Documentation
¶
Overview ¶
+k8s:deepcopy-gen=package,register +groupName=karpenter.hypershift.openshift.io +k8s:openapi-gen=true
Index ¶
- Constants
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type BlockDevice
- type BlockDeviceMapping
- type CapacityReservation
- type CapacityReservationSelectorTerm
- type CapacityReservationState
- type CapacityReservationType
- type DeleteOnTerminationPolicy
- type EncryptionState
- type EvictionThreshold
- type IPAddressAssociation
- type InstanceMatchCriteria
- type InstanceStorePolicy
- type KubeletConfiguration
- func (in *KubeletConfiguration) DeepCopy() *KubeletConfiguration
- func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration)
- func (k KubeletConfiguration) HasTypedFields() bool
- func (k KubeletConfiguration) IsZero() bool
- func (k KubeletConfiguration) MarshalJSON() ([]byte, error)
- func (k *KubeletConfiguration) UnmarshalJSON(data []byte) error
- type MetadataAccess
- type MetadataHTTPProtocol
- type MetadataHTTPTokensState
- type MetadataOptions
- type MonitoringState
- type OpenshiftEC2NodeClass
- type OpenshiftEC2NodeClassList
- type OpenshiftEC2NodeClassSpec
- type OpenshiftEC2NodeClassStatus
- type RootVolumeDesignation
- type SecurityGroup
- type SecurityGroupSelectorTerm
- type Subnet
- type SubnetSelectorTerm
- type VolumeType
Constants ¶
const ( // KarpenterCoreE2EOverrideAnnotation is an annotation to be applied to a HostedCluster that allows // overriding the default behavior of the Karpenter Operator for upstream Karpenter core E2E testing purposes. KarpenterCoreE2EOverrideAnnotation = "hypershift.openshift.io/karpenter-core-e2e-override" // KarpenterProviderAWSImage overrides the Karpenter AWS provider image to use for // a HostedControlPlane with AutoNode enabled. KarpenterProviderAWSImage = "hypershift.openshift.io/karpenter-provider-aws-image" // TokenSecretNodePoolAnnotation is used to annotate the Karpenter token secret with its hyperv1.NodePool namespaced name. TokenSecretNodePoolAnnotation = "hypershift.openshift.io/nodePool" // UserDataAMILabel is a label set in the userData secret generated for karpenter instances. UserDataAMILabel = "hypershift.openshift.io/ami" // ConditionTypeReady is the top-level readiness condition for the OpenshiftEC2NodeClass. // It is computed atomically by the EC2 node class controller, combining the upstream // EC2NodeClass readiness with the VersionResolved condition status. ConditionTypeReady = "Ready" // ConditionTypeVersionResolved indicates whether the spec.version was successfully resolved to a release image. ConditionTypeVersionResolved = "VersionResolved" // ConditionTypeSupportedVersionSkew signals whether the NodeClass spec.version falls within the // supported skew policy relative to the HostedControlPlane version. // NodeClass version cannot be higher than the HostedControlPlane version. // For 4.y versions, all versions support up to 3 minor version differences (n-3). // When false, the NodeClass will continue operating but there are no compatibility guarantees. ConditionTypeSupportedVersionSkew = "SupportedVersionSkew" // ConditionReasonVersionNotSpecified indicates that no spec.version was set, // so the NodeClass uses the control plane release image. ConditionReasonVersionNotSpecified = "VersionNotSpecified" // ConditionReasonVersionResolved indicates that spec.version was successfully // resolved to a release image via Cincinnati. ConditionReasonVersionResolved = "VersionResolved" // ConditionReasonResolutionFailed indicates that spec.version could not be // resolved to a release image. ConditionReasonResolutionFailed = "ResolutionFailed" // ConditionReasonUnsupportedSkew indicates that the NodeClass spec.version // falls outside the supported version skew policy relative to the control plane. ConditionReasonUnsupportedSkew = "UnsupportedSkew" // ConditionReasonAsExpected indicates that the version skew is within the // supported policy. ConditionReasonAsExpected = "AsExpected" )
Variables ¶
var ( SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: "karpenter.hypershift.openshift.io", Version: "v1"}
SchemeGroupVersion is group version used to register these objects.
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource.
Types ¶
type BlockDevice ¶
type BlockDevice struct {
// deleteOnTermination indicates whether the EBS volume is deleted on instance termination.
// +optional
DeleteOnTermination DeleteOnTerminationPolicy `json:"deleteOnTermination,omitempty"`
// encrypted indicates whether the EBS volume is encrypted. Encrypted volumes can only
// be attached to instances that support Amazon EBS encryption. If you are creating
// a volume from a snapshot, you can't specify an encryption value.
// +optional
Encrypted EncryptionState `json:"encrypted,omitempty"`
// iops is the number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes,
// this represents the number of IOPS that are provisioned for the volume. For
// gp2 volumes, this represents the baseline performance of the volume and the
// rate at which the volume accumulates I/O credits for bursting.
//
// The following are the supported values for each volume type:
//
// * gp3: 3,000-16,000 IOPS
//
// * io1: 100-64,000 IOPS
//
// * io2: 100-64,000 IOPS
//
// For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built
// on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
// Other instance families guarantee performance up to 32,000 IOPS.
//
// This parameter is supported for io1, io2, and gp3 volumes only. This parameter
// is not supported for gp2, st1, sc1, or standard volumes.
// +optional
IOPS *int64 `json:"iops,omitempty"`
// kmsKeyID is the ARN of the symmetric Key Management Service (KMS) CMK used for encryption.
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
KMSKeyID string `json:"kmsKeyID,omitempty"`
// snapshotID is the ID of an EBS snapshot.
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
SnapshotID string `json:"snapshotID,omitempty"`
// throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
// Valid Range: Minimum value of 125. Maximum value of 1000.
