diff --git a/features.md b/features.md
index 750b68d62fc..dad13b736cc 100644
--- a/features.md
+++ b/features.md
@@ -77,7 +77,6 @@
| NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled |
| NoOverlayMode| | | Enabled | Enabled | | | Enabled | Enabled |
| NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled |
-| OSStreams| | | Enabled | Enabled | | | Enabled | Enabled |
| OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled |
| OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled |
| SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled |
@@ -87,6 +86,7 @@
| VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled |
| VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled |
| AWSServiceLBNetworkSecurityGroup| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled |
+| OSStreams| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled |
| AzureClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| BootImageSkewEnforcement| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
diff --git a/features/features.go b/features/features.go
index c17075aa867..6dceed78546 100644
--- a/features/features.go
+++ b/features/features.go
@@ -880,7 +880,8 @@ var (
contactPerson("pabrodri").
productScope(ocpSpecific).
enhancementPR("https://github.com/openshift/enhancements/pull/1874").
- enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()).
+ enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade(), inDefault(), inOKD()).
+ enable(inClusterProfile(Hypershift), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()).
mustRegister()
FeatureGateCRDCompatibilityRequirementOperator = newFeatureGate("CRDCompatibilityRequirementOperator").
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
similarity index 99%
rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml
rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
index 6dc75e209b5..dc5b42993f6 100644
--- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: CustomNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml
rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
index b551493e48b..190ea73d481 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: Default
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml
rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
index 48688e4791b..cfe6e2a8709 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: DevPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml
rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
index 748c9ffea78..9489334b72b 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: OKD
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
similarity index 99%
rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml
rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
index 12bb88dfd59..b509440da7b 100644
--- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: TechPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml
new file mode 100644
index 00000000000..d040014a569
--- /dev/null
+++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml
@@ -0,0 +1,668 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.openshift.io: https://github.com/openshift/api/pull/1453
+ api.openshift.io/merged-by-featuregates: "true"
+ include.release.openshift.io/self-managed-high-availability: "true"
+ labels:
+ openshift.io/operator-managed: ""
+ name: machineconfigpools.machineconfiguration.openshift.io
+spec:
+ group: machineconfiguration.openshift.io
+ names:
+ kind: MachineConfigPool
+ listKind: MachineConfigPoolList
+ plural: machineconfigpools
+ shortNames:
+ - mcp
+ singular: machineconfigpool
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.configuration.name
+ name: Config
+ type: string
+ - description: When all the machines in the pool are updated to the correct machine
+ config.
+ jsonPath: .status.conditions[?(@.type=="Updated")].status
+ name: Updated
+ type: string
+ - description: When at least one of machine is not either not updated or is in
+ the process of updating to the desired machine config.
+ jsonPath: .status.conditions[?(@.type=="Updating")].status
+ name: Updating
+ type: string
+ - description: When progress is blocked on updating one or more nodes or the pool
+ configuration is failing.
+ jsonPath: .status.conditions[?(@.type=="Degraded")].status
+ name: Degraded
+ type: string
+ - description: Total number of machines in the machine config pool
+ jsonPath: .status.machineCount
+ name: MachineCount
+ type: number
+ - description: Total number of ready machines targeted by the pool
+ jsonPath: .status.readyMachineCount
+ name: ReadyMachineCount
+ type: number
+ - description: Total number of machines targeted by the pool that have the CurrentMachineConfig
+ as their config
+ jsonPath: .status.updatedMachineCount
+ name: UpdatedMachineCount
+ type: number
+ - description: Total number of machines marked degraded (or unreconcilable)
+ jsonPath: .status.degradedMachineCount
+ name: DegradedMachineCount
+ type: number
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ MachineConfigPool describes a pool of MachineConfigs.
+
+ Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: spec contains the desired machine config pool configuration.
+ properties:
+ configuration:
+ description: The targeted MachineConfig object for the machine config
+ pool.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ source:
+ description: source is the list of MachineConfig objects that
+ were used to generate the single MachineConfig object specified
+ in `content`.
+ items:
+ description: ObjectReference contains enough information to
+ let you inspect or modify the referred object.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ machineConfigSelector:
+ description: |-
+ machineConfigSelector specifies a label selector for MachineConfigs.
+ Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ maxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ maxUnavailable defines either an integer number or percentage
+ of nodes in the pool that can go Unavailable during an update.
+ This includes nodes Unavailable for any reason, including user
+ initiated cordons, failing nodes, etc. The default value is 1.
