Documentation ¶
Index ¶
- Constants
- Variables
- func FormatProdFQDNByLocation(fqdnPrefix string, location string, ...) string
- func GetAllSupportedKubernetesVersions(isUpdate, hasWindows bool) []string
- func GetCloudTargetEnv(location string) string
- func GetDefaultKubernetesVersion(hasWindows bool) string
- func GetLatestPatchVersion(majorMinor string, versionsList []string) (version string)
- func GetMaxVersion(versions []string, preRelease bool) string
- func GetMinVersion(versions []string, preRelease bool) string
- func GetOrderedEscapedKeyValsString(config map[string]string) string
- func GetStorageAccountType(sizeName string) (string, error)
- func GetSupportedKubernetesVersion(version string, hasWindows bool) string
- func GetSupportedVersions(orchType string, isUpdate, hasWindows bool) (versions []string, defaultVersion string)
- func GetValidPatchVersion(orchType, orchVer string, isUpdate, hasWindows bool) string
- func GetVersionsBetween(versions []string, versionMin, versionMax string, inclusive, preReleases bool) []string
- func GetVersionsGt(versions []string, version string, inclusive, preReleases bool) []string
- func GetVersionsLt(versions []string, version string, inclusive, preReleases bool) []string
- func IndentString(original string, spaces int) string
- func IsKubernetesVersionGe(actualVersion, version string) bool
- func IsMIGNode(GPUInstanceProfile string) bool
- func IsSgxEnabledSKU(vmSize string) bool
- func IsSupportedKubernetesVersion(version string, isUpdate, hasWindows bool) bool
- func IsValidMinVersion(orchType, orchRelease, orchVersion, minVersion string) (bool, error)
- func RationalizeReleaseAndVersion(orchType, orchRel, orchVer string, isUpdate, hasWindows bool) (version string)
- func SliceIntIsNonEmpty(s []int) bool
- func ValidateDNSPrefix(dnsName string) error
- func WrapAsVerbatim(s string) string
- type AADProfile
- type AKSKubeletConfiguration
- type AddonNodePoolsConfig
- type AddonProfile
- type AgentPoolProfile
- func (a *AgentPoolProfile) GetKubernetesLabels(rg string, deprecated bool, nvidiaEnabled bool, fipsEnabled bool, osSku string) string
- func (a *AgentPoolProfile) IsAvailabilitySets() bool
- func (a *AgentPoolProfile) IsCustomVNET() bool
- func (a *AgentPoolProfile) IsVHDDistro() bool
- func (a *AgentPoolProfile) IsVirtualMachineScaleSets() bool
- func (a *AgentPoolProfile) IsWindows() bool
- type AuthenticatorType
- type AzureEndpointConfig
- type AzureEnvironmentSpecConfig
- type AzureOSImageConfig
- type CSEStatus
- type CSEStatusParsingError
- type CSEStatusParsingErrorCode
- type CertificateProfile
- type ComponentConfiguration
- type ContainerService
- type ContainerdWindowsRuntimes
- type CustomCloudEnv
- type CustomConfiguration
- type CustomFile
- type CustomKubeletConfig
- type CustomLinuxOSConfig
- type CustomProfile
- type CustomSearchDomain
- type DiagnosticsProfile
- type Distro
- type DockerSpecConfig
- type Duration
- type Extension
- type ExtensionProfile
- type FeatureFlags
- type HTTPProxyConfig
- type HostedMasterProfile
- type ImageReference
- type K8sComponents
- type KeyVaultCertificate
- type KeyVaultID
- type KeyVaultRef
- type KeyVaultSecrets
- type KeyvaultSecretRef
- type KubeletAnonymousAuthentication
- type KubeletAuthentication
- type KubeletAuthorization
- type KubeletAuthorizationMode
- type KubeletDiskType
- type KubeletWebhookAuthentication
- type KubeletWebhookAuthorization
- type KubeletX509Authentication
- type KubernetesAddon
- type KubernetesConfig
- func (k *KubernetesConfig) GetAddonByName(addonName string) KubernetesAddon
- func (k *KubernetesConfig) GetAzureCNIURLARM64Linux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) GetAzureCNIURLLinux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) GetAzureCNIURLWindows(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) IsAADPodIdentityEnabled() bool
- func (k *KubernetesConfig) IsAddonDisabled(addonName string) bool
- func (k *KubernetesConfig) IsAddonEnabled(addonName string) bool
- func (k *KubernetesConfig) IsIPMasqAgentDisabled() bool
- func (k *KubernetesConfig) IsIPMasqAgentEnabled() bool
- func (k *KubernetesConfig) IsRBACEnabled() bool
- func (k *KubernetesConfig) NeedsContainerd() bool
- func (k *KubernetesConfig) PrivateJumpboxProvision() bool
- func (k *KubernetesConfig) RequiresDocker() bool
- func (k *KubernetesConfig) UserAssignedIDEnabled() bool
- type KubernetesContainerSpec
- type KubernetesSpecConfig
- type LinuxProfile
- type NodeBootstrapping
- type NodeBootstrappingConfiguration
- type OSType
- type OrchestratorProfile
- type PrivateCluster
- type PrivateJumpboxProfile
- type Properties
- func (p *Properties) AreAgentProfilesCustomVNET() bool
- func (p *Properties) GetClusterID() string
- func (p *Properties) GetCustomCloudName() string
- func (p *Properties) GetCustomEnvironmentJSON(escape bool) (string, error)
- func (p *Properties) GetKubeProxyFeatureGatesWindowsArguments() string
- func (p *Properties) GetNSGName() string
- func (p *Properties) GetPrimaryAvailabilitySetName() string
- func (p *Properties) GetResourcePrefix() string
- func (p *Properties) GetRouteTableName() string
- func (p *Properties) GetSubnetName() string
- func (p *Properties) GetVMType() string
- func (p *Properties) GetVNetResourceGroupName() string
- func (p *Properties) GetVirtualNetworkName() string
- func (p *Properties) HasAadProfile() bool
- func (p *Properties) HasDCSeriesSKU() bool
- func (p *Properties) HasVMSSAgentPool() bool
- func (p *Properties) HasWindows() bool
- func (p *Properties) IsAKSCustomCloud() bool
- func (p *Properties) IsIPMasqAgentDisabled() bool
- func (p *Properties) IsIPMasqAgentEnabled() bool
- func (p *Properties) IsVHDDistroForAllNodes() bool
- func (p *Properties) K8sOrchestratorName() string
- type ProvisioningState
- type PublicKey
- type ResourceIdentifiers
- type ResourcePurchasePlan
- type RuntimeHandlers
- type SIGAzureEnvironmentSpecConfig
- type SIGConfig
- type SIGGalleryConfig
- type ServicePrincipalProfile
- type SigImageConfig
- type SigImageConfigOpt
- type SigImageConfigTemplate
- type SysctlConfig
- type TelemetryProfile
- type TypeMeta
- type UserAssignedIdentity
- type VMDiagnostics
- type WindowsProfile
- func (w *WindowsProfile) GetContainerdWindowsRuntimeHandlers() string
- func (w *WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation() string
- func (w *WindowsProfile) GetSSHEnabled() bool
- func (w *WindowsProfile) GetWindowsDockerVersion() string
- func (w *WindowsProfile) GetWindowsSku() string
- func (w *WindowsProfile) HasCustomImage() bool
- func (w *WindowsProfile) HasImageRef() bool
- func (w *WindowsProfile) HasSecrets() bool
- func (w *WindowsProfile) IsAlwaysPullWindowsPauseImage() bool
- func (w *WindowsProfile) IsCSIProxyEnabled() bool
- func (w *WindowsProfile) IsWindowsSecureTlsEnabled() bool
- type WorkloadRuntime
Constants ¶
const ( // KubernetesWindowsDockerVersion is the default version for docker on Windows nodes in kubernetes KubernetesWindowsDockerVersion = "20.10.9" // KubernetesDefaultWindowsSku is the default SKU for Windows VMs in kubernetes KubernetesDefaultWindowsSku = "Datacenter-Core-1809-with-Containers-smalldisk" // KubernetesDefaultContainerdWindowsSandboxIsolation is the default containerd handler for windows pods KubernetesDefaultContainerdWindowsSandboxIsolation = "process" )
const ( // AvailabilitySet means that the vms are in an availability set AvailabilitySet = "AvailabilitySet" // DefaultOrchestratorName specifies the 3 character orchestrator code of the cluster template and affects resource naming. DefaultOrchestratorName = "k8s" // DefaultHostedProfileMasterName specifies the 3 character orchestrator code of the clusters with hosted master profiles. DefaultHostedProfileMasterName = "aks" // DefaultSubnetNameResourceSegmentIndex specifies the default subnet name resource segment index. DefaultSubnetNameResourceSegmentIndex = 10 // DefaultVnetResourceGroupSegmentIndex specifies the default virtual network resource segment index. DefaultVnetResourceGroupSegmentIndex = 4 // DefaultVnetNameResourceSegmentIndex specifies the default virtual network name segment index. DefaultVnetNameResourceSegmentIndex = 8 // VirtualMachineScaleSets means that the vms are in a virtual machine scaleset VirtualMachineScaleSets = "VirtualMachineScaleSets" // ScaleSetPrioritySpot means the ScaleSet will use Spot VMs ScaleSetPrioritySpot = "Spot" )
Availability profiles
const ( Docker = "docker" KataContainers = "kata-containers" Containerd = "containerd" )
Supported container runtimes
const ( // NetworkPluginAzure is the string expression for Azure CNI plugin. NetworkPluginAzure = "azure" // NetworkPluginNone is the string expression for no CNI plugin. NetworkPluginNone = "none" // VMSSVMType is the string const for the vmss VM Type VMSSVMType = "vmss" // StandardVMType is the string const for the standard VM Type StandardVMType = "standard" )
const ( // DefaultEnableCSIProxyWindows determines if CSI proxy should be enabled by default for Windows nodes DefaultEnableCSIProxyWindows = false // DefaultWindowsSSHEnabled is the default windowsProfile.sshEnabled value DefaultWindowsSSHEnabled = true // DefaultWindowsSecureTlsEnabled is the default windowsProfile.WindowsSecureTlsEnabled value DefaultWindowsSecureTlsEnabled = false )
const ( // AzurePublicCloud is a const string reference identifier for public cloud AzurePublicCloud = "AzurePublicCloud" // AzureChinaCloud is a const string reference identifier for china cloud AzureChinaCloud = "AzureChinaCloud" // AzureGermanCloud is a const string reference identifier for german cloud AzureGermanCloud = "AzureGermanCloud" // AzureUSGovernmentCloud is a const string reference identifier for us government cloud AzureUSGovernmentCloud = "AzureUSGovernmentCloud" // AzureStackCloud is a const string reference identifier for Azure Stack cloud AzureStackCloud = "AzureStackCloud" )
const ( // KubernetesDefaultRelease is the default Kubernetes release KubernetesDefaultRelease string = "1.13" // KubernetesDefaultReleaseWindows is the default Kubernetes release KubernetesDefaultReleaseWindows string = "1.14" )
const ( // IPMASQAgentAddonName is the name of the ip masq agent addon IPMASQAgentAddonName = "ip-masq-agent" // AADPodIdentityAddonName is the name of the aad-pod-identity addon deployment AADPodIdentityAddonName = "aad-pod-identity" )
Addon name consts
const ( AzurePublicCloudSigTenantID string = "33e01921-4d64-4f8c-a055-5bdaffd5e33d" // AME Tenant AzurePublicCloudSigSubscription string = "109a5e88-712a-48ae-9078-9ca8b3c81345" // AKS VHD )
const ( AKSWindowsGalleryName string = "AKSWindows" AKSWindowsResourceGroup string = "AKS-Windows" AKSUbuntuGalleryName string = "AKSUbuntu" AKSUbuntuResourceGroup string = "AKS-Ubuntu" AKSCBLMarinerGalleryName string = "AKSCBLMariner" AKSCBLMarinerResourceGroup string = "AKS-CBLMariner" )
SIG const
const ( LinuxSIGImageVersion string = "2022.04.19" Windows2019SIGImageVersion string = "17763.2803.220413" Windows2022SIGImageVersion string = "20348.681.220426" // will not do weekly vhd release as amd64 when ARM64 Compute/AKS is still under development Arm64LinuxSIGImageVersion string = "2022.04.18" )
const (
// AzureADIdentitySystem is a const string reference identifier for Azure AD identity System
AzureADIdentitySystem = "azure_ad"
)
const (
ContainerDataDirKey = "dataDir"
)
Known container runtime configuration keys
const ( // Kubernetes is the string constant for the Kubernetes orchestrator type Kubernetes string = "Kubernetes" )
