Documentation ¶
Overview ¶
+kubebuilder:validation:Optional +groupName=config.openshift.io Package v1 is the v1 version of the API.
Index ¶
- Constants
- Variables
- func Resource(resource string) schema.GroupResource
- type APIServer
- type APIServerEncryption
- type APIServerList
- type APIServerNamedServingCert
- type APIServerServingCerts
- type APIServerSpec
- type APIServerStatus
- type AWSDNSSpec
- type AWSIngressSpec
- type AWSLBType
- type AWSPlatformSpec
- type AWSPlatformStatus
- type AWSResourceTag
- type AWSServiceEndpoint
- type AdmissionConfig
- type AdmissionPluginConfig
- type AlibabaCloudPlatformSpec
- type AlibabaCloudPlatformStatus
- type AlibabaCloudResourceTag
- type Audit
- type AuditConfig
- type AuditCustomRule
- type AuditProfileType
- type Authentication
- type AuthenticationList
- type AuthenticationSpec
- type AuthenticationStatus
- type AuthenticationType
- type AzureCloudEnvironment
- type AzurePlatformSpec
- type AzurePlatformStatus
- type AzureResourceTag
- type BareMetalPlatformLoadBalancer
- type BareMetalPlatformSpec
- type BareMetalPlatformStatus
- type BasicAuthIdentityProvider
- type Build
- type BuildDefaults
- type BuildList
- type BuildOverrides
- type BuildSpec
- type CIDR
- type CPUPartitioningMode
- type CertInfo
- type CgroupMode
- type ClientConnectionOverrides
- type CloudControllerManagerState
- type CloudControllerManagerStatus
- type CloudLoadBalancerConfig
- type CloudLoadBalancerIPs
- type ClusterCondition
- type ClusterID
- type ClusterNetworkEntry
- type ClusterOperator
- type ClusterOperatorList
- type ClusterOperatorSpec
- type ClusterOperatorStatus
- type ClusterOperatorStatusCondition
- type ClusterStatusConditionType
- type ClusterVersion
- type ClusterVersionArchitecture
- type ClusterVersionCapabilitiesSpec
- type ClusterVersionCapabilitiesStatus
- type ClusterVersionCapability
- type ClusterVersionCapabilitySet
- type ClusterVersionList
- type ClusterVersionSpec
- type ClusterVersionStatus
- type ComponentOverride
- type ComponentRouteSpec
- type ComponentRouteStatus
- type ConditionStatus
- type ConditionalUpdate
- type ConditionalUpdateRisk
- type ConfigMapFileReference
- type ConfigMapNameReference
- type Console
- type ConsoleAuthentication
- type ConsoleList
- type ConsoleSpec
- type ConsoleStatus
- type ConsumingUser
- type CustomFeatureGates
- type CustomTLSProfile
- type DNS
- type DNSList
- type DNSPlatformSpec
- type DNSSpec
- type DNSStatus
- type DNSType
- type DNSZone
- type DRAEnablement
- type DefaultPlacement
- type DelegatedAuthentication
- type DelegatedAuthorization
- type DeprecatedWebhookTokenAuthenticator
- type EncryptionType
- type EquinixMetalPlatformSpec
- type EquinixMetalPlatformStatus
- type EtcdConnectionInfo
- type EtcdStorageConfig
- type ExternalIPConfig
- type ExternalIPPolicy
- type ExternalPlatformSpec
- type ExternalPlatformStatus
- type FeatureGate
- type FeatureGateAttributes
- type FeatureGateDetails
- type FeatureGateList
- type FeatureGateName
- type FeatureGateSelection
- type FeatureGateSpec
- type FeatureGateStatus
- type FeatureGateTests
- type FeatureSet
- type GCPPlatformSpec
- type GCPPlatformStatus
- type GCPResourceLabel
- type GCPResourceTag
- type GenericAPIServerConfig
- type GenericControllerConfig
- type GitHubIdentityProvider
- type GitLabIdentityProvider
- type GoogleIdentityProvider
- type HTPasswdIdentityProvider
- type HTTPServingInfo
- type Hostname
- type HubSource
- type HubSourceStatus
- type IBMCloudPlatformSpec
- type IBMCloudPlatformStatus
- type IBMCloudProviderType
- type IBMCloudServiceEndpoint
- type IBMCloudServiceName
- type IP
- type IdentityProvider
- type IdentityProviderConfig
- type IdentityProviderType
- type Image
- type ImageContentPolicy
- type ImageContentPolicyList
- type ImageContentPolicySpec
- type ImageDigestMirrorSet
- type ImageDigestMirrorSetList
- type ImageDigestMirrorSetSpec
- type ImageDigestMirrorSetStatus
- type ImageDigestMirrors
- type ImageLabel
- type ImageList
- type ImageMirror
- type ImageSpec
- type ImageStatus
- type ImageTagMirrorSet
- type ImageTagMirrorSetList
- type ImageTagMirrorSetSpec
- type ImageTagMirrorSetStatus
- type ImageTagMirrors
- type ImportModeType
- type IncludeSubDomainsPolicy
- type Infrastructure
- type InfrastructureList
- type InfrastructureSpec
- type InfrastructureStatus
- type Ingress
- type IngressList
- type IngressPlatformSpec
- type IngressSpec
- type IngressStatus
- type IntermediateTLSProfile
- type KeystoneIdentityProvider
- type KubeClientConfig
- type KubevirtPlatformSpec
- type KubevirtPlatformStatus
- type LDAPAttributeMapping
- type LDAPIdentityProvider
- type LeaderElection
- type LoadBalancer
- type LogFormatType
- type MTUMigration
- type MTUMigrationValues
- type MappingMethodType
- type MaxAgePolicy
- type Mirror
- type MirrorSourcePolicy
- type ModernTLSProfile
- type NamedCertificate
- type Network
- type NetworkDiagnostics
- type NetworkDiagnosticsMode
- type NetworkDiagnosticsSourcePlacement
- type NetworkDiagnosticsTargetPlacement
- type NetworkList
- type NetworkMigration
- type NetworkSpec
- type NetworkStatus
- type Node
- type NodeList
- type NodeSpec
- type NodeStatus
- type NutanixFailureDomain
- type NutanixIdentifierType
- type NutanixPlatformLoadBalancer
- type NutanixPlatformSpec
- type NutanixPlatformStatus
- type NutanixPrismElementEndpoint
- type NutanixPrismEndpoint
- type NutanixResourceIdentifier
- type OAuth
- type OAuthList
- type OAuthRemoteConnectionInfo
- type OAuthSpec
- type OAuthStatus
- type OAuthTemplates
- type OIDCClientConfig
- type OIDCClientReference
- type OIDCClientStatus
- type OIDCProvider
- type ObjectReference
- type OldTLSProfile
- type OpenIDClaim
- type OpenIDClaims
- type OpenIDIdentityProvider
- type OpenStackPlatformLoadBalancer
- type OpenStackPlatformSpec
- type OpenStackPlatformStatus
- type OperandVersion
- type OperatorHub
- type OperatorHubList
- type OperatorHubSpec
- type OperatorHubStatus
- type OvirtPlatformLoadBalancer
- type OvirtPlatformSpec
- type OvirtPlatformStatus
- type PlatformLoadBalancerType
- type PlatformSpec
- type PlatformStatus
- type PlatformType
- type PowerVSPlatformSpec
- type PowerVSPlatformStatus
- type PowerVSServiceEndpoint
- type PrefixedClaimMapping
- type PreloadPolicy
- type ProfileCustomizations
- type Project
- type ProjectList
- type ProjectSpec
- type ProjectStatus
- type PromQLClusterCondition
- type Proxy
- type ProxyList
- type ProxySpec
- type ProxyStatus
- type RegistryLocation
- type RegistrySources
- type Release
- type RemoteConnectionInfo
- type RepositoryDigestMirrors
- type RequestHeaderIdentityProvider
- type RequiredHSTSPolicy
- type Scheduler
- type SchedulerList
- type SchedulerProfile
- type SchedulerSpec
- type SchedulerStatus
- type SecretNameReference
- type ServingInfo
- type SignatureStore
- type StringSource
- type StringSourceSpec
- type TLSProfileSpec
- type TLSProfileType
- type TLSProtocolVersion
- type TLSSecurityProfile
- type TemplateReference
- type TestDetails
- type TestReporting
- type TestReportingSpec
- type TestReportingStatus
- type TokenAudience
- type TokenClaimMapping
- type TokenClaimMappings
- type TokenClaimValidationRule
- type TokenConfig
- type TokenIssuer
- type TokenRequiredClaim
- type TokenValidationRuleType
- type TopologyMode
- type URL
- type Update
- type UpdateHistory
- type UpdateState
- type UsernameClaimMapping
- type UsernamePrefix
- type UsernamePrefixPolicy
- type VSpherePlatformFailureDomainSpec
- type VSpherePlatformLoadBalancer
- type VSpherePlatformNodeNetworking
- type VSpherePlatformNodeNetworkingSpec
- type VSpherePlatformSpec
- type VSpherePlatformStatus
- type VSpherePlatformTopology
- type VSpherePlatformVCenterSpec
- type WebHookModeType
- type WebhookTokenAuthenticator
- type WorkerLatencyProfileType
Constants ¶
const ( // LogFormatLegacy saves event in 1-line text format. LogFormatLegacy LogFormatType = "legacy" // LogFormatJson saves event in structured json format. LogFormatJson LogFormatType = "json" // WebHookModeBatch indicates that the webhook should buffer audit events // internally, sending batch updates either once a certain number of // events have been received or a certain amount of time has passed. WebHookModeBatch WebHookModeType = "batch" // WebHookModeBlocking causes the webhook to block on every attempt to process // a set of events. This causes requests to the API server to wait for a // round trip to the external audit service before sending a response. WebHookModeBlocking WebHookModeType = "blocking" )
const ( // OAuthMetadataKey is the key for the oauth authorization server metadata OAuthMetadataKey = "oauthMetadata" // KubeConfigKey is the key for the kube config file data in a secret KubeConfigKey = "kubeConfig" )
const ( // DefaultNodeStatusUpdateFrequency refers to the "--node-status-update-frequency" of the kubelet in case of DefaultUpdateDefaultReaction WorkerLatencyProfile type DefaultNodeStatusUpdateFrequency = 10 * time.Second // DefaultNodeMonitorGracePeriod refers to the "--node-monitor-grace-period" of the Kube Controller Manager in case of DefaultUpdateDefaultReaction WorkerLatencyProfile type DefaultNodeMonitorGracePeriod = 40 * time.Second // DefaultNotReadyTolerationSeconds refers to the "--default-not-ready-toleration-seconds" of the Kube API Server in case of DefaultUpdateDefaultReaction WorkerLatencyProfile type DefaultNotReadyTolerationSeconds = 300 // DefaultUnreachableTolerationSeconds refers to the "--default-unreachable-toleration-seconds" of the Kube API Server in case of DefaultUpdateDefaultReaction WorkerLatencyProfile type DefaultUnreachableTolerationSeconds = 300 // MediumNodeStatusUpdateFrequency refers to the "--node-status-update-frequency" of the kubelet in case of MediumUpdateAverageReaction WorkerLatencyProfile type MediumNodeStatusUpdateFrequency = 20 * time.Second // MediumNodeMonitorGracePeriod refers to the "--node-monitor-grace-period" of the Kube Controller Manager in case of MediumUpdateAverageReaction WorkerLatencyProfile type MediumNodeMonitorGracePeriod = 2 * time.Minute // MediumNotReadyTolerationSeconds refers to the "--default-not-ready-toleration-seconds" of the Kube API Server in case of MediumUpdateAverageReaction WorkerLatencyProfile type MediumNotReadyTolerationSeconds = 60 // MediumUnreachableTolerationSeconds refers to the "--default-unreachable-toleration-seconds" of the Kube API Server in case of MediumUpdateAverageReaction WorkerLatencyProfile type MediumUnreachableTolerationSeconds = 60 // LowNodeStatusUpdateFrequency refers to the "--node-status-update-frequency" of the kubelet in case of LowUpdateSlowReaction WorkerLatencyProfile type LowNodeStatusUpdateFrequency = 1 * time.Minute // LowNodeMonitorGracePeriod refers to the "--node-monitor-grace-period" of the Kube Controller Manager in case of LowUpdateSlowReaction WorkerLatencyProfile type LowNodeMonitorGracePeriod = 5 * time.Minute // LowNotReadyTolerationSeconds refers to the "--default-not-ready-toleration-seconds" of the Kube API Server in case of LowUpdateSlowReaction WorkerLatencyProfile type LowNotReadyTolerationSeconds = 60 // LowUnreachableTolerationSeconds refers to the "--default-unreachable-toleration-seconds" of the Kube API Server in case of LowUpdateSlowReaction WorkerLatencyProfile type LowUnreachableTolerationSeconds = 60 )
const ( // LoginTemplateKey is the key of the login template in a secret LoginTemplateKey = "login.html" // ProviderSelectionTemplateKey is the key for the provider selection template in a secret ProviderSelectionTemplateKey = "providers.html" // ErrorsTemplateKey is the key for the errors template in a secret ErrorsTemplateKey = "errors.html" // BindPasswordKey is the key for the LDAP bind password in a secret BindPasswordKey = "bindPassword" // ClientSecretKey is the key for the oauth client secret data in a secret ClientSecretKey = "clientSecret" // HTPasswdDataKey is the key for the htpasswd file data in a secret HTPasswdDataKey = "htpasswd" )
const (
TokenValidationRuleTypeRequiredClaim = "RequiredClaim"
)
const UserIDClaim = "sub"
UserIDClaim is the claim used to provide a stable identifier for OIDC identities. Per http://openid.net/specs/openid-connect-core-1_0.html#ClaimStability
"The sub (subject) and iss (issuer) Claims, used together, are the only Claims that an RP can rely upon as a stable identifier for the End-User, since the sub Claim MUST be locally unique and never reassigned within the Issuer for a particular End-User, as described in Section 2. Therefore, the only guaranteed unique identifier for a given End-User is the combination of the iss Claim and the sub Claim."
Variables ¶
var ( GroupName = "config.openshift.io" GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} // Install is a function which adds this version to a scheme Install = schemeBuilder.AddToScheme // SchemeGroupVersion generated code relies on this name // Deprecated SchemeGroupVersion = GroupVersion // AddToScheme exists solely to keep the old generators creating valid code // DEPRECATED AddToScheme = schemeBuilder.AddToScheme )
var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVersionCapability{ ClusterVersionCapabilitySetNone: {}, ClusterVersionCapabilitySet4_11: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityMachineAPI, }, ClusterVersionCapabilitySet4_12: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityMachineAPI, }, ClusterVersionCapabilitySet4_13: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, }, ClusterVersionCapabilitySet4_14: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, }, ClusterVersionCapabilitySet4_15: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, }, ClusterVersionCapabilitySet4_16: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, }, ClusterVersionCapabilitySet4_17: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, }, ClusterVersionCapabilitySet4_18: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, }, ClusterVersionCapabilitySetCurrent: { ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, }, }
ClusterVersionCapabilitySets defines sets of cluster version capabilities.
var KnownClusterVersionCapabilities = []ClusterVersionCapability{ ClusterVersionCapabilityBaremetal, ClusterVersionCapabilityConsole, ClusterVersionCapabilityInsights, ClusterVersionCapabilityMarketplace, ClusterVersionCapabilityStorage, ClusterVersionCapabilityOpenShiftSamples, ClusterVersionCapabilityCSISnapshot, ClusterVersionCapabilityNodeTuning, ClusterVersionCapabilityMachineAPI, ClusterVersionCapabilityBuild, ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, }
KnownClusterVersionCapabilities includes all known optional, core cluster components.
var TLSProfiles = map[TLSProfileType]*TLSProfileSpec{ TLSProfileOldType: { Ciphers: []string{ "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES256-GCM-SHA384", "ECDHE-ECDSA-CHACHA20-POLY1305", "ECDHE-RSA-CHACHA20-POLY1305", "DHE-RSA-AES128-GCM-SHA256", "DHE-RSA-AES256-GCM-SHA384", "DHE-RSA-CHACHA20-POLY1305", "ECDHE-ECDSA-AES128-SHA256", "ECDHE-RSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA", "ECDHE-RSA-AES128-SHA", "ECDHE-ECDSA-AES256-SHA384", "ECDHE-RSA-AES256-SHA384", "ECDHE-ECDSA-AES256-SHA", "ECDHE-RSA-AES256-SHA", "DHE-RSA-AES128-SHA256", "DHE-RSA-AES256-SHA256", "AES128-GCM-SHA256", "AES256-GCM-SHA384", "AES128-SHA256", "AES256-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA", }, MinTLSVersion: VersionTLS10, }, TLSProfileIntermediateType: { Ciphers: []string{ "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES256-GCM-SHA384", "ECDHE-ECDSA-CHACHA20-POLY1305", "ECDHE-RSA-CHACHA20-POLY1305", "DHE-RSA-AES128-GCM-SHA256", "DHE-RSA-AES256-GCM-SHA384", }, MinTLSVersion: VersionTLS12, }, TLSProfileModernType: { Ciphers: []string{ "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", }, MinTLSVersion: VersionTLS13, }, }
TLSProfiles Contains a map of TLSProfileType names to TLSProfileSpec.
NOTE: The caller needs to make sure to check that these constants are valid for their binary. Not all entries map to values for all binaries. In the case of ties, the kube-apiserver wins. Do not fail, just be sure to whitelist only and everything will be ok.