+
+ A value larger than 1 will mean multiple nodes going unavailable during
+ the update, which may affect your workload stress on the remaining nodes.
+ You cannot set this value to 0 to stop updates (it will default back to 1);
+ to stop updates, use the 'paused' property instead. Drain will respect
+ Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if
+ maxUnavailable is greater than one.
+ x-kubernetes-int-or-string: true
+ nodeSelector:
+ description: nodeSelector specifies a label selector for Machines
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ osImageStream:
+ description: |-
+ osImageStream specifies an OS stream to be used for the pool.
+
+ This field can be optionally set to a known OSImageStream name to change the
+ OS and Extension images with a well-known, tested, release-provided set of images.
+ This enables a streamlined way of switching the pool's node OS to a different version
+ than the cluster default, such as transitioning to a major RHEL version.
+
+ When set, the referenced stream overrides the cluster-wide OS
+ images for the pool with the OS and Extensions associated to stream.
+ When omitted, the pool uses the cluster-wide default OS images.
+ properties:
+ name:
+ description: |-
+ name is a required reference to an OSImageStream to be used for the pool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - name
+ type: object
+ paused:
+ description: |-
+ paused specifies whether or not changes to this machine config pool should be stopped.
+ This includes generating new desiredMachineConfig and update of machines.
+ type: boolean
+ pinnedImageSets:
+ description: |-
+ pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the
+ pool. Nodes within this pool will preload and pin images defined in the
+ PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure
+ the total uncompressed size of all the images does not exceed available
+ resources. If the total size of the images exceeds the available
+ resources the controller will report a Degraded status to the
+ MachineConfigPool and not attempt to pull any images. Also to help ensure
+ the kubelet can mitigate storage risk, the pinned_image configuration and
+ subsequent service reload will happen only after all of the images have
+ been pulled for each set. Images from multiple PinnedImageSets are loaded
+ and pinned sequentially as listed. Duplicate and existing images will be
+ skipped.
+
+ Any failure to prefetch or pin images will result in a Degraded pool.
+ Resolving these failures is the responsibility of the user. The admin
+ should be proactive in ensuring adequate storage and proper image
+ authentication exists in advance.
+ items:
+ properties:
+ name:
+ description: |-
+ name is a reference to the name of a PinnedImageSet. Must adhere to
+ RFC-1123 (https://tools.ietf.org/html/rfc1123).
+ Made up of one of more period-separated (.) segments, where each segment
+ consists of alphanumeric characters and hyphens (-), must begin and end
+ with an alphanumeric character, and is at most 63 characters in length.
+ The total length of the name must not exceed 253 characters.
+ maxLength: 253
+ minLength: 1
+ pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 100
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ status:
+ description: status contains observed information about the machine config
+ pool.
+ properties:
+ certExpirys:
+ description: certExpirys keeps track of important certificate expiration
+ data
+ items:
+ description: ceryExpiry contains the bundle name and the expiry
+ date
+ properties:
+ bundle:
+ description: bundle is the name of the bundle in which the subject
+ certificate resides
+ type: string
+ expiry:
+ description: expiry is the date after which the certificate
+ will no longer be valid
+ format: date-time
+ type: string
+ subject:
+ description: subject is the subject of the certificate
+ type: string
+ required:
+ - bundle
+ - subject
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ conditions:
+ description: conditions represents the latest available observations
+ of current state.
+ items:
+ description: MachineConfigPoolCondition contains condition information
+ for an MachineConfigPool.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the timestamp corresponding to the last status
+ change of this condition.
+ format: date-time
+ nullable: true
+ type: string
+ message:
+ description: |-
+ message is a human readable description of the details of the last
+ transition, complementing reason.
+ type: string
+ reason:
+ description: |-
+ reason is a brief machine readable explanation for the condition's last
+ transition.
+ type: string
+ status:
+ description: status of the condition, one of ('True', 'False',
+ 'Unknown').
+ type: string
+ type:
+ description: type of the condition, currently ('Done', 'Updating',
+ 'Failed').
+ type: string
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ configuration:
+ description: configuration represents the current MachineConfig object
+ for the machine config pool.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ source:
+ description: source is the list of MachineConfig objects that
+ were used to generate the single MachineConfig object specified
+ in `content`.
+ items:
+ description: ObjectReference contains enough information to
+ let you inspect or modify the referred object.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ degradedMachineCount:
+ description: |-
+ degradedMachineCount represents the total number of machines marked degraded (or unreconcilable).
+ A node is marked degraded if applying a configuration failed..
