sigs.k8s.io/cluster-api-provider-azure@v1.17.0/templates/test/ci/cluster-template-prow-machine-pool-flex.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 cloud-provider: ${CLOUD_PROVIDER_AZURE_LABEL:=azure} 6 cni: calico 7 cni-windows: ${CLUSTER_NAME}-calico 8 containerd-logger: enabled 9 csi-proxy: enabled 10 windows: enabled 11 name: ${CLUSTER_NAME} 12 namespace: default 13 spec: 14 clusterNetwork: 15 pods: 16 cidrBlocks: 17 - 192.168.0.0/16 18 controlPlaneRef: 19 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 20 kind: KubeadmControlPlane 21 name: ${CLUSTER_NAME}-control-plane 22 infrastructureRef: 23 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 24 kind: AzureCluster 25 name: ${CLUSTER_NAME} 26 --- 27 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 28 kind: AzureCluster 29 metadata: 30 name: ${CLUSTER_NAME} 31 namespace: default 32 spec: 33 additionalTags: 34 buildProvenance: ${BUILD_PROVENANCE} 35 creationTimestamp: ${TIMESTAMP} 36 jobName: ${JOB_NAME} 37 identityRef: 38 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 39 kind: AzureClusterIdentity 40 name: ${CLUSTER_IDENTITY_NAME} 41 location: ${AZURE_LOCATION} 42 networkSpec: 43 subnets: 44 - name: control-plane-subnet 45 role: control-plane 46 - name: node-subnet 47 role: node 48 vnet: 49 name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} 50 resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} 51 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 52 --- 53 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 54 kind: KubeadmControlPlane 55 metadata: 56 name: ${CLUSTER_NAME}-control-plane 57 namespace: default 58 spec: 59 kubeadmConfigSpec: 60 clusterConfiguration: 61 apiServer: 62 extraArgs: 63 cloud-provider: external 64 timeoutForControlPlane: 20m 65 controllerManager: 66 extraArgs: 67 allocate-node-cidrs: "false" 68 cloud-provider: external 69 cluster-name: ${CLUSTER_NAME} 70 v: "4" 71 etcd: 72 local: 73 dataDir: /var/lib/etcddisk/etcd 74 extraArgs: 75 quota-backend-bytes: "8589934592" 76 diskSetup: 77 filesystems: 78 - device: /dev/disk/azure/scsi1/lun0 79 extraOpts: 80 - -E 81 - lazy_itable_init=1,lazy_journal_init=1 82 filesystem: ext4 83 label: etcd_disk 84 - device: ephemeral0.1 85 filesystem: ext4 86 label: ephemeral0 87 replaceFS: ntfs 88 partitions: 89 - device: /dev/disk/azure/scsi1/lun0 90 layout: true 91 overwrite: false 92 tableType: gpt 93 files: 94 - contentFrom: 95 secret: 96 key: control-plane-azure.json 97 name: ${CLUSTER_NAME}-control-plane-azure-json 98 owner: root:root 99 path: /etc/kubernetes/azure.json 100 permissions: "0644" 101 initConfiguration: 102 nodeRegistration: 103 kubeletExtraArgs: 104 cloud-provider: external 105 name: '{{ ds.meta_data["local_hostname"] }}' 106 joinConfiguration: 107 nodeRegistration: 108 kubeletExtraArgs: 109 cloud-provider: external 110 name: '{{ ds.meta_data["local_hostname"] }}' 111 mounts: 112 - - LABEL=etcd_disk 113 - /var/lib/etcddisk 114 postKubeadmCommands: [] 115 preKubeadmCommands: [] 116 machineTemplate: 117 infrastructureRef: 118 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 119 kind: AzureMachineTemplate 120 name: ${CLUSTER_NAME}-control-plane 121 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 122 