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource generated code relies on this being here, but it logically belongs to the group DEPRECATED
Types ¶
type APIServer ¶
type APIServer struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec holds user settable values for configuration // +kubebuilder:validation:Required // +required Spec APIServerSpec `json:"spec"` // status holds observed values from the cluster. They may not be overridden. // +optional Status APIServerStatus `json:"status"` }
APIServer holds configuration (like serving certificates, client CA and CORS domains) shared by all API servers in the system, among them especially kube-apiserver and openshift-apiserver. The canonical name of an instance is 'cluster'.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=apiservers,scope=Cluster +kubebuilder:subresource:status +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true
func (*APIServer) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.
func (*APIServer) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*APIServer) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (APIServer) SwaggerDoc ¶
type APIServerEncryption ¶
type APIServerEncryption struct { // type defines what encryption type should be used to encrypt resources at the datastore layer. // When this field is unset (i.e. when it is set to the empty string), identity is implied. // The behavior of unset can and will change over time. Even if encryption is enabled by default, // the meaning of unset may change to a different encryption type based on changes in best practices. // // When encryption is enabled, all sensitive resources shipped with the platform are encrypted. // This list of sensitive resources can and will change over time. The current authoritative list is: // // 1. secrets // 2. configmaps // 3. routes.route.openshift.io // 4. oauthaccesstokens.oauth.openshift.io // 5. oauthauthorizetokens.oauth.openshift.io // // +unionDiscriminator // +optional Type EncryptionType `json:"type,omitempty"` }
func (*APIServerEncryption) DeepCopy ¶
func (in *APIServerEncryption) DeepCopy() *APIServerEncryption
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerEncryption.
func (*APIServerEncryption) DeepCopyInto ¶
func (in *APIServerEncryption) DeepCopyInto(out *APIServerEncryption)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (APIServerEncryption) SwaggerDoc ¶
func (APIServerEncryption) SwaggerDoc() map[string]string
type APIServerList ¶
type APIServerList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []APIServer `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*APIServerList) DeepCopy ¶
func (in *APIServerList) DeepCopy() *APIServerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerList.
func (*APIServerList) DeepCopyInto ¶
func (in *APIServerList) DeepCopyInto(out *APIServerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*APIServerList) DeepCopyObject ¶
func (in *APIServerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (APIServerList) SwaggerDoc ¶
func (APIServerList) SwaggerDoc() map[string]string
type APIServerNamedServingCert ¶
type APIServerNamedServingCert struct { // names is a optional list of explicit DNS names (leading wildcards allowed) that should use this certificate to // serve secure traffic. If no names are provided, the implicit names will be extracted from the certificates. // Exact names trump over wildcard names. Explicit names defined here trump over extracted implicit names. // +optional Names []string `json:"names,omitempty"` // servingCertificate references a kubernetes.io/tls type secret containing the TLS cert info for serving secure traffic. // The secret must exist in the openshift-config namespace and contain the following required fields: // - Secret.Data["tls.key"] - TLS private key. // - Secret.Data["tls.crt"] - TLS certificate. ServingCertificate SecretNameReference `json:"servingCertificate"` }
APIServerNamedServingCert maps a server DNS name, as understood by a client, to a certificate.
func (*APIServerNamedServingCert) DeepCopy ¶
func (in *APIServerNamedServingCert) DeepCopy() *APIServerNamedServingCert
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerNamedServingCert.
func (*APIServerNamedServingCert) DeepCopyInto ¶
func (in *APIServerNamedServingCert) DeepCopyInto(out *APIServerNamedServingCert)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (APIServerNamedServingCert) SwaggerDoc ¶
func (APIServerNamedServingCert) SwaggerDoc() map[string]string
type APIServerServingCerts ¶
type APIServerServingCerts struct { // namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. // If no named certificates are provided, or no named certificates match the server name as understood by a client, // the defaultServingCertificate will be used. // +optional NamedCertificates []APIServerNamedServingCert `json:"namedCertificates,omitempty"` }
func (*APIServerServingCerts) DeepCopy ¶
func (in *APIServerServingCerts) DeepCopy() *APIServerServingCerts
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerServingCerts.
func (*APIServerServingCerts) DeepCopyInto ¶
func (in *APIServerServingCerts) DeepCopyInto(out *APIServerServingCerts)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (APIServerServingCerts) SwaggerDoc ¶
func (APIServerServingCerts) SwaggerDoc() map[string]string
type APIServerSpec ¶
type APIServerSpec struct { // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates // will be used for serving secure traffic. // +optional ServingCerts APIServerServingCerts `json:"servingCerts"` // clientCA references a ConfigMap containing a certificate bundle for the signers that will be recognized for // incoming client certificates in addition to the operator managed signers. If this is empty, then only operator managed signers are valid. // You usually only have to set this if you have your own PKI you wish to honor client certificates from. // The ConfigMap must exist in the openshift-config namespace and contain the following required fields: // - ConfigMap.Data["ca-bundle.crt"] - CA bundle. // +optional ClientCA ConfigMapNameReference `json:"clientCA"` // additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the // API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth // server from JavaScript applications. // The values are regular expressions that correspond to the Golang regular expression language. // +optional AdditionalCORSAllowedOrigins []string `json:"additionalCORSAllowedOrigins,omitempty"` // encryption allows the configuration of encryption of resources at the datastore layer. // +optional Encryption APIServerEncryption `json:"encryption"` // tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. // // If unset, a default (which may change between releases) is chosen. Note that only Old, // Intermediate and Custom profiles are currently supported, and the maximum available // minTLSVersion is VersionTLS12. // +optional TLSSecurityProfile *TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. // +optional // +kubebuilder:default={profile: Default} Audit Audit `json:"audit"` }
func (*APIServerSpec) DeepCopy ¶
func (in *APIServerSpec) DeepCopy() *APIServerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerSpec.
func (*APIServerSpec) DeepCopyInto ¶
func (in *APIServerSpec) DeepCopyInto(out *APIServerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (APIServerSpec) SwaggerDoc ¶
func (APIServerSpec) SwaggerDoc() map[string]string
type APIServerStatus ¶
type APIServerStatus struct { }
func (*APIServerStatus) DeepCopy ¶
func (in *APIServerStatus) DeepCopy() *APIServerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServerStatus.
func (*APIServerStatus) DeepCopyInto ¶
func (in *APIServerStatus) DeepCopyInto(out *APIServerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AWSDNSSpec ¶
type AWSDNSSpec struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$` // +optional PrivateZoneIAMRole string `json:"privateZoneIAMRole"` }
AWSDNSSpec contains DNS configuration specific to the Amazon Web Services cloud provider.
func (*AWSDNSSpec) DeepCopy ¶
func (in *AWSDNSSpec) DeepCopy() *AWSDNSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSDNSSpec.
func (*AWSDNSSpec) DeepCopyInto ¶
func (in *AWSDNSSpec) DeepCopyInto(out *AWSDNSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSDNSSpec) SwaggerDoc ¶
func (AWSDNSSpec) SwaggerDoc() map[string]string
type AWSIngressSpec ¶
type AWSIngressSpec struct { // type allows user to set a load balancer type. // When this field is set the default ingresscontroller will get created using the specified LBType. // If this field is not set then the default ingress controller of LBType Classic will be created. // Valid values are: // // * "Classic": A Classic Load Balancer that makes routing decisions at either // the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See // the following for additional details: // // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb // // * "NLB": A Network Load Balancer that makes routing decisions at the // transport layer (TCP/SSL). See the following for additional details: // // https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb // +unionDiscriminator // +kubebuilder:validation:Enum:=NLB;Classic // +kubebuilder:validation:Required Type AWSLBType `json:"type,omitempty"` }
AWSIngressSpec holds the desired state of the Ingress for Amazon Web Services infrastructure provider. This only includes fields that can be modified in the cluster. +union
func (*AWSIngressSpec) DeepCopy ¶
func (in *AWSIngressSpec) DeepCopy() *AWSIngressSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSIngressSpec.
func (*AWSIngressSpec) DeepCopyInto ¶
func (in *AWSIngressSpec) DeepCopyInto(out *AWSIngressSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSIngressSpec) SwaggerDoc ¶
func (AWSIngressSpec) SwaggerDoc() map[string]string
type AWSLBType ¶
type AWSLBType string
const ( // NLB is the Network Load Balancer Type of AWS. Using NLB one can set NLB load balancer type for the default ingress controller. NLB AWSLBType = "NLB" // Classic is the Classic Load Balancer Type of AWS. Using CLassic one can set Classic load balancer type for the default ingress controller. Classic AWSLBType = "Classic" )
type AWSPlatformSpec ¶
type AWSPlatformSpec struct { // serviceEndpoints list contains custom endpoints which will override default // service endpoint of AWS Services. // There must be only one ServiceEndpoint for a service. // +listType=atomic // +optional ServiceEndpoints []AWSServiceEndpoint `json:"serviceEndpoints,omitempty"` }
AWSPlatformSpec holds the desired state of the Amazon Web Services infrastructure provider. This only includes fields that can be modified in the cluster.
func (*AWSPlatformSpec) DeepCopy ¶
func (in *AWSPlatformSpec) DeepCopy() *AWSPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSPlatformSpec.
func (*AWSPlatformSpec) DeepCopyInto ¶
func (in *AWSPlatformSpec) DeepCopyInto(out *AWSPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSPlatformSpec) SwaggerDoc ¶
func (AWSPlatformSpec) SwaggerDoc() map[string]string
type AWSPlatformStatus ¶
type AWSPlatformStatus struct { // region holds the default AWS region for new AWS resources created by the cluster. Region string `json:"region"` // ServiceEndpoints list contains custom endpoints which will override default // service endpoint of AWS Services. // There must be only one ServiceEndpoint for a service. // +listType=atomic // +optional ServiceEndpoints []AWSServiceEndpoint `json:"serviceEndpoints,omitempty"` // resourceTags is a list of additional tags to apply to AWS resources created for the cluster. // See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. // AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags // available for the user. // +kubebuilder:validation:MaxItems=25 // +listType=atomic // +optional ResourceTags []AWSResourceTag `json:"resourceTags,omitempty"` // cloudLoadBalancerConfig holds configuration related to DNS and cloud // load balancers. It allows configuration of in-cluster DNS as an alternative // to the platform default DNS implementation. // When using the ClusterHosted DNS type, Load Balancer IP addresses // must be provided for the API and internal API load balancers as well as the // ingress load balancer. // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} // +openshift:enable:FeatureGate=AWSClusterHostedDNS // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` }
AWSPlatformStatus holds the current status of the Amazon Web Services infrastructure provider.
func (*AWSPlatformStatus) DeepCopy ¶
func (in *AWSPlatformStatus) DeepCopy() *AWSPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSPlatformStatus.
func (*AWSPlatformStatus) DeepCopyInto ¶
func (in *AWSPlatformStatus) DeepCopyInto(out *AWSPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSPlatformStatus) SwaggerDoc ¶
func (AWSPlatformStatus) SwaggerDoc() map[string]string
type AWSResourceTag ¶
type AWSResourceTag struct { // key is the key of the tag // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=128 // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` // +required Key string `json:"key"` // value is the value of the tag. // Some AWS service do not support empty values. Since tags are added to resources in many services, the // length of the tag value must meet the requirements of all services. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` // +required Value string `json:"value"` }
AWSResourceTag is a tag to apply to AWS resources created for the cluster.
func (*AWSResourceTag) DeepCopy ¶
func (in *AWSResourceTag) DeepCopy() *AWSResourceTag
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSResourceTag.
func (*AWSResourceTag) DeepCopyInto ¶
func (in *AWSResourceTag) DeepCopyInto(out *AWSResourceTag)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSResourceTag) SwaggerDoc ¶
func (AWSResourceTag) SwaggerDoc() map[string]string
type AWSServiceEndpoint ¶
type AWSServiceEndpoint struct { // name is the name of the AWS service. // The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html // This must be provided and cannot be empty. // // +kubebuilder:validation:Pattern=`^[a-z0-9-]+$` Name string `json:"name"` // url is fully qualified URI with scheme https, that overrides the default generated // endpoint for a client. // This must be provided and cannot be empty. // // +kubebuilder:validation:Pattern=`^https://` URL string `json:"url"` }
AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services.
func (*AWSServiceEndpoint) DeepCopy ¶
func (in *AWSServiceEndpoint) DeepCopy() *AWSServiceEndpoint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSServiceEndpoint.
func (*AWSServiceEndpoint) DeepCopyInto ¶
func (in *AWSServiceEndpoint) DeepCopyInto(out *AWSServiceEndpoint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AWSServiceEndpoint) SwaggerDoc ¶
func (AWSServiceEndpoint) SwaggerDoc() map[string]string
type AdmissionConfig ¶
type AdmissionConfig struct { PluginConfig map[string]AdmissionPluginConfig `json:"pluginConfig,omitempty"` // enabledPlugins is a list of admission plugins that must be on in addition to the default list. // Some admission plugins are disabled by default, but certain configurations require them. This is fairly uncommon // and can result in performance penalties and unexpected behavior. EnabledAdmissionPlugins []string `json:"enabledPlugins,omitempty"` // disabledPlugins is a list of admission plugins that must be off. Putting something in this list // is almost always a mistake and likely to result in cluster instability. DisabledAdmissionPlugins []string `json:"disabledPlugins,omitempty"` }
func (*AdmissionConfig) DeepCopy ¶
func (in *AdmissionConfig) DeepCopy() *AdmissionConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionConfig.
func (*AdmissionConfig) DeepCopyInto ¶
func (in *AdmissionConfig) DeepCopyInto(out *AdmissionConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AdmissionConfig) SwaggerDoc ¶
func (AdmissionConfig) SwaggerDoc() map[string]string
type AdmissionPluginConfig ¶
type AdmissionPluginConfig struct { // Location is the path to a configuration file that contains the plugin's // configuration Location string `json:"location"` // Configuration is an embedded configuration object to be used as the plugin's // configuration. If present, it will be used instead of the path to the configuration file. // +nullable // +kubebuilder:pruning:PreserveUnknownFields Configuration runtime.RawExtension `json:"configuration"` }
AdmissionPluginConfig holds the necessary configuration options for admission plugins
func (*AdmissionPluginConfig) DeepCopy ¶
func (in *AdmissionPluginConfig) DeepCopy() *AdmissionPluginConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionPluginConfig.
func (*AdmissionPluginConfig) DeepCopyInto ¶
func (in *AdmissionPluginConfig) DeepCopyInto(out *AdmissionPluginConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AdmissionPluginConfig) SwaggerDoc ¶
func (AdmissionPluginConfig) SwaggerDoc() map[string]string
type AlibabaCloudPlatformSpec ¶
type AlibabaCloudPlatformSpec struct{}
AlibabaCloudPlatformSpec holds the desired state of the Alibaba Cloud infrastructure provider. This only includes fields that can be modified in the cluster.
func (*AlibabaCloudPlatformSpec) DeepCopy ¶
func (in *AlibabaCloudPlatformSpec) DeepCopy() *AlibabaCloudPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaCloudPlatformSpec.
func (*AlibabaCloudPlatformSpec) DeepCopyInto ¶
func (in *AlibabaCloudPlatformSpec) DeepCopyInto(out *AlibabaCloudPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AlibabaCloudPlatformSpec) SwaggerDoc ¶
func (AlibabaCloudPlatformSpec) SwaggerDoc() map[string]string
type AlibabaCloudPlatformStatus ¶
type AlibabaCloudPlatformStatus struct { // region specifies the region for Alibaba Cloud resources created for the cluster. // +kubebuilder:validation:Required // +kubebuilder:validation:Pattern=`^[0-9A-Za-z-]+$` // +required Region string `json:"region"` // resourceGroupID is the ID of the resource group for the cluster. // +kubebuilder:validation:Pattern=`^(rg-[0-9A-Za-z]+)?$` // +optional ResourceGroupID string `json:"resourceGroupID,omitempty"` // resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. // +kubebuilder:validation:MaxItems=20 // +listType=map // +listMapKey=key // +optional ResourceTags []AlibabaCloudResourceTag `json:"resourceTags,omitempty"` }
AlibabaCloudPlatformStatus holds the current status of the Alibaba Cloud infrastructure provider.
func (*AlibabaCloudPlatformStatus) DeepCopy ¶
func (in *AlibabaCloudPlatformStatus) DeepCopy() *AlibabaCloudPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaCloudPlatformStatus.
func (*AlibabaCloudPlatformStatus) DeepCopyInto ¶
func (in *AlibabaCloudPlatformStatus) DeepCopyInto(out *AlibabaCloudPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AlibabaCloudPlatformStatus) SwaggerDoc ¶
func (AlibabaCloudPlatformStatus) SwaggerDoc() map[string]string
type AlibabaCloudResourceTag ¶
type AlibabaCloudResourceTag struct { // key is the key of the tag. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=128 // +required Key string `json:"key"` // value is the value of the tag. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=128 // +required Value string `json:"value"` }
AlibabaCloudResourceTag is the set of tags to add to apply to resources.
func (*AlibabaCloudResourceTag) DeepCopy ¶
func (in *AlibabaCloudResourceTag) DeepCopy() *AlibabaCloudResourceTag
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaCloudResourceTag.
func (*AlibabaCloudResourceTag) DeepCopyInto ¶
func (in *AlibabaCloudResourceTag) DeepCopyInto(out *AlibabaCloudResourceTag)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AlibabaCloudResourceTag) SwaggerDoc ¶
func (AlibabaCloudResourceTag) SwaggerDoc() map[string]string
type Audit ¶
type Audit struct { // profile specifies the name of the desired top-level audit profile to be applied to all requests // sent to any of the OpenShift-provided API servers in the cluster (kube-apiserver, // openshift-apiserver and oauth-apiserver), with the exception of those requests that match // one or more of the customRules. // // The following profiles are provided: // - Default: default policy which means MetaData level logging with the exception of events // (not logged at all), oauthaccesstokens and oauthauthorizetokens (both logged at RequestBody // level). // - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for // write requests (create, update, patch). // - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response // HTTP payloads for read requests (get, list). // - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. // // Warning: It is not recommended to disable audit logging by using the `None` profile unless you // are fully aware of the risks of not logging data that can be beneficial when troubleshooting issues. // If you disable audit logging and a support situation arises, you might need to enable audit logging // and reproduce the issue in order to troubleshoot properly. // // If unset, the 'Default' profile is used as the default. // // +kubebuilder:default=Default Profile AuditProfileType `json:"profile,omitempty"` // customRules specify profiles per group. These profile take precedence over the // top-level profile field if they apply. They are evaluation from top to bottom and // the first one that matches, applies. // +listType=map // +listMapKey=group // +optional CustomRules []AuditCustomRule `json:"customRules,omitempty"` }
func (*Audit) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Audit.