+ format: int32
+ type: integer
+ machineCount:
+ description: machineCount represents the total number of machines
+ in the machine config pool.
+ format: int32
+ type: integer
+ observedGeneration:
+ description: observedGeneration represents the generation observed
+ by the controller.
+ format: int64
+ type: integer
+ osImageStream:
+ description: |-
+ osImageStream specifies the last updated OSImageStream for the pool.
+
+ When omitted, the pool is using the cluster-wide default OS images.
+ properties:
+ name:
+ description: |-
+ name is a required reference to an OSImageStream to be used for the pool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - name
+ type: object
+ poolSynchronizersStatus:
+ description: poolSynchronizersStatus is the status of the machines
+ managed by the pool synchronizers.
+ items:
+ properties:
+ availableMachineCount:
+ description: availableMachineCount is the number of machines
+ managed by the node synchronizer which are available.
+ format: int64
+ minimum: 0
+ type: integer
+ machineCount:
+ description: machineCount is the number of machines that are
+ managed by the node synchronizer.
+ format: int64
+ minimum: 0
+ type: integer
+ observedGeneration:
+ description: observedGeneration is the last generation change
+ that has been applied.
+ format: int64
+ minimum: 0
+ type: integer
+ x-kubernetes-validations:
+ - message: observedGeneration must not move backwards except
+ to zero
+ rule: self >= oldSelf || (self == 0 && oldSelf > 0)
+ poolSynchronizerType:
+ description: poolSynchronizerType describes the type of the
+ pool synchronizer.
+ enum:
+ - PinnedImageSets
+ maxLength: 256
+ type: string
+ readyMachineCount:
+ description: readyMachineCount is the number of machines managed
+ by the node synchronizer that are in a ready state.
+ format: int64
+ minimum: 0
+ type: integer
+ unavailableMachineCount:
+ description: unavailableMachineCount is the number of machines
+ managed by the node synchronizer but are unavailable.
+ format: int64
+ minimum: 0
+ type: integer
+ updatedMachineCount:
+ description: updatedMachineCount is the number of machines that
+ have been updated by the node synchronizer.
+ format: int64
+ minimum: 0
+ type: integer
+ required:
+ - availableMachineCount
+ - machineCount
+ - poolSynchronizerType
+ - readyMachineCount
+ - unavailableMachineCount
+ - updatedMachineCount
+ type: object
+ x-kubernetes-validations:
+ - message: machineCount must be greater than or equal to updatedMachineCount
+ rule: self.machineCount >= self.updatedMachineCount
+ - message: machineCount must be greater than or equal to availableMachineCount
+ rule: self.machineCount >= self.availableMachineCount
+ - message: machineCount must be greater than or equal to unavailableMachineCount
+ rule: self.machineCount >= self.unavailableMachineCount
+ - message: machineCount must be greater than or equal to readyMachineCount
+ rule: self.machineCount >= self.readyMachineCount
+ - message: availableMachineCount must be greater than or equal to
+ readyMachineCount
+ rule: self.availableMachineCount >= self.readyMachineCount
+ type: array
+ x-kubernetes-list-map-keys:
+ - poolSynchronizerType
+ x-kubernetes-list-type: map
+ readyMachineCount:
+ description: readyMachineCount represents the total number of ready
+ machines targeted by the pool.
+ format: int32
+ type: integer
+ unavailableMachineCount:
+ description: |-
+ unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool.
+ A node is marked unavailable if it is in updating state or NodeReady condition is false.
+ format: int32
+ type: integer
+ updatedMachineCount:
+ description: updatedMachineCount represents the total number of machines
+ targeted by the pool that have the CurrentMachineConfig as their
+ config.
+ format: int32
+ type: integer
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
similarity index 99%
rename from machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml
rename to machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
index d18a1ecaa3e..33c4be7e897 100644
--- a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml
+++ b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/2555
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml
new file mode 100644
index 00000000000..45af11e4943
--- /dev/null
+++ b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml
@@ -0,0 +1,206 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.openshift.io: https://github.com/openshift/api/pull/2555
+ api.openshift.io/merged-by-featuregates: "true"
+ include.release.openshift.io/self-managed-high-availability: "true"
+ labels:
+ openshift.io/operator-managed: ""
+ name: osimagestreams.machineconfiguration.openshift.io
+spec:
+ group: machineconfiguration.openshift.io
+ names:
+ kind: OSImageStream
+ listKind: OSImageStreamList
+ plural: osimagestreams
+ singular: osimagestream
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ OSImageStream describes a set of streams and associated images available
+ for the MachineConfigPools to be used as base OS images.