the orchestrators supported by vlabs
const (
// ManagedDisks means that the nodes use managed disks for their os and attached volumes
ManagedDisks = "ManagedDisks"
)
storage profiles
const ( // TempDiskContainerDataDir is the path used to mount docker images, emptyDir volumes, and kubelet data // when KubeletDiskType == TempDisk. TempDiskContainerDataDir = "/mnt/aks/containers" )
Variables ¶
var ( Ubuntu1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "UbuntuServer", ImageSku: "16.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } Ubuntu1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "UbuntuServer", ImageSku: "18.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } Ubuntu1804Gen2OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1804-gen2-2022-q1", ImagePublisher: "microsoft-aks", ImageVersion: "2022.02.01", } RHELOSImageConfig = AzureOSImageConfig{ ImageOffer: "RHEL", ImageSku: "7.3", ImagePublisher: "RedHat", ImageVersion: "latest", } AKSUbuntu1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1604-2021-q3", ImagePublisher: "microsoft-aks", ImageVersion: "2021.11.06", } AKSUbuntu1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1804-2022-q1", ImagePublisher: "microsoft-aks", ImageVersion: "2022.02.01", } AKSWindowsServer2019OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-windows", ImageSku: "aks-2019-datacenter-core-smalldisk-2107", ImagePublisher: "microsoft-aks", ImageVersion: "17763.2061.210714", } ACC1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "confidential-compute-preview", ImageSku: "16.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } AKSUbuntuContainerd1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-aez", ImageSku: "aks-ubuntu-containerd-1804-2021-q2", ImagePublisher: "microsoft-aks", ImageVersion: "2021.04.27", } AKSUbuntuContainerd1804Gen2OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-aez", ImageSku: "aks-ubuntu-containerd-1804-gen2-2021-q2", ImagePublisher: "microsoft-aks", ImageVersion: "2021.05.01", } AzureCloudToOSImageMap = map[string]map[Distro]AzureOSImageConfig{ AzureChinaCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzureGermanCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: Ubuntu1604OSImageConfig, AKS1604Deprecated: Ubuntu1604OSImageConfig, AKSUbuntu1804: Ubuntu1604OSImageConfig, AKS1804Deprecated: Ubuntu1604OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzureUSGovernmentCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzurePublicCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSUbuntuContainerd1804: AKSUbuntuContainerd1804OSImageConfig, AKSUbuntuContainerd1804Gen2: AKSUbuntuContainerd1804Gen2OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, } )
var ( SIGUbuntu1604ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1604", Version: "2021.11.06", } SIGUbuntu1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804", Version: LinuxSIGImageVersion, } SIGUbuntu1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2", Version: LinuxSIGImageVersion, } SIGUbuntuGPU1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gpu", Version: LinuxSIGImageVersion, } SIGUbuntuGPU1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2gpu", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804containerd", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2containerd", Version: LinuxSIGImageVersion, } SIGUbuntuGPUContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuGPUContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2gpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804fipscontainerd", Version: LinuxSIGImageVersion, } // not a typo, this image was generated on 2021.05.20 UTC and assigned this version SIGUbuntuFipsContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2fipscontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsGPUContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804fipsgpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsGPUContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2fipsgpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuArm64Containerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2arm64containerd", Version: Arm64LinuxSIGImageVersion, } SIGCBLMarinerV1ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V1", Version: LinuxSIGImageVersion, } SIGWindows2019ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2019", Version: Windows2019SIGImageVersion, } SIGWindows2019ContainerdImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2019-containerd", Version: Windows2019SIGImageVersion, } SIGWindows2022ContainerdImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2022-containerd", Version: Windows2022SIGImageVersion, } )
SIG config Template
var AKSDistrosAvailableOnVHD []Distro = []Distro{ AKSUbuntu1604, AKSUbuntu1804, AKSUbuntu1804Gen2, AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSCBLMarinerV1, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsGPUContainerd1804, AKSUbuntuFipsGPUContainerd1804Gen2, AKSUbuntuArm64Containerd1804Gen2, }
var AllKubernetesSupportedVersions = map[string]bool{}/* 180 elements not displayed */
AllKubernetesSupportedVersions is a whitelist map of all supported Kubernetes version strings The bool value indicates if creating new clusters with this version is allowed
var AllKubernetesWindowsSupportedVersions = getAllKubernetesWindowsSupportedVersionsMap()
AllKubernetesWindowsSupportedVersions maintain a set of available k8s Windows versions in aks-engine
var AvailableCBLMarinerDistros []Distro = []Distro{ AKSCBLMarinerV1, }
var AvailableContainerdDistros []Distro = []Distro{ AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsGPUContainerd1804, AKSUbuntuFipsGPUContainerd1804Gen2, AKSCBLMarinerV1, AKSUbuntuArm64Containerd1804Gen2, }
var AvailableGPUDistros []Distro = []Distro{ AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsGPUContainerd1804, AKSUbuntuFipsGPUContainerd1804Gen2, }
var AvailableGen2Distros []Distro = []Distro{ AKSUbuntu1804Gen2, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsGPUContainerd1804Gen2, AKSUbuntuArm64Containerd1804Gen2, }
var AvailableUbuntu1804Distros []Distro = []Distro{ AKSUbuntu1804, AKSUbuntu1804Gen2, AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsGPUContainerd1804, AKSUbuntuFipsGPUContainerd1804Gen2, AKSUbuntuArm64Containerd1804Gen2, }
var AvailableWindowsPIRDistros []Distro = []Distro{ AKSWindows2019PIR, }
var AvailableWindowsSIGDistros []Distro = []Distro{ AKSWindows2019, AKSWindows2019Containerd, AKSWindows2022Containerd, CustomizedWindowsOSImage, }
var ( AzurePublicCloudSpecForTest = &AzureEnvironmentSpecConfig{ CloudName: "AzurePublicCloud", DockerSpecConfig: DockerSpecConfig{ DockerEngineRepo: "https://aptdocker.azureedge.net/repo", DockerComposeDownloadURL: "https://github.com/docker/compose/releases/download", }, KubernetesSpecConfig: KubernetesSpecConfig{ KubernetesImageBase: "k8s.gcr.io/", TillerImageBase: "gcr.io/kubernetes-helm/", ACIConnectorImageBase: "microsoft/", NVIDIAImageBase: "nvidia/", CalicoImageBase: "calico/", AzureCNIImageBase: "mcr.microsoft.com/containernetworking/", MCRKubernetesImageBase: "mcr.microsoft.com/", KubeBinariesSASURLBase: "https://acs-mirror.azureedge.net/kubernetes/", WindowsTelemetryGUID: "fb801154-36b9-41bc-89c2-f4d4f05472b0", CNIPluginsDownloadURL: "https://acs-mirror.azureedge.net/cni/cni-plugins-amd64-v0.7.6.tgz", VnetCNILinuxPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.1.3/binaries/azure-vnet-cni-linux-amd64-v1.1.3.tgz", VnetCNIWindowsPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.1.3/binaries/azure-vnet-cni-singletenancy-windows-amd64-v1.1.3.zip", ContainerdDownloadURLBase: "https://storage.googleapis.com/cri-containerd-release/", CSIProxyDownloadURL: "https://acs-mirror.azureedge.net/csi-proxy/v0.1.0/binaries/csi-proxy.tar.gz", WindowsProvisioningScriptsPackageURL: "https://acs-mirror.azureedge.net/aks-engine/windows/provisioning/signedscripts-v0.2.2.zip", WindowsPauseImageURL: "mcr.microsoft.com/oss/kubernetes/pause:1.4.0", AlwaysPullWindowsPauseImage: false, CseScriptsPackageURL: "https://acs-mirror.azureedge.net/aks/windows/cse/csescripts-v0.0.1.zip", CNIARM64PluginsDownloadURL: "https://acs-mirror.azureedge.net/cni-plugins/v0.8.7/binaries/cni-plugins-linux-arm64-v0.8.7.tgz", VnetCNIARM64LinuxPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.4.13/binaries/azure-vnet-cni-linux-arm64-v1.4.14.tgz", }, EndpointConfig: AzureEndpointConfig{ ResourceManagerVMDNSSuffix: "cloudapp.azure.com", }, } )
Functions ¶
func FormatProdFQDNByLocation ¶
func FormatProdFQDNByLocation(fqdnPrefix string, location string, cloudSpecConfig *AzureEnvironmentSpecConfig) string
FormatProdFQDNByLocation constructs an Azure prod fqdn with custom cloud profile CustomCloudName is name of environment if customCloudProfile is provided, it will be empty string if customCloudProfile is empty. Because customCloudProfile is empty for deployment for AzurePublicCloud, AzureChinaCloud,AzureGermanCloud,AzureUSGovernmentCloud, The customCloudName value will be empty string for those clouds
func GetAllSupportedKubernetesVersions ¶
GetAllSupportedKubernetesVersions returns a slice of all supported Kubernetes versions
func GetCloudTargetEnv ¶
func GetDefaultKubernetesVersion ¶
GetDefaultKubernetesVersion returns the default Kubernetes version, that is the latest patch of the default release
func GetLatestPatchVersion ¶
GetLatestPatchVersion gets the most recent patch version from a list of semver versions given a major.minor string
func GetMaxVersion ¶
GetMaxVersion gets the highest semver version preRelease=true means accept a pre-release version as a max value
func GetMinVersion ¶
GetMinVersion gets the lowest semver version preRelease=true means accept a pre-release version as a min value
func GetOrderedEscapedKeyValsString ¶
GetOrderedEscapedKeyValsString returns an ordered string of escaped, quoted key=val
func GetStorageAccountType ¶
GetStorageAccountType returns the support managed disk storage tier for a give VM size
func GetSupportedKubernetesVersion ¶
GetSupportedKubernetesVersion verifies that a passed-in version string is supported, or returns a default version string if not
func GetSupportedVersions ¶
func GetSupportedVersions(orchType string, isUpdate, hasWindows bool) (versions []string, defaultVersion string)
GetSupportedVersions get supported version list for a certain orchestrator
func GetValidPatchVersion ¶
GetValidPatchVersion gets the current valid patch version for the minor version of the passed in version
func GetVersionsBetween ¶
func GetVersionsBetween(versions []string, versionMin, versionMax string, inclusive, preReleases bool) []string
GetVersionsBetween returns a list of versions between a min and max inclusive=true means that we test for equality on both bounds preReleases=true means that we include pre-release versions in the list
func GetVersionsGt ¶
GetVersionsGt returns a list of versions greater than a semver string given a list of versions inclusive=true means that we test for equality as well preReleases=true means that we include pre-release versions in the list
func GetVersionsLt ¶
GetVersionsLt returns a list of versions less than than a semver string given a list of versions inclusive=true means that we test for equality as well preReleases=true means that we include pre-release versions in the list
func IndentString ¶
IndentString pads each line of an original string with N spaces and returns the new value.