func (*Audit) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (Audit) SwaggerDoc ¶
type AuditConfig ¶
type AuditConfig struct { // If this flag is set, audit log will be printed in the logs. // The logs contains, method, user and a requested URL. Enabled bool `json:"enabled"` // All requests coming to the apiserver will be logged to this file. AuditFilePath string `json:"auditFilePath"` // Maximum number of days to retain old log files based on the timestamp encoded in their filename. MaximumFileRetentionDays int32 `json:"maximumFileRetentionDays"` // Maximum number of old log files to retain. MaximumRetainedFiles int32 `json:"maximumRetainedFiles"` // Maximum size in megabytes of the log file before it gets rotated. Defaults to 100MB. MaximumFileSizeMegabytes int32 `json:"maximumFileSizeMegabytes"` // PolicyFile is a path to the file that defines the audit policy configuration. PolicyFile string `json:"policyFile"` // PolicyConfiguration is an embedded policy configuration object to be used // as the audit policy configuration. If present, it will be used instead of // the path to the policy file. // +nullable // +kubebuilder:pruning:PreserveUnknownFields PolicyConfiguration runtime.RawExtension `json:"policyConfiguration"` // Format of saved audits (legacy or json). LogFormat LogFormatType `json:"logFormat"` // Path to a .kubeconfig formatted file that defines the audit webhook configuration. WebHookKubeConfig string `json:"webHookKubeConfig"` // Strategy for sending audit events (block or batch). WebHookMode WebHookModeType `json:"webHookMode"` }
AuditConfig holds configuration for the audit capabilities
func (*AuditConfig) DeepCopy ¶
func (in *AuditConfig) DeepCopy() *AuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditConfig.
func (*AuditConfig) DeepCopyInto ¶
func (in *AuditConfig) DeepCopyInto(out *AuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AuditConfig) SwaggerDoc ¶
func (AuditConfig) SwaggerDoc() map[string]string
type AuditCustomRule ¶
type AuditCustomRule struct { // group is a name of group a request user must be member of in order to this profile to apply. // // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +required Group string `json:"group"` // profile specifies the name of the desired audit policy configuration to be deployed to // all OpenShift-provided API servers in the cluster. // // The following profiles are provided: // - Default: the existing default policy. // - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for // write requests (create, update, patch). // - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response // HTTP payloads for read requests (get, list). // - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. // // If unset, the 'Default' profile is used as the default. // // +kubebuilder:validation:Required // +required Profile AuditProfileType `json:"profile,omitempty"` }
AuditCustomRule describes a custom rule for an audit profile that takes precedence over the top-level profile.
func (*AuditCustomRule) DeepCopy ¶
func (in *AuditCustomRule) DeepCopy() *AuditCustomRule
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditCustomRule.
func (*AuditCustomRule) DeepCopyInto ¶
func (in *AuditCustomRule) DeepCopyInto(out *AuditCustomRule)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AuditCustomRule) SwaggerDoc ¶
func (AuditCustomRule) SwaggerDoc() map[string]string
type AuditProfileType ¶
type AuditProfileType string
AuditProfileType defines the audit policy profile type. +kubebuilder:validation:Enum=Default;WriteRequestBodies;AllRequestBodies;None
const ( // "None" disables audit logs. NoneAuditProfileType AuditProfileType = "None" // "Default" is the existing default audit configuration policy. DefaultAuditProfileType AuditProfileType = "Default" // "WriteRequestBodies" is similar to Default but it logs request and response // HTTP payloads for write requests (create, update, patch) WriteRequestBodiesAuditProfileType AuditProfileType = "WriteRequestBodies" // "AllRequestBodies" is similar to WriteRequestBodies, but also logs request // and response HTTP payloads for read requests (get, list). AllRequestBodiesAuditProfileType AuditProfileType = "AllRequestBodies" )
type Authentication ¶
type Authentication struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec holds user settable values for configuration // +kubebuilder:validation:Required // +required Spec AuthenticationSpec `json:"spec"` // status holds observed values from the cluster. They may not be overridden. // +optional Status AuthenticationStatus `json:"status"` }
Authentication specifies cluster-wide settings for authentication (like OAuth and webhook token authenticators). The canonical name of an instance is `cluster`.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=authentications,scope=Cluster +kubebuilder:subresource:status +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true
func (*Authentication) DeepCopy ¶
func (in *Authentication) DeepCopy() *Authentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authentication.
func (*Authentication) DeepCopyInto ¶
func (in *Authentication) DeepCopyInto(out *Authentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Authentication) DeepCopyObject ¶
func (in *Authentication) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (Authentication) SwaggerDoc ¶
func (Authentication) SwaggerDoc() map[string]string
type AuthenticationList ¶
type AuthenticationList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []Authentication `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*AuthenticationList) DeepCopy ¶
func (in *AuthenticationList) DeepCopy() *AuthenticationList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationList.
func (*AuthenticationList) DeepCopyInto ¶
func (in *AuthenticationList) DeepCopyInto(out *AuthenticationList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthenticationList) DeepCopyObject ¶
func (in *AuthenticationList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (AuthenticationList) SwaggerDoc ¶
func (AuthenticationList) SwaggerDoc() map[string]string
type AuthenticationSpec ¶
type AuthenticationSpec struct { // type identifies the cluster managed, user facing authentication mode in use. // Specifically, it manages the component that responds to login attempts. // The default is IntegratedOAuth. // +optional Type AuthenticationType `json:"type"` // oauthMetadata contains the discovery endpoint data for OAuth 2.0 // Authorization Server Metadata for an external OAuth server. // This discovery document can be viewed from its served location: // oc get --raw '/.well-known/oauth-authorization-server' // For further details, see the IETF Draft: // https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 // If oauthMetadata.name is non-empty, this value has precedence // over any metadata reference stored in status. // The key "oauthMetadata" is used to locate the data. // If specified and the config map or expected key is not found, no metadata is served. // If the specified metadata is not valid, no metadata is served. // The namespace for this config map is openshift-config. // +optional OAuthMetadata ConfigMapNameReference `json:"oauthMetadata"` // webhookTokenAuthenticators is DEPRECATED, setting it has no effect. // +listType=atomic WebhookTokenAuthenticators []DeprecatedWebhookTokenAuthenticator `json:"webhookTokenAuthenticators,omitempty"` // webhookTokenAuthenticator configures a remote token reviewer. // These remote authentication webhooks can be used to verify bearer tokens // via the tokenreviews.authentication.k8s.io REST API. This is required to // honor bearer tokens that are provisioned by an external authentication service. // // Can only be set if "Type" is set to "None". // // +optional WebhookTokenAuthenticator *WebhookTokenAuthenticator `json:"webhookTokenAuthenticator,omitempty"` // serviceAccountIssuer is the identifier of the bound service account token // issuer. // The default is https://kubernetes.default.svc // WARNING: Updating this field will not result in immediate invalidation of all bound tokens with the // previous issuer value. Instead, the tokens issued by previous service account issuer will continue to // be trusted for a time period chosen by the platform (currently set to 24h). // This time period is subject to change over time. // This allows internal components to transition to use new service account issuer without service distruption. // +optional ServiceAccountIssuer string `json:"serviceAccountIssuer"` // OIDCProviders are OIDC identity providers that can issue tokens // for this cluster // Can only be set if "Type" is set to "OIDC". // // At most one provider can be configured. // // +listType=map // +listMapKey=name // +kubebuilder:validation:MaxItems=1 // +openshift:enable:FeatureGate=ExternalOIDC OIDCProviders []OIDCProvider `json:"oidcProviders,omitempty"` }
func (*AuthenticationSpec) DeepCopy ¶
func (in *AuthenticationSpec) DeepCopy() *AuthenticationSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationSpec.
func (*AuthenticationSpec) DeepCopyInto ¶
func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AuthenticationSpec) SwaggerDoc ¶
func (AuthenticationSpec) SwaggerDoc() map[string]string
type AuthenticationStatus ¶
type AuthenticationStatus struct { // integratedOAuthMetadata contains the discovery endpoint data for OAuth 2.0 // Authorization Server Metadata for the in-cluster integrated OAuth server. // This discovery document can be viewed from its served location: // oc get --raw '/.well-known/oauth-authorization-server' // For further details, see the IETF Draft: // https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 // This contains the observed value based on cluster state. // An explicitly set value in spec.oauthMetadata has precedence over this field. // This field has no meaning if authentication spec.type is not set to IntegratedOAuth. // The key "oauthMetadata" is used to locate the data. // If the config map or expected key is not found, no metadata is served. // If the specified metadata is not valid, no metadata is served. // The namespace for this config map is openshift-config-managed. IntegratedOAuthMetadata ConfigMapNameReference `json:"integratedOAuthMetadata"` // OIDCClients is where participating operators place the current OIDC client status // for OIDC clients that can be customized by the cluster-admin. // // +listType=map // +listMapKey=componentNamespace // +listMapKey=componentName // +kubebuilder:validation:MaxItems=20 // +openshift:enable:FeatureGate=ExternalOIDC OIDCClients []OIDCClientStatus `json:"oidcClients"` }
func (*AuthenticationStatus) DeepCopy ¶
func (in *AuthenticationStatus) DeepCopy() *AuthenticationStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationStatus.
func (*AuthenticationStatus) DeepCopyInto ¶
func (in *AuthenticationStatus) DeepCopyInto(out *AuthenticationStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AuthenticationStatus) SwaggerDoc ¶
func (AuthenticationStatus) SwaggerDoc() map[string]string
type AuthenticationType ¶
type AuthenticationType string
+openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";None;IntegratedOAuth +openshift:validation:FeatureGateAwareEnum:featureGate=ExternalOIDC,enum="";None;IntegratedOAuth;OIDC
const ( // None means that no cluster managed authentication system is in place. // Note that user login will only work if a manually configured system is in place and // referenced in authentication spec via oauthMetadata and // webhookTokenAuthenticator/oidcProviders AuthenticationTypeNone AuthenticationType = "None" // IntegratedOAuth refers to the cluster managed OAuth server. // It is configured via the top level OAuth config. AuthenticationTypeIntegratedOAuth AuthenticationType = "IntegratedOAuth" // AuthenticationTypeOIDC refers to a configuration with an external // OIDC server configured directly with the kube-apiserver. AuthenticationTypeOIDC AuthenticationType = "OIDC" )
type AzureCloudEnvironment ¶
type AzureCloudEnvironment string
AzureCloudEnvironment is the name of the Azure cloud environment +kubebuilder:validation:Enum="";AzurePublicCloud;AzureUSGovernmentCloud;AzureChinaCloud;AzureGermanCloud;AzureStackCloud
const ( // AzurePublicCloud is the general-purpose, public Azure cloud environment. AzurePublicCloud AzureCloudEnvironment = "AzurePublicCloud" // AzureUSGovernmentCloud is the Azure cloud environment for the US government. AzureUSGovernmentCloud AzureCloudEnvironment = "AzureUSGovernmentCloud" // AzureChinaCloud is the Azure cloud environment used in China. AzureChinaCloud AzureCloudEnvironment = "AzureChinaCloud" // AzureGermanCloud is the Azure cloud environment used in Germany. AzureGermanCloud AzureCloudEnvironment = "AzureGermanCloud" // AzureStackCloud is the Azure cloud environment used at the edge and on premises. AzureStackCloud AzureCloudEnvironment = "AzureStackCloud" )
type AzurePlatformSpec ¶
type AzurePlatformSpec struct{}
AzurePlatformSpec holds the desired state of the Azure infrastructure provider. This only includes fields that can be modified in the cluster.
func (*AzurePlatformSpec) DeepCopy ¶
func (in *AzurePlatformSpec) DeepCopy() *AzurePlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePlatformSpec.
func (*AzurePlatformSpec) DeepCopyInto ¶
func (in *AzurePlatformSpec) DeepCopyInto(out *AzurePlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AzurePlatformSpec) SwaggerDoc ¶
func (AzurePlatformSpec) SwaggerDoc() map[string]string
type AzurePlatformStatus ¶
type AzurePlatformStatus struct { // resourceGroupName is the Resource Group for new Azure resources created for the cluster. ResourceGroupName string `json:"resourceGroupName"` // networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. // If empty, the value is same as ResourceGroupName. // +optional NetworkResourceGroupName string `json:"networkResourceGroupName,omitempty"` // cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK // with the appropriate Azure API endpoints. // If empty, the value is equal to `AzurePublicCloud`. // +optional CloudName AzureCloudEnvironment `json:"cloudName,omitempty"` // armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. // +optional ARMEndpoint string `json:"armEndpoint,omitempty"` // resourceTags is a list of additional tags to apply to Azure resources created for the cluster. // See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. // Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags // may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. // +kubebuilder:validation:MaxItems=10 // +kubebuilder:validation:XValidation:rule="self.all(x, x in oldSelf) && oldSelf.all(x, x in self)",message="resourceTags are immutable and may only be configured during installation" // +listType=atomic // +optional ResourceTags []AzureResourceTag `json:"resourceTags,omitempty"` }
AzurePlatformStatus holds the current status of the Azure infrastructure provider. +kubebuilder:validation:XValidation:rule="!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)",message="resourceTags may only be configured during installation"
func (*AzurePlatformStatus) DeepCopy ¶
func (in *AzurePlatformStatus) DeepCopy() *AzurePlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePlatformStatus.
func (*AzurePlatformStatus) DeepCopyInto ¶
func (in *AzurePlatformStatus) DeepCopyInto(out *AzurePlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AzurePlatformStatus) SwaggerDoc ¶
func (AzurePlatformStatus) SwaggerDoc() map[string]string
type AzureResourceTag ¶
type AzureResourceTag struct { // key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key // must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric // characters and the following special characters `_ . -`. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=128 // +kubebuilder:validation:Pattern=`^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$` Key string `json:"key"` // value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value // must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.=+-@]+$` Value string `json:"value"` }
AzureResourceTag is a tag to apply to Azure resources created for the cluster.
func (*AzureResourceTag) DeepCopy ¶
func (in *AzureResourceTag) DeepCopy() *AzureResourceTag
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureResourceTag.
func (*AzureResourceTag) DeepCopyInto ¶
func (in *AzureResourceTag) DeepCopyInto(out *AzureResourceTag)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AzureResourceTag) SwaggerDoc ¶
func (AzureResourceTag) SwaggerDoc() map[string]string
type BareMetalPlatformLoadBalancer ¶
type BareMetalPlatformLoadBalancer struct { // type defines the type of load balancer used by the cluster on BareMetal platform // which can be a user-managed or openshift-managed load balancer // that is to be used for the OpenShift API and Ingress endpoints. // When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing // defined in the machine config operator will be deployed. // When set to UserManaged these static pods will not be deployed and it is expected that // the load balancer is configured out of band by the deployer. // When omitted, this means no opinion and the platform is left to choose a reasonable default. // The default value is OpenShiftManagedDefault. // +default="OpenShiftManagedDefault" // +kubebuilder:default:="OpenShiftManagedDefault" // +kubebuilder:validation:Enum:="OpenShiftManagedDefault";"UserManaged" // +kubebuilder:validation:XValidation:rule="oldSelf == ” || self == oldSelf",message="type is immutable once set" // +optional // +unionDiscriminator Type PlatformLoadBalancerType `json:"type,omitempty"` }
BareMetalPlatformLoadBalancer defines the load balancer used by the cluster on BareMetal platform. +union
func (*BareMetalPlatformLoadBalancer) DeepCopy ¶
func (in *BareMetalPlatformLoadBalancer) DeepCopy() *BareMetalPlatformLoadBalancer
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BareMetalPlatformLoadBalancer.
func (*BareMetalPlatformLoadBalancer) DeepCopyInto ¶
func (in *BareMetalPlatformLoadBalancer) DeepCopyInto(out *BareMetalPlatformLoadBalancer)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BareMetalPlatformLoadBalancer) SwaggerDoc ¶
func (BareMetalPlatformLoadBalancer) SwaggerDoc() map[string]string
type BareMetalPlatformSpec ¶
type BareMetalPlatformSpec struct { // apiServerInternalIPs are the IP addresses to contact the Kubernetes API // server that can be used by components inside the cluster, like kubelets // using the infrastructure rather than Kubernetes networking. These are the // IPs for a self-hosted load balancer in front of the API servers. // In dual stack clusters this list contains two IP addresses, one from IPv4 // family and one from IPv6. // In single stack clusters a single IP address is expected. // When omitted, values from the status.apiServerInternalIPs will be used. // Once set, the list cannot be completely removed (but its second entry can). // // +kubebuilder:validation:MaxItems=2 // +kubebuilder:validation:XValidation:rule="size(self) == 2 && isIP(self[0]) && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() : true",message="apiServerInternalIPs must contain at most one IPv4 address and at most one IPv6 address" // +listType=atomic // +optional APIServerInternalIPs []IP `json:"apiServerInternalIPs"` // ingressIPs are the external IPs which route to the default ingress // controller. The IPs are suitable targets of a wildcard DNS record used to // resolve default route host names. // In dual stack clusters this list contains two IP addresses, one from IPv4 // family and one from IPv6. // In single stack clusters a single IP address is expected. // When omitted, values from the status.ingressIPs will be used. // Once set, the list cannot be completely removed (but its second entry can). // // +kubebuilder:validation:MaxItems=2 // +kubebuilder:validation:XValidation:rule="size(self) == 2 && isIP(self[0]) && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() : true",message="ingressIPs must contain at most one IPv4 address and at most one IPv6 address" // +listType=atomic // +optional IngressIPs []IP `json:"ingressIPs"` // machineNetworks are IP networks used to connect all the OpenShift cluster // nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, // for example "10.0.0.0/8" or "fd00::/8". // +listType=atomic // +kubebuilder:validation:MaxItems=32 // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" // +optional MachineNetworks []CIDR `json:"machineNetworks"` }
BareMetalPlatformSpec holds the desired state of the BareMetal infrastructure provider. This only includes fields that can be modified in the cluster. +kubebuilder:validation:XValidation:rule="!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)",message="apiServerInternalIPs list is required once set" +kubebuilder:validation:XValidation:rule="!has(oldSelf.ingressIPs) || has(self.ingressIPs)",message="ingressIPs list is required once set"
func (*BareMetalPlatformSpec) DeepCopy ¶
func (in *BareMetalPlatformSpec) DeepCopy() *BareMetalPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BareMetalPlatformSpec.