+
+ The resource is a singleton named "cluster".
+
+ Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: spec contains the desired OSImageStream config configuration.
+ properties:
+ defaultStream:
+ description: |-
+ defaultStream is the desired name of the stream that should be used as the
+ default when no specific stream is requested by a MachineConfigPool.
+
+ This field is set by the installer during installation. Users may need to
+ update it if the currently selected stream is no longer available, for
+ example when the stream has reached its End of Life.
+ The MachineConfigOperator uses this value to determine which stream from
+ status.availableStreams to apply as the default for MachineConfigPools
+ that do not specify a stream override.
+
+ When status.availableStreams has been populated by the operator, updating
+ this field requires that the new value references the name of one of the
+ streams in status.availableStreams. Status-only updates by the operator
+ are not subject to this constraint, allowing the operator to update
+ availableStreams independently of this field.
+ During initial creation, before the operator has populated status, any
+ valid value is accepted.
+
+ When omitted, the operator determines the default stream automatically.
+ Once set, this field cannot be removed.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ type: object
+ x-kubernetes-validations:
+ - message: spec.defaultStream cannot be removed once set
+ rule: '!has(oldSelf.defaultStream) || has(self.defaultStream)'
+ status:
+ description: |-
+ status describes the last observed state of this OSImageStream.
+ Populated by the MachineConfigOperator after reading release metadata.
+ When not present, the controller has not yet reconciled this resource.
+ properties:
+ availableStreams:
+ description: |-
+ availableStreams is a list of the available OS Image Streams that can be
+ used as the base image for MachineConfigPools.
+ availableStreams is required, must have at least one item, must not exceed
+ 100 items, and must have unique entries keyed on the name field.
+ items:
+ properties:
+ name:
+ description: |-
+ name is the required identifier of the stream.
+
+ name is determined by the operator based on the OCI label of the
+ discovered OS or Extension Image.
+
+ Must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ osExtensionsImage:
+ description: |-
+ osExtensionsImage is a required OS Extensions Image referenced by digest.
+
+ osExtensionsImage bundles the extra repositories used to enable extensions, augmenting
+ the base operating system without modifying the underlying immutable osImage.
+
+ The format of the image pull spec is: host[:port][/namespace]/name@sha256:,
+ where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9.
+ The length of the whole spec must be between 1 to 447 characters.
+ maxLength: 447
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: the OCI Image reference must end with a valid '@sha256:'
+ suffix, where '' is 64 characters long
+ rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))
+ - message: the OCI Image name should follow the host[:port][/namespace]/name
+ format, resembling a valid URL without the scheme
+ rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))
+ osImage:
+ description: |-
+ osImage is a required OS Image referenced by digest.
+
+ osImage contains the immutable, fundamental operating system components, including the kernel
+ and base utilities, that define the core environment for the node's host operating system.
+
+ The format of the image pull spec is: host[:port][/namespace]/name@sha256:,
+ where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9.
+ The length of the whole spec must be between 1 to 447 characters.
+ maxLength: 447
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: the OCI Image reference must end with a valid '@sha256:'
+ suffix, where '' is 64 characters long
+ rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))
+ - message: the OCI Image name should follow the host[:port][/namespace]/name
+ format, resembling a valid URL without the scheme
+ rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))
+ required:
+ - name
+ - osExtensionsImage
+ - osImage
+ type: object
+ maxItems: 100
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ defaultStream:
+ description: |-
+ defaultStream is the name of the stream that should be used as the default
+ when no specific stream is requested by a MachineConfigPool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'),
+ and must reference the name of one of the streams in availableStreams.
