sigs.k8s.io/cluster-api-provider-azure@v1.14.3/templates/test/ci/cluster-template-prow-clusterclass-ci-default.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: ClusterClass 3 metadata: 4 name: ${CLUSTER_CLASS_NAME} 5 namespace: default 6 spec: 7 controlPlane: 8 machineInfrastructure: 9 ref: 10 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 11 kind: AzureMachineTemplate 12 name: ${CLUSTER_NAME}-control-plane 13 ref: 14 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 15 kind: KubeadmControlPlaneTemplate 16 name: ${CLUSTER_NAME}-control-plane 17 infrastructure: 18 ref: 19 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 20 kind: AzureClusterTemplate 21 name: ${CLUSTER_NAME}-azure-cluster 22 patches: 23 - definitions: 24 - jsonPatches: 25 - op: add 26 path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer/extraArgs 27 valueFrom: 28 template: | 29 feature-gates: {{ .k8sFeatureGates }} 30 selector: 31 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 32 kind: KubeadmControlPlaneTemplate 33 matchResources: 34 controlPlane: true 35 enabledIf: '{{ if .k8sFeatureGates }}true{{end}}' 36 name: k8sFeatureGates 37 - definitions: 38 - jsonPatches: 39 - op: add 40 path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/controllerManager/extraArgs/cluster-name 41 valueFrom: 42 variable: builtin.cluster.name 43 - op: replace 44 path: /spec/template/spec/kubeadmConfigSpec/files 45 valueFrom: 46 template: | 47 - contentFrom: 48 secret: 49 key: control-plane-azure.json 50 name: "{{ .builtin.controlPlane.machineTemplate.infrastructureRef.name }}-azure-json" 51 owner: root:root 52 path: /etc/kubernetes/azure.json 53 permissions: "0644" 54 selector: 55 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 56 kind: KubeadmControlPlaneTemplate 57 matchResources: 58 controlPlane: true 59 name: controlPlaneAzureJsonSecretName 60 - definitions: 61 - jsonPatches: 62 - op: replace 63 path: /spec/template/spec/files 64 valueFrom: 65 template: | 66 - contentFrom: 67 secret: 68 key: worker-node-azure.json 69 name: "{{ .builtin.machineDeployment.infrastructureRef.name }}-azure-json" 70 owner: root:root 71 path: /etc/kubernetes/azure.json 72 permissions: "0644" 73 selector: 74 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 75 kind: KubeadmConfigTemplate 76 matchResources: 77 machineDeploymentClass: 78 names: 79 - ${CLUSTER_NAME}-worker 80 name: workerAzureJsonSecretName 81 - definitions: 82 - jsonPatches: 83 - op: replace 84 path: /spec/template/spec/files 85 valueFrom: 86 template: | 87 - contentFrom: 88 secret: 89 key: worker-node-azure.json 90 name: "{{ .builtin.machineDeployment.infrastructureRef.name }}-azure-json" 91 owner: root:root 92 path: c:/k/azure.json 93 permissions: "0644" 94 - path: C:/defender-exclude-calico.ps1 95 permissions: "0744" 96 content: |- 97 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico.exe 98 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico-ipam.exe 99 selector: 100 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 101 kind: KubeadmConfigTemplate 102 matchResources: 103 machineDeploymentClass: 104 names: 105 - ${CLUSTER_NAME}-worker-win 106 name: workerAzureJsonSecretNameWin 107 - definitions: 108 - jsonPatches: 109 - op: replace 110 path: /spec/template/spec/additionalTags 111 valueFrom: 112 template: | 113 buildProvenance: {{ .buildProvenance }} 114 creationTimestamp: {{ .timestamp }} 115 jobName: {{ .jobName }} 116 selector: 117 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 118 kind: AzureClusterTemplate 119 matchResources: 120 infrastructureCluster: true 121 name: additionalTags 122 - definitions: 123 - jsonPatches: 124 - op: add 125 path: /spec/template/spec/identityRef/name 126 valueFrom: 127 variable: clusterIdentityRef 128 selector: 129 