func (*BareMetalPlatformSpec) DeepCopyInto ¶
func (in *BareMetalPlatformSpec) DeepCopyInto(out *BareMetalPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BareMetalPlatformSpec) SwaggerDoc ¶
func (BareMetalPlatformSpec) SwaggerDoc() map[string]string
type BareMetalPlatformStatus ¶
type BareMetalPlatformStatus struct { // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used // by components inside the cluster, like kubelets using the infrastructure rather // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI // points to. It is the IP for a self-hosted load balancer in front of the API servers. // // Deprecated: Use APIServerInternalIPs instead. APIServerInternalIP string `json:"apiServerInternalIP,omitempty"` // apiServerInternalIPs are the IP addresses to contact the Kubernetes API // server that can be used by components inside the cluster, like kubelets // using the infrastructure rather than Kubernetes networking. These are the // IPs for a self-hosted load balancer in front of the API servers. In dual // stack clusters this list contains two IPs otherwise only one. // // +kubebuilder:validation:Format=ip // +kubebuilder:validation:MaxItems=2 // +kubebuilder:validation:XValidation:rule="self == oldSelf || (size(self) == 2 && isIP(self[0]) && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() : true)",message="apiServerInternalIPs must contain at most one IPv4 address and at most one IPv6 address" // +listType=atomic APIServerInternalIPs []string `json:"apiServerInternalIPs"` // ingressIP is an external IP which routes to the default ingress controller. // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. // // Deprecated: Use IngressIPs instead. IngressIP string `json:"ingressIP,omitempty"` // ingressIPs are the external IPs which route to the default ingress // controller. The IPs are suitable targets of a wildcard DNS record used to // resolve default route host names. In dual stack clusters this list // contains two IPs otherwise only one. // // +kubebuilder:validation:Format=ip // +kubebuilder:validation:MaxItems=2 // +kubebuilder:validation:XValidation:rule="self == oldSelf || (size(self) == 2 && isIP(self[0]) && isIP(self[1]) ? ip(self[0]).family() != ip(self[1]).family() : true)",message="ingressIPs must contain at most one IPv4 address and at most one IPv6 address" // +listType=atomic IngressIPs []string `json:"ingressIPs"` // nodeDNSIP is the IP address for the internal DNS used by the // nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` // provides name resolution for the nodes themselves. There is no DNS-as-a-service for // BareMetal deployments. In order to minimize necessary changes to the // datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames // to the nodes in the cluster. NodeDNSIP string `json:"nodeDNSIP,omitempty"` // loadBalancer defines how the load balancer used by the cluster is configured. // +default={"type": "OpenShiftManagedDefault"} // +kubebuilder:default={"type": "OpenShiftManagedDefault"} // +openshift:enable:FeatureGate=BareMetalLoadBalancer // +optional LoadBalancer *BareMetalPlatformLoadBalancer `json:"loadBalancer,omitempty"` // machineNetworks are IP networks used to connect all the OpenShift cluster nodes. // +listType=atomic // +kubebuilder:validation:MaxItems=32 // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" // +optional MachineNetworks []CIDR `json:"machineNetworks"` }
BareMetalPlatformStatus holds the current status of the BareMetal infrastructure provider. For more information about the network architecture used with the BareMetal platform type, see: https://github.com/openshift/installer/blob/master/docs/design/baremetal/networking-infrastructure.md
func (*BareMetalPlatformStatus) DeepCopy ¶
func (in *BareMetalPlatformStatus) DeepCopy() *BareMetalPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BareMetalPlatformStatus.
func (*BareMetalPlatformStatus) DeepCopyInto ¶
func (in *BareMetalPlatformStatus) DeepCopyInto(out *BareMetalPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BareMetalPlatformStatus) SwaggerDoc ¶
func (BareMetalPlatformStatus) SwaggerDoc() map[string]string
type BasicAuthIdentityProvider ¶
type BasicAuthIdentityProvider struct { // OAuthRemoteConnectionInfo contains information about how to connect to the external basic auth server OAuthRemoteConnectionInfo `json:",inline"` }
BasicAuthPasswordIdentityProvider provides identities for users authenticating using HTTP basic auth credentials
func (*BasicAuthIdentityProvider) DeepCopy ¶
func (in *BasicAuthIdentityProvider) DeepCopy() *BasicAuthIdentityProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuthIdentityProvider.
func (*BasicAuthIdentityProvider) DeepCopyInto ¶
func (in *BasicAuthIdentityProvider) DeepCopyInto(out *BasicAuthIdentityProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BasicAuthIdentityProvider) SwaggerDoc ¶
func (BasicAuthIdentityProvider) SwaggerDoc() map[string]string
type Build ¶
type Build struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // Spec holds user-settable values for the build controller configuration // +kubebuilder:validation:Required // +required Spec BuildSpec `json:"spec"` }
Build configures the behavior of OpenShift builds for the entire cluster. This includes default settings that can be overridden in BuildConfig objects, and overrides which are applied to all builds.
The canonical name is "cluster"
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=openshift-controller-manager,operatorOrdering=01 +openshift:capability=Build +kubebuilder:object:root=true +kubebuilder:resource:path=builds,scope=Cluster +kubebuilder:subresource:status
func (*Build) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Build.
func (*Build) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Build) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (Build) SwaggerDoc ¶
type BuildDefaults ¶
type BuildDefaults struct { // DefaultProxy contains the default proxy settings for all build operations, including image pull/push // and source download. // // Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables // in the build config's strategy. // +optional DefaultProxy *ProxySpec `json:"defaultProxy,omitempty"` // GitProxy contains the proxy settings for git operations only. If set, this will override // any Proxy settings for all git commands, such as git clone. // // Values that are not set here will be inherited from DefaultProxy. // +optional GitProxy *ProxySpec `json:"gitProxy,omitempty"` // Env is a set of default environment variables that will be applied to the // build if the specified variables do not exist on the build // +optional Env []corev1.EnvVar `json:"env,omitempty"` // ImageLabels is a list of docker labels that are applied to the resulting image. // User can override a default label by providing a label with the same name in their // Build/BuildConfig. // +optional ImageLabels []ImageLabel `json:"imageLabels,omitempty"` // Resources defines resource requirements to execute the build. // +optional Resources corev1.ResourceRequirements `json:"resources"` }
func (*BuildDefaults) DeepCopy ¶
func (in *BuildDefaults) DeepCopy() *BuildDefaults
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildDefaults.
func (*BuildDefaults) DeepCopyInto ¶
func (in *BuildDefaults) DeepCopyInto(out *BuildDefaults)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BuildDefaults) SwaggerDoc ¶
func (BuildDefaults) SwaggerDoc() map[string]string
type BuildList ¶
type BuildList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []Build `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*BuildList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildList.
func (*BuildList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*BuildList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (BuildList) SwaggerDoc ¶
type BuildOverrides ¶
type BuildOverrides struct { // ImageLabels is a list of docker labels that are applied to the resulting image. // If user provided a label in their Build/BuildConfig with the same name as one in this // list, the user's label will be overwritten. // +optional ImageLabels []ImageLabel `json:"imageLabels,omitempty"` // NodeSelector is a selector which must be true for the build pod to fit on a node // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // Tolerations is a list of Tolerations that will override any existing // tolerations set on a build pod. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` // ForcePull overrides, if set, the equivalent value in the builds, // i.e. false disables force pull for all builds, // true enables force pull for all builds, // independently of what each build specifies itself // +optional ForcePull *bool `json:"forcePull,omitempty"` }
func (*BuildOverrides) DeepCopy ¶
func (in *BuildOverrides) DeepCopy() *BuildOverrides
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildOverrides.
func (*BuildOverrides) DeepCopyInto ¶
func (in *BuildOverrides) DeepCopyInto(out *BuildOverrides)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BuildOverrides) SwaggerDoc ¶
func (BuildOverrides) SwaggerDoc() map[string]string
type BuildSpec ¶
type BuildSpec struct { // AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that // should be trusted for image pushes and pulls during builds. // The namespace for this config map is openshift-config. // // DEPRECATED: Additional CAs for image pull and push should be set on // image.config.openshift.io/cluster instead. // // +optional AdditionalTrustedCA ConfigMapNameReference `json:"additionalTrustedCA"` // BuildDefaults controls the default information for Builds // +optional BuildDefaults BuildDefaults `json:"buildDefaults"` // BuildOverrides controls override settings for builds // +optional BuildOverrides BuildOverrides `json:"buildOverrides"` }
func (*BuildSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildSpec.
func (*BuildSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (BuildSpec) SwaggerDoc ¶
type CIDR ¶
type CIDR string
CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). +kubebuilder:validation:XValidation:rule="isCIDR(self)",message="value must be a valid CIDR network address" +kubebuilder:validation:MaxLength:=43 +kubebuilder:validation:MinLength:=1
type CPUPartitioningMode ¶
type CPUPartitioningMode string
CPUPartitioningMode defines the mode for CPU partitioning
const ( // CPUPartitioningNone means that no CPU Partitioning is on in this cluster infrastructure CPUPartitioningNone CPUPartitioningMode = "None" // CPUPartitioningAllNodes means that all nodes are configured with CPU Partitioning in this cluster CPUPartitioningAllNodes CPUPartitioningMode = "AllNodes" )
type CertInfo ¶
type CertInfo struct { // CertFile is a file containing a PEM-encoded certificate CertFile string `json:"certFile"` // KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile KeyFile string `json:"keyFile"` }
CertInfo relates a certificate with a private key
func (*CertInfo) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertInfo.
func (*CertInfo) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CertInfo) SwaggerDoc ¶
type CgroupMode ¶
type CgroupMode string
+kubebuilder:validation:Enum=v1;v2;""
const ( CgroupModeEmpty CgroupMode = "" // Empty string indicates to honor user set value on the system that should not be overridden by OpenShift CgroupModeV1 CgroupMode = "v1" CgroupModeV2 CgroupMode = "v2" CgroupModeDefault CgroupMode = CgroupModeV1 )
type ClientConnectionOverrides ¶
type ClientConnectionOverrides struct { // acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the // default value of 'application/json'. This field will control all connections to the server used by a particular // client. AcceptContentTypes string `json:"acceptContentTypes"` // contentType is the content type used when sending data to the server from this client. ContentType string `json:"contentType"` // qps controls the number of queries per second allowed for this connection. QPS float32 `json:"qps"` // burst allows extra queries to accumulate when a client is exceeding its rate. Burst int32 `json:"burst"` }
func (*ClientConnectionOverrides) DeepCopy ¶
func (in *ClientConnectionOverrides) DeepCopy() *ClientConnectionOverrides
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientConnectionOverrides.
func (*ClientConnectionOverrides) DeepCopyInto ¶
func (in *ClientConnectionOverrides) DeepCopyInto(out *ClientConnectionOverrides)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClientConnectionOverrides) SwaggerDoc ¶
func (ClientConnectionOverrides) SwaggerDoc() map[string]string
type CloudControllerManagerState ¶
type CloudControllerManagerState string
CloudControllerManagerState defines whether Cloud Controller Manager presence is expected or not
const ( // Cloud Controller Manager is enabled and expected to be installed. // This value indicates that new nodes should be tainted as uninitialized when created, // preventing them from running workloads until they are initialized by the cloud controller manager. CloudControllerManagerExternal CloudControllerManagerState = "External" // Cloud Controller Manager is disabled and not expected to be installed. // This value indicates that new nodes should not be tainted // and no extra node initialization is expected from the cloud controller manager. CloudControllerManagerNone CloudControllerManagerState = "None" )
type CloudControllerManagerStatus ¶
type CloudControllerManagerStatus struct { // state determines whether or not an external Cloud Controller Manager is expected to // be installed within the cluster. // https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager // // Valid values are "External", "None" and omitted. // When set to "External", new nodes will be tainted as uninitialized when created, // preventing them from running workloads until they are initialized by the cloud controller manager. // When omitted or set to "None", new nodes will be not tainted // and no extra initialization from the cloud controller manager is expected. // +kubebuilder:validation:Enum="";External;None // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="state is immutable once set" // +optional State CloudControllerManagerState `json:"state"` }
CloudControllerManagerStatus holds the state of Cloud Controller Manager (a.k.a. CCM or CPI) related settings +kubebuilder:validation:XValidation:rule="(has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) && self.state != \"External\")",message="state may not be added or removed once set"
func (*CloudControllerManagerStatus) DeepCopy ¶
func (in *CloudControllerManagerStatus) DeepCopy() *CloudControllerManagerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudControllerManagerStatus.
func (*CloudControllerManagerStatus) DeepCopyInto ¶
func (in *CloudControllerManagerStatus) DeepCopyInto(out *CloudControllerManagerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CloudControllerManagerStatus) SwaggerDoc ¶
func (CloudControllerManagerStatus) SwaggerDoc() map[string]string
type CloudLoadBalancerConfig ¶
type CloudLoadBalancerConfig struct { // dnsType indicates the type of DNS solution in use within the cluster. Its default value of // `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. // It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, // the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. // The cluster's use of the cloud's Load Balancers is unaffected by this setting. // The value is immutable after it has been set at install time. // Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. // Enabling this functionality allows the user to start their own DNS solution outside the cluster after // installation is complete. The customer would be responsible for configuring this custom DNS solution, // and it can be run in addition to the in-cluster DNS solution. // +default="PlatformDefault" // +kubebuilder:default:="PlatformDefault" // +kubebuilder:validation:Enum="ClusterHosted";"PlatformDefault" // +kubebuilder:validation:XValidation:rule="oldSelf == ” || self == oldSelf",message="dnsType is immutable" // +optional // +unionDiscriminator DNSType DNSType `json:"dnsType,omitempty"` // clusterHosted holds the IP addresses of API, API-Int and Ingress Load // Balancers on Cloud Platforms. The DNS solution hosted within the cluster // use these IP addresses to provide resolution for API, API-Int and Ingress // services. // +optional // +unionMember,optional ClusterHosted *CloudLoadBalancerIPs `json:"clusterHosted,omitempty"` }
CloudLoadBalancerConfig contains an union discriminator indicating the type of DNS solution in use within the cluster. When the DNSType is `ClusterHosted`, the cloud's Load Balancer configuration needs to be provided so that the DNS solution hosted within the cluster can be configured with those values. +kubebuilder:validation:XValidation:rule="has(self.dnsType) && self.dnsType != 'ClusterHosted' ? !has(self.clusterHosted) : true",message="clusterHosted is permitted only when dnsType is ClusterHosted" +union
func (*CloudLoadBalancerConfig) DeepCopy ¶
func (in *CloudLoadBalancerConfig) DeepCopy() *CloudLoadBalancerConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudLoadBalancerConfig.
func (*CloudLoadBalancerConfig) DeepCopyInto ¶
func (in *CloudLoadBalancerConfig) DeepCopyInto(out *CloudLoadBalancerConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CloudLoadBalancerConfig) SwaggerDoc ¶
func (CloudLoadBalancerConfig) SwaggerDoc() map[string]string
type CloudLoadBalancerIPs ¶
type CloudLoadBalancerIPs struct { // apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. // Entries in the apiIntLoadBalancerIPs must be unique. // A maximum of 16 IP addresses are permitted. // +kubebuilder:validation:Format=ip // +listType=set // +kubebuilder:validation:MaxItems=16 // +optional APIIntLoadBalancerIPs []IP `json:"apiIntLoadBalancerIPs,omitempty"` // apiLoadBalancerIPs holds Load Balancer IPs for the API service. // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. // Could be empty for private clusters. // Entries in the apiLoadBalancerIPs must be unique. // A maximum of 16 IP addresses are permitted. // +kubebuilder:validation:Format=ip // +listType=set // +kubebuilder:validation:MaxItems=16 // +optional APILoadBalancerIPs []IP `json:"apiLoadBalancerIPs,omitempty"` // ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. // These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. // Entries in the ingressLoadBalancerIPs must be unique. // A maximum of 16 IP addresses are permitted. // +kubebuilder:validation:Format=ip // +listType=set // +kubebuilder:validation:MaxItems=16 // +optional IngressLoadBalancerIPs []IP `json:"ingressLoadBalancerIPs,omitempty"` }
CloudLoadBalancerIPs contains the Load Balancer IPs for the cloud's API, API-Int and Ingress Load balancers. They will be populated as soon as the respective Load Balancers have been configured. These values are utilized to configure the DNS solution hosted within the cluster.
func (*CloudLoadBalancerIPs) DeepCopy ¶
func (in *CloudLoadBalancerIPs) DeepCopy() *CloudLoadBalancerIPs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudLoadBalancerIPs.
func (*CloudLoadBalancerIPs) DeepCopyInto ¶
func (in *CloudLoadBalancerIPs) DeepCopyInto(out *CloudLoadBalancerIPs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CloudLoadBalancerIPs) SwaggerDoc ¶
func (CloudLoadBalancerIPs) SwaggerDoc() map[string]string
type ClusterCondition ¶
type ClusterCondition struct { // type represents the cluster-condition type. This defines // the members and semantics of any additional properties. // +kubebuilder:validation:Required // +kubebuilder:validation:Enum={"Always","PromQL"} // +required Type string `json:"type"` // promQL represents a cluster condition based on PromQL. // +optional PromQL *PromQLClusterCondition `json:"promql,omitempty"` }
ClusterCondition is a union of typed cluster conditions. The 'type' property determines which of the type-specific properties are relevant. When evaluated on a cluster, the condition may match, not match, or fail to evaluate. +k8s:deepcopy-gen=true
func (*ClusterCondition) DeepCopy ¶
func (in *ClusterCondition) DeepCopy() *ClusterCondition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCondition.
