sigs.k8s.io/cluster-api-provider-azure@v1.17.0/templates/test/ci/cluster-template-prow-machine-pool.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 cloud-provider: ${CLOUD_PROVIDER_AZURE_LABEL:=azure} 6 cni: calico 7 cni-windows: ${CLUSTER_NAME}-calico 8 containerd-logger: enabled 9 csi-proxy: enabled 10 windows: enabled 11 name: ${CLUSTER_NAME} 12 namespace: default 13 spec: 14 clusterNetwork: 15 pods: 16 cidrBlocks: 17 - 192.168.0.0/16 18 controlPlaneRef: 19 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 20 kind: KubeadmControlPlane 21 name: ${CLUSTER_NAME}-control-plane 22 infrastructureRef: 23 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 24 kind: AzureCluster 25 name: ${CLUSTER_NAME} 26 --- 27 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 28 kind: AzureCluster 29 metadata: 30 name: ${CLUSTER_NAME} 31 namespace: default 32 spec: 33 additionalTags: 34 buildProvenance: ${BUILD_PROVENANCE} 35 creationTimestamp: ${TIMESTAMP} 36 jobName: ${JOB_NAME} 37 identityRef: 38 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 39 kind: AzureClusterIdentity 40 name: ${CLUSTER_IDENTITY_NAME} 41 location: ${AZURE_LOCATION} 42 networkSpec: 43 subnets: 44 - name: control-plane-subnet 45 role: control-plane 46 - name: node-subnet 47 role: node 48 vnet: 49 name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} 50 resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} 51 subscriptionID: ${AZURE_SUBSCRIPTION_ID} 52 --- 53 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 54 kind: KubeadmControlPlane 55 metadata: 56 name: ${CLUSTER_NAME}-control-plane 57 namespace: default 58 spec: 59 kubeadmConfigSpec: 60 clusterConfiguration: 61 apiServer: 62 extraArgs: 63 cloud-provider: external 64 timeoutForControlPlane: 20m 65 controllerManager: 66 extraArgs: 67 allocate-node-cidrs: "false" 68 cloud-provider: external 69 cluster-name: ${CLUSTER_NAME} 70 v: "4" 71 etcd: 72 local: 73 dataDir: /var/lib/etcddisk/etcd 74 extraArgs: 75 quota-backend-bytes: "8589934592" 76 diskSetup: 77 filesystems: 78 - device: /dev/disk/azure/scsi1/lun0 79 extraOpts: 80 - -E 81 - lazy_itable_init=1,lazy_journal_init=1 82 filesystem: ext4 83 label: etcd_disk 84 - device: ephemeral0.1 85 filesystem: ext4 86 label: ephemeral0 87 replaceFS: ntfs 88 partitions: 89 - device: /dev/disk/azure/scsi1/lun0 90 layout: true 91 overwrite: false 92 tableType: gpt 93 files: 94 - contentFrom: 95 secret: 96 key: control-plane-azure.json 97 name: ${CLUSTER_NAME}-control-plane-azure-json 98 owner: root:root 99 path: /etc/kubernetes/azure.json 100 permissions: "0644" 101 initConfiguration: 102 nodeRegistration: 103 kubeletExtraArgs: 104 cloud-provider: external 105 name: '{{ ds.meta_data["local_hostname"] }}' 106 joinConfiguration: 107 nodeRegistration: 108 kubeletExtraArgs: 109 cloud-provider: external 110 name: '{{ ds.meta_data["local_hostname"] }}' 111 mounts: 112 - - LABEL=etcd_disk 113 - /var/lib/etcddisk 114 postKubeadmCommands: [] 115 preKubeadmCommands: [] 116 machineTemplate: 117 infrastructureRef: 118 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 119 kind: AzureMachineTemplate 120 name: ${CLUSTER_NAME}-control-plane 121 replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} 122 