version: ${KUBERNETES_VERSION} 123 --- 124 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 125 kind: AzureMachineTemplate 126 metadata: 127 name: ${CLUSTER_NAME}-control-plane 128 namespace: default 129 spec: 130 template: 131 spec: 132 dataDisks: 133 - diskSizeGB: 256 134 lun: 0 135 nameSuffix: etcddisk 136 identity: UserAssigned 137 osDisk: 138 diskSizeGB: 128 139 osType: Linux 140 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 141 userAssignedIdentities: 142 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 143 vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} 144 --- 145 apiVersion: cluster.x-k8s.io/v1beta1 146 kind: MachinePool 147 metadata: 148 name: ${CLUSTER_NAME}-mp-0 149 namespace: default 150 spec: 151 clusterName: ${CLUSTER_NAME} 152 replicas: ${WORKER_MACHINE_COUNT:=2} 153 template: 154 spec: 155 bootstrap: 156 configRef: 157 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 158 kind: KubeadmConfig 159 name: ${CLUSTER_NAME}-mp-0 160 clusterName: ${CLUSTER_NAME} 161 infrastructureRef: 162 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 163 kind: AzureMachinePool 164 name: ${CLUSTER_NAME}-mp-0 165 version: ${KUBERNETES_VERSION} 166 --- 167 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 168 kind: AzureMachinePool 169 metadata: 170 name: ${CLUSTER_NAME}-mp-0 171 namespace: default 172 spec: 173 location: ${AZURE_LOCATION} 174 orchestrationMode: Flexible 175 strategy: 176 rollingUpdate: 177 maxSurge: 0% 178 maxUnavailable: 0 179 type: RollingUpdate 180 template: 181 osDisk: 182 diskSizeGB: 30 183 managedDisk: 184 storageAccountType: Premium_LRS 185 osType: Linux 186 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 187 vmExtensions: 188 - name: CustomScript 189 protectedSettings: 190 commandToExecute: | 191 #!/bin/sh 192 echo "This script is a no-op used for extension testing purposes ..." 193 touch test_file 194 publisher: Microsoft.Azure.Extensions 195 version: "2.1" 196 vmSize: ${AZURE_NODE_MACHINE_TYPE} 197 --- 198 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 199 kind: KubeadmConfig 200 metadata: 201 name: ${CLUSTER_NAME}-mp-0 202 namespace: default 203 spec: 204 files: 205 - contentFrom: 206 secret: 207 key: worker-node-azure.json 208 name: ${CLUSTER_NAME}-mp-0-azure-json 209 owner: root:root 210 path: /etc/kubernetes/azure.json 211 permissions: "0644" 212 joinConfiguration: 213 nodeRegistration: 214 kubeletExtraArgs: 215 cloud-provider: external 216 name: '{{ ds.meta_data["local_hostname"] }}' 217 --- 218 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 219 kind: AzureClusterIdentity 220 metadata: 221 labels: 222 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 223 name: ${CLUSTER_IDENTITY_NAME} 224 namespace: default 225 spec: 226 allowedNamespaces: {} 227 clientID: ${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY} 228 tenantID: ${AZURE_TENANT_ID} 229 type: ${CLUSTER_IDENTITY_TYPE:=WorkloadIdentity} 230 --- 231 apiVersion: cluster.x-k8s.io/v1beta1 232 kind: MachinePool 233 metadata: 234 name: ${CLUSTER_NAME}-mp-win 235 namespace: default 236 spec: 237 clusterName: ${CLUSTER_NAME} 238 replicas: ${WINDOWS_WORKER_MACHINE_COUNT:-0} 239 template: 240 spec: 241 bootstrap: 242 configRef: 243 