func (*ClusterCondition) DeepCopyInto ¶
func (in *ClusterCondition) DeepCopyInto(out *ClusterCondition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterCondition) SwaggerDoc ¶
func (ClusterCondition) SwaggerDoc() map[string]string
type ClusterNetworkEntry ¶
type ClusterNetworkEntry struct { // The complete block for pod IPs. CIDR string `json:"cidr"` // The size (prefix) of block to allocate to each node. If this // field is not used by the plugin, it can be left unset. // +kubebuilder:validation:Minimum=0 // +optional HostPrefix uint32 `json:"hostPrefix,omitempty"` }
ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs are allocated.
func (*ClusterNetworkEntry) DeepCopy ¶
func (in *ClusterNetworkEntry) DeepCopy() *ClusterNetworkEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetworkEntry.
func (*ClusterNetworkEntry) DeepCopyInto ¶
func (in *ClusterNetworkEntry) DeepCopyInto(out *ClusterNetworkEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterNetworkEntry) SwaggerDoc ¶
func (ClusterNetworkEntry) SwaggerDoc() map[string]string
type ClusterOperator ¶
type ClusterOperator struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata"` // spec holds configuration that could apply to any operator. // +kubebuilder:validation:Required // +required Spec ClusterOperatorSpec `json:"spec"` // status holds the information about the state of an operator. It is consistent with status information across // the Kubernetes ecosystem. // +optional Status ClusterOperatorStatus `json:"status"` }
ClusterOperator is the Custom Resource object which holds the current state of an operator. This object is used by operators to convey their state to the rest of the cluster.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/497 +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=cluster-version-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=clusteroperators,scope=Cluster,shortName=co +kubebuilder:subresource:status +kubebuilder:printcolumn:name=Version,JSONPath=.status.versions[?(@.name=="operator")].version,type=string,description=The version the operator is at. +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string,description=Whether the operator is running and stable. +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string,description=Whether the operator is processing changes. +kubebuilder:printcolumn:name=Degraded,JSONPath=.status.conditions[?(@.type=="Degraded")].status,type=string,description=Whether the operator is degraded. +kubebuilder:printcolumn:name=Since,JSONPath=.status.conditions[?(@.type=="Available")].lastTransitionTime,type=date,description=The time the operator's Available status last changed. +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true
func (*ClusterOperator) DeepCopy ¶
func (in *ClusterOperator) DeepCopy() *ClusterOperator
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOperator.
func (*ClusterOperator) DeepCopyInto ¶
func (in *ClusterOperator) DeepCopyInto(out *ClusterOperator)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterOperator) DeepCopyObject ¶
func (in *ClusterOperator) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (ClusterOperator) SwaggerDoc ¶
func (ClusterOperator) SwaggerDoc() map[string]string
type ClusterOperatorList ¶
type ClusterOperatorList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []ClusterOperator `json:"items"` }
ClusterOperatorList is a list of OperatorStatus resources.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +openshift:compatibility-gen:level=1
func (*ClusterOperatorList) DeepCopy ¶
func (in *ClusterOperatorList) DeepCopy() *ClusterOperatorList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOperatorList.
func (*ClusterOperatorList) DeepCopyInto ¶
func (in *ClusterOperatorList) DeepCopyInto(out *ClusterOperatorList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterOperatorList) DeepCopyObject ¶
func (in *ClusterOperatorList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (ClusterOperatorList) SwaggerDoc ¶
func (ClusterOperatorList) SwaggerDoc() map[string]string
type ClusterOperatorSpec ¶
type ClusterOperatorSpec struct { }
ClusterOperatorSpec is empty for now, but you could imagine holding information like "pause".
func (*ClusterOperatorSpec) DeepCopy ¶
func (in *ClusterOperatorSpec) DeepCopy() *ClusterOperatorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOperatorSpec.
func (*ClusterOperatorSpec) DeepCopyInto ¶
func (in *ClusterOperatorSpec) DeepCopyInto(out *ClusterOperatorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterOperatorSpec) SwaggerDoc ¶
func (ClusterOperatorSpec) SwaggerDoc() map[string]string
type ClusterOperatorStatus ¶
type ClusterOperatorStatus struct { // conditions describes the state of the operator's managed and monitored components. // +patchMergeKey=type // +patchStrategy=merge // +optional Conditions []ClusterOperatorStatusCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // versions is a slice of operator and operand version tuples. Operators which manage multiple operands will have multiple // operand entries in the array. Available operators must report the version of the operator itself with the name "operator". // An operator reports a new "operator" version when it has rolled out the new version to all of its operands. // +optional Versions []OperandVersion `json:"versions,omitempty"` // relatedObjects is a list of objects that are "interesting" or related to this operator. Common uses are: // 1. the detailed resource driving the operator // 2. operator namespaces // 3. operand namespaces // +optional RelatedObjects []ObjectReference `json:"relatedObjects,omitempty"` // extension contains any additional status information specific to the // operator which owns this status object. // +nullable // +optional // +kubebuilder:pruning:PreserveUnknownFields Extension runtime.RawExtension `json:"extension"` }
ClusterOperatorStatus provides information about the status of the operator. +k8s:deepcopy-gen=true
func (*ClusterOperatorStatus) DeepCopy ¶
func (in *ClusterOperatorStatus) DeepCopy() *ClusterOperatorStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOperatorStatus.
func (*ClusterOperatorStatus) DeepCopyInto ¶
func (in *ClusterOperatorStatus) DeepCopyInto(out *ClusterOperatorStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterOperatorStatus) SwaggerDoc ¶
func (ClusterOperatorStatus) SwaggerDoc() map[string]string
type ClusterOperatorStatusCondition ¶
type ClusterOperatorStatusCondition struct { // type specifies the aspect reported by this condition. // +kubebuilder:validation:Required // +required Type ClusterStatusConditionType `json:"type"` // status of the condition, one of True, False, Unknown. // +kubebuilder:validation:Required // +required Status ConditionStatus `json:"status"` // lastTransitionTime is the time of the last update to the current status property. // +kubebuilder:validation:Required // +required LastTransitionTime metav1.Time `json:"lastTransitionTime"` // reason is the CamelCase reason for the condition's current status. // +optional Reason string `json:"reason,omitempty"` // message provides additional information about the current condition. // This is only to be consumed by humans. It may contain Line Feed // characters (U+000A), which should be rendered as new lines. // +optional Message string `json:"message,omitempty"` }
ClusterOperatorStatusCondition represents the state of the operator's managed and monitored components. +k8s:deepcopy-gen=true
func (*ClusterOperatorStatusCondition) DeepCopy ¶
func (in *ClusterOperatorStatusCondition) DeepCopy() *ClusterOperatorStatusCondition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterOperatorStatusCondition.
func (*ClusterOperatorStatusCondition) DeepCopyInto ¶
func (in *ClusterOperatorStatusCondition) DeepCopyInto(out *ClusterOperatorStatusCondition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterOperatorStatusCondition) SwaggerDoc ¶
func (ClusterOperatorStatusCondition) SwaggerDoc() map[string]string
type ClusterStatusConditionType ¶
type ClusterStatusConditionType string
ClusterStatusConditionType is an aspect of operator state.
const ( // Available indicates that the component (operator and all configured operands) // is functional and available in the cluster. Available=False means at least // part of the component is non-functional, and that the condition requires // immediate administrator intervention. OperatorAvailable ClusterStatusConditionType = "Available" // Progressing indicates that the component (operator and all configured operands) // is actively rolling out new code, propagating config changes, or otherwise // moving from one steady state to another. Operators should not report // progressing when they are reconciling (without action) a previously known // state. If the observed cluster state has changed and the component is // reacting to it (scaling up for instance), Progressing should become true // since it is moving from one steady state to another. OperatorProgressing ClusterStatusConditionType = "Progressing" // Degraded indicates that the component (operator and all configured operands) // does not match its desired state over a period of time resulting in a lower // quality of service. The period of time may vary by component, but a Degraded // state represents persistent observation of a condition. As a result, a // component should not oscillate in and out of Degraded state. A component may // be Available even if its degraded. For example, a component may desire 3 // running pods, but 1 pod is crash-looping. The component is Available but // Degraded because it may have a lower quality of service. A component may be // Progressing but not Degraded because the transition from one state to // another does not persist over a long enough period to report Degraded. A // component should not report Degraded during the course of a normal upgrade. // A component may report Degraded in response to a persistent infrastructure // failure that requires eventual administrator intervention. For example, if // a control plane host is unhealthy and must be replaced. A component should // report Degraded if unexpected errors occur over a period, but the // expectation is that all unexpected errors are handled as operators mature. OperatorDegraded ClusterStatusConditionType = "Degraded" // Upgradeable indicates whether the component (operator and all configured // operands) is safe to upgrade based on the current cluster state. When // Upgradeable is False, the cluster-version operator will prevent the // cluster from performing impacted updates unless forced. When set on // ClusterVersion, the message will explain which updates (minor or patch) // are impacted. When set on ClusterOperator, False will block minor // OpenShift updates. The message field should contain a human readable // description of what the administrator should do to allow the cluster or // component to successfully update. The cluster-version operator will // allow updates when this condition is not False, including when it is // missing, True, or Unknown. OperatorUpgradeable ClusterStatusConditionType = "Upgradeable" // EvaluationConditionsDetected is used to indicate the result of the detection // logic that was added to a component to evaluate the introduction of an // invasive change that could potentially result in highly visible alerts, // breakages or upgrade failures. You can concatenate multiple Reason using // the "::" delimiter if you need to evaluate the introduction of multiple changes. EvaluationConditionsDetected ClusterStatusConditionType = "EvaluationConditionsDetected" )
const RetrievedUpdates ClusterStatusConditionType = "RetrievedUpdates"
RetrievedUpdates reports whether available updates have been retrieved from the upstream update server. The condition is Unknown before retrieval, False if the updates could not be retrieved or recently failed, or True if the availableUpdates field is accurate and recent.
type ClusterVersion ¶
type ClusterVersion struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec is the desired state of the cluster version - the operator will work // to ensure that the desired version is applied to the cluster. // +kubebuilder:validation:Required // +required Spec ClusterVersionSpec `json:"spec"` // status contains information about the available updates and any in-progress // updates. // +optional Status ClusterVersionStatus `json:"status"` }
ClusterVersion is the configuration for the ClusterVersionOperator. This is where parameters related to automatic updates can be set.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/495 +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=cluster-version-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=clusterversions,scope=Cluster +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability" +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string +kubebuilder:printcolumn:name=Progressing,JSONPath=.status.conditions[?(@.type=="Progressing")].status,type=string +kubebuilder:printcolumn:name=Since,JSONPath=.status.conditions[?(@.type=="Progressing")].lastTransitionTime,type=date +kubebuilder:printcolumn:name=Status,JSONPath=.status.conditions[?(@.type=="Progressing")].message,type=string +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true
func (*ClusterVersion) DeepCopy ¶
func (in *ClusterVersion) DeepCopy() *ClusterVersion
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersion.
func (*ClusterVersion) DeepCopyInto ¶
func (in *ClusterVersion) DeepCopyInto(out *ClusterVersion)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterVersion) DeepCopyObject ¶
func (in *ClusterVersion) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (ClusterVersion) SwaggerDoc ¶
func (ClusterVersion) SwaggerDoc() map[string]string
type ClusterVersionArchitecture ¶
type ClusterVersionArchitecture string
ClusterVersionArchitecture enumerates valid cluster architectures. +kubebuilder:validation:Enum="Multi";""
const ( // ClusterVersionArchitectureMulti identifies a multi architecture. A multi // architecture cluster is capable of running nodes with multiple architectures. ClusterVersionArchitectureMulti ClusterVersionArchitecture = "Multi" )
type ClusterVersionCapabilitiesSpec ¶
type ClusterVersionCapabilitiesSpec struct { // baselineCapabilitySet selects an initial set of // optional capabilities to enable, which can be extended via // additionalEnabledCapabilities. If unset, the cluster will // choose a default, and the default may change over time. // The current default is vCurrent. // +optional BaselineCapabilitySet ClusterVersionCapabilitySet `json:"baselineCapabilitySet,omitempty"` // additionalEnabledCapabilities extends the set of managed // capabilities beyond the baseline defined in // baselineCapabilitySet. The default is an empty set. // +listType=atomic // +optional AdditionalEnabledCapabilities []ClusterVersionCapability `json:"additionalEnabledCapabilities,omitempty"` }
ClusterVersionCapabilitiesSpec selects the managed set of optional, core cluster components. +k8s:deepcopy-gen=true
func (*ClusterVersionCapabilitiesSpec) DeepCopy ¶
func (in *ClusterVersionCapabilitiesSpec) DeepCopy() *ClusterVersionCapabilitiesSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersionCapabilitiesSpec.
func (*ClusterVersionCapabilitiesSpec) DeepCopyInto ¶
func (in *ClusterVersionCapabilitiesSpec) DeepCopyInto(out *ClusterVersionCapabilitiesSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterVersionCapabilitiesSpec) SwaggerDoc ¶
func (ClusterVersionCapabilitiesSpec) SwaggerDoc() map[string]string
type ClusterVersionCapabilitiesStatus ¶
type ClusterVersionCapabilitiesStatus struct { // enabledCapabilities lists all the capabilities that are currently managed. // +listType=atomic // +optional EnabledCapabilities []ClusterVersionCapability `json:"enabledCapabilities,omitempty"` // knownCapabilities lists all the capabilities known to the current cluster. // +listType=atomic // +optional KnownCapabilities []ClusterVersionCapability `json:"knownCapabilities,omitempty"` }
ClusterVersionCapabilitiesStatus describes the state of optional, core cluster components. +k8s:deepcopy-gen=true
func (*ClusterVersionCapabilitiesStatus) DeepCopy ¶
func (in *ClusterVersionCapabilitiesStatus) DeepCopy() *ClusterVersionCapabilitiesStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersionCapabilitiesStatus.
func (*ClusterVersionCapabilitiesStatus) DeepCopyInto ¶
func (in *ClusterVersionCapabilitiesStatus) DeepCopyInto(out *ClusterVersionCapabilitiesStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterVersionCapabilitiesStatus) SwaggerDoc ¶
func (ClusterVersionCapabilitiesStatus) SwaggerDoc() map[string]string
type ClusterVersionCapability ¶
type ClusterVersionCapability string
ClusterVersionCapability enumerates optional, core cluster components. +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager
const ( // ClusterVersionCapabilityOpenShiftSamples manages the sample // image streams and templates stored in the openshift // namespace, and any registry credentials, stored as a secret, // needed for the image streams to import the images they // reference. ClusterVersionCapabilityOpenShiftSamples ClusterVersionCapability = "openshift-samples" // ClusterVersionCapabilityBaremetal manages the cluster // baremetal operator which is responsible for running the metal3 // deployment. ClusterVersionCapabilityBaremetal ClusterVersionCapability = "baremetal" // ClusterVersionCapabilityMarketplace manages the Marketplace operator which // supplies Operator Lifecycle Manager (OLM) users with default catalogs of // "optional" operators. // // Note that Marketplace has a hard requirement on OLM. OLM can not be disabled // while Marketplace is enabled. ClusterVersionCapabilityMarketplace ClusterVersionCapability = "marketplace" // ClusterVersionCapabilityConsole manages the Console operator which // installs and maintains the web console. ClusterVersionCapabilityConsole ClusterVersionCapability = "Console" // ClusterVersionCapabilityInsights manages the Insights operator which // collects anonymized information about the cluster to generate // recommendations for possible cluster issues. ClusterVersionCapabilityInsights ClusterVersionCapability = "Insights" // ClusterVersionCapabilityStorage manages the storage operator which // is responsible for providing cluster-wide storage defaults // WARNING: Do not disable this capability when deployed to // RHEV and OpenStack without reading the docs. // These clusters heavily rely on that capability and may cause // damage to the cluster. ClusterVersionCapabilityStorage ClusterVersionCapability = "Storage" // ClusterVersionCapabilityCSISnapshot manages the csi snapshot // controller operator which is responsible for watching the // VolumeSnapshot CRD objects and manages the creation and deletion // lifecycle of volume snapshots ClusterVersionCapabilityCSISnapshot ClusterVersionCapability = "CSISnapshot" // ClusterVersionCapabilityNodeTuning manages the Node Tuning Operator // which is responsible for watching the Tuned and Profile CRD // objects and manages the containerized TuneD daemon which controls // system level tuning of Nodes ClusterVersionCapabilityNodeTuning ClusterVersionCapability = "NodeTuning" // ClusterVersionCapabilityMachineAPI manages // machine-api-operator // cluster-autoscaler-operator // cluster-control-plane-machine-set-operator // which is responsible for machines configuration and heavily // targeted for SNO clusters. // // The following CRDs are disabled as well // machines // machineset // controlplanemachineset // // WARNING: Do not disable that capability without reading // documentation. This is important part of openshift system // and may cause cluster damage ClusterVersionCapabilityMachineAPI ClusterVersionCapability = "MachineAPI" // ClusterVersionCapabilityBuild manages the Build API which is responsible // for watching the Build API objects and managing their lifecycle. // The functionality is located under openshift-apiserver and openshift-controller-manager. // // The following resources are taken into account: // - builds // - buildconfigs ClusterVersionCapabilityBuild ClusterVersionCapability = "Build" // ClusterVersionCapabilityDeploymentConfig manages the DeploymentConfig API // which is responsible for watching the DeploymentConfig API and managing their lifecycle. // The functionality is located under openshift-apiserver and openshift-controller-manager. // // The following resources are taken into account: // - deploymentconfigs ClusterVersionCapabilityDeploymentConfig ClusterVersionCapability = "DeploymentConfig" // ClusterVersionCapabilityImageRegistry manages the image registry which // allows to distribute Docker images ClusterVersionCapabilityImageRegistry ClusterVersionCapability = "ImageRegistry" // ClusterVersionCapabilityOperatorLifecycleManager manages the Operator Lifecycle Manager // which itself manages the lifecycle of operators ClusterVersionCapabilityOperatorLifecycleManager ClusterVersionCapability = "OperatorLifecycleManager" // ClusterVersionCapabilityCloudCredential manages credentials for cloud providers // in openshift cluster ClusterVersionCapabilityCloudCredential ClusterVersionCapability = "CloudCredential" // ClusterVersionCapabilityIngress manages the cluster ingress operator // which is responsible for running the ingress controllers (including OpenShift router). // // The following CRDs are part of the capability as well: // IngressController // DNSRecord // GatewayClass // Gateway // HTTPRoute // ReferenceGrant // // WARNING: This capability cannot be disabled on the standalone OpenShift. ClusterVersionCapabilityIngress ClusterVersionCapability = "Ingress" // ClusterVersionCapabilityCloudControllerManager manages various Cloud Controller // Managers deployed on top of OpenShift. They help you to work with cloud // provider API and embeds cloud-specific control logic. ClusterVersionCapabilityCloudControllerManager ClusterVersionCapability = "CloudControllerManager" )
type ClusterVersionCapabilitySet ¶
type ClusterVersionCapabilitySet string
ClusterVersionCapabilitySet defines sets of cluster version capabilities. +kubebuilder:validation:Enum=None;v4.11;v4.12;v4.13;v4.14;v4.15;v4.16;v4.17;v4.18;vCurrent
const ( // ClusterVersionCapabilitySetNone is an empty set enabling // no optional capabilities. ClusterVersionCapabilitySetNone ClusterVersionCapabilitySet = "None" // ClusterVersionCapabilitySet4_11 is the recommended set of // optional capabilities to enable for the 4.11 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_11 ClusterVersionCapabilitySet = "v4.11" // ClusterVersionCapabilitySet4_12 is the recommended set of // optional capabilities to enable for the 4.12 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_12 ClusterVersionCapabilitySet = "v4.12" // ClusterVersionCapabilitySet4_13 is the recommended set of // optional capabilities to enable for the 4.13 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_13 ClusterVersionCapabilitySet = "v4.13" // ClusterVersionCapabilitySet4_14 is the recommended set of // optional capabilities to enable for the 4.14 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_14 ClusterVersionCapabilitySet = "v4.14" // ClusterVersionCapabilitySet4_15 is the recommended set of // optional capabilities to enable for the 4.15 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_15 ClusterVersionCapabilitySet = "v4.15" // ClusterVersionCapabilitySet4_16 is the recommended set of // optional capabilities to enable for the 4.16 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_16 ClusterVersionCapabilitySet = "v4.16" // ClusterVersionCapabilitySet4_17 is the recommended set of // optional capabilities to enable for the 4.17 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_17 ClusterVersionCapabilitySet = "v4.17" // ClusterVersionCapabilitySet4_18 is the recommended set of // optional capabilities to enable for the 4.18 version of // OpenShift. This list will remain the same no matter which // version of OpenShift is installed. ClusterVersionCapabilitySet4_18 ClusterVersionCapabilitySet = "v4.18" // ClusterVersionCapabilitySetCurrent is the recommended set // of optional capabilities to enable for the cluster's // current version of OpenShift. ClusterVersionCapabilitySetCurrent ClusterVersionCapabilitySet = "vCurrent" )
type ClusterVersionList ¶
type ClusterVersionList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []ClusterVersion `json:"items"` }
ClusterVersionList is a list of ClusterVersion resources.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +openshift:compatibility-gen:level=1
func (*ClusterVersionList) DeepCopy ¶
func (in *ClusterVersionList) DeepCopy() *ClusterVersionList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersionList.
