the configuration options for 1949 the storage device. 1950 properties: 1951 deviceName: 1952 description: Device name 1953 type: string 1954 encrypted: 1955 description: Encrypted is whether the volume should be encrypted 1956 or not. 1957 type: boolean 1958 encryptionKey: 1959 description: EncryptionKey is the KMS key to use to encrypt 1960 the volume. Can be either a KMS key ID or ARN. If Encrypted 1961 is set and this is omitted, the default AWS key will be 1962 used. The key must already exist and be accessible by 1963 the controller. 1964 type: string 1965 iops: 1966 description: IOPS is the number of IOPS requested for the 1967 disk. Not applicable to all types. 1968 format: int64 1969 type: integer 1970 size: 1971 description: Size specifies size (in Gi) of the storage 1972 device. Must be greater than the image snapshot size or 1973 8 (whichever is greater). 1974 format: int64 1975 minimum: 8 1976 type: integer 1977 throughput: 1978 description: Throughput to provision in MiB/s supported 1979 for the volume type. Not applicable to all types. 1980 format: int64 1981 type: integer 1982 type: 1983 description: Type is the type of the volume (e.g. gp2, io1, 1984 etc...). 1985 type: string 1986 required: 1987 - size 1988 type: object 1989 type: array 1990 privateIp: 1991 description: The private IPv4 address assigned to the instance. 1992 type: string 1993 publicIp: 1994 description: The public IPv4 address assigned to the instance, 1995 if applicable. 1996 type: string 1997 rootVolume: 1998 description: Configuration options for the root storage volume. 1999 properties: 2000 deviceName: 2001 description: Device name 2002 type: string 2003 encrypted: 2004 description: Encrypted is whether the volume should be encrypted 2005 or not. 2006 type: boolean 2007 encryptionKey: 2008 description: EncryptionKey is the KMS key to use to encrypt 2009 the volume. Can be either a KMS key ID or ARN. If Encrypted 2010 is set and this is omitted, the default AWS key will be 2011 used. The key must already exist and be accessible by the 2012 controller. 2013 type: string 2014 iops: 2015 description: IOPS is the number of IOPS requested for the 2016 disk. Not applicable to all types. 2017 format: int64 2018 type: integer 2019 size: 2020 description: Size specifies size (in Gi) of the storage device. 2021 Must be greater than the image snapshot size or 8 (whichever 2022 is greater). 2023 format: int64 2024 minimum: 8 2025 type: integer 2026 throughput: 2027 description: Throughput to provision in MiB/s supported for 2028 the volume type. Not applicable to all types. 2029 format: int64 2030 type: integer 2031 type: 2032 description: Type is the type of the volume (e.g. gp2, io1, 2033 etc...). 2034 type: string 2035 required: 2036 - size 2037 type: object 2038 securityGroupIds: 2039 description: SecurityGroupIDs are one or more security group IDs 2040 this instance belongs to. 2041 items: 2042 type: string 2043 type: array 2044 spotMarketOptions: 2045 description: SpotMarketOptions option for configuring instances 2046 to be run using AWS Spot instances. 2047 properties: 2048 maxPrice: 2049 description: MaxPrice defines the maximum price the user is 2050 willing to pay for Spot VM instances 2051 type: string 2052 type: object 2053 sshKeyName: 2054 description: The name of the SSH key pair. 2055 type: string 2056 subnetId: 2057 description: The ID of the subnet of the instance. 2058 type: string 2059 tags: 2060 additionalProperties: 2061 type: string 2062 description: The tags associated with the instance. 2063 type: object 2064 tenancy: 2065 description: Tenancy indicates if instance should run on shared 2066 or single-tenant hardware. 2067 type: string 2068 type: 2069 description: The instance type. 2070 type: string 2071 userData: 2072 description: UserData is the raw data script passed to the instance 2073 which is run upon bootstrap. This field must not be base64 encoded 2074 and should only be used when running a new instance. 