From 60dfc0d6e6fea01fdc8905d02b69acd6c9316aa8 Mon Sep 17 00:00:00 2001 From: Zhiwei Yin Date: Wed, 6 Nov 2024 14:32:19 +0800 Subject: [PATCH] operator klusterlet (0.15.1) --- .../klusterlet.clusterserviceversion.yaml | 382 +++++++++++ ...pen-cluster-management.io_klusterlets.yaml | 617 ++++++++++++++++++ .../0.15.1/metadata/annotations.yaml | 11 + 3 files changed, 1010 insertions(+) create mode 100644 operators/klusterlet/0.15.1/manifests/klusterlet.clusterserviceversion.yaml create mode 100644 operators/klusterlet/0.15.1/manifests/operator.open-cluster-management.io_klusterlets.yaml create mode 100644 operators/klusterlet/0.15.1/metadata/annotations.yaml diff --git a/operators/klusterlet/0.15.1/manifests/klusterlet.clusterserviceversion.yaml b/operators/klusterlet/0.15.1/manifests/klusterlet.clusterserviceversion.yaml new file mode 100644 index 00000000000..d0061dcae4f --- /dev/null +++ b/operators/klusterlet/0.15.1/manifests/klusterlet.clusterserviceversion.yaml @@ -0,0 +1,382 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "operator.open-cluster-management.io/v1", + "kind": "Klusterlet", + "metadata": { + "name": "klusterlet" + }, + "spec": { + "clusterName": "cluster1", + "deployOption": { + "mode": "Singleton" + }, + "externalServerURLs": [ + { + "url": "https://localhost" + } + ], + "imagePullSpec": "quay.io/open-cluster-management/registration-operator:v0.15.1", + "namespace": "open-cluster-management-agent", + "registrationImagePullSpec": "quay.io/open-cluster-management/registration:v0.15.1", + "workImagePullSpec": "quay.io/open-cluster-management/work:v0.15.1" + } + } + ] + capabilities: Basic Install + categories: Integration & Delivery,OpenShift Optional + certified: "false" + containerImage: quay.io/open-cluster-management/registration-operator:v0.15.1 + createdAt: "2024-11-06T02:42:52Z" + description: Manages the installation and upgrade of the Klusterlet. + operators.operatorframework.io/builder: operator-sdk-v1.32.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/open-cluster-management-io/ocm + support: Open Cluster Management Community + name: klusterlet.v0.15.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Klusterlet defines the configurations of agents running on the + managed cluster + displayName: Klusterlet + kind: Klusterlet + name: klusterlets.operator.open-cluster-management.io + version: v1 + description: | + The Klusterlet provides the registration to the Hub cluster as a managed cluster. This operator supports the installation and upgrade of Klusterlet. + + ## Prerequisites + You need a Hub cluster with ClusterManager installed. + + ## How to Install + * Install Klusterlet operator by following instructions in top right button `Install`. + * Optional: Create an agent namespace used to deploy Klusterlet. The default namespace is `open-cluster-management-agent`. + * Create a secret `bootstrap-hub-kubeconfig` with the kubeconfig file of hub cluster in the agent namespace. + + ``` + $ kubectl create secret generic bootstrap-hub-kubeconfig --from-file=kubeconfig= -n + ``` + + * Create an instance of the Klusterlet resource to install the Klusterlet. + + The pods of Klusterlet are created in agent namespace. + + ``` + $ kubectl get pods -n open-cluster-management-agent + NAME READY STATUS RESTARTS AGE + klusterlet-agent-55c6574876-nfxm9 1/1 Running 0 8m38s + ``` + + There is a ManagedCluster created in the Hub cluster. + + ``` + $ kubectl get managedclusters.cluster.open-cluster-management.io + NAME HUB ACCEPTED MANAGED CLUSTER URLS JOINED AVAILABLE AGE + cluster1 false 27s + ``` + displayName: Klusterlet + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAMAAACahl6sAAABxVBMVEX////z//+JzuYRKUP/9/X/+P9Ipcn39/js///c8PccNE8JHjWFyd3w8vcmN0r3/vKQ0eMIMlHV5/Hz+P4TMlGR1O6Fx+Xr9f+Qyt4vQliBwdr+/e2Yzubq/PX/8O1zgZJDVGgfPFp4x+LS7v/j/v4DKEzg9P7m7fr/5ewTOlvu7e1NYHg8TF5Vn8H/6flmdolCnr1OW22OwtclRGPT5/spWHnf6Pf/5uDAy9odTW/W9f9YZ3rJ6v7H3uvR2uZaqMnA4/tgb4IRQmSHvN+cqrdbi6qGl6+UoKw3ZoT6Bx+1wtOwuckxS2ec0fLi5+7y9erI09+lsb5/jJ7+1dTBCBrrAw6n1OrZ/v5rvNhuocFThKErNVj/2+Xz8OG4y96ktcqOo7pCcI7Y7Op6q8mGlKPQCiW91uqkvNNcs9GZrcXkCy3aBRO02/Lk9ujz5uN7stFAlbdll7VNepjg//GFttBogJvMHjmh2/d2jaX+xM5Sa4jJ1Oyhydtxqcr6hZWuDSLP7t/+s79Nj7D/n6o5gKG6FzLl6uK6MDrdiZbBVGDudIDcSF3W/OzMbnnbZ23LQFKaFyYoaY6jNETltq99MkG1f4X9VWx+gaqSAAAkBElEQVR42tya228SQRTG5+zOZElhWVZYUJD1Eo1bNTVqWjQmfQAbReMtQNQEY0zkBVNMbULDS9E0Db3Y0lj17/Wb3S7Q1oQ+1LDrtyzD8jS/fuecmTmU/WsJwQjvEEVIPoVV4CAJgDECkvCCgCMCkv8AxAPA8B+AEB2EWJhBBEhwQe4YXgkxOoTZEQjvoWYYggyXlPAGl8QgV17isxBLFt5InniLG4t5FlYRSY4r+Twv8ELuXY6FVeSS5COGbTuVgm2zsAoY8ubcWe31ehsFFlaRm++c1+u9dre9t8bCKwFx29labzar7d8srCJigvOcXdku18rlapWN0YzDBROuglWufZBCv1ou16o9Nkacc0akMU8B2p15ZxEjZ6+2G81qd4uN0aJhYLVZjgRuD+Cdb8nIObvd9b2dylgQrDXcyH8nCtgm0wUhihjCqX/r2GPLb25/c3Onwl0MChyIe0rkwraRAGO006822lsF292kBekg5oNccT/oYyO/3yiXm9soXe5emQIGIgACEmhsOd2tAqQP7wASiQQORMYWQE5QTfd3G432mm0gBilQzQqDH0QJOIiN17v93e3VgpEHRLCaFQCBTt55+JqzHSe3/PoKBazrYjBgQFy+TqDvLvmyrA0UrEWRezeQ5MjHO1ioC8kQtP6R8OfD2Ymky4zSNO+wH6RmhQSB2ElbdEIQhCFwIIL8nqmc13iQgx6x1Clv4wURw4UQ1+TDQIxrnPtpoGEg9/I+uApYjPt/SsJ0dY30508ePn15LzmXxPN1DgoP44BAuKNUsHLVC3JOGi7SiehRXD0Xj6qqemueyDPjOvNF/hA4ipEpkp7JfFSj8aikmMINljnSrxMbWAIdMUIMXA1MPx6GvL8oCVKqmkqlJEw0evsVSZ9QNOVsj05WQEMSEQwORnMXVPWSGjVNszh73yyaIEmpUw/mM6Rr3lxHOQQwRr7A48Qd4a4f+vztaAoY9z+8VUpZZUUpLcya0pb4I6KkxsAymOsQa1gmxMRDy3BB9LlziCjz/kLWAkU6bZUURVl6PK2aavxjhuhQHowaEJzE99aIa+BQpz8oWUvxBaA7X6Zlqjwk0oYkgyQnqTw3DMZJnzyK8QJTSl5AmZpdKCnpywMQS8mePb9URA27+dK35HgbPpLL2S3eYvrkNxsapvQKftxdQExZaUWJJWLpRDoGTxIrd5buqmr0ASWPdm5Ikxh4FSq/CgXO/dwRbFLiDCAX1dRV+GFlLUuRDIlYQokpViKbPf/2LoLryfAIJEaXRK5plc2fG7Zjc8FdTyYJotGT6JRZLFkyMTxDYjHF18qX6Sn1xuHAITDIrbiwHbG23vtRqXCbaxMHYYQVxFywYIGVTSijspS0UiqqanyefAbfDmA4M0LUy5+q3X6nbttacsInPsHOnJtSi5hyFmYMQWAKvrNKKx9MFYvJIQ4IIDPOTGcDLfjG+mqHH4BMDkUIDak+/dh6s6JkkRxK+rzvxuW0ZaWflT6bavRCZtQRKdZyRH3jx88y2lTVvZ2OAxBogiCMxadS5lvF1VnlqFDGZhFb/gz54GfcRd7Z7Dab+FXkE1jaaF8nCS23Y71eg5NXHXPcO94bg2VV6hRRCBtFU5ohS+7fQB4DJOOVLWPkX5t4ZbPbaNZqtXLtU7W/0SKdwHIchJG7M+MSQUsCRfO30FywlkQ7HQnC5qT4h3dz8WriiMI4407Yl7tpdrFLyINgMMGEgkgKGAmFFtHDS5EWW5BHtQdqq1gfWERUOBy1D9tzah9/b7+74yR6CCXAnt7gGjQu89t7585374w0ZMyQD6uB3McqU5ntcjVMJJPTO78+J4/QJJlWE3q1E3QxOU6VcwsIFXNJvwXIUSdBTgKjisWPXYB67BMAHAiyg8A5b9t+9gXc8ejZdFJlCV0LdYSqitIQ/a6+ZCzLniw2p6Lt+c6rGXyDcifA0JIgH5z8oCqKBJG9XhHcKqvLrfb29v6DVu4v0/NbCZjGOjp2SSA5E1UooexYXpFmd03piUSQycGVIIRRNbQildDiFRA3wfj86uNXL36eXr3z4E7OouZ6aK+2AEXVQDOmIxmuLRBxqT7mBOgQRgKeZDsUVvXJjoUky8ofFyC+9L2TYNM//bXdxrcSVluHigwQqo4ByzGvGY44deqUAhKYoZhdC1qAaw+zobSe7kaopN+IabP3JjulTReSEbFxve3v6VzOzXV0dCAdaYm9QFTmXaQSVOneGFlZWVoz8FYx862BgcDlnXhOs1gNSaTsAmmaaIoY5rtii9PIZOJR25I5C9ZBFmKt13ZxyCSRHUNzpmV8ZTldTKfTemEpSk5Zo7sEs1vNvCt2i3JuIg6JsosCZBOzmCKod6ucpVHVUKjD0q/pggPSS6sCInsCNga+cdvRdZ1+afrCCPVqpoQeODoJR000hNi6F4/TsMvmQ50gOXzONGyZtGTvWVgI1qG2Xmu1KK5CvkuqgsAh3lXTNFKD13T9xo0bBFPw9HVlTmnPCg6O15FAwjnmjiotDeM3ZxqPvw8CMQ+QC2gQDXnlKSJA/FfIBwklWlvdkOq64lj5Xn4fsI2ostJaurG1BQ7ySkFzNsw5cxEgFT8fScdn3S6lwfj6bLypyQeowMBH906b42afjGL2zpVAxOA1l2QHx/s9+zRsCul2vViCR8jAojmFzKhffsLkPtERQGL8MmOjhtlgzMbjjZSDheaCd5riPzZd6D4Fh7jvbxuUQ0EkY87+Q/cKNj+jmIXi1utiUXA4mCiFTF6xbY/+rSrvfxQQBPA6Fe2zDwECveVXJU3+12zEbDGiPXKUldYPHj8ucAbNFC4w9tgT5GH6q7k5JV/StrbS6UKaIDIlPeMUgaeUpEeOCDLvjyBPKf7SzeMkVHzRhf7WxN1LkQhS5ELliZVJQkSCZaM1waBrBQJhVQEJ+4yGMpcv6FsPkHqLGfjDIY7iiGLS7UkTB3JYiFlZU4GNfxWXmeuzHyduQr+fVrrXGZsPy6cbO+w5VOqJ697kZFrX8QUrZfT0tSXFVkZJgNZJjxy5ZTplE0nkUtNnxz4jvTLx8P65htPdSJBPSOiqb6MdIIcjsQFSyjiW5KBZUlxegkeukD8D6+ar7qhttigNaGFfuj87e//rj0/7fXmAnPcs/L2M92obEnTdDySqGNGio3u6NM1xWp01gDhijhw1tHi5A+oMmZgQEaVs4CIZYXZWHhk4Dmgy353HjeARvWyO7mRa25G1CERm3yOQSBlIu1VOsxIlAsPAJQpJVyrkTcU2ryJDSuZDkrBhPPs1rVDwISZ13RsA1Qp+jr+O8KOHFmcy3Vsexjvc2WUrtGllpy5mWMZzOhXTMEey9LPCh+bg8DdJrWUt7a8isOyAphWws0Qtcld85mihVeaYpCwMN3s9PdmenkmGdxqdsW62jTll0WOc00wPHeb+nBJSJ6qFjWWAyKmeKY3AIV09QfWQJAks5zJLdDikTKdLM2XmMcbDMS5BDkFCLjHMjUFdWnp5xEQIDzMLuiEAHc/2+fMEwzxF7upj4ZfoEx8YRHQpVM4yKwayYPficrGY7k+n+291Ky2msRZYYbX3bbj/CruTjELZ7kuwnHqI0KLcTbWCRnKEbpQfWdlcWhs3ke2NfIYFfPZXysBdGzocwfZkDiNIMSHuDmiWWCM8bykKj0QpmuAYknbjijleKMv+wGGkySSlIg0gdyLntDuHiQKwc7iFjUaRyFHs0lV0Hkw79eR/6hUDhtDYJGumoGj3MPsPswEDp47BH4YyMJYqt7WUoW9EwvqfLKSCRAOJYRh5jx1m11h1rYtRE4GkWXX8ylRzV3t719A3nkcODtx4uWiS4qmy7cDDGkvnW/xVOHHgG2O31eo0aU4seywn6n2qpbJ1+AZfPGgMCSBRJEgSY2G6lt5QYEP84IUbf9msYI633NaQwZIhVZ6YUus47NAkYk/i4LsTanZIwWguaIzleCwWAzvDSDBOMR7ZYZHvGeUJvsq1jDakYCFK9dVBiVzmQYcS80nwe615GYmnmVa0JRp/byyp+v05zlWfEh+QKJQg8D2Fjary1YzWCXfMzfX5qTscHIjQH3JC1H4UjwY+RCvBEkBiPEa3wT2SwHGFmLGISSpZWcFwLW9Cq/mJlgEkHCxIhUireXmxLOblKYmOUUjRPxXinpH1XBntG+jx2FtTBQhjk4CPKlQHiMwNBwZqvMJUq4IJkU96kEUNm8Jf9n7xJnOri3Q/Wf6WzmAirixmaewiyhm7iwlmiwe5LrwN4zAXh1YPIF8g7adoZR5y355DAYk1ct4AnCGLyu61Ww5WCBmMo7ZhogbE595GGwsUhIMD4cpYDSCsjJKDbnIvKgaecE/WXwqc4S6IDUFBFyMCThxWW8wyclU2M4qC0446nsvw4PxaVg0QxC+9YzwcFjtMtRk4cGEqW1dobFRzFZZS0EsKWUNL9/j4OJbMyOlIhATmFJzlsWGDfDVAeUCoHTUwDuHxed77uJdffqAlaq0vwqCQXQSKesjvBXjDxFcUGzfLg77dPnvh0qeRCLRttMuhLimsvY8mzWVRXwZpOkvMx3p/evP4euzOa425tfmjcnW88xRHG0uGgpeRWllYHuzvJ4rbMzMz8cav7n8aMeApe7iTPtcNDkyZcMAcMHZD5cmd5y8ebV/nLFGz+gxLImSpFBRHg2nDMWub/VTsEcRmY2Pj2cb4DPaz750zDEAQ6fgg8xMvcYSDBXGt1bbfHn333fefP7u+qtYuUmSBYk0yfaMFzXvbzC/0F+EKgjh7FhCNjbii5RqPz542qP4z7WXNtcAh3BmwJUN/vnlEx0fe/Bla7QgdfP3Jalqe9mVHnHT/DDCwGwHzr9jiPt6EDaKJu+dophgLzFNVWVYGbqtt279+jv9Ct9M7j6NKB5IEMIgsnZqQxlXHKYHEd0YjAGDHYDgqhSOFd499Sm1Lu4eFQcFFAR2sX3JMTSa3X3z+fDsZe3AHIAdRAXhxbqUM7PavO45T2Gx8eOKDyo4jGvkngXP85IkTT+9GGkyc88rOX1ZFeSYsQK3FEpeT07+/2sGxi9cP3BpDqwISS47ZOL+Q6i9pzsrmZpwgJAodUcVhSBB9+fQj2ns0zUkshLxcMgSYuriqWhbOXY9avkFo831L1Urxjb4Wy7SbttleKvbfxu7psSrmb6meOVP/wylE4PmM6LXzvftXjMy/ovIi2aGSmNunV8X8vRDATEoQWur2jyyhBgBSp11FMlIWC+lBLBq7KaRvznx7pv4PWuSHNUbyXZ6hryqZKjyueLC17LtzOIUAJMj+teo7SAB5Qm2dZr04iGleFaSJjn18WV9/pv6jj0mtlHyPCJAqJDLqOE/2JpNJ8dzEsP677rNUn0RyqPtlknDlnX/vZmTVoQLS1ebZPUBwNPXDT+p/qK//6N7HpxRzBCBUMVbnkFvrfDXZtvP7q192kiFOJLV4BKZKDJUfpGUH+5eY62BOIojCrLfnXQIHQ04kmEAQwWA5ayzBgmZso44lRmOLZcZoNOowYx/biLH3+nv93u5VD6ynPGI0iWH4+N57+97u93Yz1vOl58u1y/do2WgHpARCpmY37h9PV7AbRkB4O0bG5bAy71v39ubk9PT0J5V7TPyQkhQFuIag/xUcwURDk0uoE8+UN9burcLaQaLUkOFsG55FtsIi54rvoe6Xt4uRsijBGS8cejZJ8sjPVRWcpH6hdpI4RPXDf1fpHDOK6BBRXV2GX4EQiOjDOACuTjAISRMdylY3SFqZVIKQ1PP9GMk8P5/kBASwf/VVEZqfWwCsydaiht+6sVY7Qo6VoBP5cPJFtAOHcC7LGgFwZoaPo8JA1r2fnD4MINUCaMtHq4UO6xf2IA+dXrCxBj5I7dECCVF0FHRIa3xAbtgMILwdI2UWkyP6696OTR+env5S5QUBJGocqcDqDhFc8hTq9lU2IYmQa/UGgKyYqeC0y/yBYiZPQOimBf743c2xsZuPVJWABHBEfTIHIFvR/NGi3gsAcxPgpNRiOSxNzXatASDnfvSi7Ln+sh5T7zx+/OjQMgoRhhiJ3pjXU7GlOL3sqm3sR8Eu1DeJFgVKRuQsh5J0BVvfiN52vqXCBCVM5dWTHDC8eFKjDQ7m+BiAoO3burC2sbdfsNEq2OdmZjlA6vRpUXrOUqEH+PkANiEqyGhizsTgnxtvuU3sSmO6lYGuBVsICEAg2EMxkvF7FmwkPSfHWPtoR5hL07h7MxLihv+cEB58hNtZ3npfixhZiKQ1OrTgMgEBiFZq+oyHw6JPwxUHSGuTKORWm8eOXU2qf8oFmocfMtKjoHYaWnBkVT9ihFwrMzfEyNG641kWxchwRcn9SP8hi18OS+V1GGMpokcA+d1Qloyi2ln36Oulr9BV46lkJmEkjnNQUsOA08yBoQX3emWIQIQeZCSRgGOhFfFivY5Z2aX+G0LxesfHy4y+1iO/0on4TNEdWc/GJidfAYisf3QBJMbcdpeAwLVqKBjFSEApVKF4a4hDy6K0UmQ+7Q8X+kEiQm4+R5tcaUs6NbHu5MPJ6Zvvq33++3uZl31t+djQeG8/GlpCkimFgMwOArGwhbrB35Bw1W1CIgbCBI7ya50XAOTSk/cnC1L6agPxldSMNBDFoVov1hFBSCIwy4RmPURIA13iAAGRSOyYkDj0aIGIt1pHjZDi1XcPx96/qHKWNwgI8xjhtuKQtkER7EhaoISyr78pQRIrIdIDQFCixHe6MeL/Sy9TqETLiAxkzBrdefnq+R0SjdrUSyCuoR3BQnIPFYqzHvaSgQqCgVRcmrICOGS3u9vvWnKnQeCgnioqGF7WogkuLKvVKqdY174HItXKJAxXbqBm7J8HRhDqhEOSQqOxwaUQPkZlvJLLmppXx7uuqsOiZMQJPaEFzIuMzmxGvlddmkxoLOcDyC1MycGTej0gCTBCtUkQSDMt1DgAEqyfvFPgiBmRBOiUcN2hHZlkfFPW4sQKZ80Xx1dRkMC9wEgCmRj/LiHOwUfAGrOtD2KwIqb56miSUvACV6XFojQbhzTbi11GgkDYAZwYLtlyuT9YucOOhnEQIVjXB81gpmd8fx/GLJ0MHLHBdSURbTeg7KqPdEI3jiBIEh4KglGXwe1f1BvHhqG+HWVidNLxrPGup3yir2+CM5EX8xEikBzodh0dxBFGcxcHPHO2r+rPZDJyOw5WAoyQNer1YURIskd4Fne8uMwwiImxPzAikERJhsRhA2mHQ7M/ZyGn7e6+Pivj7r87PmUFQ12sIbQaGvS7NiN4/sKXFy8fvPhY9cdI9HIIepNa0+H0Rth/gJ1dRUSUBIw65aewTTXTi+LxE1C++wlRDf7gIY7LXmEYniz6gyxuc+MAYe30UGwrKsf08Xlz5x6tY2d0RZgO+zvkWMoOlvX1h3jhef5o7PDhyQdVLmdPol9HYqJQKduVXBiJJtGabDAJGUD6bNOyqJttZyvWpHFAssFgcC23DQeQa1fvYEfx0suqSdV8J69W2K9tTtKA54c6UIS8Sn7DspprhApyc0xKHjS3O50oPP/45MmTF1Xt2rW8ihOzTtkEieiXKItG0sPNeqNBgR7GYs2sSS9CxlrPTMDgmuwypQhm3fM3Dx68fCOAaCC/gzbIzsQxuVgZnrGshj+8gaFRn23V6zMjJGKM56AW8A4JVGKkL4VuAVYt5AFE1zoHxGTZwQG66GlROl5Z0/SQrKAWd2rKsqwZ9OkIkDjEXUMLUY36A41fubKf48rJgpaHUdnYKYOGaTnkWcm9NMiEj5kmIsK3DM58QLaCdWNY50R3EVJh09vjw4NduZInMzTNNFHcxTpjnCYKAUMp6heWKCAGUIY/zDStOhyqbgHFSCVewQ9W9mR3KORfa20NoNP3axrLv36N8OD2yv7/jYtcqV9EEMfjPTpGmSgxETFkIyMjpHCypVsDa1k2u5Tmg0YHCYkr6iYdcb6slxHndkH0f43jIT+2FAnITgbrOZcDN8IqFWCpSO0Wsu42I2agBsiR3nc9adSQhKWqhmFBN/L5LkOV1oFg18QGzr69CmxUqhnZ2j0DyWS3jQTsiNms5Qf32cKwng0AohwAkjwX6wk35HX5pql1CEgqptJ7bGY3yNvc9jmKUcPYPbA06agBkytHD/RkSU/bxyeQ4HqWxE9Q/dtFTYgEpwqzFbsdYYT6qkEKi+RpZ5RTc26rHLoNFMW7WSbbGqnP3o9/b4ZMQsmtFdpgf+noiDtj/9ugqwAOfYDedhpTY1xz6zRysosn5N1VzpF3Cjh47Ck6yiIUajkmCTA4obZ3g8hYB6AQjlG4EPyKGRKcrwtAKgOQfZqvxNSkK51XiCzBicgZDhDGOoFDFUv6OZFYwYdMmrYKXpxknVaS3cRIbL/T3ZjMEHAWnlLIu05JKXbqt+7U/Sc4jMHRHM28mwZj+Mqdf+OAmAUQnMm5M7e23MfQoLHV9QvIa6LsMuSC6m3c4Mv/arK02IpFIb1rnBQHNjbiAzpoyQgEp27wEgpn3hMutIPG/0g/SzW9PFr/v8mX0UOlLbu8Xr6BlQ59Eg+NOYsNMRkjjEkQftU9fiE7KiTOZbbPNw/PWj/+0m84PtpAIQd4yvRNq4Ejuc0MHM2J7Cti5KJ0Lf8r9BQWlLrmKKsv6lhMAhKIaJGoriyAt/nxYta1qUgjhDuyRvB/AYnU/XhAyPxDkpxr8LwlCrVZg5ix+tfG2+smNdIs0zw1EhYLwaQhJY+R8JshM+6mDZS7Dsh08C+NtxpupT9in3TtyhxeBxZCIyThBRDKUgdtIDx8UqxxUWDSACJSl24/7z/