sigs.k8s.io/cluster-api-provider-azure@v1.14.3/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.13.0 7 name: azureclusters.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureCluster 14 listKind: AzureClusterList 15 plural: azureclusters 16 singular: azurecluster 17 scope: Namespaced 18 versions: 19 - additionalPrinterColumns: 20 - description: Cluster to which this AzureCluster belongs 21 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 22 name: Cluster 23 type: string 24 - jsonPath: .status.conditions[?(@.type=='Ready')].status 25 name: Ready 26 type: string 27 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 28 name: Reason 29 type: string 30 - jsonPath: .status.conditions[?(@.type=='Ready')].message 31 name: Message 32 priority: 1 33 type: string 34 - jsonPath: .spec.resourceGroup 35 name: Resource Group 36 priority: 1 37 type: string 38 - jsonPath: .spec.subscriptionID 39 name: SubscriptionID 40 priority: 1 41 type: string 42 - jsonPath: .spec.location 43 name: Location 44 priority: 1 45 type: string 46 - description: Control Plane Endpoint 47 jsonPath: .spec.controlPlaneEndpoint.host 48 name: Endpoint 49 priority: 1 50 type: string 51 - description: Time duration since creation of this AzureCluster 52 jsonPath: .metadata.creationTimestamp 53 name: Age 54 type: date 55 name: v1beta1 56 schema: 57 openAPIV3Schema: 58 description: AzureCluster is the Schema for the azureclusters API. 59 properties: 60 apiVersion: 61 description: 'APIVersion defines the versioned schema of this representation 62 of an object. Servers should convert recognized schemas to the latest 63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 64 type: string 65 kind: 66 description: 'Kind is a string value representing the REST resource this 67 object represents. Servers may infer this from the endpoint the client 68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 69 type: string 70 metadata: 71 type: object 72 spec: 73 description: AzureClusterSpec defines the desired state of AzureCluster. 74 properties: 75 additionalTags: 76 additionalProperties: 77 type: string 78 description: AdditionalTags is an optional set of tags to add to Azure 79 resources managed by the Azure provider, in addition to the ones 80 added by default. 81 type: object 82 azureEnvironment: 83 description: "AzureEnvironment is the name of the AzureCloud to be 84 used. The default value that would be used by most users is \"AzurePublicCloud\", 85 other values are: - ChinaCloud: \"AzureChinaCloud\" - GermanCloud: 86 \"AzureGermanCloud\" - PublicCloud: \"AzurePublicCloud\" - USGovernmentCloud: 87 \"AzureUSGovernmentCloud\" \n Note that values other than the default 88 must also be accompanied by corresponding changes to the aso-controller-settings 89 Secret to configure ASO to refer to the non-Public cloud. ASO currently 90 does not support referring to multiple different clouds in a single 91 installation. The following fields must be defined in the Secret: 92 - AZURE_AUTHORITY_HOST - AZURE_RESOURCE_MANAGER_ENDPOINT - AZURE_RESOURCE_MANAGER_AUDIENCE 93 \n See the [ASO docs] for more details. \n [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/" 94 type: string 95 bastionSpec: 96 description: BastionSpec encapsulates all things related to the Bastions 97 in the cluster. 98 properties: 99 azureBastion: 100 description: AzureBastion specifies how the Azure Bastion cloud 101 component should be configured. 102 properties: 103 enableTunneling: 104 default: false 105 description: EnableTunneling enables the native client support 106 feature for the Azure Bastion Host. Defaults to false. 107 type: boolean 108 name: 109 type: string 110 publicIP: 111 description: PublicIPSpec defines the inputs to create an 112 Azure public IP address. 113 properties: 114 dnsName: 115 type: string 116 ipTags: 117 items: 118 description: IPTag contains the IpTag associated with 119 the object. 120 properties: 121 tag: 122 description: 'Tag specifies the value of the IP 123 tag associated with the public IP. Example: SQL.' 124 type: string 125 type: 126 description: 'Type specifies the IP tag type. Example: 127 FirstPartyUsage.' 128 type: string 129 required: 130 - tag 131 - type 132 type: object 133 type: array 134 name: 135 type: string 136 required: 137 - name 138 type: object 139 sku: 140 default: Basic 141 description: BastionHostSkuName configures the tier of the 142 Azure Bastion Host. Can be either Basic or Standard. Defaults 143 to Basic. 144 enum: 145 - Basic 146 - Standard 147 type: string 148 subnet: 149 description: SubnetSpec configures an Azure subnet. 150 properties: 151 cidrBlocks: 152 description: CIDRBlocks defines the subnet's address space, 153 specified as one or more address prefixes in CIDR notation. 154 items: 155 type: string 156 type: array 157 id: 158 description: ID is the Azure resource ID of the subnet. 159 READ-ONLY 160 type: string 161 name: 162 description: Name defines a name for the subnet resource. 163 type: string 164 natGateway: 165 description: NatGateway associated with this subnet. 166 properties: 167 id: 168 description: ID is the Azure resource ID of the NAT 169 gateway. READ-ONLY 170 type: string 171 ip: 172 description: PublicIPSpec defines the inputs to create 173 an Azure public IP address. 174 properties: 175 dnsName: 176 type: string 177 ipTags: 178 items: 179 description: IPTag contains the IpTag associated 180 with the object. 