-
Notifications
You must be signed in to change notification settings - Fork 75
/
containerservice.azure.upbound.io_kubernetesclusters.yaml
11091 lines (11091 loc) · 615 KB
/
containerservice.azure.upbound.io_kubernetesclusters.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: kubernetesclusters.containerservice.azure.upbound.io
spec:
group: containerservice.azure.upbound.io
names:
categories:
- crossplane
- managed
- azure
kind: KubernetesCluster
listKind: KubernetesClusterList
plural: kubernetesclusters
singular: kubernetescluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: KubernetesCluster is the Schema for the KubernetesClusters API.
Manages a managed Kubernetes Cluster (also known as AKS / Azure Kubernetes
Service)
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: KubernetesClusterSpec defines the desired state of KubernetesCluster
properties:
deletionPolicy:
default: Delete
description: |-
DeletionPolicy specifies what will happen to the underlying external
when this managed resource is deleted - either "Delete" or "Orphan" the
external resource.
This field is planned to be deprecated in favor of the ManagementPolicies
field in a future release. Currently, both could be set independently and
non-default values would be honored if the feature flag is enabled.
See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223
enum:
- Orphan
- Delete
type: string
forProvider:
properties:
aciConnectorLinux:
description: A aci_connector_linux block as defined below. For
more details, please visit Create and configure an AKS cluster
to use virtual nodes.
items:
properties:
subnetName:
description: The subnet name for the virtual nodes to run.
type: string
subnetNameRef:
description: Reference to a Subnet in network to populate
subnetName.
properties:
name:
description: Name of the referenced object.
type: string
policy:
description: Policies for referencing.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
required:
- name
type: object
subnetNameSelector:
description: Selector for a Subnet in network to populate
subnetName.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
policy:
description: Policies for selection.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
type: object
type: object
type: array
apiServerAccessProfile:
description: An api_server_access_profile block as defined below.
items:
properties:
authorizedIpRanges:
description: Set of authorized IP ranges to allow access
to API server, e.g. ["198.51.100.0/24"].
items:
type: string
type: array
x-kubernetes-list-type: set
subnetId:
description: The ID of the Subnet where the API server endpoint
is delegated to.
type: string
subnetIdRef:
description: Reference to a Subnet in network to populate
subnetId.
properties:
name:
description: Name of the referenced object.
type: string
policy:
description: Policies for referencing.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
required:
- name
type: object
subnetIdSelector:
description: Selector for a Subnet in network to populate
subnetId.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
policy:
description: Policies for selection.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
type: object
vnetIntegrationEnabled:
description: Should API Server VNet Integration be enabled?
For more details please visit Use API Server VNet Integration.
type: boolean
type: object
type: array
apiServerAuthorizedIpRanges:
description: Deprecated in favor of `spec.forProvider.apiServerAccessProfile[0].authorizedIpRanges`
items:
type: string
type: array
x-kubernetes-list-type: set
autoScalerProfile:
description: A auto_scaler_profile block as defined below.
items:
properties:
balanceSimilarNodeGroups:
description: Detect similar node groups and balance the
number of nodes between them. Defaults to false.
type: boolean
emptyBulkDeleteMax:
description: Maximum number of empty nodes that can be deleted
at the same time. Defaults to 10.
type: string
expander:
description: Expander to use. Possible values are least-waste,
priority, most-pods and random. Defaults to random.
type: string
maxGracefulTerminationSec:
description: Maximum number of seconds the cluster autoscaler
waits for pod termination when trying to scale down a
node. Defaults to 600.
type: string
maxNodeProvisioningTime:
description: Maximum time the autoscaler waits for a node
to be provisioned. Defaults to 15m.
type: string
maxUnreadyNodes:
description: Maximum Number of allowed unready nodes. Defaults
to 3.
type: number
maxUnreadyPercentage:
description: Maximum percentage of unready nodes the cluster
autoscaler will stop if the percentage is exceeded. Defaults
to 45.
type: number
newPodScaleUpDelay:
description: For scenarios like burst/batch scale where
you don't want CA to act before the kubernetes scheduler
could schedule all the pods, you can tell CA to ignore
unscheduled pods before they're a certain age. Defaults
to 10s.
