sigs.k8s.io/cluster-api-provider-azure@v1.17.0/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 name: azureclusters.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureCluster 14 listKind: AzureClusterList 15 plural: azureclusters 16 singular: azurecluster 17 scope: Namespaced 18 versions: 19 - additionalPrinterColumns: 20 - description: Cluster to which this AzureCluster belongs 21 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 22 name: Cluster 23 type: string 24 - jsonPath: .status.conditions[?(@.type=='Ready')].status 25 name: Ready 26 type: string 27 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 28 name: Reason 29 type: string 30 - jsonPath: .status.conditions[?(@.type=='Ready')].message 31 name: Message 32 priority: 1 33 type: string 34 - jsonPath: .spec.resourceGroup 35 name: Resource Group 36 priority: 1 37 type: string 38 - jsonPath: .spec.subscriptionID 39 name: SubscriptionID 40 priority: 1 41 type: string 42 - jsonPath: .spec.location 43 name: Location 44 priority: 1 45 type: string 46 - description: Control Plane Endpoint 47 jsonPath: .spec.controlPlaneEndpoint.host 48 name: Endpoint 49 priority: 1 50 type: string 51 - description: Time duration since creation of this AzureCluster 52 jsonPath: .metadata.creationTimestamp 53 name: Age 54 type: date 55 name: v1beta1 56 schema: 57 openAPIV3Schema: 58 description: AzureCluster is the Schema for the azureclusters API. 59 properties: 60 apiVersion: 61 description: |- 62 APIVersion defines the versioned schema of this representation of an object. 63 Servers should convert recognized schemas to the latest internal value, and 64 may reject unrecognized values. 65 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 66 type: string 67 kind: 68 description: |- 69 Kind is a string value representing the REST resource this object represents. 70 Servers may infer this from the endpoint the client submits requests to. 71 Cannot be updated. 72 In CamelCase. 73 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 74 type: string 75 metadata: 76 type: object 77 spec: 78 description: AzureClusterSpec defines the desired state of AzureCluster. 79 properties: 80 additionalTags: 81 additionalProperties: 82 type: string 83 description: |- 84 AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the 85 ones added by default. 86 type: object 87 azureEnvironment: 88 description: |- 89 AzureEnvironment is the name of the AzureCloud to be used. 90 The default value that would be used by most users is "AzurePublicCloud", other values are: 91 - ChinaCloud: "AzureChinaCloud" 92 - GermanCloud: "AzureGermanCloud" 93 - PublicCloud: "AzurePublicCloud" 94 - USGovernmentCloud: "AzureUSGovernmentCloud" 95 96 97 Note that values other than the default must also be accompanied by corresponding changes to the 98 aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does 99 not support referring to multiple different clouds in a single installation. The following fields must 100 be defined in the Secret: 101 - AZURE_AUTHORITY_HOST 102 - AZURE_RESOURCE_MANAGER_ENDPOINT 103 - AZURE_RESOURCE_MANAGER_AUDIENCE 104 105 106 See the [ASO docs] for more details. 107 108 109 [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/ 110 type: string 111 bastionSpec: 112 description: BastionSpec encapsulates all things related to the Bastions 113 in the cluster. 114 properties: 115 azureBastion: 116 description: AzureBastion specifies how the Azure Bastion cloud 117 component should be configured. 118 properties: 119 enableTunneling: 120 default: false 121 description: EnableTunneling enables the native client support 122 feature for the Azure Bastion Host. Defaults to false. 123 type: boolean 124 name: 125 type: string 126 publicIP: 127 description: PublicIPSpec defines the inputs to create an 128 Azure public IP address. 129 properties: 130 dnsName: 131 type: string 132 ipTags: 133 items: 134 description: IPTag contains the IpTag associated with 135 the object. 136 properties: 137 tag: 138 description: 'Tag specifies the value of the IP 139 tag associated with the public IP. Example: SQL.' 140 type: string 141 type: 142 description: 'Type specifies the IP tag type. Example: 143 FirstPartyUsage.' 144 type: string 145 required: 146 - tag 147 - type 148 type: object 149 type: array 150 name: 151 type: string 152 required: 153 - name 154 type: object 155 sku: 156 default: Basic 157 description: BastionHostSkuName configures the tier of the 158 Azure Bastion Host. Can be either Basic or Standard. Defaults 159 to Basic. 160 enum: 161 - Basic 162 - Standard 163 type: string 164 subnet: 165 description: SubnetSpec configures an Azure subnet. 166 properties: 167 cidrBlocks: 168 description: CIDRBlocks defines the subnet's address space, 169 specified as one or more address prefixes in CIDR notation. 170 items: 171 type: string 172 type: array 173 id: 174 description: |- 175 ID is the Azure resource ID of the subnet. 176 READ-ONLY 177 type: string 178 name: 179 description: Name defines a name for the subnet resource. 180 type: string 181 natGateway: 182 description: NatGateway associated with this subnet. 183 properties: 184 id: 185 description: |- 186 ID is the Azure resource ID of the NAT gateway. 