Documentation ¶
Index ¶
- Constants
- Variables
- func FormatProdFQDNByLocation(fqdnPrefix string, location string, ...) string
- func GetAllSupportedKubernetesVersions(isUpdate, hasWindows bool) []string
- func GetCloudTargetEnv(location string) string
- func GetCommandLineOmittedKubeletConfigFlags() map[string]bool
- func GetDefaultKubernetesVersion(hasWindows bool) string
- func GetLatestPatchVersion(majorMinor string, versionsList []string) string
- func GetMaxVersion(versions []string, preRelease bool) string
- func GetMinVersion(versions []string, preRelease bool) string
- func GetOrderedEscapedKeyValsString(config map[string]string) string
- func GetStorageAccountType(sizeName string) (string, error)
- func GetSupportedKubernetesVersion(version string, hasWindows bool) string
- func GetSupportedVersions(orchType string, isUpdate, hasWindows bool) ([]string, string)
- func GetValidPatchVersion(orchType, orchVer string, isUpdate, hasWindows bool) string
- func GetVersionsBetween(versions []string, versionMin, versionMax string, inclusive, preReleases bool) []string
- func GetVersionsGt(versions []string, version string, inclusive, preReleases bool) []string
- func GetVersionsLt(versions []string, version string, inclusive, preReleases bool) []string
- func IndentString(original string, spaces int) string
- func IsKubernetesVersionGe(actualVersion, version string) bool
- func IsSgxEnabledSKU(vmSize string) bool
- func IsSupportedKubernetesVersion(version string, isUpdate, hasWindows bool) bool
- func IsValidMinVersion(orchType, orchRelease, orchVersion, minVersion string) (bool, error)
- func RationalizeReleaseAndVersion(orchType, orchRel, orchVer string, isUpdate, hasWindows bool) string
- func SliceIntIsNonEmpty(s []int) bool
- func ValidateDNSPrefix(dnsName string) error
- func WrapAsVerbatim(s string) string
- type AADProfile
- type AKSKubeletConfiguration
- type AddonNodePoolsConfig
- type AddonProfile
- type AgentPoolProfile
- func (a *AgentPoolProfile) GetAgentPoolWindowsProfile() *AgentPoolWindowsProfile
- func (a *AgentPoolProfile) GetCustomLinuxOSConfig() *CustomLinuxOSConfig
- func (a *AgentPoolProfile) GetKubernetesLabels() string
- func (a *AgentPoolProfile) Is2204VHDDistro() bool
- func (a *AgentPoolProfile) Is2404VHDDistro() bool
- func (a *AgentPoolProfile) IsAvailabilitySets() bool
- func (a *AgentPoolProfile) IsAzureLinuxCgroupV2VHDDistro() bool
- func (a *AgentPoolProfile) IsCustomVNET() bool
- func (a *AgentPoolProfile) IsDisableWindowsOutboundNat() bool
- func (a *AgentPoolProfile) IsSkipCleanupNetwork() bool
- func (a *AgentPoolProfile) IsVHDDistro() bool
- func (a *AgentPoolProfile) IsVirtualMachineScaleSets() bool
- func (a *AgentPoolProfile) IsWindows() bool
- type AgentPoolWindowsProfile
- type AuthenticatorType
- type AzureEndpointConfig
- type AzureEnvironmentSpecConfig
- type AzureOSImageConfig
- type CSEStatus
- type CSEStatusParsingError
- type CSEStatusParsingErrorCode
- type CertificateProfile
- type ComponentConfiguration
- type ContainerService
- type ContainerdWindowsRuntimes
- type CustomCATrustConfig
- type CustomCloudEnv
- type CustomConfiguration
- type CustomConfigurationComponent
- type CustomFile
- type CustomKubeletConfig
- type CustomLinuxOSConfig
- type CustomProfile
- type CustomSearchDomain
- type DiagnosticsProfile
- type Distro
- func (d Distro) Is2204VHDDistro() bool
- func (d Distro) Is2404VHDDistro() bool
- func (d Distro) IsAzureLinuxCgroupV2VHDDistro() bool
- func (d Distro) IsAzureLinuxDistro() bool
- func (d Distro) IsContainerdDistro() bool
- func (d Distro) IsGPUDistro() bool
- func (d Distro) IsGen2Distro() bool
- func (d Distro) IsKataDistro() bool
- func (d Distro) IsVHDDistro() bool
- func (d Distro) IsWindowsDistro() bool
- func (d Distro) IsWindowsPIRDistro() bool
- func (d Distro) IsWindowsSIGDistro() bool
- type DockerSpecConfig
- type Duration
- type EnvironmentInfo
- type Extension
- type ExtensionProfile
- type FeatureFlags
- type GetLatestSigImageConfigRequest
- type HTTPProxyConfig
- type HostedMasterProfile
- type ImageReference
- type K8sComponents
- type KeyVaultCertificate
- type KeyVaultID
- type KeyVaultRef
- type KeyVaultSecrets
- type KeyvaultSecretRef
- type KubeletAnonymousAuthentication
- type KubeletAuthentication
- type KubeletAuthorization
- type KubeletAuthorizationMode
- type KubeletDiskType
- type KubeletWebhookAuthentication
- type KubeletWebhookAuthorization
- type KubeletX509Authentication
- type KubernetesAddon
- type KubernetesConfig
- func (k *KubernetesConfig) GetAddonByName(addonName string) KubernetesAddon
- func (k *KubernetesConfig) GetAzureCNIURLARM64Linux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) GetAzureCNIURLLinux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) GetAzureCNIURLWindows(cloudSpecConfig *AzureEnvironmentSpecConfig) string
- func (k *KubernetesConfig) IsAADPodIdentityEnabled() bool
- func (k *KubernetesConfig) IsAddonDisabled(addonName string) bool
- func (k *KubernetesConfig) IsAddonEnabled(addonName string) bool
- func (k *KubernetesConfig) IsIPMasqAgentDisabled() bool
- func (k *KubernetesConfig) IsIPMasqAgentEnabled() bool
- func (k *KubernetesConfig) IsRBACEnabled() bool
- func (k *KubernetesConfig) IsUsingNetworkPluginMode(mode string) bool
- func (k *KubernetesConfig) NeedsContainerd() bool
- func (k *KubernetesConfig) PrivateJumpboxProvision() bool
- func (k *KubernetesConfig) RequiresDocker() bool
- func (k *KubernetesConfig) UserAssignedIDEnabled() bool
- type KubernetesContainerSpec
- type KubernetesSpecConfig
- type LinuxProfile
- type NodeBootstrapping
- type NodeBootstrappingConfiguration
- type OSType
- type OrchestratorProfile
- type PrivateCluster
- type PrivateEgress
- type PrivateJumpboxProfile
- type Properties
- func (p *Properties) AreAgentProfilesCustomVNET() bool
- func (p *Properties) GetClusterID() string
- func (p *Properties) GetComponentKubernetesConfiguration(component CustomConfigurationComponent) *ComponentConfiguration
- func (p *Properties) GetComponentWindowsKubernetesConfiguration(component CustomConfigurationComponent) *ComponentConfiguration
- func (p *Properties) GetCustomCloudName() string
- func (p *Properties) GetCustomEnvironmentJSON(escape bool) (string, error)
- func (p *Properties) GetKubeProxyFeatureGatesWindowsArguments() string
- func (p *Properties) GetNSGName() string
- func (p *Properties) GetPrimaryAvailabilitySetName() string
- func (p *Properties) GetResourcePrefix() string
- func (p *Properties) GetRouteTableName() string
- func (p *Properties) GetSubnetName() string
- func (p *Properties) GetVMType() string
- func (p *Properties) GetVNetResourceGroupName() string
- func (p *Properties) GetVirtualNetworkName() string
- func (p *Properties) HasAadProfile() bool
- func (p *Properties) HasDCSeriesSKU() bool
- func (p *Properties) HasVMSSAgentPool() bool
- func (p *Properties) HasWindows() bool
- func (p *Properties) IsAKSCustomCloud() bool
- func (p *Properties) IsIPMasqAgentDisabled() bool
- func (p *Properties) IsIPMasqAgentEnabled() bool
- func (p *Properties) IsVHDDistroForAllNodes() bool
- func (p *Properties) K8sOrchestratorName() string
- type ProvisioningState
- type PublicKey
- type ResourceIdentifiers
- type ResourcePurchasePlan
- type RuntimeHandlers
- type SIGAzureEnvironmentSpecConfig
- type SIGConfig
- type SIGGalleryConfig
- type SSHStatus
- type SecurityProfile
- type ServicePrincipalProfile
- type SigImageConfig
- type SigImageConfigOpt
- type SigImageConfigTemplate
- type SysctlConfig
- type TypeMeta
- type UlimitConfig
- type UserAssignedIdentity
- type VMDiagnostics
- type WindowsProfile
- func (w *WindowsProfile) GetContainerdWindowsRuntimeHandlers() string
- func (w *WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation() string
- func (w *WindowsProfile) GetHnsRemediatorIntervalInMinutes() uint32
- func (w *WindowsProfile) GetLogGeneratorIntervalInMinutes() uint32
- func (w *WindowsProfile) GetSSHEnabled() bool
- func (w *WindowsProfile) GetWindowsDockerVersion() string
- func (w *WindowsProfile) GetWindowsSku() string
- func (w *WindowsProfile) HasCustomImage() bool
- func (w *WindowsProfile) HasImageRef() bool
- func (w *WindowsProfile) HasSecrets() bool
- func (w *WindowsProfile) IsAlwaysPullWindowsPauseImage() bool
- func (w *WindowsProfile) IsCSIProxyEnabled() bool
- func (w *WindowsProfile) IsWindowsSecureTlsEnabled() bool
- type WorkloadRuntime
Constants ¶
const ( // KubernetesWindowsDockerVersion is the default version for docker on Windows nodes in kubernetes. KubernetesWindowsDockerVersion = "20.10.9" // KubernetesDefaultWindowsSku is the default SKU for Windows VMs in kubernetes. KubernetesDefaultWindowsSku = "Datacenter-Core-1809-with-Containers-smalldisk" // KubernetesDefaultContainerdWindowsSandboxIsolation is the default containerd handler for windows pods. KubernetesDefaultContainerdWindowsSandboxIsolation = "process" )
const ( // AvailabilitySet means that the vms are in an availability set. AvailabilitySet = "AvailabilitySet" /* DefaultOrchestratorName specifies the 3 character orchestrator code of the cluster template and affects. resource naming. */ DefaultOrchestratorName = "k8s" /* DefaultHostedProfileMasterName specifies the 3 character orchestrator code of the clusters with hosted. master profiles. */ DefaultHostedProfileMasterName = "aks" // DefaultSubnetNameResourceSegmentIndex specifies the default subnet name resource segment index. DefaultSubnetNameResourceSegmentIndex = 10 // DefaultVnetResourceGroupSegmentIndex specifies the default virtual network resource segment index. DefaultVnetResourceGroupSegmentIndex = 4 // DefaultVnetNameResourceSegmentIndex specifies the default virtual network name segment index. DefaultVnetNameResourceSegmentIndex = 8 // VirtualMachineScaleSets means that the vms are in a virtual machine scaleset. VirtualMachineScaleSets = "VirtualMachineScaleSets" // ScaleSetPrioritySpot means the ScaleSet will use Spot VMs. ScaleSetPrioritySpot = "Spot" )
Availability profiles.
const ( Docker = "docker" KataContainers = "kata-containers" Containerd = "containerd" )
Supported container runtimes.
const ( // NetworkPluginAzure is the string expression for Azure CNI plugin. NetworkPluginAzure = "azure" // NetworkPluginNone is the string expression for no CNI plugin. NetworkPluginNone = "none" // VMSSVMType is the string const for the vmss VM Type. VMSSVMType = "vmss" // StandardVMType is the string const for the standard VM Type. StandardVMType = "standard" )
const ( // DefaultEnableCSIProxyWindows determines if CSI proxy should be enabled by default for Windows nodes. DefaultEnableCSIProxyWindows = false // DefaultWindowsSSHEnabled is the default windowsProfile.sshEnabled value. DefaultWindowsSSHEnabled = true // DefaultWindowsSecureTLSEnabled is the default windowsProfile.WindowsSecureTlsEnabled value. DefaultWindowsSecureTLSEnabled = false )
const ( // AzurePublicCloud is a const string reference identifier for public cloud. AzurePublicCloud = "AzurePublicCloud" // AzureChinaCloud is a const string reference identifier for china cloud. AzureChinaCloud = "AzureChinaCloud" // AzureGermanCloud is a const string reference identifier for german cloud. AzureGermanCloud = "AzureGermanCloud" // AzureUSGovernmentCloud is a const string reference identifier for us government cloud. AzureUSGovernmentCloud = "AzureUSGovernmentCloud" // AzureStackCloud is a const string reference identifier for Azure Stack cloud. AzureStackCloud = "AzureStackCloud" )
const ( // KubernetesDefaultRelease is the default Kubernetes release. KubernetesDefaultRelease string = "1.13" // KubernetesDefaultReleaseWindows is the default Kubernetes release. KubernetesDefaultReleaseWindows string = "1.14" )
const ( // IPMASQAgentAddonName is the name of the ip masq agent addon. IPMASQAgentAddonName = "ip-masq-agent" // AADPodIdentityAddonName is the name of the aad-pod-identity addon deployment. AADPodIdentityAddonName = "aad-pod-identity" )
Addon name consts.
const ( OSSKUCBLMariner = "CBLMariner" OSSKUMariner = "Mariner" OSSKUAzureLinux = "AzureLinux" )
const ( BlockOutboundInternet = "BlockOutboundInternet" CSERunInBackground = "CSERunInBackground" EnableIPv6DualStack = "EnableIPv6DualStack" EnableIPv6Only = "EnableIPv6Only" EnableWinDSR = "EnableWinDSR" )
Feature Flags.
const ( AzurePublicCloudSigTenantID string = "33e01921-4d64-4f8c-a055-5bdaffd5e33d" // AME Tenant AzurePublicCloudSigSubscription string = "109a5e88-712a-48ae-9078-9ca8b3c81345" // AKS VHD )
const ( AKSSIGImagePublisher string = "microsoft-aks" AKSWindowsGalleryName string = "AKSWindows" AKSWindowsResourceGroup string = "AKS-Windows" AKSUbuntuGalleryName string = "AKSUbuntu" AKSUbuntuResourceGroup string = "AKS-Ubuntu" AKSCBLMarinerGalleryName string = "AKSCBLMariner" AKSCBLMarinerResourceGroup string = "AKS-CBLMariner" AKSAzureLinuxGalleryName string = "AKSAzureLinux" AKSAzureLinuxResourceGroup string = "AKS-AzureLinux" AKSUbuntuEdgeZoneGalleryName string = "AKSUbuntuEdgeZone" AKSUbuntuEdgeZoneResourceGroup string = "AKS-Ubuntu-EdgeZone" )
SIG const.
const ( // DO NOT MODIFY: used for freezing linux images with docker. FrozenLinuxSIGImageVersionForDocker string = "2022.08.29" // DO NOT MODIFY: used for freezing linux images for Egress test. FrozenLinuxSIGImageVersionForEgressTest string = "2022.10.03" // CBLMarinerV1 pinned to the last image build as Mariner 1.0 is out // of support and image builds have stopped. FrozenCBLMarinerV1SIGImageVersionForDeprecation string = "202308.28.0" // This is currently for testing only, we do not build 2404 images regularly // Once 2404 is preview in AKS, we will refer to the images using regular LinuxSIGImageVersion and remove this. Ubuntu2404SIGImageVersionForTest string = "202405.20.0" // We do not use AKS Windows image versions in AgentBaker. These fake values are only used for unit tests. Windows2019SIGImageVersion string = "17763.2019.221114" Windows2022SIGImageVersion string = "20348.2022.221114" Windows23H2SIGImageVersion string = "25398.2022.221114" )
const ( OutboundTypeNone string = "none" OutboundTypeBlock string = "block" )
OutboundType describes the options for outbound internet access.
const (
// AzureADIdentitySystem is a const string reference identifier for Azure AD identity System.