2075 type: string 2076 volumeIDs: 2077 description: IDs of the instance's volumes 2078 items: 2079 type: string 2080 type: array 2081 required: 2082 - id 2083 type: object 2084 conditions: 2085 description: Conditions provide observations of the operational state 2086 of a Cluster API resource. 2087 items: 2088 description: Condition defines an observation of a Cluster API resource 2089 operational state. 2090 properties: 2091 lastTransitionTime: 2092 description: Last time the condition transitioned from one status 2093 to another. This should be when the underlying condition changed. 2094 If that is not known, then using the time when the API field 2095 changed is acceptable. 2096 format: date-time 2097 type: string 2098 message: 2099 description: A human readable message indicating details about 2100 the transition. This field may be empty. 2101 type: string 2102 reason: 2103 description: The reason for the condition's last transition 2104 in CamelCase. The specific API may choose whether or not this 2105 field is considered a guaranteed API. This field may not be 2106 empty. 2107 type: string 2108 severity: 2109 description: Severity provides an explicit classification of 2110 Reason code, so the users or machines can immediately understand 2111 the current situation and act accordingly. The Severity field 2112 MUST be set only when Status=False. 2113 type: string 2114 status: 2115 description: Status of the condition, one of True, False, Unknown. 2116 type: string 2117 type: 2118 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 2119 Many .condition.type values are consistent across resources 2120 like Available, but because arbitrary conditions can be useful 2121 (see .node.status.conditions), the ability to deconflict is 2122 important. 2123 type: string 2124 required: 2125 - lastTransitionTime 2126 - status 2127 - type 2128 type: object 2129 type: array 2130 failureDomains: 2131 additionalProperties: 2132 description: FailureDomainSpec is the Schema for Cluster API failure 2133 domains. It allows controllers to understand how many failure 2134 domains a cluster can optionally span across. 2135 properties: 2136 attributes: 2137 additionalProperties: 2138 type: string 2139 description: Attributes is a free form map of attributes an 2140 infrastructure provider might use or require. 2141 type: object 2142 controlPlane: 2143 description: ControlPlane determines if this failure domain 2144 is suitable for use by control plane machines. 2145 type: boolean 2146 type: object 2147 description: FailureDomains is a slice of FailureDomains. 2148 type: object 2149 networkStatus: 2150 description: NetworkStatus encapsulates AWS networking resources. 2151 properties: 2152 apiServerElb: 2153 description: APIServerELB is the Kubernetes api server classic 2154 load balancer. 2155 properties: 2156 attributes: 2157 description: Attributes defines extra attributes associated 2158 with the load balancer. 2159 properties: 2160 crossZoneLoadBalancing: 2161 description: CrossZoneLoadBalancing enables the classic 2162 load balancer load balancing. 2163 type: boolean 2164 idleTimeout: 2165 description: IdleTimeout is time that the connection is 2166 allowed to be idle (no data has been sent over the connection) 2167 before it is closed by the load balancer. 2168 format: int64 2169 type: integer 2170 type: object 2171 availabilityZones: 2172 description: AvailabilityZones is an array of availability 2173 zones in the VPC attached to the load balancer. 2174 items: 2175 type: string 2176 type: array 2177 dnsName: 2178 description: DNSName is the dns name of the load balancer. 2179 type: string 2180 healthChecks: 2181 description: HealthCheck is the classic elb health check associated 2182 with the load balancer. 2183 properties: 2184 healthyThreshold: 2185 format: int64 2186 type: integer 2187 interval: 2188 description: A Duration represents the elapsed time between 2189 two instants as an int64 nanosecond count. The representation 2190 limits the largest representable duration to approximately 2191 290 years. 