181 properties: 182 tag: 183 description: 'Tag specifies the value of 184 the IP tag associated with the public 185 IP. Example: SQL.' 186 type: string 187 type: 188 description: 'Type specifies the IP tag 189 type. Example: FirstPartyUsage.' 190 type: string 191 required: 192 - tag 193 - type 194 type: object 195 type: array 196 name: 197 type: string 198 required: 199 - name 200 type: object 201 name: 202 type: string 203 required: 204 - name 205 type: object 206 privateEndpoints: 207 description: PrivateEndpoints defines a list of private 208 endpoints that should be attached to this subnet. 209 items: 210 description: PrivateEndpointSpec configures an Azure 211 Private Endpoint. 212 properties: 213 applicationSecurityGroups: 214 description: ApplicationSecurityGroups specifies 215 the Application security group in which the private 216 endpoint IP configuration is included. 217 items: 218 type: string 219 type: array 220 customNetworkInterfaceName: 221 description: CustomNetworkInterfaceName specifies 222 the network interface name associated with the 223 private endpoint. 224 type: string 225 location: 226 description: Location specifies the region to create 227 the private endpoint. 228 type: string 229 manualApproval: 230 description: ManualApproval specifies if the connection 231 approval needs to be done manually or not. Set 232 it true when the network admin does not have access 233 to approve connections to the remote resource. 234 Defaults to false. 235 type: boolean 236 name: 237 description: Name specifies the name of the private 238 endpoint. 239 type: string 240 privateIPAddresses: 241 description: PrivateIPAddresses specifies the IP 242 addresses for the network interface associated 243 with the private endpoint. They have to be part 244 of the subnet where the private endpoint is linked. 245 items: 246 type: string 247 type: array 248 privateLinkServiceConnections: 249 description: PrivateLinkServiceConnections specifies 250 Private Link Service Connections of the private 251 endpoint. 252 items: 253 description: PrivateLinkServiceConnection defines 254 the specification for a private link service 255 connection associated with a private endpoint. 256 properties: 257 groupIDs: 258 description: GroupIDs specifies the ID(s) 259 of the group(s) obtained from the remote 260 resource that this private endpoint should 261 connect to. 262 items: 263 type: string 264 type: array 265 name: 266 description: Name specifies the name of the 267 private link service. 268 type: string 269 privateLinkServiceID: 270 description: PrivateLinkServiceID specifies 271 the resource ID of the private link service. 272 type: string 273 requestMessage: 274 description: RequestMessage specifies a message 275 passed to the owner of the remote resource 276 with the private endpoint connection request. 277 maxLength: 140 278 type: string 279 type: object 280 type: array 281 required: 282 - name 283 type: object 284 type: array 285 x-kubernetes-list-map-keys: 286 - name 287 x-kubernetes-list-type: map 288 role: 289 description: Role defines the subnet role (eg. Node, ControlPlane) 290 enum: 291 - node 292 - control-plane 293 - bastion 294 - all 295 type: string 296 routeTable: 297 description: RouteTable defines the route table that should 298 be attached to this subnet. 299 properties: 300 id: 301 description: ID is the Azure resource ID of the route 302 table. READ-ONLY 303 type: string 304 name: 305 type: string 306 required: 307 - name 308 type: object 309 securityGroup: 310 description: SecurityGroup defines the NSG (network security 311 group) that should be attached to this subnet. 312 properties: 313 id: 314 description: ID is the Azure resource ID of the security 315 group. READ-ONLY 316 type: string 317 name: 318 type: string 319 securityRules: 320 description: SecurityRules is a slice of Azure security 321 rules for security groups. 322 items: 323 description: SecurityRule defines an Azure security 324 rule for security groups. 325 properties: 326 action: 327 default: Allow 328 description: Action specifies whether network 329 traffic is allowed or denied. Can either be 330 "Allow" or "Deny". Defaults to "Allow". 331 enum: 332 - Allow 333 - Deny 334 type: string 335 description: 336 description: A description for this rule. Restricted 337 to 140 chars. 338 type: string 339 destination: 340 description: Destination is the destination 341 address prefix. CIDR or destination IP range. 342 Asterix '*' can also be used to match all 343 source IPs. Default tags such as 'VirtualNetwork', 344 'AzureLoadBalancer' and 'Internet' can also 345 be used. 346 type: string 347 destinationPorts: 348 description: DestinationPorts specifies the 349 destination port or range. Integer or range 350 between 0 and 65535. Asterix '*' can also 351 be used to match all ports. 352 type: string 353 direction: 354 description: Direction indicates whether the 355 rule applies to inbound, or outbound traffic. 356 "Inbound" or "Outbound". 357 enum: 358 - Inbound 359 - Outbound 360 type: string 361 name: 362 description: Name is a unique name within the 363 network security group. 364 type: string 365 priority: 366 description: Priority is a number between 100 367 and 4096. Each rule should have a unique value 368 for priority. Rules are processed in priority 369 order, with lower numbers processed before 370 higher numbers. Once traffic matches a rule, 371 processing stops. 