AzureADIdentitySystem = "azure_ad"
)
const (
ContainerDataDirKey = "dataDir"
)
Known container runtime configuration keys.
const ( // Kubernetes is the string constant for the Kubernetes orchestrator type. Kubernetes string = "Kubernetes" )
the orchestrators supported by vlabs.
const (
// ManagedDisks means that the nodes use managed disks for their os and attached volumes.
ManagedDisks = "ManagedDisks"
)
storage profiles.
const (
/* TempDiskContainerDataDir is the path used to mount docker images, emptyDir volumes, and kubelet data
when KubeletDiskType == TempDisk. */
TempDiskContainerDataDir = "/mnt/aks/containers"
)
Variables ¶
var ( Ubuntu1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "UbuntuServer", ImageSku: "16.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } Ubuntu1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "UbuntuServer", ImageSku: "18.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } Ubuntu1804Gen2OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1804-gen2-2022-q1", ImagePublisher: "microsoft-aks", ImageVersion: "2022.02.01", } RHELOSImageConfig = AzureOSImageConfig{ ImageOffer: "RHEL", ImageSku: "7.3", ImagePublisher: "RedHat", ImageVersion: "latest", } AKSUbuntu1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1604-2021-q3", ImagePublisher: "microsoft-aks", ImageVersion: "2021.11.06", } AKSUbuntu1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks", ImageSku: "aks-ubuntu-1804-2022-q1", ImagePublisher: "microsoft-aks", ImageVersion: "2022.02.01", } AKSWindowsServer2019OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-windows", ImageSku: "aks-2019-datacenter-core-smalldisk-2107", ImagePublisher: "microsoft-aks", ImageVersion: "17763.2061.210714", } ACC1604OSImageConfig = AzureOSImageConfig{ ImageOffer: "confidential-compute-preview", ImageSku: "16.04-LTS", ImagePublisher: "Canonical", ImageVersion: "latest", } AKSUbuntuContainerd1804OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-aez", ImageSku: "aks-ubuntu-containerd-1804-2021-q2", ImagePublisher: "microsoft-aks", ImageVersion: "2021.04.27", } AKSUbuntuContainerd1804Gen2OSImageConfig = AzureOSImageConfig{ ImageOffer: "aks-aez", ImageSku: "aks-ubuntu-containerd-1804-gen2-2021-q2", ImagePublisher: "microsoft-aks", ImageVersion: "2021.05.01", } AzureCloudToOSImageMap = map[string]map[Distro]AzureOSImageConfig{ AzureChinaCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzureGermanCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: Ubuntu1604OSImageConfig, AKS1604Deprecated: Ubuntu1604OSImageConfig, AKSUbuntu1804: Ubuntu1604OSImageConfig, AKS1804Deprecated: Ubuntu1604OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzureUSGovernmentCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, AzurePublicCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSUbuntuContainerd1804: AKSUbuntuContainerd1804OSImageConfig, AKSUbuntuContainerd1804Gen2: AKSUbuntuContainerd1804Gen2OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, USNatCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, USSecCloud: { Ubuntu: Ubuntu1604OSImageConfig, Ubuntu1804: Ubuntu1804OSImageConfig, Ubuntu1804Gen2: Ubuntu1804Gen2OSImageConfig, RHEL: RHELOSImageConfig, AKSUbuntu1604: AKSUbuntu1604OSImageConfig, AKS1604Deprecated: AKSUbuntu1604OSImageConfig, AKSUbuntu1804: AKSUbuntu1804OSImageConfig, AKS1804Deprecated: AKSUbuntu1804OSImageConfig, AKSWindows2019PIR: AKSWindowsServer2019OSImageConfig, }, } )
var ( SIGUbuntu1604ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1604", Version: "2021.11.06", } SIGUbuntu1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804", Version: FrozenLinuxSIGImageVersionForDocker, } SIGUbuntu1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2", Version: FrozenLinuxSIGImageVersionForDocker, } SIGUbuntuGPU1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gpu", Version: FrozenLinuxSIGImageVersionForDocker, } SIGUbuntuGPU1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2gpu", Version: FrozenLinuxSIGImageVersionForDocker, } SIGUbuntuContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804containerd", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2containerd", Version: LinuxSIGImageVersion, } SIGUbuntuGPUContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuGPUContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2gpucontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsContainerd1804ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804fipscontainerd", Version: LinuxSIGImageVersion, } // not a typo, this image was generated on 2021.05.20 UTC and assigned this version. SIGUbuntuFipsContainerd1804Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "1804gen2fipscontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsContainerd2004ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2004fipscontainerd", Version: LinuxSIGImageVersion, } // not a typo, this image was generated on 2021.05.20 UTC and assigned this version. SIGUbuntuFipsContainerd2004Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2004gen2fipscontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuFipsContainerd2204ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204fipscontainerd", Version: "202404.09.0", } SIGUbuntuFipsContainerd2204Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2fipscontainerd", Version: "202404.09.0", } SIGUbuntuArm64Containerd2204Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2arm64containerd", Version: LinuxSIGImageVersion, } SIGUbuntuArm64Containerd2404Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2404gen2arm64containerd", Version: Ubuntu2404SIGImageVersionForTest, } SIGUbuntuContainerd2204ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204containerd", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd2204Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2containerd", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd2204TLGen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2TLcontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuContainerd2004CVMGen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2004gen2CVMcontainerd", Version: LinuxSIGImageVersion, } SIGUbuntuMinimalContainerd2204ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204minimalcontainerd", Version: "202401.12.0", } SIGUbuntuMinimalContainerd2204Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2minimalcontainerd", Version: "202401.12.0", } SIGUbuntuEgressContainerd2204Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2204gen2containerd", Version: FrozenLinuxSIGImageVersionForEgressTest, } SIGUbuntuContainerd2404ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2404containerd", Version: Ubuntu2404SIGImageVersionForTest, } SIGUbuntuContainerd2404Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSUbuntuResourceGroup, Gallery: AKSUbuntuGalleryName, Definition: "2404gen2containerd", Version: Ubuntu2404SIGImageVersionForTest, } SIGCBLMarinerV1ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V1", Version: FrozenCBLMarinerV1SIGImageVersionForDeprecation, } SIGCBLMarinerV2Gen1ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2Gen1ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2", Version: LinuxSIGImageVersion, } SIGAzureLinuxV3Gen1ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V3", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2gen2", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2gen2", Version: LinuxSIGImageVersion, } SIGAzureLinuxV3Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V3gen2", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2Gen1FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2fips", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2Gen1FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2fips", Version: LinuxSIGImageVersion, } SIGAzureLinuxV3Gen1FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V3fips", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2Gen2FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2gen2fips", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2Gen2FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2gen2fips", Version: LinuxSIGImageVersion, } SIGAzureLinuxV3Gen2FIPSImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V3gen2fips", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2KataImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2katagen2", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2KataImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2katagen2", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2Arm64ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2gen2arm64", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2Arm64ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2gen2arm64", Version: LinuxSIGImageVersion, } SIGAzureLinuxV3Arm64ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V3gen2arm64", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2TLImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2gen2TL", Version: LinuxSIGImageVersion, } SIGAzureLinuxV2TLImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSAzureLinuxResourceGroup, Gallery: AKSAzureLinuxGalleryName, Definition: "V2gen2TL", Version: LinuxSIGImageVersion, } SIGCBLMarinerV2KataGen2TLImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSCBLMarinerResourceGroup, Gallery: AKSCBLMarinerGalleryName, Definition: "V2katagen2TL", Version: CBLMarinerV2KataGen2TLSIGImageVersion, } SIGWindows2019ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2019", Version: Windows2019SIGImageVersion, } SIGWindows2019ContainerdImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2019-containerd", Version: Windows2019SIGImageVersion, } SIGWindows2022ContainerdImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2022-containerd", Version: Windows2022SIGImageVersion, } SIGWindows2022ContainerdGen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-2022-containerd-gen2", Version: Windows2022SIGImageVersion, } SIGWindows23H2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-23H2", Version: Windows23H2SIGImageVersion, } SIGWindows23H2Gen2ImageConfigTemplate = SigImageConfigTemplate{ ResourceGroup: AKSWindowsResourceGroup, Gallery: AKSWindowsGalleryName, Definition: "windows-23H2-gen2", Version: Windows23H2SIGImageVersion, } )
SIG config Template.
var AKSDistrosAvailableOnVHD = []Distro{ AKSUbuntu1604, AKSUbuntu1804, AKSUbuntu1804Gen2, AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSCBLMarinerV1, AKSCBLMarinerV2, AKSAzureLinuxV2, AKSAzureLinuxV3, AKSCBLMarinerV2Gen2, AKSAzureLinuxV2Gen2, AKSAzureLinuxV3Gen2, AKSCBLMarinerV2FIPS, AKSAzureLinuxV2FIPS, AKSAzureLinuxV3FIPS, AKSCBLMarinerV2Gen2FIPS, AKSAzureLinuxV2Gen2FIPS, AKSAzureLinuxV3Gen2FIPS, AKSCBLMarinerV2Gen2Kata, AKSAzureLinuxV2Gen2Kata, AKSCBLMarinerV2Gen2TL, AKSAzureLinuxV2Gen2TL, AKSCBLMarinerV2KataGen2TL, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsContainerd2004, AKSUbuntuFipsContainerd2004Gen2, AKSUbuntuFipsContainerd2204, AKSUbuntuFipsContainerd2204Gen2, AKSUbuntuEdgeZoneContainerd1804, AKSUbuntuEdgeZoneContainerd1804Gen2, AKSUbuntuEdgeZoneContainerd2204, AKSUbuntuEdgeZoneContainerd2204Gen2, AKSUbuntuContainerd2204, AKSUbuntuContainerd2204Gen2, AKSUbuntuContainerd2004CVMGen2, AKSUbuntuArm64Containerd2204Gen2, AKSUbuntuArm64Containerd2404Gen2, AKSCBLMarinerV2Arm64Gen2, AKSAzureLinuxV2Arm64Gen2, AKSAzureLinuxV3Arm64Gen2, AKSUbuntuContainerd2204TLGen2, AKSUbuntuMinimalContainerd2204, AKSUbuntuMinimalContainerd2204Gen2, AKSUbuntuContainerd2404, AKSUbuntuContainerd2404Gen2, }
var AllKubernetesSupportedVersions = map[string]bool{}/* 180 elements not displayed */
AllKubernetesSupportedVersions is a whitelist map of all supported Kubernetes version strings. The bool value indicates if creating new clusters with this version is allowed.
var AvailableAzureLinuxCgroupV2Distros = []Distro{ AKSAzureLinuxV2, AKSAzureLinuxV3, AKSAzureLinuxV2Gen2, AKSAzureLinuxV3Gen2, AKSAzureLinuxV2FIPS, AKSAzureLinuxV3FIPS, AKSAzureLinuxV2Gen2FIPS, AKSAzureLinuxV3Gen2FIPS, AKSAzureLinuxV2Gen2Kata, AKSAzureLinuxV2Arm64Gen2, AKSAzureLinuxV3Arm64Gen2, AKSAzureLinuxV2Gen2TL, }
var AvailableAzureLinuxDistros = []Distro{ AKSCBLMarinerV1, AKSCBLMarinerV2, AKSAzureLinuxV2, AKSAzureLinuxV3, AKSCBLMarinerV2Gen2, AKSAzureLinuxV2Gen2, AKSAzureLinuxV3Gen2, AKSCBLMarinerV2FIPS, AKSAzureLinuxV2FIPS, AKSAzureLinuxV3FIPS, AKSCBLMarinerV2Gen2FIPS, AKSAzureLinuxV2Gen2FIPS, AKSAzureLinuxV3Gen2FIPS, AKSCBLMarinerV2Gen2Kata, AKSAzureLinuxV2Gen2Kata, AKSCBLMarinerV2Arm64Gen2, AKSAzureLinuxV2Arm64Gen2, AKSAzureLinuxV3Arm64Gen2, AKSCBLMarinerV2Gen2TL, AKSAzureLinuxV2Gen2TL, AKSCBLMarinerV2KataGen2TL, }
var AvailableContainerdDistros = []Distro{ AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsContainerd2004, AKSUbuntuFipsContainerd2004Gen2, AKSUbuntuFipsContainerd2204, AKSUbuntuFipsContainerd2204Gen2, AKSUbuntuEdgeZoneContainerd1804, AKSUbuntuEdgeZoneContainerd1804Gen2, AKSCBLMarinerV1, AKSCBLMarinerV2, AKSAzureLinuxV2, AKSAzureLinuxV3, AKSCBLMarinerV2Gen2, AKSAzureLinuxV2Gen2, AKSAzureLinuxV3Gen2, AKSCBLMarinerV2FIPS, AKSAzureLinuxV2FIPS, AKSAzureLinuxV3FIPS, AKSCBLMarinerV2Gen2FIPS, AKSAzureLinuxV2Gen2FIPS, AKSAzureLinuxV3Gen2FIPS, AKSCBLMarinerV2Gen2Kata, AKSAzureLinuxV2Gen2Kata, AKSCBLMarinerV2Gen2TL, AKSAzureLinuxV2Gen2TL, AKSCBLMarinerV2KataGen2TL, AKSUbuntuArm64Containerd2204Gen2, AKSUbuntuArm64Containerd2404Gen2, AKSCBLMarinerV2Arm64Gen2, AKSAzureLinuxV2Arm64Gen2, AKSAzureLinuxV3Arm64Gen2, AKSUbuntuContainerd2204, AKSUbuntuContainerd2204Gen2, AKSUbuntuContainerd2004CVMGen2, AKSUbuntuContainerd2204TLGen2, AKSUbuntuEdgeZoneContainerd2204, AKSUbuntuEdgeZoneContainerd2204Gen2, AKSUbuntuMinimalContainerd2204, AKSUbuntuMinimalContainerd2204Gen2, AKSUbuntuContainerd2404, AKSUbuntuContainerd2404Gen2, }
var AvailableGPUDistros = []Distro{ AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, }
var AvailableGen2Distros = []Distro{ AKSUbuntu1804Gen2, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuFipsContainerd2004Gen2, AKSUbuntuFipsContainerd2204Gen2, AKSUbuntuEdgeZoneContainerd1804Gen2, AKSUbuntuArm64Containerd2204Gen2, AKSUbuntuArm64Containerd2404Gen2, AKSUbuntuContainerd2204Gen2, AKSUbuntuContainerd2004CVMGen2, AKSUbuntuContainerd2204TLGen2, AKSUbuntuEdgeZoneContainerd2204Gen2, AKSUbuntuMinimalContainerd2204Gen2, AKSUbuntuContainerd2404Gen2, AKSCBLMarinerV2Gen2, AKSAzureLinuxV2Gen2, AKSAzureLinuxV3Gen2, AKSCBLMarinerV2Gen2FIPS, AKSAzureLinuxV2Gen2FIPS, AKSAzureLinuxV3Gen2FIPS, AKSCBLMarinerV2Gen2Kata, AKSAzureLinuxV2Gen2Kata, AKSCBLMarinerV2Gen2TL, AKSAzureLinuxV2Gen2TL, AKSCBLMarinerV2KataGen2TL, AKSCBLMarinerV2Arm64Gen2, AKSAzureLinuxV2Arm64Gen2, AKSAzureLinuxV3Arm64Gen2, }
var AvailableUbuntu1804Distros = []Distro{ AKSUbuntu1804, AKSUbuntu1804Gen2, AKSUbuntuGPU1804, AKSUbuntuGPU1804Gen2, AKSUbuntuContainerd1804, AKSUbuntuContainerd1804Gen2, AKSUbuntuGPUContainerd1804, AKSUbuntuGPUContainerd1804Gen2, AKSUbuntuFipsContainerd1804, AKSUbuntuFipsContainerd1804Gen2, AKSUbuntuEdgeZoneContainerd1804, AKSUbuntuEdgeZoneContainerd1804Gen2, }
AvailableUbuntu1804Distros : TODO(amaheshwari): these vars are not consumed by Agentbaker but by RP. do a cleanup to remove these after 20.04 work.