func (*ClusterVersionList) DeepCopyInto ¶
func (in *ClusterVersionList) DeepCopyInto(out *ClusterVersionList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterVersionList) DeepCopyObject ¶
func (in *ClusterVersionList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (ClusterVersionList) SwaggerDoc ¶
func (ClusterVersionList) SwaggerDoc() map[string]string
type ClusterVersionSpec ¶
type ClusterVersionSpec struct { // clusterID uniquely identifies this cluster. This is expected to be // an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in // hexadecimal values). This is a required field. // +kubebuilder:validation:Required // +required ClusterID ClusterID `json:"clusterID"` // desiredUpdate is an optional field that indicates the desired value of // the cluster version. Setting this value will trigger an upgrade (if // the current version does not match the desired version). The set of // recommended update values is listed as part of available updates in // status, and setting values outside that range may cause the upgrade // to fail. // // Some of the fields are inter-related with restrictions and meanings described here. // 1. image is specified, version is specified, architecture is specified. API validation error. // 2. image is specified, version is specified, architecture is not specified. You should not do this. version is silently ignored and image is used. // 3. image is specified, version is not specified, architecture is specified. API validation error. // 4. image is specified, version is not specified, architecture is not specified. image is used. // 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image. // 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image. // 7. image is not specified, version is not specified, architecture is specified. API validation error. // 8. image is not specified, version is not specified, architecture is not specified. API validation error. // // If an upgrade fails the operator will halt and report status // about the failing component. Setting the desired update value back to // the previous version will cause a rollback to be attempted. Not all // rollbacks will succeed. // // +optional DesiredUpdate *Update `json:"desiredUpdate,omitempty"` // upstream may be used to specify the preferred update server. By default // it will use the appropriate update server for the cluster and region. // // +optional Upstream URL `json:"upstream,omitempty"` // channel is an identifier for explicitly requesting that a non-default // set of updates be applied to this cluster. The default channel will be // contain stable updates that are appropriate for production clusters. // // +optional Channel string `json:"channel,omitempty"` // capabilities configures the installation of optional, core // cluster components. A null value here is identical to an // empty object; see the child properties for default semantics. // +optional Capabilities *ClusterVersionCapabilitiesSpec `json:"capabilities,omitempty"` // signatureStores contains the upstream URIs to verify release signatures and optional // reference to a config map by name containing the PEM-encoded CA bundle. // // By default, CVO will use existing signature stores if this property is empty. // The CVO will check the release signatures in the local ConfigMaps first. It will search for a valid signature // in these stores in parallel only when local ConfigMaps did not include a valid signature. // Validation will fail if none of the signature stores reply with valid signature before timeout. // Setting signatureStores will replace the default signature stores with custom signature stores. // Default stores can be used with custom signature stores by adding them manually. // // A maximum of 32 signature stores may be configured. // +kubebuilder:validation:MaxItems=32 // +openshift:enable:FeatureGate=SignatureStores // +listType=map // +listMapKey=url // +optional SignatureStores []SignatureStore `json:"signatureStores"` // overrides is list of overides for components that are managed by // cluster version operator. Marking a component unmanaged will prevent // the operator from creating or updating the object. // +listType=map // +listMapKey=kind // +listMapKey=group // +listMapKey=namespace // +listMapKey=name // +optional Overrides []ComponentOverride `json:"overrides,omitempty"` }
ClusterVersionSpec is the desired version state of the cluster. It includes the version the cluster should be at, how the cluster is identified, and where the cluster should look for version updates. +k8s:deepcopy-gen=true
func (*ClusterVersionSpec) DeepCopy ¶
func (in *ClusterVersionSpec) DeepCopy() *ClusterVersionSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersionSpec.
func (*ClusterVersionSpec) DeepCopyInto ¶
func (in *ClusterVersionSpec) DeepCopyInto(out *ClusterVersionSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterVersionSpec) SwaggerDoc ¶
func (ClusterVersionSpec) SwaggerDoc() map[string]string
type ClusterVersionStatus ¶
type ClusterVersionStatus struct { // desired is the version that the cluster is reconciling towards. // If the cluster is not yet fully initialized desired will be set // with the information available, which may be an image or a tag. // +kubebuilder:validation:Required // +required Desired Release `json:"desired"` // history contains a list of the most recent versions applied to the cluster. // This value may be empty during cluster startup, and then will be updated // when a new update is being applied. The newest update is first in the // list and it is ordered by recency. Updates in the history have state // Completed if the rollout completed - if an update was failing or halfway // applied the state will be Partial. Only a limited amount of update history // is preserved. // +listType=atomic // +optional History []UpdateHistory `json:"history,omitempty"` // observedGeneration reports which version of the spec is being synced. // If this value is not equal to metadata.generation, then the desired // and conditions fields may represent a previous version. // +kubebuilder:validation:Required // +required ObservedGeneration int64 `json:"observedGeneration"` // versionHash is a fingerprint of the content that the cluster will be // updated with. It is used by the operator to avoid unnecessary work // and is for internal use only. // +kubebuilder:validation:Required // +required VersionHash string `json:"versionHash"` // capabilities describes the state of optional, core cluster components. Capabilities ClusterVersionCapabilitiesStatus `json:"capabilities"` // conditions provides information about the cluster version. The condition // "Available" is set to true if the desiredUpdate has been reached. The // condition "Progressing" is set to true if an update is being applied. // The condition "Degraded" is set to true if an update is currently blocked // by a temporary or permanent error. Conditions are only valid for the // current desiredUpdate when metadata.generation is equal to // status.generation. // +listType=map // +listMapKey=type // +patchMergeKey=type // +patchStrategy=merge // +optional Conditions []ClusterOperatorStatusCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` // availableUpdates contains updates recommended for this // cluster. Updates which appear in conditionalUpdates but not in // availableUpdates may expose this cluster to known issues. This list // may be empty if no updates are recommended, if the update service // is unavailable, or if an invalid channel has been specified. // +nullable // +kubebuilder:validation:Required // +listType=atomic // +required AvailableUpdates []Release `json:"availableUpdates"` // conditionalUpdates contains the list of updates that may be // recommended for this cluster if it meets specific required // conditions. Consumers interested in the set of updates that are // actually recommended for this cluster should use // availableUpdates. This list may be empty if no updates are // recommended, if the update service is unavailable, or if an empty // or invalid channel has been specified. // +listType=atomic // +optional ConditionalUpdates []ConditionalUpdate `json:"conditionalUpdates,omitempty"` }
ClusterVersionStatus reports the status of the cluster versioning, including any upgrades that are in progress. The current field will be set to whichever version the cluster is reconciling to, and the conditions array will report whether the update succeeded, is in progress, or is failing. +k8s:deepcopy-gen=true
func (*ClusterVersionStatus) DeepCopy ¶
func (in *ClusterVersionStatus) DeepCopy() *ClusterVersionStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVersionStatus.
func (*ClusterVersionStatus) DeepCopyInto ¶
func (in *ClusterVersionStatus) DeepCopyInto(out *ClusterVersionStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ClusterVersionStatus) SwaggerDoc ¶
func (ClusterVersionStatus) SwaggerDoc() map[string]string
type ComponentOverride ¶
type ComponentOverride struct { // kind indentifies which object to override. // +kubebuilder:validation:Required // +required Kind string `json:"kind"` // group identifies the API group that the kind is in. // +kubebuilder:validation:Required // +required Group string `json:"group"` // namespace is the component's namespace. If the resource is cluster // scoped, the namespace should be empty. // +kubebuilder:validation:Required // +required Namespace string `json:"namespace"` // name is the component's name. // +kubebuilder:validation:Required // +required Name string `json:"name"` // unmanaged controls if cluster version operator should stop managing the // resources in this cluster. // Default: false // +kubebuilder:validation:Required // +required Unmanaged bool `json:"unmanaged"` }
ComponentOverride allows overriding cluster version operator's behavior for a component. +k8s:deepcopy-gen=true
func (*ComponentOverride) DeepCopy ¶
func (in *ComponentOverride) DeepCopy() *ComponentOverride
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentOverride.
func (*ComponentOverride) DeepCopyInto ¶
func (in *ComponentOverride) DeepCopyInto(out *ComponentOverride)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ComponentOverride) SwaggerDoc ¶
func (ComponentOverride) SwaggerDoc() map[string]string
type ComponentRouteSpec ¶
type ComponentRouteSpec struct { // namespace is the namespace of the route to customize. // // The namespace and name of this componentRoute must match a corresponding // entry in the list of status.componentRoutes if the route is to be customized. // +kubebuilder:validation:Pattern=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=63 // +kubebuilder:validation:Required // +required Namespace string `json:"namespace"` // name is the logical name of the route to customize. // // The namespace and name of this componentRoute must match a corresponding // entry in the list of status.componentRoutes if the route is to be customized. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 // +kubebuilder:validation:Required // +required Name string `json:"name"` // hostname is the hostname that should be used by the route. // +kubebuilder:validation:Required // +required Hostname Hostname `json:"hostname"` // servingCertKeyPairSecret is a reference to a secret of type `kubernetes.io/tls` in the openshift-config namespace. // The serving cert/key pair must match and will be used by the operator to fulfill the intent of serving with this name. // If the custom hostname uses the default routing suffix of the cluster, // the Secret specification for a serving certificate will not be needed. // +optional ServingCertKeyPairSecret SecretNameReference `json:"servingCertKeyPairSecret"` }
ComponentRouteSpec allows for configuration of a route's hostname and serving certificate.
func (*ComponentRouteSpec) DeepCopy ¶
func (in *ComponentRouteSpec) DeepCopy() *ComponentRouteSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentRouteSpec.
func (*ComponentRouteSpec) DeepCopyInto ¶
func (in *ComponentRouteSpec) DeepCopyInto(out *ComponentRouteSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ComponentRouteSpec) SwaggerDoc ¶
func (ComponentRouteSpec) SwaggerDoc() map[string]string
type ComponentRouteStatus ¶
type ComponentRouteStatus struct { // namespace is the namespace of the route to customize. It must be a real namespace. Using an actual namespace // ensures that no two components will conflict and the same component can be installed multiple times. // // The namespace and name of this componentRoute must match a corresponding // entry in the list of spec.componentRoutes if the route is to be customized. // +kubebuilder:validation:Pattern=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=63 // +kubebuilder:validation:Required // +required Namespace string `json:"namespace"` // name is the logical name of the route to customize. It does not have to be the actual name of a route resource // but it cannot be renamed. // // The namespace and name of this componentRoute must match a corresponding // entry in the list of spec.componentRoutes if the route is to be customized. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 // +kubebuilder:validation:Required // +required Name string `json:"name"` // defaultHostname is the hostname of this route prior to customization. // +kubebuilder:validation:Required // +required DefaultHostname Hostname `json:"defaultHostname"` // consumingUsers is a slice of ServiceAccounts that need to have read permission on the servingCertKeyPairSecret secret. // +kubebuilder:validation:MaxItems=5 // +optional ConsumingUsers []ConsumingUser `json:"consumingUsers,omitempty"` // currentHostnames is the list of current names used by the route. Typically, this list should consist of a single // hostname, but if multiple hostnames are supported by the route the operator may write multiple entries to this list. // +kubebuilder:validation:MinItems=1 // +optional CurrentHostnames []Hostname `json:"currentHostnames,omitempty"` // conditions are used to communicate the state of the componentRoutes entry. // // Supported conditions include Available, Degraded and Progressing. // // If available is true, the content served by the route can be accessed by users. This includes cases // where a default may continue to serve content while the customized route specified by the cluster-admin // is being configured. // // If Degraded is true, that means something has gone wrong trying to handle the componentRoutes entry. // The currentHostnames field may or may not be in effect. // // If Progressing is true, that means the component is taking some action related to the componentRoutes entry. // +optional // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty"` // relatedObjects is a list of resources which are useful when debugging or inspecting how spec.componentRoutes is applied. // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:Required // +required RelatedObjects []ObjectReference `json:"relatedObjects"` }
ComponentRouteStatus contains information allowing configuration of a route's hostname and serving certificate.
func (*ComponentRouteStatus) DeepCopy ¶
func (in *ComponentRouteStatus) DeepCopy() *ComponentRouteStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentRouteStatus.
func (*ComponentRouteStatus) DeepCopyInto ¶
func (in *ComponentRouteStatus) DeepCopyInto(out *ComponentRouteStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ComponentRouteStatus) SwaggerDoc ¶
func (ComponentRouteStatus) SwaggerDoc() map[string]string
type ConditionStatus ¶
type ConditionStatus string
const ( ConditionTrue ConditionStatus = "True" ConditionFalse ConditionStatus = "False" ConditionUnknown ConditionStatus = "Unknown" )
These are valid condition statuses. "ConditionTrue" means a resource is in the condition. "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes can't decide if a resource is in the condition or not. In the future, we could add other intermediate conditions, e.g. ConditionDegraded.
type ConditionalUpdate ¶
type ConditionalUpdate struct { // release is the target of the update. // +kubebuilder:validation:Required // +required Release Release `json:"release"` // risks represents the range of issues associated with // updating to the target release. The cluster-version // operator will evaluate all entries, and only recommend the // update if there is at least one entry and all entries // recommend the update. // +kubebuilder:validation:Required // +kubebuilder:validation:MinItems=1 // +patchMergeKey=name // +patchStrategy=merge // +listType=map // +listMapKey=name // +required Risks []ConditionalUpdateRisk `json:"risks" patchStrategy:"merge" patchMergeKey:"name"` // conditions represents the observations of the conditional update's // current status. Known types are: // * Recommended, for whether the update is recommended for the current cluster. // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` }
ConditionalUpdate represents an update which is recommended to some clusters on the version the current cluster is reconciling, but which may not be recommended for the current cluster.
func (*ConditionalUpdate) DeepCopy ¶
func (in *ConditionalUpdate) DeepCopy() *ConditionalUpdate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionalUpdate.