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 130 kind: AzureClusterTemplate 131 matchResources: 132 infrastructureCluster: true 133 name: clusterIdentityRef 134 - definitions: 135 - jsonPatches: 136 - op: replace 137 path: /spec/template/spec/location 138 valueFrom: 139 variable: location 140 selector: 141 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 142 kind: AzureClusterTemplate 143 matchResources: 144 infrastructureCluster: true 145 name: location 146 - definitions: 147 - jsonPatches: 148 - op: add 149 path: /spec/template/spec/subscriptionID 150 valueFrom: 151 variable: subscriptionID 152 selector: 153 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 154 kind: AzureClusterTemplate 155 matchResources: 156 infrastructureCluster: true 157 name: subscriptionID 158 - definitions: 159 - jsonPatches: 160 - op: add 161 path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/controllerManager/extraArgs/v 162 valueFrom: 163 variable: logLevel 164 selector: 165 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 166 kind: KubeadmControlPlaneTemplate 167 matchResources: 168 controlPlane: true 169 name: logLevel 170 - definitions: 171 - jsonPatches: 172 - op: add 173 path: /spec/template/spec/vmSize 174 valueFrom: 175 variable: controlPlaneMachineType 176 selector: 177 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 178 kind: AzureMachineTemplate 179 matchResources: 180 controlPlane: true 181 name: controlPlaneMachineType 182 - definitions: 183 - jsonPatches: 184 - op: add 185 path: /spec/template/spec/vmSize 186 valueFrom: 187 variable: workerMachineType 188 selector: 189 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 190 kind: AzureMachineTemplate 191 matchResources: 192 machineDeploymentClass: 193 names: 194 - ${CLUSTER_NAME}-worker 195 name: workerMachineType 196 - definitions: 197 - jsonPatches: 198 - op: add 199 path: /spec/template/spec/vmSize 200 valueFrom: 201 variable: workerMachineTypeWin 202 selector: 203 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 204 kind: AzureMachineTemplate 205 matchResources: 206 machineDeploymentClass: 207 names: 208 - ${CLUSTER_NAME}-worker-win 209 name: workerMachineTypeWin 210 - definitions: 211 - jsonPatches: 212 - op: add 213 path: /spec/template/spec/sshPublicKey 214 valueFrom: 215 variable: sshPublicKey 216 selector: 217 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 218 kind: AzureMachineTemplate 219 matchResources: 220 machineDeploymentClass: 221 names: 222 - ${CLUSTER_NAME}-worker 223 - ${CLUSTER_NAME}-worker-win 224 name: sshPublicKey 225 - definitions: 226 - jsonPatches: 227 - op: add 228 path: /spec/template/spec/users 229 valueFrom: 230 template: | 231 - name: capi 232 groups: Administrators 233 sshAuthorizedKeys: 234 - {{ .sshPublicKey }} 235 selector: 236 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 237 kind: KubeadmConfigTemplate 238 matchResources: 239 machineDeploymentClass: 240 names: 241 - ${CLUSTER_NAME}-worker-win 242 name: sshPublicKeyWin 243 - definitions: 244 - jsonPatches: 245 - op: add 246 path: /spec/template/spec/files/- 247 valueFrom: 248 template: | 249 content: | 250 # /tmp is assumed created and required for upstream e2e tests to pass 251 New-Item -ItemType Directory -Force -Path C:\tmp\ 252 path: C:/create-temp-folder.ps1 253 permissions: "0744" 254 - op: add 255 path: /spec/template/spec/preKubeadmCommands 256 valueFrom: 257 template: | 258 - "powershell C:/create-temp-folder.ps1" 259 selector: 260 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 261 kind: KubeadmConfigTemplate 262 matchResources: 263 machineDeploymentClass: 264 names: 265 - ${CLUSTER_NAME}-worker-win 266 name: tmpFolder 267 variables: 268 - name: k8sFeatureGates 269 required: false 270 schema: 271 openAPIV3Schema: 