version: ${KUBERNETES_VERSION} 123 --- 124 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 125 kind: AzureMachineTemplate 126 metadata: 127 name: ${CLUSTER_NAME}-control-plane 128 namespace: default 129 spec: 130 template: 131 spec: 132 dataDisks: 133 - diskSizeGB: 256 134 lun: 0 135 nameSuffix: etcddisk 136 identity: UserAssigned 137 osDisk: 138 diskSizeGB: 128 139 osType: Linux 140 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 141 userAssignedIdentities: 142 - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity} 143 vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} 144 --- 145 apiVersion: cluster.x-k8s.io/v1beta1 146 kind: MachinePool 147 metadata: 148 name: ${CLUSTER_NAME}-mp-0 149 namespace: default 150 spec: 151 clusterName: ${CLUSTER_NAME} 152 replicas: ${WORKER_MACHINE_COUNT:=2} 153 template: 154 spec: 155 bootstrap: 156 configRef: 157 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 158 kind: KubeadmConfig 159 name: ${CLUSTER_NAME}-mp-0 160 clusterName: ${CLUSTER_NAME} 161 infrastructureRef: 162 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 163 kind: AzureMachinePool 164 name: ${CLUSTER_NAME}-mp-0 165 version: ${KUBERNETES_VERSION} 166 --- 167 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 168 kind: AzureMachinePool 169 metadata: 170 name: ${CLUSTER_NAME}-mp-0 171 namespace: default 172 spec: 173 location: ${AZURE_LOCATION} 174 strategy: 175 rollingUpdate: 176 deletePolicy: Oldest 177 maxSurge: 25% 178 maxUnavailable: 1 179 type: RollingUpdate 180 template: 181 osDisk: 182 diskSizeGB: 30 183 managedDisk: 184 storageAccountType: Premium_LRS 185 osType: Linux 186 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 187 vmExtensions: 188 - name: CustomScript 189 protectedSettings: 190 commandToExecute: | 191 #!/bin/sh 192 echo "This script is a no-op used for extension testing purposes ..." 193 touch test_file 194 publisher: Microsoft.Azure.Extensions 195 version: "2.1" 196 vmSize: ${AZURE_NODE_MACHINE_TYPE} 197 --- 198 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 199 kind: KubeadmConfig 200 metadata: 201 name: ${CLUSTER_NAME}-mp-0 202 namespace: default 203 spec: 204 files: 205 - contentFrom: 206 secret: 207 key: worker-node-azure.json 208 name: ${CLUSTER_NAME}-mp-0-azure-json 209 owner: root:root 210 path: /etc/kubernetes/azure.json 211 permissions: "0644" 212 joinConfiguration: 213 nodeRegistration: 214 kubeletExtraArgs: 215 cloud-provider: external 216 name: '{{ ds.meta_data["local_hostname"] }}' 217 --- 218 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 219 kind: AzureClusterIdentity 220 metadata: 221 labels: 222 clusterctl.cluster.x-k8s.io/move-hierarchy: "true" 223 name: ${CLUSTER_IDENTITY_NAME} 224 namespace: default 225 spec: 226 allowedNamespaces: {} 227 clientID: ${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY} 228 tenantID: ${AZURE_TENANT_ID} 229 type: ${CLUSTER_IDENTITY_TYPE:=WorkloadIdentity} 230 --- 231 apiVersion: cluster.x-k8s.io/v1beta1 232 kind: MachinePool 233 metadata: 234 name: ${CLUSTER_NAME}-mp-win 235 namespace: default 236 spec: 237 clusterName: ${CLUSTER_NAME} 238 replicas: ${WINDOWS_WORKER_MACHINE_COUNT:-0} 239 template: 240 spec: 241 bootstrap: 242 configRef: 243 