sigs.k8s.io/cluster-api-provider-azure@v1.14.3/templates/test/ci/cluster-template-prow-topology.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 cloud-provider: ${CLOUD_PROVIDER_AZURE_LABEL:=azure} 6 cni: calico 7 cni-windows: ${CLUSTER_NAME}-calico 8 containerd-logger: enabled 9 csi-proxy: enabled 10 name: ${CLUSTER_NAME} 11 namespace: default 12 spec: 13 clusterNetwork: 14 pods: 15 cidrBlocks: 16 - 192.168.0.0/16 17 topology: 18 class: ${CLUSTER_CLASS_NAME} 19 controlPlane: 20 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 21 variables: 22 - name: subscriptionID 23 value: ${AZURE_SUBSCRIPTION_ID} 24 - name: controlPlaneMachineType 25 value: ${AZURE_CONTROL_PLANE_MACHINE_TYPE:-""} 26 - name: workerMachineType 27 value: ${AZURE_NODE_MACHINE_TYPE:-""} 28 - name: workerMachineTypeWin 29 value: ${AZURE_NODE_MACHINE_TYPE:-""} 30 - name: sshPublicKey 31 value: ${AZURE_SSH_PUBLIC_KEY_B64:-""} 32 - name: buildProvenance 33 value: ${BUILD_PROVENANCE:-""} 34 - name: timestamp 35 value: ${TIMESTAMP:-""} 36 - name: jobName 37 value: ${JOB_NAME:-""} 38 - name: clusterIdentityRef 39 value: ${CLUSTER_IDENTITY_NAME} 40 - name: location 41 value: ${AZURE_LOCATION} 42 - name: k8sFeatureGates 43 value: ${K8S_FEATURE_GATES:-""} 44 - name: logLevel 45 value: "4" 46 version: ${KUBERNETES_VERSION} 47 workers: 48 machineDeployments: 49 - class: ${CLUSTER_NAME}-worker 50 name: md-0 51 replicas: ${WORKER_MACHINE_COUNT} 52 - class: ${CLUSTER_NAME}-worker-win 53 name: md-win 54 replicas: ${WINDOWS_WORKER_MACHINE_COUNT:-0} 55 --- 56 apiVersion: addons.cluster.x-k8s.io/v1beta1 57 kind: ClusterResourceSet 58 metadata: 59 name: ${CLUSTER_NAME}-calico 60 namespace: default 61 spec: 62 clusterSelector: 63 matchLabels: 64 cni-windows: ${CLUSTER_NAME}-calico 65 resources: 66 - kind: ConfigMap 67 name: cni-${CLUSTER_NAME}-calico-windows 68 strategy: ApplyOnce 69 --- 70 apiVersion: addons.cluster.x-k8s.io/v1beta1 71 kind: ClusterResourceSet 72 metadata: 73 name: csi-proxy 74 namespace: default 75 spec: 76 clusterSelector: 77 matchLabels: 78 csi-proxy: enabled 79 resources: 80 - kind: ConfigMap 81 name: csi-proxy-addon 82 strategy: ApplyOnce 83 --- 84 apiVersion: addons.cluster.x-k8s.io/v1alpha1 85 kind: HelmChartProxy 86 metadata: 87 name: calico 88 namespace: default 89 spec: 90 chartName: tigera-operator 91 clusterSelector: 92 matchLabels: 93 cni: calico 94 namespace: tigera-operator 95 releaseName: projectcalico 96 repoURL: https://docs.tigera.io/calico/charts 97 valuesTemplate: |- 98 installation: 99 cni: 100 type: Calico 101 calicoNetwork: 102 bgp: Disabled 103 mtu: 1350 104 ipPools: 105 ipPools:{{range $i, $cidr := .Cluster.spec.clusterNetwork.pods.cidrBlocks }} 106 - cidr: {{ $cidr }} 107 encapsulation: VXLAN{{end}} 108 registry: mcr.microsoft.com/oss 109 # Image and registry configuration for the tigera/operator pod. 110 tigeraOperator: 111 image: tigera/operator 112 registry: mcr.microsoft.com/oss 113 calicoctl: 114 image: mcr.microsoft.com/oss/calico/ctl 115 version: ${CALICO_VERSION} 116 --- 117 apiVersion: addons.cluster.x-k8s.io/v1alpha1 118 kind: HelmChartProxy 119 metadata: 