// +optional
Throughput *int64 `json:"throughput,omitempty"`
// volumeSizeGiB is the size of the volume in GiB. You must specify either a snapshot ID or
// a volume size. The following are the supported volume sizes for each volume type:
//
// * gp2 and gp3: 1-16,384
//
// * io1 and io2: 4-16,384
//
// * st1 and sc1: 125-16,384
//
// * standard: 1-1,024
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65536
// +optional
VolumeSizeGiB int64 `json:"volumeSizeGiB,omitempty"`
// volumeType is the type of the block device.
// For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
// in the Amazon Elastic Compute Cloud User Guide.
// +optional
VolumeType VolumeType `json:"volumeType,omitempty"`
}
+kubebuilder:validation:MinProperties=1
func (*BlockDevice) DeepCopy ¶
func (in *BlockDevice) DeepCopy() *BlockDevice
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockDevice.
func (*BlockDevice) DeepCopyInto ¶
func (in *BlockDevice) DeepCopyInto(out *BlockDevice)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BlockDeviceMapping ¶
type BlockDeviceMapping struct {
// deviceName is the device name (for example, /dev/sdh or xvdh).
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
DeviceName string `json:"deviceName,omitempty"`
// ebs contains parameters used to automatically set up EBS volumes when an instance is launched.
// +kubebuilder:validation:XValidation:message="snapshotID or volumeSizeGiB must be defined",rule="has(self.snapshotID) || has(self.volumeSizeGiB)"
// +optional
EBS BlockDevice `json:"ebs,omitempty,omitzero"`
// rootVolume indicates whether this device is mounted as kubelet root dir. You can
// configure at most one root volume in BlockDeviceMappings.
// +optional
RootVolume RootVolumeDesignation `json:"rootVolume,omitempty"`
}
BlockDeviceMapping defines a block device mapping for a node. +kubebuilder:validation:MinProperties=1
func (*BlockDeviceMapping) DeepCopy ¶
func (in *BlockDeviceMapping) DeepCopy() *BlockDeviceMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockDeviceMapping.
func (*BlockDeviceMapping) DeepCopyInto ¶
func (in *BlockDeviceMapping) DeepCopyInto(out *BlockDeviceMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservation ¶
type CapacityReservation struct {
// availabilityZone is the availability zone the capacity reservation is available in.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=64
AvailabilityZone string `json:"availabilityZone,omitempty"`
// endTime is the time at which the capacity reservation expires. Once expired, the reserved capacity is released and Karpenter
// will no longer be able to launch instances into that reservation.
// +optional
EndTime metav1.Time `json:"endTime,omitempty,omitzero"`
// id is the id for the capacity reservation.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
ID string `json:"id,omitempty"`
// instanceMatchCriteria indicates the type of instance launches the capacity reservation accepts.
// +required
InstanceMatchCriteria InstanceMatchCriteria `json:"instanceMatchCriteria,omitempty"`
// instanceType is the instance type for the capacity reservation.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
InstanceType string `json:"instanceType,omitempty"`
// ownerID is the ID of the AWS account that owns the capacity reservation.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=12
OwnerID string `json:"ownerID,omitempty"`
// reservationType is the type of capacity reservation.
// +optional
ReservationType CapacityReservationType `json:"reservationType,omitempty"`
// state is the state of the capacity reservation.
// +optional
State CapacityReservationState `json:"state,omitempty"`
}
CapacityReservation contains resolved CapacityReservation selector values utilized for node launch
func (*CapacityReservation) DeepCopy ¶
func (in *CapacityReservation) DeepCopy() *CapacityReservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservation.
func (*CapacityReservation) DeepCopyInto ¶
func (in *CapacityReservation) DeepCopyInto(out *CapacityReservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservationSelectorTerm ¶
type CapacityReservationSelectorTerm struct {
// tags is a map of key/value tags used to select capacity reservations.
// Specifying '*' for a value selects all values for a given tag key.
// +kubebuilder:validation:XValidation:message="empty tag keys or values aren't supported",rule="self.all(k, k != ” && self[k] != ”)"
// +kubebuilder:validation:MaxProperties:=20
// +kubebuilder:validation:MinProperties=1
// +optional
Tags map[string]string `json:"tags,omitempty"`
// id is the capacity reservation id in EC2.
// +kubebuilder:validation:XValidation:rule="self.matches('^cr-[0-9a-z]+$')",message="id must match the pattern cr-[0-9a-z]+"
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +optional
ID string `json:"id,omitempty"`
// ownerID is the owner account id for the capacity reservation.
// +kubebuilder:validation:XValidation:rule="self.matches('^[0-9]{12}$')",message="ownerID must be a 12-digit AWS account ID"
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=12
// +optional
OwnerID string `json:"ownerID,omitempty"`
// instanceMatchCriteria filters capacity reservations by how they match instances.
// When set to "Open", only selects reservations that any instance with matching
// attributes (instance type, platform, Availability Zone) can use automatically.
// When set to "Targeted", only selects reservations that require instances to
// explicitly target them by ID.
// When omitted, selects both Open and Targeted reservations (no filtering on this attribute).