var AvailableUbuntu2004Distros = []Distro{ AKSUbuntuContainerd2004CVMGen2, AKSUbuntuFipsContainerd2004, AKSUbuntuFipsContainerd2004Gen2, }
var AvailableUbuntu2204Distros = []Distro{ AKSUbuntuContainerd2204, AKSUbuntuContainerd2204Gen2, AKSUbuntuArm64Containerd2204Gen2, AKSUbuntuContainerd2204TLGen2, AKSUbuntuEdgeZoneContainerd2204, AKSUbuntuEdgeZoneContainerd2204Gen2, AKSUbuntuMinimalContainerd2204, AKSUbuntuMinimalContainerd2204Gen2, AKSUbuntuFipsContainerd2204, AKSUbuntuFipsContainerd2204Gen2, }
var AvailableUbuntu2404Distros = []Distro{ AKSUbuntuContainerd2404, AKSUbuntuContainerd2404Gen2, AKSUbuntuArm64Containerd2404Gen2, }
var AvailableWindowsPIRDistros = []Distro{ AKSWindows2019PIR, }
var AvailableWindowsSIGDistros = []Distro{ AKSWindows2019, AKSWindows2019Containerd, AKSWindows2022Containerd, AKSWindows2022ContainerdGen2, AKSWindows23H2, AKSWindows23H2Gen2, CustomizedWindowsOSImage, }
var ( AzurePublicCloudSpecForTest = &AzureEnvironmentSpecConfig{ CloudName: "AzurePublicCloud", DockerSpecConfig: DockerSpecConfig{ DockerEngineRepo: "https://aptdocker.azureedge.net/repo", DockerComposeDownloadURL: "https://github.com/docker/compose/releases/download", }, KubernetesSpecConfig: KubernetesSpecConfig{ KubernetesImageBase: "k8s.gcr.io/", TillerImageBase: "gcr.io/kubernetes-helm/", ACIConnectorImageBase: "microsoft/", NVIDIAImageBase: "nvidia/", CalicoImageBase: "calico/", AzureCNIImageBase: "mcr.microsoft.com/containernetworking/", MCRKubernetesImageBase: "mcr.microsoft.com/", KubeBinariesSASURLBase: "https://acs-mirror.azureedge.net/kubernetes/", WindowsTelemetryGUID: "fb801154-36b9-41bc-89c2-f4d4f05472b0", CNIPluginsDownloadURL: "https://acs-mirror.azureedge.net/cni/cni-plugins-amd64-v0.7.6.tgz", VnetCNILinuxPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.1.3/binaries/azure-vnet-cni-linux-amd64-v1.1.3.tgz", VnetCNIWindowsPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.1.3/binaries/azure-vnet-cni-singletenancy-windows-amd64-v1.1.3.zip", ContainerdDownloadURLBase: "https://storage.googleapis.com/cri-containerd-release/", CSIProxyDownloadURL: "https://acs-mirror.azureedge.net/csi-proxy/v0.1.0/binaries/csi-proxy.tar.gz", WindowsProvisioningScriptsPackageURL: "https://acs-mirror.azureedge.net/aks-engine/windows/provisioning/signedscripts-v0.2.2.zip", WindowsPauseImageURL: "mcr.microsoft.com/oss/kubernetes/pause:1.4.0", AlwaysPullWindowsPauseImage: false, CseScriptsPackageURL: "https://acs-mirror.azureedge.net/aks/windows/cse/csescripts-v0.0.1.zip", CNIARM64PluginsDownloadURL: "https://acs-mirror.azureedge.net/cni-plugins/v0.8.7/binaries/cni-plugins-linux-arm64-v0.8.7.tgz", VnetCNIARM64LinuxPluginsDownloadURL: "https://acs-mirror.azureedge.net/azure-cni/v1.4.13/binaries/azure-vnet-cni-linux-arm64-v1.4.14.tgz", }, EndpointConfig: AzureEndpointConfig{ ResourceManagerVMDNSSuffix: "cloudapp.azure.com", }, } )
var CBLMarinerV2KataGen2TLSIGImageVersion = getSIGVersionFromEmbeddedString(marinerV2KataGen2TLJSONContentsEmbedded)
var LinuxSIGImageVersion = getSIGVersionFromEmbeddedString(linuxVersionJSONContentsEmbedded)
Functions ¶
func FormatProdFQDNByLocation ¶
func FormatProdFQDNByLocation(fqdnPrefix string, location string, cloudSpecConfig *AzureEnvironmentSpecConfig) string
FormatProdFQDNByLocation constructs an Azure prod fqdn with custom cloud profile.
CustomCloudName is name of environment if customCloudProfile is provided, it will be empty string if
customCloudProfile is empty. Because customCloudProfile is empty for deployment for AzurePublicCloud, AzureChinaCloud,AzureGermanCloud,AzureUSGovernmentCloud, The customCloudName value will be empty string for those clouds.
func GetAllSupportedKubernetesVersions ¶
GetAllSupportedKubernetesVersions returns a slice of all supported Kubernetes versions.
func GetCloudTargetEnv ¶
func GetCommandLineOmittedKubeletConfigFlags ¶ added in v0.22222.0
CommandLineOmittedKubeletConfigFlags are the flags set by RP that should NOT be included within the set of command line flags when configuring kubelet.
func GetDefaultKubernetesVersion ¶
GetDefaultKubernetesVersion returns the default Kubernetes version, that is the latest patch of the default release.
func GetLatestPatchVersion ¶
GetLatestPatchVersion gets the most recent patch version from a list of semver versions given a major.minor string.
func GetMaxVersion ¶
GetMaxVersion gets the highest semver version. preRelease=true means accept a pre-release version as a max value.
func GetMinVersion ¶
GetMinVersion gets the lowest semver version. preRelease=true means accept a pre-release version as a min value.
func GetOrderedEscapedKeyValsString ¶
GetOrderedEscapedKeyValsString returns an ordered string of escaped, quoted key=val.
func GetStorageAccountType ¶
GetStorageAccountType returns the support managed disk storage tier for a give VM size.
func GetSupportedKubernetesVersion ¶
GetSupportedKubernetesVersion verifies that a passed-in version string is supported, or returns a default version string if not.
func GetSupportedVersions ¶
GetSupportedVersions get supported version list for a certain orchestrator.
func GetValidPatchVersion ¶
GetValidPatchVersion gets the current valid patch version for the minor version of the passed in version.
func GetVersionsBetween ¶
func GetVersionsBetween(versions []string, versionMin, versionMax string, inclusive, preReleases bool) []string
GetVersionsBetween returns a list of versions between a min and max inclusive=true means that we test for equality on both bounds preReleases=true means that we include pre-release versions in the list.
func GetVersionsGt ¶
GetVersionsGt returns a list of versions greater than a semver string given a list of versions inclusive=true means that we test for equality as well preReleases=true means that we include pre-release versions in the list.
func GetVersionsLt ¶
GetVersionsLt returns a list of versions less than than a semver string given a list of versions inclusive=true means that we test for equality as well preReleases=true means that we include pre-release versions in the list.
func IndentString ¶
IndentString pads each line of an original string with N spaces and returns the new value.
func IsKubernetesVersionGe ¶
IsKubernetesVersionGe returns true if actualVersion is greater than or equal to version.
func IsSgxEnabledSKU ¶
IsSgxEnabledSKU determines if an VM SKU has SGX driver support.
func IsSupportedKubernetesVersion ¶
IsSupportedKubernetesVersion return true if the provided Kubernetes version is supported.
func IsValidMinVersion ¶
func RationalizeReleaseAndVersion ¶
func RationalizeReleaseAndVersion(orchType, orchRel, orchVer string, isUpdate, hasWindows bool) string
RationalizeReleaseAndVersion return a version when it can be rationalized from the input, otherwise "".
func SliceIntIsNonEmpty ¶
SliceIntIsNonEmpty is a simple convenience to determine if a []int is non-empty.
func ValidateDNSPrefix ¶
ValidateDNSPrefix is a helper function to check that a DNS Prefix is valid.
func WrapAsVerbatim ¶
WrapAsVerbatim formats a string for inserting a literal string into an ARM expression.
Types ¶
type AADProfile ¶
type AADProfile struct { // The client AAD application ID. ClientAppID string `json:"clientAppID,omitempty"` // The server AAD application ID. ServerAppID string `json:"serverAppID,omitempty"` // The server AAD application secret. ServerAppSecret string `json:"serverAppSecret,omitempty" conform:"redact"` // The AAD tenant ID to use for authentication. // If not specified, will use the tenant of the deployment subscription. // Optional. TenantID string `json:"tenantID,omitempty"` // The Azure Active Directory Group Object ID that will be assigned the cluster-admin RBAC role. // Optional. AdminGroupID string `json:"adminGroupID,omitempty"` // The authenticator to use, either "oidc" or "webhook". Authenticator AuthenticatorType `json:"authenticator"` }
AADProfile specifies attributes for AAD integration.
type AKSKubeletConfiguration ¶
type AKSKubeletConfiguration struct { // Kind is a string value representing the REST resource this object represents. // Servers may infer this from the endpoint the client submits requests to. // Cannot be updated. // In CamelCase. // More info: // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds. // +optional. Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` /* APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional. */ APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=apiVersion"` /* staticPodPath is the path to the directory containing local (static) pods to run, or the path to a single static pod file. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that the set of static pods specified at the new path may be different than the ones the Kubelet initially started with, and this may disrupt your node. Default: "" +optional. */ StaticPodPath string `json:"staticPodPath,omitempty"` /* address is the IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces). Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Default: "0.0.0.0" +optional. */ Address string `json:"address,omitempty"` /* readOnlyPort is the read-only port for the Kubelet to serve on with no authentication/authorization. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Default: 0 (disabled) +optional. */ ReadOnlyPort int32 `json:"readOnlyPort,omitempty"` /* tlsCertFile is the file containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If tlsCertFile and tlsPrivateKeyFile are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to the Kubelet's --cert-dir flag. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Default: "" +optional. */ TLSCertFile string `json:"tlsCertFile,omitempty"` /* tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Default: "" +optional. */ TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty"` /* TLSCipherSuites is the list of allowed cipher suites for the server. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Default: nil +optional. */ TLSCipherSuites []string `json:"tlsCipherSuites,omitempty"` /* rotateCertificates enables client certificate rotation. The Kubelet will request a new certificate from the certificates.k8s.io API. This requires an approver to approve the certificate signing requests. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that disabling it may disrupt the Kubelet's ability to authenticate with the API server after the current certificate expires. Default: false +optional. */ RotateCertificates bool `json:"rotateCertificates,omitempty"` // serverTLSBootstrap enables server certificate bootstrap. Instead of self // signing a serving certificate, the Kubelet will request a certificate from // the 'certificates.k8s.io' API. This requires an approver to approve the // certificate signing requests (CSR). The RotateKubeletServerCertificate feature // must be enabled when setting this field. // Default: false // +optional ServerTLSBootstrap bool `json:"serverTLSBootstrap,omitempty"` /* authentication specifies how requests to the Kubelet's server are authenticated Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Defaults: anonymous: enabled: false webhook: enabled: true cacheTTL: "2m" +optional. */ Authentication KubeletAuthentication `json:"authentication"` /* authorization specifies how requests to the Kubelet's server are authorized Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may disrupt components that interact with the Kubelet server. Defaults: mode: Webhook webhook: cacheAuthorizedTTL: "5m" cacheUnauthorizedTTL: "30s" +optional. */ Authorization KubeletAuthorization `json:"authorization"` /* eventRecordQPS is the maximum event creations per second. If 0, there is no limit enforced. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may impact scalability by changing the amount of traffic produced by event creations. Default: 5 +optional. */ EventRecordQPS *int32 `json:"eventRecordQPS,omitempty"` /* clusterDomain is the DNS domain for this cluster. If set, kubelet will configure all containers to search this domain in addition to the host's search domains. Dynamic Kubelet Config (beta): Dynamically updating this field is not recommended, as it should be kept in sync with the rest of the cluster. Default: "" +optional. */ ClusterDomain string `json:"clusterDomain,omitempty"` /* clusterDNS is a list of IP addresses for the cluster DNS server. If set, kubelet will configure all containers to use this for DNS resolution instead of the host's DNS servers. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that changes will only take effect on Pods created after the update. Draining the node is recommended before changing this field. Default: nil +optional. */ ClusterDNS []string `json:"clusterDNS,omitempty"` /* streamingConnectionIdleTimeout is the maximum time a streaming connection can be idle before the connection is automatically closed. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may impact components that rely on infrequent updates over streaming connections to the Kubelet server. Default: "4h" +optional. */ StreamingConnectionIdleTimeout Duration `json:"streamingConnectionIdleTimeout,omitempty"` /* nodeStatusUpdateFrequency is the frequency that kubelet computes node status. If node lease feature is not enabled, it is also the frequency that kubelet posts node status to master. Note: When node lease feature is not enabled, be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may impact node scalability, and also that the node controller's nodeMonitorGracePeriod must be set to N*NodeStatusUpdateFrequency, where N is the number of retries before the node controller marks the node unhealthy. Default: "10s" +optional. */ NodeStatusUpdateFrequency Duration `json:"nodeStatusUpdateFrequency,omitempty"` /* nodeStatusReportFrequency is the frequency that kubelet posts node status to master if node status does not change. Kubelet will ignore this frequency and post node status immediately if any change is detected. It is only used when node lease feature is enabled. nodeStatusReportFrequency's default value is 5m. But if nodeStatusUpdateFrequency is set explicitly, nodeStatusReportFrequency's default value will be set to nodeStatusUpdateFrequency for backward compatibility. Default: "5m" +optional. */ NodeStatusReportFrequency Duration `json:"nodeStatusReportFrequency,omitempty"` /* imageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. The percent is calculated as this field value out of 100. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may trigger or delay garbage collection, and may change the image overhead on the node. Default: 85 +optional. */ ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty"` /* imageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. The percent is calculated as this field value out of 100. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may trigger or delay garbage collection, and may change the image overhead on the node. Default: 80 +optional. */ ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty"` /* Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes And all Burstable and BestEffort pods are brought up under their specific top level QoS cgroup. Dynamic Kubelet Config (beta): This field should not be updated without a full node reboot. It is safest to keep this value the same as the local config. Default: true +optional. */ CgroupsPerQOS *bool `json:"cgroupsPerQOS,omitempty"` /* CPUManagerPolicy is the name of the policy to use. Requires the CPUManager feature gate to be enabled. Dynamic Kubelet Config (beta): This field should not be updated without a full node reboot. It is safest to keep this value the same as the local config. Default: "none" +optional. */ CPUManagerPolicy string `json:"cpuManagerPolicy,omitempty"` /* TopologyManagerPolicy is the name of the policy to use. Policies other than "none" require the TopologyManager feature gate to be enabled. Dynamic Kubelet Config (beta): This field should not be updated without a full node reboot. It is safest to keep this value the same as the local config. Default: "none" +optional. */ TopologyManagerPolicy string `json:"topologyManagerPolicy,omitempty"` /* maxPods is the number of pods that can run on this Kubelet. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that changes may cause Pods to fail admission on Kubelet restart, and may change the value reported in Node.Status.Capacity[v1.ResourcePods], thus affecting future scheduling decisions. Increasing this value may also decrease performance, as more Pods can be packed into a single node. Default: 110 +optional. */ MaxPods int32 `json:"maxPods,omitempty"` /* PodPidsLimit is the maximum number of pids in any pod. Requires the SupportPodPidsLimit feature gate to be enabled. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that lowering it may prevent container processes from forking after the change. Default: -1 +optional. */ PodPidsLimit *int64 `json:"podPidsLimit,omitempty"` /* ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that changes will only take effect on Pods created after the update. Draining the node is recommended before changing this field. Default: "/etc/resolv.conf" +optional. */ ResolverConfig string `json:"resolvConf,omitempty"` /* cpuCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that disabling it may reduce node stability. Default: true +optional. */ CPUCFSQuota *bool `json:"cpuCFSQuota,omitempty"` /* CPUCFSQuotaPeriod is the CPU CFS quota period value, cpu.cfs_period_us. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that limits set for containers will result in different cpu.cfs_quota settings. This will trigger container restarts on the node being reconfigured. Default: "100ms" +optional. */ CPUCFSQuotaPeriod Duration `json:"cpuCFSQuotaPeriod,omitempty"` /* Map of signal names to quantities that defines hard eviction thresholds. For example: {"memory.available": "300Mi"}. To explicitly disable, pass a 0% or 100% threshold on an arbitrary resource. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may trigger or delay Pod evictions. Default: memory.available: "100Mi" nodefs.available: "10%" nodefs.inodesFree: "5%" imagefs.available: "15%" +optional. */ EvictionHard map[string]string `json:"evictionHard,omitempty"` /* protectKernelDefaults, if true, causes the Kubelet to error if kernel flags are not as it expects. Otherwise the Kubelet will attempt to modify kernel flags to match its expectation. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that enabling it may cause the Kubelet to crash-loop if the Kernel is not configured as Kubelet expects. Default: false +optional. */ ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"` /* featureGates is a map of feature names to bools that enable or disable alpha/experimental features. This field modifies piecemeal the built-in default values from "k8s.io/kubernetes/pkg/features/kube_features.go". Dynamic Kubelet Config (beta): If dynamically updating this field, consider the documentation for the features you are enabling or disabling. While we encourage feature developers to make it possible to dynamically enable and disable features, some changes may require node reboots, and some features may require careful coordination to retroactively disable. Default: nil +optional. */ FeatureGates map[string]bool `json:"featureGates,omitempty"` /* failSwapOn tells the Kubelet to fail to start if swap is enabled on the node. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that setting it to true will cause the Kubelet to crash-loop if swap is enabled. Default: true +optional. */ FailSwapOn *bool `json:"failSwapOn,omitempty"` /* A quantity defines the maximum size of the container log file before it is rotated. For example: "5Mi" or "256Ki". Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may trigger log rotation. Default: "10Mi" +optional. */ ContainerLogMaxSize string `json:"containerLogMaxSize,omitempty"` /* Maximum number of container log files that can be present for a container. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that lowering it may cause log files to be deleted. Default: 5 +optional. */ ContainerLogMaxFiles *int32 `json:"containerLogMaxFiles,omitempty"` /* systemReserved is a set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may not be possible to increase the reserved resources, because this requires resizing cgroups. Always look for a NodeAllocatableEnforced event after updating this field to ensure that the update was successful. Default: nil +optional. */ SystemReserved map[string]string `json:"systemReserved,omitempty"` /* A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local storage for root file system are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that it may not be possible to increase the reserved resources, because this requires resizing cgroups. Always look for a NodeAllocatableEnforced event after updating this field to ensure that the update was successful. Default: nil +optional. */ KubeReserved map[string]string `json:"kubeReserved,omitempty"` /* This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform. This flag accepts a list of options. Acceptable options are `none`, `pods`, `system-reserved` & `kube-reserved`. If `none` is specified, no other options may be specified. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. Dynamic Kubelet Config (beta): If dynamically updating this field, consider that removing enforcements may reduce the stability of the node. Alternatively, adding enforcements may reduce the stability of components which were using more than the reserved amount of resources; for example, enforcing kube-reserved may cause Kubelets to OOM if it uses more than the reserved resources, and enforcing system-reserved may cause system daemons to OOM if they use more than the reserved resources. Default: ["pods"] +optional. */ EnforceNodeAllocatable []string `json:"enforceNodeAllocatable,omitempty"` /* A comma separated whitelist of unsafe sysctls or sysctl patterns (ending in *). Unsafe sysctl groups are kernel.shm*, kernel.msg*, kernel.sem, fs.mqueue.*, and net.*. These sysctls are namespaced but not allowed by default. For example: "kernel.msg*,net.ipv4.route.min_pmtu" Default: [] +optional. */ AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty"` // serializeImagePulls when enabled, tells the Kubelet to pull images one // at a time. We recommend *not* changing the default value on nodes that // run docker daemon with version < 1.9 or an Aufs storage backend. // Issue #10959 has more details. // Default: true // +optional SerializeImagePulls *bool `json:"serializeImagePulls,omitempty"` // SeccompDefault enables the use of `RuntimeDefault` as the default seccomp profile for all workloads. // Default: false // +optional SeccompDefault *bool `json:"seccompDefault,omitempty"` }
AKSKubeletConfiguration contains the configuration for the Kubelet that AKS set.
