Documentation
¶
Index ¶
- Constants
- Variables
- func RemoveRuntimeDirs(logger *slog.Logger) phases.Task
- func ToAgentConfig(cfg *Config, machineName string) *agentconfig.AgentConfig
- type AgentConfig
- type ArcConfig
- type AzureConfig
- type BootstrapTokenConfig
- type CNIConfig
- type Config
- type ContainerdConfig
- type HostRoutingConfig
- type JSONDuration
- type KubeletConfig
- type KubernetesConfig
- type ManagedIdentityConfig
- type NPDConfig
- type NodeConfig
- type RouteOverlapConfig
- type RuncConfig
- type ServicePrincipalConfig
- type StaticRoute
- type StaticRoutesConfig
- type TargetClusterConfig
Constants ¶
const ( // ConfigDir is the base directory for AKS Flex Node configuration files // installed on the host. ConfigDir = "/etc/aks-flex-node" // Default configuration values DefaultLogDir = "/var/log/aks-flex-node" )
Variables ¶
var AKSClusterResourceIDPattern = regexp.MustCompile(`(?i)^/subscriptions/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/resourcegroups/([a-zA-Z0-9_\-\.]+)/providers/microsoft\.containerservice/managedclusters/([a-zA-Z0-9_\-\.]+)$`)
AKSClusterResourceIDPattern is AKS cluster resource ID regex pattern with capture groups Format: /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.ContainerService/managedClusters/{cluster-name} Pattern is case insensitive to handle variations in Azure resource path casing
var BootstrapTokenPattern = regexp.MustCompile(`^[a-z0-9]{6}\.[a-z0-9]{16}$`)
BootstrapTokenPattern is the regex pattern for Kubernetes bootstrap tokens Format: <token-id>.<token-secret> where token-id is 6 chars [a-z0-9] and token-secret is 16 chars [a-z0-9]
Functions ¶
func ToAgentConfig ¶ added in v0.1.0
func ToAgentConfig(cfg *Config, machineName string) *agentconfig.AgentConfig
ToAgentConfig converts a FlexNode Config to the shared agent library's AgentConfig. The resulting struct can be passed to goalstates.ResolveMachine to produce goal states for the nspawn-based bootstrap phases.
cfg.Node.Kubelet.ServerURL and cfg.Node.Kubelet.CACertData must be populated.
Types ¶
type AgentConfig ¶
type AgentConfig struct {
LogLevel string `json:"logLevel"` // Logging level: debug, info, warning, error
LogDir string `json:"logDir"` // Directory for log files
// NodeName is resolved from the host hostname when omitted.
NodeName string `json:"nodeName,omitempty"`
// MachineReconcileInterval controls how often the daemon re-reads the AKS
// machine resource when no Kubernetes Node event wakes the controller.
MachineReconcileInterval JSONDuration `json:"machineReconcileInterval,omitempty"`
// E2EMode uses the local file-backed AKS machine client for local testing.
// It is a no-op in production builds.
E2EMode bool `json:"e2eMode,omitempty"`
// ARMProxyURLOverrideForE2E redirects ARM requests to a dev-test proxy.
// It must not be set in production configurations.
ARMProxyURLOverrideForE2E string `json:"armProxyURLOverrideForE2E,omitempty"`
// RequireMachineRegistration fails bootstrap if the AKS machine resource
// cannot be read or created. When false, registration is best-effort.
RequireMachineRegistration bool `json:"requireMachineRegistration,omitempty"`
// MachineOperationMode controls MachineOperation handling. Supported values:
// "auto" detects Machina CRs, "disable" uses a noop reconciler.
MachineOperationMode string `json:"machineOperationMode,omitempty"`
}
AgentConfig holds agent-specific operational configuration.
type ArcConfig ¶
type ArcConfig struct {
Enabled bool `json:"enabled"` // Whether to enable Azure Arc registration
MachineName string `json:"machineName"` // Name for the Arc machine resource
Tags map[string]string `json:"tags"` // Tags to apply to the Arc machine
ResourceGroup string `json:"resourceGroup"` // Azure resource group for Arc machine
Location string `json:"location"` // Azure region for Arc machine
}
ArcConfig holds Azure Arc machine configuration for registering the machine with Azure Arc.
