From fa423580073cb3cf886f37f445493135b7c0a165 Mon Sep 17 00:00:00 2001 From: Joe Kratzat Date: Wed, 21 Sep 2022 16:17:00 -0400 Subject: [PATCH] test: commit missing e2e templates after running `make generate-e2e-templates` I notice two templates weren't committed like our other ones. --- .../cluster-template-alternative-region.yaml | 703 ++++++++++++++++++ .../cluster-template-machine-pool.yaml | 679 +++++++++++++++++ 2 files changed, 1382 insertions(+) create mode 100644 test/e2e/data/infrastructure-oci/v1beta1/cluster-template-alternative-region.yaml create mode 100644 test/e2e/data/infrastructure-oci/v1beta1/cluster-template-machine-pool.yaml diff --git a/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-alternative-region.yaml b/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-alternative-region.yaml new file mode 100644 index 000000000..de3d18f8b --- /dev/null +++ b/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-alternative-region.yaml @@ -0,0 +1,703 @@ +apiVersion: v1 +data: + cloud-controller-manager.yaml: "apiVersion: v1\nkind: Secret\nmetadata:\n name: + oci-cloud-controller-manager\n namespace: kube-system\nstringData:\n cloud-provider.yaml: + |-\n useInstancePrincipals: true\n\n # compartment configures Compartment + within which the cluster resides.\n compartment: ${OCI_COMPARTMENT_ID}\n\n + \ loadBalancer:\n disabled: true\n # Optional rate limit controls for + accessing OCI API\n rateLimiter:\n rateLimitQPSRead: 20.0\n rateLimitBucketRead: + 5\n rateLimitQPSWrite: 20.0\n rateLimitBucketWrite: 5\n---\n---\napiVersion: + apps/v1\nkind: DaemonSet\nmetadata:\n name: oci-cloud-controller-manager\n namespace: + kube-system\n labels:\n k8s-app: oci-cloud-controller-manager\nspec:\n selector:\n + \ matchLabels:\n component: oci-cloud-controller-manager\n tier: control-plane\n + \ updateStrategy:\n type: RollingUpdate\n template:\n metadata:\n labels:\n + \ component: oci-cloud-controller-manager\n tier: control-plane\n + \ spec:\n serviceAccountName: cloud-controller-manager\n hostNetwork: + true\n nodeSelector:\n node-role.kubernetes.io/control-plane: \"\"\n + \ tolerations:\n - key: node.cloudprovider.kubernetes.io/uninitialized\n + \ value: \"true\"\n effect: NoSchedule\n - key: node-role.kubernetes.io/master\n + \ operator: Exists\n effect: NoSchedule\n - key: node-role.kubernetes.io/control-plane\n + \ operator: Exists\n effect: NoSchedule \n volumes:\n - + name: cfg\n secret:\n secretName: oci-cloud-controller-manager\n + \ - name: kubernetes\n hostPath:\n path: /etc/kubernetes\n + \ containers:\n - name: oci-cloud-controller-manager\n image: + ghcr.io/oracle/cloud-provider-oci:v1.24.0\n command: [\"/usr/local/bin/oci-cloud-controller-manager\"]\n + \ args:\n - --cloud-config=/etc/oci/cloud-provider.yaml\n - + --cloud-provider=oci\n - --leader-elect-resource-lock=configmapsleases\n + \ - --v=2\n volumeMounts:\n - name: cfg\n mountPath: + /etc/oci\n readOnly: true\n - name: kubernetes\n mountPath: + /etc/kubernetes\n readOnly: true\n---\n---\napiVersion: v1\nkind: + ServiceAccount\nmetadata:\n name: cloud-controller-manager\n namespace: kube-system\n---\napiVersion: + rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n name: system:cloud-controller-manager\n + \ labels:\n kubernetes.io/cluster-service: \"true\"\nrules:\n - apiGroups:\n + \ - \"\"\n resources:\n - nodes\n verbs:\n - '*'\n\n - apiGroups:\n + \ - \"\"\n resources:\n - nodes/status\n verbs:\n - patch\n\n + \ - apiGroups:\n - \"\"\n resources:\n - services\n verbs:\n - + list\n - watch\n - patch\n\n - apiGroups:\n - \"\"\n resources:\n + \ - services/status\n verbs:\n - patch\n - get\n - update\n\n + \ - apiGroups:\n - \"\"\n resources:\n - configmaps\n resourceNames:\n + \ - \"extension-apiserver-authentication\"\n verbs:\n - get\n\n - + apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - + list\n - watch\n - create\n - patch\n - update\n \n # For + leader election\n - apiGroups:\n - \"\"\n resources:\n - endpoints\n + \ verbs:\n - create\n\n - apiGroups:\n - \"\"\n resources:\n - + endpoints\n resourceNames:\n - \"cloud-controller-manager\"\n verbs:\n + \ - get\n - list\n - watch\n - update\n - apiGroups:\n - + \"coordination.k8s.io\"\n resources:\n - leases\n verbs:\n - get\n + \ - create\n - update\n - delete\n - patch\n - watch\n\n + \ - apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n + \ - create\n\n - apiGroups:\n - \"\"\n resources:\n - configmaps\n + \ resourceNames:\n - \"cloud-controller-manager\"\n verbs:\n - + get\n - update\n\n - apiGroups:\n - \"\"\n resources:\n - configmaps\n + \ resourceNames:\n - \"extension-apiserver-authentication\"\n verbs:\n + \ - get\n - list\n - watch\n\n - apiGroups:\n - \"\"\n resources:\n + \ - serviceaccounts\n verbs:\n - create\n - apiGroups:\n - \"\"\n + \ resources:\n - secrets\n verbs:\n - get\n - list\n \n # + For the PVL\n - apiGroups:\n - \"\"\n resources:\n - persistentvolumes\n + \ verbs:\n - list\n - watch\n - patch\n---\nkind: ClusterRoleBinding\napiVersion: + rbac.authorization.k8s.io/v1\nmetadata:\n name: oci-cloud-controller-manager\nroleRef:\n + \ apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: system:cloud-controller-manager\nsubjects:\n + \ - kind: ServiceAccount\n name: cloud-controller-manager\n namespace: kube-system\n" +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: ${CLUSTER_NAME}-oci-cloud-controller-manager + namespace: default +--- +apiVersion: v1 +data: + csi.yaml: | + apiVersion: v1 + kind: Secret + metadata: + name: oci-volume-provisioner + namespace: kube-system + stringData: + config.yaml: |- + useInstancePrincipals: true + + # compartment configures Compartment within which the cluster resides. + compartment: ${OCI_COMPARTMENT_ID} + + # Optional rate limit controls for accessing OCI API + rateLimiter: + rateLimitQPSRead: 20.0 + rateLimitBucketRead: 5 + rateLimitQPSWrite: 20.0 + rateLimitBucketWrite: 5 + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deprecated.daemonset.template.generation: "1" + generation: 1 + name: csi-oci-controller + namespace: kube-system + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app: csi-oci-controller + template: + metadata: + creationTimestamp: null + labels: + app: csi-oci-controller + role: csi-oci + spec: + nodeSelector: + node-role.kubernetes.io/control-plane: "" + containers: + - name: csi-volume-provisioner + image: k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --volume-name-prefix=csi + - --feature-gates=Topology=true + - --timeout=120s + - --leader-election + - --leader-election-namespace=kube-system + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: csi-attacher + image: k8s.gcr.io/sig-storage/csi-attacher:v3.5.0 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --timeout=120s + - --leader-election=true + - --leader-election-namespace=kube-system + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: csi-resizer + image: k8s.gcr.io/sig-storage/csi-resizer:v1.5.0 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --leader-election + imagePullPolicy: "IfNotPresent" + volumeMounts: + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: oci-csi-controller-driver + args: + - --endpoint=unix://var/run/shared-tmpfs/csi.sock + command: + - /usr/local/bin/oci-csi-controller-driver + image: ghcr.io/oracle/cloud-provider-oci:v1.24.0 + imagePullPolicy: IfNotPresent + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - name: kubernetes + mountPath: /etc/kubernetes + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + volumes: + - name: config + secret: + secretName: oci-volume-provisioner + - name: kubernetes + hostPath: + path: /etc/kubernetes + - name: shared-tmpfs + emptyDir: {} + dnsPolicy: ClusterFirst + hostNetwork: true + imagePullSecrets: + - name: image-pull-secret + restartPolicy: Always + schedulerName: default-scheduler + serviceAccount: csi-oci-node-sa + serviceAccountName: csi-oci-node-sa + terminationGracePeriodSeconds: 30 + tolerations: + - operator: Exists + --- + apiVersion: storage.k8s.io/v1 + kind: CSIDriver + metadata: + name: fss.csi.oraclecloud.com + spec: + attachRequired: false + podInfoOnMount: false + --- + kind: ConfigMap + apiVersion: v1 + metadata: + name: oci-csi-iscsiadm + namespace: kube-system + data: + iscsiadm: | + #!/bin/sh + if [ -x /host/sbin/iscsiadm ]; then + chroot /host /sbin/iscsiadm "$@" + elif [ -x /host/usr/local/sbin/iscsiadm ]; then + chroot /host /usr/local/sbin/iscsiadm "$@" + elif [ -x /host/bin/iscsiadm ]; then + chroot /host /bin/iscsiadm "$@" + elif [ -x /host/usr/local/bin/iscsiadm ]; then + chroot /host /usr/local/bin/iscsiadm "$@" + else + chroot /host iscsiadm "$@" + fi + --- + apiVersion: v1 + kind: ConfigMap + metadata: + name: oci-fss-csi + namespace: kube-system + data: + mount: |- + #!/bin/sh + if [ -x /sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/local/sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/local/bin/mount ]; then + chroot /host mount "$@" + else + chroot /host mount "$@" + fi + umount: |- + #!/bin/sh + if [ -x /sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/local/sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/local/bin/umount ]; then + chroot /host umount "$@" + else + chroot /host umount "$@" + fi + umount.oci-fss: |- + #!