sigs.k8s.io/cluster-api-provider-azure@v1.17.0/templates/cluster-template-windows.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 cni-windows: calico 6 csi-proxy: enabled 7 windows: enabled 8 name: ${CLUSTER_NAME} 9 namespace: default 10 spec: 11 clusterNetwork: 12 pods: 13 cidrBlocks: 14 - 192.168.0.0/16 15 controlPlaneRef: 16 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 17 kind: KubeadmControlPlane 18 name: ${CLUSTER_NAME}-control-plane 19 infrastructureRef: 20 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 21 kind: AzureCluster 22 name: ${CLUSTER_NAME} 23 --- 24 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 25 kind: AzureCluster 26 metadata: 27 name: ${CLUSTER_NAME} 28 namespace: default 29 spec: 30 identityRef: 31 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 32 kind: AzureClusterIdentity 33 name: ${CLUSTER_IDENTITY_NAME} 34 location: ${AZURE_LOCATION} 35 networkSpec: 36 subnets: 37 - name: control-plane-subnet 38 role: control-plane 39 - name: node-subnet 40 role: node 41 vnet: 42 name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} 43 resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} 44 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 45 --- 46 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 47 kind: KubeadmControlPlane 48 metadata: 49 name: ${CLUSTER_NAME}-control-plane 50 namespace: default 51 spec: 52 kubeadmConfigSpec: 53 clusterConfiguration: 54 apiServer: 55 extraArgs: 56 cloud-provider: external 57 timeoutForControlPlane: 20m 58 controllerManager: 59 extraArgs: 60 allocate-node-cidrs: "false" 61 cloud-provider: external 62 cluster-name: ${CLUSTER_NAME} 63 etcd: 64 local: 65 dataDir: /var/lib/etcddisk/etcd 66 extraArgs: 67 quota-backend-bytes: "8589934592" 68 diskSetup: 69 filesystems: 70 - device: /dev/disk/azure/scsi1/lun0 71 extraOpts: 72 - -E 73 - lazy_itable_init=1,lazy_journal_init=1 74 filesystem: ext4 75 label: etcd_disk 76 - device: ephemeral0.1 77 filesystem: ext4 78 label: ephemeral0 79 replaceFS: ntfs 80 partitions: 81 - device: /dev/disk/azure/scsi1/lun0 82 layout: true 83 overwrite: false 84 tableType: gpt 85 files: 86 - contentFrom: 87 secret: 88 key: control-plane-azure.json 89 name: ${CLUSTER_NAME}-control-plane-azure-json 90 owner: root:root 91 path: /etc/kubernetes/azure.json 92 permissions: "0644" 93 initConfiguration: 94 nodeRegistration: 95 kubeletExtraArgs: 96 cloud-provider: external 97 name: '{{ ds.meta_data["local_hostname"] }}' 98 joinConfiguration: 99 nodeRegistration: 100 kubeletExtraArgs: 101 cloud-provider: external 102 name: '{{ ds.meta_data["local_hostname"] }}' 103 mounts: 104 - - LABEL=etcd_disk 105 - /var/lib/etcddisk 106 postKubeadmCommands: [] 107 preKubeadmCommands: [] 108 machineTemplate: 109 infrastructureRef: 110 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 111 kind: AzureMachineTemplate 112 name: ${CLUSTER_NAME}-control-plane 113 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 114 version: ${KUBERNETES_VERSION} 115 --- 116 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 117 kind: AzureMachineTemplate 118 metadata: 119 name: ${CLUSTER_NAME}-control-plane 120 namespace: default 121 spec: 122 template: 123 spec: 124 dataDisks: 125 - diskSizeGB: 256 126 lun: 0 127 nameSuffix: etcddisk 128 identity: UserAssigned 129 osDisk: 130 diskSizeGB: 128 131 osType: Linux 132 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 133 userAssignedIdentities: 134 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 135 vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} 136 --- 137 apiVersion: cluster.x-k8s.io/v1beta1 138 kind: MachineDeployment 139 metadata: 140 name: ${CLUSTER_NAME}-md-0 141 namespace: default 142 spec: 143 clusterName: ${CLUSTER_NAME} 144 replicas: ${WORKER_MACHINE_COUNT:=2} 145 selector: 146 matchLabels: null 147 template: 148 spec: 149 bootstrap: 150 configRef: 151 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 152 kind: KubeadmConfigTemplate 153 name: ${CLUSTER_NAME}-md-0 154 clusterName: ${CLUSTER_NAME} 155 infrastructureRef: 156 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 157 kind: AzureMachineTemplate 158 name: ${CLUSTER_NAME}-md-0 159 version: ${KUBERNETES_VERSION} 160 --- 161 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 162 kind: AzureMachineTemplate 163 metadata: 164 name: ${CLUSTER_NAME}-md-0 165 namespace: default 166 spec: 167 template: 168 spec: 169 osDisk: 170 diskSizeGB: 128 171 osType: Linux 172 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 173 vmSize: ${AZURE_NODE_MACHINE_TYPE} 174 --- 175 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 176 kind: KubeadmConfigTemplate 177 metadata: 178 name: ${CLUSTER_NAME}-md-0 179 namespace: default 180 spec: 181 template: 182 spec: 183 files: 184 - contentFrom: 185 secret: 186 key: worker-node-azure.json 187 name: ${CLUSTER_NAME}-md-0-azure-json 188 owner: root:root 189 path: /etc/kubernetes/azure.json 190 permissions: "0644" 191 joinConfiguration: 192 nodeRegistration: 193 kubeletExtraArgs: 194 cloud-provider: external 195 name: '{{ ds.meta_data["local_hostname"] }}' 196 preKubeadmCommands: [] 197 --- 198 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 199 kind: AzureClusterIdentity 200 metadata: 201 labels: 202 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 203 name: ${CLUSTER_IDENTITY_NAME} 204 namespace: default 205 spec: 206 allowedNamespaces: {} 207 clientID: ${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY} 208 tenantID: ${AZURE_TENANT_ID} 209 type: ${CLUSTER_IDENTITY_TYPE:=WorkloadIdentity} 210 --- 211 apiVersion: cluster.x-k8s.io/v1beta1 212 kind: MachineDeployment 213 metadata: 214 name: ${CLUSTER_NAME}-md-win 215 namespace: default 216 spec: 217 clusterName: ${CLUSTER_NAME} 218 replicas: ${WORKER_MACHINE_COUNT:=2} 219 selector: 220 matchLabels: null 221 template: 222 spec: 223 bootstrap: 224 configRef: 225 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 226 kind: KubeadmConfigTemplate 227 name: ${CLUSTER_NAME}-md-win 228 clusterName: ${CLUSTER_NAME} 229 infrastructureRef: 230 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 231 kind: AzureMachineTemplate 232 name: ${CLUSTER_NAME}-md-win 233 version: ${KUBERNETES_VERSION} 234 --- 235 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 236 kind: AzureMachineTemplate 237 metadata: 238 annotations: 239 runtime: containerd 240 name: ${CLUSTER_NAME}-md-win 241 namespace: default 242 spec: 243 template: 244 metadata: 245 annotations: 246 runtime: containerd 247 spec: 248 identity: UserAssigned 249 osDisk: 250 diskSizeGB: 128 251 managedDisk: 252 storageAccountType: Premium_LRS 253 osType: Windows 254 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 255 userAssignedIdentities: 256 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 257 vmSize: ${AZURE_NODE_MACHINE_TYPE} 258 --- 259 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 260 kind: KubeadmConfigTemplate 261 metadata: 262 name: ${CLUSTER_NAME}-md-win 263 namespace: default 264 spec: 265 template: 266 spec: 267 files: 268 - contentFrom: 269 secret: 270 key: worker-node-azure.json 271 name: ${CLUSTER_NAME}-md-win-azure-json 272 owner: root:root 273 path: c:/k/azure.json 274 permissions: "0644" 275 - content: |- 276 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico.exe 277 Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico-ipam.exe 278 path: C:/defender-exclude-calico.ps1 279 permissions: "0744" 280 joinConfiguration: 281 nodeRegistration: 282 criSocket: npipe:////./pipe/containerd-containerd 283 kubeletExtraArgs: 284 cloud-provider: external 285 v: "2" 286 windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS 287 name: '{{ ds.meta_data["local_hostname"] }}' 288 postKubeadmCommands: 289 - nssm set kubelet start SERVICE_AUTO_START 290 - powershell C:/defender-exclude-calico.ps1 291 preKubeadmCommands: [] 292 users: 293 - groups: Administrators 294 name: capi 295 sshAuthorizedKeys: 296 - ${AZURE_SSH_PUBLIC_KEY:=""}