120 name: azuredisk-csi-driver-chart 121 namespace: default 122 spec: 123 chartName: azuredisk-csi-driver 124 clusterSelector: 125 matchLabels: 126 azuredisk-csi: "true" 127 namespace: kube-system 128 releaseName: azuredisk-csi-driver-oot 129 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts 130 valuesTemplate: |- 131 controller: 132 replicas: 1 133 runOnControlPlane: true 134 windows: 135 useHostProcessContainers: {{ hasKey .Cluster.metadata.labels "cni-windows" }} 136 --- 137 apiVersion: addons.cluster.x-k8s.io/v1alpha1 138 kind: HelmChartProxy 139 metadata: 140 name: cloud-provider-azure-chart 141 namespace: default 142 spec: 143 chartName: cloud-provider-azure 144 clusterSelector: 145 matchLabels: 146 cloud-provider: azure 147 releaseName: cloud-provider-azure-oot 148 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 149 valuesTemplate: | 150 infra: 151 clusterName: {{ .Cluster.metadata.name }} 152 cloudControllerManager: 153 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 154 logVerbosity: 4 155 --- 156 apiVersion: addons.cluster.x-k8s.io/v1alpha1 157 kind: HelmChartProxy 158 metadata: 159 name: cloud-provider-azure-chart-ci 160 namespace: default 161 spec: 162 chartName: cloud-provider-azure 163 clusterSelector: 164 matchLabels: 165 cloud-provider: azure-ci 166 releaseName: cloud-provider-azure-oot 167 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 168 valuesTemplate: | 169 infra: 170 clusterName: {{ .Cluster.metadata.name }} 171 cloudControllerManager: 172 cloudConfig: ${CLOUD_CONFIG:-"/etc/kubernetes/azure.json"} 173 cloudConfigSecretName: ${CONFIG_SECRET_NAME:-""} 174 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 175 imageName: "${CCM_IMAGE_NAME:-""}" 176 imageRepository: "${IMAGE_REGISTRY:-""}" 177 imageTag: "${IMAGE_TAG_CCM:-""}" 178 logVerbosity: ${CCM_LOG_VERBOSITY:-4} 179 replicas: ${CCM_COUNT:-1} 180 enableDynamicReloading: ${ENABLE_DYNAMIC_RELOADING:-false} 181 cloudNodeManager: 182 imageName: "${CNM_IMAGE_NAME:-""}" 183 imageRepository: "${IMAGE_REGISTRY:-""}" 184 imageTag: "${IMAGE_TAG_CNM:-""}" 185 --- 186 apiVersion: v1 187 data: 188 proxy: | 189 apiVersion: apps/v1 190 kind: DaemonSet 191 metadata: 192 labels: 193 k8s-app: kube-proxy 194 name: kube-proxy-windows 195 namespace: kube-system 196 spec: 197 selector: 198 matchLabels: 199 k8s-app: kube-proxy-windows 200 template: 201 metadata: 202 labels: 203 k8s-app: kube-proxy-windows 204 spec: 205 serviceAccountName: kube-proxy 206 securityContext: 207 windowsOptions: 208 hostProcess: true 209 runAsUserName: "NT AUTHORITY\\system" 210 hostNetwork: true 211 containers: 212 - image: sigwindowstools/kube-proxy:${KUBERNETES_VERSION/+/_}-calico-hostprocess 213 args: ["$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/start.ps1"] 214 workingDir: "$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/" 215 name: kube-proxy 216 env: 217 - name: NODE_NAME 218 valueFrom: 219 fieldRef: 220 apiVersion: v1 221 fieldPath: spec.nodeName 222 - name: POD_IP 223 valueFrom: 224 fieldRef: 225 fieldPath: status.podIP 226 - name: KUBEPROXY_PATH 227 valueFrom: 228 configMapKeyRef: 