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 244 kind: KubeadmConfig 245 name: ${CLUSTER_NAME}-mp-win 246 clusterName: ${CLUSTER_NAME} 247 infrastructureRef: 248 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 249 kind: AzureMachinePool 250 name: ${CLUSTER_NAME}-mp-win 251 version: ${KUBERNETES_VERSION} 252 --- 253 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 254 kind: AzureMachinePool 255 metadata: 256 annotations: 257 runtime: containerd 258 windowsServerVersion: ${WINDOWS_SERVER_VERSION:=""} 259 name: ${CLUSTER_NAME}-mp-win 260 namespace: default 261 spec: 262 location: ${AZURE_LOCATION} 263 orchestrationMode: Flexible 264 strategy: 265 rollingUpdate: 266 maxSurge: 0% 267 maxUnavailable: 0 268 type: RollingUpdate 269 template: 270 osDisk: 271 diskSizeGB: 128 272 managedDisk: 273 storageAccountType: Premium_LRS 274 osType: Windows 275 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 276 vmSize: ${AZURE_NODE_MACHINE_TYPE} 277 --- 278 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 279 kind: KubeadmConfig 280 metadata: 281 name: ${CLUSTER_NAME}-mp-win 282 namespace: default 283 spec: 284 files: 285 - contentFrom: 286 secret: 287 key: worker-node-azure.json 288 name: ${CLUSTER_NAME}-mp-win-azure-json 289 owner: root:root 290 path: c:/k/azure.json 291 permissions: "0644" 292 - content: Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico.exe 293 path: C:/defender-exclude-calico.ps1 294 permissions: "0744" 295 joinConfiguration: 296 nodeRegistration: 297 criSocket: npipe:////./pipe/containerd-containerd 298 kubeletExtraArgs: 299 cloud-provider: external 300 pod-infra-container-image: mcr.microsoft.com/oss/kubernetes/pause:3.9 301 name: '{{ ds.meta_data["local_hostname"] }}' 302 postKubeadmCommands: 303 - nssm set kubelet start SERVICE_AUTO_START 304 - powershell C:/defender-exclude-calico.ps1 305 preKubeadmCommands: 306 - powershell c:/create-external-network.ps1 307 users: 308 - groups: Administrators 309 name: capi 310 sshAuthorizedKeys: 311 - ${AZURE_SSH_PUBLIC_KEY:=""} 312 --- 313 apiVersion: addons.cluster.x-k8s.io/v1beta1 314 kind: ClusterResourceSet 315 metadata: 316 name: ${CLUSTER_NAME}-calico-windows 317 namespace: default 318 spec: 319 clusterSelector: 320 matchLabels: 321 cni-windows: ${CLUSTER_NAME}-calico 322 resources: 323 - kind: ConfigMap 324 name: cni-${CLUSTER_NAME}-calico-windows 325 strategy: ApplyOnce 326 --- 327 apiVersion: addons.cluster.x-k8s.io/v1beta1 328 kind: ClusterResourceSet 329 metadata: 330 name: csi-proxy 331 namespace: default 332 spec: 333 clusterSelector: 334 matchLabels: 335 csi-proxy: enabled 336 resources: 337 - kind: ConfigMap 338 name: csi-proxy-addon 339 strategy: ApplyOnce 340 --- 341 apiVersion: addons.cluster.x-k8s.io/v1beta1 342 kind: ClusterResourceSet 343 metadata: 344 name: containerd-logger-${CLUSTER_NAME} 345 namespace: default 346 spec: 347 clusterSelector: 348 matchLabels: 349 containerd-logger: enabled 350 resources: 351 - kind: ConfigMap 352 name: containerd-logger-${CLUSTER_NAME} 353 strategy: ApplyOnce 354 --- 355 apiVersion: addons.cluster.x-k8s.io/v1alpha1 356 kind: HelmChartProxy 357 metadata: 358 name: calico 359 namespace: default 360 spec: 361 chartName: tigera-operator 362 clusterSelector: 363 