272 type: string 273 - name: buildProvenance 274 required: false 275 schema: 276 openAPIV3Schema: 277 type: string 278 - name: timestamp 279 required: false 280 schema: 281 openAPIV3Schema: 282 type: string 283 - name: jobName 284 required: false 285 schema: 286 openAPIV3Schema: 287 type: string 288 - name: clusterIdentityRef 289 required: true 290 schema: 291 openAPIV3Schema: 292 type: string 293 - name: location 294 required: true 295 schema: 296 openAPIV3Schema: 297 type: string 298 - name: subscriptionID 299 required: true 300 schema: 301 openAPIV3Schema: 302 type: string 303 - name: logLevel 304 required: false 305 schema: 306 openAPIV3Schema: 307 type: string 308 - name: controlPlaneMachineType 309 required: false 310 schema: 311 openAPIV3Schema: 312 default: Standard_B2s 313 type: string 314 - name: workerMachineType 315 required: false 316 schema: 317 openAPIV3Schema: 318 default: Standard_B2s 319 type: string 320 - name: workerMachineTypeWin 321 required: false 322 schema: 323 openAPIV3Schema: 324 default: Standard_B2s 325 type: string 326 - name: sshPublicKey 327 required: true 328 schema: 329 openAPIV3Schema: 330 default: "" 331 type: string 332 workers: 333 machineDeployments: 334 - class: ${CLUSTER_NAME}-worker 335 machineHealthCheck: 336 maxUnhealthy: 100% 337 unhealthyConditions: 338 - status: "True" 339 timeout: 30s 340 type: E2ENodeUnhealthy 341 template: 342 bootstrap: 343 ref: 344 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 345 kind: KubeadmConfigTemplate 346 name: ${CLUSTER_NAME}-worker 347 infrastructure: 348 ref: 349 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 350 kind: AzureMachineTemplate 351 name: ${CLUSTER_NAME}-worker 352 - class: ${CLUSTER_NAME}-worker-win 353 machineHealthCheck: 354 maxUnhealthy: 100% 355 unhealthyConditions: 356 - status: "True" 357 timeout: 30s 358 type: E2ENodeUnhealthy 359 template: 360 bootstrap: 361 ref: 362 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 363 kind: KubeadmConfigTemplate 364 name: ${CLUSTER_NAME}-worker-win 365 infrastructure: 366 ref: 367 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 368 kind: AzureMachineTemplate 369 name: ${CLUSTER_NAME}-worker-win 370 --- 371 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 372 kind: KubeadmControlPlaneTemplate 373 metadata: 374 name: ${CLUSTER_NAME}-control-plane 375 namespace: default 376 spec: 377 template: 378 spec: 379 kubeadmConfigSpec: 380 clusterConfiguration: 381 apiServer: 382 extraArgs: 383 cloud-provider: external 384 timeoutForControlPlane: 20m 385 controllerManager: 386 extraArgs: 387 allocate-node-cidrs: "false" 388 cloud-provider: external 389 cluster-name: ${CLUSTER_NAME} 390 etcd: 391 local: 392 dataDir: /var/lib/etcddisk/etcd 393 extraArgs: 394 quota-backend-bytes: "8589934592" 395 diskSetup: 396 filesystems: 397 - device: /dev/disk/azure/scsi1/lun0 398 extraOpts: 399 - -E 400 - lazy_itable_init=1,lazy_journal_init=1 401 filesystem: ext4 402 label: etcd_disk 403 - device: ephemeral0.1 404 filesystem: ext4 405 label: ephemeral0 406 replaceFS: ntfs 407 partitions: 408 - device: /dev/disk/azure/scsi1/lun0 409 layout: true 410 overwrite: false 411 tableType: gpt 412 files: 413 - contentFrom: 414 secret: 415 key: control-plane-azure.json 416 name: replace_me 417 owner: root:root 418 path: /etc/kubernetes/azure.json 419 permissions: "0644" 420 initConfiguration: 421 nodeRegistration: 422 kubeletExtraArgs: 423 cloud-provider: external 424 name: '{{ ds.meta_data["local_hostname"] }}' 425 joinConfiguration: 426 nodeRegistration: 427 kubeletExtraArgs: 428 cloud-provider: external 429 name: '{{ ds.meta_data["local_hostname"] }}' 430 mounts: 431 - - LABEL=etcd_disk 432 - /var/lib/etcddisk 433 postKubeadmCommands: [] 434 preKubeadmCommands: [] 435 --- 436 