372 format: int32 373 type: integer 374 protocol: 375 description: Protocol specifies the protocol 376 type. "Tcp", "Udp", "Icmp", or "*". 377 enum: 378 - Tcp 379 - Udp 380 - Icmp 381 - '*' 382 type: string 383 source: 384 description: Source specifies the CIDR or source 385 IP range. Asterix '*' can also be used to 386 match all source IPs. Default tags such as 387 'VirtualNetwork', 'AzureLoadBalancer' and 388 'Internet' can also be used. If this is an 389 ingress rule, specifies where network traffic 390 originates from. 391 type: string 392 sourcePorts: 393 description: SourcePorts specifies source port 394 or range. Integer or range between 0 and 65535. 395 Asterix '*' can also be used to match all 396 ports. 397 type: string 398 sources: 399 description: Sources specifies The CIDR or source 400 IP ranges. 401 items: 402 type: string 403 type: array 404 required: 405 - description 406 - direction 407 - name 408 - protocol 409 type: object 410 type: array 411 x-kubernetes-list-map-keys: 412 - name 413 x-kubernetes-list-type: map 414 tags: 415 additionalProperties: 416 type: string 417 description: Tags defines a map of tags. 418 type: object 419 required: 420 - name 421 type: object 422 serviceEndpoints: 423 description: ServiceEndpoints is a slice of Virtual Network 424 service endpoints to enable for the subnets. 425 items: 426 description: ServiceEndpointSpec configures an Azure 427 Service Endpoint. 428 properties: 429 locations: 430 items: 431 type: string 432 type: array 433 service: 434 type: string 435 required: 436 - locations 437 - service 438 type: object 439 type: array 440 x-kubernetes-list-map-keys: 441 - service 442 x-kubernetes-list-type: map 443 required: 444 - name 445 - role 446 type: object 447 type: object 448 type: object 449 cloudProviderConfigOverrides: 450 description: 'CloudProviderConfigOverrides is an optional set of configuration 451 values that can be overridden in azure cloud provider config. This 452 is only a subset of options that are available in azure cloud provider 453 config. Some values for the cloud provider config are inferred from 454 other parts of cluster api provider azure spec, and may not be available 455 for overrides. See: https://cloud-provider-azure.sigs.k8s.io/install/configs 456 Note: All cloud provider config values can be customized by creating 457 the secret beforehand. CloudProviderConfigOverrides is only used 458 when the secret is managed by the Azure Provider.' 459 properties: 460 backOffs: 461 description: BackOffConfig indicates the back-off config options. 462 properties: 463 cloudProviderBackoff: 464 type: boolean 465 cloudProviderBackoffDuration: 466 type: integer 467 cloudProviderBackoffExponent: 468 anyOf: 469 - type: integer 470 - type: string 471 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 472 x-kubernetes-int-or-string: true 473 cloudProviderBackoffJitter: 474 anyOf: 475 - type: integer 476 - type: string 477 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 478 x-kubernetes-int-or-string: true 479 cloudProviderBackoffRetries: 480 type: integer 481 type: object 482 rateLimits: 483 items: 484 description: 'RateLimitSpec represents the rate limit configuration 485 for a particular kind of resource. Eg. loadBalancerRateLimit 486 is used to configure rate limits for load balancers. This 487 eventually gets converted to CloudProviderRateLimitConfig 488 that cloud-provider-azure expects. See: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/d585c2031925b39c925624302f22f8856e29e352/pkg/provider/azure_ratelimit.go#L25 489 We cannot use CloudProviderRateLimitConfig directly because 490 floating point values are not supported in controller-tools. 491 See: https://github.com/kubernetes-sigs/controller-tools/issues/245' 492 properties: 493 config: 494 description: RateLimitConfig indicates the rate limit config 495 options. 496 properties: 497 cloudProviderRateLimit: 498 type: boolean 499 cloudProviderRateLimitBucket: 500 type: integer 501 cloudProviderRateLimitBucketWrite: 502 type: integer 503 cloudProviderRateLimitQPS: 504 anyOf: 505 - type: integer 506 - type: string 507 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 508 x-kubernetes-int-or-string: true 509 cloudProviderRateLimitQPSWrite: 510 anyOf: 511 - type: integer 512 - type: string 513 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 514 x-kubernetes-int-or-string: true 515 type: object 516 name: 517 description: Name is the name of the rate limit spec. 518 enum: 519 - defaultRateLimit 520 - routeRateLimit 521 - subnetsRateLimit 522 - interfaceRateLimit 523 - routeTableRateLimit 524 - loadBalancerRateLimit 525 - publicIPAddressRateLimit 526 - securityGroupRateLimit 527 - virtualMachineRateLimit 528 - storageAccountRateLimit 529 - diskRateLimit 530 - snapshotRateLimit 531 - virtualMachineScaleSetRateLimit 532 - virtualMachineSizesRateLimit 533 - availabilitySetRateLimit 534 type: string 535 required: 536 - name 537 type: object 538 type: array 539 type: object 540 controlPlaneEndpoint: 541 description: ControlPlaneEndpoint represents the endpoint used to 542 communicate with the control plane. It is not recommended to set 543 this when creating an AzureCluster as CAPZ will set this for you. 544 However, if it is set, CAPZ will not change it. 545 properties: 546 host: 547 description: The hostname on which the API server is serving. 