matchLabels: 364 cni: calico 365 namespace: tigera-operator 366 releaseName: projectcalico 367 repoURL: https://docs.tigera.io/calico/charts 368 valuesTemplate: |- 369 installation: 370 cni: 371 type: Calico 372 calicoNetwork: 373 bgp: Disabled 374 mtu: 1350 375 ipPools: 376 ipPools:{{range $i, $cidr := .Cluster.spec.clusterNetwork.pods.cidrBlocks }} 377 - cidr: {{ $cidr }} 378 encapsulation: VXLAN{{end}} 379 registry: mcr.microsoft.com/oss 380 # Image and registry configuration for the tigera/operator pod. 381 tigeraOperator: 382 image: tigera/operator 383 registry: mcr.microsoft.com/oss 384 calicoctl: 385 image: mcr.microsoft.com/oss/calico/ctl 386 version: ${CALICO_VERSION} 387 --- 388 apiVersion: addons.cluster.x-k8s.io/v1alpha1 389 kind: HelmChartProxy 390 metadata: 391 name: azuredisk-csi-driver-chart 392 namespace: default 393 spec: 394 chartName: azuredisk-csi-driver 395 clusterSelector: 396 matchLabels: 397 azuredisk-csi: "true" 398 namespace: kube-system 399 releaseName: azuredisk-csi-driver-oot 400 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts 401 valuesTemplate: |- 402 controller: 403 replicas: 1 404 runOnControlPlane: true 405 windows: 406 useHostProcessContainers: {{ hasKey .Cluster.metadata.labels "cni-windows" }} 407 --- 408 apiVersion: addons.cluster.x-k8s.io/v1alpha1 409 kind: HelmChartProxy 410 metadata: 411 name: cloud-provider-azure-chart 412 namespace: default 413 spec: 414 chartName: cloud-provider-azure 415 clusterSelector: 416 matchLabels: 417 cloud-provider: azure 418 releaseName: cloud-provider-azure-oot 419 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 420 valuesTemplate: | 421 infra: 422 clusterName: {{ .Cluster.metadata.name }} 423 cloudControllerManager: 424 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 425 logVerbosity: 4 426 --- 427 apiVersion: addons.cluster.x-k8s.io/v1alpha1 428 kind: HelmChartProxy 429 metadata: 430 name: cloud-provider-azure-chart-ci 431 namespace: default 432 spec: 433 chartName: cloud-provider-azure 434 clusterSelector: 435 matchLabels: 436 cloud-provider: azure-ci 437 releaseName: cloud-provider-azure-oot 438 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 439 valuesTemplate: | 440 infra: 441 clusterName: {{ .Cluster.metadata.name }} 442 cloudControllerManager: 443 cloudConfig: ${CLOUD_CONFIG:-"/etc/kubernetes/azure.json"} 444 cloudConfigSecretName: ${CONFIG_SECRET_NAME:-""} 445 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 446 imageName: "${CCM_IMAGE_NAME:-""}" 447 imageRepository: "${IMAGE_REGISTRY:-""}" 448 imageTag: "${IMAGE_TAG_CCM:-""}" 449 logVerbosity: ${CCM_LOG_VERBOSITY:-4} 450 replicas: ${CCM_COUNT:-1} 451 enableDynamicReloading: ${ENABLE_DYNAMIC_RELOADING:-false} 452 cloudNodeManager: 453 imageName: "${CNM_IMAGE_NAME:-""}" 454 imageRepository: "${IMAGE_REGISTRY:-""}" 455 imageTag: "${IMAGE_TAG_CNM:-""}" 456 --- 457 apiVersion: v1 458 data: 459 proxy: | 460 apiVersion: apps/v1 461 kind: DaemonSet 462 metadata: 463 labels: 464 k8s-app: kube-proxy 465 name: kube-proxy-windows 466 namespace: kube-system 467 spec: 468 selector: 469 matchLabels: 470 k8s-app: kube-proxy-windows 471 template: 472 metadata: 473 labels: 474 k8s-app: kube-proxy-windows 475 spec: 476 serviceAccountName: kube-proxy 477 securityContext: 478 windowsOptions: 479 hostProcess: true 480 runAsUserName: "NT AUTHORITY\\system" 481 hostNetwork: true 482 containers: 483 - image: sigwindowstools/kube-proxy:${KUBERNETES_VERSION/+/_}-calico-hostprocess 484 args: ["$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/start.ps1"] 485 workingDir: "$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/" 486 name: kube-proxy 487 env: 488 - name: NODE_NAME 489 valueFrom: 490 fieldRef: 491 apiVersion: v1 492 fieldPath: spec.nodeName 493 - name: POD_IP 494 valueFrom: 495 fieldRef: 496 fieldPath: status.podIP 497 - name: KUBEPROXY_PATH 498 valueFrom: 499 configMapKeyRef: 500 name: windows-kubeproxy-ci 501 key: KUBEPROXY_PATH 502 optional: true 503 volumeMounts: 504 - mountPath: /var/lib/kube-proxy 505 name: kube-proxy 506 nodeSelector: 507 kubernetes.io/os: windows 508 tolerations: 509 - key: CriticalAddonsOnly 510 operator: Exists 511 - operator: Exists 512 volumes: 513 - configMap: 514 name: kube-proxy 515 name: kube-proxy 516 updateStrategy: 517 type: RollingUpdate 518 windows-cni: "# strictAffinity required for windows\napiVersion: crd.projectcalico.org/v1\nkind: 519 IPAMConfig\nmetadata:\n name: default\nspec:\n autoAllocateBlocks: true\n strictAffinity: 520 true\n---\nkind: ConfigMap\napiVersion: v1\nmetadata:\n name: calico-static-rules\n 521 \ namespace: calico-system\n labels:\n tier: node\n app: calico\ndata:\n 522 \ static-rules.json: |\n {\n \"Provider\": \"azure\",\n \"Version\": 523 \"0.1\",\n \"Rules\": [\n {\n \"Name\": \"EndpointPolicy\",\n 524 \ \"Rule\": {\n \"Id\": \"wireserver\",\n \"Type\": 525 \"ACL\",\n \"Protocol\": 6,\n \"Action\": \"Block\",\n 526 \ \"Direction\": \"Out\",\n \"RemoteAddresses\": \"168.63.129.16/32\",\n 527 \ \"RemotePorts\": \"80\",\n \"Priority\": 200,\n \"RuleType\": 528 \"Switch\"\n }\n }\n ]\n } \n---\nkind: ConfigMap\napiVersion: 529 v1\nmetadata:\n name: calico-config-windows\n namespace: calico-system\n labels:\n 530 \ tier: node\n app: calico\ndata:\n veth_mtu: \"1350\"\n \n cni_network_config: 531 |\n {\n \"name\": \"Calico\",\n \"cniVersion\": \"0.3.1\",\n \"plugins\": 532 [\n {\n \"windows_use_single_network\": true,\n \"type\": 533 \"calico\",\n \"mode\": \"vxlan\",\n \"nodename\": \"__KUBERNETES_NODE_NAME__\",\n 534 \ \"nodename_file_optional\": true,\n \"log_file_path\": \"c:/cni.log\",\n 535 \ \"log_level\": \"debug\",\n\n \"vxlan_mac_prefix\": \"0E-2A\",\n 536 \ \"vxlan_vni\": 4096,\n \"mtu\": __CNI_MTU__,\n \"policy\": 537 {\n \"type\": \"k8s\"\n },\n\n \"log_level\": \"info\",\n\n 538 \ \"capabilities\": {\"dns\": true},\n \"DNS\": {\n \"Search\": 539 \ [\n \"svc.cluster.local\"\n ]\n },\n\n \"datastore_type\": 540 \"kubernetes\",\n\n \"kubernetes\": {\n \"kubeconfig\": \"__KUBECONFIG_FILEPATH__\"\n 541 \ },\n\n \"ipam\": {\n \"type\": \"calico-ipam\",\n 542 \ \"subnet\": \"usePodCidr\"\n },\n\n \"policies\": 543 \ [\n {\n \"Name\": \"EndpointPolicy\",\n \"Value\": 544 \ {\n \"Type\": \"OutBoundNAT\",\n \"ExceptionList\": 545 \ [\n \"__K8S_SERVICE_CIDR__\"\n ]\n }\n 546 \ },\n {\n \"Name\": \"EndpointPolicy\",\n 547 \ \"Value\": {\n \"Type\": \"SDNROUTE\",\n \"DestinationPrefix\": 548 \ \"__K8S_SERVICE_CIDR__\",\n \"NeedEncap\": true\n }\n 549 \ }\n ]\n }\n ]\n\n }\n---\napiVersion: apps/v1\nkind: 550 DaemonSet\nmetadata:\n name: calico-node-windows\n labels:\n tier: node\n 551 \ app: calico\n namespace: calico-system\nspec:\n selector:\n matchLabels:\n 552 \ app: calico\n template:\n metadata:\n labels:\n tier: node\n 553 \ app: calico\n spec:\n affinity:\n nodeAffinity:\n requiredDuringSchedulingIgnoredDuringExecution:\n 554 \ nodeSelectorTerms:\n - matchExpressions:\n - 555 key: kubernetes.io/os\n operator: In\n values:\n 556 \ - windows\n - key: kubernetes.io/arch\n 557 \ operator: In\n values:\n - 558 amd64\n securityContext:\n windowsOptions:\n hostProcess: 559 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n hostNetwork: 560 true\n serviceAccountName: calico-node\n tolerations:\n - operator: 561 Exists\n effect: NoSchedule\n # Mark the pod as a critical add-on 562 for rescheduling.\n - key: CriticalAddonsOnly\n operator: Exists\n 563 \ - effect: NoExecute\n operator: Exists\n initContainers:\n # 564 This container installs the CNI binaries\n # and CNI network config file 565 on each node.\n - name: install-cni\n image: sigwindowstools/calico-install:v3.26.1-hostprocess\n 566 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/install.ps1\"]\n 567 \ imagePullPolicy: Always\n env:\n # Name of the CNI 568 config file to create.\n - name: CNI_CONF_NAME\n value: 569 \"10-calico.conflist\"\n # The CNI network config to install on each 570 node.\n - name: CNI_NETWORK_CONFIG\n valueFrom:\n configMapKeyRef:\n 571 \ name: calico-config-windows\n key: cni_network_config\n 572 \ # Set the hostname based on the k8s node name.\n - name: 573 KUBERNETES_NODE_NAME\n valueFrom:\n fieldRef:\n fieldPath: 574 spec.nodeName\n # CNI MTU Config variable\n - name: CNI_MTU\n 575 \ valueFrom:\n configMapKeyRef:\n name: 576 calico-config-windows\n key: veth_mtu\n # Prevents 577 the container from sleeping forever.\n - name: SLEEP\n value: 578 \"false\"\n - name: K8S_SERVICE_CIDR\n value: \"10.96.0.0/12\"\n 579 \ volumeMounts:\n - mountPath: /host/opt/cni/bin\n name: 580 cni-bin-dir\n - mountPath: /host/etc/cni/net.d\n name: 581 cni-net-dir\n - name: kubeadm-config\n mountPath: /etc/kubeadm-config/\n 582 \ securityContext:\n windowsOptions:\n hostProcess: 583 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n containers:\n 584 \ - name: calico-node-startup\n image: sigwindowstools/calico-node:v3.26.1-hostprocess\n 585 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/node-service.ps1\"]\n 586 \ workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n imagePullPolicy: 587 Always\n volumeMounts:\n - name: calico-config-windows\n mountPath: 588 /etc/kube-calico-windows/\n env:\n - name: POD_NAME\n valueFrom:\n 589 \ fieldRef:\n apiVersion: v1\n fieldPath: 590 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 591 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 592 name: CNI_IPAM_TYPE\n value: \"calico-ipam\"\n - name: CALICO_NETWORKING_BACKEND\n 593 \ value: \"vxlan\"\n - name: KUBECONFIG\n value: \"C:/etc/cni/net.d/calico-kubeconfig\"\n 594 \ - name: VXLAN_VNI\n value: \"4096\"\n - name: calico-node-felix\n 595 \ image: sigwindowstools/calico-node:v3.26.1-hostprocess\n args: 596 [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/felix-service.ps1\"]\n