// +optional
InstanceMatchCriteria InstanceMatchCriteria `json:"instanceMatchCriteria,omitempty"`
}
CapacityReservationSelectorTerm defines selection logic for a capacity reservation used by Karpenter to launch nodes. If multiple fields are used for selection, the requirements are ANDed. +kubebuilder:validation:MinProperties=1
func (*CapacityReservationSelectorTerm) DeepCopy ¶
func (in *CapacityReservationSelectorTerm) DeepCopy() *CapacityReservationSelectorTerm
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservationSelectorTerm.
func (*CapacityReservationSelectorTerm) DeepCopyInto ¶
func (in *CapacityReservationSelectorTerm) DeepCopyInto(out *CapacityReservationSelectorTerm)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservationState ¶
type CapacityReservationState string
CapacityReservationState is the state of a capacity reservation. +kubebuilder:validation:Enum=Active;Expiring
const ( // CapacityReservationStateActive indicates the capacity reservation is active. CapacityReservationStateActive CapacityReservationState = "Active" // CapacityReservationStateExpiring indicates the capacity reservation is within // the EC2 reclamation window. Only capacity-block reservations may be in this state. CapacityReservationStateExpiring CapacityReservationState = "Expiring" )
type CapacityReservationType ¶
type CapacityReservationType string
CapacityReservationType is the type of capacity reservation. +kubebuilder:validation:Enum=Default;CapacityBlock
const ( // CapacityReservationTypeDefault is a standard on-demand capacity reservation. CapacityReservationTypeDefault CapacityReservationType = "Default" // CapacityReservationTypeCapacityBlock is a capacity block reservation. CapacityReservationTypeCapacityBlock CapacityReservationType = "CapacityBlock" )
type DeleteOnTerminationPolicy ¶
type DeleteOnTerminationPolicy string
DeleteOnTerminationPolicy controls whether an EBS volume is deleted on instance termination. +kubebuilder:validation:Enum=Delete;Retain
const ( // DeleteOnTerminationPolicyDelete deletes the EBS volume when the instance terminates. DeleteOnTerminationPolicyDelete DeleteOnTerminationPolicy = "Delete" // DeleteOnTerminationPolicyRetain retains the EBS volume when the instance terminates. DeleteOnTerminationPolicyRetain DeleteOnTerminationPolicy = "Retain" )
type EncryptionState ¶
type EncryptionState string
EncryptionState controls whether an EBS volume is encrypted. +kubebuilder:validation:Enum=Encrypted;Unencrypted
const ( // EncryptionStateEncrypted indicates the EBS volume is encrypted. EncryptionStateEncrypted EncryptionState = "Encrypted" // EncryptionStateUnencrypted indicates the EBS volume is not encrypted. EncryptionStateUnencrypted EncryptionState = "Unencrypted" )
type EvictionThreshold ¶
type EvictionThreshold string
EvictionThreshold is a threshold value for a kubelet eviction signal. Values are either a percentage (e.g. "10%") or a Kubernetes quantity (e.g. "100Mi"). +kubebuilder:validation:MaxLength=64
type IPAddressAssociation ¶
type IPAddressAssociation string
IPAddressAssociation controls IP address assignment for instances. +kubebuilder:validation:Enum=Public;SubnetDefault
const ( // IPAddressAssociationPublic assigns public IP addresses to instances, allowing direct internet access. IPAddressAssociationPublic IPAddressAssociation = "Public" // IPAddressAssociationSubnetDefault defers IP address assignment to the subnet configuration. IPAddressAssociationSubnetDefault IPAddressAssociation = "SubnetDefault" )
type InstanceMatchCriteria ¶
type InstanceMatchCriteria string
InstanceMatchCriteria specifies how instances are matched to capacity reservations. +kubebuilder:validation:Enum=Open;Targeted
const ( // InstanceMatchCriteriaOpen indicates instances with matching attributes run in // the capacity reservation automatically. InstanceMatchCriteriaOpen InstanceMatchCriteria = "Open" // InstanceMatchCriteriaTargeted indicates instances must explicitly target the // capacity reservation by ID. InstanceMatchCriteriaTargeted InstanceMatchCriteria = "Targeted" )
type InstanceStorePolicy ¶
type InstanceStorePolicy string
InstanceStorePolicy enumerates options for configuring instance store disks. +kubebuilder:validation:Enum={RAID0}
const ( // InstanceStorePolicyRAID0 configures a RAID-0 array that includes all ephemeral NVMe instance storage disks. // The containerd and kubelet state directories (`/var/lib/containerd` and `/var/lib/kubelet`) will then use the // ephemeral storage for more and faster node ephemeral-storage. The node's ephemeral storage can be shared among // pods that request ephemeral storage and container images that are downloaded to the node. InstanceStorePolicyRAID0 InstanceStorePolicy = "RAID0" )
type KubeletConfiguration ¶
type KubeletConfiguration struct {
// maxPods is the maximum number of pods that can run on a node.
// The value must be between 1 and 2500, inclusive.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2500
// +optional
MaxPods int32 `json:"maxPods,omitempty"`
// podsPerCore is the maximum number of pods per core. The value must be between 1 and 2500,
// inclusive, and cannot exceed maxPods when both are set.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2500
// +optional
PodsPerCore int32 `json:"podsPerCore,omitempty"`
// systemReserved is a set of ResourceName=ResourceQuantity pairs that describe
// resources reserved for non-kubernetes components.
// Currently only cpu, memory, ephemeral-storage, and pid are supported.
// +kubebuilder:validation:XValidation:message="valid keys for systemReserved are ['cpu','memory','ephemeral-storage','pid']",rule="self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')"
// +kubebuilder:validation:XValidation:message="systemReserved value cannot be a negative resource quantity",rule="self.all(x, !self[x].startsWith('-'))"
// +kubebuilder:validation:XValidation:message="systemReserved values must not be empty",rule="self.all(x, self[x].size() > 0)"
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=20
// +optional
SystemReserved map[string]string `json:"systemReserved,omitempty"`
// kubeReserved is a set of ResourceName=ResourceQuantity pairs that describe
// resources reserved for kubernetes system components.
// Currently only cpu, memory, ephemeral-storage, and pid are supported.