187 READ-ONLY 188 type: string 189 ip: 190 description: PublicIPSpec defines the inputs to create 191 an Azure public IP address. 192 properties: 193 dnsName: 194 type: string 195 ipTags: 196 items: 197 description: IPTag contains the IpTag associated 198 with the object. 199 properties: 200 tag: 201 description: 'Tag specifies the value of 202 the IP tag associated with the public 203 IP. Example: SQL.' 204 type: string 205 type: 206 description: 'Type specifies the IP tag 207 type. Example: FirstPartyUsage.' 208 type: string 209 required: 210 - tag 211 - type 212 type: object 213 type: array 214 name: 215 type: string 216 required: 217 - name 218 type: object 219 name: 220 type: string 221 required: 222 - name 223 type: object 224 privateEndpoints: 225 description: PrivateEndpoints defines a list of private 226 endpoints that should be attached to this subnet. 227 items: 228 description: PrivateEndpointSpec configures an Azure 229 Private Endpoint. 230 properties: 231 applicationSecurityGroups: 232 description: ApplicationSecurityGroups specifies 233 the Application security group in which the private 234 endpoint IP configuration is included. 235 items: 236 type: string 237 type: array 238 customNetworkInterfaceName: 239 description: CustomNetworkInterfaceName specifies 240 the network interface name associated with the 241 private endpoint. 242 type: string 243 location: 244 description: Location specifies the region to create 245 the private endpoint. 246 type: string 247 manualApproval: 248 description: |- 249 ManualApproval specifies if the connection approval needs to be done manually or not. 250 Set it true when the network admin does not have access to approve connections to the remote resource. 251 Defaults to false. 252 type: boolean 253 name: 254 description: Name specifies the name of the private 255 endpoint. 256 type: string 257 privateIPAddresses: 258 description: |- 259 PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. 260 They have to be part of the subnet where the private endpoint is linked. 261 items: 262 type: string 263 type: array 264 privateLinkServiceConnections: 265 description: PrivateLinkServiceConnections specifies 266 Private Link Service Connections of the private 267 endpoint. 268 items: 269 description: PrivateLinkServiceConnection defines 270 the specification for a private link service 271 connection associated with a private endpoint. 272 properties: 273 groupIDs: 274 description: GroupIDs specifies the ID(s) 275 of the group(s) obtained from the remote 276 resource that this private endpoint should 277 connect to. 278 items: 279 type: string 280 type: array 281 name: 282 description: Name specifies the name of the 283 private link service. 284 type: string 285 privateLinkServiceID: 286 description: PrivateLinkServiceID specifies 287 the resource ID of the private link service. 288 type: string 289 requestMessage: 290 description: RequestMessage specifies a message 291 passed to the owner of the remote resource 292 with the private endpoint connection request. 293 maxLength: 140 294 type: string 295 type: object 296 type: array 297 required: 298 - name 299 type: object 300 type: array 301 x-kubernetes-list-map-keys: 302 - name 303 x-kubernetes-list-type: map 304 role: 305 description: Role defines the subnet role (eg. Node, ControlPlane) 306 enum: 307 - node 308 - control-plane 309 - bastion 310 - cluster 311 type: string 312 routeTable: 313 description: RouteTable defines the route table that should 314 be attached to this subnet. 315 properties: 316 id: 317 description: |- 318 ID is the Azure resource ID of the route table. 319 READ-ONLY 320 type: string 321 name: 322 type: string 323 required: 324 - name 325 type: object 326 securityGroup: 327 description: SecurityGroup defines the NSG (network security 328 group) that should be attached to this subnet. 329 properties: 330 id: 331 description: |- 332 ID is the Azure resource ID of the security group. 333 READ-ONLY 334 type: string 335 name: 336 type: string 337 securityRules: 338 description: SecurityRules is a slice of Azure security 339 rules for security groups. 340 items: 341 description: SecurityRule defines an Azure security 342 rule for security groups. 343 properties: 344 action: 345 default: Allow 346 description: Action specifies whether network 347 traffic is allowed or denied. Can either be 348 "Allow" or "Deny". Defaults to "Allow". 349 enum: 350 - Allow 351 - Deny 352 type: string 353 description: 354 description: A description for this rule. Restricted 355 to 140 chars. 356 type: string 357 destination: 358 description: Destination is the destination 359 address prefix. CIDR or destination IP range. 360 Asterix '*' can also be used to match all 361 source IPs. Default tags such as 'VirtualNetwork', 362 'AzureLoadBalancer' and 'Internet' can also 363 be used. 364 type: string 365 destinationPorts: 366 description: DestinationPorts specifies the 367 destination port or range. Integer or range 368 between 0 and 65535. Asterix '*' can also 369 be used to match all ports. 370 type: string 371 direction: 372 description: Direction indicates whether the 373 rule applies to inbound, or outbound traffic. 374 "Inbound" or "Outbound". 375 enum: 376 - Inbound 377 - Outbound 378 type: string 379 name: 380 description: Name is a unique name within the 381 network security group. 