type: string
scaleDownDelayAfterAdd:
description: How long after the scale up of AKS nodes the
scale down evaluation resumes. Defaults to 10m.
type: string
scaleDownDelayAfterDelete:
description: How long after node deletion that scale down
evaluation resumes. Defaults to the value used for scan_interval.
type: string
scaleDownDelayAfterFailure:
description: How long after scale down failure that scale
down evaluation resumes. Defaults to 3m.
type: string
scaleDownUnneeded:
description: How long a node should be unneeded before it
is eligible for scale down. Defaults to 10m.
type: string
scaleDownUnready:
description: How long an unready node should be unneeded
before it is eligible for scale down. Defaults to 20m.
type: string
scaleDownUtilizationThreshold:
description: Node utilization level, defined as sum of requested
resources divided by capacity, below which a node can
be considered for scale down. Defaults to 0.5.
type: string
scanInterval:
description: How often the AKS Cluster should be re-evaluated
for scale up/down. Defaults to 10s.
type: string
skipNodesWithLocalStorage:
description: If true cluster autoscaler will never delete
nodes with pods with local storage, for example, EmptyDir
or HostPath. Defaults to true.
type: boolean
skipNodesWithSystemPods:
description: If true cluster autoscaler will never delete
nodes with pods from kube-system (except for DaemonSet
or mirror pods). Defaults to true.
type: boolean
type: object
type: array
automaticChannelUpgrade:
description: The upgrade channel for this Kubernetes Cluster.
Possible values are patch, rapid, node-image and stable. Omitting
this field sets this value to none.
type: string
azureActiveDirectoryRoleBasedAccessControl:
description: A azure_active_directory_role_based_access_control
block as defined below.
items:
properties:
adminGroupObjectIds:
description: A list of Object IDs of Azure Active Directory
Groups which should have Admin Role on the Cluster.
items:
type: string
type: array
azureRbacEnabled:
description: Is Role Based Access Control based on Azure
AD enabled?
type: boolean
clientAppId:
description: The Client ID of an Azure Active Directory
Application.
type: string
managed:
description: Is the Azure Active Directory integration Managed,
meaning that Azure will create/manage the Service Principal
used for integration.
type: boolean
serverAppId:
description: The Server ID of an Azure Active Directory
Application.
type: string
serverAppSecretSecretRef:
description: The Server Secret of an Azure Active Directory
Application.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
tenantId:
description: The Tenant ID used for Azure Active Directory
Application. If this isn't specified the Tenant ID of
the current Subscription is used.
type: string
type: object
type: array
azurePolicyEnabled:
description: Should the Azure Policy Add-On be enabled? For more
details please visit Understand Azure Policy for Azure Kubernetes
Service
type: boolean
confidentialComputing:
description: A confidential_computing block as defined below.
For more details please the documentation
items:
properties:
sgxQuoteHelperEnabled:
description: Should the SGX quote helper be enabled?
type: boolean
type: object
type: array
customCaTrustCertificatesBase64:
description: A list of up to 10 base64 encoded CAs that will be
added to the trust store on nodes with the custom_ca_trust_enabled
feature enabled.
items:
type: string
type: array
defaultNodePool:
description: A default_node_pool block as defined below.
items:
properties:
capacityReservationGroupId:
description: Specifies the ID of the Capacity Reservation
Group within which this AKS Cluster should be created.
Changing this forces a new resource to be created.
type: string
customCaTrustEnabled:
description: Specifies whether to trust a Custom CA.
type: boolean
enableAutoScaling:
description: Should the Kubernetes Auto Scaler be enabled
for this Node Pool?
type: boolean
enableHostEncryption:
description: Should the nodes in the Default Node Pool have
host encryption enabled? temporary_name_for_rotation must
be specified when changing this property.
type: boolean
enableNodePublicIp:
description: Should nodes in this Node Pool have a Public
IP Address? temporary_name_for_rotation must be specified
when changing this property.
type: boolean
fipsEnabled:
description: Should the nodes in this Node Pool have Federal
Information Processing Standard enabled? temporary_name_for_rotation
must be specified when changing this block. Changing this
forces a new resource to be created.
type: boolean
gpuInstance:
description: Specifies the GPU MIG instance profile for
supported GPU VM SKU. The allowed values are MIG1g, MIG2g,
MIG3g, MIG4g and MIG7g. Changing this forces a new resource
to be created.
