vlabs

package
v0.81.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2024 License: MIT Imports: 20 Imported by: 0

Documentation

Overview

Package vlabs stores an experimental API model.

Index

Examples

Constants

View Source
const (
	// MinAgentCount are the minimum number of agents per agent pool
	MinAgentCount = 1
	// MaxAgentCount are the maximum number of agents per agent pool
	MaxAgentCount = 1000
	// MinPort specifies the minimum tcp port to open
	MinPort = 1
	// MaxPort specifies the maximum tcp port to open
	MaxPort = 65535
	// MaxDisks specifies the maximum attached disks to add to the cluster
	MaxDisks = 4
	// MinDiskSizeGB specifies the minimum attached disk size
	MinDiskSizeGB = 1
	// MaxDiskSizeGB specifies the maximum attached disk size
	MaxDiskSizeGB = 1023
	// MinIPAddressCount specifies the minimum number of IP addresses per network interface
	MinIPAddressCount = 1
	// MaxIPAddressCount specifies the maximum number of IP addresses per network interface
	MaxIPAddressCount = 256
)

validation values

View Source
const (
	// AvailabilitySet means that the vms are in an availability set
	AvailabilitySet = "AvailabilitySet"
	// VirtualMachineScaleSets means that the vms are in a virtual machine scaleset
	VirtualMachineScaleSets = "VirtualMachineScaleSets"
)

Availability profiles

View Source
const (
	// StorageAccount means that the nodes use raw storage accounts for their os and attached volumes
	StorageAccount = "StorageAccount"
	// ManagedDisks means that the nodes use managed disks for their os and attached volumes
	ManagedDisks = "ManagedDisks"
	// Ephemeral means that the node's os disk is ephemeral. This is not compatible with attached volumes.
	Ephemeral = "Ephemeral"
)

storage profiles

View Source
const (
	Docker         = "docker"
	KataContainers = "kata-containers" // Deprecated
	Containerd     = "containerd"
)

Supported container runtimes

View Source
const (
	// DefaultNetworkPlugin defines the network plugin to use by default
	DefaultNetworkPlugin = "azure"
	// DefaultNetworkPluginWindows defines the network plugin to use by default for clusters with Windows agent pools
	DefaultNetworkPluginWindows = "azure"
	// DefaultNetworkPolicy defines the network policy to use by default
	DefaultNetworkPolicy = ""
	// NetworkPolicyCilium is the string expression for cilium network policy config option
	NetworkPolicyCilium = "cilium"
	// NetworkPluginCilium is the string expression for cilium network policy config option
	NetworkPluginCilium = NetworkPolicyCilium
	// NetworkPolicyAntrea is the string expression for antrea network policy config option
	NetworkPolicyAntrea = "antrea"
	// NetworkPluginAntrea is the string expression for antrea network plugin config option
	NetworkPluginAntrea = NetworkPolicyAntrea
	// NetworkPluginFlannel is the string expression for flannel network plugin config option // Deprecated
	NetworkPluginFlannel = "flannel" // Deprecated
	// NetworkModeBridge is the string expression for bridge network mode config option
	NetworkModeBridge = "bridge"
	// NetworkModeTransparent is the string expression for transparent network mode config option
	NetworkModeTransparent = "transparent"
	// NetworkPluginKubenet is the string expression for kubenet network plugin config option
	NetworkPluginKubenet = "kubenet"
)

vlabs default configuration

View Source
const (
	// AzureStackCloud is a const string reference identifier for Azure Stack cloud
	AzureStackCloud = "AzureStackCloud"
	// MaxAzureStackManagedDiskSize is max etcd disk size supported on AzureStackCloud
	MaxAzureStackManagedDiskSize = 1023
)
View Source
const (
	// AzureADIdentitySystem is a const string reference identifier for Azure AD identity System
	AzureADIdentitySystem = "azure_ad"
	// ADFSIdentitySystem is a const string reference identifier for ADFS identity System
	ADFSIdentitySystem = "adfs"
)
View Source
const (
	// AzureCustomCloudDependenciesLocationPublic indicates to get dependencies from in AzurePublic cloud
	AzureCustomCloudDependenciesLocationPublic = "public"
	// AzureCustomCloudDependenciesLocationChina indicates to get dependencies from AzureChina cloud
	AzureCustomCloudDependenciesLocationChina = "china"
	// AzureCustomCloudDependenciesLocationGerman indicates to get dependencies from AzureGerman cloud
	AzureCustomCloudDependenciesLocationGerman = "german"
	// AzureCustomCloudDependenciesLocationUSGovernment indicates to get dependencies from AzureUSGovernment cloud
	AzureCustomCloudDependenciesLocationUSGovernment = "usgovernment"
)
View Source
const (
	// ClientSecretAuthMethod indicates to use client seret for authentication
	ClientSecretAuthMethod = "client_secret"
	// ClientCertificateAuthMethod indicates to use client certificate for authentication
	ClientCertificateAuthMethod = "client_certificate"
)
View Source
const (
	// AddonModeEnsureExists
	AddonModeEnsureExists = "EnsureExists"
	// AddonModeReconcile
	AddonModeReconcile = "Reconcile"
)

addons consts

View Source
const (
	// APIVersion is the version of this API
	APIVersion = "vlabs"
)
View Source
const BasicLoadBalancerSku = "Basic"

BasicLoadBalancerSku is the string const for Azure Basic Load Balancer

View Source
const (
	ContainerDataDirKey = "dataDir"
)

Known container runtime configuration keys

View Source
const (
	// Kubernetes is the string constant for the Kubernetes orchestrator type
	Kubernetes string = "Kubernetes"
)

the orchestrators supported by vlabs

View Source
const (
	// KubernetesMinMaxPods is the minimum valid value for MaxPods, necessary for running kube-system pods
	KubernetesMinMaxPods = 5
)

Kubernetes configuration

View Source
const StandardLoadBalancerSku = "Standard"

StandardLoadBalancerSku is the string const for Azure Standard Load Balancer

Variables

View Source
var (
	// NetworkPluginValues holds the valid values for network plugin implementation
	NetworkPluginValues = [...]string{"", NetworkPluginKubenet, "azure", NetworkPluginCilium, NetworkPluginAntrea, "flannel"}

	// NetworkPolicyValues holds the valid values for a network policy
	// "azure" and "none" are there for backwards-compatibility
	NetworkPolicyValues = [...]string{"", "calico", NetworkPolicyCilium, NetworkPolicyAntrea, "azure", "none"}

	// ContainerRuntimeValues holds the valid values for container runtimes
	ContainerRuntimeValues = [...]string{"", Docker, Containerd}

	// DistroValues holds the valid values for OS distros
	DistroValues = []Distro{"", Ubuntu, Ubuntu1804, Ubuntu1804Gen2, Ubuntu2004, Flatcar, AKSUbuntu1604, AKSUbuntu1804, AKSUbuntu2004, ACC1604}

	// DependenciesLocationValues holds the valid values for dependencies location
	DependenciesLocationValues = []DependenciesLocation{"", AzureCustomCloudDependenciesLocationPublic, AzureCustomCloudDependenciesLocationChina, AzureCustomCloudDependenciesLocationGerman, AzureCustomCloudDependenciesLocationUSGovernment}

	// NetworkModeValues holds the valid values for network mode implementation for cni
	NetworkModeValues = [...]string{"", NetworkModeBridge, NetworkModeTransparent}
)

Functions

This section is empty.

Types

type AADProfile

type AADProfile struct {
	// The client AAD application ID.
	ClientAppID string `json:"clientAppID,omitempty"`
	// The server AAD application ID.
	ServerAppID string `json:"serverAppID,omitempty"`
	// The AAD tenant ID to use for authentication.
	// If not specified, will use the tenant of the deployment subscription.
	// Optional
	TenantID string `json:"tenantID,omitempty"`
	// The Azure Active Directory Group Object ID that will be assigned the
	// cluster-admin RBAC role.
	// Optional
	AdminGroupID string `json:"adminGroupID,omitempty"`
}

AADProfile specifies attributes for AAD integration

type AddonNodePoolsConfig

type AddonNodePoolsConfig struct {
	Name   string            `json:"name,omitempty"`
	Config map[string]string `json:"config,omitempty"`
}