func IsKubernetesVersionGe ¶
IsKubernetesVersionGe returns true if actualVersion is greater than or equal to version
func IsSgxEnabledSKU ¶
IsSgxEnabledSKU determines if an VM SKU has SGX driver support
func IsSupportedKubernetesVersion ¶
IsSupportedKubernetesVersion return true if the provided Kubernetes version is supported
func IsValidMinVersion ¶
func RationalizeReleaseAndVersion ¶
func RationalizeReleaseAndVersion(orchType, orchRel, orchVer string, isUpdate, hasWindows bool) (version string)
RationalizeReleaseAndVersion return a version when it can be rationalized from the input, otherwise ""
func SliceIntIsNonEmpty ¶
SliceIntIsNonEmpty is a simple convenience to determine if a []int is non-empty
func ValidateDNSPrefix ¶
ValidateDNSPrefix is a helper function to check that a DNS Prefix is valid
func WrapAsVerbatim ¶
WrapAsVerbatim formats a string for inserting a literal string into an ARM expression
Types ¶
type AADProfile ¶
type AADProfile struct { // The client AAD application ID. ClientAppID string `json:"clientAppID,omitempty"` // The server AAD application ID. ServerAppID string `json:"serverAppID,omitempty"` // The server AAD application secret ServerAppSecret string `json:"serverAppSecret,omitempty" conform:"redact"` // The AAD tenant ID to use for authentication. // If not specified, will use the tenant of the deployment subscription. // Optional TenantID string `json:"tenantID,omitempty"` // The Azure Active Directory Group Object ID that will be assigned the // cluster-admin RBAC role. // Optional AdminGroupID string `json:"adminGroupID,omitempty"` // The authenticator to use, either "oidc" or "webhook". Authenticator AuthenticatorType `json:"authenticator"` }
AADProfile specifies attributes for AAD integration
type AKSKubeletConfiguration ¶
type AKSKubeletConfiguration struct { // Kind is a string value representing the REST resource this object represents. // Servers may infer this from the endpoint the client submits requests to. // Cannot be updated. // In CamelCase. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds // +optional Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` // APIVersion defines the versioned schema of this representation of an object. // Servers should convert recognized schemas to the latest internal value, and // may reject unrecognized values. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources // +optional APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=apiVersion"` // staticPodPath is the path to the directory containing local (static) pods to // run, or the path to a single static pod file. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // the set of static pods specified at the new path may be different than the // ones the Kubelet initially started with, and this may disrupt your node. // Default: "" // +optional StaticPodPath string `json:"staticPodPath,omitempty"` // address is the IP address for the Kubelet to serve on (set to 0.0.0.0 // for all interfaces). // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Default: "0.0.0.0" // +optional Address string `json:"address,omitempty"` // readOnlyPort is the read-only port for the Kubelet to serve on with // no authentication/authorization. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Default: 0 (disabled) // +optional ReadOnlyPort int32 `json:"readOnlyPort,omitempty"` // tlsCertFile is the file containing x509 Certificate for HTTPS. (CA cert, // if any, concatenated after server cert). If tlsCertFile and // tlsPrivateKeyFile are not provided, a self-signed certificate // and key are generated for the public address and saved to the directory // passed to the Kubelet's --cert-dir flag. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Default: "" // +optional TLSCertFile string `json:"tlsCertFile,omitempty"` // tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Default: "" // +optional TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty"` // TLSCipherSuites is the list of allowed cipher suites for the server. // Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Default: nil // +optional TLSCipherSuites []string `json:"tlsCipherSuites,omitempty"` // rotateCertificates enables client certificate rotation. The Kubelet will request a // new certificate from the certificates.k8s.io API. This requires an approver to approve the // certificate signing requests. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // disabling it may disrupt the Kubelet's ability to authenticate with the API server // after the current certificate expires. // Default: false // +optional RotateCertificates bool `json:"rotateCertificates,omitempty"` // authentication specifies how requests to the Kubelet's server are authenticated // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Defaults: // anonymous: // enabled: false // webhook: // enabled: true // cacheTTL: "2m" // +optional Authentication KubeletAuthentication `json:"authentication"` // authorization specifies how requests to the Kubelet's server are authorized // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may disrupt components that interact with the Kubelet server. // Defaults: // mode: Webhook // webhook: // cacheAuthorizedTTL: "5m" // cacheUnauthorizedTTL: "30s" // +optional Authorization KubeletAuthorization `json:"authorization"` // eventRecordQPS is the maximum event creations per second. If 0, there // is no limit enforced. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may impact scalability by changing the amount of traffic produced by // event creations. // Default: 5 // +optional EventRecordQPS *int32 `json:"eventRecordQPS,omitempty"` // clusterDomain is the DNS domain for this cluster. If set, kubelet will // configure all containers to search this domain in addition to the // host's search domains. // Dynamic Kubelet Config (beta): Dynamically updating this field is not recommended, // as it should be kept in sync with the rest of the cluster. // Default: "" // +optional ClusterDomain string `json:"clusterDomain,omitempty"` // clusterDNS is a list of IP addresses for the cluster DNS server. If set, // kubelet will configure all containers to use this for DNS resolution // instead of the host's DNS servers. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // changes will only take effect on Pods created after the update. Draining // the node is recommended before changing this field. // Default: nil // +optional ClusterDNS []string `json:"clusterDNS,omitempty"` // streamingConnectionIdleTimeout is the maximum time a streaming connection // can be idle before the connection is automatically closed. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may impact components that rely on infrequent updates over streaming // connections to the Kubelet server. // Default: "4h" // +optional StreamingConnectionIdleTimeout Duration `json:"streamingConnectionIdleTimeout,omitempty"` // nodeStatusUpdateFrequency is the frequency that kubelet computes node // status. If node lease feature is not enabled, it is also the frequency that // kubelet posts node status to master. // Note: When node lease feature is not enabled, be cautious when changing the // constant, it must work with nodeMonitorGracePeriod in nodecontroller. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may impact node scalability, and also that the node controller's // nodeMonitorGracePeriod must be set to N*NodeStatusUpdateFrequency, // where N is the number of retries before the node controller marks // the node unhealthy. // Default: "10s" // +optional NodeStatusUpdateFrequency Duration `json:"nodeStatusUpdateFrequency,omitempty"` // imageGCHighThresholdPercent is the percent of disk usage after which // image garbage collection is always run. The percent is calculated as // this field value out of 100. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may trigger or delay garbage collection, and may change the image overhead // on the node. // Default: 85 // +optional ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty"` // imageGCLowThresholdPercent is the percent of disk usage before which // image garbage collection is never run. Lowest disk usage to garbage // collect to. The percent is calculated as this field value out of 100. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may trigger or delay garbage collection, and may change the image overhead // on the node. // Default: 80 // +optional ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty"` // Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes // And all Burstable and BestEffort pods are brought up under their // specific top level QoS cgroup. // Dynamic Kubelet Config (beta): This field should not be updated without a full node // reboot. It is safest to keep this value the same as the local config. // Default: true // +optional CgroupsPerQOS *bool `json:"cgroupsPerQOS,omitempty"` // CPUManagerPolicy is the name of the policy to use. // Requires the CPUManager feature gate to be enabled. // Dynamic Kubelet Config (beta): This field should not be updated without a full node // reboot. It is safest to keep this value the same as the local config. // Default: "none" // +optional CPUManagerPolicy string `json:"cpuManagerPolicy,omitempty"` // TopologyManagerPolicy is the name of the policy to use. // Policies other than "none" require the TopologyManager feature gate to be enabled. // Dynamic Kubelet Config (beta): This field should not be updated without a full node // reboot. It is safest to keep this value the same as the local config. // Default: "none" // +optional TopologyManagerPolicy string `json:"topologyManagerPolicy,omitempty"` // maxPods is the number of pods that can run on this Kubelet. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // changes may cause Pods to fail admission on Kubelet restart, and may change // the value reported in Node.Status.Capacity[v1.ResourcePods], thus affecting // future scheduling decisions. Increasing this value may also decrease performance, // as more Pods can be packed into a single node. // Default: 110 // +optional MaxPods int32 `json:"maxPods,omitempty"` // PodPidsLimit is the maximum number of pids in any pod. // Requires the SupportPodPidsLimit feature gate to be enabled. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // lowering it may prevent container processes from forking after the change. // Default: -1 // +optional PodPidsLimit *int64 `json:"podPidsLimit,omitempty"` // ResolverConfig is the resolver configuration file used as the basis // for the container DNS resolution configuration. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // changes will only take effect on Pods created after the update. Draining // the node is recommended before changing this field. // Default: "/etc/resolv.conf" // +optional ResolverConfig string `json:"resolvConf,omitempty"` // cpuCFSQuota enables CPU CFS quota enforcement for containers that // specify CPU limits. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // disabling it may reduce node stability. // Default: true // +optional CPUCFSQuota *bool `json:"cpuCFSQuota,omitempty"` // CPUCFSQuotaPeriod is the CPU CFS quota period value, cpu.cfs_period_us. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // limits set for containers will result in different cpu.cfs_quota settings. This // will trigger container restarts on the node being reconfigured. // Default: "100ms" // +optional CPUCFSQuotaPeriod Duration `json:"cpuCFSQuotaPeriod,omitempty"` // Map of signal names to quantities that defines hard eviction thresholds. For example: {"memory.available": "300Mi"}. // To explicitly disable, pass a 0% or 100% threshold on an arbitrary resource. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may trigger or delay Pod evictions. // Default: // memory.available: "100Mi" // nodefs.available: "10%" // nodefs.inodesFree: "5%" // imagefs.available: "15%" // +optional EvictionHard map[string]string `json:"evictionHard,omitempty"` // protectKernelDefaults, if true, causes the Kubelet to error if kernel // flags are not as it expects. Otherwise the Kubelet will attempt to modify // kernel flags to match its expectation. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // enabling it may cause the Kubelet to crash-loop if the Kernel is not configured as // Kubelet expects. // Default: false // +optional ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"` // featureGates is a map of feature names to bools that enable or disable alpha/experimental // features. This field modifies piecemeal the built-in default values from // "k8s.io/kubernetes/pkg/features/kube_features.go". // Dynamic Kubelet Config (beta): If dynamically updating this field, consider the // documentation for the features you are enabling or disabling. While we // encourage feature developers to make it possible to dynamically enable // and disable features, some changes may require node reboots, and some // features may require careful coordination to retroactively disable. // Default: nil // +optional FeatureGates map[string]bool `json:"featureGates,omitempty"` // failSwapOn tells the Kubelet to fail to start if swap is enabled on the node. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // setting it to true will cause the Kubelet to crash-loop if swap is enabled. // Default: true // +optional FailSwapOn *bool `json:"failSwapOn,omitempty"` // A quantity defines the maximum size of the container log file before it is rotated. // For example: "5Mi" or "256Ki". // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may trigger log rotation. // Default: "10Mi" // +optional ContainerLogMaxSize string `json:"containerLogMaxSize,omitempty"` // Maximum number of container log files that can be present for a container. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // lowering it may cause log files to be deleted. // Default: 5 // +optional ContainerLogMaxFiles *int32 `json:"containerLogMaxFiles,omitempty"` // systemReserved is a set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) // pairs that describe resources reserved for non-kubernetes components. // Currently only cpu and memory are supported. // See http://kubernetes.io/docs/user-guide/compute-resources for more detail. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may not be possible to increase the reserved resources, because this // requires resizing cgroups. Always look for a NodeAllocatableEnforced event // after updating this field to ensure that the update was successful. // Default: nil // +optional SystemReserved map[string]string `json:"systemReserved,omitempty"` // A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs // that describe resources reserved for kubernetes system components. // Currently cpu, memory and local storage for root file system are supported. // See http://kubernetes.io/docs/user-guide/compute-resources for more detail. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // it may not be possible to increase the reserved resources, because this // requires resizing cgroups. Always look for a NodeAllocatableEnforced event // after updating this field to ensure that the update was successful. // Default: nil // +optional KubeReserved map[string]string `json:"kubeReserved,omitempty"` // This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform. // This flag accepts a list of options. Acceptable options are `none`, `pods`, `system-reserved` & `kube-reserved`. // If `none` is specified, no other options may be specified. // Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. // Dynamic Kubelet Config (beta): If dynamically updating this field, consider that // removing enforcements may reduce the stability of the node. Alternatively, adding // enforcements may reduce the stability of components which were using more than // the reserved amount of resources; for example, enforcing kube-reserved may cause // Kubelets to OOM if it uses more than the reserved resources, and enforcing system-reserved // may cause system daemons to OOM if they use more than the reserved resources. // Default: ["pods"] // +optional EnforceNodeAllocatable []string `json:"enforceNodeAllocatable,omitempty"` // A comma separated whitelist of unsafe sysctls or sysctl patterns (ending in *). // Unsafe sysctl groups are kernel.shm*, kernel.msg*, kernel.sem, fs.mqueue.*, and net.*. // These sysctls are namespaced but not allowed by default. For example: "kernel.msg*,net.ipv4.route.min_pmtu" // Default: [] // +optional AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty"` }
AKSKubeletConfiguration contains the configuration for the Kubelet that AKS set this is a subset of KubeletConfiguration defined in https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/kubelet/config/v1beta1/types.go changed metav1.Duration to Duration and pointers to values to simplify translation
type AddonNodePoolsConfig ¶
type AddonNodePoolsConfig struct { Name string `json:"name,omitempty"` Config map[string]string `json:"config,omitempty"` }
AddonNodePoolsConfig defines configuration for pool-specific cluster-autoscaler configuration
type AddonProfile ¶
type AddonProfile struct { Enabled bool `json:"enabled"` Config map[string]string `json:"config"` // Identity contains information of the identity associated with this addon. // This property will only appear in an MSI-enabled cluster. Identity *UserAssignedIdentity `json:"identity,omitempty"` }
AddonProfile represents an addon for managed cluster
type AgentPoolProfile ¶
type AgentPoolProfile struct { Name string `json:"name"` VMSize string `json:"vmSize"` KubeletDiskType KubeletDiskType `json:"kubeletDiskType,omitempty"` WorkloadRuntime WorkloadRuntime `json:"workloadRuntime,omitempty"` DNSPrefix string `json:"dnsPrefix,omitempty"` OSType OSType `json:"osType,omitempty"` Ports []int `json:"ports,omitempty"` AvailabilityProfile string `json:"availabilityProfile"` StorageProfile string `json:"storageProfile,omitempty"` VnetSubnetID string `json:"vnetSubnetID,omitempty"` Distro Distro `json:"distro,omitempty"` CustomNodeLabels map[string]string `json:"customNodeLabels,omitempty"` PreprovisionExtension *Extension `json:"preProvisionExtension"` KubernetesConfig *KubernetesConfig `json:"kubernetesConfig,omitempty"` VnetCidrs []string `json:"vnetCidrs,omitempty"` WindowsNameVersion string `json:"windowsNameVersion,omitempty"` CustomKubeletConfig *CustomKubeletConfig `json:"customKubeletConfig,omitempty"` CustomLinuxOSConfig *CustomLinuxOSConfig `json:"customLinuxOSConfig,omitempty"` MessageOfTheDay string `json:"messageOfTheDay,omitempty"` }
AgentPoolProfile represents an agent pool definition
func (*AgentPoolProfile) GetKubernetesLabels ¶
func (a *AgentPoolProfile) GetKubernetesLabels(rg string, deprecated bool, nvidiaEnabled bool, fipsEnabled bool, osSku string) string
GetKubernetesLabels returns a k8s API-compliant labels string for nodes in this profile
func (*AgentPoolProfile) IsAvailabilitySets ¶
func (a *AgentPoolProfile) IsAvailabilitySets() bool
IsAvailabilitySets returns true if the customer specified disks
func (*AgentPoolProfile) IsCustomVNET ¶
func (a *AgentPoolProfile) IsCustomVNET() bool
IsCustomVNET returns true if the customer brought their own VNET
func (*AgentPoolProfile) IsVHDDistro ¶
func (a *AgentPoolProfile) IsVHDDistro() bool
IsVHDDistro returns true if the distro uses VHD SKUs
func (*AgentPoolProfile) IsVirtualMachineScaleSets ¶
func (a *AgentPoolProfile) IsVirtualMachineScaleSets() bool
IsVirtualMachineScaleSets returns true if the agent pool availability profile is VMSS
func (*AgentPoolProfile) IsWindows ¶
func (a *AgentPoolProfile) IsWindows() bool
IsWindows returns true if the agent pool is windows
type AuthenticatorType ¶
type AuthenticatorType string
AuthenticatorType represents the authenticator type the cluster was set up with.