548 type: string 549 port: 550 description: The port on which the API server is serving. 551 format: int32 552 type: integer 553 required: 554 - host 555 - port 556 type: object 557 extendedLocation: 558 description: ExtendedLocation is an optional set of ExtendedLocation 559 properties for clusters on Azure public MEC. 560 properties: 561 name: 562 description: Name defines the name for the extended location. 563 type: string 564 type: 565 description: Type defines the type for the extended location. 566 enum: 567 - EdgeZone 568 type: string 569 required: 570 - name 571 - type 572 type: object 573 failureDomains: 574 additionalProperties: 575 description: FailureDomainSpec is the Schema for Cluster API failure 576 domains. It allows controllers to understand how many failure 577 domains a cluster can optionally span across. 578 properties: 579 attributes: 580 additionalProperties: 581 type: string 582 description: Attributes is a free form map of attributes an 583 infrastructure provider might use or require. 584 type: object 585 controlPlane: 586 description: ControlPlane determines if this failure domain 587 is suitable for use by control plane machines. 588 type: boolean 589 type: object 590 description: 'FailureDomains is a list of failure domains in the cluster''s 591 region, used to restrict eligibility to host the control plane. 592 A FailureDomain maps to an availability zone, which is a separated 593 group of datacenters within a region. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview' 594 type: object 595 identityRef: 596 description: IdentityRef is a reference to an AzureIdentity to be 597 used when reconciling this cluster 598 properties: 599 apiVersion: 600 description: API version of the referent. 601 type: string 602 fieldPath: 603 description: 'If referring to a piece of an object instead of 604 an entire object, this string should contain a valid JSON/Go 605 field access statement, such as desiredState.manifest.containers[2]. 606 For example, if the object reference is to a container within 607 a pod, this would take on a value like: "spec.containers{name}" 608 (where "name" refers to the name of the container that triggered 609 the event) or if no container name is specified "spec.containers[2]" 610 (container with index 2 in this pod). This syntax is chosen 611 only to have some well-defined way of referencing a part of 612 an object. TODO: this design is not final and this field is 613 subject to change in the future.' 614 type: string 615 kind: 616 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 617 type: string 618 name: 619 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 620 type: string 621 namespace: 622 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 623 type: string 624 resourceVersion: 625 description: 'Specific resourceVersion to which this reference 626 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 627 type: string 628 uid: 629 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 630 type: string 631 type: object 632 x-kubernetes-map-type: atomic 633 location: 634 type: string 635 networkSpec: 636 description: NetworkSpec encapsulates all things related to Azure 637 network. 638 properties: 639 apiServerLB: 640 description: APIServerLB is the configuration for the control-plane 641 load balancer. 642 properties: 643 backendPool: 644 description: BackendPool describes the backend pool of the 645 load balancer. 646 properties: 647 name: 648 description: Name specifies the name of backend pool for 649 the load balancer. If not specified, the default name 650 will be set, depending on the load balancer role. 651 type: string 652 type: object 653 frontendIPs: 654 items: 655 description: FrontendIP defines a load balancer frontend 656 IP configuration. 657 properties: 658 name: 659 minLength: 1 660 type: string 661 privateIP: 662 type: string 663 publicIP: 664 description: PublicIPSpec defines the inputs to create 665 an Azure public IP address. 666 properties: 667 dnsName: 668 type: string 669 ipTags: 670 items: 671 description: IPTag contains the IpTag associated 672 with the object. 673 properties: 674 tag: 675 description: 'Tag specifies the value of the 676 IP tag associated with the public IP. Example: 677 SQL.' 678 type: string 679 type: 680 description: 'Type specifies the IP tag type. 681 Example: FirstPartyUsage.' 682 type: string 683 required: 684 - tag 685 - type 686 type: object 687 type: array 688 name: 689 type: string 690 required: 691 - name 692 type: object 693 required: 694 - name 695 type: object 696 type: array 697 frontendIPsCount: 698 description: FrontendIPsCount specifies the number of frontend 699 IP addresses for the load balancer. 700 format: int32 701 type: integer 702 id: 703 description: ID is the Azure resource ID of the load balancer. 704 READ-ONLY 705 type: string 706 idleTimeoutInMinutes: 707 description: IdleTimeoutInMinutes specifies the timeout for 708 the TCP idle connection. 709 format: int32 710 type: integer 711 name: 712 type: string 713 sku: 714 description: SKU defines an Azure load balancer SKU. 715 type: string 716 type: 717 description: LBType defines an Azure load balancer Type. 718 type: string 719 type: object 720 controlPlaneOutboundLB: 721 description: ControlPlaneOutboundLB is the configuration for the 722 control-plane outbound load balancer. This is different from 723 APIServerLB, and is used only in private clusters (optionally) 724 for enabling outbound traffic. 