Add documentation for worker node customization

oracle · Sep 20, 2022 · f4bbc1a · f4bbc1a
1 parent 63f3872
commit f4bbc1a
Show file tree

Hide file tree

Showing 5 changed files with 100 additions and 18 deletions.
diff --git a/api/v1beta1/types.go b/api/v1beta1/types.go
@@ -190,7 +190,7 @@ type PlatformConfig struct {
 	// * `INTEL_SKYLAKE_BM`
 	// * `AMD_MILAN_BM`
 	// Based on the enum, exactly one of the specific configuration types must be set
-	PlatformConfigType PlatformConfigTypeEnum `json:"PlatformConfigType,omitempty"`
+	PlatformConfigType PlatformConfigTypeEnum `json:"platformConfigType,omitempty"`
 
 	// AmdMilanBmPlatformConfig describe AMD Milan BM platform configuration
 	AmdMilanBmPlatformConfig AmdMilanBmPlatformConfig `json:"amdMilanBmPlatformConfig,omitempty"`
@@ -523,7 +523,7 @@ type LaunchInstanceAgentConfig struct {
 	// object.
 	IsManagementDisabled *bool `json:"isManagementDisabled,omitempty"`
 
-	// AreAllPluginsDisabled defines rhether Oracle Cloud Agent can run all the available plugins.
+	// AreAllPluginsDisabled defines whether Oracle Cloud Agent can run all the available plugins.
 	// This includes the management and monitoring plugins.
 	// To get a list of available plugins, use the
 	// ListInstanceagentAvailablePlugins

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachines.yaml
@@ -43,7 +43,7 @@ spec:
                   Oracle Cloud Agent software running on the instance.
                 properties:
                   areAllPluginsDisabled:
-                    description: AreAllPluginsDisabled defines rhether Oracle Cloud
+                    description: AreAllPluginsDisabled defines whether Oracle Cloud
                       Agent can run all the available plugins. This includes the management
                       and monitoring plugins. To get a list of available plugins,
                       use the ListInstanceagentAvailablePlugins operation in the Oracle
@@ -303,13 +303,6 @@ spec:
                 description: InstanceSourceViaImageConfig defines the platform config
                   parameters
                 properties:
-                  PlatformConfigType:
-                    description: The type of platform configuration. Valid values
-                      are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
-                      * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
-                      Based on the enum, exactly one of the specific configuration
-                      types must be set
-                    type: string
                   amdMilanBmPlatformConfig:
                     description: AmdMilanBmPlatformConfig describe AMD Milan BM platform
                       configuration
@@ -560,6 +553,13 @@ spec:
                           enabled on the instance.
                         type: boolean
                     type: object
+                  platformConfigType:
+                    description: The type of platform configuration. Valid values
+                      are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
+                      * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
+                      Based on the enum, exactly one of the specific configuration
+                      types must be set
+                    type: string
                 type: object
               preemptibleInstanceConfig:
                 description: PreemptibleInstanceConfig Configuration options for preemptible

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_ocimachinetemplates.yaml
@@ -52,7 +52,7 @@ spec:
                           for the Oracle Cloud Agent software running on the instance.
                         properties:
                           areAllPluginsDisabled:
-                            description: AreAllPluginsDisabled defines rhether Oracle
+                            description: AreAllPluginsDisabled defines whether Oracle
                               Cloud Agent can run all the available plugins. This
                               includes the management and monitoring plugins. To get
                               a list of available plugins, use the ListInstanceagentAvailablePlugins
@@ -329,13 +329,6 @@ spec:
                         description: InstanceSourceViaImageConfig defines the platform
                           config parameters
                         properties:
-                          PlatformConfigType:
-                            description: The type of platform configuration. Valid
-                              values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
-                              * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
-                              Based on the enum, exactly one of the specific configuration
-                              types must be set
-                            type: string
                           amdMilanBmPlatformConfig:
                             description: AmdMilanBmPlatformConfig describe AMD Milan
                               BM platform configuration
@@ -607,6 +600,13 @@ spec:
                                   is enabled on the instance.
                                 type: boolean
                             type: object
+                          platformConfigType:
+                            description: The type of platform configuration. Valid
+                              values are * `AMD_ROME_BM_GPU` * `AMD_ROME_BM` * `INTEL_ICELAKE_BM`
+                              * `AMD_VM` * `INTEL_VM` * `INTEL_SKYLAKE_BM` * `AMD_MILAN_BM`
+                              Based on the enum, exactly one of the specific configuration
+                              types must be set
+                            type: string
                         type: object
                       preemptibleInstanceConfig:
                         description: PreemptibleInstanceConfig Configuration options

diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
@@ -24,6 +24,7 @@
   - [Install Container Storage Interface (CSI)](./gs/install-csi.md)
     - [Provision a PVC on the Block Volume Service](./gs/pvc-bv.md)
     - [Provision a PVC on the File Storage Service](./gs/pvc-fss.md)
+  - [Customize worker nodes](./gs/customize-worker-node.md)
 - [Networking Guide](./networking/networking.md)
   - [Default Network Infrastructure](./networking/infrastructure.md)
     - [Using Calico](./networking/calico.md)

diff --git a/docs/src/gs/customize-worker-node.md b/docs/src/gs/customize-worker-node.md
@@ -0,0 +1,81 @@
+# Customizing worker nodes
+## Configure user managed boot volume encryption
+Use the following configuration in `OCIMachineTemplate` to use a [customer
+managed boot volume encryption key][customer_managed_keys].
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      instanceSourceViaImageConfig:
+        kmsKeyId: <kms-key-id>
+```
+
+## Configure shielded instances
+Use the following configuration in `OCIMachineTemplate` to create [shielded instances][shielded_instances].
+Below example is for an AMD based VM. Please read the [CAPOCI github page][github_capoci_types] PlatformConfig struct
+for an enumeration of all the possible configurations.
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      platformConfig:
+        PlatformConfigType: "AMD_VM"
+        amdVmPlatformConfig:
+          isSecureBootEnabled: true
+          isTrustedPlatformModuleEnabled: true
+          isMeasuredBootEnabled: true
+```
+
+## Configure preemptible instances
+Use the following configuration in `OCIMachineTemplate` to create [preemtible instances][preemptible_instances].
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      preemptibleInstanceConfig:
+        terminatePreemptionAction:
+          preserveBootVolume: false
+```
+
+## Configure capacity reservation
+Use the following configuration in `OCIMachineTemplate` to use [capacity reservations][capacity_reservations].
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      capacityReservationId: <capacity-reservation-id>
+```
+
+## Configure Oracle Cloud Agent plugins
+Use the following configuration in `OCIMachineTemplate` to configure [Oracle Cloud Agent plugins][cloud_agent_plugins].
+The example below enables Bastion plugin.
+
+```yaml
+kind: OCIMachineTemplate
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+spec:
+  template:
+    spec:
+      agentConfig:
+        pluginsConfigs:
+          - name: "Bastion"
+            desiredState: "ENABLED"
+```
+
+[customer_managed_keys]: https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Tasks/assigningkeys.htm
+[shielded_instances]: https://docs.oracle.com/en-us/iaas/Content/Compute/References/shielded-instances.htm
+[preemptible_instances]: https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/preemptible.htm#howitworks__using
+[cloud_agent_plugins]: https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/manage-plugins.htm
+[github_capoci_types]: https://github.com/oracle/cluster-api-provider-oci/blob/main/api/v1beta1/types.go
+[capacity_reservations]: https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/reserve-capacity.htm