const ( // OIDC represent cluster setup in OIDC auth mode OIDC AuthenticatorType = "oidc" // Webhook represent cluster setup in wehhook auth mode Webhook AuthenticatorType = "webhook" )
type AzureEndpointConfig ¶
type AzureEndpointConfig struct {
ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix,omitempty"`
}
AzureEndpointConfig describes an Azure endpoint
type AzureEnvironmentSpecConfig ¶
type AzureEnvironmentSpecConfig struct { CloudName string `json:"cloudName,omitempty"` DockerSpecConfig DockerSpecConfig `json:"dockerSpecConfig,omitempty"` KubernetesSpecConfig KubernetesSpecConfig `json:"kubernetesSpecConfig,omitempty"` EndpointConfig AzureEndpointConfig `json:"endpointConfig,omitempty"` OSImageConfig map[Distro]AzureOSImageConfig `json:"osImageConfig,omitempty"` }
AzureEnvironmentSpecConfig is the overall configuration differences in different cloud environments.
type AzureOSImageConfig ¶
type AzureOSImageConfig struct { ImageOffer string `json:"imageOffer,omitempty"` ImageSku string `json:"imageSku,omitempty"` ImagePublisher string `json:"imagePublisher,omitempty"` ImageVersion string `json:"imageVersion,omitempty"` }
AzureOSImageConfig describes an Azure OS image
type CSEStatus ¶
type CSEStatus struct { // ExitCode stores the exitCode from CSE output. ExitCode string `json:"exitCode,omitempty"` // Output stores the output from CSE output. Output string `json:"output,omitempty"` // Error stores the error from CSE output. Error string `json:"error,omitempty"` // ExecDuration stores the execDuration in seconds from CSE output. ExecDuration string `json:"execDuration,omitempty"` // KernelStartTime of current boot, output from systemctl show -p KernelTimestamp KernelStartTime string `json:"kernelStartTime,omitempty"` // SystemdSummary of current boot, output from systemd-analyze SystemdSummary string `json:"systemdSummary,omitempty"` // CSEStartTime indicate starttime of CSE CSEStartTime string `json:"cseStartTime,omitempty"` // GuestAgentStartTime indicate starttime of GuestAgent, output from systemctl show walinuxagent.service -p ExecMainStartTimestamp GuestAgentStartTime string `json:"guestAgentStartTime,omitempty"` // BootDatapoints contains datapoints (key-value pair) from VM boot process. BootDatapoints map[string]string `json:"bootDatapoints,omitempty"` }
type CSEStatusParsingError ¶
type CSEStatusParsingError struct { Code CSEStatusParsingErrorCode Message string }
func NewError ¶
func NewError(code CSEStatusParsingErrorCode, message string) *CSEStatusParsingError
func (*CSEStatusParsingError) Error ¶
func (err *CSEStatusParsingError) Error() string
type CSEStatusParsingErrorCode ¶
type CSEStatusParsingErrorCode string
const ( // CSEMessageUnmarshalError is the error code for unmarshal cse message CSEMessageUnmarshalError CSEStatusParsingErrorCode = "CSEMessageUnmarshalError" // CSEMessageExitCodeEmptyError is the error code for empty cse message exit code CSEMessageExitCodeEmptyError CSEStatusParsingErrorCode = "CSEMessageExitCodeEmptyError" // InvalidCSEMessage is the error code for cse invalid message InvalidCSEMessage CSEStatusParsingErrorCode = "InvalidCSEMessage" )
type CertificateProfile ¶
type CertificateProfile struct { // CaCertificate is the certificate authority certificate. CaCertificate string `json:"caCertificate,omitempty" conform:"redact"` // ApiServerCertificate is the rest api server certificate, and signed by the CA APIServerCertificate string `json:"apiServerCertificate,omitempty" conform:"redact"` // ClientCertificate is the certificate used by the client kubelet services and signed by the CA ClientCertificate string `json:"clientCertificate,omitempty" conform:"redact"` // ClientPrivateKey is the private key used by the client kubelet services and signed by the CA ClientPrivateKey string `json:"clientPrivateKey,omitempty" conform:"redact"` // KubeConfigCertificate is the client certificate used for kubectl cli and signed by the CA KubeConfigCertificate string `json:"kubeConfigCertificate,omitempty" conform:"redact"` // KubeConfigPrivateKey is the client private key used for kubectl cli and signed by the CA KubeConfigPrivateKey string `json:"kubeConfigPrivateKey,omitempty" conform:"redact"` }
CertificateProfile represents the definition of the master cluster
type ComponentConfiguration ¶ added in v0.22222.0
type ContainerService ¶
type ContainerService struct { ID string `json:"id"` Location string `json:"location"` Name string `json:"name"` Plan *ResourcePurchasePlan `json:"plan,omitempty"` Tags map[string]string `json:"tags"` Type string `json:"type"` Properties *Properties `json:"properties,omitempty"` }
ContainerService complies with the ARM model of resource definition in a JSON template.
func CreateMockContainerService ¶
func CreateMockContainerService(containerServiceName, orchestratorVersion string, masterCount, agentCount int, certs bool) *ContainerService
CreateMockContainerService returns a mock container service for testing purposes
func (*ContainerService) GetLocations ¶
func (cs *ContainerService) GetLocations() []string
GetLocations returns all supported regions. If AzurePublicCloud, AzureChinaCloud,AzureGermanCloud or AzureUSGovernmentCloud, GetLocations provides all azure regions in prod.
func (*ContainerService) IsAKSCustomCloud ¶
func (cs *ContainerService) IsAKSCustomCloud() bool
IsAKSCustomCloud checks if it's in AKS custom cloud
type ContainerdWindowsRuntimes ¶
type ContainerdWindowsRuntimes struct { DefaultSandboxIsolation string `json:"defaultSandboxIsolation,omitempty"` RuntimeHandlers []RuntimeHandlers `json:"runtimesHandlers,omitempty"` }
ContainerdWindowsRuntimes configures containerd runtimes that are available on the windows nodes
type CustomCloudEnv ¶
type CustomCloudEnv struct { Name string `json:"Name,omitempty"` McrURL string `json:"mcrURL,omitempty"` RepoDepotEndpoint string `json:"repoDepotEndpoint,omitempty"` ManagementPortalURL string `json:"managementPortalURL,omitempty"` PublishSettingsURL string `json:"publishSettingsURL,omitempty"` ServiceManagementEndpoint string `json:"serviceManagementEndpoint,omitempty"` ResourceManagerEndpoint string `json:"resourceManagerEndpoint,omitempty"` ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint,omitempty"` GalleryEndpoint string `json:"galleryEndpoint,omitempty"` KeyVaultEndpoint string `json:"keyVaultEndpoint,omitempty"` GraphEndpoint string `json:"graphEndpoint,omitempty"` ServiceBusEndpoint string `json:"serviceBusEndpoint,omitempty"` BatchManagementEndpoint string `json:"batchManagementEndpoint,omitempty"` StorageEndpointSuffix string `json:"storageEndpointSuffix,omitempty"` SQLDatabaseDNSSuffix string `json:"sqlDatabaseDNSSuffix,omitempty"` TrafficManagerDNSSuffix string `json:"trafficManagerDNSSuffix,omitempty"` KeyVaultDNSSuffix string `json:"keyVaultDNSSuffix,omitempty"` ServiceBusEndpointSuffix string `json:"serviceBusEndpointSuffix,omitempty"` ServiceManagementVMDNSSuffix string `json:"serviceManagementVMDNSSuffix,omitempty"` ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix,omitempty"` ContainerRegistryDNSSuffix string `json:"containerRegistryDNSSuffix,omitempty"` CosmosDBDNSSuffix string `json:"cosmosDBDNSSuffix,omitempty"` TokenAudience string `json:"tokenAudience,omitempty"` ResourceIdentifiers ResourceIdentifiers `json:"resourceIdentifiers,omitempty"` }
CustomCloudEnv represents the custom cloud env info of the AKS cluster.