E0xfSoPThwTE1Ym4g+d9BnYlVTg0DiVH67fYzwr3nETeEmYgT0nR2sZSDxKmnI4WUwiNES0ro2cHHwLf2rrA3iSCIuqWGg/NQDvA4glKilaAkjSIGVBoNrTalqPWDhprUVkiNiYa0wdho+sUYf7fv7Xq34l01ZjUxxilWooS9d7MzOzs78w7mkb4v5tE97USAyEoACUR6rdOzFicA47RaJN0MYv6NC/P43j8jIsJJF/4ol4RlgIm2c6cZCp6MIBFyHQncr9CFB3r5TsrOkUcJyHvMND3ob14sAkZ1tsg7bGCRUlPLwrkVjv8W8S7NWgORfZ0ix12Te+9KU7KqVNrcg/Oidf22nmi5dYb6S31+r2qUo/A340mV6jYBgmHp7KVVe2L58d1Gmr5y4fG6J2q5WiWDK1wSGkgYmiQvI0xHCL/EEKy5iIUmbTe2nRxVEMx9qgvqUcGa9xwftBeWif4DxsE3cwfT9jzHgyPhRcybuywHKvDGfoYo8nnJUd6ouMg04G1DCE1eESBhkO7C8fo2Pl1Vnd3gDBh/66P1VONLWJIcoVG7vsNR5EAYJtEYL0vdQMUGSJJB3ynZRPxEKHWS9719mYa/kttuzbhICW53zX0PReQJI0g8UJH4XPgRvlGFArka2v+ewd5ebRA5JZutptletk4kVKWpQjhNxpl0lQwv+SwFY6iLs+1NKydiDhk4Q240EEpW0+9f7nW724cLcs9+TyAAiJLMXz4hyBInIdtNG9+vhOq0/UoKPcBGQOgN6eppDOQ5bO3ujyaT0Wh1rQ7N887tiFly79CSa6Ltk85mqWul3Iuprnt7ZyORxkXBgrWRaEyE9UhqLd2srx3sH00mR8OtFrrLAOWKy2EMqy9BSvHgKnFkO8MpenNYmlwsTVbrNm6Yv506zczBTCcL0SO34POydi657jkwslnW3s09qZR14UR8uyO92efLG7jqZqI1vDZXLvDYqzcH8ivmkBZIIX7ZAAe3eWidZwqqORr0cGxekvxzhd5g2qozBbd8+jOQ6N0DF3xpVCs20L9KXQf5zJs3b164qHbcq3Jn8vXezlbNJWnMvmSuGJXLc2Uww5E1Cn9Gu9hC29ixGLmth0yv38Msym6xsF0XWfLXJxqKb7lQB73WbARu+fjPu12QGYHAjJQt+ElN6VPXdU2R1osicKsvZteOwFkdjiOLtz92FutcUR2D84552Pk2sgr1rWusSNQD4FWYbHFKV3CHI3GeELTc/LpFICRjU0iYiUzAB89EUULljsQKFAIc5YK8eg2kUNpHgdqzHaNYcd4R3l2sBbvFAYCc/Y5usrRVhX/9kJNnG7MRgXUfQBZSsBC8AEMheXqI2XjVE7OfVTMLPi6x2BoOQFrNWqJwHJTYzm1hFvsPoHmTBHsfCmlOyyWtcakbWdX75ACT/pbsygkMXs+TdP7Q1Tik3HzJuSVEjJOXtUUtMFvii3WjA8fhsGuY3feFAeEkErGkWwe54QRAChHe4mkdSLyc0ohGItC1i3Ore8BB+q8XAZDbr7k86gvSBBAsW6suDmHemqKTJo/CLyAbDKGShiMMuscc4cNCptfOnCnF9bWU1ySZU2C5mqyTQNI7KVcaiBsCuZMmkFgWIUxFEAtrFGREp96V8PjUFSaNievUOB4JUSiFCtEGX5zbR83VktxqUDRbnMcE6iGBvDj3ItTIhSdoJotqhL/68LwHsAjQ2JYChZzlFCaYs3OrsrXMYD0UDHdXOXPxpQUNgkIkRegcHDUhBOW/SLPK/UXKtXD5y6lQI89hIhkR1bwQnMEjln2cChWCn8AmSyOMc8s1YZfNQCPTCGW8BqTo1gmAEpJsyI26D4UoclLFGevefotP34oJNoS4ypk1IwDCv1jPDUAdfN2mSXaaIZYsrYxFojix9eTVRuKScW+cEl039Qg6oa1YFk0kcz+uoEU0EALNfjMVokcm0b7JUiLgfOqDHyBZhWNsR8rCk4JkA4nGtutaWNgtt3sJf9wlslXAyUWRiAwWw7jvD5oe1tiSbbKM2HBa5WN449nusq+AKBhCJxBzbfTyYVpfRB91qnsRvLcX3eekRRzXhBNNNIlEPJAzsjUIjngXyhwb8cYDSDBVY6S8mifdeiQIFDXy7NmZu3vUB2fWxdShzQqU2oMorQp+4H3jgKheLVON0Ai5H+zFsq0TBu4UIscb0MhsMpQrnLuUQXS8sXN9D6Sxl27y6J10FZ5w4qjKEYV1Yv0Jb6GyEf+VCSuHD2M/Uky/cUjmOvmEn4tohEAU1yZ2w+8PDw+XNuSm6WrXEjolIjSU5F3MrV6sSqAR+H26+W0DICeu8gk9/L5ibA9xr15PbIjANoSGwqxLF1ePfb0WZiQdEUce71SwuZ9EnDvvIH6ww1pMpCvXTbLxbUze1rVyMWDElj5Rr437oAd5HJugptzk+q5h+J+d+A8i97COzx0UGZrqKJutQYy9pJev2s8tI8KXBS65RdYhl7hGhTDOQnqDXdhvW4hjTWz7ioKSZsmDcI5v7fBYxn3qDC5bb+CKiE4K9I29crNq+x+EwXqolujd6bsSblZ0gd9nVbh3rEZ4OOv1H1ceVyorbnyRTFBDKN4y2JqWsZHSodA70nbgvg22yAxnEMZT517DriLa0uH1N3QUow4SJZvWsTy5wnEkV5jnqfznsaPgvz9kbD+7W3xSYkOvHqjA+ASRVprVHgY44H6Y3+3sDwbQiSrXZ1v0KYw3N9zIp6GQ43kNk3g5Yfoq+RBoj8uRe+KxnZE7n2tFZeUYiDiAatpS+7ec2YOsrAr2uh3sedRC+9WxIzG032KSs6380Hx8i+pDXQsLiTGi0Bi9GwvMwB6AmKfAkchRTz6CwmCEtQqlHjkj5hpZu898VGerN+h9o/HydLWTUKkE5wfJC4jikWei5fxxDbJ44XZs+jCT7MH0mhoDSIAD82qN96tvlNci9S1Usk2aLyQGvjVz3qYsN1U18SPuBc0CLDHNf6c7ESxB9I+k3AIUjBP2OwwGR2tINpKK2eRgIWzj2vbtZh5VsB+PFG18b7ibXczXF+0xFPajDtjTP22QDaclTxMRxsDqsq3ViXqaBp6EiQ4/yIp2jCZIhDXGAt1s5jtrq8Oj0WiIJ23meV5QaZvlyJUyNRTvVQPjVPFMT4wzmQx3W3lUEyB3tixU1ZR5+0i/YduIuiCLLHe1E0wtv3yQ/CFx3C+d95ONA04YxSDySbFZ1g+qcfyxqw3RUOBT+jh5zUPzVWZ0fN/O3LsudFW8ORJaPBdGkOXSVHAekU/znV9hAtvIRPQYOL6AtNVZj+RdvLrpyQoz4jDViJ5ljqyB7sv4H5JBwqFfy5lzVehetCRHgLjrK/fvr2w+cvBeToaIEZsZDIm+c3KcTYzTX+bRKPGZDaMPXmVPAV19IJrElp7JsNpF606WO6r3amhqPGlciqYf76JE/xNEVSjwt/7HqPykhGH+OyQ4GwYWvtM4gyNH8Tc9eP6//Jf/8l/+yz8lXwDq+UD50w1JtwAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - serviceaccounts + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - apiGroups: + - "" + resourceNames: + - open-cluster-management-image-pull-credentials + - bootstrap-hub-kubeconfig + - hub-kubeconfig-secret + - external-managed-kubeconfig + - external-managed-kubeconfig-work + - external-managed-kubeconfig-registration + - external-managed-kubeconfig-agent + resources: + - secrets + verbs: + - update + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update + - watch + - patch + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - "" + resources: + - namespaces + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - "" + - events.k8s.io + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - roles + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - escalate + - bind + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - list + - update + - watch + - patch + - delete + - apiGroups: + - operator.open-cluster-management.io + resources: + - klusterlets + verbs: + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - operator.open-cluster-management.io + resources: + - klusterlets/status + verbs: + - update + - patch + - apiGroups: + - work.open-cluster-management.io + resources: + - appliedmanifestworks + verbs: + - list + - update + - patch + serviceAccountName: klusterlet + deployments: + - label: + app: klusterlet + name: klusterlet + spec: + replicas: 3 + selector: + matchLabels: + app: klusterlet + strategy: {} + template: + metadata: + annotations: + target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}' + labels: + app: klusterlet + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - klusterlet + topologyKey: failure-domain.beta.kubernetes.io/zone + weight: 70 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - klusterlet + topologyKey: kubernetes.io/hostname + weight: 30 + containers: + - args: + - /registration-operator + - klusterlet + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: quay.io/open-cluster-management/registration-operator:v0.15.1 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: 8443 + scheme: HTTPS + initialDelaySeconds: 2 + periodSeconds: 10 + name: klusterlet + readinessProbe: + httpGet: + path: /healthz + port: 8443 + scheme: HTTPS + initialDelaySeconds: 2 + resources: + limits: + memory: 2Gi + requests: + cpu: 2m + memory: 16Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + volumeMounts: + - mountPath: /tmp + name: tmpdir + securityContext: + runAsNonRoot: true + serviceAccountName: klusterlet + volumes: + - emptyDir: {} + name: tmpdir + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - open-cluster-management + - Klusterlet + links: + - name: Registration Operator + url: https://github.com/open-cluster-management-io/ocm + maintainers: + - email: zyin@redhat.com + name: Zhiwei Yin + - email: deads@redhat.com + name: David Eads + - email: jqiu@redhat.com + name: Jian Qiu + maturity: alpha + provider: + name: Open Cluster Management Community + replaces: klusterlet.v0.14.0 + selector: + matchLabels: + app: klusterlet + version: 0.15.1 diff --git a/operators/klusterlet/0.15.1/manifests/operator.open-cluster-management.io_klusterlets.yaml b/operators/klusterlet/0.15.1/manifests/operator.open-cluster-management.io_klusterlets.yaml new file mode 100644 index 00000000000..7bbe93d6ac2 --- /dev/null +++ b/operators/klusterlet/0.15.1/manifests/operator.open-cluster-management.io_klusterlets.yaml @@ -0,0 +1,617 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: klusterlets.operator.open-cluster-management.io +spec: + group: operator.open-cluster-management.io + names: + kind: Klusterlet + listKind: KlusterletList + plural: klusterlets + singular: klusterlet + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + Klusterlet represents controllers to install the resources for a managed cluster. + When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the + agent namespace to allow API requests to the hub for the registration protocol. + In Hosted mode, the Klusterlet requires an additional secret named external-managed-kubeconfig + in the agent namespace to allow API requests to the managed cluster for resources installation. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Spec represents the desired deployment configuration of Klusterlet + agent. + properties: + clusterName: + description: |- + ClusterName is the name of the managed cluster to be created on hub. + The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. + maxLength: 63 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + deployOption: + description: DeployOption contains the options of deploying a klusterlet + properties: + mode: + description: |- + Mode can be Default, Hosted, Singleton or SingletonHosted. It is Default mode if not specified + In Default mode, all klusterlet related resources are deployed on the managed cluster. + In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another + cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of + "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). + In Singleton mode, registration/work agent is started as a single deployment. + In SingletonHosted mode, agent is