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 244 kind: KubeadmConfig 245 name: ${CLUSTER_NAME}-mp-win 246 clusterName: ${CLUSTER_NAME} 247 infrastructureRef: 248 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 249 kind: AzureMachinePool 250 name: ${CLUSTER_NAME}-mp-win 251 version: ${KUBERNETES_VERSION} 252 --- 253 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 254 kind: AzureMachinePool 255 metadata: 256 annotations: 257 runtime: containerd 258 windowsServerVersion: ${WINDOWS_SERVER_VERSION:=""} 259 name: ${CLUSTER_NAME}-mp-win 260 namespace: default 261 spec: 262 location: ${AZURE_LOCATION} 263 template: 264 osDisk: 265 diskSizeGB: 128 266 managedDisk: 267 storageAccountType: Premium_LRS 268 osType: Windows 269 sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} 270 vmSize: ${AZURE_NODE_MACHINE_TYPE} 271 --- 272 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 273 kind: KubeadmConfig 274 metadata: 275 name: ${CLUSTER_NAME}-mp-win 276 namespace: default 277 spec: 278 files: 279 - contentFrom: 280 secret: 281 key: worker-node-azure.json 282 name: ${CLUSTER_NAME}-mp-win-azure-json 283 owner: root:root 284 path: c:/k/azure.json 285 permissions: "0644" 286 - content: Add-MpPreference -ExclusionProcess C:/opt/cni/bin/calico.exe 287 path: C:/defender-exclude-calico.ps1 288 permissions: "0744" 289 joinConfiguration: 290 nodeRegistration: 291 criSocket: npipe:////./pipe/containerd-containerd 292 kubeletExtraArgs: 293 cloud-provider: external 294 pod-infra-container-image: mcr.microsoft.com/oss/kubernetes/pause:3.9 295 name: '{{ ds.meta_data["local_hostname"] }}' 296 postKubeadmCommands: 297 - nssm set kubelet start SERVICE_AUTO_START 298 - powershell C:/defender-exclude-calico.ps1 299 preKubeadmCommands: 300 - powershell c:/create-external-network.ps1 301 users: 302 - groups: Administrators 303 name: capi 304 sshAuthorizedKeys: 305 - ${AZURE_SSH_PUBLIC_KEY:=""} 306 --- 307 apiVersion: addons.cluster.x-k8s.io/v1beta1 308 kind: ClusterResourceSet 309 metadata: 310 name: ${CLUSTER_NAME}-calico-windows 311 namespace: default 312 spec: 313 clusterSelector: 314 matchLabels: 315 cni-windows: ${CLUSTER_NAME}-calico 316 resources: 317 - kind: ConfigMap 318 name: cni-${CLUSTER_NAME}-calico-windows 319 strategy: ApplyOnce 320 --- 321 apiVersion: addons.cluster.x-k8s.io/v1beta1 322 kind: ClusterResourceSet 323 metadata: 324 name: csi-proxy 325 namespace: default 326 spec: 327 clusterSelector: 328 matchLabels: 329 csi-proxy: enabled 330 resources: 331 - kind: ConfigMap 332 name: csi-proxy-addon 333 strategy: ApplyOnce 334 --- 335 apiVersion: addons.cluster.x-k8s.io/v1beta1 336 kind: ClusterResourceSet 337 metadata: 338 name: containerd-logger-${CLUSTER_NAME} 339 namespace: default 340 spec: 341 clusterSelector: 342 matchLabels: 343 containerd-logger: enabled 344 resources: 345 - kind: ConfigMap 346 name: containerd-logger-${CLUSTER_NAME} 347 strategy: ApplyOnce 348 --- 349 apiVersion: addons.cluster.x-k8s.io/v1alpha1 350 kind: HelmChartProxy 351 metadata: 352 name: calico 353 namespace: default 354 spec: 355 chartName: tigera-operator 356 clusterSelector: 357 matchLabels: 358 cni: calico 359 namespace: tigera-operator 360 releaseName: projectcalico 361 repoURL: https://docs.tigera.io/calico/charts 362 valuesTemplate: |- 363 installation: 364 cni: 365 type: Calico 366 calicoNetwork: 367 bgp: Disabled 368 mtu: 1350 369 ipPools: 370 ipPools:{{range $i, $cidr := .Cluster.spec.clusterNetwork.pods.cidrBlocks }} 371 - cidr: {{ $cidr }} 372 encapsulation: VXLAN{{end}} 373 registry: mcr.microsoft.com/oss 374 # Image and registry configuration for the tigera/operator pod. 375 tigeraOperator: 376 image: tigera/operator 377 registry: mcr.microsoft.com/oss 378 calicoctl: 379 image: mcr.microsoft.com/oss/calico/ctl 380 version: ${CALICO_VERSION} 381 --- 382 apiVersion: addons.cluster.x-k8s.io/v1alpha1 383 kind: HelmChartProxy 384 metadata: 385 name: azuredisk-csi-driver-chart 386 namespace: default 387 spec: 388 chartName: azuredisk-csi-driver 389 clusterSelector: 390 matchLabels: 391 azuredisk-csi: "true" 392 namespace: kube-system 393 releaseName: azuredisk-csi-driver-oot 394 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts 395 valuesTemplate: |- 396 controller: 397 replicas: 1 398 runOnControlPlane: true 399 windows: 400 useHostProcessContainers: {{ hasKey .Cluster.metadata.labels "cni-windows" }} 401 --- 402 apiVersion: addons.cluster.x-k8s.io/v1alpha1 403 kind: HelmChartProxy 404 metadata: 405 name: cloud-provider-azure-chart 406 namespace: default 407 spec: 408 chartName: cloud-provider-azure 409 clusterSelector: 410 matchLabels: 411 cloud-provider: azure 412 releaseName: cloud-provider-azure-oot 413 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 414 valuesTemplate: | 415 infra: 416 clusterName: {{ .Cluster.metadata.name }} 417 cloudControllerManager: 418 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 419 logVerbosity: 4 420 --- 421 apiVersion: addons.cluster.x-k8s.io/v1alpha1 422 kind: HelmChartProxy 423 metadata: 424 name: cloud-provider-azure-chart-ci 425 namespace: default 426 spec: 427 chartName: cloud-provider-azure 428 clusterSelector: 429 matchLabels: 430 cloud-provider: azure-ci 431 releaseName: cloud-provider-azure-oot 432 repoURL: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo 433 valuesTemplate: | 434 infra: 435 clusterName: {{ .Cluster.metadata.name }} 436 cloudControllerManager: 437 cloudConfig: ${CLOUD_CONFIG:-"/etc/kubernetes/azure.json"} 438 cloudConfigSecretName: ${CONFIG_SECRET_NAME:-""} 439 clusterCIDR: {{ .Cluster.spec.clusterNetwork.pods.cidrBlocks | join "," }} 440 imageName: "${CCM_IMAGE_NAME:-""}" 441 imageRepository: "${IMAGE_REGISTRY:-""}" 442 imageTag: "${IMAGE_TAG_CCM:-""}" 443 logVerbosity: ${CCM_LOG_VERBOSITY:-4} 444 replicas: ${CCM_COUNT:-1} 445 enableDynamicReloading: ${ENABLE_DYNAMIC_RELOADING:-false} 446 cloudNodeManager: 447 imageName: "${CNM_IMAGE_NAME:-""}" 448 imageRepository: "${IMAGE_REGISTRY:-""}" 449 imageTag: "${IMAGE_TAG_CNM:-""}" 450 --- 451 apiVersion: v1 452 data: 453 proxy: | 454 apiVersion: apps/v1 455 kind: DaemonSet 456 metadata: 457 labels: 458 k8s-app: kube-proxy 459 name: kube-proxy-windows 460 namespace: kube-system 461 spec: 462 selector: 463 matchLabels: 464 k8s-app: kube-proxy-windows 465 template: 466 metadata: 467 labels: 468 k8s-app: kube-proxy-windows 469 spec: 470 serviceAccountName: kube-proxy 471 securityContext: 472 windowsOptions: 473 hostProcess: true 