/bin/sh + if [ -x /sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/local/sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/local/bin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + else + chroot /host umount.oci-fss "$@" + fi + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + annotations: + deprecated.daemonset.template.generation: "1" + generation: 1 + name: csi-oci-node + namespace: kube-system + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app: csi-oci-node + template: + metadata: + creationTimestamp: null + labels: + app: csi-oci-node + role: csi-oci + spec: + containers: + - name: oci-csi-node-driver + args: + - --v=2 + - --endpoint=unix:///csi/csi.sock + - --nodeid=$(KUBE_NODE_NAME) + - --loglevel=debug + - --fss-endpoint=unix:///fss/csi.sock + command: + - /usr/local/bin/oci-csi-node-driver + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: PATH + value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/host/usr/bin:/host/sbin + image: ghcr.io/oracle/cloud-provider-oci:v1.24.0 + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /fss + name: fss-plugin-dir + - mountPath: /var/lib/kubelet + mountPropagation: Bidirectional + name: pods-mount-dir + - mountPath: /dev + name: device-dir + - mountPath: /host + name: host-root + - mountPath: /sbin/iscsiadm + name: chroot-iscsiadm + subPath: iscsiadm + - mountPath: /host/var/lib/kubelet + mountPropagation: Bidirectional + name: encrypt-pods-mount-dir + - mountPath: /sbin/umount.oci-fss + name: fss-driver-mounts + subPath: umount.oci-fss + - mountPath: /sbin/umount + name: fss-driver-mounts + subPath: umount + - mountPath: /sbin/mount + name: fss-driver-mounts + subPath: mount + - name: csi-node-registrar + args: + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/blockvolume.csi.oraclecloud.com/csi.sock + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1 + securityContext: + privileged: true + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - rm -rf /registration/blockvolume.csi.oraclecloud.com /registration/blockvolume.csi.oraclecloud.com-reg.sock + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /registration + name: registration-dir + - name: csi-node-registrar-fss + args: + - --csi-address=/fss/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/fss.csi.oraclecloud.com/csi.sock + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.0 + securityContext: + privileged: true + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - rm -rf /registration/fss.csi.oraclecloud.com /registration/fss.csi.oraclecloud.com-reg.sock + volumeMounts: + - mountPath: /fss + name: fss-plugin-dir + - mountPath: /registration + name: registration-dir + dnsPolicy: ClusterFirst + hostNetwork: true + restartPolicy: Always + schedulerName: default-scheduler + serviceAccount: csi-oci-node-sa + serviceAccountName: csi-oci-node-sa + terminationGracePeriodSeconds: 30 + tolerations: + - operator: Exists + volumes: + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /var/lib/kubelet/plugins/blockvolume.csi.oraclecloud.com + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + path: /var/lib/kubelet/plugins/fss.csi.oraclecloud.com + type: DirectoryOrCreate + name: fss-plugin-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: pods-mount-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: encrypt-pods-mount-dir + - hostPath: + path: /dev + type: "" + name: device-dir + - hostPath: + path: / + type: Directory + name: host-root + - configMap: + name: oci-csi-iscsiadm + defaultMode: 0755 + name: chroot-iscsiadm + - configMap: + name: oci-fss-csi + defaultMode: 0755 + name: fss-driver-mounts + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: csi-oci-node-sa + namespace: kube-system + --- + + kind: ClusterRole + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: csi-oci + namespace: kube-system + rules: + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "get", "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "nodes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "volume.oci.oracle.com" ] + resources: [ "blockscsiinfos" ] + verbs: [ "get", "list", "watch", "create", "delete", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "create", "delete", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch", "update", "create" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses", "volumeattachments", "volumeattachments/status", "csinodes" ] + verbs: [ "get", "list", "watch", "patch" ] + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "list", "watch", "create", "delete", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "endpoints" ] + verbs: [ "get", "watch", "create", "update" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims/status" ] + verbs: [ "patch" ] + --- + + kind: ClusterRoleBinding + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: csi-oci-binding + subjects: + - kind: ServiceAccount + name: csi-oci-node-sa + namespace: kube-system + roleRef: + kind: ClusterRole + name: csi-oci + apiGroup: rbac.authorization.k8s.io + --- + kind: StorageClass + apiVersion: storage.k8s.io/v1 + metadata: + name: oci + provisioner: oracle.com/oci + --- + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: oci-bv + provisioner: blockvolume.csi.oraclecloud.com + volumeBindingMode: WaitForFirstConsumer + allowVolumeExpansion: true + reclaimPolicy: Delete + --- + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: oci-bv-encrypted + provisioner: blockvolume.csi.oraclecloud.com + parameters: + attachment-type: "paravirtualized" + reclaimPolicy: Delete + volumeBindingMode: WaitForFirstConsumer + allowVolumeExpansion: true + --- +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: ${CLUSTER_NAME}-oci-csi + namespace: default +--- +apiVersion: v1 +binaryData: null +data: ${CNI_RESOURCES} +kind: ConfigMap +metadata: + name: cni-${CLUSTER_NAME}-crs-0 +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: ${CLUSTER_NAME}-ccm-resource-set + namespace: default +spec: + clusterSelector: + matchLabels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + resources: + - kind: ConfigMap + name: ${CLUSTER_NAME}-oci-cloud-controller-manager + strategy: ApplyOnce +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: ${CLUSTER_NAME}-csi-resource-set + namespace: default +spec: + clusterSelector: + matchLabels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + resources: + - kind: ConfigMap + name: ${CLUSTER_NAME}-oci-csi + strategy: ApplyOnce +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: ${CLUSTER_NAME}-crs-0 +spec: + clusterSelector: + matchLabels: + cni: calico + resources: + - kind: ConfigMap + name: cni-${CLUSTER_NAME}-crs-0 + strategy: ApplyOnce +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 +kind: KubeadmConfigTemplate +metadata: + name: ${CLUSTER_NAME}-md-0 +spec: + template: + spec: + joinConfiguration: + nodeRegistration: + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + cni: calico + name: ${CLUSTER_NAME} + namespace: default +spec: + clusterNetwork: + pods: + cidrBlocks: + - ${POD_CIDR:="192.168.0.0/16"} + serviceDomain: ${SERVICE_DOMAIN:="cluster.local"} + services: + cidrBlocks: + - ${SERVICE_CIDR:="10.128.0.0/12"} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlane + name: ${CLUSTER_NAME}-control-plane + namespace: ${NAMESPACE} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCICluster + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: ${CLUSTER_NAME}-md-0 +spec: + clusterName: ${CLUSTER_NAME} + replicas: ${WORKER_MACHINE_COUNT} + selector: + matchLabels: null + template: + spec: + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + name: ${CLUSTER_NAME}-md-0 + clusterName: ${CLUSTER_NAME} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCIMachineTemplate + name: ${CLUSTER_NAME}-md-0 + version: ${KUBERNETES_VERSION} +--- +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: KubeadmControlPlane +metadata: + name: ${CLUSTER_NAME}-control-plane + namespace: default +spec: + kubeadmConfigSpec: + clusterConfiguration: + apiServer: + certSANs: + - localhost + - 127.0.0.1 + dns: {} + etcd: {} + kubernetesVersion: ${KUBERNETES_VERSION} + networking: {} + scheduler: {} + initConfiguration: + nodeRegistration: + criSocket: /var/run/containerd/containerd.sock + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} + joinConfiguration: + discovery: {} + nodeRegistration: + criSocket: /var/run/containerd/containerd.sock + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCIMachineTemplate + name: ${CLUSTER_NAME}-control-plane + namespace: ${NAMESPACE} + replicas: ${CONTROL_PLANE_MACHINE_COUNT} + version: ${KUBERNETES_VERSION} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCICluster +metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + name: ${CLUSTER_NAME} +spec: + compartmentId: ${OCI_COMPARTMENT_ID} + region: ${OCI_ALTERNATIVE_REGION} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCIMachineTemplate +metadata: + name: ${CLUSTER_NAME}-control-plane +spec: + template: + spec: + compartmentId: ${OCI_COMPARTMENT_ID} + imageId: ${OCI_ALTERNATIVE_REGION_IMAGE_ID} + metadata: + ssh_authorized_keys: ${OCI_SSH_KEY} + shape: ${OCI_CONTROL_PLANE_MACHINE_TYPE} + shapeConfig: + ocpus: "1" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCIMachineTemplate +metadata: + name: ${CLUSTER_NAME}-md-0 +spec: + template: + spec: + compartmentId: ${OCI_COMPARTMENT_ID} + imageId: ${OCI_ALTERNATIVE_REGION_IMAGE_ID} + metadata: + ssh_authorized_keys: ${OCI_SSH_KEY} + shape: ${OCI_NODE_MACHINE_TYPE} + shapeConfig: + ocpus: "1" diff --git a/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-machine-pool.yaml b/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-machine-pool.yaml new file mode 100644 index 000000000..8209d6648 --- /dev/null +++ b/test/e2e/data/infrastructure-oci/v1beta1/cluster-template-machine-pool.yaml @@ -0,0 +1,679 @@ +apiVersion: v1 +data: + cloud-controller-manager.yaml: "apiVersion: v1\nkind: Secret\nmetadata:\n name: + oci-cloud-controller-manager\n namespace: kube-system\nstringData:\n cloud-provider.yaml: + |-\n useInstancePrincipals: true\n\n # compartment configures Compartment + within which the cluster resides.\n compartment: ${OCI_COMPARTMENT_ID}\n\n + \ loadBalancer:\n disabled: true\n # Optional rate limit controls for + accessing OCI API\n rateLimiter:\n rateLimitQPSRead: 20.0\n rateLimitBucketRead: + 5\n rateLimitQPSWrite: 20.0\n rateLimitBucketWrite: 5\n---\n---\napiVersion: + apps/v1\nkind: DaemonSet\nmetadata:\n name: oci-cloud-controller-manager\n namespace: + kube-system\n labels:\n k8s-app: oci-cloud-controller-manager\nspec:\n selector:\n + \ matchLabels:\n component: oci-cloud-controller-manager\n tier: control-plane\n + \ updateStrategy:\n type: RollingUpdate\n template:\n metadata:\n labels:\n + \ component: oci-cloud-controller-manager\n tier: control-plane\n + \ spec:\n serviceAccountName: cloud-controller-manager\n hostNetwork: + true\n nodeSelector:\n node-role.kubernetes.io/control-plane: \"\"\n + \ tolerations:\n - key: node.cloudprovider.kubernetes.io/uninitialized\n + \ value: \"true\"\n effect: NoSchedule\n - key: node-role.kubernetes.io/master\n + \ operator: Exists\n effect: NoSchedule\n - key: node-role.kubernetes.io/control-plane\n + \ operator: Exists\n effect: NoSchedule \n volumes:\n - + name: cfg\n secret:\n secretName: oci-cloud-controller-manager\n + \ - name: kubernetes\n hostPath:\n path: /etc/kubernetes\n + \ containers:\n - name: oci-cloud-controller-manager\n image: + ghcr.io/oracle/cloud-provider-oci:v1.24.0\n command: [\"/usr/local/bin/oci-cloud-controller-manager\"]\n + \ args:\n - --cloud-config=/etc/oci/cloud-provider.yaml\n - + --cloud-provider=oci\n - --leader-elect-resource-lock=configmapsleases\n + \ - --v=2\n volumeMounts:\n - name: cfg\n mountPath: + /etc/oci\n readOnly: true\n - name: kubernetes\n mountPath: + /etc/kubernetes\n readOnly: true\n---\n---\napiVersion: v1\nkind: + ServiceAccount\nmetadata:\n name: cloud-controller-manager\n namespace: kube-system\n---\napiVersion: + rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n name: system:cloud-controller-manager\n + \ labels:\n kubernetes.io/cluster-service: \"true\"\nrules:\n - apiGroups:\n + \ - \"\"\n resources:\n - nodes\n verbs:\n - '*'\n\n - apiGroups:\n + \ - \"\"\n resources:\n - nodes/status\n verbs:\n - patch\n\n + \ - apiGroups:\n - \"\"\n resources:\n - services\n verbs:\n - + list\n - watch\n - patch\n\n - apiGroups:\n - \"\"\n resources:\n + \ - services/status\n verbs:\n - patch\n - get\n - update\n\n + \ - apiGroups:\n - \"\"\n resources:\n - configmaps\n resourceNames:\n + \ - \"extension-apiserver-authentication\"\n verbs:\n - get\n\n - + apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - + list\n - watch\n - create\n - patch\n - update\n \n # For + leader election\n - apiGroups:\n - \"\"\n resources:\n - endpoints\n + \ verbs:\n - create\n\n - apiGroups:\n - \"\"\n resources:\n - + endpoints\n resourceNames:\n - \"cloud-controller-manager\"\n verbs:\n + \ - get\n - list\n - watch\n - update\n - apiGroups:\n - + \"coordination.k8s.io\"\n resources:\n - leases\n verbs:\n - get\n + \ - create\n - update\n - delete\n - patch\n - watch\n\n + \ - apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n + \ - create\n\n - apiGroups:\n - \"\"\n resources:\n - configmaps\n + \ resourceNames:\n - \"cloud-controller-manager\"\n verbs:\n - + get\n - update\n\n - apiGroups:\n - \"\"\n resources:\n - configmaps\n + \ resourceNames:\n - \"extension-apiserver-authentication\"\n verbs:\n + \ - get\n - list\n - watch\n\n - apiGroups:\n - \"\"\n resources:\n + \ - serviceaccounts\n verbs:\n - create\n - apiGroups:\n - \"\"\n + \ resources:\n - secrets\n verbs:\n - get\n - list\n \n # + For the PVL\n - apiGroups:\n - \"\"\n