229 name: windows-kubeproxy-ci 230 key: KUBEPROXY_PATH 231 optional: true 232 volumeMounts: 233 - mountPath: /var/lib/kube-proxy 234 name: kube-proxy 235 nodeSelector: 236 kubernetes.io/os: windows 237 tolerations: 238 - key: CriticalAddonsOnly 239 operator: Exists 240 - operator: Exists 241 volumes: 242 - configMap: 243 name: kube-proxy 244 name: kube-proxy 245 updateStrategy: 246 type: RollingUpdate 247 windows-cni: "# strictAffinity required for windows\napiVersion: crd.projectcalico.org/v1\nkind: 248 IPAMConfig\nmetadata:\n name: default\nspec:\n autoAllocateBlocks: true\n strictAffinity: 249 true\n---\nkind: ConfigMap\napiVersion: v1\nmetadata:\n name: calico-static-rules\n 250 \ namespace: calico-system\n labels:\n tier: node\n app: calico\ndata:\n 251 \ static-rules.json: |\n {\n \"Provider\": \"azure\",\n \"Version\": 252 \"0.1\",\n \"Rules\": [\n {\n \"Name\": \"EndpointPolicy\",\n 253 \ \"Rule\": {\n \"Id\": \"wireserver\",\n \"Type\": 254 \"ACL\",\n \"Protocol\": 6,\n \"Action\": \"Block\",\n 255 \ \"Direction\": \"Out\",\n \"RemoteAddresses\": \"168.63.129.16/32\",\n 256 \ \"RemotePorts\": \"80\",\n \"Priority\": 200,\n \"RuleType\": 257 \"Switch\"\n }\n }\n ]\n } \n---\nkind: ConfigMap\napiVersion: 258 v1\nmetadata:\n name: calico-config-windows\n namespace: calico-system\n labels:\n 259 \ tier: node\n app: calico\ndata:\n veth_mtu: \"1350\"\n \n cni_network_config: 260 |\n {\n \"name\": \"Calico\",\n \"cniVersion\": \"0.3.1\",\n \"plugins\": 261 [\n {\n \"windows_use_single_network\": true,\n \"type\": 262 \"calico\",\n \"mode\": \"vxlan\",\n \"nodename\": \"__KUBERNETES_NODE_NAME__\",\n 263 \ \"nodename_file_optional\": true,\n \"log_file_path\": \"c:/cni.log\",\n 264 \ \"log_level\": \"debug\",\n\n \"vxlan_mac_prefix\": \"0E-2A\",\n 265 \ \"vxlan_vni\": 4096,\n \"mtu\": __CNI_MTU__,\n \"policy\": 266 {\n \"type\": \"k8s\"\n },\n\n \"log_level\": \"info\",\n\n 267 \ \"capabilities\": {\"dns\": true},\n \"DNS\": {\n \"Search\": 268 \ [\n \"svc.cluster.local\"\n ]\n },\n\n \"datastore_type\": 269 \"kubernetes\",\n\n \"kubernetes\": {\n \"kubeconfig\": \"__KUBECONFIG_FILEPATH__\"\n 270 \ },\n\n \"ipam\": {\n \"type\": \"calico-ipam\",\n 271 \ \"subnet\": \"usePodCidr\"\n },\n\n \"policies\": 272 \ [\n {\n \"Name\": \"EndpointPolicy\",\n \"Value\": 273 \ {\n \"Type\": \"OutBoundNAT\",\n \"ExceptionList\": 274 \ [\n \"__K8S_SERVICE_CIDR__\"\n ]\n }\n 275 \ },\n {\n \"Name\": \"EndpointPolicy\",\n 276 \ \"Value\": {\n \"Type\": \"SDNROUTE\",\n \"DestinationPrefix\": 277 \ \"__K8S_SERVICE_CIDR__\",\n \"NeedEncap\": true\n }\n 278 \ }\n ]\n }\n ]\n\n }\n---\napiVersion: apps/v1\nkind: 279 DaemonSet\nmetadata:\n name: calico-node-windows\n labels:\n tier: node\n 280 \ app: calico\n namespace: calico-system\nspec:\n selector:\n matchLabels:\n 281 \ app: calico\n template:\n metadata:\n labels:\n tier: node\n 282 \ app: calico\n spec:\n affinity:\n nodeAffinity:\n requiredDuringSchedulingIgnoredDuringExecution:\n 283 \ nodeSelectorTerms:\n - matchExpressions:\n - 284 key: kubernetes.io/os\n operator: In\n values:\n 285 \ - windows\n - key: kubernetes.io/arch\n 286 \ operator: In\n values:\n - 287 amd64\n securityContext:\n windowsOptions:\n hostProcess: 288 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n hostNetwork: 289 true\n serviceAccountName: calico-node\n tolerations:\n - operator: 290 Exists\n effect: NoSchedule\n # Mark the pod as a critical add-on 291 for rescheduling.