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - availableStreams
+ - defaultStream
+ type: object
+ x-kubernetes-validations:
+ - message: defaultStream must reference a stream name from availableStreams
+ rule: self.defaultStream in self.availableStreams.map(s, s.name)
+ required:
+ - spec
+ type: object
+ x-kubernetes-validations:
+ - message: osimagestream is a singleton, .metadata.name must be 'cluster'
+ rule: self.metadata.name == 'cluster'
+ - message: spec.defaultStream must reference an existing stream name from
+ status.availableStreams
+ rule: self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status)
+ || self.spec.defaultStream in self.status.availableStreams.map(s, s.name)
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
index 6dc75e209b5..dc5b42993f6 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: CustomNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
similarity index 99%
rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
index b551493e48b..190ea73d481 100644
--- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: Default
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
similarity index 99%
rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
index 48688e4791b..cfe6e2a8709 100644
--- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: DevPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
similarity index 99%
rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
index 748c9ffea78..9489334b72b 100644
--- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: OKD
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
index 12bb88dfd59..b509440da7b 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/1453
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: TechPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml
new file mode 100644
index 00000000000..d040014a569
--- /dev/null
+++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml
@@ -0,0 +1,668 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.openshift.io: https://github.com/openshift/api/pull/1453
+ api.openshift.io/merged-by-featuregates: "true"
+ include.release.openshift.io/self-managed-high-availability: "true"
+ labels:
+ openshift.io/operator-managed: ""
+ name: machineconfigpools.machineconfiguration.openshift.io
+spec:
+ group: machineconfiguration.openshift.io
+ names:
+ kind: MachineConfigPool
+ listKind: MachineConfigPoolList
+ plural: machineconfigpools
+ shortNames:
+ - mcp
+ singular: machineconfigpool
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.configuration.name
+ name: Config
+ type: string
+ - description: When all the machines in the pool are updated to the correct machine
+ config.
+ jsonPath: .status.conditions[?(@.type=="Updated")].status
+ name: Updated
+ type: string
+ - description: When at least one of machine is not either not updated or is in
+ the process of updating to the desired machine config.
+ jsonPath: .status.conditions[?(@.type=="Updating")].status
+ name: Updating
+ type: string
+ - description: When progress is blocked on updating one or more nodes or the pool
+ configuration is failing.
+ jsonPath: .status.conditions[?(@.type=="Degraded")].status
+ name: Degraded
+ type: string
+ - description: Total number of machines in the machine config pool
+ jsonPath: .status.machineCount
+ name: MachineCount
+ type: number
+ - description: Total number of ready machines targeted by the pool
+ jsonPath: .status.readyMachineCount
+ name: ReadyMachineCount
+ type: number
+ - description: Total number of machines targeted by the pool that have the CurrentMachineConfig
+ as their config
+ jsonPath: .status.updatedMachineCount
+ name: UpdatedMachineCount
+ type: number
+ - description: Total number of machines marked degraded (or unreconcilable)
+ jsonPath: .status.degradedMachineCount
+ name: DegradedMachineCount
+ type: number
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ MachineConfigPool describes a pool of MachineConfigs.
+
+ Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: spec contains the desired machine config pool configuration.
+ properties:
+ configuration:
+ description: The targeted MachineConfig object for the machine config
+ pool.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ source:
+ description: source is the list of MachineConfig objects that
+ were used to generate the single MachineConfig object specified
+ in `content`.
+ items:
+ description: ObjectReference contains enough information to
+ let you inspect or modify the referred object.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ machineConfigSelector:
+ description: |-
+ machineConfigSelector specifies a label selector for MachineConfigs.
+ Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ maxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ maxUnavailable defines either an integer number or percentage
+ of nodes in the pool that can go Unavailable during an update.
+ This includes nodes Unavailable for any reason, including user
+ initiated cordons, failing nodes, etc. The default value is 1.
+
+ A value larger than 1 will mean multiple nodes going unavailable during
+ the update, which may affect your workload stress on the remaining nodes.
+ You cannot set this value to 0 to stop updates (it will default back to 1);
+ to stop updates, use the 'paused' property instead. Drain will respect
+ Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if
+ maxUnavailable is greater than one.
+ x-kubernetes-int-or-string: true
+ nodeSelector:
+ description: nodeSelector specifies a label selector for Machines
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ osImageStream:
+ description: |-
+ osImageStream specifies an OS stream to be used for the pool.
+
+ This field can be optionally set to a known OSImageStream name to change the
+ OS and Extension images with a well-known, tested, release-provided set of images.
+ This enables a streamlined way of switching the pool's node OS to a different version
+ than the cluster default, such as transitioning to a major RHEL version.
+
+ When set, the referenced stream overrides the cluster-wide OS
+ images for the pool with the OS and Extensions associated to stream.
+ When omitted, the pool uses the cluster-wide default OS images.
+ properties:
+ name:
+ description: |-
+ name is a required reference to an OSImageStream to be used for the pool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - name
+ type: object
+ paused:
+ description: |-
+ paused specifies whether or not changes to this machine config pool should be stopped.
+ This includes generating new desiredMachineConfig and update of machines.