resources:\n - persistentvolumes\n + \ verbs:\n - list\n - watch\n - patch\n---\nkind: ClusterRoleBinding\napiVersion: + rbac.authorization.k8s.io/v1\nmetadata:\n name: oci-cloud-controller-manager\nroleRef:\n + \ apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: system:cloud-controller-manager\nsubjects:\n + \ - kind: ServiceAccount\n name: cloud-controller-manager\n namespace: kube-system\n" +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: ${CLUSTER_NAME}-oci-cloud-controller-manager + namespace: default +--- +apiVersion: v1 +data: + csi.yaml: | + apiVersion: v1 + kind: Secret + metadata: + name: oci-volume-provisioner + namespace: kube-system + stringData: + config.yaml: |- + useInstancePrincipals: true + + # compartment configures Compartment within which the cluster resides. + compartment: ${OCI_COMPARTMENT_ID} + + # Optional rate limit controls for accessing OCI API + rateLimiter: + rateLimitQPSRead: 20.0 + rateLimitBucketRead: 5 + rateLimitQPSWrite: 20.0 + rateLimitBucketWrite: 5 + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deprecated.daemonset.template.generation: "1" + generation: 1 + name: csi-oci-controller + namespace: kube-system + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app: csi-oci-controller + template: + metadata: + creationTimestamp: null + labels: + app: csi-oci-controller + role: csi-oci + spec: + nodeSelector: + node-role.kubernetes.io/control-plane: "" + containers: + - name: csi-volume-provisioner + image: k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --volume-name-prefix=csi + - --feature-gates=Topology=true + - --timeout=120s + - --leader-election + - --leader-election-namespace=kube-system + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: csi-attacher + image: k8s.gcr.io/sig-storage/csi-attacher:v3.5.0 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --timeout=120s + - --leader-election=true + - --leader-election-namespace=kube-system + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: csi-resizer + image: k8s.gcr.io/sig-storage/csi-resizer:v1.5.0 + args: + - --csi-address=/var/run/shared-tmpfs/csi.sock + - --leader-election + imagePullPolicy: "IfNotPresent" + volumeMounts: + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + - name: oci-csi-controller-driver + args: + - --endpoint=unix://var/run/shared-tmpfs/csi.sock + command: + - /usr/local/bin/oci-csi-controller-driver + image: ghcr.io/oracle/cloud-provider-oci:v1.24.0 + imagePullPolicy: IfNotPresent + volumeMounts: + - name: config + mountPath: /etc/oci/ + readOnly: true + - name: kubernetes + mountPath: /etc/kubernetes + readOnly: true + - mountPath: /var/run/shared-tmpfs + name: shared-tmpfs + volumes: + - name: config + secret: + secretName: oci-volume-provisioner + - name: kubernetes + hostPath: + path: /etc/kubernetes + - name: shared-tmpfs + emptyDir: {} + dnsPolicy: ClusterFirst + hostNetwork: true + imagePullSecrets: + - name: image-pull-secret + restartPolicy: Always + schedulerName: default-scheduler + serviceAccount: csi-oci-node-sa + serviceAccountName: csi-oci-node-sa + terminationGracePeriodSeconds: 30 + tolerations: + - operator: Exists + --- + apiVersion: storage.k8s.io/v1 + kind: CSIDriver + metadata: + name: fss.csi.oraclecloud.com + spec: + attachRequired: false + podInfoOnMount: false + --- + kind: ConfigMap + apiVersion: v1 + metadata: + name: oci-csi-iscsiadm + namespace: kube-system + data: + iscsiadm: | + #!/bin/sh + if [ -x /host/sbin/iscsiadm ]; then + chroot /host /sbin/iscsiadm "$@" + elif [ -x /host/usr/local/sbin/iscsiadm ]; then + chroot /host /usr/local/sbin/iscsiadm "$@" + elif [ -x /host/bin/iscsiadm ]; then + chroot /host /bin/iscsiadm "$@" + elif [ -x /host/usr/local/bin/iscsiadm ]; then + chroot /host /usr/local/bin/iscsiadm "$@" + else + chroot /host iscsiadm "$@" + fi + --- + apiVersion: v1 + kind: ConfigMap + metadata: + name: oci-fss-csi + namespace: kube-system + data: + mount: |- + #!/bin/sh + if [ -x /sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/local/sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/sbin/mount ]; then + chroot /host mount "$@" + elif [ -x /usr/local/bin/mount ]; then + chroot /host mount "$@" + else + chroot /host mount "$@" + fi + umount: |- + #!/bin/sh + if [ -x /sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/local/sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/sbin/umount ]; then + chroot /host umount "$@" + elif [ -x /usr/local/bin/umount ]; then + chroot /host umount "$@" + else + chroot /host umount "$@" + fi + umount.oci-fss: |- + #!