sigs.k8s.io/cluster-api-provider-azure@v1.14.3/templates/test/ci/cluster-template-prow-workload-identity.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 cloud-provider: ${CLOUD_PROVIDER_AZURE_LABEL:=azure} 6 cni: calico 7 name: ${CLUSTER_NAME} 8 namespace: default 9 spec: 10 clusterNetwork: 11 pods: 12 cidrBlocks: 13 - 192.168.0.0/16 14 controlPlaneRef: 15 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 16 kind: KubeadmControlPlane 17 name: ${CLUSTER_NAME}-control-plane 18 infrastructureRef: 19 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 20 kind: AzureCluster 21 name: ${CLUSTER_NAME} 22 --- 23 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 24 kind: AzureCluster 25 metadata: 26 name: ${CLUSTER_NAME} 27 namespace: default 28 spec: 29 additionalTags: 30 buildProvenance: ${BUILD_PROVENANCE} 31 creationTimestamp: ${TIMESTAMP} 32 jobName: ${JOB_NAME} 33 identityRef: 34 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 35 kind: AzureClusterIdentity 36 name: ${CLUSTER_IDENTITY_NAME} 37 location: ${AZURE_LOCATION} 38 networkSpec: 39 subnets: 40 - name: control-plane-subnet 41 role: control-plane 42 - name: node-subnet 43 role: node 44 vnet: 45 name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} 46 resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} 47 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 48 --- 49 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 50 kind: KubeadmControlPlane 51 metadata: 52 name: ${CLUSTER_NAME}-control-plane 53 namespace: default 54 spec: 55 kubeadmConfigSpec: 56 clusterConfiguration: 57 apiServer: 58 extraArgs: 59 cloud-provider: external 60 feature-gates: MixedProtocolLBService=true 61 timeoutForControlPlane: 20m 62 controllerManager: 63 extraArgs: 64 allocate-node-cidrs: "false" 65 cloud-provider: external 66 cluster-name: ${CLUSTER_NAME} 67 v: "4" 68 etcd: 69 local: 70 dataDir: /var/lib/etcddisk/etcd 71 extraArgs: 72 quota-backend-bytes: "8589934592" 73 diskSetup: 74 filesystems: 75 - device: /dev/disk/azure/scsi1/lun0 76 extraOpts: 77 - -E 78 - lazy_itable_init=1,lazy_journal_init=1 79 filesystem: ext4 80 label: etcd_disk 81 - device: ephemeral0.1 82 filesystem: ext4 83 label: ephemeral0 84 replaceFS: ntfs 85 partitions: 86 - device: /dev/disk/azure/scsi1/lun0 87 layout: true 88 overwrite: false 89 tableType: gpt 90 files: 91 - contentFrom: 92 secret: 93 key: control-plane-azure.json 94 name: ${CLUSTER_NAME}-control-plane-azure-json 95 owner: root:root 96 path: /etc/kubernetes/azure.json 97 permissions: "0644" 98 initConfiguration: 99 nodeRegistration: 100 kubeletExtraArgs: 101 cloud-provider: external 102 name: '{{ ds.meta_data["local_hostname"] }}' 103 joinConfiguration: 104 nodeRegistration: 105 kubeletExtraArgs: 106 cloud-provider: external 107 name: '{{ ds.meta_data["local_hostname"] }}' 108 mounts: 109 - - LABEL=etcd_disk 110 - /var/lib/etcddisk 111 postKubeadmCommands: [] 112 preKubeadmCommands: [] 113 machineTemplate: 114 infrastructureRef: 115 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 116 kind: AzureMachineTemplate 117 name: ${CLUSTER_NAME}-control-plane 118 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 119 version: ${KUBERNETES_VERSION} 120 --- 121 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 122 kind: AzureMachineTemplate 123 metadata: 124 name: ${CLUSTER_NAME}-control-plane 125 namespace: default 126 spec: 127 template: 128 spec: 129 dataDisks: 130 - diskSizeGB: 256 131 lun: 0 132 nameSuffix: etcddisk 133 identity: UserAssigned 134 osDisk: 135 diskSizeGB: 128 136 osType: Linux 137 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 138 userAssignedIdentities: 139 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 140 vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} 141 --- 142 apiVersion: cluster.x-k8s.io/v1beta1 143 kind: MachineDeployment 144 metadata: 145 name: ${CLUSTER_NAME}-md-0 146 namespace: default 147 spec: 148 clusterName: ${CLUSTER_NAME} 149 replicas: ${WORKER_MACHINE_COUNT:=2} 150 selector: 151 matchLabels: null 152 template: 153 spec: 154 bootstrap: 155 configRef: 156 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 157 kind: KubeadmConfigTemplate 158 name: ${CLUSTER_NAME}-md-0 159 clusterName: ${CLUSTER_NAME} 160 infrastructureRef: 161 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 162 kind: AzureMachineTemplate 163 name: ${CLUSTER_NAME}-md-0 164 version: ${KUBERNETES_VERSION} 165 --- 166 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 167 kind: AzureMachineTemplate 