// +kubebuilder:validation:XValidation:message="valid keys for kubeReserved are ['cpu','memory','ephemeral-storage','pid']",rule="self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')"
// +kubebuilder:validation:XValidation:message="kubeReserved value cannot be a negative resource quantity",rule="self.all(x, !self[x].startsWith('-'))"
// +kubebuilder:validation:XValidation:message="kubeReserved values must not be empty",rule="self.all(x, self[x].size() > 0)"
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=20
// +optional
KubeReserved map[string]string `json:"kubeReserved,omitempty"`
// evictionHard is a map of signal names to quantities that defines hard eviction thresholds.
// +kubebuilder:validation:XValidation:message="valid keys for evictionHard are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']",rule="self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])"
// +kubebuilder:validation:XValidation:message="evictionHard values must not be empty",rule="self.all(x, self[x].size() > 0)"
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=20
// +optional
EvictionHard map[string]EvictionThreshold `json:"evictionHard,omitempty"`
// evictionSoft is a map of signal names to quantities that defines soft eviction thresholds.
// +kubebuilder:validation:XValidation:message="valid keys for evictionSoft are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']",rule="self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])"
// +kubebuilder:validation:XValidation:message="evictionSoft values must not be empty",rule="self.all(x, self[x].size() > 0)"
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=20
// +optional
EvictionSoft map[string]EvictionThreshold `json:"evictionSoft,omitempty"`
// evictionSoftGracePeriod is a map of signal names to quantities that defines grace periods
// for each soft eviction signal.
// +kubebuilder:validation:XValidation:message="valid keys for evictionSoftGracePeriod are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']",rule="self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])"
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=20
// +optional
EvictionSoftGracePeriod map[string]string `json:"evictionSoftGracePeriod,omitempty"`
// evictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use
// when terminating pods in response to soft eviction thresholds.
// +optional
EvictionMaxPodGracePeriod *int32 `json:"evictionMaxPodGracePeriod,omitempty"`
// imageGCHighThresholdPercent is the percent of disk usage which triggers image garbage collection.
// The value must be between 0 and 100, inclusive, and must be greater than imageGCLowThresholdPercent when both are set.
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=100
// +optional
ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty"`
// imageGCLowThresholdPercent is the percent of disk usage to which image garbage collection attempts to free.
// The value must be between 0 and 100, inclusive, and must be less than imageGCHighThresholdPercent when both are set.
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=100
// +optional
ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty"`
// cpuCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits.
// +optional
CPUCFSQuota *bool `json:"cpuCFSQuota,omitempty"`
// Overflow holds additional kubelet configuration fields not explicitly defined above.
// These fields are preserved during serialization and deserialization, allowing arbitrary
// kubelet configuration to pass through to the node's ignition/MachineConfig.
Overflow runtime.RawExtension `json:"-"`
}
KubeletConfiguration configures kubelet settings for nodes provisioned by this NodeClass. These settings are injected into the node's ignition configuration via MachineConfig. The fields listed below are validated at admission time. Additional kubelet configuration fields beyond those listed here are also accepted and will be passed through to the node's kubelet configuration without validation. Overflow fields bypass all CRD validation; invalid overflow values will cause node bootstrap failures (kubelet crash loop) rather than admission errors. When graduating new fields from overflow to typed fields, match upstream kubelet's field names and types exactly. See api/AGENTS.md "KubeletConfiguration Field Graduation" for the full strategy. +kubebuilder:pruning:PreserveUnknownFields +kubebuilder:validation:XValidation:rule="!has(self.imageGCHighThresholdPercent) || !has(self.imageGCLowThresholdPercent) || self.imageGCHighThresholdPercent > self.imageGCLowThresholdPercent",message="imageGCHighThresholdPercent must be greater than imageGCLowThresholdPercent" +kubebuilder:validation:XValidation:rule="!has(self.podsPerCore) || !has(self.maxPods) || self.podsPerCore <= self.maxPods",message="podsPerCore must not exceed maxPods" +kubebuilder:validation:XValidation:rule="!has(self.evictionSoft) || (has(self.evictionSoftGracePeriod) && self.evictionSoft.all(e, e in self.evictionSoftGracePeriod))",message="evictionSoft entry does not have a matching evictionSoftGracePeriod" +kubebuilder:validation:XValidation:rule="!has(self.evictionSoftGracePeriod) || (has(self.evictionSoft) && self.evictionSoftGracePeriod.all(e, e in self.evictionSoft))",message="evictionSoftGracePeriod entry does not have a matching evictionSoft" +kubebuilder:validation:XValidation:rule="!has(self.evictionHard) || !has(self.evictionSoft) || self.evictionHard.all(key, !(key in self.evictionSoft) || ((self.evictionSoft[key].endsWith('%') && self.evictionHard[key].endsWith('%')) ? (self.evictionSoft[key].size() <= 1 || self.evictionHard[key].size() <= 1 || double(self.evictionSoft[key].substring(0, self.evictionSoft[key].size() - 1)) >= double(self.evictionHard[key].substring(0, self.evictionHard[key].size() - 1))) : (!(isQuantity(self.evictionSoft[key]) && isQuantity(self.evictionHard[key])) || quantity(self.evictionSoft[key]).compareTo(quantity(self.evictionHard[key])) >= 0)))",message="evictionSoft threshold must be greater than or equal to evictionHard threshold for the same signal (soft eviction should fire before hard)"
func (*KubeletConfiguration) DeepCopy ¶
func (in *KubeletConfiguration) DeepCopy() *KubeletConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeletConfiguration.
func (*KubeletConfiguration) DeepCopyInto ¶
func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (KubeletConfiguration) HasTypedFields ¶
func (k KubeletConfiguration) HasTypedFields() bool
HasTypedFields reports whether any explicitly defined struct fields are set. This is used by IsZero, but is separate so we can differentiate the zero case from "only overflow fields set". This must be kept in sync with the typed fields in KubeletConfiguration.
func (KubeletConfiguration) IsZero ¶
func (k KubeletConfiguration) IsZero() bool
IsZero reports whether the KubeletConfiguration is empty (no typed fields set and no overflow fields). This is used by the omitzero JSON tag to determine whether the field should be omitted during serialization.