this is a subset of KubeletConfiguration defined in
https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/kubelet/config/v1beta1/types.go changed metav1.Duration to Duration and pointers to values to simplify translation.
type AddonNodePoolsConfig ¶
type AddonNodePoolsConfig struct { Name string `json:"name,omitempty"` Config map[string]string `json:"config,omitempty"` }
AddonNodePoolsConfig defines configuration for pool-specific cluster-autoscaler configuration.
type AddonProfile ¶
type AddonProfile struct { Enabled bool `json:"enabled"` Config map[string]string `json:"config"` // Identity contains information of the identity associated with this addon. // This property will only appear in an MSI-enabled cluster. Identity *UserAssignedIdentity `json:"identity,omitempty"` }
AddonProfile represents an addon for managed cluster.
type AgentPoolProfile ¶
type AgentPoolProfile struct { Name string `json:"name"` VMSize string `json:"vmSize"` KubeletDiskType KubeletDiskType `json:"kubeletDiskType,omitempty"` WorkloadRuntime WorkloadRuntime `json:"workloadRuntime,omitempty"` DNSPrefix string `json:"dnsPrefix,omitempty"` OSType OSType `json:"osType,omitempty"` Ports []int `json:"ports,omitempty"` AvailabilityProfile string `json:"availabilityProfile"` StorageProfile string `json:"storageProfile,omitempty"` VnetSubnetID string `json:"vnetSubnetID,omitempty"` Distro Distro `json:"distro,omitempty"` CustomNodeLabels map[string]string `json:"customNodeLabels,omitempty"` PreprovisionExtension *Extension `json:"preProvisionExtension"` KubernetesConfig *KubernetesConfig `json:"kubernetesConfig,omitempty"` VnetCidrs []string `json:"vnetCidrs,omitempty"` WindowsNameVersion string `json:"windowsNameVersion,omitempty"` CustomKubeletConfig *CustomKubeletConfig `json:"customKubeletConfig,omitempty"` CustomLinuxOSConfig *CustomLinuxOSConfig `json:"customLinuxOSConfig,omitempty"` MessageOfTheDay string `json:"messageOfTheDay,omitempty"` /* This is a new property and all old agent pools do no have this field. We need to keep the default behavior to reboot Windows node when it is nil. */ NotRebootWindowsNode *bool `json:"notRebootWindowsNode,omitempty"` AgentPoolWindowsProfile *AgentPoolWindowsProfile `json:"agentPoolWindowsProfile,omitempty"` }
AgentPoolProfile represents an agent pool definition.
func (*AgentPoolProfile) GetAgentPoolWindowsProfile ¶ added in v0.22222.0
func (a *AgentPoolProfile) GetAgentPoolWindowsProfile() *AgentPoolWindowsProfile
func (*AgentPoolProfile) GetCustomLinuxOSConfig ¶ added in v0.22222.0
func (a *AgentPoolProfile) GetCustomLinuxOSConfig() *CustomLinuxOSConfig
func (*AgentPoolProfile) GetKubernetesLabels ¶
func (a *AgentPoolProfile) GetKubernetesLabels() string
GetKubernetesLabels returns a k8s API-compliant labels string for nodes in this profile.
func (*AgentPoolProfile) Is2204VHDDistro ¶ added in v0.22222.0
func (a *AgentPoolProfile) Is2204VHDDistro() bool
Is2204VHDDistro returns true if the distro uses 2204 VHD.
func (*AgentPoolProfile) Is2404VHDDistro ¶ added in v0.22222.0
func (a *AgentPoolProfile) Is2404VHDDistro() bool
Is2404VHDDistro returns true if the distro uses 2404 VHD.
func (*AgentPoolProfile) IsAvailabilitySets ¶
func (a *AgentPoolProfile) IsAvailabilitySets() bool
IsAvailabilitySets returns true if the customer specified disks.
func (*AgentPoolProfile) IsAzureLinuxCgroupV2VHDDistro ¶ added in v0.22222.0
func (a *AgentPoolProfile) IsAzureLinuxCgroupV2VHDDistro() bool
IsAzureLinuxCgroupV2VHDDistro returns true if the distro uses Azure Linux CgrpupV2 VHD.
func (*AgentPoolProfile) IsCustomVNET ¶
func (a *AgentPoolProfile) IsCustomVNET() bool
IsCustomVNET returns true if the customer brought their own VNET.
func (*AgentPoolProfile) IsDisableWindowsOutboundNat ¶ added in v0.22222.0
func (a *AgentPoolProfile) IsDisableWindowsOutboundNat() bool
IsDisableWindowsOutboundNat returns true if the Windows agent pool disable OutboundNAT.
func (*AgentPoolProfile) IsSkipCleanupNetwork ¶ added in v0.22222.0
func (a *AgentPoolProfile) IsSkipCleanupNetwork() bool
IsSkipCleanupNetwork returns true if AKS-RP sets the field NotRebootWindowsNode to true.
func (*AgentPoolProfile) IsVHDDistro ¶
func (a *AgentPoolProfile) IsVHDDistro() bool
IsVHDDistro returns true if the distro uses VHD SKUs.
func (*AgentPoolProfile) IsVirtualMachineScaleSets ¶
func (a *AgentPoolProfile) IsVirtualMachineScaleSets() bool
IsVirtualMachineScaleSets returns true if the agent pool availability profile is VMSS.
func (*AgentPoolProfile) IsWindows ¶
func (a *AgentPoolProfile) IsWindows() bool
IsWindows returns true if the agent pool is windows.
type AgentPoolWindowsProfile ¶ added in v0.22222.0
type AgentPoolWindowsProfile struct { DisableOutboundNat *bool `json:"disableOutboundNat,omitempty"` // Windows next-gen networking uses Windows eBPF for the networking dataplane. NextGenNetworkingURL *string `json:"nextGenNetworkingURL,omitempty"` }
func (*AgentPoolWindowsProfile) GetNextGenNetworkingURL ¶ added in v0.22222.0
func (a *AgentPoolWindowsProfile) GetNextGenNetworkingURL() string
func (*AgentPoolWindowsProfile) IsNextGenNetworkingEnabled ¶ added in v0.22222.0
func (a *AgentPoolWindowsProfile) IsNextGenNetworkingEnabled() bool
type AuthenticatorType ¶
type AuthenticatorType string
AuthenticatorType represents the authenticator type the cluster was. set up with.
const ( // OIDC represent cluster setup in OIDC auth mode. OIDC AuthenticatorType = "oidc" // Webhook represent cluster setup in wehhook auth mode. Webhook AuthenticatorType = "webhook" )
type AzureEndpointConfig ¶
type AzureEndpointConfig struct {
ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix,omitempty"`
}
AzureEndpointConfig describes an Azure endpoint.
type AzureEnvironmentSpecConfig ¶
type AzureEnvironmentSpecConfig struct { CloudName string `json:"cloudName,omitempty"` DockerSpecConfig DockerSpecConfig `json:"dockerSpecConfig,omitempty"` KubernetesSpecConfig KubernetesSpecConfig `json:"kubernetesSpecConfig,omitempty"` EndpointConfig AzureEndpointConfig `json:"endpointConfig,omitempty"` OSImageConfig map[Distro]AzureOSImageConfig `json:"osImageConfig,omitempty"` }
AzureEnvironmentSpecConfig is the overall configuration differences in different cloud environments.
type AzureOSImageConfig ¶
type AzureOSImageConfig struct { ImageOffer string `json:"imageOffer,omitempty"` ImageSku string `json:"imageSku,omitempty"` ImagePublisher string `json:"imagePublisher,omitempty"` ImageVersion string `json:"imageVersion,omitempty"` }
AzureOSImageConfig describes an Azure OS image.
type CSEStatus ¶
type CSEStatus struct { // ExitCode stores the exitCode from CSE output. ExitCode string `json:"exitCode,omitempty"` // Output stores the output from CSE output. Output string `json:"output,omitempty"` // Error stores the error from CSE output. Error string `json:"error,omitempty"` // ExecDuration stores the execDuration in seconds from CSE output. ExecDuration string `json:"execDuration,omitempty"` // KernelStartTime of current boot, output from systemctl show -p KernelTimestamp. KernelStartTime string `json:"kernelStartTime,omitempty"` // SystemdSummary of current boot, output from systemd-analyze. SystemdSummary string `json:"systemdSummary,omitempty"` // CSEStartTime indicate starttime of CSE. CSEStartTime string `json:"cseStartTime,omitempty"` /* GuestAgentStartTime indicate starttime of GuestAgent, output from systemctl show walinuxagent.service -p ExecMainStartTimestamp */ GuestAgentStartTime string `json:"guestAgentStartTime,omitempty"` // BootDatapoints contains datapoints (key-value pair) from VM boot process. BootDatapoints map[string]string `json:"bootDatapoints,omitempty"` }
type CSEStatusParsingError ¶
type CSEStatusParsingError struct { Code CSEStatusParsingErrorCode Message string }
func NewError ¶
func NewError(code CSEStatusParsingErrorCode, message string) *CSEStatusParsingError
func (*CSEStatusParsingError) Error ¶
func (err *CSEStatusParsingError) Error() string
type CSEStatusParsingErrorCode ¶
type CSEStatusParsingErrorCode string
const ( // CSEMessageUnmarshalError is the error code for unmarshal cse message. CSEMessageUnmarshalError CSEStatusParsingErrorCode = "CSEMessageUnmarshalError" // CSEMessageExitCodeEmptyError is the error code for empty cse message exit code. CSEMessageExitCodeEmptyError CSEStatusParsingErrorCode = "CSEMessageExitCodeEmptyError" // InvalidCSEMessage is the error code for cse invalid message. InvalidCSEMessage CSEStatusParsingErrorCode = "InvalidCSEMessage" )
type CertificateProfile ¶
type CertificateProfile struct { // CaCertificate is the certificate authority certificate. CaCertificate string `json:"caCertificate,omitempty" conform:"redact"` // ApiServerCertificate is the rest api server certificate, and signed by the CA. APIServerCertificate string `json:"apiServerCertificate,omitempty" conform:"redact"` // ClientCertificate is the certificate used by the client kubelet services and signed by the CA. ClientCertificate string `json:"clientCertificate,omitempty" conform:"redact"` // ClientPrivateKey is the private key used by the client kubelet services and signed by the CA. ClientPrivateKey string `json:"clientPrivateKey,omitempty" conform:"redact"` // KubeConfigCertificate is the client certificate used for kubectl cli and signed by the CA. KubeConfigCertificate string `json:"kubeConfigCertificate,omitempty" conform:"redact"` // KubeConfigPrivateKey is the client private key used for kubectl cli and signed by the CA. KubeConfigPrivateKey string `json:"kubeConfigPrivateKey,omitempty" conform:"redact"` }
CertificateProfile represents the definition of the master cluster.
type ComponentConfiguration ¶ added in v0.22222.0
type ContainerService ¶
type ContainerService struct { ID string `json:"id"` Location string `json:"location"` Name string `json:"name"` Plan *ResourcePurchasePlan `json:"plan,omitempty"` Tags map[string]string `json:"tags"` Type string `json:"type"` Properties *Properties `json:"properties,omitempty"` }
ContainerService complies with the ARM model of resource definition in a JSON template.
func (*ContainerService) IsAKSCustomCloud ¶
func (cs *ContainerService) IsAKSCustomCloud() bool
IsAKSCustomCloud checks if it's in AKS custom cloud.