382 type: string 383 priority: 384 description: Priority is a number between 100 385 and 4096. Each rule should have a unique value 386 for priority. Rules are processed in priority 387 order, with lower numbers processed before 388 higher numbers. Once traffic matches a rule, 389 processing stops. 390 format: int32 391 type: integer 392 protocol: 393 description: Protocol specifies the protocol 394 type. "Tcp", "Udp", "Icmp", or "*". 395 enum: 396 - Tcp 397 - Udp 398 - Icmp 399 - '*' 400 type: string 401 source: 402 description: Source specifies the CIDR or source 403 IP range. Asterix '*' can also be used to 404 match all source IPs. Default tags such as 405 'VirtualNetwork', 'AzureLoadBalancer' and 406 'Internet' can also be used. If this is an 407 ingress rule, specifies where network traffic 408 originates from. 409 type: string 410 sourcePorts: 411 description: SourcePorts specifies source port 412 or range. Integer or range between 0 and 65535. 413 Asterix '*' can also be used to match all 414 ports. 415 type: string 416 sources: 417 description: Sources specifies The CIDR or source 418 IP ranges. 419 items: 420 type: string 421 type: array 422 required: 423 - description 424 - direction 425 - name 426 - protocol 427 type: object 428 type: array 429 x-kubernetes-list-map-keys: 430 - name 431 x-kubernetes-list-type: map 432 tags: 433 additionalProperties: 434 type: string 435 description: Tags defines a map of tags. 436 type: object 437 required: 438 - name 439 type: object 440 serviceEndpoints: 441 description: ServiceEndpoints is a slice of Virtual Network 442 service endpoints to enable for the subnets. 443 items: 444 description: ServiceEndpointSpec configures an Azure 445 Service Endpoint. 446 properties: 447 locations: 448 items: 449 type: string 450 type: array 451 service: 452 type: string 453 required: 454 - locations 455 - service 456 type: object 457 type: array 458 x-kubernetes-list-map-keys: 459 - service 460 x-kubernetes-list-type: map 461 required: 462 - name 463 - role 464 type: object 465 type: object 466 type: object 467 cloudProviderConfigOverrides: 468 description: |- 469 CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. 470 This is only a subset of options that are available in azure cloud provider config. 471 Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. 472 See: https://cloud-provider-azure.sigs.k8s.io/install/configs 473 Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider. 474 properties: 475 backOffs: 476 description: BackOffConfig indicates the back-off config options. 477 properties: 478 cloudProviderBackoff: 479 type: boolean 480 cloudProviderBackoffDuration: 481 type: integer 482 cloudProviderBackoffExponent: 483 anyOf: 484 - type: integer 485 - type: string 486 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 487 x-kubernetes-int-or-string: true 488 cloudProviderBackoffJitter: 489 anyOf: 490 - type: integer 491 - type: string 492 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 493 x-kubernetes-int-or-string: true 494 cloudProviderBackoffRetries: 495 type: integer 496 type: object 497 rateLimits: 498 items: 499 description: |- 500 RateLimitSpec represents the rate limit configuration for a particular kind of resource. 501 Eg. loadBalancerRateLimit is used to configure rate limits for load balancers. 502 This eventually gets converted to CloudProviderRateLimitConfig that cloud-provider-azure expects. 503 See: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/d585c2031925b39c925624302f22f8856e29e352/pkg/provider/azure_ratelimit.go#L25 504 We cannot use CloudProviderRateLimitConfig directly because floating point values are not supported in controller-tools. 505 See: https://github.com/kubernetes-sigs/controller-tools/issues/245 506 properties: 507 config: 508 description: RateLimitConfig indicates the rate limit config 509 options. 510 properties: 511 cloudProviderRateLimit: 512 type: boolean 513 cloudProviderRateLimitBucket: 514 type: integer 515 cloudProviderRateLimitBucketWrite: 516 type: integer 517 cloudProviderRateLimitQPS: 518 anyOf: 519 - type: integer 520 - type: string 521 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 522 x-kubernetes-int-or-string: true 523 cloudProviderRateLimitQPSWrite: 524 anyOf: 525 - type: integer 526 - type: string 527 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 528 x-kubernetes-int-or-string: true 529 type: object 530 name: 531 description: Name is the name of the rate limit spec. 532 enum: 533 - defaultRateLimit 534 - routeRateLimit 535 - subnetsRateLimit 536 - interfaceRateLimit 537 - routeTableRateLimit 538 - loadBalancerRateLimit 539 - publicIPAddressRateLimit 540 - securityGroupRateLimit 541 - virtualMachineRateLimit 542 - storageAccountRateLimit 543 - diskRateLimit 544 - snapshotRateLimit 545 - virtualMachineScaleSetRateLimit 546 - virtualMachineSizesRateLimit 547 - availabilitySetRateLimit 548 type: string 549 required: 550 - name 551 type: object 552 type: array 553 type: object 554 controlPlaneEndpoint: 555 description: |- 556 ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set 557 this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it. 558 properties: 559 host: 560 description: The hostname on which the API server is serving. 