+ type: boolean
+ pinnedImageSets:
+ description: |-
+ pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the
+ pool. Nodes within this pool will preload and pin images defined in the
+ PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure
+ the total uncompressed size of all the images does not exceed available
+ resources. If the total size of the images exceeds the available
+ resources the controller will report a Degraded status to the
+ MachineConfigPool and not attempt to pull any images. Also to help ensure
+ the kubelet can mitigate storage risk, the pinned_image configuration and
+ subsequent service reload will happen only after all of the images have
+ been pulled for each set. Images from multiple PinnedImageSets are loaded
+ and pinned sequentially as listed. Duplicate and existing images will be
+ skipped.
+
+ Any failure to prefetch or pin images will result in a Degraded pool.
+ Resolving these failures is the responsibility of the user. The admin
+ should be proactive in ensuring adequate storage and proper image
+ authentication exists in advance.
+ items:
+ properties:
+ name:
+ description: |-
+ name is a reference to the name of a PinnedImageSet. Must adhere to
+ RFC-1123 (https://tools.ietf.org/html/rfc1123).
+ Made up of one of more period-separated (.) segments, where each segment
+ consists of alphanumeric characters and hyphens (-), must begin and end
+ with an alphanumeric character, and is at most 63 characters in length.
+ The total length of the name must not exceed 253 characters.
+ maxLength: 253
+ minLength: 1
+ pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 100
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ status:
+ description: status contains observed information about the machine config
+ pool.
+ properties:
+ certExpirys:
+ description: certExpirys keeps track of important certificate expiration
+ data
+ items:
+ description: ceryExpiry contains the bundle name and the expiry
+ date
+ properties:
+ bundle:
+ description: bundle is the name of the bundle in which the subject
+ certificate resides
+ type: string
+ expiry:
+ description: expiry is the date after which the certificate
+ will no longer be valid
+ format: date-time
+ type: string
+ subject:
+ description: subject is the subject of the certificate
+ type: string
+ required:
+ - bundle
+ - subject
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ conditions:
+ description: conditions represents the latest available observations
+ of current state.
+ items:
+ description: MachineConfigPoolCondition contains condition information
+ for an MachineConfigPool.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the timestamp corresponding to the last status
+ change of this condition.
+ format: date-time
+ nullable: true
+ type: string
+ message:
+ description: |-
+ message is a human readable description of the details of the last
+ transition, complementing reason.
+ type: string
+ reason:
+ description: |-
+ reason is a brief machine readable explanation for the condition's last
+ transition.
+ type: string
+ status:
+ description: status of the condition, one of ('True', 'False',
+ 'Unknown').
+ type: string
+ type:
+ description: type of the condition, currently ('Done', 'Updating',
+ 'Failed').
+ type: string
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ configuration:
+ description: configuration represents the current MachineConfig object
+ for the machine config pool.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ source:
+ description: source is the list of MachineConfig objects that
+ were used to generate the single MachineConfig object specified
+ in `content`.
+ items:
+ description: ObjectReference contains enough information to
+ let you inspect or modify the referred object.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ degradedMachineCount:
+ description: |-
+ degradedMachineCount represents the total number of machines marked degraded (or unreconcilable).
+ A node is marked degraded if applying a configuration failed..
+ format: int32
+ type: integer
+ machineCount:
+ description: machineCount represents the total number of machines
+ in the machine config pool.
+ format: int32
+ type: integer
+ observedGeneration:
+ description: observedGeneration represents the generation observed
+ by the controller.
+ format: int64
+ type: integer
+ osImageStream:
+ description: |-
+ osImageStream specifies the last updated OSImageStream for the pool.
+
+ When omitted, the pool is using the cluster-wide default OS images.
+ properties:
+ name:
+ description: |-
+ name is a required reference to an OSImageStream to be used for the pool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - name
+ type: object
+ poolSynchronizersStatus:
+ description: poolSynchronizersStatus is the status of the machines
+ managed by the pool synchronizers.
+ items:
+ properties:
+ availableMachineCount:
+ description: availableMachineCount is the number of machines
+ managed by the node synchronizer which are available.
+ format: int64
+ minimum: 0
+ type: integer
+ machineCount:
+ description: machineCount is the number of machines that are
+ managed by the node synchronizer.
+ format: int64
+ minimum: 0
+ type: integer
+ observedGeneration:
+ description: observedGeneration is the last generation change
+ that has been applied.
+ format: int64
+ minimum: 0
+ type: integer
+ x-kubernetes-validations:
+ - message: observedGeneration must not move backwards except
+ to zero
+ rule: self >= oldSelf || (self == 0 && oldSelf > 0)
+ poolSynchronizerType:
+ description: poolSynchronizerType describes the type of the
+ pool synchronizer.