type AzureConfig ¶
type AzureConfig struct {
SubscriptionID string `json:"subscriptionId"` // Azure subscription ID
TenantID string `json:"tenantId"` // Azure tenant ID
Cloud string `json:"cloud"` // Azure cloud environment (defaults to AzurePublicCloud)
ServicePrincipal *ServicePrincipalConfig `json:"servicePrincipal,omitempty"` // Optional service principal authentication
ManagedIdentity *ManagedIdentityConfig `json:"managedIdentity,omitempty"` // Optional managed identity authentication
BootstrapToken *BootstrapTokenConfig `json:"bootstrapToken,omitempty"` // Optional bootstrap token authentication
Arc *ArcConfig `json:"arc"` // Azure Arc machine configuration
TargetCluster *TargetClusterConfig `json:"targetCluster"` // Target AKS cluster configuration
}
AzureConfig holds Azure-specific configuration required for connecting to Azure services. All fields except Cloud are required for proper operation.
func (AzureConfig) ResourceManagerEndpoint ¶ added in v0.1.0
func (cfg AzureConfig) ResourceManagerEndpoint() (string, error)
func (AzureConfig) ResourceManagerTokenScope ¶ added in v0.1.0
func (cfg AzureConfig) ResourceManagerTokenScope() (string, error)
type BootstrapTokenConfig ¶
type BootstrapTokenConfig struct {
Token string `json:"token"` // Bootstrap token in format: <token-id>.<token-secret>
}
BootstrapTokenConfig holds Kubernetes bootstrap token authentication configuration. Bootstrap tokens provide a lightweight authentication method for node joining.
type CNIConfig ¶
type CNIConfig struct {
Version string `json:"version"`
}
CNIPathsConfig holds file system paths related to CNI plugins and configurations.
type Config ¶
type Config struct {
Azure AzureConfig `json:"azure"`
Agent AgentConfig `json:"agent"`
Containerd ContainerdConfig `json:"containerd"`
Kubernetes KubernetesConfig `json:"kubernetes"`
CNI CNIConfig `json:"cni"`
Runc RuncConfig `json:"runc"`
Node NodeConfig `json:"node"`
Npd NPDConfig `json:"npd"`
HostRouting HostRoutingConfig `json:"hostRouting"`
}
Config represents the complete agent configuration structure. It contains Azure-specific settings and agent operational settings.
func LoadConfig ¶
LoadConfig loads configuration from a JSON file. The configPath parameter is required and cannot be empty.
func (*Config) DeepCopy ¶ added in v0.0.17
DeepCopy returns a copy of the config that does not share mutable sub-objects (maps/pointers) with the original.
func (*Config) IsARCEnabled ¶
IsARCEnabled checks if Azure Arc registration is enabled in the configuration.
func (*Config) IsBootstrapTokenConfigured ¶
IsBootstrapTokenConfigured checks if bootstrap token authentication is selected.
func (*Config) IsMIConfigured ¶
IsMIConfigured checks if managed identity configuration is provided in the configuration.
func (*Config) IsSPConfigured ¶
IsSPConfigured checks if service principal authentication is selected.
type ContainerdConfig ¶
type ContainerdConfig struct {
Version string `json:"version"`
}
ContainerdConfig holds configuration settings for the containerd runtime.
type HostRoutingConfig ¶ added in v0.1.0
type HostRoutingConfig struct {
// StaticRoutes installs explicit IPv4 routes to prevent provider-installed
// connected routes (e.g. Azure IB /16 on ND-isr SKUs) from shadowing
// cluster CIDRs.
StaticRoutes StaticRoutesConfig `json:"staticRoutes"`
// RouteOverlap checks that the expected CIDRs all route via the default
// outbound interface. Use this to catch unmitigated routing overlaps at
// boot time instead of hours after a node silently misbehaves.
RouteOverlap RouteOverlapConfig `json:"routeOverlap"`
}
HostRoutingConfig groups host-level routing tasks that run before the nspawn machine starts.
type JSONDuration ¶ added in v0.1.0
JSONDuration accepts Go duration strings in config JSON while preserving compatibility with time.Duration's numeric nanosecond representation.
func (JSONDuration) MarshalJSON ¶ added in v0.1.0
func (d JSONDuration) MarshalJSON() ([]byte, error)
func (*JSONDuration) UnmarshalJSON ¶ added in v0.1.0
func (d *JSONDuration) UnmarshalJSON(data []byte) error
type KubeletConfig ¶
type KubeletConfig struct {
Verbosity int `json:"verbosity"`
ImageGCHighThreshold int `json:"imageGCHighThreshold"`
ImageGCLowThreshold int `json:"imageGCLowThreshold"`
DNSServiceIP string `json:"dnsServiceIP"` // Cluster DNS service IP (default: 10.0.0.10 for AKS)
ServerURL string `json:"serverURL"` // Kubernetes API server URL
CACertData string `json:"caCertData"` // Base64-encoded CA certificate data
NodeIP string `json:"nodeIP"` // IP address to advertise as the node's primary IP (--node-ip kubelet flag)
}
KubeletConfig holds kubelet-specific configuration settings.