2192 format: int64 2193 type: integer 2194 target: 2195 type: string 2196 timeout: 2197 description: A Duration represents the elapsed time between 2198 two instants as an int64 nanosecond count. The representation 2199 limits the largest representable duration to approximately 2200 290 years. 2201 format: int64 2202 type: integer 2203 unhealthyThreshold: 2204 format: int64 2205 type: integer 2206 required: 2207 - healthyThreshold 2208 - interval 2209 - target 2210 - timeout 2211 - unhealthyThreshold 2212 type: object 2213 listeners: 2214 description: Listeners is an array of classic elb listeners 2215 associated with the load balancer. There must be at least 2216 one. 2217 items: 2218 description: ClassicELBListener defines an AWS classic load 2219 balancer listener. 2220 properties: 2221 instancePort: 2222 format: int64 2223 type: integer 2224 instanceProtocol: 2225 description: ClassicELBProtocol defines listener protocols 2226 for a classic load balancer. 2227 type: string 2228 port: 2229 format: int64 2230 type: integer 2231 protocol: 2232 description: ClassicELBProtocol defines listener protocols 2233 for a classic load balancer. 2234 type: string 2235 required: 2236 - instancePort 2237 - instanceProtocol 2238 - port 2239 - protocol 2240 type: object 2241 type: array 2242 name: 2243 description: The name of the load balancer. It must be unique 2244 within the set of load balancers defined in the region. 2245 It also serves as identifier. 2246 type: string 2247 scheme: 2248 description: Scheme is the load balancer scheme, either internet-facing 2249 or private. 2250 type: string 2251 securityGroupIds: 2252 description: SecurityGroupIDs is an array of security groups 2253 assigned to the load balancer. 2254 items: 2255 type: string 2256 type: array 2257 subnetIds: 2258 description: SubnetIDs is an array of subnets in the VPC attached 2259 to the load balancer. 2260 items: 2261 type: string 2262 type: array 2263 tags: 2264 additionalProperties: 2265 type: string 2266 description: Tags is a map of tags associated with the load 2267 balancer. 2268 type: object 2269 type: object 2270 securityGroups: 2271 additionalProperties: 2272 description: SecurityGroup defines an AWS security group. 2273 properties: 2274 id: 2275 description: ID is a unique identifier. 2276 type: string 2277 ingressRule: 2278 description: IngressRules is the inbound rules associated 2279 with the security group. 2280 items: 2281 description: IngressRule defines an AWS ingress rule for 2282 security groups. 2283 properties: 2284 cidrBlocks: 2285 description: List of CIDR blocks to allow access from. 2286 Cannot be specified with SourceSecurityGroupID. 2287 items: 2288 type: string 2289 type: array 2290 description: 2291 type: string 2292 fromPort: 2293 format: int64 2294 type: integer 2295 protocol: 2296 description: SecurityGroupProtocol defines the protocol 2297 type for a security group rule. 2298 type: string 2299 sourceSecurityGroupIds: 2300 description: The security group id to allow access 2301 from. Cannot be specified with CidrBlocks. 2302 items: 2303 type: string 2304 type: array 2305 toPort: 2306 format: int64 2307 type: integer 2308 required: 2309 - description 2310 - fromPort 2311 - protocol 2312 - toPort 2313 type: object 2314 type: array 2315 name: 2316 description: Name is the security group name. 2317 type: string 2318 tags: 2319 additionalProperties: 2320 type: string 2321 description: Tags is a map of tags associated with the security 2322 group. 2323 type: object 2324 required: 2325 - id 2326 - name 2327 type: object 2328 description: SecurityGroups is a map from the role/kind of the 2329 security group to its unique name, if any. 2330 type: object 2331 type: object 2332 ready: 2333 default: false 2334 type: boolean 2335 required: 2336 - ready 2337 type: object 2338 type: object 2339 served: true 2340 storage: true 2341 subresources: 2342 status: {} 2343 status: 2344 acceptedNames: 2345 kind: "" 2346 plural: "" 2347 conditions: [] 2348 storedVersions: []