+ enum:
+ - PinnedImageSets
+ maxLength: 256
+ type: string
+ readyMachineCount:
+ description: readyMachineCount is the number of machines managed
+ by the node synchronizer that are in a ready state.
+ format: int64
+ minimum: 0
+ type: integer
+ unavailableMachineCount:
+ description: unavailableMachineCount is the number of machines
+ managed by the node synchronizer but are unavailable.
+ format: int64
+ minimum: 0
+ type: integer
+ updatedMachineCount:
+ description: updatedMachineCount is the number of machines that
+ have been updated by the node synchronizer.
+ format: int64
+ minimum: 0
+ type: integer
+ required:
+ - availableMachineCount
+ - machineCount
+ - poolSynchronizerType
+ - readyMachineCount
+ - unavailableMachineCount
+ - updatedMachineCount
+ type: object
+ x-kubernetes-validations:
+ - message: machineCount must be greater than or equal to updatedMachineCount
+ rule: self.machineCount >= self.updatedMachineCount
+ - message: machineCount must be greater than or equal to availableMachineCount
+ rule: self.machineCount >= self.availableMachineCount
+ - message: machineCount must be greater than or equal to unavailableMachineCount
+ rule: self.machineCount >= self.unavailableMachineCount
+ - message: machineCount must be greater than or equal to readyMachineCount
+ rule: self.machineCount >= self.readyMachineCount
+ - message: availableMachineCount must be greater than or equal to
+ readyMachineCount
+ rule: self.availableMachineCount >= self.readyMachineCount
+ type: array
+ x-kubernetes-list-map-keys:
+ - poolSynchronizerType
+ x-kubernetes-list-type: map
+ readyMachineCount:
+ description: readyMachineCount represents the total number of ready
+ machines targeted by the pool.
+ format: int32
+ type: integer
+ unavailableMachineCount:
+ description: |-
+ unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool.
+ A node is marked unavailable if it is in updating state or NodeReady condition is false.
+ format: int32
+ type: integer
+ updatedMachineCount:
+ description: updatedMachineCount represents the total number of machines
+ targeted by the pool that have the CurrentMachineConfig as their
+ config.
+ format: int32
+ type: integer
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
similarity index 99%
rename from payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml
rename to payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
index d18a1ecaa3e..33c4be7e897 100644
--- a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml
+++ b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml
@@ -5,7 +5,6 @@ metadata:
api-approved.openshift.io: https://github.com/openshift/api/pull/2555
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
- include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade
labels:
openshift.io/operator-managed: ""
diff --git a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml
new file mode 100644
index 00000000000..45af11e4943
--- /dev/null
+++ b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml
@@ -0,0 +1,206 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.openshift.io: https://github.com/openshift/api/pull/2555
+ api.openshift.io/merged-by-featuregates: "true"
+ include.release.openshift.io/self-managed-high-availability: "true"
+ labels:
+ openshift.io/operator-managed: ""
+ name: osimagestreams.machineconfiguration.openshift.io
+spec:
+ group: machineconfiguration.openshift.io
+ names:
+ kind: OSImageStream
+ listKind: OSImageStreamList
+ plural: osimagestreams
+ singular: osimagestream
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ OSImageStream describes a set of streams and associated images available
+ for the MachineConfigPools to be used as base OS images.
+
+ The resource is a singleton named "cluster".
+
+ Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: spec contains the desired OSImageStream config configuration.
+ properties:
+ defaultStream:
+ description: |-
+ defaultStream is the desired name of the stream that should be used as the
+ default when no specific stream is requested by a MachineConfigPool.
+
+ This field is set by the installer during installation. Users may need to
+ update it if the currently selected stream is no longer available, for
+ example when the stream has reached its End of Life.
+ The MachineConfigOperator uses this value to determine which stream from
+ status.availableStreams to apply as the default for MachineConfigPools
+ that do not specify a stream override.
+
+ When status.availableStreams has been populated by the operator, updating
+ this field requires that the new value references the name of one of the
+ streams in status.availableStreams. Status-only updates by the operator
+ are not subject to this constraint, allowing the operator to update
+ availableStreams independently of this field.
+ During initial creation, before the operator has populated status, any
+ valid value is accepted.
+
+ When omitted, the operator determines the default stream automatically.