type ContainerdWindowsRuntimes ¶
type ContainerdWindowsRuntimes struct { DefaultSandboxIsolation string `json:"defaultSandboxIsolation,omitempty"` RuntimeHandlers []RuntimeHandlers `json:"runtimesHandlers,omitempty"` }
ContainerdWindowsRuntimes configures containerd runtimes that are available on the windows nodes.
type CustomCATrustConfig ¶ added in v0.22222.0
type CustomCATrustConfig struct {
CustomCATrustCerts []string `json:"customCATrustCerts,omitempty"`
}
type CustomCloudEnv ¶
type CustomCloudEnv struct { // TODO(ace): why is Name uppercase? // in Linux, this was historically specified as "name" when serialized. // However Windows relies on the json tag as "Name". // TODO(ace): can we align on one casing? SnakeCaseName string `json:"name,omitempty"` Name string `json:"Name,omitempty"` McrURL string `json:"mcrURL,omitempty"` RepoDepotEndpoint string `json:"repoDepotEndpoint,omitempty"` ManagementPortalURL string `json:"managementPortalURL,omitempty"` PublishSettingsURL string `json:"publishSettingsURL,omitempty"` ServiceManagementEndpoint string `json:"serviceManagementEndpoint,omitempty"` ResourceManagerEndpoint string `json:"resourceManagerEndpoint,omitempty"` ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint,omitempty"` GalleryEndpoint string `json:"galleryEndpoint,omitempty"` KeyVaultEndpoint string `json:"keyVaultEndpoint,omitempty"` GraphEndpoint string `json:"graphEndpoint,omitempty"` ServiceBusEndpoint string `json:"serviceBusEndpoint,omitempty"` BatchManagementEndpoint string `json:"batchManagementEndpoint,omitempty"` StorageEndpointSuffix string `json:"storageEndpointSuffix,omitempty"` SQLDatabaseDNSSuffix string `json:"sqlDatabaseDNSSuffix,omitempty"` TrafficManagerDNSSuffix string `json:"trafficManagerDNSSuffix,omitempty"` KeyVaultDNSSuffix string `json:"keyVaultDNSSuffix,omitempty"` ServiceBusEndpointSuffix string `json:"serviceBusEndpointSuffix,omitempty"` ServiceManagementVMDNSSuffix string `json:"serviceManagementVMDNSSuffix,omitempty"` ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix,omitempty"` ContainerRegistryDNSSuffix string `json:"containerRegistryDNSSuffix,omitempty"` CosmosDBDNSSuffix string `json:"cosmosDBDNSSuffix,omitempty"` TokenAudience string `json:"tokenAudience,omitempty"` ResourceIdentifiers ResourceIdentifiers `json:"resourceIdentifiers,omitempty"` }
CustomCloudEnv represents the custom cloud env info of the AKS cluster.
type CustomConfiguration ¶ added in v0.22222.0
type CustomConfiguration struct { KubernetesConfigurations map[string]*ComponentConfiguration WindowsKubernetesConfigurations map[string]*ComponentConfiguration }
type CustomConfigurationComponent ¶ added in v0.22222.0
type CustomConfigurationComponent string
const ( ComponentkubeProxy CustomConfigurationComponent = "kube-proxy" Componentkubelet CustomConfigurationComponent = "kubelet" )
type CustomFile ¶
type CustomFile struct { Source string `json:"source,omitempty"` Dest string `json:"dest,omitempty"` }
CustomFile has source as the full absolute source path to a file and dest is the full absolute desired destination path to put the file on a master node.
type CustomKubeletConfig ¶
type CustomKubeletConfig struct { CPUManagerPolicy string `json:"cpuManagerPolicy,omitempty"` CPUCfsQuota *bool `json:"cpuCfsQuota,omitempty"` CPUCfsQuotaPeriod string `json:"cpuCfsQuotaPeriod,omitempty"` ImageGcHighThreshold *int32 `json:"imageGcHighThreshold,omitempty"` ImageGcLowThreshold *int32 `json:"imageGcLowThreshold,omitempty"` TopologyManagerPolicy string `json:"topologyManagerPolicy,omitempty"` AllowedUnsafeSysctls *[]string `json:"allowedUnsafeSysctls,omitempty"` FailSwapOn *bool `json:"failSwapOn,omitempty"` ContainerLogMaxSizeMB *int32 `json:"containerLogMaxSizeMB,omitempty"` ContainerLogMaxFiles *int32 `json:"containerLogMaxFiles,omitempty"` PodMaxPids *int32 `json:"podMaxPids,omitempty"` SeccompDefault *bool `json:"seccompDefault,omitempty"` }
CustomKubeletConfig represents custom kubelet configurations for agent pool nodes.
type CustomLinuxOSConfig ¶
type CustomLinuxOSConfig struct { Sysctls *SysctlConfig `json:"sysctls,omitempty"` TransparentHugePageEnabled string `json:"transparentHugePageEnabled,omitempty"` TransparentHugePageDefrag string `json:"transparentHugePageDefrag,omitempty"` SwapFileSizeMB *int32 `json:"swapFileSizeMB,omitempty"` UlimitConfig *UlimitConfig `json:"ulimitConfig,omitempty"` }
CustomLinuxOSConfig represents custom os configurations for agent pool nodes.
func (*CustomLinuxOSConfig) GetUlimitConfig ¶ added in v0.22222.0
func (c *CustomLinuxOSConfig) GetUlimitConfig() *UlimitConfig
type CustomProfile ¶
type CustomProfile struct {
Orchestrator string `json:"orchestrator,omitempty"`
}
CustomProfile specifies custom properties that are used for cluster instantiation. Should not be used by most users.
type CustomSearchDomain ¶
type CustomSearchDomain struct { Name string `json:"name,omitempty"` RealmUser string `json:"realmUser,omitempty"` RealmPassword string `json:"realmPassword,omitempty"` }
CustomSearchDomain represents the Search Domain when the custom vnet has a windows server DNS as a nameserver.
type DiagnosticsProfile ¶
type DiagnosticsProfile struct {
VMDiagnostics *VMDiagnostics `json:"vmDiagnostics"`
}
DiagnosticsProfile setting to enable/disable capturing. diagnostics for VMs hosting container cluster.
type Distro ¶
type Distro string
Distro represents Linux distro to use for Linux VMs.
const ( Ubuntu Distro = "ubuntu" Ubuntu1804 Distro = "ubuntu-18.04" Ubuntu1804Gen2 Distro = "ubuntu-18.04-gen2" AKSUbuntu1804Gen2 Distro = "ubuntu-18.04-gen2" // same distro as Ubuntu1804Gen2, renamed for clarity AKSUbuntu1604 Distro = "aks-ubuntu-16.04" AKSUbuntu1804 Distro = "aks-ubuntu-18.04" AKSUbuntuGPU1804 Distro = "aks-ubuntu-gpu-18.04" AKSUbuntuGPU1804Gen2 Distro = "aks-ubuntu-gpu-18.04-gen2" AKSUbuntuContainerd1804 Distro = "aks-ubuntu-containerd-18.04" AKSUbuntuContainerd1804Gen2 Distro = "aks-ubuntu-containerd-18.04-gen2" AKSUbuntuGPUContainerd1804 Distro = "aks-ubuntu-gpu-containerd-18.04" AKSUbuntuGPUContainerd1804Gen2 Distro = "aks-ubuntu-gpu-containerd-18.04-gen2" AKSCBLMarinerV1 Distro = "aks-cblmariner-v1" AKSCBLMarinerV2 Distro = "aks-cblmariner-v2" AKSAzureLinuxV2 Distro = "aks-azurelinux-v2" AKSAzureLinuxV3 Distro = "aks-azurelinux-v3" AKSCBLMarinerV2Gen2 Distro = "aks-cblmariner-v2-gen2" AKSAzureLinuxV2Gen2 Distro = "aks-azurelinux-v2-gen2" AKSAzureLinuxV3Gen2 Distro = "aks-azurelinux-v3-gen2" AKSCBLMarinerV2FIPS Distro = "aks-cblmariner-v2-fips" AKSAzureLinuxV2FIPS Distro = "aks-azurelinux-v2-fips" AKSAzureLinuxV3FIPS Distro = "aks-azurelinux-v3-fips" AKSCBLMarinerV2Gen2FIPS Distro = "aks-cblmariner-v2-gen2-fips" AKSAzureLinuxV2Gen2FIPS Distro = "aks-azurelinux-v2-gen2-fips" AKSAzureLinuxV3Gen2FIPS Distro = "aks-azurelinux-v3-gen2-fips" AKSCBLMarinerV2Gen2Kata Distro = "aks-cblmariner-v2-gen2-kata" AKSAzureLinuxV2Gen2Kata Distro = "aks-azurelinux-v2-gen2-kata" AKSCBLMarinerV2Gen2TL Distro = "aks-cblmariner-v2-gen2-tl" AKSAzureLinuxV2Gen2TL Distro = "aks-azurelinux-v2-gen2-tl" AKSCBLMarinerV2KataGen2TL Distro = "aks-cblmariner-v2-kata-gen2-tl" AKSUbuntuFipsContainerd1804 Distro = "aks-ubuntu-fips-containerd-18.04" AKSUbuntuFipsContainerd1804Gen2 Distro = "aks-ubuntu-fips-containerd-18.04-gen2" AKSUbuntuFipsContainerd2004 Distro = "aks-ubuntu-fips-containerd-20.04" AKSUbuntuFipsContainerd2004Gen2 Distro = "aks-ubuntu-fips-containerd-20.04-gen2" AKSUbuntuFipsContainerd2204 Distro = "aks-ubuntu-fips-containerd-22.04" AKSUbuntuFipsContainerd2204Gen2 Distro = "aks-ubuntu-fips-containerd-22.04-gen2" AKSUbuntuEdgeZoneContainerd1804 Distro = "aks-ubuntu-edgezone-containerd-18.04" AKSUbuntuEdgeZoneContainerd1804Gen2 Distro = "aks-ubuntu-edgezone-containerd-18.04-gen2" AKSUbuntuEdgeZoneContainerd2204 Distro = "aks-ubuntu-edgezone-containerd-22.04" AKSUbuntuEdgeZoneContainerd2204Gen2 Distro = "aks-ubuntu-edgezone-containerd-22.04-gen2" AKSUbuntuContainerd2204 Distro = "aks-ubuntu-containerd-22.04" AKSUbuntuContainerd2204Gen2 Distro = "aks-ubuntu-containerd-22.04-gen2" AKSUbuntuContainerd2004CVMGen2 Distro = "aks-ubuntu-containerd-20.04-cvm-gen2" AKSUbuntuArm64Containerd2204Gen2 Distro = "aks-ubuntu-arm64-containerd-22.04-gen2" AKSUbuntuArm64Containerd2404Gen2 Distro = "aks-ubuntu-arm64-containerd-24.04-gen2" AKSCBLMarinerV2Arm64Gen2 Distro = "aks-cblmariner-v2-arm64-gen2" AKSAzureLinuxV2Arm64Gen2 Distro = "aks-azurelinux-v2-arm64-gen2" AKSAzureLinuxV3Arm64Gen2 Distro = "aks-azurelinux-v3-arm64-gen2" AKSUbuntuContainerd2204TLGen2 Distro = "aks-ubuntu-containerd-22.04-tl-gen2" AKSUbuntuMinimalContainerd2204 Distro = "aks-ubuntu-minimal-containerd-22.04" AKSUbuntuMinimalContainerd2204Gen2 Distro = "aks-ubuntu-minimal-containerd-22.04-gen2" AKSUbuntuEgressContainerd2204Gen2 Distro = "aks-ubuntu-egress-containerd-22.04-gen2" AKSUbuntuContainerd2404 Distro = "aks-ubuntu-containerd-24.04" AKSUbuntuContainerd2404Gen2 Distro = "aks-ubuntu-containerd-24.04-gen2" RHEL Distro = "rhel" CoreOS Distro = "coreos" AKS1604Deprecated Distro = "aks" // deprecated AKS 16.04 distro. Equivalent to aks-ubuntu-16.04. AKS1804Deprecated Distro = "aks-1804" // deprecated AKS 18.04 distro. Equivalent to aks-ubuntu-18.04. // Windows string const. // AKSWindows2019 stands for distro of windows server 2019 SIG image with docker. AKSWindows2019 Distro = "aks-windows-2019" // AKSWindows2019Containerd stands for distro for windows server 2019 SIG image with containerd. AKSWindows2019Containerd Distro = "aks-windows-2019-containerd" // AKSWindows2022Containerd stands for distro for windows server 2022 SIG image with containerd. AKSWindows2022Containerd Distro = "aks-windows-2022-containerd" // AKSWindows2022ContainerdGen2 stands for distro for windows server 2022 Gen 2 SIG image with containerd. AKSWindows2022ContainerdGen2 Distro = "aks-windows-2022-containerd-gen2" // AKSWindows23H2 stands for distro for windows 23H2 SIG image. AKSWindows23H2 Distro = "aks-windows-23H2" // AKSWindows23H2Gen2 stands for distro for windows 23H2 Gen 2 SIG image. AKSWindows23H2Gen2 Distro = "aks-windows-23H2-gen2" // AKSWindows2019PIR stands for distro of windows server 2019 PIR image with docker. AKSWindows2019PIR Distro = "aks-windows-2019-pir" CustomizedImage Distro = "CustomizedImage" CustomizedImageKata Distro = "CustomizedImageKata" CustomizedWindowsOSImage Distro = "CustomizedWindowsOSImage" // USNatCloud is a const string reference identifier for USNat. USNatCloud = "USNatCloud" // USSecCloud is a const string reference identifier for USSec. USSecCloud = "USSecCloud" )
Distro string consts.
func (Distro) Is2204VHDDistro ¶ added in v0.22222.0
func (Distro) Is2404VHDDistro ¶ added in v0.22222.0
This function will later be consumed by CSE to determine cgroupv2 usage.
func (Distro) IsAzureLinuxCgroupV2VHDDistro ¶ added in v0.22222.0
func (Distro) IsAzureLinuxDistro ¶ added in v0.22222.0
func (Distro) IsContainerdDistro ¶
IsContainerdSKU returns true if distro type is containerd-enabled.
func (Distro) IsGPUDistro ¶
func (Distro) IsGen2Distro ¶
func (Distro) IsKataDistro ¶ added in v0.22222.0
func (Distro) IsVHDDistro ¶
func (Distro) IsWindowsDistro ¶ added in v0.22222.0
func (Distro) IsWindowsPIRDistro ¶
func (Distro) IsWindowsSIGDistro ¶
type DockerSpecConfig ¶
type DockerSpecConfig struct { DockerEngineRepo string `json:"dockerEngineRepo,omitempty"` DockerComposeDownloadURL string `json:"dockerComposeDownloadURL,omitempty"` }
DockerSpecConfig is the configurations of docker.
type EnvironmentInfo ¶ added in v0.22222.0
type EnvironmentInfo struct { // SubscriptionID is the customer's subscription ID. SubscriptionID string // TenantID is the customer's tenant ID. TenantID string // Region is the customer's region (e.g. eastus). Region string }
EnvironmentInfo represents the set of required fields to determine specifics about the customer's environment. This info will be used in baker APIs to return the correct SIG image config.
type Extension ¶
type Extension struct { Name string `json:"name"` SingleOrAll string `json:"singleOrAll"` Template string `json:"template"` }
Extension represents an extension definition in the master or agentPoolProfile.
type ExtensionProfile ¶
type ExtensionProfile struct { Name string `json:"name"` Version string `json:"version"` ExtensionParameters string `json:"extensionParameters,omitempty"` ExtensionParametersKeyVaultRef *KeyvaultSecretRef `json:"parametersKeyvaultSecretRef,omitempty"` RootURL string `json:"rootURL,omitempty"` // This is only needed for preprovision extensions and it needs to be a bash script. Script string `json:"script,omitempty"` URLQuery string `json:"urlQuery,omitempty"` }
ExtensionProfile represents an extension definition.