type CustomConfiguration ¶ added in v0.22222.0
type CustomConfiguration struct {
KubernetesConfigurations map[string]*ComponentConfiguration
}
type CustomFile ¶
type CustomFile struct { Source string `json:"source,omitempty"` Dest string `json:"dest,omitempty"` }
CustomFile has source as the full absolute source path to a file and dest is the full absolute desired destination path to put the file on a master node
type CustomKubeletConfig ¶
type CustomKubeletConfig struct { CPUManagerPolicy string `json:"cpuManagerPolicy,omitempty"` CPUCfsQuota *bool `json:"cpuCfsQuota,omitempty"` CPUCfsQuotaPeriod string `json:"cpuCfsQuotaPeriod,omitempty"` ImageGcHighThreshold *int32 `json:"imageGcHighThreshold,omitempty"` ImageGcLowThreshold *int32 `json:"imageGcLowThreshold,omitempty"` TopologyManagerPolicy string `json:"topologyManagerPolicy,omitempty"` AllowedUnsafeSysctls *[]string `json:"allowedUnsafeSysctls,omitempty"` FailSwapOn *bool `json:"failSwapOn,omitempty"` ContainerLogMaxSizeMB *int32 `json:"containerLogMaxSizeMB,omitempty"` ContainerLogMaxFiles *int32 `json:"containerLogMaxFiles,omitempty"` PodMaxPids *int32 `json:"podMaxPids,omitempty"` }
CustomKubeletConfig represents custom kubelet configurations for agent pool nodes
type CustomLinuxOSConfig ¶
type CustomLinuxOSConfig struct { Sysctls *SysctlConfig `json:"sysctls,omitempty"` TransparentHugePageEnabled string `json:"transparentHugePageEnabled,omitempty"` TransparentHugePageDefrag string `json:"transparentHugePageDefrag,omitempty"` SwapFileSizeMB *int32 `json:"swapFileSizeMB,omitempty"` }
CustomLinuxOSConfig represents custom os configurations for agent pool nodes
type CustomProfile ¶
type CustomProfile struct {
Orchestrator string `json:"orchestrator,omitempty"`
}
CustomProfile specifies custom properties that are used for cluster instantiation. Should not be used by most users.
type CustomSearchDomain ¶
type CustomSearchDomain struct { Name string `json:"name,omitempty"` RealmUser string `json:"realmUser,omitempty"` RealmPassword string `json:"realmPassword,omitempty"` }
CustomSearchDomain represents the Search Domain when the custom vnet has a windows server DNS as a nameserver.
type DiagnosticsProfile ¶
type DiagnosticsProfile struct {
VMDiagnostics *VMDiagnostics `json:"vmDiagnostics"`
}
DiagnosticsProfile setting to enable/disable capturing diagnostics for VMs hosting container cluster.
type Distro ¶
type Distro string
Distro represents Linux distro to use for Linux VMs
const ( Ubuntu Distro = "ubuntu" Ubuntu1804 Distro = "ubuntu-18.04" Ubuntu1804Gen2 Distro = "ubuntu-18.04-gen2" AKSUbuntu1804Gen2 Distro = "ubuntu-18.04-gen2" // same distro as Ubuntu1804Gen2, renamed for clarity AKSUbuntu1604 Distro = "aks-ubuntu-16.04" AKSUbuntu1804 Distro = "aks-ubuntu-18.04" AKSUbuntuGPU1804 Distro = "aks-ubuntu-gpu-18.04" AKSUbuntuGPU1804Gen2 Distro = "aks-ubuntu-gpu-18.04-gen2" AKSUbuntuContainerd1804 Distro = "aks-ubuntu-containerd-18.04" AKSUbuntuContainerd1804Gen2 Distro = "aks-ubuntu-containerd-18.04-gen2" AKSUbuntuGPUContainerd1804 Distro = "aks-ubuntu-gpu-containerd-18.04" AKSUbuntuGPUContainerd1804Gen2 Distro = "aks-ubuntu-gpu-containerd-18.04-gen2" AKSCBLMarinerV1 Distro = "aks-cblmariner-v1" AKSUbuntuFipsContainerd1804 Distro = "aks-ubuntu-fips-containerd-18.04" AKSUbuntuFipsContainerd1804Gen2 Distro = "aks-ubuntu-fips-containerd-18.04-gen2" AKSUbuntuFipsGPUContainerd1804 Distro = "aks-ubuntu-fips-gpu-containerd-18.04" AKSUbuntuFipsGPUContainerd1804Gen2 Distro = "aks-ubuntu-fips-gpu-containerd-18.04-gen2" AKSUbuntuArm64Containerd1804Gen2 Distro = "aks-ubuntu-arm64-containerd-18.04-gen2" RHEL Distro = "rhel" CoreOS Distro = "coreos" AKS1604Deprecated Distro = "aks" // deprecated AKS 16.04 distro. Equivalent to aks-ubuntu-16.04. AKS1804Deprecated Distro = "aks-1804" // deprecated AKS 18.04 distro. Equivalent to aks-ubuntu-18.04. // Windows string const // AKSWindows2019 stands for distro of windows server 2019 SIG image with docker AKSWindows2019 Distro = "aks-windows-2019" // AKSWindows2019Containerd stands for distro for windows server 2019 SIG image with containerd AKSWindows2019Containerd Distro = "aks-windows-2019-containerd" // AKSWindows2022Containerd stands for distro for windows server 2022 SIG image with containerd AKSWindows2022Containerd Distro = "aks-windows-2022-containerd" // AKSWindows2019PIR stands for distro of windows server 2019 PIR image with docker AKSWindows2019PIR Distro = "aks-windows-2019-pir" CustomizedImage Distro = "CustomizedImage" CustomizedWindowsOSImage Distro = "CustomizedWindowsOSImage" // USNatCloud is a const string reference identifier for USNat USNatCloud = "USNatCloud" // USSecCloud is a const string reference identifier for USSec USSecCloud = "USSecCloud" )
Distro string consts
func (Distro) IsCBLMarinerDistro ¶
func (Distro) IsContainerdDistro ¶
IsContainerdSKU returns true if distro type is containerd-enabled
func (Distro) IsGPUDistro ¶
func (Distro) IsGen2Distro ¶
func (Distro) IsVHDDistro ¶
func (Distro) IsWindowsPIRDistro ¶
func (Distro) IsWindowsSIGDistro ¶
type DockerSpecConfig ¶
type DockerSpecConfig struct { DockerEngineRepo string `json:"dockerEngineRepo,omitempty"` DockerComposeDownloadURL string `json:"dockerComposeDownloadURL,omitempty"` }
DockerSpecConfig is the configurations of docker
type Extension ¶
type Extension struct { Name string `json:"name"` SingleOrAll string `json:"singleOrAll"` Template string `json:"template"` }
Extension represents an extension definition in the master or agentPoolProfile
type ExtensionProfile ¶
type ExtensionProfile struct { Name string `json:"name"` Version string `json:"version"` ExtensionParameters string `json:"extensionParameters,omitempty"` ExtensionParametersKeyVaultRef *KeyvaultSecretRef `json:"parametersKeyvaultSecretRef,omitempty"` RootURL string `json:"rootURL,omitempty"` // This is only needed for preprovision extensions and it needs to be a bash script Script string `json:"script,omitempty"` URLQuery string `json:"urlQuery,omitempty"` }
ExtensionProfile represents an extension definition
type FeatureFlags ¶
type FeatureFlags struct { EnableCSERunInBackground bool `json:"enableCSERunInBackground,omitempty"` BlockOutboundInternet bool `json:"blockOutboundInternet,omitempty"` EnableIPv6DualStack bool `json:"enableIPv6DualStack,omitempty"` EnableTelemetry bool `json:"enableTelemetry,omitempty"` EnableIPv6Only bool `json:"enableIPv6Only,omitempty"` EnableWinDSR bool `json:"enableWinDSR,omitempty"` }
FeatureFlags defines feature-flag restricted functionality
func (*FeatureFlags) IsFeatureEnabled ¶
func (f *FeatureFlags) IsFeatureEnabled(feature string) bool
IsFeatureEnabled returns true if a feature flag is on for the provided feature
type HTTPProxyConfig ¶
type HTTPProxyConfig struct { HTTPProxy *string `json:"httpProxy,omitempty"` HTTPSProxy *string `json:"httpsProxy,omitempty"` NoProxy *[]string `json:"noProxy,omitempty"` TrustedCA *string `json:"trustedCa,omitempty"` }
HTTPProxyConfig represents configurations of http proxy
type HostedMasterProfile ¶
type HostedMasterProfile struct { // Master public endpoint/FQDN with port // The format will be FQDN:2376 // Not used during PUT, returned as part of GETFQDN FQDN string `json:"fqdn,omitempty"` // IPAddress // if both FQDN and IPAddress are specified, we should use IPAddress IPAddress string `json:"ipAddress,omitempty"` DNSPrefix string `json:"dnsPrefix"` // FQDNSubdomain is used by private cluster without dnsPrefix so they have fixed FQDN FQDNSubdomain string `json:"fqdnSubdomain"` // Subnet holds the CIDR which defines the Azure Subnet in which // Agents will be provisioned. This is stored on the HostedMasterProfile // and will become `masterSubnet` in the compiled template. Subnet string `json:"subnet"` // ApiServerWhiteListRange is a comma delimited CIDR which is whitelisted to AKS APIServerWhiteListRange *string `json:"apiServerWhiteListRange"` IPMasqAgent bool `json:"ipMasqAgent"` }
HostedMasterProfile defines properties for a hosted master
type ImageReference ¶
type ImageReference struct { Name string `json:"name,omitempty"` ResourceGroup string `json:"resourceGroup,omitempty"` SubscriptionID string `json:"subscriptionId,omitempty"` Gallery string `json:"gallery,omitempty"` Version string `json:"version,omitempty"` }
ImageReference represents a reference to an Image resource in Azure.
func (*ImageReference) IsValid ¶
func (i *ImageReference) IsValid() bool
IsValid returns true if ImageRefernce contains at least Name and ResourceGroup
type K8sComponents ¶
type K8sComponents struct { // Full path to the "pause" image. Used for --pod-infra-container-image // For example: "mcr.microsoft.com/oss/kubernetes/pause:1.3.1" PodInfraContainerImageURL string // Full path to the hyperkube image. // For example: "mcr.microsoft.com/hyperkube-amd64:v1.16.13" HyperkubeImageURL string // Full path to the Windows package (windowszip) to use. // For example: https://acs-mirror.azureedge.net/kubernetes/v1.17.8/windowszip/v1.17.8-1int.zip WindowsPackageURL string }
type KeyVaultCertificate ¶
type KeyVaultCertificate struct { CertificateURL string `json:"certificateUrl,omitempty"` CertificateStore string `json:"certificateStore,omitempty"` }
KeyVaultCertificate specifies a certificate to install On Linux, the certificate file is placed under the /var/lib/waagent directory with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for the private key. Both of these files are .pem formatted. On windows the certificate will be saved in the specified store.
type KeyVaultID ¶
type KeyVaultID struct {
ID string `json:"id,omitempty"`
}
KeyVaultID specifies a key vault
type KeyVaultRef ¶
type KeyVaultRef struct { KeyVault KeyVaultID `json:"keyVault"` SecretName string `json:"secretName"` SecretVersion string `json:"secretVersion,omitempty"` }
KeyVaultRef represents a reference to KeyVault instance on Azure
type KeyVaultSecrets ¶
type KeyVaultSecrets struct { SourceVault *KeyVaultID `json:"sourceVault,omitempty"` VaultCertificates []KeyVaultCertificate `json:"vaultCertificates,omitempty"` }
KeyVaultSecrets specifies certificates to install on the pool of machines from a given key vault the key vault specified must have been granted read permissions to CRP
type KeyvaultSecretRef ¶
type KeyvaultSecretRef struct { VaultID string `json:"vaultID"` SecretName string `json:"secretName"` SecretVersion string `json:"version,omitempty"` }
KeyvaultSecretRef specifies path to the Azure keyvault along with secret name and (optionaly) version for Service Principal's secret
type KubeletAnonymousAuthentication ¶
type KubeletAnonymousAuthentication struct { // enabled allows anonymous requests to the kubelet server. // Requests that are not rejected by another authentication method are treated as anonymous requests. // Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated. // +optional Enabled bool `json:"enabled,omitempty"` }
type KubeletAuthentication ¶
type KubeletAuthentication struct { // x509 contains settings related to x509 client certificate authentication // +optional X509 KubeletX509Authentication `json:"x509"` // webhook contains settings related to webhook bearer token authentication // +optional Webhook KubeletWebhookAuthentication `json:"webhook"` // anonymous contains settings related to anonymous authentication // +optional Anonymous KubeletAnonymousAuthentication `json:"anonymous"` }
below are copied from Kubernetes
type KubeletAuthorization ¶
type KubeletAuthorization struct { // mode is the authorization mode to apply to requests to the kubelet server. // Valid values are AlwaysAllow and Webhook. // Webhook mode uses the SubjectAccessReview API to determine authorization. // +optional Mode KubeletAuthorizationMode `json:"mode,omitempty"` // webhook contains settings related to Webhook authorization. // +optional Webhook KubeletWebhookAuthorization `json:"webhook"` }
type KubeletAuthorizationMode ¶
type KubeletAuthorizationMode string
type KubeletDiskType ¶
type KubeletDiskType string
KubeletDiskType describes options for placement of the primary kubelet partition, docker images, emptyDir volumes, and pod logs.