AddonNodePoolsConfig defines configuration for pool-specific cluster-autoscaler configuration

type AgentPoolProfile

type AgentPoolProfile struct {
	Name                                string               `json:"name" validate:"required"`
	Count                               int                  `json:"count" validate:"required,min=1,max=1000"`
	VMSize                              string               `json:"vmSize" validate:"required"`
	OSDiskSizeGB                        int                  `json:"osDiskSizeGB,omitempty" validate:"min=0,max=2048"`
	DNSPrefix                           string               `json:"dnsPrefix,omitempty"`
	OSType                              OSType               `json:"osType,omitempty"`
	Ports                               []int                `json:"ports,omitempty" validate:"dive,min=1,max=65535"`
	AvailabilityProfile                 string               `json:"availabilityProfile"`
	ScaleSetPriority                    string               `json:"scaleSetPriority,omitempty" validate:"eq=Regular|eq=Low|eq=Spot|len=0"`
	ScaleSetEvictionPolicy              string               `json:"scaleSetEvictionPolicy,omitempty" validate:"eq=Delete|eq=Deallocate|len=0"`
	SpotMaxPrice                        *float64             `json:"spotMaxPrice,omitempty"`
	StorageProfile                      string               `json:"storageProfile" validate:"eq=StorageAccount|eq=ManagedDisks|eq=Ephemeral|len=0"`
	DiskSizesGB                         []int                `json:"diskSizesGB,omitempty" validate:"max=4,dive,min=1,max=32767"`
	VnetSubnetID                        string               `json:"vnetSubnetID,omitempty"`
	IPAddressCount                      int                  `json:"ipAddressCount,omitempty" validate:"min=0,max=256"`
	Distro                              Distro               `json:"distro,omitempty"`
	KubernetesConfig                    *KubernetesConfig    `json:"kubernetesConfig,omitempty"`
	ImageRef                            *ImageReference      `json:"imageReference,omitempty"`
	Role                                AgentPoolProfileRole `json:"role,omitempty"`
	AcceleratedNetworkingEnabled        *bool                `json:"acceleratedNetworkingEnabled,omitempty"`
	AcceleratedNetworkingEnabledWindows *bool                `json:"acceleratedNetworkingEnabledWindows,omitempty"`
	VMSSOverProvisioningEnabled         *bool                `json:"vmssOverProvisioningEnabled,omitempty"`
	AuditDEnabled                       *bool                `json:"auditDEnabled,omitempty"`
	CustomVMTags                        map[string]string    `json:"customVMTags,omitempty"`
	DiskEncryptionSetID                 string               `json:"diskEncryptionSetID,omitempty"`
	UltraSSDEnabled                     *bool                `json:"ultraSSDEnabled,omitempty"`
	EncryptionAtHost                    *bool                `json:"encryptionAtHost,omitempty"`

	FQDN                              string            `json:"fqdn"`
	CustomNodeLabels                  map[string]string `json:"customNodeLabels,omitempty"`
	PreProvisionExtension             *Extension        `json:"preProvisionExtension"`
	Extensions                        []Extension       `json:"extensions"`
	SinglePlacementGroup              *bool             `json:"singlePlacementGroup,omitempty"`
	PlatformFaultDomainCount          *int              `json:"platformFaultDomainCount,omitempty"`
	PlatformUpdateDomainCount         *int              `json:"platformUpdateDomainCount"`
	AvailabilityZones                 []string          `json:"availabilityZones,omitempty"`
	EnableVMSSNodePublicIP            *bool             `json:"enableVMSSNodePublicIP,omitempty"`
	LoadBalancerBackendAddressPoolIDs []string          `json:"loadBalancerBackendAddressPoolIDs,omitempty"`
	SysctlDConfig                     map[string]string `json:"sysctldConfig,omitempty"`
	ProximityPlacementGroupID         string            `json:"proximityPlacementGroupID,omitempty"`
	OSDiskCachingType                 string            `json:"osDiskCachingType,omitempty"`
	DataDiskCachingType               string            `json:"dataDiskCachingType,omitempty"`
	// VMSSName is a read-only field; its value will be computed during template generation
	VMSSName string `json:"vmssName,omitempty"`
	// contains filtered or unexported fields
}

AgentPoolProfile represents an agent pool definition

func (*AgentPoolProfile) GetSubnet

func (a *AgentPoolProfile) GetSubnet() string

GetSubnet returns the read-only subnet for the agent pool

func (*AgentPoolProfile) HasAvailabilityZones

func (a *AgentPoolProfile) HasAvailabilityZones() bool

HasAvailabilityZones returns true if the agent pool has availability zones

func (*AgentPoolProfile) HasDisks

func (a *AgentPoolProfile) HasDisks() bool

HasDisks returns true if the customer specified disks

func (*AgentPoolProfile) IsAvailabilitySets

func (a *AgentPoolProfile) IsAvailabilitySets() bool

IsAvailabilitySets returns true if the customer specified disks

func (*AgentPoolProfile) IsCustomVNET

func (a *AgentPoolProfile) IsCustomVNET() bool

IsCustomVNET returns true if the customer brought their own VNET

func (*AgentPoolProfile) IsEphemeral

func (a *AgentPoolProfile) IsEphemeral() bool

IsEphemeral returns true if the customer specified ephemeral disks

func (*AgentPoolProfile) IsFlatcar

func (a *AgentPoolProfile) IsFlatcar() bool

IsFlatcar returns true if the agent specified a Flatcar distro

func (*AgentPoolProfile) IsLinux

func (a *AgentPoolProfile) IsLinux() bool

IsLinux returns true if the agent pool is linux

func (*AgentPoolProfile) IsManagedDisks

func (a *AgentPoolProfile) IsManagedDisks() bool

IsManagedDisks returns true if the customer specified managed disks

func (*AgentPoolProfile) IsNSeriesSKU

func (a *AgentPoolProfile) IsNSeriesSKU() bool

IsNSeriesSKU returns true if the agent pool contains an N-series (NVIDIA GPU) VM

func (*AgentPoolProfile) IsStorageAccount

func (a *AgentPoolProfile) IsStorageAccount() bool

IsStorageAccount returns true if the customer specified storage account

func (*AgentPoolProfile) IsUbuntu

func (a *AgentPoolProfile) IsUbuntu() bool

IsUbuntu returns true if the master profile distro is any ubuntu distro

func (*AgentPoolProfile) IsUbuntu1604

func (a *AgentPoolProfile) IsUbuntu1604() bool

IsUbuntu1604 returns true if the agent pool profile distro is based on Ubuntu 16.04

func (*AgentPoolProfile) IsUbuntu1804

func (a *AgentPoolProfile) IsUbuntu1804() bool

IsUbuntu1804 returns true if the agent pool profile distro is based on Ubuntu 16.04

func (*AgentPoolProfile) IsUbuntu2004

func (a *AgentPoolProfile) IsUbuntu2004() bool

IsUbuntu2004 returns true if the agent pool profile distro is based on Ubuntu 16.04

func (*AgentPoolProfile) IsVirtualMachineScaleSets

func (a *AgentPoolProfile) IsVirtualMachineScaleSets() bool

IsVirtualMachineScaleSets returns true if the agent pool availability profile is VMSS

func (*AgentPoolProfile) IsWindows

func (a *AgentPoolProfile) IsWindows() bool

IsWindows returns true if the agent pool is windows

func (*AgentPoolProfile) SetSubnet

func (a *AgentPoolProfile) SetSubnet(subnet string)

SetSubnet sets the read-only subnet for the agent pool

type AgentPoolProfileRole

type AgentPoolProfileRole string

AgentPoolProfileRole represents an agent role

const (
	// AgentPoolProfileRoleEmpty is the empty role
	AgentPoolProfileRoleEmpty AgentPoolProfileRole = ""
	// AgentPoolProfileRoleInfra is the infra role
	AgentPoolProfileRoleInfra AgentPoolProfileRole = "infra"
)

type AzureEndpointConfig

type AzureEndpointConfig struct {
	ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix,omitempty"`
}

AzureEndpointConfig describes an Azure endpoint

type AzureEnvironmentSpecConfig

type AzureEnvironmentSpecConfig struct {
	CloudName            string                        `json:"cloudName,omitempty"`
	KubernetesSpecConfig KubernetesSpecConfig          `json:"kubernetesSpecConfig,omitempty"`
	EndpointConfig       AzureEndpointConfig           `json:"endpointConfig,omitempty"`
	OSImageConfig        map[Distro]AzureOSImageConfig `json:"osImageConfig,omitempty"`
}

AzureEnvironmentSpecConfig is the overall configuration differences in different cloud environments.

type AzureOSImageConfig

type AzureOSImageConfig struct {
	ImageOffer     string `json:"imageOffer,omitempty"`
	ImageSku       string `json:"imageSku,omitempty"`
	ImagePublisher string `json:"imagePublisher,omitempty"`
	ImageVersion   string `json:"imageVersion,omitempty"`
}