168 metadata: 169 name: ${CLUSTER_NAME}-md-0 170 namespace: default 171 spec: 172 template: 173 spec: 174 identity: UserAssigned 175 osDisk: 176 diskSizeGB: 128 177 osType: Linux 178 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 179 userAssignedIdentities: 180 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 181 vmSize: ${AZURE_NODE_MACHINE_TYPE} 182 --- 183 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 184 kind: KubeadmConfigTemplate 185 metadata: 186 name: ${CLUSTER_NAME}-md-0 187 namespace: default 188 spec: 189 template: 190 spec: 191 files: 192 - contentFrom: 193 secret: 194 key: worker-node-azure.json 195 name: ${CLUSTER_NAME}-md-0-azure-json 196 owner: root:root 197 path: /etc/kubernetes/azure.json 198 permissions: "0644" 199 joinConfiguration: 200 nodeRegistration: 201 kubeletExtraArgs: 202 cloud-provider: external 203 name: '{{ ds.meta_data["local_hostname"] }}' 204 preKubeadmCommands: [] 205 --- 206 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 207 kind: AzureClusterIdentity 208 metadata: 209 labels: 210 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 211 name: ${CLUSTER_IDENTITY_NAME} 212 namespace: default 213 spec: 214 allowedNamespaces: {} 215 clientID: ${AZURE_CLIENT_ID} 216 clientSecret: 217 name: ${AZURE_CLUSTER_IDENTITY_SECRET_NAME} 218 namespace: ${AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE} 219 tenantID: ${AZURE_TENANT_ID} 220 type: WorkloadIdentity 221 --- 222 apiVersion: addons.cluster.x-k8s.io/v1alpha1 223 kind: HelmChartProxy 224 metadata: 225 name: calico 226 namespace: default 227 spec: 228 chartName: tigera-operator 229 clusterSelector: 230 matchLabels: 231 cni: calico 232 namespace: tigera-operator 233 releaseName: projectcalico 234 repoURL: https://docs.tigera.io/calico/charts 235 valuesTemplate: |- 236 installation: 237 cni: 238 type: Calico 239 calicoNetwork: 240 bgp: Disabled 241 mtu: 1350 242 ipPools: 243 ipPools:{{range $i, $cidr := .Cluster.spec.clusterNetwork.pods.cidrBlocks }} 244 - cidr: {{ $cidr }} 245 encapsulation: VXLAN{{end}} 246 registry: mcr.microsoft.com/oss 247 # Image and registry configuration for the tigera/operator pod. 248 tigeraOperator: 249 image: tigera/operator 250 registry: mcr.microsoft.com/oss 251 calicoctl: 252 image: mcr.microsoft.com/oss/calico/ctl 253 version: ${CALICO_VERSION} 254 --- 255 apiVersion: addons.cluster.x-k8s.io/v1alpha1 256 kind: HelmChartProxy 257 metadata: 258 name: azuredisk-csi-driver-chart 259 namespace: default 260 spec: 261 chartName: azuredisk-csi-driver 262 clusterSelector: 263 matchLabels: 264 azuredisk-csi: "true" 265 namespace: kube-system 266 releaseName: azuredisk-csi-driver-oot 267 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts 268 valuesTemplate: |- 269 controller: 270 replicas: 1 271 runOnControlPlane: true 272 windows: 273 useHostProcessContainers: {{ hasKey .Cluster.metadata.labels "cni-windows" }} 274 --- 275 apiVersion: addons.cluster.x-k8s.io/v1alpha1 276 kind: HelmChartProxy 277 metadata: 278 name: cloud-provider-azure-chart 279 namespace: default 280 spec: 281 chartName: cloud-provider-azure 282 clusterSelector: 283 matchLabels: 284 cloud-provider: azure 285 releaseName: cloud-provider-azure-oot 286 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 287 valuesTemplate: | 288 infra: 289 clusterName: {{ .Cluster.metadata.name }} 290 cloudControllerManager: 291 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 292 logVerbosity: 4 293 --- 294 apiVersion: addons.cluster.x-k8s.io/v1alpha1 295 kind: HelmChartProxy 296 metadata: 297 name: cloud-provider-azure-chart-ci 298 namespace: default 299 spec: 300 chartName: cloud-provider-azure 301 clusterSelector: 302 matchLabels: 303 cloud-provider: azure-ci 304 releaseName: cloud-provider-azure-oot 305 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 306 valuesTemplate: | 307 infra: 308 clusterName: {{ .Cluster.metadata.name }} 309 cloudControllerManager: 310 cloudConfig: ${CLOUD_CONFIG:-"/etc/kubernetes/azure.json"} 311 cloudConfigSecretName: ${CONFIG_SECRET_NAME:-""} 312 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 313 imageName: "${CCM_IMAGE_NAME:-""}" 314 imageRepository: "${IMAGE_REGISTRY:-""}" 315 imageTag: "${IMAGE_TAG_CCM:-""}" 316 logVerbosity: ${CCM_LOG_VERBOSITY:-4} 317 replicas: ${CCM_COUNT:-1} 318 enableDynamicReloading: ${ENABLE_DYNAMIC_RELOADING:-false} 319 cloudNodeManager: 320 imageName: "${CNM_IMAGE_NAME:-""}" 321 imageRepository: "${IMAGE_REGISTRY:-""}" 322 imageTag: "${IMAGE_TAG_CNM:-""}"