const ( // OSDisk indicates data wil be shared with the OS. OSDisk KubeletDiskType = "OS" // TempDisk indicates date will be isolated on the temporary disk. TempDisk KubeletDiskType = "Temporary" )
type KubeletWebhookAuthentication ¶
type KubeletWebhookAuthentication struct { // enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API // +optional Enabled bool `json:"enabled,omitempty"` // cacheTTL enables caching of authentication results // +optional CacheTTL Duration `json:"cacheTTL,omitempty"` }
type KubeletWebhookAuthorization ¶
type KubeletWebhookAuthorization struct { // cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer. // +optional CacheAuthorizedTTL Duration `json:"cacheAuthorizedTTL,omitempty"` // +optional CacheUnauthorizedTTL Duration `json:"cacheUnauthorizedTTL,omitempty"` }
type KubeletX509Authentication ¶
type KubeletX509Authentication struct { // clientCAFile is the path to a PEM-encoded certificate bundle. If set, any request presenting a client certificate // signed by one of the authorities in the bundle is authenticated with a username corresponding to the CommonName, // and groups corresponding to the Organization in the client certificate. // +optional ClientCAFile string `json:"clientCAFile,omitempty"` }
type KubernetesAddon ¶
type KubernetesAddon struct { Name string `json:"name,omitempty"` Enabled *bool `json:"enabled,omitempty"` Mode string `json:"mode,omitempty"` Containers []KubernetesContainerSpec `json:"containers,omitempty"` Config map[string]string `json:"config,omitempty"` Pools []AddonNodePoolsConfig `json:"pools,omitempty"` Data string `json:"data,omitempty"` }
KubernetesAddon defines a list of addons w/ configuration to include with the cluster deployment
func (KubernetesAddon) GetAddonContainersIndexByName ¶
func (a KubernetesAddon) GetAddonContainersIndexByName(containerName string) int
GetAddonContainersIndexByName returns the KubernetesAddon containers index with the name `containerName`
func (*KubernetesAddon) IsDisabled ¶
func (a *KubernetesAddon) IsDisabled() bool
IsDisabled returns true if the addon is explicitly disabled
func (*KubernetesAddon) IsEnabled ¶
func (a *KubernetesAddon) IsEnabled() bool
IsEnabled returns true if the addon is enabled
type KubernetesConfig ¶
type KubernetesConfig struct { KubernetesImageBase string `json:"kubernetesImageBase,omitempty"` MCRKubernetesImageBase string `json:"mcrKubernetesImageBase,omitempty"` ClusterSubnet string `json:"clusterSubnet,omitempty"` NetworkPolicy string `json:"networkPolicy,omitempty"` NetworkPlugin string `json:"networkPlugin,omitempty"` NetworkMode string `json:"networkMode,omitempty"` ContainerRuntime string `json:"containerRuntime,omitempty"` MaxPods int `json:"maxPods,omitempty"` DockerBridgeSubnet string `json:"dockerBridgeSubnet,omitempty"` DNSServiceIP string `json:"dnsServiceIP,omitempty"` ServiceCIDR string `json:"serviceCidr,omitempty"` UseManagedIdentity bool `json:"useManagedIdentity,omitempty"` UserAssignedID string `json:"userAssignedID,omitempty"` UserAssignedClientID string `json:"userAssignedClientID,omitempty"` //Note: cannot be provided in config. Used *only* for transferring this to azure.json. CustomHyperkubeImage string `json:"customHyperkubeImage,omitempty"` CustomKubeProxyImage string `json:"customKubeProxyImage,omitempty"` CustomKubeBinaryURL string `json:"customKubeBinaryURL,omitempty"` MobyVersion string `json:"mobyVersion,omitempty"` ContainerdVersion string `json:"containerdVersion,omitempty"` WindowsNodeBinariesURL string `json:"windowsNodeBinariesURL,omitempty"` WindowsContainerdURL string `json:"windowsContainerdURL,omitempty"` WindowsSdnPluginURL string `json:"windowsSdnPluginURL,omitempty"` UseInstanceMetadata *bool `json:"useInstanceMetadata,omitempty"` EnableRbac *bool `json:"enableRbac,omitempty"` EnableSecureKubelet *bool `json:"enableSecureKubelet,omitempty"` PrivateCluster *PrivateCluster `json:"privateCluster,omitempty"` GCHighThreshold int `json:"gchighthreshold,omitempty"` GCLowThreshold int `json:"gclowthreshold,omitempty"` EnableEncryptionWithExternalKms *bool `json:"enableEncryptionWithExternalKms,omitempty"` Addons []KubernetesAddon `json:"addons,omitempty"` ContainerRuntimeConfig map[string]string `json:"containerRuntimeConfig,omitempty"` ControllerManagerConfig map[string]string `json:"controllerManagerConfig,omitempty"` SchedulerConfig map[string]string `json:"schedulerConfig,omitempty"` CloudProviderBackoffMode string `json:"cloudProviderBackoffMode"` CloudProviderBackoff *bool `json:"cloudProviderBackoff,omitempty"` CloudProviderBackoffRetries int `json:"cloudProviderBackoffRetries,omitempty"` CloudProviderBackoffJitter float64 `json:"cloudProviderBackoffJitter,omitempty"` CloudProviderBackoffDuration int `json:"cloudProviderBackoffDuration,omitempty"` CloudProviderBackoffExponent float64 `json:"cloudProviderBackoffExponent,omitempty"` CloudProviderRateLimit *bool `json:"cloudProviderRateLimit,omitempty"` CloudProviderRateLimitQPS float64 `json:"cloudProviderRateLimitQPS,omitempty"` CloudProviderRateLimitQPSWrite float64 `json:"cloudProviderRateLimitQPSWrite,omitempty"` CloudProviderRateLimitBucket int `json:"cloudProviderRateLimitBucket,omitempty"` CloudProviderRateLimitBucketWrite int `json:"cloudProviderRateLimitBucketWrite,omitempty"` CloudProviderDisableOutboundSNAT *bool `json:"cloudProviderDisableOutboundSNAT,omitempty"` NodeStatusUpdateFrequency string `json:"nodeStatusUpdateFrequency,omitempty"` LoadBalancerSku string `json:"loadBalancerSku,omitempty"` ExcludeMasterFromStandardLB *bool `json:"excludeMasterFromStandardLB,omitempty"` AzureCNIURLLinux string `json:"azureCNIURLLinux,omitempty"` AzureCNIURLARM64Linux string `json:"azureCNIURLARM64Linux,omitempty"` AzureCNIURLWindows string `json:"azureCNIURLWindows,omitempty"` MaximumLoadBalancerRuleCount int `json:"maximumLoadBalancerRuleCount,omitempty"` PrivateAzureRegistryServer string `json:"privateAzureRegistryServer,omitempty"` }
KubernetesConfig contains the Kubernetes config structure, containing Kubernetes specific configuration
func (*KubernetesConfig) GetAddonByName ¶
func (k *KubernetesConfig) GetAddonByName(addonName string) KubernetesAddon
GetAddonByName returns the KubernetesAddon instance with name `addonName`
func (*KubernetesConfig) GetAzureCNIURLARM64Linux ¶ added in v0.22222.0
func (k *KubernetesConfig) GetAzureCNIURLARM64Linux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLARM64Linux returns the full URL to source Azure CNI binaries for ARM64 Linux from
func (*KubernetesConfig) GetAzureCNIURLLinux ¶
func (k *KubernetesConfig) GetAzureCNIURLLinux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLLinux returns the full URL to source Azure CNI binaries from
func (*KubernetesConfig) GetAzureCNIURLWindows ¶
func (k *KubernetesConfig) GetAzureCNIURLWindows(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLWindows returns the full URL to source Azure CNI binaries from
func (*KubernetesConfig) IsAADPodIdentityEnabled ¶
func (k *KubernetesConfig) IsAADPodIdentityEnabled() bool
IsAADPodIdentityEnabled checks if the AAD pod identity addon is enabled
func (*KubernetesConfig) IsAddonDisabled ¶
func (k *KubernetesConfig) IsAddonDisabled(addonName string) bool
IsAddonDisabled checks whether a k8s addon with name "addonName" is explicitly disabled based on the Enabled field of KubernetesAddon. If the value of Enabled is nil, we return false (not explicitly disabled)
func (*KubernetesConfig) IsAddonEnabled ¶
func (k *KubernetesConfig) IsAddonEnabled(addonName string) bool
IsAddonEnabled checks whether a k8s addon with name "addonName" is enabled or not based on the Enabled field of KubernetesAddon. If the value of Enabled is nil, the "defaultValue" is returned.
func (*KubernetesConfig) IsIPMasqAgentDisabled ¶
func (k *KubernetesConfig) IsIPMasqAgentDisabled() bool
IsIPMasqAgentDisabled checks if the ip-masq-agent addon is disabled
func (*KubernetesConfig) IsIPMasqAgentEnabled ¶
func (k *KubernetesConfig) IsIPMasqAgentEnabled() bool
IsIPMasqAgentEnabled checks if the ip-masq-agent addon is enabled
func (*KubernetesConfig) IsRBACEnabled ¶
func (k *KubernetesConfig) IsRBACEnabled() bool
IsRBACEnabled checks if RBAC is enabled
func (*KubernetesConfig) NeedsContainerd ¶
func (k *KubernetesConfig) NeedsContainerd() bool
NeedsContainerd returns whether or not we need the containerd runtime configuration E.g., kata configuration requires containerd config
func (*KubernetesConfig) PrivateJumpboxProvision ¶
func (k *KubernetesConfig) PrivateJumpboxProvision() bool
PrivateJumpboxProvision checks if a private cluster has jumpbox auto-provisioning
func (*KubernetesConfig) RequiresDocker ¶
func (k *KubernetesConfig) RequiresDocker() bool
RequiresDocker returns if the kubernetes settings require docker binary to be installed.
func (*KubernetesConfig) UserAssignedIDEnabled ¶
func (k *KubernetesConfig) UserAssignedIDEnabled() bool
UserAssignedIDEnabled checks if the user assigned ID is enabled or not.
type KubernetesContainerSpec ¶
type KubernetesContainerSpec struct { Name string `json:"name,omitempty"` Image string `json:"image,omitempty"` CPURequests string `json:"cpuRequests,omitempty"` MemoryRequests string `json:"memoryRequests,omitempty"` CPULimits string `json:"cpuLimits,omitempty"` MemoryLimits string `json:"memoryLimits,omitempty"` }
KubernetesContainerSpec defines configuration for a container spec
type KubernetesSpecConfig ¶
type KubernetesSpecConfig struct { AzureTelemetryPID string `json:"azureTelemetryPID,omitempty"` KubernetesImageBase string `json:"kubernetesImageBase,omitempty"` TillerImageBase string `json:"tillerImageBase,omitempty"` ACIConnectorImageBase string `json:"aciConnectorImageBase,omitempty"` MCRKubernetesImageBase string `json:"mcrKubernetesImageBase,omitempty"` NVIDIAImageBase string `json:"nvidiaImageBase,omitempty"` AzureCNIImageBase string `json:"azureCNIImageBase,omitempty"` CalicoImageBase string `json:"CalicoImageBase,omitempty"` EtcdDownloadURLBase string `json:"etcdDownloadURLBase,omitempty"` KubeBinariesSASURLBase string `json:"kubeBinariesSASURLBase,omitempty"` WindowsTelemetryGUID string `json:"windowsTelemetryGUID,omitempty"` CNIPluginsDownloadURL string `json:"cniPluginsDownloadURL,omitempty"` VnetCNILinuxPluginsDownloadURL string `json:"vnetCNILinuxPluginsDownloadURL,omitempty"` VnetCNIWindowsPluginsDownloadURL string `json:"vnetCNIWindowsPluginsDownloadURL,omitempty"` ContainerdDownloadURLBase string `json:"containerdDownloadURLBase,omitempty"` CSIProxyDownloadURL string `json:"csiProxyDownloadURL,omitempty"` WindowsProvisioningScriptsPackageURL string `json:"windowsProvisioningScriptsPackageURL,omitempty"` WindowsPauseImageURL string `json:"windowsPauseImageURL,omitempty"` AlwaysPullWindowsPauseImage bool `json:"alwaysPullWindowsPauseImage,omitempty"` CseScriptsPackageURL string `json:"cseScriptsPackageURL,omitempty"` CNIARM64PluginsDownloadURL string `json:"cniARM64PluginsDownloadURL,omitempty"` VnetCNIARM64LinuxPluginsDownloadURL string `json:"vnetCNIARM64LinuxPluginsDownloadURL,omitempty"` }
KubernetesSpecConfig is the kubernetes container images used.