imagePullPolicy: 597 Always\n workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n volumeMounts:\n 598 \ - name: calico-config-windows\n mountPath: /etc/kube-calico-windows/\n 599 \ - name: calico-static-rules\n mountPath: /calico/static-rules.json\n 600 \ subPath: static-rules.json\n env:\n - name: POD_NAME\n 601 \ valueFrom:\n fieldRef:\n apiVersion: v1\n fieldPath: 602 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 603 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 604 name: VXLAN_VNI\n value: \"4096\"\n - name: KUBECONFIG\n value: 605 \"C:/etc/cni/net.d/calico-kubeconfig\"\n volumes:\n - name: calico-config-windows\n 606 \ configMap:\n name: calico-config-windows\n - name: calico-static-rules\n 607 \ configMap:\n name: calico-static-rules\n # Used to install 608 CNI.\n - name: cni-bin-dir\n hostPath:\n path: /opt/cni/bin\n 609 \ - name: cni-net-dir\n hostPath:\n path: /etc/cni/net.d\n 610 \ - name: kubeadm-config\n configMap:\n name: kubeadm-config\n---\napiVersion: 611 apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n name: ipamconfigs.crd.projectcalico.org\nspec:\n 612 \ group: crd.projectcalico.org\n names:\n kind: IPAMConfig\n listKind: 613 IPAMConfigList\n plural: ipamconfigs\n singular: ipamconfig\n preserveUnknownFields: 614 false\n scope: Cluster\n versions:\n - name: v1\n schema:\n openAPIV3Schema:\n 615 \ properties:\n apiVersion:\n description: 'APIVersion 616 defines the versioned schema of this representation\n of an object. 617 Servers should convert recognized schemas to the latest\n internal 618 value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n 619 \ type: string\n kind:\n description: 'Kind is a 620 string value representing the REST resource this\n object represents. 621 Servers may infer this from the endpoint the client\n submits requests 622 to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n 623 \ type: string\n metadata:\n type: object\n spec:\n 624 \ description: IPAMConfigSpec contains the specification for an IPAMConfig\n 625 \ resource.\n properties:\n autoAllocateBlocks:\n 626 \ type: boolean\n maxBlocksPerHost:\n description: 627 MaxBlocksPerHost, if non-zero, is the max number of blocks\n that 628 can be affine to each host.\n maximum: 2147483647\n minimum: 629 0\n type: integer\n strictAffinity:\n type: 630 boolean\n required:\n - autoAllocateBlocks\n - 631 strictAffinity\n type: object\n type: object\n served: true\n 632 \ storage: true\nstatus:\n acceptedNames:\n kind: \"\"\n plural: \"\"\n 633 \ conditions: []\n storedVersions: []\n" 634 kind: ConfigMap 635 metadata: 636 annotations: 637 note: generated 638 labels: 639 type: generated 640 name: cni-${CLUSTER_NAME}-calico-windows 641 namespace: default 642 --- 643 apiVersion: v1 644 data: 645 csi-proxy: | 646 apiVersion: apps/v1 647 kind: DaemonSet 648 metadata: 649 labels: 650 k8s-app: csi-proxy 651 name: csi-proxy 652 namespace: kube-system 653 spec: 654 selector: 655 matchLabels: 656 k8s-app: csi-proxy 657 template: 658 metadata: 659 labels: 660 k8s-app: csi-proxy 661 spec: 662 nodeSelector: 663 "kubernetes.io/os": windows 664 securityContext: 665 windowsOptions: 666 hostProcess: true 667 runAsUserName: "NT AUTHORITY\\SYSTEM" 