started as a single deployment in hosted mode. + Note: Do not modify the Mode field once it's applied. + type: string + type: object + externalServerURLs: + description: |- + ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally + If it is set empty, managed cluster has no externally accessible url that hub cluster can visit. + items: + description: ServerURL represents the apiserver url and ca bundle + that is accessible externally + properties: + caBundle: + description: |- + CABundle is the ca bundle to connect to apiserver of the managed cluster. + System certs are used if it is not set. + format: byte + type: string + url: + description: URL is the url of apiserver endpoint of the managed + cluster. + type: string + type: object + type: array + hubApiServerHostAlias: + description: |- + HubApiServerHostAlias contains the host alias for hub api server. + registration-agent and work-agent will use it to communicate with hub api server. + properties: + hostname: + description: Hostname for the above IP address. + pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$ + type: string + ip: + description: IP address of the host file entry. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + type: string + required: + - hostname + - ip + type: object + imagePullSpec: + description: |- + ImagePullSpec represents the desired image configuration of agent, it takes effect only when + singleton mode is set. quay.io/open-cluster-management.io/registration-operator:latest will + be used if unspecified + type: string + namespace: + description: |- + Namespace is the namespace to deploy the agent on the managed cluster. + The namespace must have a prefix of "open-cluster-management-", and if it is not set, + the namespace of "open-cluster-management-agent" is used to deploy agent. + In addition, the add-ons are deployed to the namespace of "{Namespace}-addon". + In the Hosted mode, this namespace still exists on the managed cluster to contain + necessary resources, like service accounts, roles and rolebindings, while the agent + is deployed to the namespace with the same name as klusterlet on the management cluster. + maxLength: 57 + pattern: ^open-cluster-management-[-a-z0-9]*[a-z0-9]$ + type: string + nodePlacement: + description: NodePlacement enables explicit control over the scheduling + of the deployed pods. + properties: + nodeSelector: + additionalProperties: + type: string + description: NodeSelector defines which Nodes the Pods are scheduled + on. The default is an empty list. + type: object + tolerations: + description: |- + Tolerations are attached by pods to tolerate any taint that matches + the triple using the matching operator . + The default is an empty list. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + priorityClassName: + description: |- + PriorityClassName is the name of the PriorityClass that will be used by the + deployed klusterlet agent. It will be ignored when the PriorityClass/v1 API + is not available on the managed cluster. + type: string + registrationConfiguration: + description: RegistrationConfiguration contains the configuration + of registration + properties: + bootstrapKubeConfigs: + description: |- + BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. + + + When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR + is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". + + + A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. + But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. + properties: + localSecretsConfig: + description: |- + LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. + The secrets must be in the same namespace where the agent controller runs. + properties: + hubConnectionTimeoutSeconds: + default: 600 + description: |- + HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. + When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. + By default is 10 mins. + format: int32 + minimum: 180 + type: integer + kubeConfigSecrets: + description: KubeConfigSecrets is a list of secret names. + The secrets are in the same namespace where the agent + controller runs. + items: + properties: + name: + description: Name is the name of the secret. + type: string + type: object + type: array + type: object + type: + default: None + description: |- + Type specifies the type of priority bootstrap kubeconfigs. + By