/bin/sh + if [ -x /sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/local/sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/sbin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + elif [ -x /usr/local/bin/umount-oci-fss ]; then + chroot /host umount.oci-fss "$@" + else + chroot /host umount.oci-fss "$@" + fi + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + annotations: + deprecated.daemonset.template.generation: "1" + generation: 1 + name: csi-oci-node + namespace: kube-system + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app: csi-oci-node + template: + metadata: + creationTimestamp: null + labels: + app: csi-oci-node + role: csi-oci + spec: + containers: + - name: oci-csi-node-driver + args: + - --v=2 + - --endpoint=unix:///csi/csi.sock + - --nodeid=$(KUBE_NODE_NAME) + - --loglevel=debug + - --fss-endpoint=unix:///fss/csi.sock + command: + - /usr/local/bin/oci-csi-node-driver + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: PATH + value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/host/usr/bin:/host/sbin + image: ghcr.io/oracle/cloud-provider-oci:v1.24.0 + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /fss + name: fss-plugin-dir + - mountPath: /var/lib/kubelet + mountPropagation: Bidirectional + name: pods-mount-dir + - mountPath: /dev + name: device-dir + - mountPath: /host + name: host-root + - mountPath: /sbin/iscsiadm + name: chroot-iscsiadm + subPath: iscsiadm + - mountPath: /host/var/lib/kubelet + mountPropagation: Bidirectional + name: encrypt-pods-mount-dir + - mountPath: /sbin/umount.oci-fss + name: fss-driver-mounts + subPath: umount.oci-fss + - mountPath: /sbin/umount + name: fss-driver-mounts + subPath: umount + - mountPath: /sbin/mount + name: fss-driver-mounts + subPath: mount + - name: csi-node-registrar + args: + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/blockvolume.csi.oraclecloud.com/csi.sock + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1 + securityContext: + privileged: true + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - rm -rf /registration/blockvolume.csi.oraclecloud.com /registration/blockvolume.csi.oraclecloud.com-reg.sock + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /registration + name: registration-dir + - name: csi-node-registrar-fss + args: + - --csi-address=/fss/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/fss.csi.oraclecloud.com/csi.sock + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.0 + securityContext: + privileged: true + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - rm -rf /registration/fss.csi.oraclecloud.com /registration/fss.csi.oraclecloud.com-reg.sock + volumeMounts: + - mountPath: /fss + name: fss-plugin-dir + - mountPath: /registration + name: registration-dir + dnsPolicy: ClusterFirst + hostNetwork: true + restartPolicy: Always + schedulerName: default-scheduler + serviceAccount: csi-oci-node-sa + serviceAccountName: csi-oci-node-sa + terminationGracePeriodSeconds: 30 + tolerations: + - operator: Exists + volumes: + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /var/lib/kubelet/plugins/blockvolume.csi.oraclecloud.com + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + path: /var/lib/kubelet/plugins/fss.csi.oraclecloud.com + type: DirectoryOrCreate + name: fss-plugin-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: pods-mount-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: encrypt-pods-mount-dir + - hostPath: + path: /dev + type: "" + name: device-dir + - hostPath: + path: / + type: Directory + name: host-root + - configMap: + name: oci-csi-iscsiadm + defaultMode: 0755 + name: chroot-iscsiadm + - configMap: + name: oci-fss-csi + defaultMode: 0755 + name: fss-driver-mounts + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: csi-oci-node-sa + namespace: kube-system + --- + + kind: ClusterRole + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: csi-oci + namespace: kube-system + rules: + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "get", "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "nodes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "volume.oci.oracle.com" ] + resources: [ "blockscsiinfos" ] + verbs: [ "get", "list", "watch", "create", "delete", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "create", "delete", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch", "update", "create" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses", "volumeattachments", "volumeattachments/status", "csinodes" ] + verbs: [ "get", "list", "watch", "patch" ] + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "list", "watch", "create", "delete", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "endpoints" ] + verbs: [ "get", "watch", "create", "update" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims/status" ] + verbs: [ "patch" ] + --- + + kind: ClusterRoleBinding + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: csi-oci-binding + subjects: + - kind: ServiceAccount + name: csi-oci-node-sa + namespace: kube-system + roleRef: + kind: ClusterRole + name: csi-oci + apiGroup: rbac.authorization.k8s.io + --- + kind: StorageClass + apiVersion: storage.k8s.io/v1 + metadata: + name: oci + provisioner: oracle.com/oci + --- + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: oci-bv + provisioner: blockvolume.csi.oraclecloud.com + volumeBindingMode: WaitForFirstConsumer + allowVolumeExpansion: true + reclaimPolicy: Delete + --- + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: oci-bv-encrypted + provisioner: blockvolume.csi.oraclecloud.com + parameters: + attachment-type: "paravirtualized" + reclaimPolicy: Delete + volumeBindingMode: WaitForFirstConsumer + allowVolumeExpansion: true + --- +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: ${CLUSTER_NAME}-oci-csi + namespace: default +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: ${CLUSTER_NAME}-ccm-resource-set + namespace: default +spec: + clusterSelector: + matchLabels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + resources: + - kind: ConfigMap + name: ${CLUSTER_NAME}-oci-cloud-controller-manager + strategy: ApplyOnce +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: ${CLUSTER_NAME}-csi-resource-set + namespace: default +spec: + clusterSelector: + matchLabels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + resources: + - kind: ConfigMap + name: ${CLUSTER_NAME}-oci-csi + strategy: ApplyOnce +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 +kind: KubeadmConfig +metadata: + name: ${CLUSTER_NAME}-mp-0 +spec: + joinConfiguration: + nodeRegistration: + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + cni: calico + name: ${CLUSTER_NAME} + namespace: default +spec: + clusterNetwork: + pods: + cidrBlocks: + - ${POD_CIDR:="192.168.0.0/16"} + serviceDomain: ${SERVICE_DOMAIN:="cluster.local"} + services: + cidrBlocks: + - ${SERVICE_CIDR:="10.128.0.0/12"} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlane + name: ${CLUSTER_NAME}-control-plane + namespace: ${NAMESPACE} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCICluster + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + name: ${CLUSTER_NAME}-mp-0 + namespace: default +spec: + clusterName: ${CLUSTER_NAME} + replicas: ${WORKER_MACHINE_COUNT} + template: + spec: + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfig + name: ${CLUSTER_NAME}-mp-0 + clusterName: ${CLUSTER_NAME} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCIMachinePool + name: ${CLUSTER_NAME}-mp-0 + version: ${KUBERNETES_VERSION} +--- +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: KubeadmControlPlane +metadata: + name: ${CLUSTER_NAME}-control-plane + namespace: default +spec: + kubeadmConfigSpec: + clusterConfiguration: + apiServer: + certSANs: + - localhost + - 127.0.0.1 + dns: {} + etcd: {} + kubernetesVersion: ${KUBERNETES_VERSION} + networking: {} + scheduler: {} + initConfiguration: + nodeRegistration: + criSocket: /var/run/containerd/containerd.sock + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} + joinConfiguration: + discovery: {} + nodeRegistration: + criSocket: /var/run/containerd/containerd.sock + kubeletExtraArgs: + cloud-provider: external + provider-id: oci://{{ ds["id"] }} + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: OCIMachineTemplate + name: ${CLUSTER_NAME}-control-plane + namespace: ${NAMESPACE} + replicas: ${CONTROL_PLANE_MACHINE_COUNT} + version: ${KUBERNETES_VERSION} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCICluster +metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + name: ${CLUSTER_NAME} +spec: + compartmentId: ${OCI_COMPARTMENT_ID} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCIMachinePool +metadata: + name: ${CLUSTER_NAME}-mp-0 + namespace: default +spec: + imageId: ${OCI_IMAGE_ID} + instanceConfiguration: + instanceDetails: + shape: ${OCI_NODE_MACHINE_TYPE=VM.Standard.E4.Flex} + metadata: + ssh_authorized_keys: ${OCI_SSH_KEY} + shapeConfig: + ocpus: "1" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: OCIMachineTemplate +metadata: + name: ${CLUSTER_NAME}-control-plane +spec: + template: + spec: + compartmentId: ${OCI_COMPARTMENT_ID} + imageId: ${OCI_IMAGE_ID} + metadata: + ssh_authorized_keys: ${OCI_SSH_KEY} + shape: ${OCI_CONTROL_PLANE_MACHINE_TYPE} + shapeConfig: + ocpus: "1"