\n - key: CriticalAddonsOnly\n operator: Exists\n 292 \ - effect: NoExecute\n operator: Exists\n initContainers:\n # 293 This container installs the CNI binaries\n # and CNI network config file 294 on each node.\n - name: install-cni\n image: sigwindowstools/calico-install:v3.26.1-hostprocess\n 295 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/install.ps1\"]\n 296 \ imagePullPolicy: Always\n env:\n # Name of the CNI 297 config file to create.\n - name: CNI_CONF_NAME\n value: 298 \"10-calico.conflist\"\n # The CNI network config to install on each 299 node.\n - name: CNI_NETWORK_CONFIG\n valueFrom:\n configMapKeyRef:\n 300 \ name: calico-config-windows\n key: cni_network_config\n 301 \ # Set the hostname based on the k8s node name.\n - name: 302 KUBERNETES_NODE_NAME\n valueFrom:\n fieldRef:\n fieldPath: 303 spec.nodeName\n # CNI MTU Config variable\n - name: CNI_MTU\n 304 \ valueFrom:\n configMapKeyRef:\n name: 305 calico-config-windows\n key: veth_mtu\n # Prevents 306 the container from sleeping forever.\n - name: SLEEP\n value: 307 \"false\"\n - name: K8S_SERVICE_CIDR\n value: \"10.96.0.0/12\"\n 308 \ volumeMounts:\n - mountPath: /host/opt/cni/bin\n name: 309 cni-bin-dir\n - mountPath: /host/etc/cni/net.d\n name: 310 cni-net-dir\n - name: kubeadm-config\n mountPath: /etc/kubeadm-config/\n 311 \ securityContext:\n windowsOptions:\n hostProcess: 312 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n containers:\n 313 \ - name: calico-node-startup\n image: sigwindowstools/calico-node:v3.26.1-hostprocess\n 314 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/node-service.ps1\"]\n 315 \ workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n imagePullPolicy: 316 Always\n volumeMounts:\n - name: calico-config-windows\n mountPath: 317 /etc/kube-calico-windows/\n env:\n - name: POD_NAME\n valueFrom:\n 318 \ fieldRef:\n apiVersion: v1\n fieldPath: 319 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 320 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 321 name: CNI_IPAM_TYPE\n value: \"calico-ipam\"\n - name: CALICO_NETWORKING_BACKEND\n 322 \ value: \"vxlan\"\n - name: KUBECONFIG\n value: \"C:/etc/cni/net.d/calico-kubeconfig\"\n 323 \ - name: VXLAN_VNI\n value: \"4096\"\n - name: calico-node-felix\n 324 \ image: sigwindowstools/calico-node:v3.26.1-hostprocess\n args: 325 [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/felix-service.ps1\"]\n imagePullPolicy: 326 Always\n workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n volumeMounts:\n 327 \ - name: calico-config-windows\n mountPath: /etc/kube-calico-windows/\n 328 \ - name: calico-static-rules\n mountPath: /calico/static-rules.json\n 329 \ subPath: static-rules.json\n env:\n - name: POD_NAME\n 330 \ valueFrom:\n fieldRef:\n apiVersion: v1\n fieldPath: 331 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 332 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 333 name: VXLAN_VNI\n value: \"4096\"\n - name: KUBECONFIG\n value: 334 \"C:/etc/cni/net.d/calico-kubeconfig\"\n volumes:\n - name: calico-config-windows\n 335 \ configMap:\n name: calico-config-windows\n - name: calico-static-rules\n 336 \ configMap:\n name: calico-static-rules\n # Used to install 337 CNI.