sigs.k8s.io/cluster-api-provider-azure@v1.17.0/templates/cluster-template-aad.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 name: ${CLUSTER_NAME} 5 namespace: default 6 spec: 7 clusterNetwork: 8 pods: 9 cidrBlocks: 10 - 192.168.0.0/16 11 controlPlaneRef: 12 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 13 kind: KubeadmControlPlane 14 name: ${CLUSTER_NAME}-control-plane 15 infrastructureRef: 16 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 17 kind: AzureCluster 18 name: ${CLUSTER_NAME} 19 --- 20 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 21 kind: AzureCluster 22 metadata: 23 name: ${CLUSTER_NAME} 24 namespace: default 25 spec: 26 identityRef: 27 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 28 kind: AzureClusterIdentity 29 name: ${CLUSTER_IDENTITY_NAME} 30 location: ${AZURE_LOCATION} 31 networkSpec: 32 subnets: 33 - name: control-plane-subnet 34 role: control-plane 35 - name: node-subnet 36 role: node 37 vnet: 38 name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} 39 resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} 40 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 41 --- 42 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 43 kind: KubeadmControlPlane 44 metadata: 45 name: ${CLUSTER_NAME}-control-plane 46 namespace: default 47 spec: 48 kubeadmConfigSpec: 49 clusterConfiguration: 50 apiServer: 51 extraArgs: 52 cloud-provider: external 53 oidc-client-id: ${AZURE_SERVER_APP_ID} 54 oidc-groups-claim: groups 55 oidc-issuer-url: https://sts.windows.net/${AZURE_TENANT_ID}/ 56 oidc-username-claim: oid 57 oidc-username-prefix: '-' 58 timeoutForControlPlane: 20m 59 controllerManager: 60 extraArgs: 61 allocate-node-cidrs: "false" 62 cloud-provider: external 63 cluster-name: ${CLUSTER_NAME} 64 etcd: 65 local: 66 dataDir: /var/lib/etcddisk/etcd 67 extraArgs: 68 quota-backend-bytes: "8589934592" 69 diskSetup: 70 filesystems: 71 - device: /dev/disk/azure/scsi1/lun0 72 extraOpts: 73 - -E 74 - lazy_itable_init=1,lazy_journal_init=1 75 filesystem: ext4 76 label: etcd_disk 77 - device: ephemeral0.1 78 filesystem: ext4 79 label: ephemeral0 80 replaceFS: ntfs 81 partitions: 82 - device: /dev/disk/azure/scsi1/lun0 83 layout: true 84 overwrite: false 85 tableType: gpt 86 files: 87 - contentFrom: 88 secret: 89 key: control-plane-azure.json 90 name: ${CLUSTER_NAME}-control-plane-azure-json 91 owner: root:root 92 path: /etc/kubernetes/azure.json 93 permissions: "0644" 94 initConfiguration: 95 nodeRegistration: 96 kubeletExtraArgs: 97 cloud-provider: external 98 name: '{{ ds.meta_data["local_hostname"] }}' 99 joinConfiguration: 100 nodeRegistration: 101 kubeletExtraArgs: 102 cloud-provider: external 103 name: '{{ ds.meta_data["local_hostname"] }}' 104 mounts: 105 - - LABEL=etcd_disk 106 - /var/lib/etcddisk 107 postKubeadmCommands: [] 108 preKubeadmCommands: [] 109 machineTemplate: 110 infrastructureRef: 111 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 112 kind: AzureMachineTemplate 113 name: ${CLUSTER_NAME}-control-plane 114 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 115 version: ${KUBERNETES_VERSION} 116 --- 117 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 118 kind: AzureMachineTemplate 119 metadata: 120 name: ${CLUSTER_NAME}-control-plane 121 namespace: default 122 spec: 123 template: 124 spec: 125 dataDisks: 126 - diskSizeGB: 256 127 lun: 0 128 nameSuffix: etcddisk 129 identity: UserAssigned 130 osDisk: 131 diskSizeGB: 128 132 osType: Linux 133 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 134 userAssignedIdentities: 135 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 136 vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} 137 --- 138 apiVersion: cluster.x-k8s.io/v1beta1 139 kind: MachineDeployment 140 metadata: 141 name: ${CLUSTER_NAME}-md-0 142 namespace: default 143 spec: 144 clusterName: ${CLUSTER_NAME} 145 replicas: ${WORKER_MACHINE_COUNT:=2} 146 selector: 147 matchLabels: null 148 template: 149 spec: 150 bootstrap: 151 configRef: 152 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 153 kind: KubeadmConfigTemplate 154 name: ${CLUSTER_NAME}-md-0 155 clusterName: ${CLUSTER_NAME} 156 infrastructureRef: 157 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 158 kind: AzureMachineTemplate 159 name: ${CLUSTER_NAME}-md-0 160 version: ${KUBERNETES_VERSION} 161 --- 162 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 163 kind: AzureMachineTemplate 164 metadata: 165 name: ${CLUSTER_NAME}-md-0 166 namespace: default 167 spec: 168 template: 169 spec: 170 osDisk: 171 diskSizeGB: 128 172 managedDisk: 173 storageAccountType: Premium_LRS 174 osType: Linux 175 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 176 vmSize: ${AZURE_NODE_MACHINE_TYPE} 177 --- 178 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 179 kind: KubeadmConfigTemplate 180 metadata: 181 name: ${CLUSTER_NAME}-md-0 182 namespace: default 183 spec: 184 template: 185 spec: 186 files: 187 - contentFrom: 188 secret: 189 key: worker-node-azure.json 190 name: ${CLUSTER_NAME}-md-0-azure-json 191 owner: root:root 192 path: /etc/kubernetes/azure.json 193 permissions: "0644" 194 joinConfiguration: 195 nodeRegistration: 196 kubeletExtraArgs: 197 cloud-provider: external 198 name: '{{ ds.meta_data["local_hostname"] }}' 199 --- 200 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 201 kind: AzureClusterIdentity 202 metadata: 203 labels: 204 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 205 name: ${CLUSTER_IDENTITY_NAME} 206 namespace: default 207 spec: 208 allowedNamespaces: {} 209 clientID: ${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY} 210 tenantID: ${AZURE_TENANT_ID} 211 type: ${CLUSTER_IDENTITY_TYPE:=WorkloadIdentity}