561 type: string 562 port: 563 description: The port on which the API server is serving. 564 format: int32 565 type: integer 566 required: 567 - host 568 - port 569 type: object 570 extendedLocation: 571 description: ExtendedLocation is an optional set of ExtendedLocation 572 properties for clusters on Azure public MEC. 573 properties: 574 name: 575 description: Name defines the name for the extended location. 576 type: string 577 type: 578 description: Type defines the type for the extended location. 579 enum: 580 - EdgeZone 581 type: string 582 required: 583 - name 584 - type 585 type: object 586 failureDomains: 587 additionalProperties: 588 description: |- 589 FailureDomainSpec is the Schema for Cluster API failure domains. 590 It allows controllers to understand how many failure domains a cluster can optionally span across. 591 properties: 592 attributes: 593 additionalProperties: 594 type: string 595 description: Attributes is a free form map of attributes an 596 infrastructure provider might use or require. 597 type: object 598 controlPlane: 599 description: ControlPlane determines if this failure domain 600 is suitable for use by control plane machines. 601 type: boolean 602 type: object 603 description: |- 604 FailureDomains is a list of failure domains in the cluster's region, used to restrict 605 eligibility to host the control plane. A FailureDomain maps to an availability zone, 606 which is a separated group of datacenters within a region. 607 See: https://learn.microsoft.com/azure/reliability/availability-zones-overview 608 type: object 609 identityRef: 610 description: IdentityRef is a reference to an AzureIdentity to be 611 used when reconciling this cluster 612 properties: 613 apiVersion: 614 description: API version of the referent. 615 type: string 616 fieldPath: 617 description: |- 618 If referring to a piece of an object instead of an entire object, this string 619 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 620 For example, if the object reference is to a container within a pod, this would take on a value like: 621 "spec.containers{name}" (where "name" refers to the name of the container that triggered 622 the event) or if no container name is specified "spec.containers[2]" (container with 623 index 2 in this pod). This syntax is chosen only to have some well-defined way of 624 referencing a part of an object. 625 TODO: this design is not final and this field is subject to change in the future. 626 type: string 627 kind: 628 description: |- 629 Kind of the referent. 630 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 631 type: string 632 name: 633 description: |- 634 Name of the referent. 635 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 636 type: string 637 namespace: 638 description: |- 639 Namespace of the referent. 640 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 641 type: string 642 resourceVersion: 643 description: |- 644 Specific resourceVersion to which this reference is made, if any. 645 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 646 type: string 647 uid: 648 description: |- 649 UID of the referent. 650 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 651 type: string 652 type: object 653 x-kubernetes-map-type: atomic 654 location: 655 type: string 656 networkSpec: 657 description: NetworkSpec encapsulates all things related to Azure 658 network. 659 properties: 660 apiServerLB: 661 description: APIServerLB is the configuration for the control-plane 662 load balancer. 663 properties: 664 backendPool: 665 description: BackendPool describes the backend pool of the 666 load balancer. 667 properties: 668 name: 669 description: |- 670 Name specifies the name of backend pool for the load balancer. If not specified, the default name will 671 be set, depending on the load balancer role. 672 type: string 673 type: object 674 frontendIPs: 675 items: 676 description: FrontendIP defines a load balancer frontend 677 IP configuration. 678 properties: 679 name: 680 minLength: 1 681 type: string 682 privateIP: 683 type: string 684 publicIP: 685 description: PublicIPSpec defines the inputs to create 686 an Azure public IP address. 687 properties: 688 dnsName: 689 type: string 690 ipTags: 691 items: 692 description: IPTag contains the IpTag associated 693 with the object. 694 properties: 695 tag: 696 description: 'Tag specifies the value of the 697 IP tag associated with the public IP. Example: 698 SQL.' 699 type: string 700 type: 701 description: 'Type specifies the IP tag type. 702 Example: FirstPartyUsage.' 703 type: string 704 required: 705 - tag 706 - type 707 type: object 708 type: array 709 name: 710 type: string 711 required: 712 - name 713 type: object 714 required: 715 - name 716 type: object 717 type: array 718 frontendIPsCount: 719 description: FrontendIPsCount specifies the number of frontend 720 IP addresses for the load balancer. 721 format: int32 722 type: integer 723 id: 724 description: |- 725 ID is the Azure resource ID of the load balancer. 726 READ-ONLY 727 type: string 728 idleTimeoutInMinutes: 729 description: IdleTimeoutInMinutes specifies the timeout for 730 the TCP idle connection. 