474 runAsUserName: "NT AUTHORITY\\system" 475 hostNetwork: true 476 containers: 477 - image: sigwindowstools/kube-proxy:${KUBERNETES_VERSION/+/_}-calico-hostprocess 478 args: ["$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/start.ps1"] 479 workingDir: "$env:CONTAINER_SANDBOX_MOUNT_POINT/kube-proxy/" 480 name: kube-proxy 481 env: 482 - name: NODE_NAME 483 valueFrom: 484 fieldRef: 485 apiVersion: v1 486 fieldPath: spec.nodeName 487 - name: POD_IP 488 valueFrom: 489 fieldRef: 490 fieldPath: status.podIP 491 - name: KUBEPROXY_PATH 492 valueFrom: 493 configMapKeyRef: 494 name: windows-kubeproxy-ci 495 key: KUBEPROXY_PATH 496 optional: true 497 volumeMounts: 498 - mountPath: /var/lib/kube-proxy 499 name: kube-proxy 500 nodeSelector: 501 kubernetes.io/os: windows 502 tolerations: 503 - key: CriticalAddonsOnly 504 operator: Exists 505 - operator: Exists 506 volumes: 507 - configMap: 508 name: kube-proxy 509 name: kube-proxy 510 updateStrategy: 511 type: RollingUpdate 512 windows-cni: "# strictAffinity required for windows\napiVersion: crd.projectcalico.org/v1\nkind: 513 IPAMConfig\nmetadata:\n name: default\nspec:\n autoAllocateBlocks: true\n strictAffinity: 514 true\n---\nkind: ConfigMap\napiVersion: v1\nmetadata:\n name: calico-static-rules\n 515 \ namespace: calico-system\n labels:\n tier: node\n app: calico\ndata:\n 516 \ static-rules.json: |\n {\n \"Provider\": \"azure\",\n \"Version\": 517 \"0.1\",\n \"Rules\": [\n {\n \"Name\": \"EndpointPolicy\",\n 518 \ \"Rule\": {\n \"Id\": \"wireserver\",\n \"Type\": 519 \"ACL\",\n \"Protocol\": 6,\n \"Action\": \"Block\",\n 520 \ \"Direction\": \"Out\",\n \"RemoteAddresses\": \"168.63.129.16/32\",\n 521 \ \"RemotePorts\": \"80\",\n \"Priority\": 200,\n \"RuleType\": 522 \"Switch\"\n }\n }\n ]\n } \n---\nkind: ConfigMap\napiVersion: 523 v1\nmetadata:\n name: calico-config-windows\n namespace: calico-system\n labels:\n 524 \ tier: node\n app: calico\ndata:\n veth_mtu: \"1350\"\n \n cni_network_config: 525 |\n {\n \"name\": \"Calico\",\n \"cniVersion\": \"0.3.1\",\n \"plugins\": 526 [\n {\n \"windows_use_single_network\": true,\n \"type\": 527 \"calico\",\n \"mode\": \"vxlan\",\n \"nodename\": \"__KUBERNETES_NODE_NAME__\",\n 528 \ \"nodename_file_optional\": true,\n \"log_file_path\": \"c:/cni.log\",\n 529 \ \"log_level\": \"debug\",\n\n \"vxlan_mac_prefix\": \"0E-2A\",\n 530 \ \"vxlan_vni\": 4096,\n \"mtu\": __CNI_MTU__,\n \"policy\": 531 {\n \"type\": \"k8s\"\n },\n\n \"log_level\": \"info\",\n\n 532 \ \"capabilities\": {\"dns\": true},\n \"DNS\": {\n \"Search\": 533 \ [\n \"svc.cluster.local\"\n ]\n },\n\n \"datastore_type\": 534 \"kubernetes\",\n\n \"kubernetes\": {\n \"kubeconfig\": \"__KUBECONFIG_FILEPATH__\"\n 535 \ },\n\n \"ipam\": {\n \"type\": \"calico-ipam\",\n 536 \ \"subnet\": \"usePodCidr\"\n },\n\n \"policies\": 537 \ [\n {\n \"Name\": \"EndpointPolicy\",\n \"Value\": 538 \ {\n \"Type\": \"OutBoundNAT\",\n \"ExceptionList\": 539 \ [\n \"__K8S_SERVICE_CIDR__\"\n ]\n }\n 540 \ },\n {\n \"Name\": \"EndpointPolicy\",\n 541 \ \"Value\": {\n \"Type\": \"SDNROUTE\",\n \"DestinationPrefix\": 542 \ \"__K8S_SERVICE_CIDR__\",\n \"NeedEncap\": true\n }\n 543 \ }\n ]\n }\n ]\n\n }\n---\napiVersion: apps/v1\nkind: 544 