725 properties: 726 backendPool: 727 description: BackendPool describes the backend pool of the 728 load balancer. 729 properties: 730 name: 731 description: Name specifies the name of backend pool for 732 the load balancer. If not specified, the default name 733 will be set, depending on the load balancer role. 734 type: string 735 type: object 736 frontendIPs: 737 items: 738 description: FrontendIP defines a load balancer frontend 739 IP configuration. 740 properties: 741 name: 742 minLength: 1 743 type: string 744 privateIP: 745 type: string 746 publicIP: 747 description: PublicIPSpec defines the inputs to create 748 an Azure public IP address. 749 properties: 750 dnsName: 751 type: string 752 ipTags: 753 items: 754 description: IPTag contains the IpTag associated 755 with the object. 756 properties: 757 tag: 758 description: 'Tag specifies the value of the 759 IP tag associated with the public IP. Example: 760 SQL.' 761 type: string 762 type: 763 description: 'Type specifies the IP tag type. 764 Example: FirstPartyUsage.' 765 type: string 766 required: 767 - tag 768 - type 769 type: object 770 type: array 771 name: 772 type: string 773 required: 774 - name 775 type: object 776 required: 777 - name 778 type: object 779 type: array 780 frontendIPsCount: 781 description: FrontendIPsCount specifies the number of frontend 782 IP addresses for the load balancer. 783 format: int32 784 type: integer 785 id: 786 description: ID is the Azure resource ID of the load balancer. 787 READ-ONLY 788 type: string 789 idleTimeoutInMinutes: 790 description: IdleTimeoutInMinutes specifies the timeout for 791 the TCP idle connection. 792 format: int32 793 type: integer 794 name: 795 type: string 796 sku: 797 description: SKU defines an Azure load balancer SKU. 798 type: string 799 type: 800 description: LBType defines an Azure load balancer Type. 801 type: string 802 type: object 803 nodeOutboundLB: 804 description: NodeOutboundLB is the configuration for the node 805 outbound load balancer. 806 properties: 807 backendPool: 808 description: BackendPool describes the backend pool of the 809 load balancer. 810 properties: 811 name: 812 description: Name specifies the name of backend pool for 813 the load balancer. If not specified, the default name 814 will be set, depending on the load balancer role. 815 type: string 816 type: object 817 frontendIPs: 818 items: 819 description: FrontendIP defines a load balancer frontend 820 IP configuration. 821 properties: 822 name: 823 minLength: 1 824 type: string 825 privateIP: 826 type: string 827 publicIP: 828 description: PublicIPSpec defines the inputs to create 829 an Azure public IP address. 830 properties: 831 dnsName: 832 type: string 833 ipTags: 834 items: 835 description: IPTag contains the IpTag associated 836 with the object. 837 properties: 838 tag: 839 description: 'Tag specifies the value of the 840 IP tag associated with the public IP. Example: 841 SQL.' 842 type: string 843 type: 844 description: 'Type specifies the IP tag type. 845 Example: FirstPartyUsage.' 846 type: string 847 required: 848 - tag 849 - type 850 type: object 851 type: array 852 name: 853 type: string 854 required: 855 - name 856 type: object 857 required: 858 - name 859 type: object 860 type: array 861 frontendIPsCount: 862 description: FrontendIPsCount specifies the number of frontend 863 IP addresses for the load balancer. 864 format: int32 865 type: integer 866 id: 867 description: ID is the Azure resource ID of the load balancer. 868 READ-ONLY 869 type: string 870 idleTimeoutInMinutes: 871 description: IdleTimeoutInMinutes specifies the timeout for 872 the TCP idle connection. 873 format: int32 874 type: integer 875 name: 876 type: string 877 sku: 878 description: SKU defines an Azure load balancer SKU. 879 type: string 880 type: 881 description: LBType defines an Azure load balancer Type. 882 type: string 883 type: object 884 privateDNSZoneName: 885 description: PrivateDNSZoneName defines the zone name for the 886 Azure Private DNS. 887 type: string 888 subnets: 889 description: Subnets is the configuration for the control-plane 890 subnet and the node subnet. 891 items: 892 description: SubnetSpec configures an Azure subnet. 893 properties: 894 cidrBlocks: 895 description: CIDRBlocks defines the subnet's address space, 896 specified as one or more address prefixes in CIDR notation. 897 items: 898 type: string 899 type: array 900 id: 901 description: ID is the Azure resource ID of the subnet. 902 READ-ONLY 903 type: string 904 name: 905 description: Name defines a name for the subnet resource. 906 type: string 907 natGateway: 908 description: NatGateway associated with this subnet. 909 properties: 910 id: 911 description: ID is the Azure resource ID of the NAT 912 gateway. READ-ONLY 913 type: string 914 ip: 915 description: PublicIPSpec defines the inputs to create 916 an Azure public IP address. 917 properties: 918 dnsName: 919 type: string 920 ipTags: 921 items: 922 description: IPTag contains the IpTag associated 923 with the object. 924 properties: 925 tag: 926 description: 'Tag specifies the value of the 927 IP tag associated with the public IP. Example: 928 SQL.' 929 type: string 930 type: 931 description: 'Type specifies the IP tag type. 932 Example: FirstPartyUsage.' 