func (KubeletConfiguration) MarshalJSON ¶
func (k KubeletConfiguration) MarshalJSON() ([]byte, error)
MarshalJSON implements custom JSON marshaling for KubeletConfiguration. It serializes the known typed fields and merges any overflow fields back in.
func (*KubeletConfiguration) UnmarshalJSON ¶
func (k *KubeletConfiguration) UnmarshalJSON(data []byte) error
UnmarshalJSON implements custom JSON unmarshaling for KubeletConfiguration. It deserializes known fields into the struct and captures all additional fields into the overflow map for pass-through.
type MetadataAccess ¶
type MetadataAccess string
MetadataAccess specifies how the instance metadata endpoint is accessed on provisioned nodes. +kubebuilder:validation:Enum=HTTPEndpoint;None
const ( // MetadataAccessHTTPEndpoint enables access to instance metadata via the HTTP endpoint. MetadataAccessHTTPEndpoint MetadataAccess = "HTTPEndpoint" // MetadataAccessNone disables access to instance metadata. MetadataAccessNone MetadataAccess = "None" )
type MetadataHTTPProtocol ¶
type MetadataHTTPProtocol string
MetadataHTTPProtocol specifies the IP protocol version for the instance metadata service endpoint. +kubebuilder:validation:Enum=IPv4;IPv6
const ( // MetadataHTTPProtocolIPv4 uses the IPv4 endpoint for the instance metadata service. MetadataHTTPProtocolIPv4 MetadataHTTPProtocol = "IPv4" // MetadataHTTPProtocolIPv6 uses the IPv6 endpoint for the instance metadata service. MetadataHTTPProtocolIPv6 MetadataHTTPProtocol = "IPv6" )
type MetadataHTTPTokensState ¶
type MetadataHTTPTokensState string
MetadataHTTPTokensState determines the state of token usage for instance metadata requests. +kubebuilder:validation:Enum=Required;Optional
const ( // MetadataHTTPTokensStateRequired requires a signed token header for metadata requests (IMDSv2). MetadataHTTPTokensStateRequired MetadataHTTPTokensState = "Required" // MetadataHTTPTokensStateOptional allows metadata retrieval with or without a token (IMDSv1/v2). MetadataHTTPTokensStateOptional MetadataHTTPTokensState = "Optional" )
type MetadataOptions ¶
type MetadataOptions struct {
// access specifies how the instance metadata endpoint is accessed on
// provisioned nodes. Valid values are "HTTPEndpoint" and "None".
// When set to "HTTPEndpoint", the instance metadata service is accessible
// via the HTTP endpoint. When set to "None", instance metadata is not
// accessible on the node.
// When omitted, the platform defaults to HTTP endpoint access.
// +optional
Access MetadataAccess `json:"access,omitempty"`
// httpIPProtocol specifies the IP protocol version for the instance metadata
// service endpoint on provisioned nodes. Valid values are "IPv4" and "IPv6".
// When set to "IPv4", the metadata endpoint uses the IPv4 protocol.
// When set to "IPv6", the metadata endpoint uses the IPv6 protocol.
// When omitted, the platform defaults to IPv4.
// +optional
HTTPIPProtocol MetadataHTTPProtocol `json:"httpIPProtocol,omitempty"`
// httpPutResponseHopLimit is the desired HTTP PUT response hop limit for
// instance metadata requests. Possible values are integers from 1 to 64.
// A value of 1 restricts IMDS access to the EC2 instance only, preventing
// pods from reaching it. A value of 2 allows pods to access IMDS through
// the container network bridge. Values above 2 are for advanced networking
// scenarios such as nested virtualization.
// When omitted, the platform defaults to a hop limit of 1.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=64
// +optional
HTTPPutResponseHopLimit int64 `json:"httpPutResponseHopLimit,omitempty"`
// httpTokens determines the state of token usage for instance metadata
// requests. Valid values are "Required" and "Optional".
// When set to "Required", a signed token header (IMDSv2) must be used for
// all metadata requests. When set to "Optional", metadata can be retrieved
// with or without a token (IMDSv1/v2).
// When omitted, the platform defaults to requiring tokens (IMDSv2).
// +optional
HTTPTokens MetadataHTTPTokensState `json:"httpTokens,omitempty"`
}
MetadataOptions contains parameters for specifying the exposure of the Instance Metadata Service to provisioned EC2 nodes. When omitted, the platform preserves control over default behaviour which is subject to change over time. Currently defaults to HTTP endpoint access with IPv4, a hop limit of 1, and required tokens (IMDSv2). +kubebuilder:validation:MinProperties=1
func (*MetadataOptions) DeepCopy ¶
func (in *MetadataOptions) DeepCopy() *MetadataOptions
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataOptions.
func (*MetadataOptions) DeepCopyInto ¶
func (in *MetadataOptions) DeepCopyInto(out *MetadataOptions)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MonitoringState ¶
type MonitoringState string
MonitoringState controls the monitoring level for instances. For more information, see Basic monitoring and detailed monitoring (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-basic-detailed.html). +kubebuilder:validation:Enum=Detailed;Basic
const ( // MonitoringStateDetailed enables detailed monitoring for instances. MonitoringStateDetailed MonitoringState = "Detailed" // MonitoringStateBasic enables basic monitoring for instances. MonitoringStateBasic MonitoringState = "Basic" )
type OpenshiftEC2NodeClass ¶
type OpenshiftEC2NodeClass struct {
metav1.TypeMeta `json:",inline"`
// metadata is the standard object metadata.
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
// spec defines the desired state of the OpenshiftEC2NodeClass.
// +required
Spec OpenshiftEC2NodeClassSpec `json:"spec,omitzero"`
// status defines the observed state of the OpenshiftEC2NodeClass.