DaemonSet\nmetadata:\n name: calico-node-windows\n labels:\n tier: node\n 545 \ app: calico\n namespace: calico-system\nspec:\n selector:\n matchLabels:\n 546 \ app: calico\n template:\n metadata:\n labels:\n tier: node\n 547 \ app: calico\n spec:\n affinity:\n nodeAffinity:\n requiredDuringSchedulingIgnoredDuringExecution:\n 548 \ nodeSelectorTerms:\n - matchExpressions:\n - 549 key: kubernetes.io/os\n operator: In\n values:\n 550 \ - windows\n - key: kubernetes.io/arch\n 551 \ operator: In\n values:\n - 552 amd64\n securityContext:\n windowsOptions:\n hostProcess: 553 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n hostNetwork: 554 true\n serviceAccountName: calico-node\n tolerations:\n - operator: 555 Exists\n effect: NoSchedule\n # Mark the pod as a critical add-on 556 for rescheduling.\n - key: CriticalAddonsOnly\n operator: Exists\n 557 \ - effect: NoExecute\n operator: Exists\n initContainers:\n # 558 This container installs the CNI binaries\n # and CNI network config file 559 on each node.\n - name: install-cni\n image: sigwindowstools/calico-install:v3.26.1-hostprocess\n 560 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/install.ps1\"]\n 561 \ imagePullPolicy: Always\n env:\n # Name of the CNI 562 config file to create.\n - name: CNI_CONF_NAME\n value: 563 \"10-calico.conflist\"\n # The CNI network config to install on each 564 node.\n - name: CNI_NETWORK_CONFIG\n valueFrom:\n configMapKeyRef:\n 565 \ name: calico-config-windows\n key: cni_network_config\n 566 \ # Set the hostname based on the k8s node name.\n - name: 567 KUBERNETES_NODE_NAME\n valueFrom:\n fieldRef:\n fieldPath: 568 spec.nodeName\n # CNI MTU Config variable\n - name: CNI_MTU\n 569 \ valueFrom:\n configMapKeyRef:\n name: 570 calico-config-windows\n key: veth_mtu\n # Prevents 571 the container from sleeping forever.\n - name: SLEEP\n value: 572 \"false\"\n - name: K8S_SERVICE_CIDR\n value: \"10.96.0.0/12\"\n 573 \ volumeMounts:\n - mountPath: /host/opt/cni/bin\n name: 574 cni-bin-dir\n - mountPath: /host/etc/cni/net.d\n name: 575 cni-net-dir\n - name: kubeadm-config\n mountPath: /etc/kubeadm-config/\n 576 \ securityContext:\n windowsOptions:\n hostProcess: 577 true\n runAsUserName: \"NT AUTHORITY\\\\system\"\n containers:\n 578 \ - name: calico-node-startup\n image: sigwindowstools/calico-node:v3.26.1-hostprocess\n 579 \ args: [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/node-service.ps1\"]\n 580 \ workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n imagePullPolicy: 581 Always\n volumeMounts:\n - name: calico-config-windows\n mountPath: 582 /etc/kube-calico-windows/\n env:\n - name: POD_NAME\n valueFrom:\n 583 \ fieldRef:\n apiVersion: v1\n fieldPath: 584 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 585 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 586 name: CNI_IPAM_TYPE\n value: \"calico-ipam\"\n - name: CALICO_NETWORKING_BACKEND\n 587 \ value: \"vxlan\"\n - name: KUBECONFIG\n value: \"C:/etc/cni/net.d/calico-kubeconfig\"\n 588 \ - name: VXLAN_VNI\n value: \"4096\"\n - name: calico-node-felix\n 589 \ image: sigwindowstools/calico-node:v3.26.1-hostprocess\n args: 590 [\"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/felix-service.ps1\"]\n imagePullPolicy: 