func (*ConditionalUpdate) DeepCopyInto ¶
func (in *ConditionalUpdate) DeepCopyInto(out *ConditionalUpdate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConditionalUpdate) SwaggerDoc ¶
func (ConditionalUpdate) SwaggerDoc() map[string]string
type ConditionalUpdateRisk ¶
type ConditionalUpdateRisk struct { // url contains information about this risk. // +kubebuilder:validation:Required // +kubebuilder:validation:Format=uri // +kubebuilder:validation:MinLength=1 // +required URL string `json:"url"` // name is the CamelCase reason for not recommending a // conditional update, in the event that matchingRules match the // cluster state. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +required Name string `json:"name"` // message provides additional information about the risk of // updating, in the event that matchingRules match the cluster // state. This is only to be consumed by humans. It may // contain Line Feed characters (U+000A), which should be // rendered as new lines. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +required Message string `json:"message"` // matchingRules is a slice of conditions for deciding which // clusters match the risk and which do not. The slice is // ordered by decreasing precedence. The cluster-version // operator will walk the slice in order, and stop after the // first it can successfully evaluate. If no condition can be // successfully evaluated, the update will not be recommended. // +kubebuilder:validation:Required // +kubebuilder:validation:MinItems=1 // +listType=atomic // +required MatchingRules []ClusterCondition `json:"matchingRules"` }
ConditionalUpdateRisk represents a reason and cluster-state for not recommending a conditional update. +k8s:deepcopy-gen=true
func (*ConditionalUpdateRisk) DeepCopy ¶
func (in *ConditionalUpdateRisk) DeepCopy() *ConditionalUpdateRisk
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionalUpdateRisk.
func (*ConditionalUpdateRisk) DeepCopyInto ¶
func (in *ConditionalUpdateRisk) DeepCopyInto(out *ConditionalUpdateRisk)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConditionalUpdateRisk) SwaggerDoc ¶
func (ConditionalUpdateRisk) SwaggerDoc() map[string]string
type ConfigMapFileReference ¶
type ConfigMapFileReference struct { Name string `json:"name"` // Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. Key string `json:"key,omitempty"` }
ConfigMapFileReference references a config map in a specific namespace. The namespace must be specified at the point of use.
func (*ConfigMapFileReference) DeepCopy ¶
func (in *ConfigMapFileReference) DeepCopy() *ConfigMapFileReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapFileReference.
func (*ConfigMapFileReference) DeepCopyInto ¶
func (in *ConfigMapFileReference) DeepCopyInto(out *ConfigMapFileReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConfigMapFileReference) SwaggerDoc ¶
func (ConfigMapFileReference) SwaggerDoc() map[string]string
type ConfigMapNameReference ¶
type ConfigMapNameReference struct { // name is the metadata.name of the referenced config map // +kubebuilder:validation:Required // +required Name string `json:"name"` }
ConfigMapNameReference references a config map in a specific namespace. The namespace must be specified at the point of use.
func (*ConfigMapNameReference) DeepCopy ¶
func (in *ConfigMapNameReference) DeepCopy() *ConfigMapNameReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapNameReference.
func (*ConfigMapNameReference) DeepCopyInto ¶
func (in *ConfigMapNameReference) DeepCopyInto(out *ConfigMapNameReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConfigMapNameReference) SwaggerDoc ¶
func (ConfigMapNameReference) SwaggerDoc() map[string]string
type Console ¶
type Console struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec holds user settable values for configuration // +kubebuilder:validation:Required // +required Spec ConsoleSpec `json:"spec"` // status holds observed values from the cluster. They may not be overridden. // +optional Status ConsoleStatus `json:"status"` }
Console holds cluster-wide configuration for the web console, including the logout URL, and reports the public URL of the console. The canonical name is `cluster`.
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=consoles,scope=Cluster +kubebuilder:subresource:status +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true
func (*Console) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Console.
func (*Console) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Console) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (Console) SwaggerDoc ¶
type ConsoleAuthentication ¶
type ConsoleAuthentication struct { // An optional, absolute URL to redirect web browsers to after logging out of // the console. If not specified, it will redirect to the default login page. // This is required when using an identity provider that supports single // sign-on (SSO) such as: // - OpenID (Keycloak, Azure) // - RequestHeader (GSSAPI, SSPI, SAML) // - OAuth (GitHub, GitLab, Google) // Logging out of the console will destroy the user's token. The logoutRedirect // provides the user the option to perform single logout (SLO) through the identity // provider to destroy their single sign-on session. // +optional // +kubebuilder:validation:Pattern=`^$|^((https):\/\/?)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/?))$` LogoutRedirect string `json:"logoutRedirect,omitempty"` }
ConsoleAuthentication defines a list of optional configuration for console authentication.
func (*ConsoleAuthentication) DeepCopy ¶
func (in *ConsoleAuthentication) DeepCopy() *ConsoleAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleAuthentication.
func (*ConsoleAuthentication) DeepCopyInto ¶
func (in *ConsoleAuthentication) DeepCopyInto(out *ConsoleAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConsoleAuthentication) SwaggerDoc ¶
func (ConsoleAuthentication) SwaggerDoc() map[string]string
type ConsoleList ¶
type ConsoleList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []Console `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*ConsoleList) DeepCopy ¶
func (in *ConsoleList) DeepCopy() *ConsoleList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleList.
func (*ConsoleList) DeepCopyInto ¶
func (in *ConsoleList) DeepCopyInto(out *ConsoleList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConsoleList) DeepCopyObject ¶
func (in *ConsoleList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (ConsoleList) SwaggerDoc ¶
func (ConsoleList) SwaggerDoc() map[string]string
type ConsoleSpec ¶
type ConsoleSpec struct { // +optional Authentication ConsoleAuthentication `json:"authentication"` }
ConsoleSpec is the specification of the desired behavior of the Console.
func (*ConsoleSpec) DeepCopy ¶
func (in *ConsoleSpec) DeepCopy() *ConsoleSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleSpec.
func (*ConsoleSpec) DeepCopyInto ¶
func (in *ConsoleSpec) DeepCopyInto(out *ConsoleSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConsoleSpec) SwaggerDoc ¶
func (ConsoleSpec) SwaggerDoc() map[string]string
type ConsoleStatus ¶
type ConsoleStatus struct { // The URL for the console. This will be derived from the host for the route that // is created for the console. ConsoleURL string `json:"consoleURL"` }
ConsoleStatus defines the observed status of the Console.
func (*ConsoleStatus) DeepCopy ¶
func (in *ConsoleStatus) DeepCopy() *ConsoleStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleStatus.
func (*ConsoleStatus) DeepCopyInto ¶
func (in *ConsoleStatus) DeepCopyInto(out *ConsoleStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConsoleStatus) SwaggerDoc ¶
func (ConsoleStatus) SwaggerDoc() map[string]string
type ConsumingUser ¶
type ConsumingUser string
ConsumingUser is an alias for string which we add validation to. Currently only service accounts are supported. +kubebuilder:validation:Pattern="^system:serviceaccount:[a-z0-9]([-a-z0-9]*[a-z0-9])?:[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" +kubebuilder:validation:MinLength=1 +kubebuilder:validation:MaxLength=512
type CustomFeatureGates ¶
type CustomFeatureGates struct { // enabled is a list of all feature gates that you want to force on // +optional Enabled []FeatureGateName `json:"enabled,omitempty"` // disabled is a list of all feature gates that you want to force off // +optional Disabled []FeatureGateName `json:"disabled,omitempty"` }
func (*CustomFeatureGates) DeepCopy ¶
func (in *CustomFeatureGates) DeepCopy() *CustomFeatureGates
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomFeatureGates.
func (*CustomFeatureGates) DeepCopyInto ¶
func (in *CustomFeatureGates) DeepCopyInto(out *CustomFeatureGates)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CustomFeatureGates) SwaggerDoc ¶
func (CustomFeatureGates) SwaggerDoc() map[string]string
type CustomTLSProfile ¶
type CustomTLSProfile struct {
TLSProfileSpec `json:",inline"`
}
CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.
func (*CustomTLSProfile) DeepCopy ¶
func (in *CustomTLSProfile) DeepCopy() *CustomTLSProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomTLSProfile.
func (*CustomTLSProfile) DeepCopyInto ¶
func (in *CustomTLSProfile) DeepCopyInto(out *CustomTLSProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (CustomTLSProfile) SwaggerDoc ¶
func (CustomTLSProfile) SwaggerDoc() map[string]string
type DNS ¶
type DNS struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec holds user settable values for configuration // +kubebuilder:validation:Required // +required Spec DNSSpec `json:"spec"` // status holds observed values from the cluster. They may not be overridden. // +optional Status DNSStatus `json:"status"` }
DNS holds cluster-wide information about DNS. The canonical name is `cluster`
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=dnses,scope=Cluster +kubebuilder:subresource:status +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true
func (*DNS) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNS.
func (*DNS) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*DNS) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (DNS) SwaggerDoc ¶
type DNSList ¶
type DNSList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []DNS `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*DNSList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSList.
func (*DNSList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*DNSList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (DNSList) SwaggerDoc ¶
type DNSPlatformSpec ¶
type DNSPlatformSpec struct { // type is the underlying infrastructure provider for the cluster. // Allowed values: "", "AWS". // // Individual components may not support all platforms, // and must handle unrecognized platforms with best-effort defaults. // // +unionDiscriminator // +kubebuilder:validation:Required // +kubebuilder:validation:XValidation:rule="self in [”,'AWS']",message="allowed values are ” and 'AWS'" Type PlatformType `json:"type"` // aws contains DNS configuration specific to the Amazon Web Services cloud provider. // +optional AWS *AWSDNSSpec `json:"aws"` }
DNSPlatformSpec holds cloud-provider-specific configuration for DNS administration. +union +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'AWS' ? has(self.aws) : !has(self.aws)",message="aws configuration is required when platform is AWS, and forbidden otherwise"
func (*DNSPlatformSpec) DeepCopy ¶
func (in *DNSPlatformSpec) DeepCopy() *DNSPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSPlatformSpec.
func (*DNSPlatformSpec) DeepCopyInto ¶
func (in *DNSPlatformSpec) DeepCopyInto(out *DNSPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DNSPlatformSpec) SwaggerDoc ¶
func (DNSPlatformSpec) SwaggerDoc() map[string]string
type DNSSpec ¶
type DNSSpec struct { // baseDomain is the base domain of the cluster. All managed DNS records will // be sub-domains of this base. // // For example, given the base domain `openshift.example.com`, an API server // DNS record may be created for `cluster-api.openshift.example.com`. // // Once set, this field cannot be changed. BaseDomain string `json:"baseDomain"` // publicZone is the location where all the DNS records that are publicly accessible to // the internet exist. // // If this field is nil, no public records should be created. // // Once set, this field cannot be changed. // // +optional PublicZone *DNSZone `json:"publicZone,omitempty"` // privateZone is the location where all the DNS records that are only available internally // to the cluster exist. // // If this field is nil, no private records should be created. // // Once set, this field cannot be changed. // // +optional PrivateZone *DNSZone `json:"privateZone,omitempty"` // platform holds configuration specific to the underlying // infrastructure provider for DNS. // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults. These defaults are subject to change over time. // +optional Platform DNSPlatformSpec `json:"platform,omitempty"` }
func (*DNSSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSSpec.
func (*DNSSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DNSSpec) SwaggerDoc ¶
type DNSStatus ¶
type DNSStatus struct { }
func (*DNSStatus) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSStatus.
func (*DNSStatus) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DNSType ¶
type DNSType string
DNSType indicates whether the cluster DNS is hosted by the cluster or Core DNS .
const ( // ClusterHosted indicates that a DNS solution other than the default provided by the // cloud platform is in use. In this mode, the cluster hosts a DNS solution during installation and the // user is expected to provide their own DNS solution post-install. // When the DNS solution is `ClusterHosted`, the cluster will continue to use the // default Load Balancers provided by the cloud platform. ClusterHostedDNSType DNSType = "ClusterHosted" // PlatformDefault indicates that the cluster is using the default DNS solution for the // cloud platform. OpenShift is responsible for all the LB and DNS configuration needed for the // cluster to be functional with no intervention from the user. To accomplish this, OpenShift // configures the default LB and DNS solutions provided by the underlying cloud. PlatformDefaultDNSType DNSType = "PlatformDefault" )
type DNSZone ¶
type DNSZone struct { // id is the identifier that can be used to find the DNS hosted zone. // // on AWS zone can be fetched using `ID` as id in [1] // on Azure zone can be fetched using `ID` as a pre-determined name in [2], // on GCP zone can be fetched using `ID` as a pre-determined name in [3]. // // [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options // [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show // [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get // +optional ID string `json:"id,omitempty"` // tags can be used to query the DNS hosted zone. // // on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, // // [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options // +optional Tags map[string]string `json:"tags,omitempty"` }
DNSZone is used to define a DNS hosted zone. A zone can be identified by an ID or tags.
func (*DNSZone) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSZone.
func (*DNSZone) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DNSZone) SwaggerDoc ¶
type DRAEnablement ¶
type DRAEnablement string
+kubebuilder:validation:Enum:="";"Enabled";"Disabled"
var ( // DRAEnablementEnabled enables dynamic resource allocation feature DRAEnablementEnabled DRAEnablement = "Enabled" // DRAEnablementDisabled disables dynamic resource allocation feature DRAEnablementDisabled DRAEnablement = "Disabled" )
type DefaultPlacement ¶
type DefaultPlacement string
DefaultPlacement defines the default placement of ingress router pods.
const ( // "Workers" is for having router pods placed on worker nodes by default. DefaultPlacementWorkers DefaultPlacement = "Workers" // "ControlPlane" is for having router pods placed on control-plane nodes by default. DefaultPlacementControlPlane DefaultPlacement = "ControlPlane" )
type DelegatedAuthentication ¶
type DelegatedAuthentication struct { // disabled indicates that authentication should be disabled. By default it will use delegated authentication. Disabled bool `json:"disabled,omitempty"` }
DelegatedAuthentication allows authentication to be disabled.
func (*DelegatedAuthentication) DeepCopy ¶
func (in *DelegatedAuthentication) DeepCopy() *DelegatedAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DelegatedAuthentication.
func (*DelegatedAuthentication) DeepCopyInto ¶
func (in *DelegatedAuthentication) DeepCopyInto(out *DelegatedAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DelegatedAuthentication) SwaggerDoc ¶
func (DelegatedAuthentication) SwaggerDoc() map[string]string
type DelegatedAuthorization ¶
type DelegatedAuthorization struct { // disabled indicates that authorization should be disabled. By default it will use delegated authorization. Disabled bool `json:"disabled,omitempty"` }
DelegatedAuthorization allows authorization to be disabled.
func (*DelegatedAuthorization) DeepCopy ¶
func (in *DelegatedAuthorization) DeepCopy() *DelegatedAuthorization
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DelegatedAuthorization.
func (*DelegatedAuthorization) DeepCopyInto ¶
func (in *DelegatedAuthorization) DeepCopyInto(out *DelegatedAuthorization)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DelegatedAuthorization) SwaggerDoc ¶
func (DelegatedAuthorization) SwaggerDoc() map[string]string
type DeprecatedWebhookTokenAuthenticator ¶
type DeprecatedWebhookTokenAuthenticator struct { // kubeConfig contains kube config file data which describes how to access the remote webhook service. // For further details, see: // https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication // The key "kubeConfig" is used to locate the data. // If the secret or expected key is not found, the webhook is not honored. // If the specified kube config data is not valid, the webhook is not honored. // The namespace for this secret is determined by the point of use. KubeConfig SecretNameReference `json:"kubeConfig"` }
deprecatedWebhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator. It's the same as WebhookTokenAuthenticator but it's missing the 'required' validation on KubeConfig field.
func (*DeprecatedWebhookTokenAuthenticator) DeepCopy ¶
func (in *DeprecatedWebhookTokenAuthenticator) DeepCopy() *DeprecatedWebhookTokenAuthenticator
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeprecatedWebhookTokenAuthenticator.
func (*DeprecatedWebhookTokenAuthenticator) DeepCopyInto ¶
func (in *DeprecatedWebhookTokenAuthenticator) DeepCopyInto(out *DeprecatedWebhookTokenAuthenticator)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (DeprecatedWebhookTokenAuthenticator) SwaggerDoc ¶
func (DeprecatedWebhookTokenAuthenticator) SwaggerDoc() map[string]string
type EncryptionType ¶
type EncryptionType string
+kubebuilder:validation:Enum="";identity;aescbc;aesgcm
const ( // identity refers to a type where no encryption is performed at the datastore layer. // Resources are written as-is without encryption. EncryptionTypeIdentity EncryptionType = "identity" // aescbc refers to a type where AES-CBC with PKCS#7 padding and a 32-byte key // is used to perform encryption at the datastore layer. EncryptionTypeAESCBC EncryptionType = "aescbc" // aesgcm refers to a type where AES-GCM with random nonce and a 32-byte key // is used to perform encryption at the datastore layer. EncryptionTypeAESGCM EncryptionType = "aesgcm" )
type EquinixMetalPlatformSpec ¶
type EquinixMetalPlatformSpec struct{}
EquinixMetalPlatformSpec holds the desired state of the Equinix Metal infrastructure provider. This only includes fields that can be modified in the cluster.
func (*EquinixMetalPlatformSpec) DeepCopy ¶
func (in *EquinixMetalPlatformSpec) DeepCopy() *EquinixMetalPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EquinixMetalPlatformSpec.
func (*EquinixMetalPlatformSpec) DeepCopyInto ¶
func (in *EquinixMetalPlatformSpec) DeepCopyInto(out *EquinixMetalPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (EquinixMetalPlatformSpec) SwaggerDoc ¶
func (EquinixMetalPlatformSpec) SwaggerDoc() map[string]string
type EquinixMetalPlatformStatus ¶
type EquinixMetalPlatformStatus struct { // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used // by components inside the cluster, like kubelets using the infrastructure rather // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI // points to. It is the IP for a self-hosted load balancer in front of the API servers. APIServerInternalIP string `json:"apiServerInternalIP,omitempty"` // ingressIP is an external IP which routes to the default ingress controller. // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. IngressIP string `json:"ingressIP,omitempty"` }
EquinixMetalPlatformStatus holds the current status of the Equinix Metal infrastructure provider.
func (*EquinixMetalPlatformStatus) DeepCopy ¶
func (in *EquinixMetalPlatformStatus) DeepCopy() *EquinixMetalPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EquinixMetalPlatformStatus.
func (*EquinixMetalPlatformStatus) DeepCopyInto ¶
func (in *EquinixMetalPlatformStatus) DeepCopyInto(out *EquinixMetalPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (EquinixMetalPlatformStatus) SwaggerDoc ¶
func (EquinixMetalPlatformStatus) SwaggerDoc() map[string]string
type EtcdConnectionInfo ¶
type EtcdConnectionInfo struct { // URLs are the URLs for etcd URLs []string `json:"urls,omitempty"` // CA is a file containing trusted roots for the etcd server certificates CA string `json:"ca"` // CertInfo is the TLS client cert information for securing communication to etcd // this is anonymous so that we can inline it for serialization CertInfo `json:",inline"` }
EtcdConnectionInfo holds information necessary for connecting to an etcd server
func (*EtcdConnectionInfo) DeepCopy ¶
func (in *EtcdConnectionInfo) DeepCopy() *EtcdConnectionInfo
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdConnectionInfo.
func (*EtcdConnectionInfo) DeepCopyInto ¶
func (in *EtcdConnectionInfo) DeepCopyInto(out *EtcdConnectionInfo)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (EtcdConnectionInfo) SwaggerDoc ¶
func (EtcdConnectionInfo) SwaggerDoc() map[string]string
type EtcdStorageConfig ¶
type EtcdStorageConfig struct { EtcdConnectionInfo `json:",inline"` // StoragePrefix is the path within etcd that the OpenShift resources will // be rooted under. This value, if changed, will mean existing objects in etcd will // no longer be located. StoragePrefix string `json:"storagePrefix"` }
func (*EtcdStorageConfig) DeepCopy ¶
func (in *EtcdStorageConfig) DeepCopy() *EtcdStorageConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdStorageConfig.
func (*EtcdStorageConfig) DeepCopyInto ¶
func (in *EtcdStorageConfig) DeepCopyInto(out *EtcdStorageConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (EtcdStorageConfig) SwaggerDoc ¶
func (EtcdStorageConfig) SwaggerDoc() map[string]string
type ExternalIPConfig ¶
type ExternalIPConfig struct { // policy is a set of restrictions applied to the ExternalIP field. // If nil or empty, then ExternalIP is not allowed to be set. // +optional Policy *ExternalIPPolicy `json:"policy,omitempty"` // autoAssignCIDRs is a list of CIDRs from which to automatically assign // Service.ExternalIP. These are assigned when the service is of type // LoadBalancer. In general, this is only useful for bare-metal clusters. // In Openshift 3.x, this was misleadingly called "IngressIPs". // Automatically assigned External IPs are not affected by any // ExternalIPPolicy rules. // Currently, only one entry may be provided. // +optional // +listType=atomic AutoAssignCIDRs []string `json:"autoAssignCIDRs,omitempty"` }
ExternalIPConfig specifies some IP blocks relevant for the ExternalIP field of a Service resource.
func (*ExternalIPConfig) DeepCopy ¶
func (in *ExternalIPConfig) DeepCopy() *ExternalIPConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalIPConfig.
func (*ExternalIPConfig) DeepCopyInto ¶
func (in *ExternalIPConfig) DeepCopyInto(out *ExternalIPConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ExternalIPConfig) SwaggerDoc ¶
func (ExternalIPConfig) SwaggerDoc() map[string]string
type ExternalIPPolicy ¶
type ExternalIPPolicy struct { // allowedCIDRs is the list of allowed CIDRs. // +listType=atomic AllowedCIDRs []string `json:"allowedCIDRs,omitempty"` // rejectedCIDRs is the list of disallowed CIDRs. These take precedence // over allowedCIDRs. // +optional // +listType=atomic RejectedCIDRs []string `json:"rejectedCIDRs,omitempty"` }
ExternalIPPolicy configures exactly which IPs are allowed for the ExternalIP field in a Service. If the zero struct is supplied, then none are permitted. The policy controller always allows automatically assigned external IPs.
func (*ExternalIPPolicy) DeepCopy ¶
func (in *ExternalIPPolicy) DeepCopy() *ExternalIPPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalIPPolicy.
func (*ExternalIPPolicy) DeepCopyInto ¶
func (in *ExternalIPPolicy) DeepCopyInto(out *ExternalIPPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ExternalIPPolicy) SwaggerDoc ¶
func (ExternalIPPolicy) SwaggerDoc() map[string]string
type ExternalPlatformSpec ¶
type ExternalPlatformSpec struct { // PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. // This field is solely for informational and reporting purposes and is not expected to be used for decision-making. // +kubebuilder:default:="Unknown" // +default="Unknown" // +kubebuilder:validation:XValidation:rule="oldSelf == 'Unknown' || self == oldSelf",message="platform name cannot be changed once set" // +optional PlatformName string `json:"platformName,omitempty"` }
ExternalPlatformSpec holds the desired state for the generic External infrastructure provider.
func (*ExternalPlatformSpec) DeepCopy ¶
func (in *ExternalPlatformSpec) DeepCopy() *ExternalPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalPlatformSpec.
func (*ExternalPlatformSpec) DeepCopyInto ¶
func (in *ExternalPlatformSpec) DeepCopyInto(out *ExternalPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ExternalPlatformSpec) SwaggerDoc ¶
func (ExternalPlatformSpec) SwaggerDoc() map[string]string
type ExternalPlatformStatus ¶
type ExternalPlatformStatus struct { // cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). // When omitted, new nodes will be not tainted // and no extra initialization from the cloud controller manager is expected. // +optional CloudControllerManager CloudControllerManagerStatus `json:"cloudControllerManager"` }
ExternalPlatformStatus holds the current status of the generic External infrastructure provider. +kubebuilder:validation:XValidation:rule="has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager)",message="cloudControllerManager may not be added or removed once set"
func (*ExternalPlatformStatus) DeepCopy ¶
func (in *ExternalPlatformStatus) DeepCopy() *ExternalPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalPlatformStatus.
func (*ExternalPlatformStatus) DeepCopyInto ¶
func (in *ExternalPlatformStatus) DeepCopyInto(out *ExternalPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ExternalPlatformStatus) SwaggerDoc ¶
func (ExternalPlatformStatus) SwaggerDoc() map[string]string
type FeatureGate ¶
type FeatureGate struct { metav1.TypeMeta `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty"` // spec holds user settable values for configuration // +kubebuilder:validation:Required // +required // +kubebuilder:validation:XValidation:rule="has(oldSelf.featureSet) ? has(self.featureSet) : true",message=".spec.featureSet cannot be removed" Spec FeatureGateSpec `json:"spec"` // status holds observed values from the cluster. They may not be overridden. // +optional Status FeatureGateStatus `json:"status"` }
Feature holds cluster-wide information about feature gates. The canonical name is `cluster`
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1 +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +kubebuilder:object:root=true +kubebuilder:resource:path=featuregates,scope=Cluster +kubebuilder:subresource:status +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true
func (*FeatureGate) DeepCopy ¶
func (in *FeatureGate) DeepCopy() *FeatureGate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGate.
func (*FeatureGate) DeepCopyInto ¶
func (in *FeatureGate) DeepCopyInto(out *FeatureGate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FeatureGate) DeepCopyObject ¶
func (in *FeatureGate) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (FeatureGate) SwaggerDoc ¶
func (FeatureGate) SwaggerDoc() map[string]string
type FeatureGateAttributes ¶
type FeatureGateAttributes struct { // name is the name of the FeatureGate. // +kubebuilder:validation:Required Name FeatureGateName `json:"name"` }
func (*FeatureGateAttributes) DeepCopy ¶
func (in *FeatureGateAttributes) DeepCopy() *FeatureGateAttributes
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateAttributes.
func (*FeatureGateAttributes) DeepCopyInto ¶
func (in *FeatureGateAttributes) DeepCopyInto(out *FeatureGateAttributes)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FeatureGateAttributes) SwaggerDoc ¶
func (FeatureGateAttributes) SwaggerDoc() map[string]string
type FeatureGateDetails ¶
type FeatureGateDetails struct { // version matches the version provided by the ClusterVersion and in the ClusterOperator.Status.Versions field. // +kubebuilder:validation:Required // +required Version string `json:"version"` // enabled is a list of all feature gates that are enabled in the cluster for the named version. // +optional Enabled []FeatureGateAttributes `json:"enabled"` // disabled is a list of all feature gates that are disabled in the cluster for the named version. // +optional Disabled []FeatureGateAttributes `json:"disabled"` }
func (*FeatureGateDetails) DeepCopy ¶
func (in *FeatureGateDetails) DeepCopy() *FeatureGateDetails
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateDetails.
func (*FeatureGateDetails) DeepCopyInto ¶
func (in *FeatureGateDetails) DeepCopyInto(out *FeatureGateDetails)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FeatureGateDetails) SwaggerDoc ¶
func (FeatureGateDetails) SwaggerDoc() map[string]string
type FeatureGateList ¶
type FeatureGateList struct { metav1.TypeMeta `json:",inline"` // metadata is the standard list's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ListMeta `json:"metadata"` Items []FeatureGate `json:"items"` }
Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +openshift:compatibility-gen:level=1
func (*FeatureGateList) DeepCopy ¶
func (in *FeatureGateList) DeepCopy() *FeatureGateList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateList.
func (*FeatureGateList) DeepCopyInto ¶
func (in *FeatureGateList) DeepCopyInto(out *FeatureGateList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FeatureGateList) DeepCopyObject ¶
func (in *FeatureGateList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (FeatureGateList) SwaggerDoc ¶
func (FeatureGateList) SwaggerDoc() map[string]string
type FeatureGateName ¶
type FeatureGateName string
FeatureGateName is a string to enforce patterns on the name of a FeatureGate +kubebuilder:validation:Pattern=`^([A-Za-z0-9-]+\.)*[A-Za-z0-9-]+\.?$`
type FeatureGateSelection ¶
type FeatureGateSelection struct { // featureSet changes the list of features in the cluster. The default is empty. Be very careful adjusting this setting. // Turning on or off features may cause irreversible changes in your cluster which cannot be undone. // +unionDiscriminator // +optional // +kubebuilder:validation:Enum=CustomNoUpgrade;DevPreviewNoUpgrade;TechPreviewNoUpgrade;"" // +kubebuilder:validation:XValidation:rule="oldSelf == 'CustomNoUpgrade' ? self == 'CustomNoUpgrade' : true",message="CustomNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'TechPreviewNoUpgrade' ? self == 'TechPreviewNoUpgrade' : true",message="TechPreviewNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'DevPreviewNoUpgrade' ? self == 'DevPreviewNoUpgrade' : true",message="DevPreviewNoUpgrade may not be changed" FeatureSet FeatureSet `json:"featureSet,omitempty"` // customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. // Because of its nature, this setting cannot be validated. If you have any typos or accidentally apply invalid combinations // your cluster may fail in an unrecoverable way. featureSet must equal "CustomNoUpgrade" must be set to use this field. // +optional // +nullable CustomNoUpgrade *CustomFeatureGates `json:"customNoUpgrade,omitempty"` }
+union
func (*FeatureGateSelection) DeepCopy ¶
func (in *FeatureGateSelection) DeepCopy() *FeatureGateSelection
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateSelection.
func (*FeatureGateSelection) DeepCopyInto ¶
func (in *FeatureGateSelection) DeepCopyInto(out *FeatureGateSelection)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FeatureGateSelection) SwaggerDoc ¶
func (FeatureGateSelection) SwaggerDoc() map[string]string
type FeatureGateSpec ¶
type FeatureGateSpec struct {
FeatureGateSelection `json:",inline"`
}
func (*FeatureGateSpec) DeepCopy ¶
func (in *FeatureGateSpec) DeepCopy() *FeatureGateSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateSpec.
func (*FeatureGateSpec) DeepCopyInto ¶
func (in *FeatureGateSpec) DeepCopyInto(out *FeatureGateSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FeatureGateStatus ¶
type FeatureGateStatus struct { // conditions represent the observations of the current state. // Known .status.conditions.type are: "DeterminationDegraded" // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty"` // featureGates contains a list of enabled and disabled featureGates that are keyed by payloadVersion. // Operators other than the CVO and cluster-config-operator, must read the .status.featureGates, locate // the version they are managing, find the enabled/disabled featuregates and make the operand and operator match. // The enabled/disabled values for a particular version may change during the life of the cluster as various // .spec.featureSet values are selected. // Operators may choose to restart their processes to pick up these changes, but remembering past enable/disable // lists is beyond the scope of this API and is the responsibility of individual operators. // Only featureGates with .version in the ClusterVersion.status will be present in this list. // +listType=map // +listMapKey=version FeatureGates []FeatureGateDetails `json:"featureGates"` }
func (*FeatureGateStatus) DeepCopy ¶
func (in *FeatureGateStatus) DeepCopy() *FeatureGateStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateStatus.
func (*FeatureGateStatus) DeepCopyInto ¶
func (in *FeatureGateStatus) DeepCopyInto(out *FeatureGateStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FeatureGateStatus) SwaggerDoc ¶
func (FeatureGateStatus) SwaggerDoc() map[string]string
type FeatureGateTests ¶
type FeatureGateTests struct { // FeatureGate is the name of the FeatureGate as it appears in The FeatureGate CR instance. FeatureGate string `json:"featureGate"` // Tests contains an item for every TestName Tests []TestDetails `json:"tests"` }
func (*FeatureGateTests) DeepCopy ¶
func (in *FeatureGateTests) DeepCopy() *FeatureGateTests
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateTests.
func (*FeatureGateTests) DeepCopyInto ¶
func (in *FeatureGateTests) DeepCopyInto(out *FeatureGateTests)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FeatureGateTests) SwaggerDoc ¶
func (FeatureGateTests) SwaggerDoc() map[string]string
type FeatureSet ¶
type FeatureSet string
var ( // Default feature set that allows upgrades. Default FeatureSet = "" // TechPreviewNoUpgrade turns on tech preview features that are not part of the normal supported platform. Turning // this feature set on CANNOT BE UNDONE and PREVENTS UPGRADES. TechPreviewNoUpgrade FeatureSet = "TechPreviewNoUpgrade" // DevPreviewNoUpgrade turns on dev preview features that are not part of the normal supported platform. Turning // this feature set on CANNOT BE UNDONE and PREVENTS UPGRADES. DevPreviewNoUpgrade FeatureSet = "DevPreviewNoUpgrade" // CustomNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. // Because of its nature, this setting cannot be validated. If you have any typos or accidentally apply invalid combinations // your cluster may fail in an unrecoverable way. CustomNoUpgrade FeatureSet = "CustomNoUpgrade" // AllFixedFeatureSets are the featuresets that have known featuregates. Custom doesn't for instance. LatencySensitive is dead AllFixedFeatureSets = []FeatureSet{Default, TechPreviewNoUpgrade, DevPreviewNoUpgrade} )
type GCPPlatformSpec ¶
type GCPPlatformSpec struct{}
GCPPlatformSpec holds the desired state of the Google Cloud Platform infrastructure provider. This only includes fields that can be modified in the cluster.
func (*GCPPlatformSpec) DeepCopy ¶
func (in *GCPPlatformSpec) DeepCopy() *GCPPlatformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPPlatformSpec.
func (*GCPPlatformSpec) DeepCopyInto ¶
func (in *GCPPlatformSpec) DeepCopyInto(out *GCPPlatformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (GCPPlatformSpec) SwaggerDoc ¶
func (GCPPlatformSpec) SwaggerDoc() map[string]string
type GCPPlatformStatus ¶
type GCPPlatformStatus struct { // resourceGroupName is the Project ID for new GCP resources created for the cluster. ProjectID string `json:"projectID"` // region holds the region for new GCP resources created for the cluster. Region string `json:"region"` // resourceLabels is a list of additional labels to apply to GCP resources created for the cluster. // See https://cloud.google.com/compute/docs/labeling-resources for information on labeling GCP resources. // GCP supports a maximum of 64 labels per resource. OpenShift reserves 32 labels for internal use, // allowing 32 labels for user configuration. // +kubebuilder:validation:MaxItems=32 // +kubebuilder:validation:XValidation:rule="self.all(x, x in oldSelf) && oldSelf.all(x, x in self)",message="resourceLabels are immutable and may only be configured during installation" // +listType=map // +listMapKey=key // +optional // +openshift:enable:FeatureGate=GCPLabelsTags ResourceLabels []GCPResourceLabel `json:"resourceLabels,omitempty"` // resourceTags is a list of additional tags to apply to GCP resources created for the cluster. // See https://cloud.google.com/resource-manager/docs/tags/tags-overview for information on // tagging GCP resources. GCP supports a maximum of 50 tags per resource. // +kubebuilder:validation:MaxItems=50 // +kubebuilder:validation:XValidation:rule="self.all(x, x in oldSelf) && oldSelf.all(x, x in self)",message="resourceTags are immutable and may only be configured during installation" // +listType=map // +listMapKey=key // +optional // +openshift:enable:FeatureGate=GCPLabelsTags ResourceTags []GCPResourceTag `json:"resourceTags,omitempty"` // cloudLoadBalancerConfig holds configuration related to DNS and cloud // load balancers. It allows configuration of in-cluster DNS as an alternative // to the platform default DNS implementation. // When using the ClusterHosted DNS type, Load Balancer IP addresses // must be provided for the API and internal API load balancers as well as the // ingress load balancer. // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} // +openshift:enable:FeatureGate=GCPClusterHostedDNS // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` }
GCPPlatformStatus holds the current status of the Google Cloud Platform infrastructure provider. +openshift:validation:FeatureGateAwareXValidation:featureGate=GCPLabelsTags,rule="!has(oldSelf.resourceLabels) && !has(self.resourceLabels) || has(oldSelf.resourceLabels) && has(self.resourceLabels)",message="resourceLabels may only be configured during installation" +openshift:validation:FeatureGateAwareXValidation:featureGate=GCPLabelsTags,rule="!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)",message="resourceTags may only be configured during installation"
func (*GCPPlatformStatus) DeepCopy ¶
func (in *GCPPlatformStatus) DeepCopy() *GCPPlatformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPPlatformStatus.
func (*GCPPlatformStatus) DeepCopyInto ¶
func (in *GCPPlatformStatus) DeepCopyInto(out *GCPPlatformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (GCPPlatformStatus) SwaggerDoc ¶
func (GCPPlatformStatus) SwaggerDoc() map[string]string