933 type: string 934 required: 935 - tag 936 - type 937 type: object 938 type: array 939 name: 940 type: string 941 required: 942 - name 943 type: object 944 name: 945 type: string 946 required: 947 - name 948 type: object 949 privateEndpoints: 950 description: PrivateEndpoints defines a list of private 951 endpoints that should be attached to this subnet. 952 items: 953 description: PrivateEndpointSpec configures an Azure Private 954 Endpoint. 955 properties: 956 applicationSecurityGroups: 957 description: ApplicationSecurityGroups specifies the 958 Application security group in which the private 959 endpoint IP configuration is included. 960 items: 961 type: string 962 type: array 963 customNetworkInterfaceName: 964 description: CustomNetworkInterfaceName specifies 965 the network interface name associated with the private 966 endpoint. 967 type: string 968 location: 969 description: Location specifies the region to create 970 the private endpoint. 971 type: string 972 manualApproval: 973 description: ManualApproval specifies if the connection 974 approval needs to be done manually or not. Set it 975 true when the network admin does not have access 976 to approve connections to the remote resource. Defaults 977 to false. 978 type: boolean 979 name: 980 description: Name specifies the name of the private 981 endpoint. 982 type: string 983 privateIPAddresses: 984 description: PrivateIPAddresses specifies the IP addresses 985 for the network interface associated with the private 986 endpoint. They have to be part of the subnet where 987 the private endpoint is linked. 988 items: 989 type: string 990 type: array 991 privateLinkServiceConnections: 992 description: PrivateLinkServiceConnections specifies 993 Private Link Service Connections of the private 994 endpoint. 995 items: 996 description: PrivateLinkServiceConnection defines 997 the specification for a private link service connection 998 associated with a private endpoint. 999 properties: 1000 groupIDs: 1001 description: GroupIDs specifies the ID(s) of 1002 the group(s) obtained from the remote resource 1003 that this private endpoint should connect 1004 to. 1005 items: 1006 type: string 1007 type: array 1008 name: 1009 description: Name specifies the name of the 1010 private link service. 1011 type: string 1012 privateLinkServiceID: 1013 description: PrivateLinkServiceID specifies 1014 the resource ID of the private link service. 1015 type: string 1016 requestMessage: 1017 description: RequestMessage specifies a message 1018 passed to the owner of the remote resource 1019 with the private endpoint connection request. 1020 maxLength: 140 1021 type: string 1022 type: object 1023 type: array 1024 required: 1025 - name 1026 type: object 1027 type: array 1028 x-kubernetes-list-map-keys: 1029 - name 1030 x-kubernetes-list-type: map 1031 role: 1032 description: Role defines the subnet role (eg. Node, ControlPlane) 1033 enum: 1034 - node 1035 - control-plane 1036 - bastion 1037 - all 1038 type: string 1039 routeTable: 1040 description: RouteTable defines the route table that should 1041 be attached to this subnet. 1042 properties: 1043 id: 1044 description: ID is the Azure resource ID of the route 1045 table. READ-ONLY 1046 type: string 1047 name: 1048 type: string 1049 required: 1050 - name 1051 type: object 1052 securityGroup: 1053 description: SecurityGroup defines the NSG (network security 1054 group) that should be attached to this subnet. 1055 properties: 1056 id: 1057 description: ID is the Azure resource ID of the security 1058 group. READ-ONLY 1059 type: string 1060 name: 1061 type: string 1062 securityRules: 1063 description: SecurityRules is a slice of Azure security 1064 rules for security groups. 1065 items: 1066 description: SecurityRule defines an Azure security 1067 rule for security groups. 1068 properties: 1069 action: 1070 default: Allow 1071 description: Action specifies whether network 1072 traffic is allowed or denied. Can either be 1073 "Allow" or "Deny". Defaults to "Allow". 1074 enum: 1075 - Allow 1076 - Deny 1077 type: string 1078 description: 1079 description: A description for this rule. Restricted 1080 to 140 chars. 1081 type: string 1082 destination: 1083 description: Destination is the destination address 1084 prefix. CIDR or destination IP range. Asterix 1085 '*' can also be used to match all source IPs. 1086 Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' 1087 and 'Internet' can also be used. 1088 type: string 1089 destinationPorts: 1090 description: DestinationPorts specifies the destination 1091 port or range. Integer or range between 0 and 1092 65535. Asterix '*' can also be used to match 1093 all ports. 1094 type: string 1095 direction: 1096 description: Direction indicates whether the rule 1097 applies to inbound, or outbound traffic. "Inbound" 1098 or "Outbound". 1099 enum: 1100 - Inbound 1101 - Outbound 1102 type: string 1103 name: 1104 description: Name is a unique name within the 1105 network security group. 1106 type: string 1107 priority: 1108 description: Priority is a number between 100 1109 and 4096. Each rule should have a unique value 1110 for priority. Rules are processed in priority 1111 order, with lower numbers processed before higher 1112 numbers. Once traffic matches a rule, processing 1113 stops. 1114 format: int32 1115 type: integer 1116 protocol: 1117 description: Protocol specifies the protocol type. 1118 "Tcp", "Udp", "Icmp", or "*". 1119 enum: 1120 - Tcp 1121 - Udp 1122 - Icmp 1123 - '*' 1124 type: string 1125 source: 1126 description: Source specifies the CIDR or source 1127 IP range. Asterix '*' can also be used to match 1128 all source IPs. Default tags such as 'VirtualNetwork', 1129 'AzureLoadBalancer' and 'Internet' can also 1130 be used. If this is an ingress rule, specifies 1131 where network traffic originates from. 1132 type: string 1133 sourcePorts: 1134 description: SourcePorts specifies source port 1135 or range. Integer or range between 0 and 65535. 1136 Asterix '*' can also be used to match all ports. 1137 type: string 1138 sources: 1139 description: Sources specifies The CIDR or source 1140 IP ranges. 1141 items: 1142 type: string 1143 type: array 1144 required: 1145 - description 1146 - direction 1147 - name 1148 - protocol 1149 type: object 1150 type: array 1151 x-kubernetes-list-map-keys: 1152 - name 1153 x-kubernetes-list-type: map 1154 tags: 1155 additionalProperties: 1156 type: string 1157 description: Tags defines a map of tags. 1158 type: object 1159 required: 1160 - name 1161 type: object 1162 serviceEndpoints: 1163 description: ServiceEndpoints is a slice of Virtual Network 1164 service endpoints to enable for the subnets. 1165 items: 1166 description: ServiceEndpointSpec configures an Azure Service 1167 Endpoint. 1168 properties: 1169 locations: 1170 items: 1171 type: string 1172 type: array 1173 service: 1174 type: string 1175 required: 1176 - locations 1177 - service 1178 type: object 1179 type: array 1180 x-kubernetes-list-map-keys: 1181 - service 1182 x-kubernetes-list-type: map 1183 required: 1184 - name 1185 - role 1186 type: object 1187 type: array 1188 x-kubernetes-list-map-keys: 1189 - name 1190 x-kubernetes-list-type: map 1191 vnet: 1192 description: Vnet is the configuration for the Azure virtual network. 1193 properties: 1194 cidrBlocks: 1195 description: CIDRBlocks defines the virtual network's address 1196 space, specified as one or more address prefixes in CIDR 1197 notation. 1198 items: 1199 type: string 1200 type: array 1201 id: 1202 description: ID is the Azure resource ID of the virtual network. 1203 READ-ONLY 1204 type: string 1205 name: 1206 description: Name defines a name for the virtual network resource. 1207 type: string 1208 peerings: 1209 description: Peerings defines a list of peerings of the newly 1210 created virtual network with existing virtual networks. 1211 items: 1212 description: VnetPeeringSpec specifies an existing remote 1213 virtual network to peer with the AzureCluster's virtual 1214 network. 1215 properties: 1216 forwardPeeringProperties: 1217 description: ForwardPeeringProperties specifies VnetPeeringProperties 1218 for peering from the cluster's virtual network to 1219 the remote virtual network. 1220 properties: 1221 allowForwardedTraffic: 1222 description: AllowForwardedTraffic specifies whether 1223 the forwarded traffic from the VMs in the local 1224 virtual network will be allowed/disallowed in 1225 remote virtual network. 1226 type: boolean 1227 allowGatewayTransit: 1228 description: AllowGatewayTransit specifies if gateway 1229 links can be used in remote virtual networking 1230 to link to this virtual network. 1231 type: boolean 1232 allowVirtualNetworkAccess: 1233 description: AllowVirtualNetworkAccess specifies 1234 whether the VMs in the local virtual network space 1235 would be able to access the VMs in remote virtual 1236 network space. 1237 type: boolean 1238 useRemoteGateways: 1239 description: UseRemoteGateways specifies if remote 1240 gateways can be used on this virtual network. 1241 If the flag is set to true, and allowGatewayTransit 1242 on remote peering is also set to true, the virtual 1243 network will use the gateways of the remote virtual 1244 network for transit. Only one peering can have 1245 this flag set to true. This flag cannot be set 1246 if virtual network already has a gateway. 1247 type: boolean 1248 type: object 1249 remoteVnetName: 1250 description: RemoteVnetName defines name of the remote 1251 virtual network. 1252 type: string 1253 resourceGroup: 1254 description: ResourceGroup is the resource group name 1255 of the remote virtual network. 1256 type: string 1257 reversePeeringProperties: 1258 description: ReversePeeringProperties specifies VnetPeeringProperties 1259 for peering from the remote virtual network to the 1260 cluster's virtual network. 1261 properties: 1262 allowForwardedTraffic: 1263 description: AllowForwardedTraffic specifies whether 1264 the forwarded traffic from the VMs in the local 1265 virtual network will be allowed/disallowed in 1266 remote virtual network. 1267 type: boolean 1268 allowGatewayTransit: 1269 description: AllowGatewayTransit specifies if gateway 1270 links can be used in remote virtual networking 1271 to link to this virtual network. 1272 type: boolean 1273 allowVirtualNetworkAccess: 1274 description: AllowVirtualNetworkAccess specifies 1275 whether the VMs in the local virtual network space 1276 would be able to access the VMs in remote virtual 1277 network space. 1278 type: boolean 1279 useRemoteGateways: 1280 description: UseRemoteGateways specifies if remote 1281 gateways can be used on this virtual network. 