731 format: int32 732 type: integer 733 name: 734 type: string 735 sku: 736 description: SKU defines an Azure load balancer SKU. 737 type: string 738 type: 739 description: LBType defines an Azure load balancer Type. 740 type: string 741 type: object 742 controlPlaneOutboundLB: 743 description: |- 744 ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. 745 This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic. 746 properties: 747 backendPool: 748 description: BackendPool describes the backend pool of the 749 load balancer. 750 properties: 751 name: 752 description: |- 753 Name specifies the name of backend pool for the load balancer. If not specified, the default name will 754 be set, depending on the load balancer role. 755 type: string 756 type: object 757 frontendIPs: 758 items: 759 description: FrontendIP defines a load balancer frontend 760 IP configuration. 761 properties: 762 name: 763 minLength: 1 764 type: string 765 privateIP: 766 type: string 767 publicIP: 768 description: PublicIPSpec defines the inputs to create 769 an Azure public IP address. 770 properties: 771 dnsName: 772 type: string 773 ipTags: 774 items: 775 description: IPTag contains the IpTag associated 776 with the object. 777 properties: 778 tag: 779 description: 'Tag specifies the value of the 780 IP tag associated with the public IP. Example: 781 SQL.' 782 type: string 783 type: 784 description: 'Type specifies the IP tag type. 785 Example: FirstPartyUsage.' 786 type: string 787 required: 788 - tag 789 - type 790 type: object 791 type: array 792 name: 793 type: string 794 required: 795 - name 796 type: object 797 required: 798 - name 799 type: object 800 type: array 801 frontendIPsCount: 802 description: FrontendIPsCount specifies the number of frontend 803 IP addresses for the load balancer. 804 format: int32 805 type: integer 806 id: 807 description: |- 808 ID is the Azure resource ID of the load balancer. 809 READ-ONLY 810 type: string 811 idleTimeoutInMinutes: 812 description: IdleTimeoutInMinutes specifies the timeout for 813 the TCP idle connection. 814 format: int32 815 type: integer 816 name: 817 type: string 818 sku: 819 description: SKU defines an Azure load balancer SKU. 820 type: string 821 type: 822 description: LBType defines an Azure load balancer Type. 823 type: string 824 type: object 825 nodeOutboundLB: 826 description: NodeOutboundLB is the configuration for the node 827 outbound load balancer. 828 properties: 829 backendPool: 830 description: BackendPool describes the backend pool of the 831 load balancer. 832 properties: 833 name: 834 description: |- 835 Name specifies the name of backend pool for the load balancer. If not specified, the default name will 836 be set, depending on the load balancer role. 837 type: string 838 type: object 839 frontendIPs: 840 items: 841 description: FrontendIP defines a load balancer frontend 842 IP configuration. 843 properties: 844 name: 845 minLength: 1 846 type: string 847 privateIP: 848 type: string 849 publicIP: 850 description: PublicIPSpec defines the inputs to create 851 an Azure public IP address. 852 properties: 853 dnsName: 854 type: string 855 ipTags: 856 items: 857 description: IPTag contains the IpTag associated 858 with the object. 859 properties: 860 tag: 861 description: 'Tag specifies the value of the 862 IP tag associated with the public IP. Example: 863 SQL.' 864 type: string 865 type: 866 description: 'Type specifies the IP tag type. 867 Example: FirstPartyUsage.' 868 type: string 869 required: 870 - tag 871 - type 872 type: object 873 type: array 874 name: 875 type: string 876 required: 877 - name 878 type: object 879 required: 880 - name 881 type: object 882 type: array 883 frontendIPsCount: 884 description: FrontendIPsCount specifies the number of frontend 885 IP addresses for the load balancer. 886 format: int32 887 type: integer 888 id: 889 description: |- 890 ID is the Azure resource ID of the load balancer. 891 READ-ONLY 892 type: string 893 idleTimeoutInMinutes: 894 description: IdleTimeoutInMinutes specifies the timeout for 895 the TCP idle connection. 896 format: int32 897 type: integer 898 name: 899 type: string 900 sku: 901 description: SKU defines an Azure load balancer SKU. 902 type: string 903 type: 904 description: LBType defines an Azure load balancer Type. 905 type: string 906 type: object 907 privateDNSZoneName: 908 description: PrivateDNSZoneName defines the zone name for the 909 Azure Private DNS. 910 type: string 911 subnets: 912 description: Subnets is the configuration for the control-plane 913 subnet and the node subnet. 914 items: 915 description: SubnetSpec configures an Azure subnet. 916 properties: 917 cidrBlocks: 918 description: CIDRBlocks defines the subnet's address space, 919 specified as one or more address prefixes in CIDR notation. 920 items: 921 type: string 922 type: array 923 id: 924 description: |- 925 ID is the Azure resource ID of the subnet. 926 READ-ONLY 927 type: string 928 name: 929 description: Name defines a name for the subnet resource. 930 type: string 931 natGateway: 932 description: NatGateway associated with this subnet. 933 properties: 934 id: 935 description: |- 936 ID is the Azure resource ID of the NAT gateway. 937 READ-ONLY 938 type: string 939 ip: 940 description: PublicIPSpec defines the inputs to create 941 an Azure public IP address. 