591 Always\n workingDir: \"$env:CONTAINER_SANDBOX_MOUNT_POINT/calico/\"\n volumeMounts:\n 592 \ - name: calico-config-windows\n mountPath: /etc/kube-calico-windows/\n 593 \ - name: calico-static-rules\n mountPath: /calico/static-rules.json\n 594 \ subPath: static-rules.json\n env:\n - name: POD_NAME\n 595 \ valueFrom:\n fieldRef:\n apiVersion: v1\n fieldPath: 596 metadata.name\n - name: POD_NAMESPACE\n valueFrom:\n fieldRef:\n 597 \ apiVersion: v1\n fieldPath: metadata.namespace\n - 598 name: VXLAN_VNI\n value: \"4096\"\n - name: KUBECONFIG\n value: 599 \"C:/etc/cni/net.d/calico-kubeconfig\"\n volumes:\n - name: calico-config-windows\n 600 \ configMap:\n name: calico-config-windows\n - name: calico-static-rules\n 601 \ configMap:\n name: calico-static-rules\n # Used to install 602 CNI.\n - name: cni-bin-dir\n hostPath:\n path: /opt/cni/bin\n 603 \ - name: cni-net-dir\n hostPath:\n path: /etc/cni/net.d\n 604 \ - name: kubeadm-config\n configMap:\n name: kubeadm-config\n---\napiVersion: 605 apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n name: ipamconfigs.crd.projectcalico.org\nspec:\n 606 \ group: crd.projectcalico.org\n names:\n kind: IPAMConfig\n listKind: 607 IPAMConfigList\n plural: ipamconfigs\n singular: ipamconfig\n preserveUnknownFields: 608 false\n scope: Cluster\n versions:\n - name: v1\n schema:\n openAPIV3Schema:\n 609 \ properties:\n apiVersion:\n description: 'APIVersion 610 defines the versioned schema of this representation\n of an object. 611 Servers should convert recognized schemas to the latest\n internal 612 value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n 613 \ type: string\n kind:\n description: 'Kind is a 614 string value representing the REST resource this\n object represents. 615 Servers may infer this from the endpoint the client\n submits requests 616 to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n 617 \ type: string\n metadata:\n type: object\n spec:\n 618 \ description: IPAMConfigSpec contains the specification for an IPAMConfig\n 619 \ resource.\n properties:\n autoAllocateBlocks:\n 620 \ type: boolean\n maxBlocksPerHost:\n description: 621 MaxBlocksPerHost, if non-zero, is the max number of blocks\n that 622 can be affine to each host.\n maximum: 2147483647\n minimum: 623 0\n type: integer\n strictAffinity:\n type: 624 boolean\n required:\n - autoAllocateBlocks\n - 625 strictAffinity\n type: object\n type: object\n served: true\n 626 \ storage: true\nstatus:\n acceptedNames:\n kind: \"\"\n plural: \"\"\n 627 \ conditions: []\n storedVersions: []\n" 628 kind: ConfigMap 629 metadata: 630 annotations: 631 note: generated 632 labels: 633 type: generated 634 name: cni-${CLUSTER_NAME}-calico-windows 635 namespace: default 636 --- 637 apiVersion: v1 638 data: 639 csi-proxy: | 640 apiVersion: apps/v1 641 kind: DaemonSet 642 metadata: 643 labels: 644 k8s-app: csi-proxy 645 name: csi-proxy 646 namespace: kube-system 647 spec: 648 selector: 649 matchLabels: 650 k8s-app: csi-proxy 651 template: 652 metadata: 653 labels: 654 k8s-app: csi-proxy 655 spec: 656 nodeSelector: 657 "kubernetes.io/os": windows 658 securityContext: 659 windowsOptions: 660 hostProcess: true 661 runAsUserName: "NT AUTHORITY\\SYSTEM" 662 hostNetwork: true 663 containers: 664 - name: csi-proxy 665 image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 666 kind: ConfigMap 667 metadata: 668 annotations: 669 note: generated 670 labels: 671 type: generated 672 name: csi-proxy-addon 673 namespace: default 674 --- 675 apiVersion: v1 676 data: 677 containerd-windows-logger: | 678 apiVersion: apps/v1 679 kind: DaemonSet 680 metadata: 681 labels: 682 k8s-app: containerd-logger 683 name: containerd-logger 684 namespace: kube-system 685 spec: 686 selector: 687 matchLabels: 688 k8s-app: containerd-logger 689 template: 690 metadata: 691 labels: 692 k8s-app: containerd-logger 693 spec: 694 securityContext: 695 windowsOptions: 696 hostProcess: true 697 runAsUserName: "NT AUTHORITY\\system" 698 hostNetwork: true 699 containers: 700 - image: ghcr.io/kubernetes-sigs/sig-windows/eventflow-logger:v0.1.0 701 args: [ "config.json" ] 702 name: containerd-logger 703 imagePullPolicy: Always 704 volumeMounts: 705 - name: containerd-logger-config 706 mountPath: /config.json 707 subPath: config.json 708 nodeSelector: 709 kubernetes.io/os: windows 710 tolerations: 711 - key: CriticalAddonsOnly 712 operator: Exists 713 - operator: Exists 714 volumes: 715 - configMap: 716 name: containerd-logger-config 717 name: containerd-logger-config 718 updateStrategy: 719 type: RollingUpdate 720 --- 721 kind: ConfigMap 722 apiVersion: v1 723 metadata: 724 name: containerd-logger-config 725 namespace: kube-system 726 data: 727 config.json: | 728 { 729 "inputs": [ 730 { 731 "type": "ETW", 732 "sessionNamePrefix": "containerd", 733 "cleanupOldSessions": true, 734 "reuseExistingSession": true, 735 "providers": [ 736 { 737 "providerName": "Microsoft.Virtualization.RunHCS", 738 "providerGuid": "0B52781F-B24D-5685-DDF6-69830ED40EC3", 739 "level": "Verbose" 740 }, 741 { 742 "providerName": "ContainerD", 743 "providerGuid": "2acb92c0-eb9b-571a-69cf-8f3410f383ad", 744 "level": "Verbose" 745 } 746 ] 747 } 748 ], 749 "filters": [ 750 { 751 "type": "drop", 752 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == Stats && hasnoproperty error" 753 }, 754 { 755 "type": "drop", 756 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == hcsshim::LayerID && hasnoproperty error" 757 }, 758 { 759 "type": "drop", 760 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == hcsshim::NameToGuid && hasnoproperty error" 761 }, 762 { 763 "type": "drop", 764 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == containerd.task.v2.Task.Stats && hasnoproperty error" 765 }, 766 { 767 "type": "drop", 768 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == containerd.task.v2.Task.State && hasnoproperty error" 769 }, 770 { 771 "type": "drop", 772 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == HcsGetProcessProperties && hasnoproperty error" 773 }, 774 { 775 "type": "drop", 776 "include": "ProviderName == Microsoft.Virtualization.RunHCS && name == HcsGetComputeSystemProperties && hasnoproperty error" 777 } 778 ], 779 "outputs": [ 780 { 781 "type": "StdOutput" 782 } 783 ], 784 "schemaVersion": "2016-08-11" 785 } 786 kind: ConfigMap 787 metadata: 788 annotations: 789 note: generated 790 labels: 791 type: generated 792 name: containerd-logger-${CLUSTER_NAME} 793 namespace: default