668 hostNetwork: true 669 containers: 670 - name: csi-proxy 671 image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 672 kind: ConfigMap 673 metadata: 674 annotations: 675 note: generated 676 labels: 677 type: generated 678 name: csi-proxy-addon 679 namespace: default 680 --- 681 apiVersion: v1 682 data: 683 containerd-windows-logger: | 684 apiVersion: apps/v1 685 kind: DaemonSet 686 metadata: 687 labels: 688 k8s-app: containerd-logger 689 name: containerd-logger 690 namespace: kube-system 691 spec: 692 selector: 693 matchLabels: 694 k8s-app: containerd-logger 695 template: 696 metadata: 697 labels: 698 k8s-app: containerd-logger 699 spec: 700 securityContext: 701 windowsOptions: 702 hostProcess: true 703 runAsUserName: "NT AUTHORITY\\system" 704 hostNetwork: true 705 containers: 706 - image: ghcr.io/kubernetes-sigs/sig-windows/eventflow-logger:v0.1.0 707 args: [ "config.json" ] 708 name: containerd-logger 709 imagePullPolicy: Always 710 volumeMounts: 711 - name: containerd-logger-config 712 mountPath: /config.json 713 subPath: config.json 714 nodeSelector: 715 kubernetes.io/os: windows 716 tolerations: 717 - key: CriticalAddonsOnly 718 operator: Exists 719 - operator: Exists 720 volumes: 721 - configMap: 722 name: containerd-logger-config 723 name: containerd-logger-config 724 updateStrategy: 725 type: RollingUpdate 726 --- 727 kind: ConfigMap 728 apiVersion: v1 729 metadata: 730 name: containerd-logger-config 731 namespace: kube-system 732 data: 733 config.json: | 734 { 735 "inputs": [ 736 { 737 "type": "ETW", 738 "sessionNamePrefix": "containerd", 739 "cleanupOldSessions": true, 740 "reuseExistingSession": true, 741 "providers": [ 742 { 743 "providerName": "Microsoft.Virtualization.RunHCS", 744 "providerGuid": "0B52781F-B24D-5685-DDF6-69830ED40EC3", 745 "level": "Verbose" 746 }, 747 { 748 "providerName": "ContainerD", 749 "providerGuid": "2acb92c0-eb9b-571a-69cf-8f3410f383ad", 750 "level": "Verbose" 751 } 752 ] 753 } 754 ], 755 "filters": [ 756 { 757 "type": "drop", 758 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == Stats && hasnoproperty error" 759 }, 760 { 761 "type": "drop", 762 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == hcsshim::LayerID && hasnoproperty error" 763 }, 764 { 765 "type": "drop", 766 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == hcsshim::NameToGuid && hasnoproperty error" 767 }, 768 { 769 "type": "drop", 770 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == containerd.task.v2.Task.Stats && hasnoproperty error" 771 }, 772 { 773 "type": "drop", 774 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == containerd.task.v2.Task.State && hasnoproperty error" 775 }, 776 { 777 "type": "drop", 778 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == HcsGetProcessProperties && hasnoproperty error" 779 }, 780 { 781 "type": "drop", 782 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == HcsGetComputeSystemProperties && hasnoproperty error" 783 } 784 ], 785 "outputs": [ 786 { 787 "type": "StdOutput" 788 } 789 ], 790 "schemaVersion": "2016-08-11" 791 } 792 kind: ConfigMap 793 metadata: 794 annotations: 795 note: generated 796 labels: 797 type: generated 798 name: containerd-logger-${CLUSTER_NAME} 799 namespace: default