942 properties: 943 dnsName: 944 type: string 945 ipTags: 946 items: 947 description: IPTag contains the IpTag associated 948 with the object. 949 properties: 950 tag: 951 description: 'Tag specifies the value of the 952 IP tag associated with the public IP. Example: 953 SQL.' 954 type: string 955 type: 956 description: 'Type specifies the IP tag type. 957 Example: FirstPartyUsage.' 958 type: string 959 required: 960 - tag 961 - type 962 type: object 963 type: array 964 name: 965 type: string 966 required: 967 - name 968 type: object 969 name: 970 type: string 971 required: 972 - name 973 type: object 974 privateEndpoints: 975 description: PrivateEndpoints defines a list of private 976 endpoints that should be attached to this subnet. 977 items: 978 description: PrivateEndpointSpec configures an Azure Private 979 Endpoint. 980 properties: 981 applicationSecurityGroups: 982 description: ApplicationSecurityGroups specifies the 983 Application security group in which the private 984 endpoint IP configuration is included. 985 items: 986 type: string 987 type: array 988 customNetworkInterfaceName: 989 description: CustomNetworkInterfaceName specifies 990 the network interface name associated with the private 991 endpoint. 992 type: string 993 location: 994 description: Location specifies the region to create 995 the private endpoint. 996 type: string 997 manualApproval: 998 description: |- 999 ManualApproval specifies if the connection approval needs to be done manually or not. 1000 Set it true when the network admin does not have access to approve connections to the remote resource. 1001 Defaults to false. 1002 type: boolean 1003 name: 1004 description: Name specifies the name of the private 1005 endpoint. 1006 type: string 1007 privateIPAddresses: 1008 description: |- 1009 PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. 1010 They have to be part of the subnet where the private endpoint is linked. 1011 items: 1012 type: string 1013 type: array 1014 privateLinkServiceConnections: 1015 description: PrivateLinkServiceConnections specifies 1016 Private Link Service Connections of the private 1017 endpoint. 1018 items: 1019 description: PrivateLinkServiceConnection defines 1020 the specification for a private link service connection 1021 associated with a private endpoint. 1022 properties: 1023 groupIDs: 1024 description: GroupIDs specifies the ID(s) of 1025 the group(s) obtained from the remote resource 1026 that this private endpoint should connect 1027 to. 1028 items: 1029 type: string 1030 type: array 1031 name: 1032 description: Name specifies the name of the 1033 private link service. 1034 type: string 1035 privateLinkServiceID: 1036 description: PrivateLinkServiceID specifies 1037 the resource ID of the private link service. 1038 type: string 1039 requestMessage: 1040 description: RequestMessage specifies a message 1041 passed to the owner of the remote resource 1042 with the private endpoint connection request. 1043 maxLength: 140 1044 type: string 1045 type: object 1046 type: array 1047 required: 1048 - name 1049 type: object 1050 type: array 1051 x-kubernetes-list-map-keys: 1052 - name 1053 x-kubernetes-list-type: map 1054 role: 1055 description: Role defines the subnet role (eg. Node, ControlPlane) 1056 enum: 1057 - node 1058 - control-plane 1059 - bastion 1060 - cluster 1061 type: string 1062 routeTable: 1063 description: RouteTable defines the route table that should 1064 be attached to this subnet. 1065 properties: 1066 id: 1067 description: |- 1068 ID is the Azure resource ID of the route table. 1069 READ-ONLY 1070 type: string 1071 name: 1072 type: string 1073 required: 1074 - name 1075 type: object 1076 securityGroup: 1077 description: SecurityGroup defines the NSG (network security 1078 group) that should be attached to this subnet. 1079 properties: 1080 id: 1081 description: |- 1082 ID is the Azure resource ID of the security group. 1083 READ-ONLY 1084 type: string 1085 name: 1086 type: string 1087 securityRules: 1088 description: SecurityRules is a slice of Azure security 1089 rules for security groups. 1090 items: 1091 description: SecurityRule defines an Azure security 1092 rule for security groups. 1093 properties: 1094 action: 1095 default: Allow 1096 description: Action specifies whether network 1097 traffic is allowed or denied. Can either be 1098 "Allow" or "Deny". Defaults to "Allow". 1099 enum: 1100 - Allow 1101 - Deny 1102 type: string 1103 description: 1104 description: A description for this rule. Restricted 1105 to 140 chars. 1106 type: string 1107 destination: 1108 description: Destination is the destination address 1109 prefix. CIDR or destination IP range. Asterix 1110 '*' can also be used to match all source IPs. 1111 Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' 1112 and 'Internet' can also be used. 1113 type: string 1114 destinationPorts: 1115 description: DestinationPorts specifies the destination 1116 port or range. Integer or range between 0 and 1117 65535. Asterix '*' can also be used to match 1118 all ports. 1119 type: string 1120 direction: 1121 description: Direction indicates whether the rule 1122 applies to inbound, or outbound traffic. "Inbound" 1123 or "Outbound". 