default, it is set to None, representing no priority bootstrap kubeconfigs are set. + enum: + - None + - LocalSecrets + type: string + type: object + clientCertExpirationSeconds: + description: |- + clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default + duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on + the hub cluster, the max signing duration seconds will be set. + format: int32 + type: integer + clusterAnnotations: + additionalProperties: + type: string + description: |- + ClusterAnnotations is annotations with the reserve prefix "agent.open-cluster-management.io" set on + ManagedCluster when creating only, other actors can update it afterwards. + type: object + featureGates: + description: "FeatureGates represents the list of feature gates + for registration\nIf it is set empty, default feature gates + will be used.\nIf it is set, featuregate/Foo is an example of + one item in FeatureGates:\n 1. If featuregate/Foo does not + exist, registration-operator will discard it\n 2. If featuregate/Foo + exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n + \ 3. If featuregate/Foo exists and is true by default. If a + cluster-admin upgrading from 1 to 2 wants to continue having + featuregate/Foo=false,\n \the can set featuregate/Foo=false + before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + items: + properties: + feature: + description: Feature is the key of feature gate. e.g. featuregate/Foo. + type: string + mode: + default: Disable + description: |- + Mode is either Enable, Disable, "" where "" is Disable by default. + In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + enum: + - Enable + - Disable + type: string + required: + - feature + type: object + type: array + kubeAPIBurst: + default: 100 + description: |- + KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. + If it is set empty, use the default value: 100 + format: int32 + type: integer + kubeAPIQPS: + default: 50 + description: |- + KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. + If it is set empty, use the default value: 50 + format: int32 + type: integer + registrationDriver: + description: This provides driver details required to register + with hub + properties: + authType: + default: csr + description: Type of the authentication used by managedcluster + to register as well as pull work from hub. Possible values + are csr and awsirsa. + enum: + - csr + - awsirsa + type: string + awsIrsa: + description: |- + Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. + This is required only when the authType is awsirsa. + properties: + hubClusterArn: + description: |- + The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. + Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1. + minLength: 1 + type: string + managedClusterArn: + description: |- + The arn of the managed cluster (ie: an EKS cluster). This will be required to generate the md5hash which will be used as a suffix to create IAM role on hub + as well as used by kluslerlet-agent, to assume role suffixed with the md5hash, on startup. + Example - arn:eks:us-west-2:12345678910:cluster/managed-cluster1. + minLength: 1 + type: string + type: object + type: object + type: object + registrationImagePullSpec: + description: |- + RegistrationImagePullSpec represents the desired image configuration of registration agent. + quay.io/open-cluster-management.io/registration:latest will be used if unspecified. + type: string + resourceRequirement: + description: |- + ResourceRequirement specify QoS classes of deployments managed by klusterlet. + It applies to all the containers in the deployments. + properties: + resourceRequirements: + description: ResourceRequirements defines resource requests and + limits when Type is ResourceQosClassResourceRequirement + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + type: + default: Default + enum: + - Default + - BestEffort + - ResourceRequirement + type: string + type: object + workConfiguration: + description: WorkConfiguration contains the configuration of work + properties: + appliedManifestWorkEvictionGracePeriod: + description: |- + AppliedManifestWorkEvictionGracePeriod is the eviction grace period the work agent will wait before + evicting the AppliedManifestWorks, whose corresponding ManifestWorks are missing on the hub cluster, from + the managed cluster. If not present, the default value of the work agent will be used. + pattern: ^([0-9]+(s|m|h))+$ + type: string + featureGates: + description: "FeatureGates represents the list of feature gates + for work\nIf it is set empty, default feature gates will be + used.