type KubernetesConfig ¶
type KubernetesConfig struct {
Version string `json:"version"`
}
KubernetesConfig holds configuration settings for Kubernetes components.
type ManagedIdentityConfig ¶
type ManagedIdentityConfig struct {
ClientID string `json:"clientId,omitempty"` // Client ID of the managed identity (optional, for VMs with multiple identities)
}
ManagedIdentityConfig holds managed identity authentication configuration. It can only be used when the agent is running on an Azure VM with a managed identity assigned.
type NPDConfig ¶
type NPDConfig struct {
Version string `json:"version"`
}
NPDConfig holds configuration settings for the Node Problem Detector (NPD).
type NodeConfig ¶
type NodeConfig struct {
MaxPods int `json:"maxPods"`
Labels map[string]string `json:"labels"`
// Taints to apply at node registration time via --register-with-taints.
// Each entry must use the kubelet taint format: "key=value:Effect" or "key:Effect"
// (e.g. "dedicated=infra:NoSchedule", "gpu:NoExecute").
Taints []string `json:"taints,omitempty"`
Kubelet KubeletConfig `json:"kubelet"`
}
NodeConfig holds configuration settings for the Kubernetes node.
type RouteOverlapConfig ¶ added in v0.1.0
type RouteOverlapConfig struct {
// ExpectedCIDRs is the list of IPv4 CIDRs that must route via the default
// outbound interface. Typically pod CIDR + service CIDR + API server prefix.
ExpectedCIDRs []string `json:"expectedCidrs,omitempty"`
// Mode controls behaviour on overlap detection.
// "WARN" (default): log the overlap and let kubelet start.
// "STRICT": log the overlap and prevent kubelet from starting.
Mode string `json:"mode,omitempty"`
}
RouteOverlapConfig holds the spec for the check-route-overlap systemd oneshot.
type RuncConfig ¶
type RuncConfig struct {
Version string `json:"version"`
}
RuncConfig holds configuration settings for the container runtime (runc).
type ServicePrincipalConfig ¶
type ServicePrincipalConfig struct {
TenantID string `json:"tenantId"` // Azure AD tenant ID
ClientID string `json:"clientId"` // Azure AD application (client) ID
ClientSecret string `json:"clientSecret"` // Azure AD application client secret
}
ServicePrincipalConfig holds Azure service principal authentication configuration. When provided, service principal authentication will be used instead of Azure CLI.
type StaticRoute ¶ added in v0.1.0
type StaticRoute struct {
// Destination is an IPv4 CIDR, e.g. "172.16.1.0/24". Required.
Destination string `json:"destination"`
// Gateway is the next-hop IPv4 address. When empty the script resolves the
// default gateway on Dev at boot time (with a bounded retry for DHCP races).
Gateway string `json:"gateway,omitempty"`
// Dev is the outbound interface (e.g. "eth0"). When empty the script
// resolves the IPv4 default route's outbound interface at boot time.
Dev string `json:"dev,omitempty"`
// Metric sets the route metric for tie-breaking. 0 means use kernel default.
Metric uint32 `json:"metric,omitempty"`
}
StaticRoute describes a single IPv4 route to install via `ip -4 route replace`.
type StaticRoutesConfig ¶ added in v0.1.0
type StaticRoutesConfig struct {
// Enabled must be set to true when routes are provided. This explicit
// opt-in prevents accidental route injection.
Enabled bool `json:"enabled"`
// Routes is the list of IPv4 static routes to install before kubelet starts.
Routes []StaticRoute `json:"routes,omitempty"`
}
StaticRoutesConfig holds the spec for the static-routes systemd oneshot.
type TargetClusterConfig ¶
type TargetClusterConfig struct {
ResourceID string `json:"resourceId"` // Full resource ID of the target AKS cluster
Location string `json:"location"` // Azure region of the cluster (e.g., "eastus", "westus2")
Name string // will be populated from ResourceID
ResourceGroup string // will be populated from ResourceID
SubscriptionID string // will be populated from ResourceID
NodeResourceGroup string // will be populated from ResourceID
}
TargetClusterConfig holds configuration for the target AKS cluster the ARC machine will connect to.
Source Files