1124 enum: 1125 - Inbound 1126 - Outbound 1127 type: string 1128 name: 1129 description: Name is a unique name within the 1130 network security group. 1131 type: string 1132 priority: 1133 description: Priority is a number between 100 1134 and 4096. Each rule should have a unique value 1135 for priority. Rules are processed in priority 1136 order, with lower numbers processed before higher 1137 numbers. Once traffic matches a rule, processing 1138 stops. 1139 format: int32 1140 type: integer 1141 protocol: 1142 description: Protocol specifies the protocol type. 1143 "Tcp", "Udp", "Icmp", or "*". 1144 enum: 1145 - Tcp 1146 - Udp 1147 - Icmp 1148 - '*' 1149 type: string 1150 source: 1151 description: Source specifies the CIDR or source 1152 IP range. Asterix '*' can also be used to match 1153 all source IPs. Default tags such as 'VirtualNetwork', 1154 'AzureLoadBalancer' and 'Internet' can also 1155 be used. If this is an ingress rule, specifies 1156 where network traffic originates from. 1157 type: string 1158 sourcePorts: 1159 description: SourcePorts specifies source port 1160 or range. Integer or range between 0 and 65535. 1161 Asterix '*' can also be used to match all ports. 1162 type: string 1163 sources: 1164 description: Sources specifies The CIDR or source 1165 IP ranges. 1166 items: 1167 type: string 1168 type: array 1169 required: 1170 - description 1171 - direction 1172 - name 1173 - protocol 1174 type: object 1175 type: array 1176 x-kubernetes-list-map-keys: 1177 - name 1178 x-kubernetes-list-type: map 1179 tags: 1180 additionalProperties: 1181 type: string 1182 description: Tags defines a map of tags. 1183 type: object 1184 required: 1185 - name 1186 type: object 1187 serviceEndpoints: 1188 description: ServiceEndpoints is a slice of Virtual Network 1189 service endpoints to enable for the subnets. 1190 items: 1191 description: ServiceEndpointSpec configures an Azure Service 1192 Endpoint. 1193 properties: 1194 locations: 1195 items: 1196 type: string 1197 type: array 1198 service: 1199 type: string 1200 required: 1201 - locations 1202 - service 1203 type: object 1204 type: array 1205 x-kubernetes-list-map-keys: 1206 - service 1207 x-kubernetes-list-type: map 1208 required: 1209 - name 1210 - role 1211 type: object 1212 type: array 1213 x-kubernetes-list-map-keys: 1214 - name 1215 x-kubernetes-list-type: map 1216 vnet: 1217 description: Vnet is the configuration for the Azure virtual network. 1218 properties: 1219 cidrBlocks: 1220 description: CIDRBlocks defines the virtual network's address 1221 space, specified as one or more address prefixes in CIDR 1222 notation. 1223 items: 1224 type: string 1225 type: array 1226 id: 1227 description: |- 1228 ID is the Azure resource ID of the virtual network. 1229 READ-ONLY 1230 type: string 1231 name: 1232 description: Name defines a name for the virtual network resource. 1233 type: string 1234 peerings: 1235 description: Peerings defines a list of peerings of the newly 1236 created virtual network with existing virtual networks. 1237 items: 1238 description: VnetPeeringSpec specifies an existing remote 1239 virtual network to peer with the AzureCluster's virtual 1240 network. 1241 properties: 1242 forwardPeeringProperties: 1243 description: |- 1244 ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the 1245 remote virtual network. 1246 properties: 1247 allowForwardedTraffic: 1248 description: |- 1249 AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be 1250 allowed/disallowed in remote virtual network. 1251 type: boolean 1252 allowGatewayTransit: 1253 description: |- 1254 AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual 1255 network. 1256 type: boolean 1257 allowVirtualNetworkAccess: 1258 description: |- 1259 AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access 1260 the VMs in remote virtual network space. 1261 type: boolean 1262 useRemoteGateways: 1263 description: |- 1264 UseRemoteGateways specifies if remote gateways can be used on this virtual network. 1265 If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network 1266 will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. 1267 This flag cannot be set if virtual network already has a gateway. 1268 type: boolean 1269 type: object 1270 remoteVnetName: 1271 description: RemoteVnetName defines name of the remote 1272 virtual network. 1273 type: string 1274 resourceGroup: 1275 description: ResourceGroup is the resource group name 1276 of the remote virtual network. 1277 type: string 1278 reversePeeringProperties: 1279 description: |- 1280 ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the 1281 cluster's virtual network. 1282 properties: 1283 allowForwardedTraffic: 1284 description: |- 1285 AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be 1286 allowed/disallowed in remote virtual network. 1287 type: boolean 1288 allowGatewayTransit: 1289 description: |- 1290 AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual 1291 network. 1292 type: boolean 1293 allowVirtualNetworkAccess: 1294 description: |- 1295 AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access 1296 the VMs in remote virtual network space. 1297 type: boolean 1298 useRemoteGateways: 1299 description: |- 1300 UseRemoteGateways specifies if remote gateways can be used on this virtual network. 