// +optional
Status OpenshiftEC2NodeClassStatus `json:"status,omitempty,omitzero"`
}
+genclient +kubebuilder:object:root=true +kubebuilder:resource:path=openshiftec2nodeclasses,shortName=oec2nc;oec2ncs,scope=Cluster +kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.conditions[?(@.type==\"Ready\")].status",description="" +kubebuilder:subresource:status +kubebuilder:storageversion OpenshiftEC2NodeClass defines the desired state of OpenshiftEC2NodeClass.
func (*OpenshiftEC2NodeClass) DeepCopy ¶
func (in *OpenshiftEC2NodeClass) DeepCopy() *OpenshiftEC2NodeClass
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenshiftEC2NodeClass.
func (*OpenshiftEC2NodeClass) DeepCopyInto ¶
func (in *OpenshiftEC2NodeClass) DeepCopyInto(out *OpenshiftEC2NodeClass)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OpenshiftEC2NodeClass) DeepCopyObject ¶
func (in *OpenshiftEC2NodeClass) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type OpenshiftEC2NodeClassList ¶
type OpenshiftEC2NodeClassList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []OpenshiftEC2NodeClass `json:"items"`
}
+kubebuilder:object:root=true OpenshiftEC2NodeClassList contains a list of OpenshiftEC2NodeClass.
func (*OpenshiftEC2NodeClassList) DeepCopy ¶
func (in *OpenshiftEC2NodeClassList) DeepCopy() *OpenshiftEC2NodeClassList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenshiftEC2NodeClassList.
func (*OpenshiftEC2NodeClassList) DeepCopyInto ¶
func (in *OpenshiftEC2NodeClassList) DeepCopyInto(out *OpenshiftEC2NodeClassList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OpenshiftEC2NodeClassList) DeepCopyObject ¶
func (in *OpenshiftEC2NodeClassList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type OpenshiftEC2NodeClassSpec ¶
type OpenshiftEC2NodeClassSpec struct {
// subnetSelectorTerms is a list of or subnet selector terms. The terms are ORed.
// +kubebuilder:validation:XValidation:message="subnetSelectorTerms cannot be empty",rule="self.size() != 0"
// +kubebuilder:validation:XValidation:message="expected at least one, got none, ['tags', 'id']",rule="self.all(x, has(x.tags) || has(x.id))"
// +kubebuilder:validation:XValidation:message="'id' is mutually exclusive, cannot be set with a combination of other fields in subnetSelectorTerms",rule="!self.all(x, has(x.id) && has(x.tags))"
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems:=30
// +listType=atomic
// +optional
SubnetSelectorTerms []SubnetSelectorTerm `json:"subnetSelectorTerms,omitempty"`
// securityGroupSelectorTerms is a list of or security group selector terms. The terms are ORed.
// +kubebuilder:validation:XValidation:message="securityGroupSelectorTerms cannot be empty",rule="self.size() != 0"
// +kubebuilder:validation:XValidation:message="expected at least one, got none, ['tags', 'id', 'name']",rule="self.all(x, has(x.tags) || has(x.id) || has(x.name))"
// +kubebuilder:validation:XValidation:message="'id' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms",rule="!self.all(x, has(x.id) && (has(x.tags) || has(x.name)))"
// +kubebuilder:validation:XValidation:message="'name' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms",rule="!self.all(x, has(x.name) && (has(x.tags) || has(x.id)))"
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems:=30
// +listType=atomic
// +optional
SecurityGroupSelectorTerms []SecurityGroupSelectorTerm `json:"securityGroupSelectorTerms,omitempty"`
// capacityReservationSelectorTerms is a list of capacity reservation selector terms. The terms are ORed.
// Each term must specify at least one of: tags, id, ownerID, or instanceMatchCriteria.
// The id field is mutually exclusive and cannot be combined with tags, ownerID, or instanceMatchCriteria
// within the same term.
// +kubebuilder:validation:XValidation:message="expected at least one, got none, ['tags', 'id', 'ownerID', 'instanceMatchCriteria']",rule="self.all(x, has(x.tags) || has(x.id) || has(x.ownerID) || has(x.instanceMatchCriteria))"
// +kubebuilder:validation:XValidation:message="'id' is mutually exclusive, cannot be set along with other fields in a capacity reservation selector term",rule="!self.all(x, has(x.id) && (has(x.tags) || has(x.ownerID) || has(x.instanceMatchCriteria)))"
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems:=30
// +listType=atomic
// +optional
CapacityReservationSelectorTerms []CapacityReservationSelectorTerm `json:"capacityReservationSelectorTerms,omitempty"`
// ipAddressAssociation controls the IP address assignment for instances launched with the nodeclass.
// Valid values are:
// - "Public": assigns public IP addresses to instances, allowing direct internet access.
// - "SubnetDefault": defers IP address assignment to the subnet configuration.
// When unset, the cloud provider's subnet default behavior is used.
// +optional
IPAddressAssociation IPAddressAssociation `json:"ipAddressAssociation,omitempty"`
// tags to be applied on ec2 resources like instances and launch templates.
// +kubebuilder:validation:XValidation:message="empty tag keys aren't supported",rule="self.all(k, k != ”)"
// +kubebuilder:validation:XValidation:message="tag contains a restricted tag matching eks:eks-cluster-name",rule="self.all(k, k !='eks:eks-cluster-name')"
// +kubebuilder:validation:XValidation:message="tag contains a restricted tag matching kubernetes.io/cluster/",rule="self.all(k, !k.startsWith('kubernetes.io/cluster') )"
// +kubebuilder:validation:XValidation:message="tag contains a restricted tag matching karpenter.sh/nodepool",rule="self.all(k, k != 'karpenter.sh/nodepool')"
// +kubebuilder:validation:XValidation:message="tag contains a restricted tag matching karpenter.sh/nodeclaim",rule="self.all(k, k !='karpenter.sh/nodeclaim')"
// +kubebuilder:validation:XValidation:message="tag contains a restricted tag matching karpenter.k8s.aws/ec2nodeclass",rule="self.all(k, k !='karpenter.k8s.aws/ec2nodeclass')"
// +kubebuilder:validation:MinProperties=1
// +optional
Tags map[string]string `json:"tags,omitempty"`
// blockDeviceMappings to be applied to provisioned nodes.