AzureOSImageConfig describes an Azure OS image

type CertificateProfile

type CertificateProfile struct {
	// CaCertificate is the certificate authority certificate.
	CaCertificate string `json:"caCertificate,omitempty"`
	// CaPrivateKey is the certificate authority key.
	CaPrivateKey string `json:"caPrivateKey,omitempty"`
	// ApiServerCertificate is the rest api server certificate, and signed by the CA
	APIServerCertificate string `json:"apiServerCertificate,omitempty"`
	// ApiServerPrivateKey is the rest api server private key, and signed by the CA
	APIServerPrivateKey string `json:"apiServerPrivateKey,omitempty"`
	// ClientCertificate is the certificate used by the client kubelet services and signed by the CA
	ClientCertificate string `json:"clientCertificate,omitempty"`
	// ClientPrivateKey is the private key used by the client kubelet services and signed by the CA
	ClientPrivateKey string `json:"clientPrivateKey,omitempty"`
	// KubeConfigCertificate is the client certificate used for kubectl cli and signed by the CA
	KubeConfigCertificate string `json:"kubeConfigCertificate,omitempty"`
	// KubeConfigPrivateKey is the client private key used for kubectl cli and signed by the CA
	KubeConfigPrivateKey string `json:"kubeConfigPrivateKey,omitempty"`
	// EtcdServerCertificate is the server certificate for etcd, and signed by the CA
	EtcdServerCertificate string `json:"etcdServerCertificate,omitempty"`
	// EtcdServerPrivateKey is the server private key for etcd, and signed by the CA
	EtcdServerPrivateKey string `json:"etcdServerPrivateKey,omitempty"`
	// EtcdClientCertificate is etcd client certificate, and signed by the CA
	EtcdClientCertificate string `json:"etcdClientCertificate,omitempty"`
	// EtcdClientPrivateKey is the etcd client private key, and signed by the CA
	EtcdClientPrivateKey string `json:"etcdClientPrivateKey,omitempty"`
	// EtcdPeerCertificates is list of etcd peer certificates, and signed by the CA
	EtcdPeerCertificates []string `json:"etcdPeerCertificates,omitempty"`
	// EtcdPeerPrivateKeys is list of etcd peer private keys, and signed by the CA
	EtcdPeerPrivateKeys []string `json:"etcdPeerPrivateKeys,omitempty"`
}

CertificateProfile represents the definition of the master cluster The JSON parameters could be either a plain text, or referenced to a secret in a keyvault. In the latter case, the format of the parameter's value should be "/subscriptions/<SUB_ID>/resourceGroups/<RG_NAME>/providers/Microsoft.KeyVault/vaults/<KV_NAME>/secrets/<NAME>[/<VERSION>]" where: SUB_ID is the subscription ID of the keyvault RG_NAME is the resource group of the keyvault KV_NAME is the name of the keyvault NAME is the name of the secret VERSION (optional) is the version of the secret (default: the latest version)

type ContainerService

type ContainerService struct {
	ID       string                `json:"id,omitempty"`
	Location string                `json:"location,omitempty"`
	Name     string                `json:"name,omitempty"`
	Plan     *ResourcePurchasePlan `json:"plan,omitempty"`
	Tags     map[string]string     `json:"tags,omitempty"`
	Type     string                `json:"type,omitempty"`

	Properties *Properties `json:"properties"  validate:"required"`
}

ContainerService complies with the ARM model of resource definition in a JSON template.

func (*ContainerService) Merge

func (cs *ContainerService) Merge(ecs *ContainerService) error

Merge existing containerService attribute into cs

func (*ContainerService) Validate

func (cs *ContainerService) Validate(isUpdate bool) error

Validate implements validation for ContainerService

type CustomCloudProfile

type CustomCloudProfile struct {
	Environment                 *Environment                `json:"environment,omitempty"`
	AzureEnvironmentSpecConfig  *AzureEnvironmentSpecConfig `json:"azureEnvironmentSpecConfig,omitempty"`
	IdentitySystem              string                      `json:"identitySystem,omitempty"`
	AuthenticationMethod        string                      `json:"authenticationMethod,omitempty"`
	DependenciesLocation        DependenciesLocation        `json:"dependenciesLocation,omitempty"`
	PortalURL                   string                      `json:"portalURL,omitempty"`
	CustomCloudRootCertificates string                      `json:"customCloudRootCertificates,omitempty"`
	CustomCloudSourcesList      string                      `json:"customCloudSourcesList,omitempty"`
}

CustomCloudProfile represents the custom cloud profile

type CustomFile

type CustomFile struct {
	Source string `json:"source,omitempty"`
	Dest   string `json:"dest,omitempty"`
}

CustomFile has source as the full absolute source path to a file and dest is the full absolute desired destination path to put the file on a master node

type CustomNodesDNS

type CustomNodesDNS struct {
	DNSServer string `json:"dnsServer,omitempty"`
}

CustomNodesDNS represents the Search Domain

type CustomSearchDomain

type CustomSearchDomain struct {
	Name          string `json:"name,omitempty"`
	RealmUser     string `json:"realmUser,omitempty"`
	RealmPassword string `json:"realmPassword,omitempty"`
}

CustomSearchDomain represents the Search Domain when the custom vnet has a windows server DNS as a nameserver.

type DependenciesLocation

type DependenciesLocation string

DependenciesLocation represents location to retrieve the dependencies.

type Distro

type Distro string

Distro represents Linux distro to use for Linux VMs

const (
	Ubuntu            Distro = "ubuntu" // Ubuntu 16.04-LTS is at EOL, TODO deprecate this distro
	Ubuntu1804        Distro = "ubuntu-18.04"
	Ubuntu1804Gen2    Distro = "ubuntu-18.04-gen2"
	Ubuntu2004        Distro = "ubuntu-20.04"
	Flatcar           Distro = "flatcar"
	AKS1604Deprecated Distro = "aks"               // deprecated AKS 16.04 distro. Equivalent to aks-ubuntu-16.04.
	AKS1804Deprecated Distro = "aks-1804"          // deprecated AKS 18.04 distro. Equivalent to aks-ubuntu-18.04.
	AKSDockerEngine   Distro = "aks-docker-engine" // deprecated docker-engine distro.
	AKSUbuntu1604     Distro = "aks-ubuntu-16.04"
	AKSUbuntu1804     Distro = "aks-ubuntu-18.04"
	AKSUbuntu2004     Distro = "aks-ubuntu-20.04"
	ACC1604           Distro = "acc-16.04"
)

the LinuxDistros supported by vlabs

type Environment added in v0.81.0

type Environment struct {
	Name                         string             `json:"name"`
	ManagementPortalURL          string             `json:"managementPortalURL"`
	PublishSettingsURL           string             `json:"publishSettingsURL"`
	ServiceManagementEndpoint    string             `json:"serviceManagementEndpoint"`
	ResourceManagerEndpoint      string             `json:"resourceManagerEndpoint"`
	ActiveDirectoryEndpoint      string             `json:"activeDirectoryEndpoint"`
	GalleryEndpoint              string             `json:"galleryEndpoint"`
	KeyVaultEndpoint             string             `json:"keyVaultEndpoint"`
	GraphEndpoint                string             `json:"graphEndpoint"`
	ServiceBusEndpoint           string             `json:"serviceBusEndpoint"`
	BatchManagementEndpoint      string             `json:"batchManagementEndpoint"`
	StorageEndpointSuffix        string             `json:"storageEndpointSuffix"`
	SQLDatabaseDNSSuffix         string             `json:"sqlDatabaseDNSSuffix"`
	TrafficManagerDNSSuffix      string             `json:"trafficManagerDNSSuffix"`
	KeyVaultDNSSuffix            string             `json:"keyVaultDNSSuffix"`
	ServiceBusEndpointSuffix     string             `json:"serviceBusEndpointSuffix"`
	ServiceManagementVMDNSSuffix string             `json:"serviceManagementVMDNSSuffix"`
	ResourceManagerVMDNSSuffix   string             `json:"resourceManagerVMDNSSuffix"`
	ContainerRegistryDNSSuffix   string             `json:"containerRegistryDNSSuffix"`
	CosmosDBDNSSuffix            string             `json:"cosmosDBDNSSuffix"`
	TokenAudience                string             `json:"tokenAudience"`
	APIManagementHostNameSuffix  string             `json:"apiManagementHostNameSuffix"`
	SynapseEndpointSuffix        string             `json:"synapseEndpointSuffix"`
	ResourceIdentifiers          ResourceIdentifier `json:"resourceIdentifiers"`
}

Environment represents a set of endpoints for each of Azure's Clouds.

type Extension

type Extension struct {
	Name        string `json:"name"`
	SingleOrAll string `json:"singleOrAll"`
	Template    string `json:"template"`
}

Extension represents an extension definition in the master or agentPoolProfile

type ExtensionProfile

type ExtensionProfile struct {
	Name                           string             `json:"name"`
	Version                        string             `json:"version"`
	ExtensionParameters            string             `json:"extensionParameters,omitempty"`
	ExtensionParametersKeyVaultRef *KeyvaultSecretRef `json:"parametersKeyvaultSecretRef,omitempty"`
	RootURL                        string             `json:"rootURL,omitempty"`
	// This is only needed for preprovision extensions and it needs to be a bash script
	Script   string `json:"script,omitempty"`
	URLQuery string `json:"urlQuery,omitempty"`
}

ExtensionProfile represents an extension definition

type FeatureFlags

type FeatureFlags struct {
	EnableCSERunInBackground  bool `json:"enableCSERunInBackground,omitempty"`
	BlockOutboundInternet     bool `json:"blockOutboundInternet,omitempty"`
	EnableIPv6DualStack       bool `json:"enableIPv6DualStack,omitempty"`
	EnableTelemetry           bool `json:"enableTelemetry,omitempty"`
	EnableIPv6Only            bool `json:"enableIPv6Only,omitempty"`
	EnableWinDSR              bool `json:"enableWinDSR,omitempty"`
	EnforceUbuntu2004DisaStig bool `json:"enforceUbuntu2004DisaStig,omitempty"`
	EnforceKubernetesDisaStig bool `json:"enforceKubernetesDisaStig,omitempty"`
}