type: string
hostGroupId:
description: Specifies the ID of the Host Group within which
this AKS Cluster should be created. Changing this forces
a new resource to be created.
type: string
kubeletConfig:
description: A kubelet_config block as defined below. temporary_name_for_rotation
must be specified when changing this block.
items:
properties:
allowedUnsafeSysctls:
description: Specifies the allow list of unsafe sysctls
command or patterns (ending in *).
items:
type: string
type: array
x-kubernetes-list-type: set
containerLogMaxLine:
description: Specifies the maximum number of container
log files that can be present for a container. must
be at least 2.
type: number
containerLogMaxSizeMb:
description: Specifies the maximum size (e.g. 10MB)
of container log file before it is rotated.
type: number
cpuCfsQuotaEnabled:
description: Is CPU CFS quota enforcement for containers
enabled?
type: boolean
cpuCfsQuotaPeriod:
description: Specifies the CPU CFS quota period value.
type: string
cpuManagerPolicy:
description: Specifies the CPU Manager policy to use.
Possible values are none and static,.
type: string
imageGcHighThreshold:
description: Specifies the percent of disk usage above
which image garbage collection is always run. Must
be between 0 and 100.
type: number
imageGcLowThreshold:
description: Specifies the percent of disk usage lower
than which image garbage collection is never run.
Must be between 0 and 100.
type: number
podMaxPid:
description: Specifies the maximum number of processes
per pod.
type: number
topologyManagerPolicy:
description: Specifies the Topology Manager policy
to use. Possible values are none, best-effort, restricted
or single-numa-node.
type: string
type: object
type: array
kubeletDiskType:
description: The type of disk used by kubelet. Possible
values are OS and Temporary.
type: string
linuxOsConfig:
description: A linux_os_config block as defined below. temporary_name_for_rotation
must be specified when changing this block.
items:
properties:
swapFileSizeMb:
description: Specifies the size of the swap file on
each node in MB.
type: number
sysctlConfig:
description: A sysctl_config block as defined below.
items:
properties:
fsAioMaxNr:
description: The sysctl setting fs.aio-max-nr.
Must be between 65536 and 6553500.
type: number
fsFileMax:
description: The sysctl setting fs.file-max.
Must be between 8192 and 12000500.
type: number
fsInotifyMaxUserWatches:
description: The sysctl setting fs.inotify.max_user_watches.
Must be between 781250 and 2097152.
type: number
fsNrOpen:
description: The sysctl setting fs.nr_open.
Must be between 8192 and 20000500.
type: number
kernelThreadsMax:
description: The sysctl setting kernel.threads-max.
Must be between 20 and 513785.
type: number
netCoreNetdevMaxBacklog:
description: The sysctl setting net.core.netdev_max_backlog.
Must be between 1000 and 3240000.
type: number
netCoreOptmemMax:
description: The sysctl setting net.core.optmem_max.
Must be between 20480 and 4194304.
type: number
netCoreRmemDefault:
description: The sysctl setting net.core.rmem_default.
Must be between 212992 and 134217728.
type: number
netCoreRmemMax:
description: The sysctl setting net.core.rmem_max.
Must be between 212992 and 134217728.
type: number
netCoreSomaxconn:
description: The sysctl setting net.core.somaxconn.
Must be between 4096 and 3240000.
type: number
netCoreWmemDefault:
description: The sysctl setting net.core.wmem_default.
Must be between 212992 and 134217728.
type: number
netCoreWmemMax:
description: The sysctl setting net.core.wmem_max.
Must be between 212992 and 134217728.
type: number
netIpv4IpLocalPortRangeMax:
description: The sysctl setting net.ipv4.ip_local_port_range
max value. Must be between 32768 and 65535.
type: number
netIpv4IpLocalPortRangeMin:
description: The sysctl setting net.ipv4.ip_local_port_range
min value. Must be between 1024 and 60999.
type: number
netIpv4NeighDefaultGcThresh1:
description: The sysctl setting net.ipv4.neigh.default.gc_thresh1.
Must be between 128 and 80000.
type: number
netIpv4NeighDefaultGcThresh2:
description: The sysctl setting net.ipv4.neigh.default.gc_thresh2.