// For OpenShift nodes, a default root volume size of 120Gi and type gp3 is set if no blockDeviceMapping overrides are specified.
// +kubebuilder:validation:XValidation:message="must have only one blockDeviceMappings with rootVolume",rule="self.filter(x, has(x.rootVolume)?x.rootVolume=='RootVolume':false).size() <= 1"
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems:=50
// +listType=atomic
// +optional
BlockDeviceMappings []BlockDeviceMapping `json:"blockDeviceMappings,omitempty"`
// instanceStorePolicy specifies how to handle instance-store disks.
// +optional
InstanceStorePolicy InstanceStorePolicy `json:"instanceStorePolicy,omitempty"`
// monitoring controls the monitoring level for instances that are launched.
// For more information, see Basic monitoring and detailed monitoring
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-basic-detailed.html).
// Valid values are:
// - "Detailed": enables detailed monitoring.
// - "Basic": enables basic monitoring.
// When unset, the cloud provider's default basic monitoring behavior is used.
// +optional
Monitoring MonitoringState `json:"monitoring,omitempty"`
// metadataOptions contains parameters for specifying the exposure of the
// Instance Metadata Service to provisioned EC2 nodes.
// When omitted, the platform preserves control over default behaviour
// which is subject to change over time. Currently defaults to access
// HTTPEndpoint, httpIPProtocol IPv4, httpPutResponseHopLimit of 1,
// and httpTokens Required (IMDSv2).
// +optional
MetadataOptions MetadataOptions `json:"metadataOptions,omitzero"`
// version is an OpenShift version (e.g., "4.20.1") specifying the release version
// for nodes managed by this NodeClass. When set, the controller resolves this to a
// release image via the Cincinnati graph API. When not set, nodes use the control plane's
// release image.
// +kubebuilder:validation:XValidation:rule="self.matches('^(0|[1-9]\\\\d*)\\\\.(0|[1-9]\\\\d*)\\\\.(0|[1-9]\\\\d*)(?:-((?:0|[1-9]\\\\d*|\\\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\\\.(?:0|[1-9]\\\\d*|\\\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\\\+([0-9a-zA-Z-]+(?:\\\\.[0-9a-zA-Z-]+)*))?$')",message="version must be a valid semantic version (e.g., 4.20.1)"
// +kubebuilder:validation:MinLength=5
// +kubebuilder:validation:MaxLength=64
// +optional
Version string `json:"version,omitempty"`
// kubelet configures kubelet settings for nodes provisioned by this NodeClass.
// These settings are injected into the node's ignition configuration via MachineConfig.
// +optional
Kubelet KubeletConfiguration `json:"kubelet,omitzero"`
}
OpenshiftEC2NodeClassSpec defines the desired state of ClusterSizingConfiguration This will contain configuration necessary to launch instances in AWS. +kubebuilder:validation:MinProperties=1
func (*OpenshiftEC2NodeClassSpec) DeepCopy ¶
func (in *OpenshiftEC2NodeClassSpec) DeepCopy() *OpenshiftEC2NodeClassSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenshiftEC2NodeClassSpec.
func (*OpenshiftEC2NodeClassSpec) DeepCopyInto ¶
func (in *OpenshiftEC2NodeClassSpec) DeepCopyInto(out *OpenshiftEC2NodeClassSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OpenshiftEC2NodeClassStatus ¶
type OpenshiftEC2NodeClassStatus struct {
// conditions contains signals for health and readiness.
// +optional
// +listType=map
// +listMapKey=type
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=100
Conditions []metav1.Condition `json:"conditions,omitempty"`
// subnets contains the current Subnet values that are available to the
// cluster under the subnet selectors.
// +optional
// +listType=atomic
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=100
Subnets []Subnet `json:"subnets,omitempty"`
// securityGroups contains the current Security Groups values that are available to the
// cluster under the SecurityGroups selectors.
// +optional
// +listType=atomic
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=100
SecurityGroups []SecurityGroup `json:"securityGroups,omitempty"`
// releaseImage is the fully qualified release image resolved either from spec.version, or inherited from
// the HostedControlPlane's spec.ReleaseImage.
// Of the format "quay.io/openshift-release-dev/ocp-release@sha256:<digest>".
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=512
ReleaseImage string `json:"releaseImage,omitempty"`
// version is the resolved OpenShift version corresponding to the status.releaseImage.
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=64
Version string `json:"version,omitempty"`
// capacityReservations contains the current Capacity Reservation values that are available to the
// cluster under the capacityReservationSelectorTerms.