FeatureFlags defines feature-flag restricted functionality

func (*FeatureFlags) IsEnforceKubernetesDisaStigEnabled added in v0.77.0

func (f *FeatureFlags) IsEnforceKubernetesDisaStigEnabled() bool

IsEnforceKubernetesDisaStigEnabled checks if EnforceKubernetesDisaStig feature is enabled

func (*FeatureFlags) IsEnforceUbuntu2004DisaStigEnabled added in v0.75.4

func (f *FeatureFlags) IsEnforceUbuntu2004DisaStigEnabled() bool

IsEnforceUbuntu2004DisaStigEnabled checks if EnforceUbuntu2004DisaStig feature is enabled

func (*FeatureFlags) IsIPv6DualStackEnabled

func (f *FeatureFlags) IsIPv6DualStackEnabled() bool

IsIPv6DualStackEnabled checks if IPv6DualStack feature is enabled

func (*FeatureFlags) IsIPv6OnlyEnabled

func (f *FeatureFlags) IsIPv6OnlyEnabled() bool

IsIPv6OnlyEnabled checks if IPv6Only feature is enabled

func (*FeatureFlags) IsWinDSREnabled

func (f *FeatureFlags) IsWinDSREnabled() bool

IsWinDSREnabled checks if WinDSR feature is enabled

type ImageReference

type ImageReference struct {
	Name           string `json:"name,omitempty"`
	ResourceGroup  string `json:"resourceGroup,omitempty"`
	SubscriptionID string `json:"subscriptionId,omitempty"`
	Gallery        string `json:"gallery,omitempty"`
	Version        string `json:"version,omitempty"`
}

ImageReference represents a reference to an Image resource in Azure.

type KeyVaultCertificate

type KeyVaultCertificate struct {
	CertificateURL   string `json:"certificateUrl,omitempty"`
	CertificateStore string `json:"certificateStore,omitempty"`
}

KeyVaultCertificate specifies a certificate to install On Linux, the certificate file is placed under the /var/lib/waagent directory with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbprint>.prv for the private key. Both of these files are .pem formatted. On windows the certificate will be saved in the specified store.

type KeyVaultID

type KeyVaultID struct {
	ID string `json:"id,omitempty"`
}

KeyVaultID specifies a key vault

type KeyVaultSecrets

type KeyVaultSecrets struct {
	SourceVault       *KeyVaultID           `json:"sourceVault,omitempty"`
	VaultCertificates []KeyVaultCertificate `json:"vaultCertificates,omitempty"`
}

KeyVaultSecrets specifies certificates to install on the pool of machines from a given key vault the key vault specified must have been granted read permissions to CRP

type KeyvaultSecretRef

type KeyvaultSecretRef struct {
	VaultID       string `json:"vaultID" validate:"required"`
	SecretName    string `json:"secretName" validate:"required"`
	SecretVersion string `json:"version,omitempty"`
}

KeyvaultSecretRef is a reference to a secret in a keyvault. The format of 'VaultID' value should be "/subscriptions/<SUB_ID>/resourceGroups/<RG_NAME>/providers/Microsoft.KeyVault/vaults/<KV_NAME>" where: SUB_ID is the subscription ID of the keyvault RG_NAME is the resource group of the keyvault KV_NAME is the name of the keyvault The 'SecretName' is the name of the secret in the keyvault The 'SecretVersion' (optional) is the version of the secret (default: the latest version)

type KubeProxyMode

type KubeProxyMode string

KubeProxyMode is for iptables and ipvs (and future others)

const (
	KubeProxyModeIPTables KubeProxyMode = "iptables"
	KubeProxyModeIPVS     KubeProxyMode = "ipvs"
)

We currently support ipvs and iptables

type KubernetesAddon

type KubernetesAddon struct {
	Name       string                    `json:"name,omitempty"`
	Enabled    *bool                     `json:"enabled,omitempty"`
	Mode       string                    `json:"mode,omitempty"`
	Containers []KubernetesContainerSpec `json:"containers,omitempty"`
	Config     map[string]string         `json:"config,omitempty"`
	Pools      []AddonNodePoolsConfig    `json:"pools,omitempty"`
	Data       string                    `json:"data,omitempty"`
}

KubernetesAddon defines a list of addons w/ configuration to include with the cluster deployment

func (*KubernetesAddon) IsEnabled

func (a *KubernetesAddon) IsEnabled() bool

IsEnabled returns true if the addon is enabled

type KubernetesComponent

type KubernetesComponent struct {
	Name       string                    `json:"name,omitempty"`
	Enabled    *bool                     `json:"enabled,omitempty"`
	Containers []KubernetesContainerSpec `json:"containers,omitempty"`
	Config     map[string]string         `json:"config,omitempty"`
	Data       string                    `json:"data,omitempty"`
}

KubernetesComponent defines a component w/ configuration to include with the cluster deployment

type KubernetesConfig

type KubernetesConfig struct {
	KubernetesImageBase                 string                `json:"kubernetesImageBase,omitempty"`
	KubernetesImageBaseType             string                `json:"kubernetesImageBaseType,omitempty"`
	MCRKubernetesImageBase              string                `json:"mcrKubernetesImageBase,omitempty"`
	ClusterSubnet                       string                `json:"clusterSubnet,omitempty"`
	DNSServiceIP                        string                `json:"dnsServiceIP,omitempty"`
	ServiceCidr                         string                `json:"serviceCidr,omitempty"`
	NetworkPolicy                       string                `json:"networkPolicy,omitempty"`
	NetworkPlugin                       string                `json:"networkPlugin,omitempty"`
	NetworkMode                         string                `json:"networkMode,omitempty"`
	ContainerRuntime                    string                `json:"containerRuntime,omitempty"`
	MaxPods                             int                   `json:"maxPods,omitempty"`
	DockerBridgeSubnet                  string                `json:"dockerBridgeSubnet,omitempty"`
	UseManagedIdentity                  *bool                 `json:"useManagedIdentity,omitempty"`
	UserAssignedID                      string                `json:"userAssignedID,omitempty"`
	UserAssignedClientID                string                `json:"userAssignedClientID,omitempty"` //Note: cannot be provided in config. Used *only* for transferring this to azure.json.
	CustomHyperkubeImage                string                `json:"customHyperkubeImage,omitempty"`
	CustomKubeAPIServerImage            string                `json:"customKubeAPIServerImage,omitempty"`
	CustomKubeControllerManagerImage    string                `json:"customKubeControllerManagerImage,omitempty"`
	CustomKubeProxyImage                string                `json:"customKubeProxyImage,omitempty"`
	CustomKubeSchedulerImage            string                `json:"customKubeSchedulerImage,omitempty"`
	CustomKubeBinaryURL                 string                `json:"customKubeBinaryURL,omitempty"`
	DockerEngineVersion                 string                `json:"dockerEngineVersion,omitempty"` // Deprecated
	MobyVersion                         string                `json:"mobyVersion,omitempty"`
	LinuxMobyURL                        string                `json:"linuxMobyURL,omitempty"`
	LinuxRuncURL                        string                `json:"linuxRuncURL,omitempty"`
	ContainerdVersion                   string                `json:"containerdVersion,omitempty"`
	LinuxContainerdURL                  string                `json:"linuxContainerdURL,omitempty"`
	CustomCcmImage                      string                `json:"customCcmImage,omitempty"`
	UseCloudControllerManager           *bool                 `json:"useCloudControllerManager,omitempty"`
	CustomWindowsPackageURL             string                `json:"customWindowsPackageURL,omitempty"`
	WindowsNodeBinariesURL              string                `json:"windowsNodeBinariesURL,omitempty"`
	WindowsContainerdURL                string                `json:"windowsContainerdURL,omitempty"`
	WindowsSdnPluginURL                 string                `json:"windowsSdnPluginURL,omitempty"`
	UseInstanceMetadata                 *bool                 `json:"useInstanceMetadata,omitempty"`
	EnableRbac                          *bool                 `json:"enableRbac,omitempty"`
	EnableSecureKubelet                 *bool                 `json:"enableSecureKubelet,omitempty"`
	EnableAggregatedAPIs                bool                  `json:"enableAggregatedAPIs,omitempty"`
	PrivateCluster                      *PrivateCluster       `json:"privateCluster,omitempty"`
	GCHighThreshold                     int                   `json:"gchighthreshold,omitempty"`
	GCLowThreshold                      int                   `json:"gclowthreshold,omitempty"`
	EtcdVersion                         string                `json:"etcdVersion,omitempty"`
	EtcdDiskSizeGB                      string                `json:"etcdDiskSizeGB,omitempty"`
	EtcdStorageLimitGB                  int                   `json:"etcdStorageLimitGB,omitempty"`
	EtcdEncryptionKey                   string                `json:"etcdEncryptionKey,omitempty"`
	EnableDataEncryptionAtRest          *bool                 `json:"enableDataEncryptionAtRest,omitempty"`
	EnableEncryptionWithExternalKms     *bool                 `json:"enableEncryptionWithExternalKms,omitempty"`
	EnablePodSecurityPolicy             *bool                 `json:"enablePodSecurityPolicy,omitempty"`
	Addons                              []KubernetesAddon     `json:"addons,omitempty"`
	Components                          []KubernetesComponent `json:"components,omitempty"`
	ContainerRuntimeConfig              map[string]string     `json:"containerRuntimeConfig,omitempty"`
	KubeletConfig                       map[string]string     `json:"kubeletConfig,omitempty"`
	ControllerManagerConfig             map[string]string     `json:"controllerManagerConfig,omitempty"`
	CloudControllerManagerConfig        map[string]string     `json:"cloudControllerManagerConfig,omitempty"`
	APIServerConfig                     map[string]string     `json:"apiServerConfig,omitempty"`
	SchedulerConfig                     map[string]string     `json:"schedulerConfig,omitempty"`
	PodSecurityPolicyConfig             map[string]string     `json:"podSecurityPolicyConfig,omitempty"` // Deprecated
	KubeReservedCgroup                  string                `json:"kubeReservedCgroup,omitempty"`
	CloudProviderBackoffMode            string                `json:"cloudProviderBackoffMode"`
	CloudProviderBackoff                *bool                 `json:"cloudProviderBackoff,omitempty"`
	CloudProviderBackoffRetries         int                   `json:"cloudProviderBackoffRetries,omitempty"`
	CloudProviderBackoffJitter          float64               `json:"cloudProviderBackoffJitter,omitempty"`
	CloudProviderBackoffDuration        int                   `json:"cloudProviderBackoffDuration,omitempty"`
	CloudProviderBackoffExponent        float64               `json:"cloudProviderBackoffExponent,omitempty"`
	CloudProviderRateLimit              *bool                 `json:"cloudProviderRateLimit,omitempty"`
	CloudProviderRateLimitQPS           float64               `json:"cloudProviderRateLimitQPS,omitempty"`
	CloudProviderRateLimitQPSWrite      float64               `json:"cloudProviderRateLimitQPSWrite,omitempty"`
	CloudProviderRateLimitBucket        int                   `json:"cloudProviderRateLimitBucket,omitempty"`
	CloudProviderRateLimitBucketWrite   int                   `json:"cloudProviderRateLimitBucketWrite,omitempty"`
	CloudProviderDisableOutboundSNAT    *bool                 `json:"cloudProviderDisableOutboundSNAT,omitempty"`
	LoadBalancerSku                     string                `json:"loadBalancerSku,omitempty"`
	ExcludeMasterFromStandardLB         *bool                 `json:"excludeMasterFromStandardLB,omitempty"`
	LoadBalancerOutboundIPs             *int                  `json:"loadBalancerOutboundIPs,omitempty"`
	AzureCNIVersion                     string                `json:"azureCNIVersion,omitempty"`
	AzureCNIURLLinux                    string                `json:"azureCNIURLLinux,omitempty"`
	AzureCNIURLWindows                  string                `json:"azureCNIURLWindows,omitempty"`
	KeyVaultSku                         string                `json:"keyVaultSku,omitempty"`
	MaximumLoadBalancerRuleCount        int                   `json:"maximumLoadBalancerRuleCount,omitempty"`
	ProxyMode                           KubeProxyMode         `json:"kubeProxyMode,omitempty"`
	PrivateAzureRegistryServer          string                `json:"privateAzureRegistryServer,omitempty"`
	OutboundRuleIdleTimeoutInMinutes    int32                 `json:"outboundRuleIdleTimeoutInMinutes,omitempty"`
	MicrosoftAptRepositoryURL           string                `json:"microsoftAptRepositoryURL,omitempty"`
	EnableMultipleStandardLoadBalancers *bool                 `json:"enableMultipleStandardLoadBalancers,omitempty"`
	Tags                                string                `json:"tags,omitempty"`
}