type FeatureFlags ¶
type FeatureFlags struct { EnableCSERunInBackground bool `json:"enableCSERunInBackground,omitempty"` BlockOutboundInternet bool `json:"blockOutboundInternet,omitempty"` EnableIPv6DualStack bool `json:"enableIPv6DualStack,omitempty"` EnableIPv6Only bool `json:"enableIPv6Only,omitempty"` EnableWinDSR bool `json:"enableWinDSR,omitempty"` }
FeatureFlags defines feature-flag restricted functionality.
func (*FeatureFlags) IsFeatureEnabled ¶
func (f *FeatureFlags) IsFeatureEnabled(feature string) bool
IsFeatureEnabled returns true if a feature flag is on for the provided feature.
type GetLatestSigImageConfigRequest ¶ added in v0.22222.0
type GetLatestSigImageConfigRequest struct { SIGConfig SIGConfig SubscriptionID string TenantID string Region string Distro Distro }
GetLatestSigImageConfigRequest describes the input for a GetLatestSigImageConfig HTTP request. This is mostly a wrapper over existing types so RP doesn't have to manually construct JSON.
type HTTPProxyConfig ¶
type HTTPProxyConfig struct { HTTPProxy *string `json:"httpProxy,omitempty"` HTTPSProxy *string `json:"httpsProxy,omitempty"` NoProxy *[]string `json:"noProxy,omitempty"` TrustedCA *string `json:"trustedCa,omitempty"` }
HTTPProxyConfig represents configurations of http proxy.
type HostedMasterProfile ¶
type HostedMasterProfile struct { // Master public endpoint/FQDN with port. // The format will be FQDN:2376. // Not used during PUT, returned as part of GETFQDN. FQDN string `json:"fqdn,omitempty"` // IPAddress. // if both FQDN and IPAddress are specified, we should use IPAddress. IPAddress string `json:"ipAddress,omitempty"` DNSPrefix string `json:"dnsPrefix"` // FQDNSubdomain is used by private cluster without dnsPrefix so they have fixed FQDN. FQDNSubdomain string `json:"fqdnSubdomain"` /* Subnet holds the CIDR which defines the Azure Subnet in which Agents will be provisioned. This is stored on the HostedMasterProfile and will become `masterSubnet` in the compiled template. */ Subnet string `json:"subnet"` // ApiServerWhiteListRange is a comma delimited CIDR which is whitelisted to AKS. APIServerWhiteListRange *string `json:"apiServerWhiteListRange"` IPMasqAgent bool `json:"ipMasqAgent"` }
HostedMasterProfile defines properties for a hosted master.
type ImageReference ¶
type ImageReference struct { Name string `json:"name,omitempty"` ResourceGroup string `json:"resourceGroup,omitempty"` SubscriptionID string `json:"subscriptionId,omitempty"` Gallery string `json:"gallery,omitempty"` Version string `json:"version,omitempty"` }
ImageReference represents a reference to an Image resource in Azure.
func (*ImageReference) IsValid ¶
func (i *ImageReference) IsValid() bool
IsValid returns true if ImageRefernce contains at least Name and ResourceGroup.
type K8sComponents ¶
type K8sComponents struct { // Full path to the "pause" image. Used for --pod-infra-container-image. // For example: "mcr.microsoft.com/oss/kubernetes/pause:1.3.1". PodInfraContainerImageURL string // Full path to the hyperkube image. // For example: "mcr.microsoft.com/hyperkube-amd64:v1.16.13". HyperkubeImageURL string // Full path to the Windows package (windowszip) to use. // For example: https://acs-mirror.azureedge.net/kubernetes/v1.17.8/windowszip/v1.17.8-1int.zip. WindowsPackageURL string // Full path to the Linux package (tar.gz) to use. // For example: url=https://acs-mirror.azureedge.net/kubernetes/v1.25.6-hotfix.20230612/binaries/v1.25.6-hotfix.20230612.tar.gz LinuxPrivatePackageURL string // Full path to the Windows credential provider (tar.gz) to use. // For example: https://acs-mirror.azureedge.net/cloud-provider-azure/v1.29.4/binaries/azure-acr-credential-provider-windows-amd64-v1.29.4.tar.gz WindowsCredentialProviderURL string // Full path to the Linux credential provider (tar.gz) to use. // For example: "https://acs-mirror.azureedge.net/cloud-provider-azure/v1.29.4/binaries/azure-acr-credential-provider-linux-amd64-v1.29.4.tar.gz" LinuxCredentialProviderURL string }
type KeyVaultCertificate ¶
type KeyVaultCertificate struct { CertificateURL string `json:"certificateUrl,omitempty"` CertificateStore string `json:"certificateStore,omitempty"` }
KeyVaultCertificate specifies a certificate to install. On Linux, the certificate file is placed under the /var/lib/waagent directory with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for the private key. Both of these files are .pem formatted. On windows the certificate will be saved in the specified store.
type KeyVaultID ¶
type KeyVaultID struct {
ID string `json:"id,omitempty"`
}
KeyVaultID specifies a key vault.
type KeyVaultRef ¶
type KeyVaultRef struct { KeyVault KeyVaultID `json:"keyVault"` SecretName string `json:"secretName"` SecretVersion string `json:"secretVersion,omitempty"` }
KeyVaultRef represents a reference to KeyVault instance on Azure.
type KeyVaultSecrets ¶
type KeyVaultSecrets struct { SourceVault *KeyVaultID `json:"sourceVault,omitempty"` VaultCertificates []KeyVaultCertificate `json:"vaultCertificates,omitempty"` }
KeyVaultSecrets specifies certificates to install on the pool of machines from a given key vault. the key vault specified must have been granted read permissions to CRP.
type KeyvaultSecretRef ¶
type KeyvaultSecretRef struct { VaultID string `json:"vaultID"` SecretName string `json:"secretName"` SecretVersion string `json:"version,omitempty"` }
KeyvaultSecretRef specifies path to the Azure keyvault along with secret name and (optionaly) version for Service Principal's secret.
type KubeletAnonymousAuthentication ¶
type KubeletAnonymousAuthentication struct { // enabled allows anonymous requests to the kubelet server. // Requests that are not rejected by another authentication method are treated as anonymous requests. // Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated. // +optional. Enabled bool `json:"enabled,omitempty"` }
type KubeletAuthentication ¶
type KubeletAuthentication struct { // x509 contains settings related to x509 client certificate authentication. // +optional. X509 KubeletX509Authentication `json:"x509"` // webhook contains settings related to webhook bearer token authentication. // +optional. Webhook KubeletWebhookAuthentication `json:"webhook"` // anonymous contains settings related to anonymous authentication. // +optional. Anonymous KubeletAnonymousAuthentication `json:"anonymous"` }
below are copied from Kubernetes.
type KubeletAuthorization ¶
type KubeletAuthorization struct { // mode is the authorization mode to apply to requests to the kubelet server. // Valid values are AlwaysAllow and Webhook. // Webhook mode uses the SubjectAccessReview API to determine authorization. // +optional. Mode KubeletAuthorizationMode `json:"mode,omitempty"` // webhook contains settings related to Webhook authorization. // +optional. Webhook KubeletWebhookAuthorization `json:"webhook"` }
type KubeletAuthorizationMode ¶
type KubeletAuthorizationMode string
type KubeletDiskType ¶
type KubeletDiskType string
KubeletDiskType describes options for placement of the primary kubelet partition. docker images, emptyDir volumes, and pod logs.
const ( // OSDisk indicates data wil be shared with the OS. OSDisk KubeletDiskType = "OS" // TempDisk indicates date will be isolated on the temporary disk. TempDisk KubeletDiskType = "Temporary" )
type KubeletWebhookAuthentication ¶
type KubeletWebhookAuthentication struct { // enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API. // +optional. Enabled bool `json:"enabled,omitempty"` // cacheTTL enables caching of authentication results. // +optional. CacheTTL Duration `json:"cacheTTL,omitempty"` }
type KubeletWebhookAuthorization ¶
type KubeletWebhookAuthorization struct { // cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer. // +optional. CacheAuthorizedTTL Duration `json:"cacheAuthorizedTTL,omitempty"` // +optional. CacheUnauthorizedTTL Duration `json:"cacheUnauthorizedTTL,omitempty"` }
type KubeletX509Authentication ¶
type KubeletX509Authentication struct { /* clientCAFile is the path to a PEM-encoded certificate bundle. If set, any request presenting a client certificate signed by one of the authorities in the bundle is authenticated with a username corresponding to the CommonName, and groups corresponding to the Organization in the client certificate. +optional. */ ClientCAFile string `json:"clientCAFile,omitempty"` }
type KubernetesAddon ¶
type KubernetesAddon struct { Name string `json:"name,omitempty"` Enabled *bool `json:"enabled,omitempty"` Mode string `json:"mode,omitempty"` Containers []KubernetesContainerSpec `json:"containers,omitempty"` Config map[string]string `json:"config,omitempty"` Pools []AddonNodePoolsConfig `json:"pools,omitempty"` Data string `json:"data,omitempty"` }
KubernetesAddon defines a list of addons w/ configuration to include with the cluster deployment.
func (KubernetesAddon) GetAddonContainersIndexByName ¶
func (a KubernetesAddon) GetAddonContainersIndexByName(containerName string) int
GetAddonContainersIndexByName returns the KubernetesAddon containers index with the name `containerName`.
func (*KubernetesAddon) IsDisabled ¶
func (a *KubernetesAddon) IsDisabled() bool
IsDisabled returns true if the addon is explicitly disabled.
func (*KubernetesAddon) IsEnabled ¶
func (a *KubernetesAddon) IsEnabled() bool
IsEnabled returns true if the addon is enabled.
type KubernetesConfig ¶
type KubernetesConfig struct { KubernetesImageBase string `json:"kubernetesImageBase,omitempty"` MCRKubernetesImageBase string `json:"mcrKubernetesImageBase,omitempty"` ClusterSubnet string `json:"clusterSubnet,omitempty"` NetworkPolicy string `json:"networkPolicy,omitempty"` NetworkPlugin string `json:"networkPlugin,omitempty"` NetworkMode string `json:"networkMode,omitempty"` ContainerRuntime string `json:"containerRuntime,omitempty"` MaxPods int `json:"maxPods,omitempty"` DockerBridgeSubnet string `json:"dockerBridgeSubnet,omitempty"` DNSServiceIP string `json:"dnsServiceIP,omitempty"` ServiceCIDR string `json:"serviceCidr,omitempty"` UseManagedIdentity bool `json:"useManagedIdentity,omitempty"` UserAssignedID string `json:"userAssignedID,omitempty"` UserAssignedClientID string `json:"userAssignedClientID,omitempty"` //nolint: lll // Note: cannot be provided in config. Used *only* for transferring this to azure.json. CustomHyperkubeImage string `json:"customHyperkubeImage,omitempty"` CustomKubeProxyImage string `json:"customKubeProxyImage,omitempty"` CustomKubeBinaryURL string `json:"customKubeBinaryURL,omitempty"` MobyVersion string `json:"mobyVersion,omitempty"` ContainerdVersion string `json:"containerdVersion,omitempty"` WindowsNodeBinariesURL string `json:"windowsNodeBinariesURL,omitempty"` WindowsContainerdURL string `json:"windowsContainerdURL,omitempty"` WindowsSdnPluginURL string `json:"windowsSdnPluginURL,omitempty"` UseInstanceMetadata *bool `json:"useInstanceMetadata,omitempty"` EnableRbac *bool `json:"enableRbac,omitempty"` EnableSecureKubelet *bool `json:"enableSecureKubelet,omitempty"` PrivateCluster *PrivateCluster `json:"privateCluster,omitempty"` GCHighThreshold int `json:"gchighthreshold,omitempty"` GCLowThreshold int `json:"gclowthreshold,omitempty"` EnableEncryptionWithExternalKms *bool `json:"enableEncryptionWithExternalKms,omitempty"` Addons []KubernetesAddon `json:"addons,omitempty"` ContainerRuntimeConfig map[string]string `json:"containerRuntimeConfig,omitempty"` ControllerManagerConfig map[string]string `json:"controllerManagerConfig,omitempty"` SchedulerConfig map[string]string `json:"schedulerConfig,omitempty"` CloudProviderBackoffMode string `json:"cloudProviderBackoffMode"` CloudProviderBackoff *bool `json:"cloudProviderBackoff,omitempty"` CloudProviderBackoffRetries int `json:"cloudProviderBackoffRetries,omitempty"` CloudProviderBackoffJitter float64 `json:"cloudProviderBackoffJitter,omitempty"` CloudProviderBackoffDuration int `json:"cloudProviderBackoffDuration,omitempty"` CloudProviderBackoffExponent float64 `json:"cloudProviderBackoffExponent,omitempty"` CloudProviderRateLimit *bool `json:"cloudProviderRateLimit,omitempty"` CloudProviderRateLimitQPS float64 `json:"cloudProviderRateLimitQPS,omitempty"` CloudProviderRateLimitQPSWrite float64 `json:"cloudProviderRateLimitQPSWrite,omitempty"` CloudProviderRateLimitBucket int `json:"cloudProviderRateLimitBucket,omitempty"` CloudProviderRateLimitBucketWrite int `json:"cloudProviderRateLimitBucketWrite,omitempty"` CloudProviderDisableOutboundSNAT *bool `json:"cloudProviderDisableOutboundSNAT,omitempty"` NodeStatusUpdateFrequency string `json:"nodeStatusUpdateFrequency,omitempty"` LoadBalancerSku string `json:"loadBalancerSku,omitempty"` ExcludeMasterFromStandardLB *bool `json:"excludeMasterFromStandardLB,omitempty"` AzureCNIURLLinux string `json:"azureCNIURLLinux,omitempty"` AzureCNIURLARM64Linux string `json:"azureCNIURLARM64Linux,omitempty"` AzureCNIURLWindows string `json:"azureCNIURLWindows,omitempty"` MaximumLoadBalancerRuleCount int `json:"maximumLoadBalancerRuleCount,omitempty"` PrivateAzureRegistryServer string `json:"privateAzureRegistryServer,omitempty"` NetworkPluginMode string `json:"networkPluginMode,omitempty"` }
KubernetesConfig contains the Kubernetes config structure, containing Kubernetes specific configuration.
func (*KubernetesConfig) GetAddonByName ¶
func (k *KubernetesConfig) GetAddonByName(addonName string) KubernetesAddon
GetAddonByName returns the KubernetesAddon instance with name `addonName`.
func (*KubernetesConfig) GetAzureCNIURLARM64Linux ¶ added in v0.22222.0
func (k *KubernetesConfig) GetAzureCNIURLARM64Linux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLARM64Linux returns the full URL to source Azure CNI binaries for ARM64 Linux from.
func (*KubernetesConfig) GetAzureCNIURLLinux ¶
func (k *KubernetesConfig) GetAzureCNIURLLinux(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLLinux returns the full URL to source Azure CNI binaries from.
func (*KubernetesConfig) GetAzureCNIURLWindows ¶
func (k *KubernetesConfig) GetAzureCNIURLWindows(cloudSpecConfig *AzureEnvironmentSpecConfig) string
GetAzureCNIURLWindows returns the full URL to source Azure CNI binaries from.
func (*KubernetesConfig) IsAADPodIdentityEnabled ¶
func (k *KubernetesConfig) IsAADPodIdentityEnabled() bool
IsAADPodIdentityEnabled checks if the AAD pod identity addon is enabled.
func (*KubernetesConfig) IsAddonDisabled ¶
func (k *KubernetesConfig) IsAddonDisabled(addonName string) bool
IsAddonDisabled checks whether a k8s addon with name "addonName"
is explicitly disabled based on the Enabled field of KubernetesAddon. If the value of Enabled is nil, we return false (not explicitly disabled).
func (*KubernetesConfig) IsAddonEnabled ¶
func (k *KubernetesConfig) IsAddonEnabled(addonName string) bool
IsAddonEnabled checks whether a k8s addon with name "addonName" is enabled or not based on the Enabled
field of KubernetesAddon. If the value of Enabled is nil, the "defaultValue" is returned.
