example/50-seed.yaml

# Seed cluster registration manifest into which the control planes of Shoot clusters will be deployed.
---
apiVersion: core.gardener.cloud/v1beta1
kind: Seed
metadata:
  name: my-seed
spec:
  provider:
    type: <provider-name> # e.g., aws, azure, gcp, ...
    region: europe-1
    zones:
    - europe-1a
  # providerConfig:
  #   <some-provider-specific-config-for-the-seed>
# Optional, only needed if controlled by a Gardenlet running outside
# secretRef:
#   name: seed-secret
#   namespace: garden
# Configuration of backup object store provider into which the backups will be stored.
# If you don't want to have backups then don't specify the `.spec.backup` key.
  backup:
    provider: <provider-name> # e.g., aws, azure, gcp, ...
  # providerConfig:
  #   <some-provider-specific-config-for-the-backup-buckets>
    region: europe-1
    secretRef:
      name: backup-secret
      namespace: garden
  dns:
    provider:
      type: aws-route53
      secretRef:
        name: ingress-secret
        namespace: garden
  ingress: 
    domain: ingress.dev.my-seed.example.com
    controller:
      kind: nginx
    # providerConfig:
    #   <some-optional-config-for-the-nginx-ingress-controller>
  networks: # seed and shoot networks must be disjunct
    ipFamilies:
    - IPv4
    nodes: 10.240.0.0/16
    pods: 10.241.128.0/17
    services: 10.241.0.0/17
  # shootDefaults:
  #   pods: 100.96.0.0/11
  #   services: 100.64.0.0/13
    blockCIDRs:
    - 169.254.169.254/32
  settings:
    dependencyWatchdog:
      weeder:
        enabled: true # crashlooping pods will be restarted once their dependants become ready
      prober:
        enabled: true # shoot's kube-controller-managers get scaled down when the kube-apiserver is not reachable via external DNS
  # excessCapacityReservation:
  #  enabled: true # optional: automatically assumed 'true' if not set and `configs` are specified.
  #  configs: # this seed has the following excess-capacity-reservation deployments
  #  - resources:
  #      cpu: "4"
  #      memory: 16Gi
  #    nodeSelector:
  #      worker.gardener.cloud/pool: etcd
  #    tolerations:
  #    - effect: NoExecute
  #      key: pool.worker.gardener.cloud/dedicated-for
  #      operator: Equal
  #      value: etcd
    scheduling:
      visible: true # the gardener-scheduler will consider this seed for shoots
  # loadBalancerServices:
  #   annotations:
  #     foo: bar
  #   externalTrafficPolicy: Local
  #   zones:
  #   - name: europe-1a
  #     annotations:
  #       foo: bar
  #     externalTrafficPolicy: Local
    verticalPodAutoscaler:
      enabled: true # a Gardener-managed VPA deployment is enabled
    topologyAwareRouting:
      enabled: true # certain Services deployed in the seed will be topology-aware
# taints:
# - key: seed.gardener.cloud/protected # only shoots in the `garden` namespace can use this seed
# - key: <some-key>
# volume:
#  minimumSize: 20Gi
#  providers:
#  - purpose: etcd-main
#    name: flexvolume