Must be between 512 and 90000.
type: number
netIpv4NeighDefaultGcThresh3:
description: The sysctl setting net.ipv4.neigh.default.gc_thresh3.
Must be between 1024 and 100000.
type: number
netIpv4TcpFinTimeout:
description: The sysctl setting net.ipv4.tcp_fin_timeout.
Must be between 5 and 120.
type: number
netIpv4TcpKeepaliveIntvl:
description: The sysctl setting net.ipv4.tcp_keepalive_intvl.
Must be between 10 and 90.
type: number
netIpv4TcpKeepaliveProbes:
description: The sysctl setting net.ipv4.tcp_keepalive_probes.
Must be between 1 and 15.
type: number
netIpv4TcpKeepaliveTime:
description: The sysctl setting net.ipv4.tcp_keepalive_time.
Must be between 30 and 432000.
type: number
netIpv4TcpMaxSynBacklog:
description: The sysctl setting net.ipv4.tcp_max_syn_backlog.
Must be between 128 and 3240000.
type: number
netIpv4TcpMaxTwBuckets:
description: The sysctl setting net.ipv4.tcp_max_tw_buckets.
Must be between 8000 and 1440000.
type: number
netIpv4TcpTwReuse:
description: The sysctl setting net.ipv4.tcp_tw_reuse.
type: boolean
netNetfilterNfConntrackBuckets:
description: The sysctl setting net.netfilter.nf_conntrack_buckets.
Must be between 65536 and 524288.
type: number
netNetfilterNfConntrackMax:
description: The sysctl setting net.netfilter.nf_conntrack_max.
Must be between 131072 and 2097152.
type: number
vmMaxMapCount:
description: The sysctl setting vm.max_map_count.
Must be between 65530 and 262144.
type: number
vmSwappiness:
description: The sysctl setting vm.swappiness.
Must be between 0 and 100.
type: number
vmVfsCachePressure:
description: The sysctl setting vm.vfs_cache_pressure.
Must be between 0 and 100.
type: number
type: object
type: array
transparentHugePageDefrag:
description: specifies the defrag configuration for
Transparent Huge Page. Possible values are always,
defer, defer+madvise, madvise and never.
type: string
transparentHugePageEnabled:
description: Specifies the Transparent Huge Page enabled
configuration. Possible values are always, madvise
and never.
type: string
type: object
type: array
maxCount:
description: The maximum number of nodes which should exist
in this Node Pool. If specified this must be between 1
and 1000.
type: number
maxPods:
description: The maximum number of pods that can run on
each agent. temporary_name_for_rotation must be specified
when changing this property.
type: number
messageOfTheDay:
description: A base64-encoded string which will be written
to /etc/motd after decoding. This allows customization
of the message of the day for Linux nodes. It cannot be
specified for Windows nodes and must be a static string
(i.e. will be printed raw and not executed as a script).
Changing this forces a new resource to be created.
type: string
minCount:
description: The minimum number of nodes which should exist
in this Node Pool. If specified this must be between 1
and 1000.
type: number
name:
description: The name which should be used for the default
Kubernetes Node Pool.
type: string
nodeCount:
description: The initial number of nodes which should exist
in this Node Pool. If specified this must be between 1
and 1000 and between min_count and max_count.
type: number
nodeLabels:
additionalProperties:
type: string
description: A map of Kubernetes labels which should be
applied to nodes in the Default Node Pool.
type: object
x-kubernetes-map-type: granular
nodeNetworkProfile:
description: A node_network_profile block as documented
below.
items:
properties:
allowedHostPorts:
description: One or more allowed_host_ports blocks
as defined below.
items:
properties:
portEnd:
description: Specifies the end of the port range.
type: number
portStart:
description: Specifies the start of the port
range.
type: number
protocol:
description: Specifies the protocol of the port
range. Possible values are TCP and UDP.
type: string
type: object
type: array
applicationSecurityGroupIds:
description: A list of Application Security Group
IDs which should be associated with this Node Pool.
items:
type: string
type: array
nodePublicIpTags:
additionalProperties:
type: string
description: Specifies a mapping of tags to the instance-level
public IPs. Changing this forces a new resource
to be created.
type: object
x-kubernetes-map-type: granular
type: object
type: array
nodePublicIpPrefixId:
description: Resource ID for the Public IP Addresses Prefix
for the nodes in this Node Pool. enable_node_public_ip
should be true. Changing this forces a new resource to
be created.
type: string
nodeTaints:
items:
type: string
type: array
onlyCriticalAddonsEnabled:
description: Enabling this option will taint default node
pool with CriticalAddonsOnly=true:NoSchedule taint. temporary_name_for_rotation
must be specified when changing this property.
type: boolean
orchestratorVersion:
description: Version of Kubernetes used for the Agents.