func (*KubernetesConfig) IsIPMasqAgentDisabled ¶
func (k *KubernetesConfig) IsIPMasqAgentDisabled() bool
IsIPMasqAgentDisabled checks if the ip-masq-agent addon is disabled.
func (*KubernetesConfig) IsIPMasqAgentEnabled ¶
func (k *KubernetesConfig) IsIPMasqAgentEnabled() bool
IsIPMasqAgentEnabled checks if the ip-masq-agent addon is enabled.
func (*KubernetesConfig) IsRBACEnabled ¶
func (k *KubernetesConfig) IsRBACEnabled() bool
IsRBACEnabled checks if RBAC is enabled.
func (*KubernetesConfig) IsUsingNetworkPluginMode ¶ added in v0.22222.0
func (k *KubernetesConfig) IsUsingNetworkPluginMode(mode string) bool
IsUsingNetworkPluginMode returns true of NetworkPluginMode matches mode param.
func (*KubernetesConfig) NeedsContainerd ¶
func (k *KubernetesConfig) NeedsContainerd() bool
NeedsContainerd returns whether or not we need the containerd runtime configuration. E.g., kata configuration requires containerd config.
func (*KubernetesConfig) PrivateJumpboxProvision ¶
func (k *KubernetesConfig) PrivateJumpboxProvision() bool
PrivateJumpboxProvision checks if a private cluster has jumpbox auto-provisioning.
func (*KubernetesConfig) RequiresDocker ¶
func (k *KubernetesConfig) RequiresDocker() bool
RequiresDocker returns if the kubernetes settings require docker binary to be installed.
func (*KubernetesConfig) UserAssignedIDEnabled ¶
func (k *KubernetesConfig) UserAssignedIDEnabled() bool
UserAssignedIDEnabled checks if the user assigned ID is enabled or not.
type KubernetesContainerSpec ¶
type KubernetesContainerSpec struct { Name string `json:"name,omitempty"` Image string `json:"image,omitempty"` CPURequests string `json:"cpuRequests,omitempty"` MemoryRequests string `json:"memoryRequests,omitempty"` CPULimits string `json:"cpuLimits,omitempty"` MemoryLimits string `json:"memoryLimits,omitempty"` }
KubernetesContainerSpec defines configuration for a container spec.
type KubernetesSpecConfig ¶
type KubernetesSpecConfig struct { AzureTelemetryPID string `json:"azureTelemetryPID,omitempty"` KubernetesImageBase string `json:"kubernetesImageBase,omitempty"` TillerImageBase string `json:"tillerImageBase,omitempty"` ACIConnectorImageBase string `json:"aciConnectorImageBase,omitempty"` MCRKubernetesImageBase string `json:"mcrKubernetesImageBase,omitempty"` NVIDIAImageBase string `json:"nvidiaImageBase,omitempty"` AzureCNIImageBase string `json:"azureCNIImageBase,omitempty"` CalicoImageBase string `json:"CalicoImageBase,omitempty"` EtcdDownloadURLBase string `json:"etcdDownloadURLBase,omitempty"` KubeBinariesSASURLBase string `json:"kubeBinariesSASURLBase,omitempty"` WindowsTelemetryGUID string `json:"windowsTelemetryGUID,omitempty"` CNIPluginsDownloadURL string `json:"cniPluginsDownloadURL,omitempty"` VnetCNILinuxPluginsDownloadURL string `json:"vnetCNILinuxPluginsDownloadURL,omitempty"` VnetCNIWindowsPluginsDownloadURL string `json:"vnetCNIWindowsPluginsDownloadURL,omitempty"` ContainerdDownloadURLBase string `json:"containerdDownloadURLBase,omitempty"` CSIProxyDownloadURL string `json:"csiProxyDownloadURL,omitempty"` WindowsProvisioningScriptsPackageURL string `json:"windowsProvisioningScriptsPackageURL,omitempty"` WindowsPauseImageURL string `json:"windowsPauseImageURL,omitempty"` AlwaysPullWindowsPauseImage bool `json:"alwaysPullWindowsPauseImage,omitempty"` CseScriptsPackageURL string `json:"cseScriptsPackageURL,omitempty"` CNIARM64PluginsDownloadURL string `json:"cniARM64PluginsDownloadURL,omitempty"` VnetCNIARM64LinuxPluginsDownloadURL string `json:"vnetCNIARM64LinuxPluginsDownloadURL,omitempty"` CredentialProviderURL string `json:"credentialProviderURL,omitempty"` }
KubernetesSpecConfig is the kubernetes container images used.
type LinuxProfile ¶
type LinuxProfile struct { AdminUsername string `json:"adminUsername"` SSH struct { PublicKeys []PublicKey `json:"publicKeys"` } `json:"ssh"` Secrets []KeyVaultSecrets `json:"secrets,omitempty"` Distro Distro `json:"distro,omitempty"` CustomSearchDomain *CustomSearchDomain `json:"customSearchDomain,omitempty"` }
LinuxProfile represents the linux parameters passed to the cluster.
func (*LinuxProfile) HasSearchDomain ¶
func (l *LinuxProfile) HasSearchDomain() bool
HasSearchDomain returns true if the customer specified secrets to install.
func (*LinuxProfile) HasSecrets ¶
func (l *LinuxProfile) HasSecrets() bool
HasSecrets returns true if the customer specified secrets to install.
type NodeBootstrapping ¶
type NodeBootstrapping struct { CustomData string CSE string OSImageConfig *AzureOSImageConfig SigImageConfig *SigImageConfig }
NodeBootstrapping represents the custom data, CSE, and OS image info needed for node bootstrapping.
type NodeBootstrappingConfiguration ¶
type NodeBootstrappingConfiguration struct { ContainerService *ContainerService CloudSpecConfig *AzureEnvironmentSpecConfig K8sComponents *K8sComponents AgentPoolProfile *AgentPoolProfile TenantID string SubscriptionID string ResourceGroupName string UserAssignedIdentityClientID string OSSKU string ConfigGPUDriverIfNeeded bool Disable1804SystemdResolved bool EnableGPUDevicePluginIfNeeded bool EnableKubeletConfigFile bool EnableNvidia bool EnableACRTeleportPlugin bool TeleportdPluginURL string EnableArtifactStreaming bool ContainerdVersion string RuncVersion string // ContainerdPackageURL and RuncPackageURL are beneficial for testing non-official. // containerd and runc, like the pre-released ones. // Currently both configurations are for test purpose, and only deb package is supported. ContainerdPackageURL string RuncPackageURL string // KubeletClientTLSBootstrapToken - kubelet client TLS bootstrap token to use. /* When this feature is enabled, we skip kubelet kubeconfig generation and replace it with bootstrap kubeconfig. */ // ref: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping. KubeletClientTLSBootstrapToken *string // EnableSecureTLSBootstraping - when this feature is enabled we don't hard-code TLS bootstrap tokens at all, // instead we create a modified bootstrap kubeconfig which points towards the STLS bootstrap client-go // credential plugin installed on the VHD, which will be responsible for generating TLS bootstrap tokens on the fly EnableSecureTLSBootstrapping bool // CustomSecureTLSBootstrapAADServerAppID serves as an optional override of the AAD server application ID // used by the secure TLS bootstrap client-go credential plugin when requesting JWTs from AAD CustomSecureTLSBootstrapAADServerAppID string FIPSEnabled bool HTTPProxyConfig *HTTPProxyConfig KubeletConfig map[string]string KubeproxyConfig map[string]string EnableRuncShimV2 bool GPUInstanceProfile string PrimaryScaleSetName string SIGConfig SIGConfig IsARM64 bool CustomCATrustConfig *CustomCATrustConfig DisableUnattendedUpgrades bool SSHStatus SSHStatus DisableCustomData bool OutboundType string EnableIMDSRestriction bool // InsertIMDSRestrictionRuleToMangleTable is only checked when EnableIMDSRestriction is true. // When this is true, iptables rule will be inserted to `mangle` table. This is for Linux Cilium // CNI, which will overwrite the `filter` table so that we can only insert to `mangle` table to avoid // our added rule is overwritten by Cilium. InsertIMDSRestrictionRuleToMangleTable bool }
NodeBootstrappingConfiguration represents configurations for node bootstrapping.
func (*NodeBootstrappingConfiguration) GetOrderedKubeletConfigStringForPowershell ¶
func (config *NodeBootstrappingConfiguration) GetOrderedKubeletConfigStringForPowershell(customKc *CustomKubeletConfig) string
GetOrderedKubeletConfigStringForPowershell returns an ordered string of key/val pairs for Powershell script consumption.
func (*NodeBootstrappingConfiguration) GetOrderedKubeproxyConfigStringForPowershell ¶ added in v0.22222.0
func (config *NodeBootstrappingConfiguration) GetOrderedKubeproxyConfigStringForPowershell() string
GetOrderedKubeproxyConfigStringForPowershell returns an ordered string of key/val pairs for Powershell script consumption.
type OrchestratorProfile ¶
type OrchestratorProfile struct { OrchestratorType string `json:"orchestratorType"` OrchestratorVersion string `json:"orchestratorVersion"` KubernetesConfig *KubernetesConfig `json:"kubernetesConfig,omitempty"` }
OrchestratorProfile contains Orchestrator properties.
func (*OrchestratorProfile) IsAzureCNI ¶
func (o *OrchestratorProfile) IsAzureCNI() bool
IsAzureCNI returns true if Azure CNI network plugin is enabled.
func (*OrchestratorProfile) IsKubernetes ¶
func (o *OrchestratorProfile) IsKubernetes() bool
IsKubernetes returns true if this template is for Kubernetes orchestrator.
func (*OrchestratorProfile) IsNoneCNI ¶ added in v0.22222.0
func (o *OrchestratorProfile) IsNoneCNI() bool
IsNoneCNI returns true if network plugin none is enabled.
func (*OrchestratorProfile) VersionIs ¶ added in v0.22222.0
func (o *OrchestratorProfile) VersionIs(expr string) bool
VersionIs takes a constraint expression to validate the OrchestratorVersion meets this constraint. Examples of expressions are `>= 1.24` or `!= 1.25.4`. More info: https://github.com/Masterminds/semver#checking-version-constraints.
func (*OrchestratorProfile) VersionSupportsFeatureFlag ¶ added in v0.22222.0
func (o *OrchestratorProfile) VersionSupportsFeatureFlag(flag string) bool
type PrivateCluster ¶
type PrivateCluster struct { Enabled *bool `json:"enabled,omitempty"` EnableHostsConfigAgent *bool `json:"enableHostsConfigAgent,omitempty"` JumpboxProfile *PrivateJumpboxProfile `json:"jumpboxProfile,omitempty"` }
PrivateCluster defines the configuration for a private cluster.
type PrivateEgress ¶ added in v0.22222.0
type PrivateJumpboxProfile ¶
type PrivateJumpboxProfile struct { Name string `json:"name" validate:"required"` VMSize string `json:"vmSize" validate:"required"` OSDiskSizeGB int `json:"osDiskSizeGB,omitempty" validate:"min=0,max=2048"` Username string `json:"username,omitempty"` PublicKey string `json:"publicKey" validate:"required"` StorageProfile string `json:"storageProfile,omitempty"` }
PrivateJumpboxProfile represents a jumpbox definition.
type Properties ¶
type Properties struct { ClusterID string ProvisioningState ProvisioningState `json:"provisioningState,omitempty"` OrchestratorProfile *OrchestratorProfile `json:"orchestratorProfile,omitempty"` AgentPoolProfiles []*AgentPoolProfile `json:"agentPoolProfiles,omitempty"` LinuxProfile *LinuxProfile `json:"linuxProfile,omitempty"` WindowsProfile *WindowsProfile `json:"windowsProfile,omitempty"` ExtensionProfiles []*ExtensionProfile `json:"extensionProfiles"` DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"` ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"` CertificateProfile *CertificateProfile `json:"certificateProfile,omitempty"` AADProfile *AADProfile `json:"aadProfile,omitempty"` CustomProfile *CustomProfile `json:"customProfile,omitempty"` HostedMasterProfile *HostedMasterProfile `json:"hostedMasterProfile,omitempty"` AddonProfiles map[string]AddonProfile `json:"addonProfiles,omitempty"` FeatureFlags *FeatureFlags `json:"featureFlags,omitempty"` CustomCloudEnv *CustomCloudEnv `json:"customCloudEnv,omitempty"` CustomConfiguration *CustomConfiguration `json:"customConfiguration,omitempty"` SecurityProfile *SecurityProfile `json:"securityProfile,omitempty"` }
Properties represents the AKS cluster definition.
func GetK8sDefaultProperties ¶
func GetK8sDefaultProperties(hasWindows bool) *Properties
GetK8sDefaultProperties returns a struct of type Properties for testing purposes.
func (*Properties) AreAgentProfilesCustomVNET ¶
func (p *Properties) AreAgentProfilesCustomVNET() bool
AreAgentProfilesCustomVNET returns true if all of the agent profiles in the clusters are configured with VNET.
func (*Properties) GetClusterID ¶
func (p *Properties) GetClusterID() string
GetClusterID creates a unique 8 string cluster ID.
func (*Properties) GetComponentKubernetesConfiguration ¶ added in v0.22222.0
func (p *Properties) GetComponentKubernetesConfiguration(component CustomConfigurationComponent) *ComponentConfiguration
func (*Properties) GetComponentWindowsKubernetesConfiguration ¶ added in v0.22222.0
func (p *Properties) GetComponentWindowsKubernetesConfiguration(component CustomConfigurationComponent) *ComponentConfiguration
func (*Properties) GetCustomCloudName ¶
func (p *Properties) GetCustomCloudName() string
GetCustomCloudName returns name of environment if customCloudProfile is provided, returns empty string if customCloudProfile is empty.Because customCloudProfile is empty for deployment is AzurePublicCloud, AzureChinaCloud, AzureGermanCloud, AzureUSGovernmentCloud, the return value will be empty string for those clouds.
func (*Properties) GetCustomEnvironmentJSON ¶
func (p *Properties) GetCustomEnvironmentJSON(escape bool) (string, error)
GetCustomEnvironmentJSON return the JSON format string for custom environment.
func (*Properties) GetKubeProxyFeatureGatesWindowsArguments ¶
func (p *Properties) GetKubeProxyFeatureGatesWindowsArguments() string
GetKubeProxyFeatureGatesWindowsArguments returns the feature gates string for the kube-proxy arguments in Windows nodes.
func (*Properties) GetNSGName ¶
func (p *Properties) GetNSGName() string
GetNSGName returns the name of the network security group of the cluster.
func (*Properties) GetPrimaryAvailabilitySetName ¶
func (p *Properties) GetPrimaryAvailabilitySetName() string
GetPrimaryAvailabilitySetName returns the name of the primary availability set of the cluster.
func (*Properties) GetResourcePrefix ¶
func (p *Properties) GetResourcePrefix() string
GetResourcePrefix returns the prefix to use for naming cluster resources.
func (*Properties) GetRouteTableName ¶
func (p *Properties) GetRouteTableName() string
GetRouteTableName returns the route table name of the cluster.
func (*Properties) GetSubnetName ¶
func (p *Properties) GetSubnetName() string
GetSubnetName returns the subnet name of the cluster based on its current configuration.
func (*Properties) GetVMType ¶
func (p *Properties) GetVMType() string
GetVMType returns the type of VM "vmss" or "standard" to be passed to the cloud provider.
func (*Properties) GetVNetResourceGroupName ¶
func (p *Properties) GetVNetResourceGroupName() string
GetVNetResourceGroupName returns the virtual network resource group name of the cluster.
func (*Properties) GetVirtualNetworkName ¶
func (p *Properties) GetVirtualNetworkName() string
GetVirtualNetworkName returns the virtual network name of the cluster.
func (*Properties) HasAadProfile ¶
func (p *Properties) HasAadProfile() bool
HasAadProfile returns true if the has aad profile.