\n - name: cni-bin-dir\n hostPath:\n path: /opt/cni/bin\n 338 \ - name: cni-net-dir\n hostPath:\n path: /etc/cni/net.d\n 339 \ - name: kubeadm-config\n configMap:\n name: kubeadm-config\n---\napiVersion: 340 apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n name: ipamconfigs.crd.projectcalico.org\nspec:\n 341 \ group: crd.projectcalico.org\n names:\n kind: IPAMConfig\n listKind: 342 IPAMConfigList\n plural: ipamconfigs\n singular: ipamconfig\n preserveUnknownFields: 343 false\n scope: Cluster\n versions:\n - name: v1\n schema:\n openAPIV3Schema:\n 344 \ properties:\n apiVersion:\n description: 'APIVersion 345 defines the versioned schema of this representation\n of an object. 346 Servers should convert recognized schemas to the latest\n internal 347 value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n 348 \ type: string\n kind:\n description: 'Kind is a 349 string value representing the REST resource this\n object represents. 350 Servers may infer this from the endpoint the client\n submits requests 351 to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n 352 \ type: string\n metadata:\n type: object\n spec:\n 353 \ description: IPAMConfigSpec contains the specification for an IPAMConfig\n 354 \ resource.\n properties:\n autoAllocateBlocks:\n 355 \ type: boolean\n maxBlocksPerHost:\n description: 356 MaxBlocksPerHost, if non-zero, is the max number of blocks\n that 357 can be affine to each host.\n maximum: 2147483647\n minimum: 358 0\n type: integer\n strictAffinity:\n type: 359 boolean\n required:\n - autoAllocateBlocks\n - 360 strictAffinity\n type: object\n type: object\n served: true\n 361 \ storage: true\nstatus:\n acceptedNames:\n kind: \"\"\n plural: \"\"\n 362 \ conditions: []\n storedVersions: []\n" 363 kind: ConfigMap 364 metadata: 365 annotations: 366 note: generated 367 labels: 368 type: generated 369 name: cni-${CLUSTER_NAME}-calico-windows 370 namespace: default 371 --- 372 apiVersion: v1 373 data: 374 csi-proxy: | 375 apiVersion: apps/v1 376 kind: DaemonSet 377 metadata: 378 labels: 379 k8s-app: csi-proxy 380 name: csi-proxy 381 namespace: kube-system 382 spec: 383 selector: 384 matchLabels: 385 k8s-app: csi-proxy 386 template: 387 metadata: 388 labels: 389 k8s-app: csi-proxy 390 spec: 391 nodeSelector: 392 "kubernetes.io/os": windows 393 securityContext: 394 windowsOptions: 395 hostProcess: true 396 runAsUserName: "NT AUTHORITY\\SYSTEM" 397 hostNetwork: true 398 containers: 399 - name: csi-proxy 400 image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 401 kind: ConfigMap 402 metadata: 403 annotations: 404 note: generated 405 labels: 406 type: generated 407 name: csi-proxy-addon 408 namespace: default