1282 If the flag is set to true, and allowGatewayTransit 1283 on remote peering is also set to true, the virtual 1284 network will use the gateways of the remote virtual 1285 network for transit. Only one peering can have 1286 this flag set to true. This flag cannot be set 1287 if virtual network already has a gateway. 1288 type: boolean 1289 type: object 1290 required: 1291 - remoteVnetName 1292 type: object 1293 type: array 1294 resourceGroup: 1295 description: ResourceGroup is the name of the resource group 1296 of the existing virtual network or the resource group where 1297 a managed virtual network should be created. 1298 type: string 1299 tags: 1300 additionalProperties: 1301 type: string 1302 description: Tags is a collection of tags describing the resource. 1303 type: object 1304 required: 1305 - name 1306 type: object 1307 type: object 1308 resourceGroup: 1309 type: string 1310 subscriptionID: 1311 type: string 1312 required: 1313 - location 1314 type: object 1315 status: 1316 description: AzureClusterStatus defines the observed state of AzureCluster. 1317 properties: 1318 conditions: 1319 description: Conditions defines current service state of the AzureCluster. 1320 items: 1321 description: Condition defines an observation of a Cluster API resource 1322 operational state. 1323 properties: 1324 lastTransitionTime: 1325 description: Last time the condition transitioned from one status 1326 to another. This should be when the underlying condition changed. 1327 If that is not known, then using the time when the API field 1328 changed is acceptable. 1329 format: date-time 1330 type: string 1331 message: 1332 description: A human readable message indicating details about 1333 the transition. This field may be empty. 1334 type: string 1335 reason: 1336 description: The reason for the condition's last transition 1337 in CamelCase. The specific API may choose whether or not this 1338 field is considered a guaranteed API. This field may not be 1339 empty. 1340 type: string 1341 severity: 1342 description: Severity provides an explicit classification of 1343 Reason code, so the users or machines can immediately understand 1344 the current situation and act accordingly. The Severity field 1345 MUST be set only when Status=False. 1346 type: string 1347 status: 1348 description: Status of the condition, one of True, False, Unknown. 1349 type: string 1350 type: 1351 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1352 Many .condition.type values are consistent across resources 1353 like Available, but because arbitrary conditions can be useful 1354 (see .node.status.conditions), the ability to deconflict is 1355 important. 1356 type: string 1357 required: 1358 - lastTransitionTime 1359 - status 1360 - type 1361 type: object 1362 type: array 1363 failureDomains: 1364 additionalProperties: 1365 description: FailureDomainSpec is the Schema for Cluster API failure 1366 domains. It allows controllers to understand how many failure 1367 domains a cluster can optionally span across. 1368 properties: 1369 attributes: 1370 additionalProperties: 1371 type: string 1372 description: Attributes is a free form map of attributes an 1373 infrastructure provider might use or require. 1374 type: object 1375 controlPlane: 1376 description: ControlPlane determines if this failure domain 1377 is suitable for use by control plane machines. 1378 type: boolean 1379 type: object 1380 description: 'FailureDomains specifies the list of unique failure 1381 domains for the location/region of the cluster. A FailureDomain 1382 maps to Availability Zone with an Azure Region (if the region support 1383 them). An Availability Zone is a separate data center within a region 1384 and they can be used to ensure the cluster is more resilient to 1385 failure. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview 1386 This list will be used by Cluster API to try and spread the machines 1387 across the failure domains.' 1388 type: object 1389 longRunningOperationStates: 1390 description: LongRunningOperationStates saves the states for Azure 1391 long-running operations so they can be continued on the next reconciliation 1392 loop. 1393 items: 1394 description: Future contains the data needed for an Azure long-running 1395 operation to continue across reconcile loops. 1396 properties: 1397 data: 1398 description: Data is the base64 url encoded json Azure AutoRest 1399 Future. 1400 type: string 1401 name: 1402 description: Name is the name of the Azure resource. Together 1403 with the service name, this forms the unique identifier for 1404 the future. 1405 type: string 1406 resourceGroup: 1407 description: ResourceGroup is the Azure resource group for the 1408 resource. 1409 type: string 1410 serviceName: 1411 description: ServiceName is the name of the Azure service. Together 1412 with the name of the resource, this forms the unique identifier 1413 for the future. 1414 type: string 1415 type: 1416 description: Type describes the type of future, such as update, 1417 create, delete, etc. 1418 type: string 1419 required: 1420 - data 1421 - name 1422 - serviceName 1423 - type 1424 type: object 1425 type: array 1426 ready: 1427 description: Ready is true when the provider resource is ready. 1428 type: boolean 1429 type: object 1430 type: object 1431 served: true 1432 storage: true 1433 subresources: 1434 status: {}