1301 If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network 1302 will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. 1303 This flag cannot be set if virtual network already has a gateway. 1304 type: boolean 1305 type: object 1306 required: 1307 - remoteVnetName 1308 type: object 1309 type: array 1310 resourceGroup: 1311 description: |- 1312 ResourceGroup is the name of the resource group of the existing virtual network 1313 or the resource group where a managed virtual network should be created. 1314 type: string 1315 tags: 1316 additionalProperties: 1317 type: string 1318 description: Tags is a collection of tags describing the resource. 1319 type: object 1320 required: 1321 - name 1322 type: object 1323 type: object 1324 resourceGroup: 1325 type: string 1326 subscriptionID: 1327 type: string 1328 required: 1329 - location 1330 type: object 1331 status: 1332 description: AzureClusterStatus defines the observed state of AzureCluster. 1333 properties: 1334 conditions: 1335 description: Conditions defines current service state of the AzureCluster. 1336 items: 1337 description: Condition defines an observation of a Cluster API resource 1338 operational state. 1339 properties: 1340 lastTransitionTime: 1341 description: |- 1342 Last time the condition transitioned from one status to another. 1343 This should be when the underlying condition changed. If that is not known, then using the time when 1344 the API field changed is acceptable. 1345 format: date-time 1346 type: string 1347 message: 1348 description: |- 1349 A human readable message indicating details about the transition. 1350 This field may be empty. 1351 type: string 1352 reason: 1353 description: |- 1354 The reason for the condition's last transition in CamelCase. 1355 The specific API may choose whether or not this field is considered a guaranteed API. 1356 This field may not be empty. 1357 type: string 1358 severity: 1359 description: |- 1360 Severity provides an explicit classification of Reason code, so the users or machines can immediately 1361 understand the current situation and act accordingly. 1362 The Severity field MUST be set only when Status=False. 1363 type: string 1364 status: 1365 description: Status of the condition, one of True, False, Unknown. 1366 type: string 1367 type: 1368 description: |- 1369 Type of condition in CamelCase or in foo.example.com/CamelCase. 1370 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 1371 can be useful (see .node.status.conditions), the ability to deconflict is important. 1372 type: string 1373 required: 1374 - lastTransitionTime 1375 - status 1376 - type 1377 type: object 1378 type: array 1379 failureDomains: 1380 additionalProperties: 1381 description: |- 1382 FailureDomainSpec is the Schema for Cluster API failure domains. 1383 It allows controllers to understand how many failure domains a cluster can optionally span across. 1384 properties: 1385 attributes: 1386 additionalProperties: 1387 type: string 1388 description: Attributes is a free form map of attributes an 1389 infrastructure provider might use or require. 1390 type: object 1391 controlPlane: 1392 description: ControlPlane determines if this failure domain 1393 is suitable for use by control plane machines. 1394 type: boolean 1395 type: object 1396 description: |- 1397 FailureDomains specifies the list of unique failure domains for the location/region of the cluster. 1398 A FailureDomain maps to Availability Zone with an Azure Region (if the region support them). An 1399 Availability Zone is a separate data center within a region and they can be used to ensure 1400 the cluster is more resilient to failure. 1401 See: https://learn.microsoft.com/azure/reliability/availability-zones-overview 1402 This list will be used by Cluster API to try and spread the machines across the failure domains. 1403 type: object 1404 longRunningOperationStates: 1405 description: |- 1406 LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the 1407 next reconciliation loop. 1408 items: 1409 description: Future contains the data needed for an Azure long-running 1410 operation to continue across reconcile loops. 1411 properties: 1412 data: 1413 description: Data is the base64 url encoded json Azure AutoRest 1414 Future. 1415 type: string 1416 name: 1417 description: |- 1418 Name is the name of the Azure resource. 1419 Together with the service name, this forms the unique identifier for the future. 1420 type: string 1421 resourceGroup: 1422 description: ResourceGroup is the Azure resource group for the 1423 resource. 1424 type: string 1425 serviceName: 1426 description: |- 1427 ServiceName is the name of the Azure service. 1428 Together with the name of the resource, this forms the unique identifier for the future. 1429 type: string 1430 type: 1431 description: Type describes the type of future, such as update, 1432 create, delete, etc. 1433 type: string 1434 required: 1435 - data 1436 - name 1437 - serviceName 1438 - type 1439 type: object 1440 type: array 1441 ready: 1442 description: Ready is true when the provider resource is ready. 1443 type: boolean 1444 type: object 1445 type: object 1446 served: true 1447 storage: true 1448 subresources: 1449 status: {}