func (*Properties) HasDCSeriesSKU ¶
func (p *Properties) HasDCSeriesSKU() bool
HasDCSeriesSKU returns whether or not there is an DC series SKU agent pool.
func (*Properties) HasVMSSAgentPool ¶
func (p *Properties) HasVMSSAgentPool() bool
HasVMSSAgentPool returns true if the cluster contains Virtual Machine Scale Sets agent pools.
func (*Properties) HasWindows ¶
func (p *Properties) HasWindows() bool
HasWindows returns true if the cluster contains windows.
func (*Properties) IsAKSCustomCloud ¶
func (p *Properties) IsAKSCustomCloud() bool
IsAKSCustomCloud checks if it's in AKS custom cloud.
func (*Properties) IsIPMasqAgentDisabled ¶
func (p *Properties) IsIPMasqAgentDisabled() bool
IsIPMasqAgentDisabled returns true if the ip-masq-agent functionality is disabled.
func (*Properties) IsIPMasqAgentEnabled ¶
func (p *Properties) IsIPMasqAgentEnabled() bool
IsIPMasqAgentEnabled returns true if the cluster has a hosted master and IpMasqAgent is disabled.
func (*Properties) IsVHDDistroForAllNodes ¶
func (p *Properties) IsVHDDistroForAllNodes() bool
IsVHDDistroForAllNodes returns true if all of the agent pools plus masters are running the VHD image.
func (*Properties) K8sOrchestratorName ¶
func (p *Properties) K8sOrchestratorName() string
K8sOrchestratorName returns the 3 character orchestrator code for kubernetes-based clusters.
type ProvisioningState ¶
type ProvisioningState string
ProvisioningState represents the current state of container service resource.
type PublicKey ¶
type PublicKey struct {
KeyData string `json:"keyData"`
}
PublicKey represents an SSH key for LinuxProfile.
type ResourceIdentifiers ¶
type ResourceIdentifiers struct { Graph string `json:"graph,omitempty"` KeyVault string `json:"keyVault,omitempty"` Datalake string `json:"datalake,omitempty"` Batch string `json:"batch,omitempty"` OperationalInsights string `json:"operationalInsights,omitempty"` Storage string `json:"storage,omitempty"` }
ResourceIdentifiers represents resource ids.
type ResourcePurchasePlan ¶
type ResourcePurchasePlan struct { Name string `json:"name"` Product string `json:"product"` PromotionCode string `json:"promotionCode"` Publisher string `json:"publisher"` }
ResourcePurchasePlan defines resource plan as required by ARM for billing purposes.
type RuntimeHandlers ¶
type RuntimeHandlers struct {
BuildNumber string `json:"buildNumber,omitempty"`
}
RuntimeHandlers configures the runtime settings in containerd.
type SIGAzureEnvironmentSpecConfig ¶
type SIGAzureEnvironmentSpecConfig struct { CloudName string `json:"cloudName,omitempty"` SigTenantID string `json:"sigTenantID,omitempty"` SubscriptionID string `json:"subscriptionID,omitempty"` SigUbuntuImageConfig map[Distro]SigImageConfig `json:"sigUbuntuImageConfig,omitempty"` SigCBLMarinerImageConfig map[Distro]SigImageConfig `json:"sigCBLMarinerImageConfig,omitempty"` SigAzureLinuxImageConfig map[Distro]SigImageConfig `json:"sigAzureLinuxImageConfig,omitempty"` SigWindowsImageConfig map[Distro]SigImageConfig `json:"sigWindowsImageConfig,omitempty"` SigUbuntuEdgeZoneImageConfig map[Distro]SigImageConfig `json:"sigUbuntuEdgeZoneImageConfig,omitempty"` }
SIGAzureEnvironmentSpecConfig is the overall configuration differences in different cloud environments.
TODO(tonyxu) merge this with AzureEnvironmentSpecConfig from aks-engine(pkg/api/azenvtypes.go) once
it's moved into AKS RP.
func GetAzurePublicSIGConfigForTest ¶
func GetAzurePublicSIGConfigForTest() SIGAzureEnvironmentSpecConfig
GetAzurePublicSIGConfigForTest returns a statically defined sigconfig. This should only be used for unit tests and e2es.
func GetSIGAzureCloudSpecConfig ¶
func GetSIGAzureCloudSpecConfig(sigConfig SIGConfig, region string) (SIGAzureEnvironmentSpecConfig, error)
GetSIGAzureCloudSpecConfig get cloud specific sig config.
type SIGConfig ¶
type SIGConfig struct { TenantID string `json:"tenantID"` SubscriptionID string `json:"subscriptionID"` Galleries map[string]SIGGalleryConfig `json:"galleries"` }
SIGConfig is used to hold configuration parameters to access AKS VHDs stored in a SIG.
type SIGGalleryConfig ¶
type SecurityProfile ¶ added in v0.22222.0
type SecurityProfile struct {
PrivateEgress *PrivateEgress `json:"privateEgress,omitempty"`
}
SecurityProfile begin.
func (*SecurityProfile) GetPrivateEgressContainerRegistryServer ¶ added in v0.12345611.0
func (s *SecurityProfile) GetPrivateEgressContainerRegistryServer() string
func (*SecurityProfile) GetProxyAddress ¶ added in v0.22222.0
func (s *SecurityProfile) GetProxyAddress() string
type ServicePrincipalProfile ¶
type ServicePrincipalProfile struct { ClientID string `json:"clientId"` Secret string `json:"secret,omitempty" conform:"redact"` ObjectID string `json:"objectId,omitempty"` KeyvaultSecretRef *KeyvaultSecretRef `json:"keyvaultSecretRef,omitempty"` }
ServicePrincipalProfile contains the client and secret used by the cluster for Azure Resource CRUD.
type SigImageConfig ¶
type SigImageConfig struct { SigImageConfigTemplate SubscriptionID string }
SigImageConfig represents the SIG image configuration.
type SigImageConfigOpt ¶
type SigImageConfigOpt func(*SigImageConfig)
type SigImageConfigTemplate ¶
type SigImageConfigTemplate struct { ResourceGroup string Gallery string Definition string Version string }
SigImageConfigTemplate represents the SIG image configuration template.
func (SigImageConfigTemplate) WithOptions ¶
func (template SigImageConfigTemplate) WithOptions(options ...SigImageConfigOpt) SigImageConfig
WithOptions converts a SigImageConfigTemplate to SigImageConfig instance via function opts.
type SysctlConfig ¶
type SysctlConfig struct { NetCoreSomaxconn *int32 `json:"netCoreSomaxconn,omitempty"` NetCoreNetdevMaxBacklog *int32 `json:"netCoreNetdevMaxBacklog,omitempty"` NetCoreRmemDefault *int32 `json:"netCoreRmemDefault,omitempty"` NetCoreRmemMax *int32 `json:"netCoreRmemMax,omitempty"` NetCoreWmemDefault *int32 `json:"netCoreWmemDefault,omitempty"` NetCoreWmemMax *int32 `json:"netCoreWmemMax,omitempty"` NetCoreOptmemMax *int32 `json:"netCoreOptmemMax,omitempty"` NetIpv4TcpMaxSynBacklog *int32 `json:"netIpv4TcpMaxSynBacklog,omitempty"` NetIpv4TcpMaxTwBuckets *int32 `json:"netIpv4TcpMaxTwBuckets,omitempty"` NetIpv4TcpFinTimeout *int32 `json:"netIpv4TcpFinTimeout,omitempty"` NetIpv4TcpKeepaliveTime *int32 `json:"netIpv4TcpKeepaliveTime,omitempty"` NetIpv4TcpKeepaliveProbes *int32 `json:"netIpv4TcpKeepaliveProbes,omitempty"` NetIpv4TcpkeepaliveIntvl *int32 `json:"netIpv4TcpkeepaliveIntvl,omitempty"` NetIpv4TcpTwReuse *bool `json:"netIpv4TcpTwReuse,omitempty"` NetIpv4IpLocalPortRange string `json:"netIpv4IpLocalPortRange,omitempty"` NetIpv4NeighDefaultGcThresh1 *int32 `json:"netIpv4NeighDefaultGcThresh1,omitempty"` NetIpv4NeighDefaultGcThresh2 *int32 `json:"netIpv4NeighDefaultGcThresh2,omitempty"` NetIpv4NeighDefaultGcThresh3 *int32 `json:"netIpv4NeighDefaultGcThresh3,omitempty"` NetNetfilterNfConntrackMax *int32 `json:"netNetfilterNfConntrackMax,omitempty"` NetNetfilterNfConntrackBuckets *int32 `json:"netNetfilterNfConntrackBuckets,omitempty"` FsInotifyMaxUserWatches *int32 `json:"fsInotifyMaxUserWatches,omitempty"` FsFileMax *int32 `json:"fsFileMax,omitempty"` FsAioMaxNr *int32 `json:"fsAioMaxNr,omitempty"` FsNrOpen *int32 `json:"fsNrOpen,omitempty"` KernelThreadsMax *int32 `json:"kernelThreadsMax,omitempty"` VMMaxMapCount *int32 `json:"vmMaxMapCount,omitempty"` VMSwappiness *int32 `json:"vmSwappiness,omitempty"` VMVfsCachePressure *int32 `json:"vmVfsCachePressure,omitempty"` }
SysctlConfig represents sysctl configs in customLinuxOsConfig.
type TypeMeta ¶
type TypeMeta struct { // APIVersion is on every object. APIVersion string `json:"apiVersion"` }
TypeMeta describes an individual API model object.
type UlimitConfig ¶ added in v0.22222.0
type UserAssignedIdentity ¶
type UserAssignedIdentity struct { ResourceID string `json:"resourceId,omitempty"` ClientID string `json:"clientId,omitempty"` ObjectID string `json:"objectId,omitempty"` }
UserAssignedIdentity contains information that uniquely identifies an identity.
type VMDiagnostics ¶
type VMDiagnostics struct { Enabled bool `json:"enabled"` // Specifies storage account Uri where Boot Diagnostics (CRP & // VMSS BootDiagostics) and VM Diagnostics logs (using Linux // Diagnostics Extension) will be stored. Uri will be of standard // blob domain. i.e. https://storageaccount.blob.core.windows.net/ // This field is readonly as ACS RP will create a storage account // for the customer. StorageURL *neturl.URL `json:"storageUrl"` }
VMDiagnostics contains settings to on/off boot diagnostics collection in RD Host.
type WindowsProfile ¶
type WindowsProfile struct { AdminUsername string `json:"adminUsername"` AdminPassword string `json:"adminPassword" conform:"redact"` CSIProxyURL string `json:"csiProxyURL,omitempty"` EnableCSIProxy *bool `json:"enableCSIProxy,omitempty"` ImageRef *ImageReference `json:"imageReference,omitempty"` ImageVersion string `json:"imageVersion"` ProvisioningScriptsPackageURL string `json:"provisioningScriptsPackageURL,omitempty"` WindowsImageSourceURL string `json:"windowsImageSourceURL"` WindowsPublisher string `json:"windowsPublisher"` WindowsOffer string `json:"windowsOffer"` WindowsSku string `json:"windowsSku"` WindowsDockerVersion string `json:"windowsDockerVersion"` Secrets []KeyVaultSecrets `json:"secrets,omitempty"` SSHEnabled *bool `json:"sshEnabled,omitempty"` EnableAutomaticUpdates *bool `json:"enableAutomaticUpdates,omitempty"` IsCredentialAutoGenerated *bool `json:"isCredentialAutoGenerated,omitempty"` EnableAHUB *bool `json:"enableAHUB,omitempty"` WindowsPauseImageURL string `json:"windowsPauseImageURL"` AlwaysPullWindowsPauseImage *bool `json:"alwaysPullWindowsPauseImage,omitempty"` ContainerdWindowsRuntimes *ContainerdWindowsRuntimes `json:"containerdWindowsRuntimes,omitempty"` WindowsCalicoPackageURL string `json:"windowsCalicoPackageURL,omitempty"` //nolint:stylecheck // keep field names the same as RP WindowsSecureTlsEnabled *bool `json:"windowsSecureTlsEnabled,omitempty"` //nolint:stylecheck // keep field names the same as RP WindowsGmsaPackageUrl string `json:"windowsGmsaPackageUrl,omitempty"` CseScriptsPackageURL string `json:"cseScriptsPackageURL,omitempty"` GpuDriverURL string `json:"gpuDriverUrl,omitempty"` HnsRemediatorIntervalInMinutes *uint32 `json:"hnsRemediatorIntervalInMinutes,omitempty"` LogGeneratorIntervalInMinutes *uint32 `json:"logGeneratorIntervalInMinutes,omitempty"` }
WindowsProfile represents the windows parameters passed to the cluster.
func (*WindowsProfile) GetContainerdWindowsRuntimeHandlers ¶
func (w *WindowsProfile) GetContainerdWindowsRuntimeHandlers() string
GetContainerdWindowsRuntimeHandlers gets comma separated list of runtimehandler names.
func (*WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation ¶
func (w *WindowsProfile) GetDefaultContainerdWindowsSandboxIsolation() string
GetDefaultContainerdWindowsSandboxIsolation gets the default containerd runtime handler or return default value.
func (*WindowsProfile) GetHnsRemediatorIntervalInMinutes ¶ added in v0.22222.0
func (w *WindowsProfile) GetHnsRemediatorIntervalInMinutes() uint32
GetHnsRemediatorIntervalInMinutes gets HnsRemediatorIntervalInMinutes specified or returns default value.
func (*WindowsProfile) GetLogGeneratorIntervalInMinutes ¶ added in v0.22222.0
func (w *WindowsProfile) GetLogGeneratorIntervalInMinutes() uint32
GetLogGeneratorIntervalInMinutes gets LogGeneratorIntervalInMinutes specified or returns default value.
func (*WindowsProfile) GetSSHEnabled ¶
func (w *WindowsProfile) GetSSHEnabled() bool
GetSSHEnabled gets it ssh should be enabled for Windows nodes.
func (*WindowsProfile) GetWindowsDockerVersion ¶
func (w *WindowsProfile) GetWindowsDockerVersion() string
GetWindowsDockerVersion gets the docker version specified or returns default value.
func (*WindowsProfile) GetWindowsSku ¶
func (w *WindowsProfile) GetWindowsSku() string
GetWindowsSku gets the marketplace sku specified (such as Datacenter-Core-1809-with-Containers-smalldisk) or returns default value.
func (*WindowsProfile) HasCustomImage ¶
func (w *WindowsProfile) HasCustomImage() bool
HasCustomImage returns true if there is a custom windows os image url specified.
func (*WindowsProfile) HasImageRef ¶
func (w *WindowsProfile) HasImageRef() bool
HasImageRef returns true if the customer brought os image.
func (*WindowsProfile) HasSecrets ¶
func (w *WindowsProfile) HasSecrets() bool
HasSecrets returns true if the customer specified secrets to install.
func (*WindowsProfile) IsAlwaysPullWindowsPauseImage ¶
func (w *WindowsProfile) IsAlwaysPullWindowsPauseImage() bool
IsAlwaysPullWindowsPauseImage returns true if the windows pause image always needs a force pull.
func (*WindowsProfile) IsCSIProxyEnabled ¶
func (w *WindowsProfile) IsCSIProxyEnabled() bool
IsCSIProxyEnabled returns true if csi proxy service should be enable for Windows nodes.
func (*WindowsProfile) IsWindowsSecureTlsEnabled ¶
func (w *WindowsProfile) IsWindowsSecureTlsEnabled() bool
IsWindowsSecureTLSEnabled returns true if secure TLS should be enabled for Windows nodes.
type WorkloadRuntime ¶
type WorkloadRuntime string
WorkloadRuntime describes choices for the type of workload: container or wasm-wasi, currently.
const ( // OCIContainer indicates that kubelet will be used for a container workload. OCIContainer WorkloadRuntime = "OCIContainer" // WasmWasi indicates Krustlet will be used for a WebAssembly workload. WasmWasi WorkloadRuntime = "WasmWasi" )