+ Once set, this field cannot be removed.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ type: object
+ x-kubernetes-validations:
+ - message: spec.defaultStream cannot be removed once set
+ rule: '!has(oldSelf.defaultStream) || has(self.defaultStream)'
+ status:
+ description: |-
+ status describes the last observed state of this OSImageStream.
+ Populated by the MachineConfigOperator after reading release metadata.
+ When not present, the controller has not yet reconciled this resource.
+ properties:
+ availableStreams:
+ description: |-
+ availableStreams is a list of the available OS Image Streams that can be
+ used as the base image for MachineConfigPools.
+ availableStreams is required, must have at least one item, must not exceed
+ 100 items, and must have unique entries keyed on the name field.
+ items:
+ properties:
+ name:
+ description: |-
+ name is the required identifier of the stream.
+
+ name is determined by the operator based on the OCI label of the
+ discovered OS or Extension Image.
+
+ Must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ osExtensionsImage:
+ description: |-
+ osExtensionsImage is a required OS Extensions Image referenced by digest.
+
+ osExtensionsImage bundles the extra repositories used to enable extensions, augmenting
+ the base operating system without modifying the underlying immutable osImage.
+
+ The format of the image pull spec is: host[:port][/namespace]/name@sha256:,
+ where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9.
+ The length of the whole spec must be between 1 to 447 characters.
+ maxLength: 447
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: the OCI Image reference must end with a valid '@sha256:'
+ suffix, where '' is 64 characters long
+ rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))
+ - message: the OCI Image name should follow the host[:port][/namespace]/name
+ format, resembling a valid URL without the scheme
+ rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))
+ osImage:
+ description: |-
+ osImage is a required OS Image referenced by digest.
+
+ osImage contains the immutable, fundamental operating system components, including the kernel
+ and base utilities, that define the core environment for the node's host operating system.
+
+ The format of the image pull spec is: host[:port][/namespace]/name@sha256:,
+ where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9.
+ The length of the whole spec must be between 1 to 447 characters.
+ maxLength: 447
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: the OCI Image reference must end with a valid '@sha256:'
+ suffix, where '' is 64 characters long
+ rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))
+ - message: the OCI Image name should follow the host[:port][/namespace]/name
+ format, resembling a valid URL without the scheme
+ rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))
+ required:
+ - name
+ - osExtensionsImage
+ - osImage
+ type: object
+ maxItems: 100
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ defaultStream:
+ description: |-
+ defaultStream is the name of the stream that should be used as the default
+ when no specific stream is requested by a MachineConfigPool.
+
+ It must be a valid RFC 1123 subdomain between 1 and 253 characters in length,
+ consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'),
+ and must reference the name of one of the streams in availableStreams.
+ maxLength: 253
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: a RFC 1123 subdomain must consist of lower case alphanumeric
+ characters, '-' or '.', and must start and end with an alphanumeric
+ character.
+ rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+ required:
+ - availableStreams
+ - defaultStream
+ type: object
+ x-kubernetes-validations:
+ - message: defaultStream must reference a stream name from availableStreams
+ rule: self.defaultStream in self.availableStreams.map(s, s.name)
+ required:
+ - spec
+ type: object
+ x-kubernetes-validations:
+ - message: osimagestream is a singleton, .metadata.name must be 'cluster'
+ rule: self.metadata.name == 'cluster'
+ - message: spec.defaultStream must reference an existing stream name from
+ status.availableStreams
+ rule: self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status)
+ || self.spec.defaultStream in self.status.availableStreams.map(s, s.name)
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
index c74894c2ff6..32aa3f38e30 100644
--- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
+++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
@@ -230,9 +230,6 @@
{
"name": "OLMLifecycleAndCompatibility"
},
- {
- "name": "OSStreams"
- },
{
"name": "OVNObservability"
},
@@ -331,6 +328,9 @@
{
"name": "NewOLMWebhookProviderOpenshiftServiceCA"
},
+ {
+ "name": "OSStreams"
+ },
{
"name": "OpenShiftPodSecurityAdmission"
},
diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
index 9c33c4dc09f..4ba884deb41 100644
--- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
+++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
@@ -232,9 +232,6 @@
{
"name": "OLMLifecycleAndCompatibility"
},
- {
- "name": "OSStreams"
- },
{
"name": "OVNObservability"
},
@@ -333,6 +330,9 @@
{
"name": "NewOLMWebhookProviderOpenshiftServiceCA"
},
+ {
+ "name": "OSStreams"
+ },
{
"name": "OpenShiftPodSecurityAdmission"
},