\nIf it is set, featuregate/Foo is an example of one item + in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator + will discard it\n 2. If featuregate/Foo exists and is false + by default. It is now possible to set featuregate/Foo=[false|true]\n + \ 3. If featuregate/Foo exists and is true by default. If a + cluster-admin upgrading from 1 to 2 wants to continue having + featuregate/Foo=false,\n \the can set featuregate/Foo=false + before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + items: + properties: + feature: + description: Feature is the key of feature gate. e.g. featuregate/Foo. + type: string + mode: + default: Disable + description: |- + Mode is either Enable, Disable, "" where "" is Disable by default. + In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + enum: + - Enable + - Disable + type: string + required: + - feature + type: object + type: array + kubeAPIBurst: + default: 100 + description: |- + KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. + If it is set empty, use the default value: 100 + format: int32 + type: integer + kubeAPIQPS: + default: 50 + description: |- + KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. + If it is set empty, use the default value: 50 + format: int32 + type: integer + type: object + workImagePullSpec: + description: |- + WorkImagePullSpec represents the desired image configuration of work agent. + quay.io/open-cluster-management.io/work:latest will be used if unspecified. + type: string + type: object + status: + description: Status represents the current status of Klusterlet agent. + properties: + conditions: + description: |- + Conditions contain the different condition statuses for this Klusterlet. + Valid condition types are: + Applied: Components have been applied in the managed cluster. + Available: Components in the managed cluster are available and ready to serve. + Progressing: Components in the managed cluster are in a transitioning state. + Degraded: Components in the managed cluster do not match the desired configuration and only provide + degraded service. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + generations: + description: Generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: |- + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + The definition matches the GenerationStatus defined in github.com/openshift/api/v1 + properties: + group: + description: group is the group of the resource that you're + tracking + type: string + lastGeneration: + description: lastGeneration is the last generation of the resource + that controller applies + format: int64 + type: integer + name: + description: name is the name of the resource that you're tracking + type: string + namespace: + description: namespace is where the resource that you're tracking + is + type: string + resource: + description: resource is the resource type of the resource that + you're tracking + type: string + version: + description: version is the version of the resource that you're + tracking + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + relatedResources: + description: RelatedResources are used to track the resources that + are related to this Klusterlet. + items: + description: RelatedResourceMeta represents the resource that is + managed by an operator + properties: + group: + description: group is the group of the resource that you're + tracking + type: string + name: + description: name is the name of the resource that you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the resource that + you're tracking + type: string + version: + description: version is the version of the thing you're tracking + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/klusterlet/0.15.1/metadata/annotations.yaml b/operators/klusterlet/0.15.1/metadata/annotations.yaml new file mode 100644 index 00000000000..052fcfc1d48 --- /dev/null +++ b/operators/klusterlet/0.15.1/metadata/annotations.yaml @@ -0,0 +1,11 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: klusterlet + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.32.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3