KubernetesConfig contains the Kubernetes config structure, containing Kubernetes specific configuration

Example (ValidateNetworkPlugin)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(true)

cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.NetworkPlugin = NetworkPluginKubenet
if err := cs.Properties.OrchestratorProfile.KubernetesConfig.validateNetworkPlugin(true, false); err != nil {
	fmt.Printf("error in ValidateNetworkPlugin: %s", err)
}
Output:

level=warning msg="Windows + Kubenet is for development and testing only, not recommended for production"

func (*KubernetesConfig) GetAddonByName

func (k *KubernetesConfig) GetAddonByName(addonName string) KubernetesAddon

GetAddonByName returns the KubernetesAddon instance with name `addonName`

func (*KubernetesConfig) IsAddonEnabled

func (k *KubernetesConfig) IsAddonEnabled(addonName string) bool

IsAddonEnabled checks whether a k8s addon with name "addonName" is enabled or not based on the Enabled field of KubernetesAddon. If the value of Enabled is nil, the "defaultValue" is returned.

func (*KubernetesConfig) IsRBACEnabled

func (k *KubernetesConfig) IsRBACEnabled() bool

IsRBACEnabled checks if RBAC is enabled

func (*KubernetesConfig) RequiresDocker

func (k *KubernetesConfig) RequiresDocker() bool

RequiresDocker returns if the kubernetes settings require docker binary to be installed.

func (*KubernetesConfig) Validate

func (k *KubernetesConfig) Validate(k8sVersion string, hasWindows, ipv6DualStackEnabled, isIPv6, isUpdate bool) error

Validate validates the KubernetesConfig

type KubernetesContainerSpec

type KubernetesContainerSpec struct {
	Name           string `json:"name,omitempty"`
	Image          string `json:"image,omitempty"`
	CPURequests    string `json:"cpuRequests,omitempty"`
	MemoryRequests string `json:"memoryRequests,omitempty"`
	CPULimits      string `json:"cpuLimits,omitempty"`
	MemoryLimits   string `json:"memoryLimits,omitempty"`
}

KubernetesContainerSpec defines configuration for a container spec

type KubernetesSpecConfig

type KubernetesSpecConfig struct {
	AzureTelemetryPID                    string `json:"azureTelemetryPID,omitempty"`
	KubernetesImageBase                  string `json:"kubernetesImageBase,omitempty"`
	MCRKubernetesImageBase               string `json:"mcrKubernetesImageBase,omitempty"`
	TillerImageBase                      string `json:"tillerImageBase,omitempty"`
	ACIConnectorImageBase                string `json:"aciConnectorImageBase,omitempty"` // Deprecated
	NVIDIAImageBase                      string `json:"nvidiaImageBase,omitempty"`
	AzureCNIImageBase                    string `json:"azureCNIImageBase,omitempty"`
	CalicoImageBase                      string `json:"calicoImageBase,omitempty"`
	EtcdDownloadURLBase                  string `json:"etcdDownloadURLBase,omitempty"`
	KubeBinariesSASURLBase               string `json:"kubeBinariesSASURLBase,omitempty"`
	WindowsTelemetryGUID                 string `json:"windowsTelemetryGUID,omitempty"`
	CNIPluginsDownloadURL                string `json:"cniPluginsDownloadURL,omitempty"`
	VnetCNILinuxPluginsDownloadURL       string `json:"vnetCNILinuxPluginsDownloadURL,omitempty"`
	VnetCNIWindowsPluginsDownloadURL     string `json:"vnetCNIWindowsPluginsDownloadURL,omitempty"`
	ContainerdDownloadURLBase            string `json:"containerdDownloadURLBase,omitempty"`
	CSIProxyDownloadURL                  string `json:"csiProxyDownloadURL,omitempty"`
	WindowsProvisioningScriptsPackageURL string `json:"windowsProvisioningScriptsPackageURL,omitempty"`
	WindowsPauseImageURL                 string `json:"windowsPauseImageURL,omitempty"`
	AlwaysPullWindowsPauseImage          bool   `json:"alwaysPullWindowsPauseImage,omitempty"`
}

KubernetesSpecConfig is the kubernetes container images used.

type LinuxProfile

type LinuxProfile struct {
	AdminUsername string `json:"adminUsername" validate:"required"`
	SSH           struct {
		PublicKeys []PublicKey `json:"publicKeys" validate:"required,min=1"`
	} `json:"ssh" validate:"required"`
	Secrets                          []KeyVaultSecrets   `json:"secrets,omitempty"`
	ScriptRootURL                    string              `json:"scriptroot,omitempty"`
	CustomSearchDomain               *CustomSearchDomain `json:"customSearchDomain,omitempty"`
	CustomNodesDNS                   *CustomNodesDNS     `json:"customNodesDNS,omitempty"`
	RunUnattendedUpgradesOnBootstrap *bool               `json:"runUnattendedUpgradesOnBootstrap,omitempty"`
	EnableUnattendedUpgrades         *bool               `json:"enableUnattendedUpgrades,omitempty"`
	Eth0MTU                          int                 `json:"eth0MTU,omitempty"`
}