If not specified, the default node pool will be created
with the version specified by kubernetes_version. If both
are unspecified, the latest recommended version will be
used at provisioning time (but won't auto-upgrade). AKS
does not require an exact patch version to be specified,
minor version aliases such as 1.22 are also supported.
- The minor version's latest GA patch is automatically
chosen in that case. More details can be found in the
documentation.
type: string
osDiskSizeGb:
description: The size of the OS Disk which should be used
for each agent in the Node Pool. temporary_name_for_rotation
must be specified when attempting a change.
type: number
osDiskType:
description: The type of disk which should be used for the
Operating System. Possible values are Ephemeral and Managed.
Defaults to Managed. temporary_name_for_rotation must
be specified when attempting a change.
type: string
osSku:
description: Specifies the OS SKU used by the agent pool.
Possible values are AzureLinux, Ubuntu, Windows2019 and
Windows2022. If not specified, the default is Ubuntu if
OSType=Linux or Windows2019 if OSType=Windows. And the
default Windows OSSKU will be changed to Windows2022 after
Windows2019 is deprecated. temporary_name_for_rotation
must be specified when attempting a change.
type: string
podSubnetId:
description: The ID of the Subnet where the pods in the
default Node Pool should exist.
type: string
podSubnetIdRef:
description: Reference to a Subnet in network to populate
podSubnetId.
properties:
name:
description: Name of the referenced object.
type: string
policy:
description: Policies for referencing.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
required:
- name
type: object
podSubnetIdSelector:
description: Selector for a Subnet in network to populate
podSubnetId.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
policy:
description: Policies for selection.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
type: object
proximityPlacementGroupId:
description: The ID of the Proximity Placement Group. Changing
this forces a new resource to be created.
type: string
scaleDownMode:
description: Specifies the autoscaling behaviour of the
Kubernetes Cluster. Allowed values are Delete and Deallocate.
Defaults to Delete.
type: string
snapshotId:
description: The ID of the Snapshot which should be used
to create this default Node Pool. temporary_name_for_rotation
must be specified when changing this property.
type: string
tags:
additionalProperties:
type: string
description: A mapping of tags to assign to the Node Pool.
type: object
x-kubernetes-map-type: granular
temporaryNameForRotation:
description: Specifies the name of the temporary node pool
used to cycle the default node pool for VM resizing.
type: string
type:
description: The type of Node Pool which should be created.
Possible values are AvailabilitySet and VirtualMachineScaleSets.
Defaults to VirtualMachineScaleSets. Changing this forces
a new resource to be created.
type: string
ultraSsdEnabled:
description: Used to specify whether the UltraSSD is enabled
in the Default Node Pool. Defaults to false. See the documentation
for more information. temporary_name_for_rotation must
be specified when attempting a change.
type: boolean
upgradeSettings:
description: A upgrade_settings block as documented below.
items:
properties:
maxSurge:
description: The maximum number or percentage of nodes
which will be added to the Node Pool size during
an upgrade.
type: string
type: object
type: array
vmSize:
description: The size of the Virtual Machine, such as Standard_DS2_v2.
temporary_name_for_rotation must be specified when attempting
a resize.
type: string
vnetSubnetId:
description: The ID of a Subnet where the Kubernetes Node
Pool should exist.
type: string
vnetSubnetIdRef:
description: Reference to a Subnet in network to populate
vnetSubnetId.
properties:
name:
description: Name of the referenced object.
type: string
policy:
description: Policies for referencing.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
required:
- name
type: object
vnetSubnetIdSelector:
description: Selector for a Subnet in network to populate
vnetSubnetId.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
policy:
description: Policies for selection.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the