From 2cbf3c892cd4caea94e28ea32ba7b57a3cd3dd13 Mon Sep 17 00:00:00 2001 From: Zack Zlotnik Date: Tue, 19 May 2026 17:05:54 -0400 Subject: [PATCH] promote OSStreams to GA in self-managed clusters --- features.md | 2 +- features/features.go | 3 +- ...pools-Hypershift-CustomNoUpgrade.crd.yaml} | 1 - ...ineconfigpools-Hypershift-Default.crd.yaml | 1 - ...ls-Hypershift-DevPreviewNoUpgrade.crd.yaml | 1 - ...machineconfigpools-Hypershift-OKD.crd.yaml | 1 - ...-Hypershift-TechPreviewNoUpgrade.crd.yaml} | 1 - ..._machineconfigpools-SelfManagedHA.crd.yaml | 668 ++++++++++++++++++ ...fig_01_osimagestreams-Hypershift.crd.yaml} | 1 - ...g_01_osimagestreams-SelfManagedHA.crd.yaml | 206 ++++++ ...pools-Hypershift-CustomNoUpgrade.crd.yaml} | 1 - ...ineconfigpools-Hypershift-Default.crd.yaml | 1 - ...ls-Hypershift-DevPreviewNoUpgrade.crd.yaml | 1 - ...machineconfigpools-Hypershift-OKD.crd.yaml | 1 - ...-Hypershift-TechPreviewNoUpgrade.crd.yaml} | 1 - ..._machineconfigpools-SelfManagedHA.crd.yaml | 668 ++++++++++++++++++ ...fig_01_osimagestreams-Hypershift.crd.yaml} | 1 - ...g_01_osimagestreams-SelfManagedHA.crd.yaml | 206 ++++++ ...eatureGate-4-10-SelfManagedHA-Default.yaml | 6 +- .../featureGate-4-10-SelfManagedHA-OKD.yaml | 6 +- 20 files changed, 1757 insertions(+), 20 deletions(-) rename machineconfiguration/v1/zz_generated.crd-manifests/{0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml => 0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml} (99%) rename payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml => machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml (99%) rename payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml => machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml (99%) rename payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml => machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml (99%) rename machineconfiguration/v1/zz_generated.crd-manifests/{0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml => 0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml} (99%) create mode 100644 machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml rename machineconfiguration/v1alpha1/zz_generated.crd-manifests/{0000_80_machine-config_01_osimagestreams.crd.yaml => 0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml} (99%) create mode 100644 machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml rename payload-manifests/crds/{0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml => 0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml} (99%) rename machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml => payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml (99%) rename machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml => payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml (99%) rename machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml => payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml (99%) rename payload-manifests/crds/{0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml => 0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml} (99%) create mode 100644 payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml rename payload-manifests/crds/{0000_80_machine-config_01_osimagestreams.crd.yaml => 0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml} (99%) create mode 100644 payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml diff --git a/features.md b/features.md index 750b68d62fc..dad13b736cc 100644 --- a/features.md +++ b/features.md @@ -77,7 +77,6 @@ | NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled | | NoOverlayMode| | | Enabled | Enabled | | | Enabled | Enabled | | NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled | -| OSStreams| | | Enabled | Enabled | | | Enabled | Enabled | | OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled | | OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled | | SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled | @@ -87,6 +86,7 @@ | VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled | | VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled | | AWSServiceLBNetworkSecurityGroup| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | +| OSStreams| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | | AzureClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BootImageSkewEnforcement| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/features/features.go b/features/features.go index c17075aa867..6dceed78546 100644 --- a/features/features.go +++ b/features/features.go @@ -880,7 +880,8 @@ var ( contactPerson("pabrodri"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1874"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade(), inDefault(), inOKD()). + enable(inClusterProfile(Hypershift), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() FeatureGateCRDCompatibilityRequirementOperator = newFeatureGate("CRDCompatibilityRequirementOperator"). diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml similarity index 99% rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml index 6dc75e209b5..dc5b42993f6 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: CustomNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml index b551493e48b..190ea73d481 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: Default labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml index 48688e4791b..cfe6e2a8709 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: DevPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml index 748c9ffea78..9489334b72b 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: OKD labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml similarity index 99% rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml rename to machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml index 12bb88dfd59..b509440da7b 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml new file mode 100644 index 00000000000..d040014a569 --- /dev/null +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml @@ -0,0 +1,668 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/self-managed-high-availability: "true" + labels: + openshift.io/operator-managed: "" + name: machineconfigpools.