LinuxProfile represents the linux parameters passed to the cluster

func (*LinuxProfile) HasCustomNodesDNS

func (l *LinuxProfile) HasCustomNodesDNS() bool

HasCustomNodesDNS returns true if the customer specified secrets to install

func (*LinuxProfile) HasSearchDomain

func (l *LinuxProfile) HasSearchDomain() bool

HasSearchDomain returns true if the customer specified secrets to install

type MasterProfile

type MasterProfile struct {
	Count                     int               `json:"count" validate:"required,eq=1|eq=3|eq=5"`
	DNSPrefix                 string            `json:"dnsPrefix" validate:"required"`
	SubjectAltNames           []string          `json:"subjectAltNames"`
	VMSize                    string            `json:"vmSize" validate:"required"`
	OSDiskSizeGB              int               `json:"osDiskSizeGB,omitempty" validate:"min=0,max=2048"`
	VnetSubnetID              string            `json:"vnetSubnetID,omitempty"`
	VnetCidr                  string            `json:"vnetCidr,omitempty"`
	AgentVnetSubnetID         string            `json:"agentVnetSubnetID,omitempty"`
	FirstConsecutiveStaticIP  string            `json:"firstConsecutiveStaticIP,omitempty"`
	IPAddressCount            int               `json:"ipAddressCount,omitempty" validate:"min=0,max=256"`
	StorageProfile            string            `json:"storageProfile,omitempty" validate:"eq=StorageAccount|eq=ManagedDisks|len=0"`
	HTTPSourceAddressPrefix   string            `json:"HTTPSourceAddressPrefix,omitempty"`
	OAuthEnabled              bool              `json:"oauthEnabled"`
	PreProvisionExtension     *Extension        `json:"preProvisionExtension"`
	Extensions                []Extension       `json:"extensions"`
	Distro                    Distro            `json:"distro,omitempty"`
	KubernetesConfig          *KubernetesConfig `json:"kubernetesConfig,omitempty"`
	ImageRef                  *ImageReference   `json:"imageReference,omitempty"`
	CustomFiles               *[]CustomFile     `json:"customFiles,omitempty"`
	AvailabilityProfile       string            `json:"availabilityProfile"`
	AgentSubnet               string            `json:"agentSubnet,omitempty"`
	AvailabilityZones         []string          `json:"availabilityZones,omitempty"`
	SinglePlacementGroup      *bool             `json:"singlePlacementGroup,omitempty"`
	PlatformFaultDomainCount  *int              `json:"platformFaultDomainCount,omitempty"`
	PlatformUpdateDomainCount *int              `json:"platformUpdateDomainCount"`
	AuditDEnabled             *bool             `json:"auditDEnabled,omitempty"`
	CustomVMTags              map[string]string `json:"customVMTags,omitempty"`
	SysctlDConfig             map[string]string `json:"sysctldConfig,omitempty"`
	UltraSSDEnabled           *bool             `json:"ultraSSDEnabled,omitempty"`
	EncryptionAtHost          *bool             `json:"encryptionAtHost,omitempty"`

	// Master LB public endpoint/FQDN with port
	// The format will be FQDN:2376
	// Not used during PUT, returned as part of GET
	FQDN string `json:"fqdn,omitempty"`

	// True: uses cosmos etcd endpoint instead of installing etcd on masters
	CosmosEtcd                *bool  `json:"cosmosEtcd,omitempty"`
	ProximityPlacementGroupID string `json:"proximityPlacementGroupID,omitempty"`
	OSDiskCachingType         string `json:"osDiskCachingType,omitempty"`
	// contains filtered or unexported fields
}

MasterProfile represents the definition of the master cluster

func (*MasterProfile) GetSubnet

func (m *MasterProfile) GetSubnet() string

GetSubnet returns the read-only subnet for the master

func (*MasterProfile) GetSubnetIPv6

func (m *MasterProfile) GetSubnetIPv6() string

GetSubnetIPv6 returns the read-only ipv6 subnet for the master

func (*MasterProfile) HasAvailabilityZones

func (m *MasterProfile) HasAvailabilityZones() bool

HasAvailabilityZones returns true if the master profile has availability zones

func (*MasterProfile) IsCustomVNET

func (m *MasterProfile) IsCustomVNET() bool

IsCustomVNET returns true if the customer brought their own VNET

func (*MasterProfile) IsManagedDisks

func (m *MasterProfile) IsManagedDisks() bool

IsManagedDisks returns true if the master specified managed disks

func (*MasterProfile) IsStorageAccount

func (m *MasterProfile) IsStorageAccount() bool

IsStorageAccount returns true if the master specified storage account

func (*MasterProfile) IsUbuntu

func (m *MasterProfile) IsUbuntu() bool

IsUbuntu returns true if the master profile distro is any ubuntu distro

func (*MasterProfile) IsUbuntu1604

func (m *MasterProfile) IsUbuntu1604() bool

IsUbuntu1604 returns true if the master profile distro is based on Ubuntu 16.04

func (*MasterProfile) IsUbuntu1804

func (m *MasterProfile) IsUbuntu1804() bool

IsUbuntu1804 returns true if the master profile distro is based on Ubuntu 18.04

func (*MasterProfile) IsUbuntu2004

func (m *MasterProfile) IsUbuntu2004() bool

IsUbuntu2004 returns true if the agent pool profile distro is based on Ubuntu 16.04

func (*MasterProfile) IsVirtualMachineScaleSets

func (m *MasterProfile) IsVirtualMachineScaleSets() bool

IsVirtualMachineScaleSets returns true if the master availability profile is VMSS

func (*MasterProfile) SetSubnet

func (m *MasterProfile) SetSubnet(subnet string)

SetSubnet sets the read-only subnet for the master

func (*MasterProfile) SetSubnetIPv6

func (m *MasterProfile) SetSubnetIPv6(subnetIPv6 string)

SetSubnetIPv6 sets the read-only ipv6 subnet for the master

type OSType

type OSType string

OSType represents OS types of agents

const (
	Windows OSType = "Windows"
	Linux   OSType = "Linux"
)

the OSTypes supported by vlabs

type OrchestratorProfile

type OrchestratorProfile struct {
	// OrchestratorType is a legacy property, this should always be set to "Kubernetes"
	OrchestratorType    string            `json:"orchestratorType"`
	OrchestratorRelease string            `json:"orchestratorRelease,omitempty"`
	OrchestratorVersion string            `json:"orchestratorVersion,omitempty"`
	KubernetesConfig    *KubernetesConfig `json:"kubernetesConfig,omitempty"`
}

OrchestratorProfile contains Orchestrator properties

func (*OrchestratorProfile) UnmarshalJSON

func (o *OrchestratorProfile) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshal json using the default behavior And do fields manipulation, such as populating default value

type OrchestratorVersionProfile

type OrchestratorVersionProfile struct {
	OrchestratorProfile
	Default  bool                   `json:"default,omitempty"`
	Upgrades []*OrchestratorProfile `json:"upgrades,omitempty"`
}

OrchestratorVersionProfile contains information of a supported orchestrator version: - orchestrator type and version - whether this orchestrator version is deployed by default if orchestrator release is not specified - list of available upgrades for this orchestrator version

type OrchestratorVersionProfileList

type OrchestratorVersionProfileList struct {
	Orchestrators []*OrchestratorVersionProfile `json:"orchestrators"`
}

OrchestratorVersionProfileList contains list of version profiles for supported orchestrators

type PoolUpgradeProfile

type PoolUpgradeProfile struct {
	OrchestratorProfile
	Name     string                 `json:"name,omitempty"`
	OSType   OSType                 `json:"osType,omitempty"`
	Upgrades []*OrchestratorProfile `json:"upgrades,omitempty"`
}

PoolUpgradeProfile contains pool properties: - orchestrator type and version - pool name (for agent pool) - OS type of the VMs in the pool - list of applicable upgrades

type PrivateCluster

type PrivateCluster struct {
	Enabled                *bool                  `json:"enabled,omitempty"`
	EnableHostsConfigAgent *bool                  `json:"enableHostsConfigAgent,omitempty"`
	JumpboxProfile         *PrivateJumpboxProfile `json:"jumpboxProfile,omitempty"`
}

PrivateCluster defines the configuration for a private cluster

type PrivateJumpboxProfile

type PrivateJumpboxProfile struct {
	Name           string `json:"name" validate:"required"`
	VMSize         string `json:"vmSize" validate:"required"`
	OSDiskSizeGB   int    `json:"osDiskSizeGB,omitempty" validate:"min=0,max=2048"`
	Username       string `json:"username,omitempty"`
	PublicKey      string `json:"publicKey" validate:"required"`
	StorageProfile string `json:"storageProfile,omitempty"`
}