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 437 kind: AzureClusterTemplate 438 metadata: 439 name: ${CLUSTER_NAME}-azure-cluster 440 namespace: default 441 spec: 442 template: 443 spec: 444 additionalTags: 445 replace_me_key: replace_me_val 446 identityRef: 447 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 448 kind: AzureClusterIdentity 449 name: ${CLUSTER_IDENTITY_NAME} 450 location: ${AZURE_LOCATION} 451 networkSpec: 452 subnets: 453 - name: control-plane-subnet 454 role: control-plane 455 - name: node-subnet 456 natGateway: 457 name: node-natgateway 458 role: node 459 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 460 --- 461 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 462 kind: AzureMachineTemplate 463 metadata: 464 name: ${CLUSTER_NAME}-control-plane 465 namespace: default 466 spec: 467 template: 468 spec: 469 dataDisks: 470 - diskSizeGB: 256 471 lun: 0 472 nameSuffix: etcddisk 473 osDisk: 474 diskSizeGB: 128 475 osType: Linux 476 sshPublicKey: "" 477 vmSize: replace_me 478 --- 479 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 480 kind: KubeadmConfigTemplate 481 metadata: 482 name: ${CLUSTER_NAME}-worker 483 namespace: default 484 spec: 485 template: 486 spec: 487 files: 488 - contentFrom: 489 secret: 490 key: worker-node-azure.json 491 name: replace_me 492 owner: root:root 493 path: /etc/kubernetes/azure.json 494 permissions: "0644" 495 joinConfiguration: 496 nodeRegistration: 497 kubeletExtraArgs: 498 cloud-provider: external 499 name: '{{ ds.meta_data["local_hostname"] }}' 500 preKubeadmCommands: [] 501 --- 502 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 503 kind: AzureMachineTemplate 504 metadata: 505 name: ${CLUSTER_NAME}-worker 506 namespace: default 507 spec: 508 template: 509 spec: 510 osDisk: 511 diskSizeGB: 128 512 osType: Linux 513 sshPublicKey: "" 514 vmSize: replace_me 515 --- 516 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 517 kind: KubeadmConfigTemplate 518 metadata: 519 name: ${CLUSTER_NAME}-worker-win 520 namespace: default 521 spec: 522 template: 523 spec: 524 files: 525 - contentFrom: 526 secret: 527 key: worker-node-azure.json 528 name: replace_me 529 owner: root:root 530 path: c:/k/azure.json 531 permissions: "0644" 532 - content: |- 533 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico.exe 534 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico-ipam.exe 535 path: C:/defender-exclude-calico.ps1 536 permissions: "0744" 537 joinConfiguration: 538 nodeRegistration: 539 criSocket: npipe:////./pipe/containerd-containerd 540 kubeletExtraArgs: 541 cloud-provider: external 542 v: "2" 543 windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS 544 name: '{{ ds.meta_data["local_hostname"] }}' 545 postKubeadmCommands: 546 - nssm set kubelet start SERVICE_AUTO_START 547 - powershell C:/defender-exclude-calico.ps1 548 preKubeadmCommands: [] 549 --- 550 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 551 kind: AzureMachineTemplate 552 metadata: 553 annotations: 554 runtime: containerd 555 name: ${CLUSTER_NAME}-worker-win 556 namespace: default 557 spec: 558 template: 559 spec: 560 osDisk: 561 diskSizeGB: 128 562 managedDisk: 563 storageAccountType: Premium_LRS 564 osType: Windows 565 sshPublicKey: "" 566 vmSize: replace_me 567 --- 568 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 569 kind: AzureClusterIdentity 570 metadata: 571 labels: 572 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 573 name: ${CLUSTER_IDENTITY_NAME} 574 namespace: default 575 spec: 576 allowedNamespaces: {} 577 clientID: ${AZURE_CLIENT_ID} 578 clientSecret: 579 name: ${AZURE_CLUSTER_IDENTITY_SECRET_NAME} 580 namespace: ${AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE} 581 tenantID: ${AZURE_TENANT_ID} 582 type: ServicePrincipal