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: MachineConfigPool + listKind: MachineConfigPoolList + plural: machineconfigpools + shortNames: + - mcp + singular: machineconfigpool + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.configuration.name + name: Config + type: string + - description: When all the machines in the pool are updated to the correct machine + config. + jsonPath: .status.conditions[?(@.type=="Updated")].status + name: Updated + type: string + - description: When at least one of machine is not either not updated or is in + the process of updating to the desired machine config. + jsonPath: .status.conditions[?(@.type=="Updating")].status + name: Updating + type: string + - description: When progress is blocked on updating one or more nodes or the pool + configuration is failing. + jsonPath: .status.conditions[?(@.type=="Degraded")].status + name: Degraded + type: string + - description: Total number of machines in the machine config pool + jsonPath: .status.machineCount + name: MachineCount + type: number + - description: Total number of ready machines targeted by the pool + jsonPath: .status.readyMachineCount + name: ReadyMachineCount + type: number + - description: Total number of machines targeted by the pool that have the CurrentMachineConfig + as their config + jsonPath: .status.updatedMachineCount + name: UpdatedMachineCount + type: number + - description: Total number of machines marked degraded (or unreconcilable) + jsonPath: .status.degradedMachineCount + name: DegradedMachineCount + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + MachineConfigPool describes a pool of MachineConfigs. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec contains the desired machine config pool configuration. + properties: + configuration: + description: The targeted MachineConfig object for the machine config + pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + source: + description: source is the list of MachineConfig objects that + were used to generate the single MachineConfig object specified + in `content`. + items: + description: ObjectReference contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + machineConfigSelector: + description: |- + machineConfigSelector specifies a label selector for MachineConfigs. + Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable defines either an integer number or percentage + of nodes in the pool that can go Unavailable during an update. + This includes nodes Unavailable for any reason, including user + initiated cordons, failing nodes, etc. The default value is 1. + + A value larger than 1 will mean multiple nodes going unavailable during + the update, which may affect your workload stress on the remaining nodes. + You cannot set this value to 0 to stop updates (it will default back to 1); + to stop updates, use the 'paused' property instead. Drain will respect + Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if + maxUnavailable is greater than one. + x-kubernetes-int-or-string: true + nodeSelector: + description: nodeSelector specifies a label selector for Machines + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + osImageStream: + description: |- + osImageStream specifies an OS stream to be used for the pool. + + This field can be optionally set to a known OSImageStream name to change the + OS and Extension images with a well-known, tested, release-provided set of images. + This enables a streamlined way of switching the pool's node OS to a different version + than the cluster default, such as transitioning to a major RHEL version. + + When set, the referenced stream overrides the cluster-wide OS + images for the pool with the OS and Extensions associated to stream. + When omitted, the pool uses the cluster-wide default OS images. + properties: + name: + description: |- + name is a required reference to an OSImageStream to be used for the pool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - name + type: object + paused: + description: |- + paused specifies whether or not changes to this machine config pool should be stopped. + This includes generating new desiredMachineConfig and update of machines. + type: boolean + pinnedImageSets: + description: |- + pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the + pool. Nodes within this pool will preload and pin images defined in the + PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure + the total uncompressed size of all the images does not exceed available + resources. If the total size of the images exceeds the available + resources the controller will report a Degraded status to the + MachineConfigPool and not attempt to pull any images. Also to help ensure + the kubelet can mitigate storage risk, the pinned_image configuration and + subsequent service reload will happen only after all of the images have + been pulled for each set. Images from multiple PinnedImageSets are loaded + and pinned sequentially as listed. Duplicate and existing images will be + skipped. + + Any failure to prefetch or pin images will result in a Degraded pool. + Resolving these failures is the responsibility of the user. The admin + should be proactive in ensuring adequate storage and proper image + authentication exists in advance. + items: + properties: + name: + description: |- + name is a reference to the name of a PinnedImageSet. Must adhere to + RFC-1123 (https://tools.ietf.org/html/rfc1123). + Made up of one of more period-separated (.) segments, where each segment + consists of alphanumeric characters and hyphens (-), must begin and end + with an alphanumeric character, and is at most 63 characters in length. + The total length of the name must not exceed 253 characters. + maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - name + type: object + maxItems: 100 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + status: + description: status contains observed information about the machine config + pool. + properties: + certExpirys: + description: certExpirys keeps track of important certificate expiration + data + items: + description: ceryExpiry contains the bundle name and the expiry + date + properties: + bundle: + description: bundle is the name of the bundle in which the subject + certificate resides + type: string + expiry: + description: expiry is the date after which the certificate + will no longer be valid + format: date-time + type: string + subject: + description: subject is the subject of the certificate + type: string + required: + - bundle + - subject + type: object + type: array + x-kubernetes-list-type: atomic + conditions: + description: conditions represents the latest available observations + of current state. + items: + description: MachineConfigPoolCondition contains condition information + for an MachineConfigPool. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the timestamp corresponding to the last status + change of this condition. + format: date-time + nullable: true + type: string + message: + description: |- + message is a human readable description of the details of the last + transition, complementing reason. + type: string + reason: + description: |- + reason is a brief machine readable explanation for the condition's last + transition. + type: string + status: + description: status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + type: + description: type of the condition, currently ('Done', 'Updating', + 'Failed'). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + configuration: + description: configuration represents the current MachineConfig object + for the machine config pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + source: + description: source is the list of MachineConfig objects that + were used to generate the single MachineConfig object specified + in `content`. + items: + description: ObjectReference contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + degradedMachineCount: + description: |- + degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). + A node is marked degraded if applying a configuration failed.. + format: int32 + type: integer + machineCount: + description: machineCount represents the total number of machines + in the machine config pool. + format: int32 + type: integer + observedGeneration: + description: observedGeneration represents the generation observed + by the controller. + format: int64 + type: integer + osImageStream: + description: |- + osImageStream specifies the last updated OSImageStream for the pool. + + When omitted, the pool is using the cluster-wide default OS images. + properties: + name: + description: |- + name is a required reference to an OSImageStream to be used for the pool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - name + type: object + poolSynchronizersStatus: + description: poolSynchronizersStatus is the status of the machines + managed by the pool synchronizers. + items: + properties: + availableMachineCount: + description: availableMachineCount is the number of machines + managed by the node synchronizer which are available. + format: int64 + minimum: 0 + type: integer + machineCount: + description: machineCount is the number of machines that are + managed by the node synchronizer. + format: int64 + minimum: 0 + type: integer + observedGeneration: + description: observedGeneration is the last generation change + that has been applied. + format: int64 + minimum: 0 + type: integer + x-kubernetes-validations: + - message: observedGeneration must not move backwards except + to zero + rule: self >= oldSelf || (self == 0 && oldSelf > 0) + poolSynchronizerType: + description: poolSynchronizerType describes the type of the + pool synchronizer. + enum: + - PinnedImageSets + maxLength: 256 + type: string + readyMachineCount: + description: readyMachineCount is the number of machines managed + by the node synchronizer that are in a ready state. + format: int64 + minimum: 0 + type: integer + unavailableMachineCount: + description: unavailableMachineCount is the number of machines + managed by the node synchronizer but are unavailable. + format: int64 + minimum: 0 + type: integer + updatedMachineCount: + description: updatedMachineCount is the number of machines that + have been updated by the node synchronizer. + format: int64 + minimum: 0 + type: integer + required: + - availableMachineCount + - machineCount + - poolSynchronizerType + - readyMachineCount + - unavailableMachineCount + - updatedMachineCount + type: object + x-kubernetes-validations: + - message: machineCount must be greater than or equal to updatedMachineCount + rule: self.machineCount >= self.updatedMachineCount + - message: machineCount must be greater than or equal to availableMachineCount + rule: self.machineCount >= self.availableMachineCount + - message: machineCount must be greater than or equal to unavailableMachineCount + rule: self.machineCount >= self.unavailableMachineCount + - message: machineCount must be greater than or equal to readyMachineCount + rule: self.machineCount >= self.readyMachineCount + - message: availableMachineCount must be greater than or equal to + readyMachineCount + rule: self.availableMachineCount >= self.readyMachineCount + type: array + x-kubernetes-list-map-keys: + - poolSynchronizerType + x-kubernetes-list-type: map + readyMachineCount: + description: readyMachineCount represents the total number of ready + machines targeted by the pool. + format: int32 + type: integer + unavailableMachineCount: + description: |- + unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. + A node is marked unavailable if it is in updating state or NodeReady condition is false. + format: int32 + type: integer + updatedMachineCount: + description: updatedMachineCount represents the total number of machines + targeted by the pool that have the CurrentMachineConfig as their + config. + format: int32 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml similarity index 99% rename from machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml rename to machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml index d18a1ecaa3e..33c4be7e897 100644 --- a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml +++ b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/2555 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml new file mode 100644 index 00000000000..45af11e4943 --- /dev/null +++ b/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml @@ -0,0 +1,206 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/2555 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/self-managed-high-availability: "true" + labels: + openshift.io/operator-managed: "" + name: osimagestreams.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: OSImageStream + listKind: OSImageStreamList + plural: osimagestreams + singular: osimagestream + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + OSImageStream describes a set of streams and associated images available + for the MachineConfigPools to be used as base OS images. + + The resource is a singleton named "cluster". + + Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec contains the desired OSImageStream config configuration. + properties: + defaultStream: + description: |- + defaultStream is the desired name of the stream that should be used as the + default when no specific stream is requested by a MachineConfigPool. + + This field is set by the installer during installation. Users may need to + update it if the currently selected stream is no longer available, for + example when the stream has reached its End of Life. + The MachineConfigOperator uses this value to determine which stream from + status.availableStreams to apply as the default for MachineConfigPools + that do not specify a stream override. + + When status.availableStreams has been populated by the operator, updating + this field requires that the new value references the name of one of the + streams in status.availableStreams. Status-only updates by the operator + are not subject to this constraint, allowing the operator to update + availableStreams independently of this field. + During initial creation, before the operator has populated status, any + valid value is accepted. + + When omitted, the operator determines the default stream automatically. + Once set, this field cannot be removed. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + type: object + x-kubernetes-validations: + - message: spec.defaultStream cannot be removed once set + rule: '!has(oldSelf.defaultStream) || has(self.defaultStream)' + status: + description: |- + status describes the last observed state of this OSImageStream. + Populated by the MachineConfigOperator after reading release metadata. + When not present, the controller has not yet reconciled this resource. + properties: + availableStreams: + description: |- + availableStreams is a list of the available OS Image Streams that can be + used as the base image for MachineConfigPools. + availableStreams is required, must have at least one item, must not exceed + 100 items, and must have unique entries keyed on the name field. + items: + properties: + name: + description: |- + name is the required identifier of the stream. + + name is determined by the operator based on the OCI label of the + discovered OS or Extension Image. + + Must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + osExtensionsImage: + description: |- + osExtensionsImage is a required OS Extensions Image referenced by digest. + + osExtensionsImage bundles the extra repositories used to enable extensions, augmenting + the base operating system without modifying the underlying immutable osImage. + + The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + The length of the whole spec must be between 1 to 447 characters. + maxLength: 447 + minLength: 1 + type: string + x-kubernetes-validations: + - message: the OCI Image reference must end with a valid '@sha256:' + suffix, where '' is 64 characters long + rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) + - message: the OCI Image name should follow the host[:port][/namespace]/name + format, resembling a valid URL without the scheme + rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) + osImage: + description: |- + osImage is a required OS Image referenced by digest. + + osImage contains the immutable, fundamental operating system components, including the kernel + and base utilities, that define the core environment for the node's host operating system. + + The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + The length of the whole spec must be between 1 to 447 characters. + maxLength: 447 + minLength: 1 + type: string + x-kubernetes-validations: + - message: the OCI Image reference must end with a valid '@sha256:' + suffix, where '' is 64 characters long + rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) + - message: the OCI Image name should follow the host[:port][/namespace]/name + format, resembling a valid URL without the scheme + rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) + required: + - name + - osExtensionsImage + - osImage + type: object + maxItems: 100 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + defaultStream: + description: |- + defaultStream is the name of the stream that should be used as the default + when no specific stream is requested by a MachineConfigPool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'), + and must reference the name of one of the streams in availableStreams. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - availableStreams + - defaultStream + type: object + x-kubernetes-validations: + - message: defaultStream must reference a stream name from availableStreams + rule: self.defaultStream in self.availableStreams.map(s, s.name) + required: + - spec + type: object + x-kubernetes-validations: + - message: osimagestream is a singleton, .metadata.name must be 'cluster' + rule: self.metadata.name == 'cluster' + - message: spec.defaultStream must reference an existing stream name from + status.availableStreams + rule: self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status) + || self.spec.defaultStream in self.status.availableStreams.map(s, s.name) + served: true + storage: true + subresources: + status: {} diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml index 6dc75e209b5..dc5b42993f6 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-CustomNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: CustomNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml similarity index 99% rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml index b551493e48b..190ea73d481 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-Default.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: Default labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml similarity index 99% rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml index 48688e4791b..cfe6e2a8709 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-DevPreviewNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: DevPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml similarity index 99% rename from machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml index 748c9ffea78..9489334b72b 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-OKD.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-OKD.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: OKD labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml index 12bb88dfd59..b509440da7b 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml new file mode 100644 index 00000000000..d040014a569 --- /dev/null +++ b/payload-manifests/crds/0000_80_machine-config_01_machineconfigpools-SelfManagedHA.crd.yaml @@ -0,0 +1,668 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/self-managed-high-availability: "true" + labels: + openshift.io/operator-managed: "" + name: machineconfigpools.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: MachineConfigPool + listKind: MachineConfigPoolList + plural: machineconfigpools + shortNames: + - mcp + singular: machineconfigpool + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.configuration.name + name: Config + type: string + - description: When all the machines in the pool are updated to the correct machine + config. + jsonPath: .status.conditions[?(@.type=="Updated")].status + name: Updated + type: string + - description: When at least one of machine is not either not updated or is in + the process of updating to the desired machine config. + jsonPath: .status.conditions[?(@.type=="Updating")].status + name: Updating + type: string + - description: When progress is blocked on updating one or more nodes or the pool + configuration is failing. + jsonPath: .status.conditions[?(@.type=="Degraded")].status + name: Degraded + type: string + - description: Total number of machines in the machine config pool + jsonPath: .status.machineCount + name: MachineCount + type: number + - description: Total number of ready machines targeted by the pool + jsonPath: .status.readyMachineCount + name: ReadyMachineCount + type: number + - description: Total number of machines targeted by the pool that have the CurrentMachineConfig + as their config + jsonPath: .status.updatedMachineCount + name: UpdatedMachineCount + type: number + - description: Total number of machines marked degraded (or unreconcilable) + jsonPath: .status.degradedMachineCount + name: DegradedMachineCount + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + MachineConfigPool describes a pool of MachineConfigs. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec contains the desired machine config pool configuration. + properties: + configuration: + description: The targeted MachineConfig object for the machine config + pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + source: + description: source is the list of MachineConfig objects that + were used to generate the single MachineConfig object specified + in `content`. + items: + description: ObjectReference contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + machineConfigSelector: + description: |- + machineConfigSelector specifies a label selector for MachineConfigs. + Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ on how label and selectors work. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable defines either an integer number or percentage + of nodes in the pool that can go Unavailable during an update. + This includes nodes Unavailable for any reason, including user + initiated cordons, failing nodes, etc. The default value is 1. + + A value larger than 1 will mean multiple nodes going unavailable during + the update, which may affect your workload stress on the remaining nodes. + You cannot set this value to 0 to stop updates (it will default back to 1); + to stop updates, use the 'paused' property instead. Drain will respect + Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if + maxUnavailable is greater than one. + x-kubernetes-int-or-string: true + nodeSelector: + description: nodeSelector specifies a label selector for Machines + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + osImageStream: + description: |- + osImageStream specifies an OS stream to be used for the pool. + + This field can be optionally set to a known OSImageStream name to change the + OS and Extension images with a well-known, tested, release-provided set of images. + This enables a streamlined way of switching the pool's node OS to a different version + than the cluster default, such as transitioning to a major RHEL version. + + When set, the referenced stream overrides the cluster-wide OS + images for the pool with the OS and Extensions associated to stream. + When omitted, the pool uses the cluster-wide default OS images. + properties: + name: + description: |- + name is a required reference to an OSImageStream to be used for the pool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - name + type: object + paused: + description: |- + paused specifies whether or not changes to this machine config pool should be stopped. + This includes generating new desiredMachineConfig and update of machines. + type: boolean + pinnedImageSets: + description: |- + pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the + pool. Nodes within this pool will preload and pin images defined in the + PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure + the total uncompressed size of all the images does not exceed available + resources. If the total size of the images exceeds the available + resources the controller will report a Degraded status to the + MachineConfigPool and not attempt to pull any images. Also to help ensure + the kubelet can mitigate storage risk, the pinned_image configuration and + subsequent service reload will happen only after all of the images have + been pulled for each set. Images from multiple PinnedImageSets are loaded + and pinned sequentially as listed. Duplicate and existing images will be + skipped. + + Any failure to prefetch or pin images will result in a Degraded pool. + Resolving these failures is the responsibility of the user. The admin + should be proactive in ensuring adequate storage and proper image + authentication exists in advance. + items: + properties: + name: + description: |- + name is a reference to the name of a PinnedImageSet. Must adhere to + RFC-1123 (https://tools.ietf.org/html/rfc1123). + Made up of one of more period-separated (.) segments, where each segment + consists of alphanumeric characters and hyphens (-), must begin and end + with an alphanumeric character, and is at most 63 characters in length. + The total length of the name must not exceed 253 characters. + maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + required: + - name + type: object + maxItems: 100 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + status: + description: status contains observed information about the machine config + pool. + properties: + certExpirys: + description: certExpirys keeps track of important certificate expiration + data + items: + description: ceryExpiry contains the bundle name and the expiry + date + properties: + bundle: + description: bundle is the name of the bundle in which the subject + certificate resides + type: string + expiry: + description: expiry is the date after which the certificate + will no longer be valid + format: date-time + type: string + subject: + description: subject is the subject of the certificate + type: string + required: + - bundle + - subject + type: object + type: array + x-kubernetes-list-type: atomic + conditions: + description: conditions represents the latest available observations + of current state. + items: + description: MachineConfigPoolCondition contains condition information + for an MachineConfigPool. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the timestamp corresponding to the last status + change of this condition. + format: date-time + nullable: true + type: string + message: + description: |- + message is a human readable description of the details of the last + transition, complementing reason. + type: string + reason: + description: |- + reason is a brief machine readable explanation for the condition's last + transition. + type: string + status: + description: status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + type: + description: type of the condition, currently ('Done', 'Updating', + 'Failed'). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + configuration: + description: configuration represents the current MachineConfig object + for the machine config pool. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + source: + description: source is the list of MachineConfig objects that + were used to generate the single MachineConfig object specified + in `content`. + items: + description: ObjectReference contains enough information to + let you inspect or modify the referred object. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + degradedMachineCount: + description: |- + degradedMachineCount represents the total number of machines marked degraded (or unreconcilable). + A node is marked degraded if applying a configuration failed.. + format: int32 + type: integer + machineCount: + description: machineCount represents the total number of machines + in the machine config pool. + format: int32 + type: integer + observedGeneration: + description: observedGeneration represents the generation observed + by the controller. + format: int64 + type: integer + osImageStream: + description: |- + osImageStream specifies the last updated OSImageStream for the pool. + + When omitted, the pool is using the cluster-wide default OS images. + properties: + name: + description: |- + name is a required reference to an OSImageStream to be used for the pool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - name + type: object + poolSynchronizersStatus: + description: poolSynchronizersStatus is the status of the machines + managed by the pool synchronizers. + items: + properties: + availableMachineCount: + description: availableMachineCount is the number of machines + managed by the node synchronizer which are available. + format: int64 + minimum: 0 + type: integer + machineCount: + description: machineCount is the number of machines that are + managed by the node synchronizer. + format: int64 + minimum: 0 + type: integer + observedGeneration: + description: observedGeneration is the last generation change + that has been applied. + format: int64 + minimum: 0 + type: integer + x-kubernetes-validations: + - message: observedGeneration must not move backwards except + to zero + rule: self >= oldSelf || (self == 0 && oldSelf > 0) + poolSynchronizerType: + description: poolSynchronizerType describes the type of the + pool synchronizer. + enum: + - PinnedImageSets + maxLength: 256 + type: string + readyMachineCount: + description: readyMachineCount is the number of machines managed + by the node synchronizer that are in a ready state. + format: int64 + minimum: 0 + type: integer + unavailableMachineCount: + description: unavailableMachineCount is the number of machines + managed by the node synchronizer but are unavailable. + format: int64 + minimum: 0 + type: integer + updatedMachineCount: + description: updatedMachineCount is the number of machines that + have been updated by the node synchronizer. + format: int64 + minimum: 0 + type: integer + required: + - availableMachineCount + - machineCount + - poolSynchronizerType + - readyMachineCount + - unavailableMachineCount + - updatedMachineCount + type: object + x-kubernetes-validations: + - message: machineCount must be greater than or equal to updatedMachineCount + rule: self.machineCount >= self.updatedMachineCount + - message: machineCount must be greater than or equal to availableMachineCount + rule: self.machineCount >= self.availableMachineCount + - message: machineCount must be greater than or equal to unavailableMachineCount + rule: self.machineCount >= self.unavailableMachineCount + - message: machineCount must be greater than or equal to readyMachineCount + rule: self.machineCount >= self.readyMachineCount + - message: availableMachineCount must be greater than or equal to + readyMachineCount + rule: self.availableMachineCount >= self.readyMachineCount + type: array + x-kubernetes-list-map-keys: + - poolSynchronizerType + x-kubernetes-list-type: map + readyMachineCount: + description: readyMachineCount represents the total number of ready + machines targeted by the pool. + format: int32 + type: integer + unavailableMachineCount: + description: |- + unavailableMachineCount represents the total number of unavailable (non-ready) machines targeted by the pool. + A node is marked unavailable if it is in updating state or NodeReady condition is false. + format: int32 + type: integer + updatedMachineCount: + description: updatedMachineCount represents the total number of machines + targeted by the pool that have the CurrentMachineConfig as their + config. + format: int32 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml rename to payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml index d18a1ecaa3e..33c4be7e897 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-Hypershift.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/2555 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade labels: openshift.io/operator-managed: "" diff --git a/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml new file mode 100644 index 00000000000..45af11e4943 --- /dev/null +++ b/payload-manifests/crds/0000_80_machine-config_01_osimagestreams-SelfManagedHA.crd.yaml @@ -0,0 +1,206 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/2555 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/self-managed-high-availability: "true" + labels: + openshift.io/operator-managed: "" + name: osimagestreams.machineconfiguration.openshift.io +spec: + group: machineconfiguration.openshift.io + names: + kind: OSImageStream + listKind: OSImageStreamList + plural: osimagestreams + singular: osimagestream + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + OSImageStream describes a set of streams and associated images available + for the MachineConfigPools to be used as base OS images. + + The resource is a singleton named "cluster". + + Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec contains the desired OSImageStream config configuration. + properties: + defaultStream: + description: |- + defaultStream is the desired name of the stream that should be used as the + default when no specific stream is requested by a MachineConfigPool. + + This field is set by the installer during installation. Users may need to + update it if the currently selected stream is no longer available, for + example when the stream has reached its End of Life. + The MachineConfigOperator uses this value to determine which stream from + status.availableStreams to apply as the default for MachineConfigPools + that do not specify a stream override. + + When status.availableStreams has been populated by the operator, updating + this field requires that the new value references the name of one of the + streams in status.availableStreams. Status-only updates by the operator + are not subject to this constraint, allowing the operator to update + availableStreams independently of this field. + During initial creation, before the operator has populated status, any + valid value is accepted. + + When omitted, the operator determines the default stream automatically. + Once set, this field cannot be removed. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + type: object + x-kubernetes-validations: + - message: spec.defaultStream cannot be removed once set + rule: '!has(oldSelf.defaultStream) || has(self.defaultStream)' + status: + description: |- + status describes the last observed state of this OSImageStream. + Populated by the MachineConfigOperator after reading release metadata. + When not present, the controller has not yet reconciled this resource. + properties: + availableStreams: + description: |- + availableStreams is a list of the available OS Image Streams that can be + used as the base image for MachineConfigPools. + availableStreams is required, must have at least one item, must not exceed + 100 items, and must have unique entries keyed on the name field. + items: + properties: + name: + description: |- + name is the required identifier of the stream. + + name is determined by the operator based on the OCI label of the + discovered OS or Extension Image. + + Must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + osExtensionsImage: + description: |- + osExtensionsImage is a required OS Extensions Image referenced by digest. + + osExtensionsImage bundles the extra repositories used to enable extensions, augmenting + the base operating system without modifying the underlying immutable osImage. + + The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + The length of the whole spec must be between 1 to 447 characters. + maxLength: 447 + minLength: 1 + type: string + x-kubernetes-validations: + - message: the OCI Image reference must end with a valid '@sha256:' + suffix, where '' is 64 characters long + rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) + - message: the OCI Image name should follow the host[:port][/namespace]/name + format, resembling a valid URL without the scheme + rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) + osImage: + description: |- + osImage is a required OS Image referenced by digest. + + osImage contains the immutable, fundamental operating system components, including the kernel + and base utilities, that define the core environment for the node's host operating system. + + The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + The length of the whole spec must be between 1 to 447 characters. + maxLength: 447 + minLength: 1 + type: string + x-kubernetes-validations: + - message: the OCI Image reference must end with a valid '@sha256:' + suffix, where '' is 64 characters long + rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) + - message: the OCI Image name should follow the host[:port][/namespace]/name + format, resembling a valid URL without the scheme + rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) + required: + - name + - osExtensionsImage + - osImage + type: object + maxItems: 100 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + defaultStream: + description: |- + defaultStream is the name of the stream that should be used as the default + when no specific stream is requested by a MachineConfigPool. + + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, + consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'), + and must reference the name of one of the streams in availableStreams. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a RFC 1123 subdomain must consist of lower case alphanumeric + characters, '-' or '.', and must start and end with an alphanumeric + character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - availableStreams + - defaultStream + type: object + x-kubernetes-validations: + - message: defaultStream must reference a stream name from availableStreams + rule: self.defaultStream in self.availableStreams.map(s, s.name) + required: + - spec + type: object + x-kubernetes-validations: + - message: osimagestream is a singleton, .metadata.name must be 'cluster' + rule: self.metadata.name == 'cluster' + - message: spec.defaultStream must reference an existing stream name from + status.availableStreams + rule: self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status) + || self.spec.defaultStream in self.status.availableStreams.map(s, s.name) + served: true + storage: true + subresources: + status: {} diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml index c74894c2ff6..32aa3f38e30 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml @@ -230,9 +230,6 @@ { "name": "OLMLifecycleAndCompatibility" }, - { - "name": "OSStreams" - }, { "name": "OVNObservability" }, @@ -331,6 +328,9 @@ { "name": "NewOLMWebhookProviderOpenshiftServiceCA" }, + { + "name": "OSStreams" + }, { "name": "OpenShiftPodSecurityAdmission" }, diff --git a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml index 9c33c4dc09f..4ba884deb41 100644 --- a/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml +++ b/payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml @@ -232,9 +232,6 @@ { "name": "OLMLifecycleAndCompatibility" }, - { - "name": "OSStreams" - }, { "name": "OVNObservability" }, @@ -333,6 +330,9 @@ { "name": "NewOLMWebhookProviderOpenshiftServiceCA" }, + { + "name": "OSStreams" + }, { "name": "OpenShiftPodSecurityAdmission" },