PrivateJumpboxProfile represents a jumpbox definition

type Properties

type Properties struct {
	ProvisioningState       ProvisioningState        `json:"provisioningState,omitempty"`
	OrchestratorProfile     *OrchestratorProfile     `json:"orchestratorProfile,omitempty"`
	MasterProfile           *MasterProfile           `json:"masterProfile,omitempty" validate:"required"`
	AgentPoolProfiles       []*AgentPoolProfile      `json:"agentPoolProfiles,omitempty" validate:"dive,required"`
	LinuxProfile            *LinuxProfile            `json:"linuxProfile,omitempty" validate:"required"`
	ExtensionProfiles       []*ExtensionProfile      `json:"extensionProfiles,omitempty"`
	WindowsProfile          *WindowsProfile          `json:"windowsProfile,omitempty"`
	ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
	CertificateProfile      *CertificateProfile      `json:"certificateProfile,omitempty"`
	AADProfile              *AADProfile              `json:"aadProfile,omitempty"`
	FeatureFlags            *FeatureFlags            `json:"featureFlags,omitempty"`
	CustomCloudProfile      *CustomCloudProfile      `json:"customCloudProfile,omitempty"`
	TelemetryProfile        *TelemetryProfile        `json:"telemetryProfile,omitempty"`
}

Properties represents the AKS cluster definition

Example (ValidateAddons)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(true)

cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.Addons = []KubernetesAddon{
	{Name: common.ReschedulerAddonName,
		Enabled: to.BoolPtr(true)},
}
if err := cs.Properties.validateAddons(true); err == nil {
	fmt.Printf("error in validateAddons: %s", err)
}

cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.Addons = []KubernetesAddon{
	{Name: common.ContainerMonitoringAddonName,
		Enabled: to.BoolPtr(true)},
}
if err := cs.Properties.validateAddons(true); err == nil {
	fmt.Printf("error in validateAddons: %s", err)
}

cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.Addons = []KubernetesAddon{
	{Name: common.DashboardAddonName,
		Enabled: to.BoolPtr(true)},
}
if err := cs.Properties.validateAddons(true); err != nil {
	fmt.Printf("error in validateAddons: %s", err)
}

cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.Addons = []KubernetesAddon{
	{Name: common.AzureCNINetworkMonitorAddonName,
		Enabled: to.BoolPtr(true)},
}
if err := cs.Properties.validateAddons(true); err != nil {
	fmt.Printf("error in validateAddons: %s", err)
}

cs.Properties.OrchestratorProfile.OrchestratorVersion = common.PodSecurityPolicyRemovedVersion
cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{}
cs.Properties.OrchestratorProfile.KubernetesConfig.Addons = []KubernetesAddon{
	{Name: common.PodSecurityPolicyAddonName, Enabled: to.BoolPtr(true)},
}
if err := cs.Properties.validateAddons(true); err != nil {
	fmt.Printf("error in validateAddons: %s", err)
}
Output:

level=warning msg="The rescheduler addon has been deprecated and disabled, it will be removed during this update"
level=warning msg="The container monitoring addon has been deprecated and disabled, it will be removed during this update"
level=warning msg="The kube-dashboard addon is deprecated, we recommend you install the dashboard yourself, see https://github.com/kubernetes/dashboard"
level=warning msg="The Azure CNI networkmonitor addon has been deprecated, it will be marked as disabled"
level=warning msg="The PodSecurityPolicy admission was removed in Kubernetes v1.25+. The pod security standards will be enforced by the built-in PodSecurity admission controller instead. See https://github.com/Azure/aks-engine-azurestack/blob/master/docs/topics/pod-security.md"
Example (ValidateLinuxProfile)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
p := Properties{
	LinuxProfile: &LinuxProfile{},
}

if err := p.validateLinuxProfile(); err != nil {
	fmt.Printf("error in validateLinuxProfile: %s", err)
}
Output:

level=warning msg="linuxProfile.enableUnattendedUpgrades configuration was not declared, your cluster nodes will be configured to run unattended-upgrade by default"
Example (ValidateLocation)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(true)
cs.Location = ""
if err := cs.validateLocation(); err != nil {
	fmt.Printf("error in validateLocation: %s", err)
}
Output:

level=warning msg="No \"location\" value was specified, AKS Engine will generate an ARM template configuration valid for regions in public cloud only"
Example (ValidateMasterProfile)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(false)
cs.Properties.MasterProfile.Count = 1
cs.Properties.MasterProfile.AvailabilityProfile = VirtualMachineScaleSets
cs.Properties.AgentPoolProfiles[0].AvailabilityProfile = VirtualMachineScaleSets
if err := cs.Properties.validateMasterProfile(false); err != nil {
	log.Errorf("shouldn't error with 1 control plane VM, got %s", err.Error())
}

cs = getK8sDefaultContainerService(false)
cs.Properties.MasterProfile.Count = 1
if err := cs.Properties.validateMasterProfile(true); err != nil {
	log.Errorf("shouldn't error with 1 control plane VM, got %s", err.Error())
}
Output:

level=warning msg="Running only 1 control plane VM not recommended for production clusters, use 3 or 5 for control plane redundancy"
level=warning msg="Clusters with a VMSS control plane are not upgradable! You will not be able to upgrade your cluster using `aks-engine-azurestack upgrade`"
Example (ValidateOrchestratorProfile)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(true)
cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{
	EtcdStorageLimitGB: 9,
}
if err := cs.Properties.ValidateOrchestratorProfile(false); err != nil {
	log.Error(err)
}

cs = getK8sDefaultContainerService(true)
cs.Properties.OrchestratorProfile.KubernetesConfig = &KubernetesConfig{
	EnableEncryptionWithExternalKms: to.BoolPtr(true),
	UseManagedIdentity:              to.BoolPtr(true),
}
if err := cs.Properties.ValidateOrchestratorProfile(false); err != nil {
	log.Error(err)
}
Output:

level=warning msg="EtcdStorageLimitGB of 9 is larger than the recommended maximum of 8"
level=warning msg="Clusters with enableEncryptionWithExternalKms=true and system-assigned identity are not upgradable! You will not be able to upgrade your cluster using `aks-engine-azurestack upgrade`"
Example (ValidateZones)
log.SetOutput(os.Stdout)
log.SetFormatter(&log.TextFormatter{
	DisableColors:    true,
	DisableTimestamp: true,
})
cs := getK8sDefaultContainerService(true)

// Master VMs have Availability Zone configuration, but pool does not
cs.Properties.MasterProfile = &MasterProfile{
	Count:               5,
	DNSPrefix:           "foo",
	VMSize:              "Standard_DS2_v2",
	AvailabilityProfile: VirtualMachineScaleSets,
	AvailabilityZones:   []string{"1", "2"},
}
cs.Properties.AgentPoolProfiles = []*AgentPoolProfile{
	{
		Name:                "agentpool",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
	},
}
if err := cs.Properties.validateZones(); err != nil {
	log.Error(err)
}
// Should yield:
// level=warning msg="This cluster is using Availability Zones for master VMs, but not for pool \"agentpool\""

// Pool has Availability Zone configuration, but Master VMs do not
cs.Properties.MasterProfile = &MasterProfile{
	Count:               5,
	DNSPrefix:           "foo",
	VMSize:              "Standard_DS2_v2",
	AvailabilityProfile: VirtualMachineScaleSets,
}
cs.Properties.AgentPoolProfiles = []*AgentPoolProfile{
	{
		Name:                "anotherpool",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
		AvailabilityZones:   []string{"1", "2"},
	},
}
if err := cs.Properties.validateZones(); err != nil {
	log.Error(err)
}
// Should yield:
// level=warning msg="This cluster is using Availability Zones for pool \"anotherpool\", but not for master VMs"

// Some pools have Availability Zone configuration, Master VMs do not
cs.Properties.AgentPoolProfiles = []*AgentPoolProfile{
	{
		Name:                "anotherpool",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
	},
	{
		Name:                "anotherpool2",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
		AvailabilityZones:   []string{"1", "2"},
	},
	{
		Name:                "anotherpool3",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
	},
	{
		Name:                "anotherpool4",
		VMSize:              "Standard_DS2_v2",
		Count:               4,
		AvailabilityProfile: AvailabilitySet,
		AvailabilityZones:   []string{"1", "2"},
	},
}
if err := cs.Properties.validateZones(); err != nil {
	log.Error(err)
}
// Should yield:
// level=warning msg="This cluster is using Availability Zones for pools \"anotherpool2\" and \"anotherpool4\", but not for pools \"anotherpool\" and \"anotherpool3\", nor for master VMs"