// +optional
// +listType=atomic
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=100
CapacityReservations []CapacityReservation `json:"capacityReservations,omitempty"`
}
OpenshiftEC2NodeClassStatus defines the observed state of OpenshiftEC2NodeClass. +kubebuilder:validation:MinProperties=1
func (*OpenshiftEC2NodeClassStatus) DeepCopy ¶
func (in *OpenshiftEC2NodeClassStatus) DeepCopy() *OpenshiftEC2NodeClassStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenshiftEC2NodeClassStatus.
func (*OpenshiftEC2NodeClassStatus) DeepCopyInto ¶
func (in *OpenshiftEC2NodeClassStatus) DeepCopyInto(out *OpenshiftEC2NodeClassStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RootVolumeDesignation ¶
type RootVolumeDesignation string
RootVolumeDesignation indicates whether a device is mounted as the kubelet root directory. +kubebuilder:validation:Enum=RootVolume;NotRootVolume
const ( // RootVolumeDesignationRootVolume indicates the device is mounted as kubelet root dir. RootVolumeDesignationRootVolume RootVolumeDesignation = "RootVolume" // RootVolumeDesignationNotRootVolume indicates the device is not the kubelet root dir. RootVolumeDesignationNotRootVolume RootVolumeDesignation = "NotRootVolume" )
type SecurityGroup ¶
type SecurityGroup struct {
// id is the ID of the security group.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
ID string `json:"id,omitempty"`
// name is the name of the security group.
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
Name string `json:"name,omitempty"`
}
SecurityGroup contains resolved SecurityGroup selector values utilized for node launch
func (*SecurityGroup) DeepCopy ¶
func (in *SecurityGroup) DeepCopy() *SecurityGroup
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityGroup.
func (*SecurityGroup) DeepCopyInto ¶
func (in *SecurityGroup) DeepCopyInto(out *SecurityGroup)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecurityGroupSelectorTerm ¶
type SecurityGroupSelectorTerm struct {
// tags is a map of key/value tags used to select security groups.
// Specifying '*' for a value selects all values for a given tag key.
// The expected format is {"key1": "value1", "key2": "*"}.
// +kubebuilder:validation:XValidation:message="empty tag keys or values aren't supported",rule="self.all(k, k != ” && self[k] != ”)"
// +kubebuilder:validation:MaxProperties:=20
// +kubebuilder:validation:MinProperties=1
// +optional
Tags map[string]string `json:"tags,omitempty"`
// id is the security group id in EC2.
// The expected format is "sg-" followed by alphanumeric characters, e.g. "sg-0a1b2c3d4e5f".
// +kubebuilder:validation:XValidation:rule="self.matches('^sg-[0-9a-z]+$')",message="id must match the pattern sg-[0-9a-z]+"
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +optional
ID string `json:"id,omitempty"`
// name is the security group name in EC2.
// This value is the name field, which is different from the name tag.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +optional
Name string `json:"name,omitempty"`
}
SecurityGroupSelectorTerm defines selection logic for a security group used by Karpenter to launch nodes. If multiple fields are used for selection, the requirements are ANDed. +kubebuilder:validation:MinProperties=1
func (*SecurityGroupSelectorTerm) DeepCopy ¶
func (in *SecurityGroupSelectorTerm) DeepCopy() *SecurityGroupSelectorTerm
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityGroupSelectorTerm.
func (*SecurityGroupSelectorTerm) DeepCopyInto ¶
func (in *SecurityGroupSelectorTerm) DeepCopyInto(out *SecurityGroupSelectorTerm)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Subnet ¶
type Subnet struct {
// id is the ID of the subnet.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
ID string `json:"id,omitempty"`
// zone is the associated availability zone.
// +required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
Zone string `json:"zone,omitempty"`
// zoneID is the associated availability zone ID.
// +optional
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
ZoneID string `json:"zoneID,omitempty"`
}
Subnet contains resolved Subnet selector values utilized for node launch
func (*Subnet) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subnet.
func (*Subnet) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SubnetSelectorTerm ¶
type SubnetSelectorTerm struct {
// tags is a map of key/value tags used to select subnets.
// Specifying '*' for a value selects all values for a given tag key.
// The expected format is {"key1": "value1", "key2": "*"}.
// +kubebuilder:validation:XValidation:message="empty tag keys or values aren't supported",rule="self.all(k, k != ” && self[k] != ”)"
// +kubebuilder:validation:MaxProperties:=20
// +kubebuilder:validation:MinProperties=1
// +optional
Tags map[string]string `json:"tags,omitempty"`
// id is the subnet id in EC2.
// The expected format is "subnet-" followed by alphanumeric characters, e.g. "subnet-0a1b2c3d4e5f".
// +kubebuilder:validation:XValidation:rule="self.matches('^subnet-[0-9a-z]+$')",message="id must match the pattern subnet-[0-9a-z]+"
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +optional
ID string `json:"id,omitempty"`
}
SubnetSelectorTerm defines selection logic for a subnet used by Karpenter to launch nodes. If multiple fields are used for selection, the requirements are ANDed. +kubebuilder:validation:MinProperties=1
func (*SubnetSelectorTerm) DeepCopy ¶
func (in *SubnetSelectorTerm) DeepCopy() *SubnetSelectorTerm
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubnetSelectorTerm.
func (*SubnetSelectorTerm) DeepCopyInto ¶
func (in *SubnetSelectorTerm) DeepCopyInto(out *SubnetSelectorTerm)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VolumeType ¶
type VolumeType string
VolumeType is the type of an EBS block device. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html). +kubebuilder:validation:Enum=Standard;IO1;IO2;GP2;SC1;ST1;GP3
const ( // VolumeTypeStandard is a previous generation magnetic volume. VolumeTypeStandard VolumeType = "Standard" // VolumeTypeIO1 is a provisioned IOPS SSD volume. VolumeTypeIO1 VolumeType = "IO1" // VolumeTypeIO2 is a provisioned IOPS SSD volume (latest generation). VolumeTypeIO2 VolumeType = "IO2" // VolumeTypeGP2 is a general purpose SSD volume. VolumeTypeGP2 VolumeType = "GP2" // VolumeTypeSC1 is a cold HDD volume. VolumeTypeSC1 VolumeType = "SC1" // VolumeTypeST1 is a throughput optimized HDD volume. VolumeTypeST1 VolumeType = "ST1" // VolumeTypeGP3 is a general purpose SSD volume (latest generation). VolumeTypeGP3 VolumeType = "GP3" )
Source Files