type LinuxProfile ¶
type LinuxProfile struct { AdminUsername string `json:"adminUsername"` SSH struct { PublicKeys []PublicKey `json:"publicKeys"` } `json:"ssh"` Secrets []KeyVaultSecrets `json:"secrets,omitempty"` Distro Distro `json:"distro,omitempty"` CustomSearchDomain *CustomSearchDomain `json:"customSearchDomain,omitempty"` }
LinuxProfile represents the linux parameters passed to the cluster
func (*LinuxProfile) HasSearchDomain ¶
func (l *LinuxProfile) HasSearchDomain() bool
HasSearchDomain returns true if the customer specified secrets to install
func (*LinuxProfile) HasSecrets ¶
func (l *LinuxProfile) HasSecrets() bool
HasSecrets returns true if the customer specified secrets to install
type NodeBootstrapping ¶
type NodeBootstrapping struct { CustomData string CSE string OSImageConfig *AzureOSImageConfig SigImageConfig *SigImageConfig }
NodeBootstrapping represents the custom data, CSE, and OS image info needed for node bootstrapping.
type NodeBootstrappingConfiguration ¶
type NodeBootstrappingConfiguration struct { ContainerService *ContainerService CloudSpecConfig *AzureEnvironmentSpecConfig K8sComponents *K8sComponents AgentPoolProfile *AgentPoolProfile TenantID string SubscriptionID string ResourceGroupName string UserAssignedIdentityClientID string OSSKU string ConfigGPUDriverIfNeeded bool Disable1804SystemdResolved bool EnableGPUDevicePluginIfNeeded bool EnableKubeletConfigFile bool EnableNvidia bool EnableACRTeleportPlugin bool TeleportdPluginURL string ContainerdVersion string RuncVersion string // ContainerdPackageURL and RuncPackageURL are beneficial for testing non-official // containerd and runc, like the pre-released ones. // Currently both configurations are for test purpose, and only deb package is supported ContainerdPackageURL string RuncPackageURL string // KubeletClientTLSBootstrapToken - kubelet client TLS bootstrap token to use. // When this feature is enabled, we skip kubelet kubeconfig generation and replace it with bootstrap kubeconfig. // ref: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping KubeletClientTLSBootstrapToken *string FIPSEnabled bool HTTPProxyConfig *HTTPProxyConfig KubeletConfig map[string]string KubeproxyConfig map[string]string EnableRuncShimV2 bool GPUInstanceProfile string PrimaryScaleSetName string SIGConfig SIGConfig IsARM64 bool }
NodeBootstrappingConfiguration represents configurations for node bootstrapping
func (*NodeBootstrappingConfiguration) GetOrderedKubeletConfigStringForPowershell ¶
func (config *NodeBootstrappingConfiguration) GetOrderedKubeletConfigStringForPowershell() string
GetOrderedKubeletConfigStringForPowershell returns an ordered string of key/val pairs for Powershell script consumption
func (*NodeBootstrappingConfiguration) GetOrderedKubeproxyConfigStringForPowershell ¶ added in v0.22222.0
func (config *NodeBootstrappingConfiguration) GetOrderedKubeproxyConfigStringForPowershell() string
GetOrderedKubeproxyConfigStringForPowershell returns an ordered string of key/val pairs for Powershell script consumption
type OrchestratorProfile ¶
type OrchestratorProfile struct { OrchestratorType string `json:"orchestratorType"` OrchestratorVersion string `json:"orchestratorVersion"` KubernetesConfig *KubernetesConfig `json:"kubernetesConfig,omitempty"` }
OrchestratorProfile contains Orchestrator properties
func (*OrchestratorProfile) IsAzureCNI ¶
func (o *OrchestratorProfile) IsAzureCNI() bool
IsAzureCNI returns true if Azure CNI network plugin is enabled
func (*OrchestratorProfile) IsKubernetes ¶
func (o *OrchestratorProfile) IsKubernetes() bool
IsKubernetes returns true if this template is for Kubernetes orchestrator
func (*OrchestratorProfile) IsNoneCNI ¶ added in v0.22222.0
func (o *OrchestratorProfile) IsNoneCNI() bool
IsNoneCNI returns true if network plugin none is enabled
type PrivateCluster ¶
type PrivateCluster struct { Enabled *bool `json:"enabled,omitempty"` EnableHostsConfigAgent *bool `json:"enableHostsConfigAgent,omitempty"` JumpboxProfile *PrivateJumpboxProfile `json:"jumpboxProfile,omitempty"` }
PrivateCluster defines the configuration for a private cluster
type PrivateJumpboxProfile ¶
type PrivateJumpboxProfile struct { Name string `json:"name" validate:"required"` VMSize string `json:"vmSize" validate:"required"` OSDiskSizeGB int `json:"osDiskSizeGB,omitempty" validate:"min=0,max=2048"` Username string `json:"username,omitempty"` PublicKey string `json:"publicKey" validate:"required"` StorageProfile string `json:"storageProfile,omitempty"` }
PrivateJumpboxProfile represents a jumpbox definition
type Properties ¶
type Properties struct { ClusterID string ProvisioningState ProvisioningState `json:"provisioningState,omitempty"` OrchestratorProfile *OrchestratorProfile `json:"orchestratorProfile,omitempty"` AgentPoolProfiles []*AgentPoolProfile `json:"agentPoolProfiles,omitempty"` LinuxProfile *LinuxProfile `json:"linuxProfile,omitempty"` WindowsProfile *WindowsProfile `json:"windowsProfile,omitempty"` ExtensionProfiles []*ExtensionProfile `json:"extensionProfiles"` DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"` ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"` CertificateProfile *CertificateProfile `json:"certificateProfile,omitempty"` AADProfile *AADProfile `json:"aadProfile,omitempty"` CustomProfile *CustomProfile `json:"customProfile,omitempty"` HostedMasterProfile *HostedMasterProfile `json:"hostedMasterProfile,omitempty"` AddonProfiles map[string]AddonProfile `json:"addonProfiles,omitempty"` FeatureFlags *FeatureFlags `json:"featureFlags,omitempty"` TelemetryProfile *TelemetryProfile `json:"telemetryProfile,omitempty"` CustomCloudEnv *CustomCloudEnv `json:"customCloudEnv,omitempty"` CustomConfiguration *CustomConfiguration `json:"customConfiguration,omitempty"` }
Properties represents the AKS cluster definition
func GetK8sDefaultProperties ¶
func GetK8sDefaultProperties(hasWindows bool) *Properties
GetK8sDefaultProperties returns a struct of type Properties for testing purposes.
func (*Properties) AreAgentProfilesCustomVNET ¶
func (p *Properties) AreAgentProfilesCustomVNET() bool
AreAgentProfilesCustomVNET returns true if all of the agent profiles in the clusters are configured with VNET.
func (*Properties) GetClusterID ¶
func (p *Properties) GetClusterID() string
GetClusterID creates a unique 8 string cluster ID.
func (*Properties) GetCustomCloudName ¶
func (p *Properties) GetCustomCloudName() string
GetCustomCloudName returns name of environment if customCloudProfile is provided, returns empty string if customCloudProfile is empty. Because customCloudProfile is empty for deployment is AzurePublicCloud, AzureChinaCloud,AzureGermanCloud,AzureUSGovernmentCloud, the return value will be empty string for those clouds
func (*Properties) GetCustomEnvironmentJSON ¶
func (p *Properties) GetCustomEnvironmentJSON(escape bool) (string, error)
GetCustomEnvironmentJSON return the JSON format string for custom environment
func (*Properties) GetKubeProxyFeatureGatesWindowsArguments ¶
func (p *Properties) GetKubeProxyFeatureGatesWindowsArguments() string
GetKubeProxyFeatureGatesWindowsArguments returns the feature gates string for the kube-proxy arguments in Windows nodes
func (*Properties) GetNSGName ¶
func (p *Properties) GetNSGName() string
GetNSGName returns the name of the network security group of the cluster.
func (*Properties) GetPrimaryAvailabilitySetName ¶
func (p *Properties) GetPrimaryAvailabilitySetName() string
GetPrimaryAvailabilitySetName returns the name of the primary availability set of the cluster
func (*Properties) GetResourcePrefix ¶
func (p *Properties) GetResourcePrefix() string
GetResourcePrefix returns the prefix to use for naming cluster resources
func (*Properties) GetRouteTableName ¶
func (p *Properties) GetRouteTableName() string
GetRouteTableName returns the route table name of the cluster.
func (*Properties) GetSubnetName ¶
func (p *Properties) GetSubnetName() string
GetSubnetName returns the subnet name of the cluster based on its current configuration.
func (*Properties) GetVMType ¶
func (p *Properties) GetVMType() string
GetVMType returns the type of VM "vmss" or "standard" to be passed to the cloud provider
func (*Properties) GetVNetResourceGroupName ¶
func (p *Properties) GetVNetResourceGroupName() string
GetVNetResourceGroupName returns the virtual network resource group name of the cluster
func (*Properties) GetVirtualNetworkName ¶
func (p *Properties) GetVirtualNetworkName() string
GetVirtualNetworkName returns the virtual network name of the cluster
func (*Properties) HasAadProfile ¶
func (p *Properties) HasAadProfile() bool
HasAadProfile returns true if the has aad profile
func (*Properties) HasDCSeriesSKU ¶
func (p *Properties) HasDCSeriesSKU() bool
HasDCSeriesSKU returns whether or not there is an DC series SKU agent pool
func (*Properties) HasVMSSAgentPool ¶
func (p *Properties) HasVMSSAgentPool() bool
HasVMSSAgentPool returns true if the cluster contains Virtual Machine Scale Sets agent pools
func (*Properties) HasWindows ¶
func (p *Properties) HasWindows() bool
HasWindows returns true if the cluster contains windows
func (*Properties) IsAKSCustomCloud ¶
func (p *Properties) IsAKSCustomCloud() bool
IsAKSCustomCloud checks if it's in AKS custom cloud
func (*Properties) IsIPMasqAgentDisabled ¶
func (p *Properties) IsIPMasqAgentDisabled() bool
IsIPMasqAgentDisabled returns true if the ip-masq-agent functionality is disabled
func (*Properties) IsIPMasqAgentEnabled ¶
func (p *Properties) IsIPMasqAgentEnabled() bool
IsIPMasqAgentEnabled returns true if the cluster has a hosted master and IpMasqAgent is disabled
func (*Properties) IsVHDDistroForAllNodes ¶
func (p *Properties) IsVHDDistroForAllNodes() bool
IsVHDDistroForAllNodes returns true if all of the agent pools plus masters are running the VHD image
func (*Properties) K8sOrchestratorName ¶
func (p *Properties) K8sOrchestratorName() string
K8sOrchestratorName returns the 3 character orchestrator code for kubernetes-based clusters.
type ProvisioningState ¶
type ProvisioningState string
ProvisioningState represents the current state of container service resource.
type PublicKey ¶
type PublicKey struct {
KeyData string `json:"keyData"`
}
PublicKey represents an SSH key for LinuxProfile
type ResourceIdentifiers ¶
type ResourceIdentifiers struct { Graph string `json:"graph,omitempty"` KeyVault string `json:"keyVault,omitempty"` Datalake string `json:"datalake,omitempty"` Batch string `json:"batch,omitempty"` OperationalInsights string `json:"operationalInsights,omitempty"` Storage string `json:"storage,omitempty"` }
ResourceIdentifiers represents resource ids
type ResourcePurchasePlan ¶
type ResourcePurchasePlan struct { Name string `json:"name"` Product string `json:"product"` PromotionCode string `json:"promotionCode"` Publisher string `json:"publisher"` }
ResourcePurchasePlan defines resource plan as required by ARM for billing purposes.
type RuntimeHandlers ¶
type RuntimeHandlers struct {
BuildNumber string `json:"buildNumber,omitempty"`
}
RuntimeHandlers configures the runtime settings in containerd
type SIGAzureEnvironmentSpecConfig ¶
type SIGAzureEnvironmentSpecConfig struct { CloudName string `json:"cloudName,omitempty"` SigTenantID string `json:"sigTenantID,omitempty"` SubscriptionID string `json:"subscriptionID,omitempty"` SigUbuntuImageConfig map[Distro]SigImageConfig `json:"sigUbuntuImageConfig,omitempty"` SigCBLMarinerImageConfig map[Distro]SigImageConfig `json:"sigCBLMarinerImageConfig,omitempty"` SigWindowsImageConfig map[Distro]SigImageConfig `json:"sigWindowsImageConfig,omitempty"` }
SIGAzureEnvironmentSpecConfig is the overall configuration differences in different cloud environments. TODO(tonyxu) merge this with AzureEnvironmentSpecConfig from aks-engine(pkg/api/azenvtypes.go) once it's moved into AKS RP
func GetAzurePublicSIGConfigForTest ¶
func GetAzurePublicSIGConfigForTest() SIGAzureEnvironmentSpecConfig
GetAzurePublicSIGConfigForTest returns a statically defined sigconfig. This should only be used for unit tests and e2es.
func GetSIGAzureCloudSpecConfig ¶
func GetSIGAzureCloudSpecConfig(sigConfig SIGConfig, region string) (SIGAzureEnvironmentSpecConfig, error)
GetSIGAzureCloudSpecConfig get cloud specific sig config
type SIGConfig ¶
type SIGConfig struct { TenantID string `json:"tenantID"` SubscriptionID string `json:"subscriptionID"` Galleries map[string]SIGGalleryConfig `json:"galleries"` }
SIGConfig is used to hold configuration parameters to access AKS VHDs stored in a SIG
type SIGGalleryConfig ¶
type ServicePrincipalProfile ¶
type ServicePrincipalProfile struct { ClientID string `json:"clientId"` Secret string `json:"secret,omitempty" conform:"redact"` ObjectID string `json:"objectId,omitempty"` KeyvaultSecretRef *KeyvaultSecretRef `json:"keyvaultSecretRef,omitempty"` }
ServicePrincipalProfile contains the client and secret used by the cluster for Azure Resource CRUD
type SigImageConfig ¶
type SigImageConfig struct { SigImageConfigTemplate SubscriptionID string }
SigImageConfig represents the SIG image configuration
type SigImageConfigOpt ¶
type SigImageConfigOpt func(*SigImageConfig)
type SigImageConfigTemplate ¶
type SigImageConfigTemplate struct { ResourceGroup string Gallery string Definition string Version string }
SigImageConfigTemplate represents the SIG image configuration template
func (SigImageConfigTemplate) WithOptions ¶
func (template SigImageConfigTemplate) WithOptions(options ...SigImageConfigOpt) SigImageConfig
WithOptions converts a SigImageConfigTemplate to SigImageConfig instance via function opts
type SysctlConfig ¶
type SysctlConfig struct { NetCoreSomaxconn *int32 `json:"netCoreSomaxconn,omitempty"` NetCoreNetdevMaxBacklog *int32 `json:"netCoreNetdevMaxBacklog,omitempty"` NetCoreRmemDefault *int32 `json:"netCoreRmemDefault,omitempty"` NetCoreRmemMax *int32 `json:"netCoreRmemMax,omitempty"` NetCoreWmemDefault *int32 `json:"netCoreWmemDefault,omitempty"` NetCoreWmemMax *int32 `json:"netCoreWmemMax,omitempty"` NetCoreOptmemMax *int32 `json:"netCoreOptmemMax,omitempty"` NetIpv4TcpMaxSynBacklog *int32 `json:"netIpv4TcpMaxSynBacklog,omitempty"` NetIpv4TcpMaxTwBuckets *int32 `json:"netIpv4TcpMaxTwBuckets,omitempty"` NetIpv4TcpFinTimeout *int32 `json:"netIpv4TcpFinTimeout,omitempty"` NetIpv4TcpKeepaliveTime *int32 `json:"netIpv4TcpKeepaliveTime,omitempty"` NetIpv4TcpKeepaliveProbes *int32 `json:"netIpv4TcpKeepaliveProbes,omitempty"` NetIpv4TcpkeepaliveIntvl *int32 `json:"netIpv4TcpkeepaliveIntvl,omitempty"` NetIpv4TcpTwReuse *bool `json:"netIpv4TcpTwReuse,omitempty"` NetIpv4IpLocalPortRange string `json:"netIpv4IpLocalPortRange,omitempty"` NetIpv4NeighDefaultGcThresh1 *int32 `json:"netIpv4NeighDefaultGcThresh1,omitempty"` NetIpv4NeighDefaultGcThresh2 *int32 `json:"netIpv4NeighDefaultGcThresh2,omitempty"` NetIpv4NeighDefaultGcThresh3 *int32 `json:"netIpv4NeighDefaultGcThresh3,omitempty"` NetNetfilterNfConntrackMax *int32 `json:"netNetfilterNfConntrackMax,omitempty"` NetNetfilterNfConntrackBuckets *int32 `json:"netNetfilterNfConntrackBuckets,omitempty"` FsInotifyMaxUserWatches *int32 `json:"fsInotifyMaxUserWatches,omitempty"` FsFileMax *int32 `json:"fsFileMax,omitempty"` FsAioMaxNr *int32 `json:"fsAioMaxNr,omitempty"` FsNrOpen *int32 `json:"fsNrOpen,omitempty"` KernelThreadsMax *int32 `json:"kernelThreadsMax,omitempty"` VMMaxMapCount *int32 `json:"vmMaxMapCount,omitempty"` VMSwappiness *int32 `json:"vmSwappiness,omitempty"` VMVfsCachePressure *int32 `json:"vmVfsCachePressure,omitempty"` }
SysctlConfig represents sysctl configs in customLinuxOsConfig
type TelemetryProfile ¶
type TelemetryProfile struct {
ApplicationInsightsKey string `json:"applicationInsightsKey,omitempty"`
}
TelemetryProfile contains settings for collecting telemtry. Note telemtry is currently enabled/disabled with the 'EnableTelemetry' feature flag.
type TypeMeta ¶
type TypeMeta struct { // APIVersion is on every object APIVersion string `json:"apiVersion"` }
TypeMeta describes an individual API model object
type UserAssignedIdentity ¶
type UserAssignedIdentity struct { ResourceID string `json:"resourceId,omitempty"` ClientID string `json:"clientId,omitempty"` ObjectID string `json:"objectId,omitempty"` }
UserAssignedIdentity contains information that uniquely identifies an identity
type VMDiagnostics ¶
type VMDiagnostics struct { Enabled bool `json:"enabled"` // Specifies storage account Uri where Boot Diagnostics (CRP & // VMSS BootDiagostics) and VM Diagnostics logs (using Linux // Diagnostics Extension) will be stored. Uri will be of standard // blob domain. i.e. https://storageaccount.blob.core.windows.net/ // This field is readonly as ACS RP will create a storage account // for the customer. StorageURL *neturl.URL `json:"storageUrl"` }
VMDiagnostics contains settings to on/off boot diagnostics collection in RD Host
type WindowsProfile ¶
type WindowsProfile struct { AdminUsername string `json:"adminUsername"` AdminPassword string `json:"adminPassword" conform:"redact"` CSIProxyURL string `json:"csiProxyURL,omitempty"` EnableCSIProxy *bool `json:"enableCSIProxy,omitempty"` ImageRef *ImageReference `json:"imageReference,omitempty"` ImageVersion string `json:"imageVersion"` ProvisioningScriptsPackageURL string `json:"provisioningScriptsPackageURL,omitempty"` WindowsImageSourceURL string `json:"windowsImageSourceURL"` WindowsPublisher string `json:"windowsPublisher"` WindowsOffer string `json:"windowsOffer"` WindowsSku string `json:"windowsSku"` WindowsDockerVersion string `json:"windowsDockerVersion"` Secrets []KeyVaultSecrets `json:"secrets,omitempty"` SSHEnabled *bool `json:"sshEnabled,omitempty"` EnableAutomaticUpdates *bool `json:"enableAutomaticUpdates,omitempty"` IsCredentialAutoGenerated *bool `json:"isCredentialAutoGenerated,omitempty"` EnableAHUB *bool `json:"enableAHUB,omitempty"` WindowsPauseImageURL string `json:"windowsPauseImageURL"` AlwaysPullWindowsPauseImage *bool `json:"alwaysPullWindowsPauseImage,omitempty"` ContainerdWindowsRuntimes *ContainerdWindowsRuntimes `json:"containerdWindowsRuntimes,omitempty"` WindowsCalicoPackageURL string `json:"windowsCalicoPackageURL,omitempty"` WindowsSecureTlsEnabled *bool `json:"windowsSecureTlsEnabled,omitempty"` WindowsGmsaPackageUrl string `json:"windowsGmsaPackageUrl,omitempty"` CseScriptsPackageURL string `json:"cseScriptsPackageURL,omitempty"` }
WindowsProfile represents the windows parameters passed to the cluster
func (*WindowsProfile) GetContainerdWindowsRuntimeHandlers ¶
func (w *WindowsProfile) GetContainerdWindowsRuntimeHandlers() string
GetContainerdWindowsRuntimeHandlers gets comma separated list of runtimehandler names
func (*WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation ¶
func (w *WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation() string
GetDefaultContainerdWindowsSandboxIsolation gets the default containerd runtime handler or return default value
func (*WindowsProfile) GetSSHEnabled ¶
func (w *WindowsProfile) GetSSHEnabled() bool
GetSSHEnabled gets it ssh should be enabled for Windows nodes
func (*WindowsProfile) GetWindowsDockerVersion ¶
func (w *WindowsProfile) GetWindowsDockerVersion() string
GetWindowsDockerVersion gets the docker version specified or returns default value
func (*WindowsProfile) GetWindowsSku ¶
func (w *WindowsProfile) GetWindowsSku() string
GetWindowsSku gets the marketplace sku specified (such as Datacenter-Core-1809-with-Containers-smalldisk) or returns default value
func (*WindowsProfile) HasCustomImage ¶
func (w *WindowsProfile) HasCustomImage() bool
HasCustomImage returns true if there is a custom windows os image url specified
func (*WindowsProfile) HasImageRef ¶
func (w *WindowsProfile) HasImageRef() bool
HasImageRef returns true if the customer brought os image
func (*WindowsProfile) HasSecrets ¶
func (w *WindowsProfile) HasSecrets() bool
HasSecrets returns true if the customer specified secrets to install
func (*WindowsProfile) IsAlwaysPullWindowsPauseImage ¶
func (w *WindowsProfile) IsAlwaysPullWindowsPauseImage() bool
IsAlwaysPullWindowsPauseImage returns true if the windows pause image always needs a force pull
func (*WindowsProfile) IsCSIProxyEnabled ¶
func (w *WindowsProfile) IsCSIProxyEnabled() bool
IsCSIProxyEnabled returns true if csi proxy service should be enable for Windows nodes
func (*WindowsProfile) IsWindowsSecureTlsEnabled ¶
func (w *WindowsProfile) IsWindowsSecureTlsEnabled() bool
IsWindowsSecureTlsEnabled returns true if secure TLS should be enabled for Windows nodes
type WorkloadRuntime ¶
type WorkloadRuntime string
WorkloadRuntime describes choices for the type of workload: container or wasm-wasi, currently.
const ( // OCIContainer indicates that kubelet will be used for a container workload. OCIContainer WorkloadRuntime = "OCIContainer" // WasmWasi indicates Krustlet will be used for a WebAssembly workload. WasmWasi WorkloadRuntime = "WasmWasi" )