// Master VMs and some (but not all) pools have Availability Zone configuration
cs.Properties.MasterProfile = &MasterProfile{
	Count:               5,
	DNSPrefix:           "foo",
	VMSize:              "Standard_DS2_v2",
	AvailabilityProfile: VirtualMachineScaleSets,
	AvailabilityZones:   []string{"1", "2"},
}
if err := cs.Properties.validateZones(); err != nil {
	log.Error(err)
}
// Should yield:
// level=warning msg="This cluster is using Availability Zones for master VMs, but not for pools \"anotherpool\" and \"anotherpool3\""
// The ordered collection of all output is validated below:
Output:

level=warning msg="This cluster is using Availability Zones for master VMs, but not for pool \"agentpool\""
level=warning msg="This cluster is using Availability Zones for pool \"anotherpool\", but not for master VMs"
level=warning msg="This cluster is using Availability Zones for pools \"anotherpool2\" and \"anotherpool4\", but not for pools \"anotherpool\" and \"anotherpool3\", nor for master VMs"
level=warning msg="This cluster is using Availability Zones for master VMs, but not for pools \"anotherpool\" and \"anotherpool3\""

func (*Properties) GetAADAdminGroupID

func (p *Properties) GetAADAdminGroupID() string

GetAADAdminGroupID returns AADProfile.AdminGroupID, or "" if no AADProfile

func (*Properties) GetAgentPoolByName

func (p *Properties) GetAgentPoolByName(name string) *AgentPoolProfile

GetAgentPoolByName returns the pool in the AgentPoolProfiles array that matches a name, nil if no match

func (*Properties) GetCustomCloudRootCertificates

func (p *Properties) GetCustomCloudRootCertificates() string

GetCustomCloudRootCertificates returns comma-separated list of base64-encoded custom root certificates

func (*Properties) GetCustomCloudSourcesList

func (p *Properties) GetCustomCloudSourcesList() string

GetCustomCloudSourcesList returns a base64-encoded custom sources.list file

func (*Properties) HasAADAdminGroupID

func (p *Properties) HasAADAdminGroupID() bool

HasAADAdminGroupID returns true if the cluster has an AADProfile w/ a valid AdminGroupID

func (*Properties) HasAvailabilityZones

func (p *Properties) HasAvailabilityZones() bool

HasAvailabilityZones returns true if the cluster contains any profile with zones

func (*Properties) HasFlatcar

func (p *Properties) HasFlatcar() bool

HasFlatcar returns true if the cluster contains Flatcar nodes

func (*Properties) HasWindows

func (p *Properties) HasWindows() bool

HasWindows returns true if the cluster contains windows

func (*Properties) HasZonesForAllAgentPools

func (p *Properties) HasZonesForAllAgentPools() bool

HasZonesForAllAgentPools returns true if all of the agent pools have zones

func (*Properties) IsAzureStackCloud

func (p *Properties) IsAzureStackCloud() bool

IsAzureStackCloud return true if the cloud is AzureStack

func (*Properties) IsClusterAllVirtualMachineScaleSets

func (p *Properties) IsClusterAllVirtualMachineScaleSets() bool

IsClusterAllVirtualMachineScaleSets returns true if the cluster contains only Virtual Machine Scale Sets

func (*Properties) IsCustomCloudProfile

func (p *Properties) IsCustomCloudProfile() bool

IsCustomCloudProfile return true if user has provided a custom cloud profile

func (*Properties) MastersAndAgentsUseAvailabilityZones

func (p *Properties) MastersAndAgentsUseAvailabilityZones() bool

MastersAndAgentsUseAvailabilityZones returns true if the cluster contains AZs for all agents and masters profiles

func (*Properties) ShouldEnableAzureCloudAddon

func (p *Properties) ShouldEnableAzureCloudAddon(addonName string) bool

ShouldEnableAzureCloudAddon determines whether or not we should enable the following addons: 1. cloud-node-manager, 2. azuredisk-csi-driver, 3. azurefile-csi-driver. For Linux clusters, we should enable CSI Drivers when using K8s 1.13+ and cloud-node-manager when using K8s 1.16+. For Windows clusters, we should enable them when using K8s 1.18+.

func (*Properties) ValidateOrchestratorProfile

func (a *Properties) ValidateOrchestratorProfile(isUpdate bool) error

ValidateOrchestratorProfile validates the orchestrator profile and the addons dependent on the version of the orchestrator

type ProvisioningState

type ProvisioningState string

ProvisioningState represents the current state of container service resource.

const (
	// Creating means ContainerService resource is being created.
	Creating ProvisioningState = "Creating"
	// Updating means an existing ContainerService resource is being updated
	Updating ProvisioningState = "Updating"
	// Failed means resource is in failed state
	Failed ProvisioningState = "Failed"
	// Succeeded means resource created succeeded during last create/update
	Succeeded ProvisioningState = "Succeeded"
	// Deleting means resource is in the process of being deleted
	Deleting ProvisioningState = "Deleting"
	// Migrating means resource is being migrated from one subscription or
	// resource group to another
	Migrating ProvisioningState = "Migrating"
)

type PublicKey

type PublicKey struct {
	KeyData string `json:"keyData"`
}

PublicKey represents an SSH key for LinuxProfile

type ResourceIdentifier added in v0.81.0

type ResourceIdentifier struct {
	Graph               string `json:"graph"`
	KeyVault            string `json:"keyVault"`
	Datalake            string `json:"datalake"`
	Batch               string `json:"batch"`
	OperationalInsights string `json:"operationalInsights"`
	Storage             string `json:"storage"`
	Synapse             string `json:"synapse"`
	ServiceBus          string `json:"serviceBus"`
}

ResourceIdentifier contains a set of Azure resource IDs.

type ResourcePurchasePlan

type ResourcePurchasePlan struct {
	Name          string `json:"name,omitempty"`
	Product       string `json:"product,omitempty"`
	PromotionCode string `json:"promotionCode,omitempty"`
	Publisher     string `json:"publisher,omitempty"`
}

ResourcePurchasePlan defines resource plan as required by ARM for billing purposes.

type RuntimeHandlers

type RuntimeHandlers struct {
	BuildNumber string `json:"buildNumber,omitempty"`
}

RuntimeHandlers configures the runtime settings in containerd

type ServicePrincipalProfile

type ServicePrincipalProfile struct {
	ClientID          string             `json:"clientId,omitempty"`
	Secret            string             `json:"secret,omitempty"`
	ObjectID          string             `json:"objectId,omitempty"`
	KeyvaultSecretRef *KeyvaultSecretRef `json:"keyvaultSecretRef,omitempty"`
}

ServicePrincipalProfile contains the client and secret used by the cluster for Azure Resource CRUD The 'Secret' and 'KeyvaultSecretRef' parameters are mutually exclusive The 'Secret' parameter should be a secret in plain text. The 'KeyvaultSecretRef' parameter is a reference to a secret in a keyvault.

type TelemetryProfile

type TelemetryProfile struct {
	ApplicationInsightsKey string `json:"applicationInsightsKey,omitempty"`
}

TelemetryProfile contains settings for collecting telemtry. Note telemtry is currently enabled/disabled with the 'EnableTelemetry' feature flag.

type UpgradeProfile

type UpgradeProfile struct {
	ControlPlaneProfile *PoolUpgradeProfile   `json:"controlPlaneProfile"`
	AgentPoolProfiles   []*PoolUpgradeProfile `json:"agentPoolProfiles"`
}

UpgradeProfile contains cluster properties: - orchestrator type and version for the cluster - list of pool profiles, constituting the cluster

type WindowsLicenseType

type WindowsLicenseType string

WindowsLicenseType represents Windows license type

const (
	// WindowsLicenseTypeServer specifies that the image or disk that is being used was licensed server on-premises.
	WindowsLicenseTypeServer WindowsLicenseType = "Windows_Server"
)

type WindowsProfile

type WindowsProfile struct {
	AdminUsername                 string            `json:"adminUsername,omitempty"`
	AdminPassword                 string            `json:"adminPassword,omitempty"`
	CSIProxyURL                   string            `json:"csiProxyURL,omitempty"`
	EnableCSIProxy                *bool             `json:"enableCSIProxy,omitempty"`
	ImageRef                      *ImageReference   `json:"imageReference,omitempty"`
	ImageVersion                  string            `json:"imageVersion,omitempty"`
	ProvisioningScriptsPackageURL string            `json:"provisioningScriptsPackageURL,omitempty"`
	WindowsImageSourceURL         string            `json:"WindowsImageSourceUrl"`
	WindowsPublisher              string            `json:"WindowsPublisher"`
	WindowsOffer                  string            `json:"WindowsOffer"`
	WindowsSku                    string            `json:"WindowsSku"`
	WindowsDockerVersion          string            `json:"windowsDockerVersion"`
	Secrets                       []KeyVaultSecrets `json:"secrets,omitempty"`
	SSHEnabled                    *bool             `json:"sshEnabled,omitempty"`
	EnableAutomaticUpdates        *bool             `json:"enableAutomaticUpdates,omitempty"`
	IsCredentialAutoGenerated     *bool             `json:"isCredentialAutoGenerated,omitempty"`
	EnableAHUB                    *bool             `json:"enableAHUB,omitempty"`
	WindowsPauseImageURL          string            `json:"windowsPauseImageURL"`
	AlwaysPullWindowsPauseImage   *bool             `json:"alwaysPullWindowsPauseImage,omitempty"`
	WindowsRuntimes               *WindowsRuntimes  `json:"windowsRuntimes,omitempty"`
	WindowsSecureTLSEnabled       *bool             `json:"windowsSecureTLSEnabled,omitempty"`
}

WindowsProfile represents the windows parameters passed to the cluster

func (*WindowsProfile) IsCSIProxyEnabled

func (w *WindowsProfile) IsCSIProxyEnabled() bool

IsCSIProxyEnabled returns true if CSI proxy service should be enable for Windows nodes

type WindowsRuntimes

type WindowsRuntimes struct {
	Default        string            `json:"default,omitempty"`
	HypervRuntimes []RuntimeHandlers `json:"hypervRuntimes,omitempty"`
}

WindowsRuntimes configures containerd runtimes that are available on the windows nodes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL