From 0d833d5f00aba572d70456adeb0299f6ff11997a Mon Sep 17 00:00:00 2001
From: Shyam Radhakrishnan <shyam.radhakrishnan@oracle.com>
Date: Tue, 20 Sep 2022 14:15:29 +0530
Subject: [PATCH] Add documentation for worker node customization

---
 api/v1beta1/types.go                          |  4 +-
 ...tructure.cluster.x-k8s.io_ocimachines.yaml | 16 ++--
 ....cluster.x-k8s.io_ocimachinetemplates.yaml | 16 ++--
 docs/src/SUMMARY.md                           |  1 +
 docs/src/gs/customize-worker-node.md          | 77 +++++++++++++++++++
 5 files changed, 96 insertions(+), 18 deletions(-)
 create mode 100644 docs/src/gs/customize-worker-node.md

diff --git a/api/v1beta1/types.go b/api/v1beta1/types.go
index 84973a7b2..45d974528 100644
--- a/api/v1beta1/types.go
+++ b/api/v1beta1/types.go
@@ -190,7 +190,7 @@ type PlatformConfig struct {
 	// * `INTEL_SKYLAKE_BM`
 	// * `AMD_MILAN_BM`
 	// Based on the enum, exactly one of the specific configuration types must be set
-	PlatformConfigType PlatformConfigTypeEnum `json:"PlatformConfigType,omitempty"`
+	PlatformConfigType PlatformConfigTypeEnum `json:"platformConfigType,omitempty"`
 
 	// AmdMilanBmPlatformConfig describe AMD Milan BM platform configuration
 	AmdMilanBmPlatformConfig AmdMilanBmPlatformConfig `json:"amdMilanBmPlatformConfig,omitempty"`
@@ -523,7 +523,7 @@ type LaunchInstanceAgentConfig struct {
 	// object.
 	IsManagementDisabled *bool `json:"isManagementDisabled,omitempty"`
 
-	// AreAllPluginsDisabled defines rhether Oracle Cloud Agent can run all the available plugins.
+	// AreAllPluginsDisabled defines whether Oracle Cloud Agent can run all the available plugins.
 	// This includes the management and monitoring plugins.
 	// To get a list of available plugins, use the
 	// ListInstanceagentAvailablePlugins
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml
index 9fa88c87b..ca7e8ad23 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml
@@ -43,7 +43,7 @@ spec:
                   Oracle Cloud Agent software running on the instance.
                 properties:
                   areAllPluginsDisabled:
-                    description: AreAllPluginsDisabled defines rhether Oracle Cloud
+                    description: AreAllPluginsDisabled defines whether Oracle Cloud
                       Agent can run all the available plugins. This includes the management
                       and monitoring plugins. To get a list of available plugins,
                       use the ListInstanceagentAvailablePlugins operation in the Oracle
@@ -303,13 +303,6 @@ spec:
                 description: InstanceSourceViaImageConfig defines the platform config
                   parameters
                 properties:
-                  PlatformConfigType:
-                    description: The type of platform configuration. Valid values
-                      are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
-                      * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
-                      Based on the enum, exactly one of the specific configuration
-                      types must be set
-                    type: string
                   amdMilanBmPlatformConfig:
                     description: AmdMilanBmPlatformConfig describe AMD Milan BM platform
                       configuration
@@ -560,6 +553,13 @@ spec:
                           enabled on the instance.
                         type: boolean
                     type: object
+                  platformConfigType:
+                    description: The type of platform configuration. Valid values
+                      are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
+                      * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
+                      Based on the enum, exactly one of the specific configuration
+                      types must be set
+                    type: string
                 type: object
               preemptibleInstanceConfig:
                 description: PreemptibleInstanceConfig Configuration options for preemptible
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml
index 1f3f2f07a..220429a22 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml
@@ -52,7 +52,7 @@ spec:
                           for the Oracle Cloud Agent software running on the instance.
                         properties:
                           areAllPluginsDisabled:
-                            description: AreAllPluginsDisabled defines rhether Oracle
+                            description: AreAllPluginsDisabled defines whether Oracle
                               Cloud Agent can run all the available plugins. This
                               includes the management and monitoring plugins. To get
                               a list of available plugins, use the ListInstanceagentAvailablePlugins
@@ -329,13 +329,6 @@ spec:
                         description: InstanceSourceViaImageConfig defines the platform
                           config parameters
                         properties:
-                          PlatformConfigType:
-                            description: The type of platform configuration. Valid
-                              values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
-                              * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
-                              Based on the enum, exactly one of the specific configuration
-                              types must be set
-                            type: string
                           amdMilanBmPlatformConfig:
                             description: AmdMilanBmPlatformConfig describe AMD Milan
                               BM platform configuration
@@ -607,6 +600,13 @@ spec:
                                   is enabled on the instance.
                                 type: boolean
                             type: object
+                          platformConfigType:
+                            description: The type of platform configuration. Valid
+                              values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
+                              * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
+                              Based on the enum, exactly one of the specific configuration
+                              types must be set
+                            type: string
                         type: object
                       preemptibleInstanceConfig:
                         description: PreemptibleInstanceConfig Configuration options
diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
index 99c9c56d1..a071d1628 100644
--- a/docs/src/SUMMARY.md
+++ b/docs/src/SUMMARY.md
@@ -24,6 +24,7 @@
   - [Install Container Storage Interface (CSI)](./gs/install-csi.md)
     - [Provision a PVC on the Block Volume Service](./gs/pvc-bv.md)
     - [Provision a PVC on the File Storage Service](./gs/pvc-fss.md)
+  - [Customize worker nodes](./gs/customize-worker-node.md)
 - [Networking Guide](./networking/networking.md)
   - [Default Network Infrastructure](./networking/infrastructure.md)
     - [Using Calico](./networking/calico.md)
diff --git a/docs/src/gs/customize-worker-node.md b/docs/src/gs/customize-worker-node.md
new file mode 100644
index 000000000..65cd58e75
--- /dev/null
+++ b/docs/src/gs/customize-worker-node.md
@@ -0,0 +1,77 @@
+# Customizing worker nodes
+## Configure user managed boot volume encryption
+Use the following configuration in OCIMachineTemplate to use a customer
+managed boot volume encryption key
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      instanceSourceViaImageConfig:
+        kmsKeyId: <kms-key-id>
+```
+
+## Configure shielded instances
+Use the following configuration in OCIMachineTemplate to create [shielded instances][shielded_instances].
+Below example is for an AMD based VM.
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      platformConfig:
+        PlatformConfigType: "AMD_VM"
+        amdVmPlatformConfig:
+          isSecureBootEnabled: true
+          isTrustedPlatformModuleEnabled: true
+          isMeasuredBootEnabled: true
+```
+
+## Configure preemptible instances
+Use the following configuration in OCIMachineTemplate to create [preemtible instances][preemptible_instances].
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      preemptibleInstanceConfig:
+        terminatePreemptionAction:
+          preserveBootVolume: false
+```
+
+## Configure capacity resevration
+Use the following configuration in OCIMachineTemplate to create [preemtible instances][preemptible_instances].
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      capacityReservationId: <capacity-reservation-id>
+```
+
+## Configure Oracle Cloud Agent plugins
+Use the following configuration in OCIMachineTemplate to configure [Oracle Cloud Agent plugins][cloud_agent_plugins].
+The example below enabled Bastion plugin.
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      agentConfig:
+        pluginsConfigs:
+          - name: "Bastion"
+            desiredState: "ENABLED"
+```
+
+[shielded_instances]: https://docs.oracle.com/en-us/iaas/Content/Compute/References/shielded-instances.htm
+[preemptible_instances]: https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/preemptible.htm
+[cloud_agent_plugins]: https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/manage-plugins.htm
\ No newline at end of file