From b5f2089147368b3206316adeb9111f9755b61b27 Mon Sep 17 00:00:00 2001 From: Riccardo Ravaioli Date: Mon, 1 Dec 2025 13:02:42 +0100 Subject: [PATCH] Regenerate apply configurations for OVN no-overlay mode Vendor openshift/api changes that add no-overlay mode support to the Network operator API. This regenerates the apply configurations to include: - DefaultNetworkTransport field - DefaultNetworkNoOverlayOptions field - BGPManagedConfig field - NoOverlayOptions struct - BGPManagedConfig struct Signed-off-by: Riccardo Ravaioli --- go.mod | 2 + go.sum | 4 +- .../applyconfigurations/internal/internal.go | 29 +++ .../operator/v1/bgpmanagedconfig.go | 36 +++ .../operator/v1/nooverlayoptions.go | 36 +++ .../operator/v1/ovnkubernetesconfig.go | 51 +++- operator/applyconfigurations/utils.go | 4 + .../openshift/api/config/v1/types_feature.go | 9 +- .../api/config/v1/types_image_policy.go | 2 +- .../v1/zz_generated.swagger_doc_generated.go | 2 +- vendor/github.com/openshift/api/features.md | 230 +++++++++--------- .../api/machine/v1beta1/types_awsprovider.go | 20 +- .../machine/v1beta1/zz_generated.deepcopy.go | 12 +- .../zz_generated.swagger_doc_generated.go | 8 +- .../openshift/api/openapi/openapi.json | 69 +++++- .../api/operator/v1/types_network.go | 113 +++++++++ .../api/operator/v1/zz_generated.deepcopy.go | 34 +++ ..._generated.featuregated-crd-manifests.yaml | 1 + .../v1/zz_generated.swagger_doc_generated.go | 49 +++- vendor/modules.txt | 3 +- 20 files changed, 545 insertions(+), 169 deletions(-) create mode 100644 operator/applyconfigurations/operator/v1/bgpmanagedconfig.go create mode 100644 operator/applyconfigurations/operator/v1/nooverlayoptions.go diff --git a/go.mod b/go.mod index b673dfbeb5..50991cce84 100644 --- a/go.mod +++ b/go.mod @@ -66,3 +66,5 @@ retract v3.9.0+incompatible // To make go aware of the retraction, we need to tag a new version that can be // retracted by itself. retract v0.0.1 + +replace github.com/openshift/api => github.com/ricky-rav/api v0.0.0-20251215092810-0a87dc54a866 diff --git a/go.sum b/go.sum index 96df6fd37f..a06539a639 100644 --- a/go.sum +++ b/go.sum @@ -57,14 +57,14 @@ github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= -github.com/openshift/api v0.0.0-20251204164930-cd2e40c5883a h1:v/W0YkbADTv9bfubadSNIOftvDIA/JwN8zaK79K5Wyc= -github.com/openshift/api v0.0.0-20251204164930-cd2e40c5883a/go.mod h1:d5uzF0YN2nQQFA0jIEWzzOZ+edmo6wzlGLvx5Fhz4uY= github.com/openshift/build-machinery-go v0.0.0-20250530140348-dc5b2804eeee h1:+Sp5GGnjHDhT/a/nQ1xdp43UscBMr7G5wxsYotyhzJ4= github.com/openshift/build-machinery-go v0.0.0-20250530140348-dc5b2804eeee/go.mod h1:8jcm8UPtg2mCAsxfqKil1xrmRMI3a+XU2TZ9fF8A7TE= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/ricky-rav/api v0.0.0-20251215092810-0a87dc54a866 h1:/Czn5nnlZaR9XroaoyGrQCyEUV85CgriqAzj+NSR8yE= +github.com/ricky-rav/api v0.0.0-20251215092810-0a87dc54a866/go.mod h1:d5uzF0YN2nQQFA0jIEWzzOZ+edmo6wzlGLvx5Fhz4uY= github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= diff --git a/operator/applyconfigurations/internal/internal.go b/operator/applyconfigurations/internal/internal.go index d2451c5723..109db2468d 100644 --- a/operator/applyconfigurations/internal/internal.go +++ b/operator/applyconfigurations/internal/internal.go @@ -389,6 +389,15 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.operator.v1.BGPManagedConfig + map: + fields: + - name: asNumber + type: + scalar: numeric + - name: bgpTopology + type: + scalar: string - name: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig map: fields: @@ -2837,6 +2846,15 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string +- name: com.github.openshift.api.operator.v1.NoOverlayOptions + map: + fields: + - name: outboundSNAT + type: + scalar: string + - name: routing + type: + scalar: string - name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus map: fields: @@ -3136,6 +3154,17 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.OVNKubernetesConfig map: fields: + - name: bgpManagedConfig + type: + namedType: com.github.openshift.api.operator.v1.BGPManagedConfig + default: {} + - name: defaultNetworkNoOverlayOptions + type: + namedType: com.github.openshift.api.operator.v1.NoOverlayOptions + default: {} + - name: defaultNetworkTransport + type: + scalar: string - name: egressIPConfig type: namedType: com.github.openshift.api.operator.v1.EgressIPConfig diff --git a/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go b/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go new file mode 100644 index 0000000000..fe44370a92 --- /dev/null +++ b/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// BGPManagedConfigApplyConfiguration represents a declarative configuration of the BGPManagedConfig type for use +// with apply. +type BGPManagedConfigApplyConfiguration struct { + ASNumber *int64 `json:"asNumber,omitempty"` + BGPTopology *operatorv1.BGPTopology `json:"bgpTopology,omitempty"` +} + +// BGPManagedConfigApplyConfiguration constructs a declarative configuration of the BGPManagedConfig type for use with +// apply. +func BGPManagedConfig() *BGPManagedConfigApplyConfiguration { + return &BGPManagedConfigApplyConfiguration{} +} + +// WithASNumber sets the ASNumber field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ASNumber field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithASNumber(value int64) *BGPManagedConfigApplyConfiguration { + b.ASNumber = &value + return b +} + +// WithBGPTopology sets the BGPTopology field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPTopology field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithBGPTopology(value operatorv1.BGPTopology) *BGPManagedConfigApplyConfiguration { + b.BGPTopology = &value + return b +} diff --git a/operator/applyconfigurations/operator/v1/nooverlayoptions.go b/operator/applyconfigurations/operator/v1/nooverlayoptions.go new file mode 100644 index 0000000000..7ac090c240 --- /dev/null +++ b/operator/applyconfigurations/operator/v1/nooverlayoptions.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// NoOverlayOptionsApplyConfiguration represents a declarative configuration of the NoOverlayOptions type for use +// with apply. +type NoOverlayOptionsApplyConfiguration struct { + OutboundSNAT *operatorv1.SNATOption `json:"outboundSNAT,omitempty"` + Routing *operatorv1.RoutingOption `json:"routing,omitempty"` +} + +// NoOverlayOptionsApplyConfiguration constructs a declarative configuration of the NoOverlayOptions type for use with +// apply. +func NoOverlayOptions() *NoOverlayOptionsApplyConfiguration { + return &NoOverlayOptionsApplyConfiguration{} +} + +// WithOutboundSNAT sets the OutboundSNAT field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OutboundSNAT field is set to the value of the last call. +func (b *NoOverlayOptionsApplyConfiguration) WithOutboundSNAT(value operatorv1.SNATOption) *NoOverlayOptionsApplyConfiguration { + b.OutboundSNAT = &value + return b +} + +// WithRouting sets the Routing field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Routing field is set to the value of the last call. +func (b *NoOverlayOptionsApplyConfiguration) WithRouting(value operatorv1.RoutingOption) *NoOverlayOptionsApplyConfiguration { + b.Routing = &value + return b +} diff --git a/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go b/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go index 9d878cea91..4fbfb206db 100644 --- a/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go +++ b/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go @@ -9,18 +9,21 @@ import ( // OVNKubernetesConfigApplyConfiguration represents a declarative configuration of the OVNKubernetesConfig type for use // with apply. type OVNKubernetesConfigApplyConfiguration struct { - MTU *uint32 `json:"mtu,omitempty"` - GenevePort *uint32 `json:"genevePort,omitempty"` - HybridOverlayConfig *HybridOverlayConfigApplyConfiguration `json:"hybridOverlayConfig,omitempty"` - IPsecConfig *IPsecConfigApplyConfiguration `json:"ipsecConfig,omitempty"` - PolicyAuditConfig *PolicyAuditConfigApplyConfiguration `json:"policyAuditConfig,omitempty"` - GatewayConfig *GatewayConfigApplyConfiguration `json:"gatewayConfig,omitempty"` - V4InternalSubnet *string `json:"v4InternalSubnet,omitempty"` - V6InternalSubnet *string `json:"v6InternalSubnet,omitempty"` - EgressIPConfig *EgressIPConfigApplyConfiguration `json:"egressIPConfig,omitempty"` - IPv4 *IPv4OVNKubernetesConfigApplyConfiguration `json:"ipv4,omitempty"` - IPv6 *IPv6OVNKubernetesConfigApplyConfiguration `json:"ipv6,omitempty"` - RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + MTU *uint32 `json:"mtu,omitempty"` + GenevePort *uint32 `json:"genevePort,omitempty"` + HybridOverlayConfig *HybridOverlayConfigApplyConfiguration `json:"hybridOverlayConfig,omitempty"` + IPsecConfig *IPsecConfigApplyConfiguration `json:"ipsecConfig,omitempty"` + PolicyAuditConfig *PolicyAuditConfigApplyConfiguration `json:"policyAuditConfig,omitempty"` + GatewayConfig *GatewayConfigApplyConfiguration `json:"gatewayConfig,omitempty"` + V4InternalSubnet *string `json:"v4InternalSubnet,omitempty"` + V6InternalSubnet *string `json:"v6InternalSubnet,omitempty"` + EgressIPConfig *EgressIPConfigApplyConfiguration `json:"egressIPConfig,omitempty"` + IPv4 *IPv4OVNKubernetesConfigApplyConfiguration `json:"ipv4,omitempty"` + IPv6 *IPv6OVNKubernetesConfigApplyConfiguration `json:"ipv6,omitempty"` + RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + DefaultNetworkTransport *operatorv1.TransportOption `json:"defaultNetworkTransport,omitempty"` + DefaultNetworkNoOverlayOptions *NoOverlayOptionsApplyConfiguration `json:"defaultNetworkNoOverlayOptions,omitempty"` + BGPManagedConfig *BGPManagedConfigApplyConfiguration `json:"bgpManagedConfig,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs a declarative configuration of the OVNKubernetesConfig type for use with @@ -124,3 +127,27 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithRouteAdvertisements(value op b.RouteAdvertisements = &value return b } + +// WithDefaultNetworkTransport sets the DefaultNetworkTransport field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DefaultNetworkTransport field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithDefaultNetworkTransport(value operatorv1.TransportOption) *OVNKubernetesConfigApplyConfiguration { + b.DefaultNetworkTransport = &value + return b +} + +// WithDefaultNetworkNoOverlayOptions sets the DefaultNetworkNoOverlayOptions field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DefaultNetworkNoOverlayOptions field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithDefaultNetworkNoOverlayOptions(value *NoOverlayOptionsApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.DefaultNetworkNoOverlayOptions = value + return b +} + +// WithBGPManagedConfig sets the BGPManagedConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPManagedConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithBGPManagedConfig(value *BGPManagedConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.BGPManagedConfig = value + return b +} diff --git a/operator/applyconfigurations/utils.go b/operator/applyconfigurations/utils.go index 476c71ae43..baf344126f 100644 --- a/operator/applyconfigurations/utils.go +++ b/operator/applyconfigurations/utils.go @@ -50,6 +50,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.AzureCSIDriverConfigSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AzureDiskEncryptionSet"): return &operatorv1.AzureDiskEncryptionSetApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BGPManagedConfig"): + return &operatorv1.BGPManagedConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementConfig"): return &operatorv1.BootImageSkewEnforcementConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementStatus"): @@ -318,6 +320,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.NodePortStrategyApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NodeStatus"): return &operatorv1.NodeStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NoOverlayOptions"): + return &operatorv1.NoOverlayOptionsApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OAuthAPIServerStatus"): return &operatorv1.OAuthAPIServerStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OLM"): diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index 169e29c5c5..e111d518ab 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -53,8 +53,12 @@ var ( // your cluster may fail in an unrecoverable way. CustomNoUpgrade FeatureSet = "CustomNoUpgrade" + // OKD turns on features for OKD. Turning this feature set ON is supported for OKD clusters, but NOT for OpenShift clusters. + // Once enabled, this feature set cannot be changed back to Default, but can be changed to other feature sets and it allows upgrades. + OKD FeatureSet = "OKD" + // AllFixedFeatureSets are the featuresets that have known featuregates. Custom doesn't for instance. LatencySensitive is dead - AllFixedFeatureSets = []FeatureSet{Default, TechPreviewNoUpgrade, DevPreviewNoUpgrade} + AllFixedFeatureSets = []FeatureSet{Default, TechPreviewNoUpgrade, DevPreviewNoUpgrade, OKD} ) type FeatureGateSpec struct { @@ -67,10 +71,11 @@ type FeatureGateSelection struct { // Turning on or off features may cause irreversible changes in your cluster which cannot be undone. // +unionDiscriminator // +optional - // +kubebuilder:validation:Enum=CustomNoUpgrade;DevPreviewNoUpgrade;TechPreviewNoUpgrade;"" + // +kubebuilder:validation:Enum=CustomNoUpgrade;DevPreviewNoUpgrade;TechPreviewNoUpgrade;OKD;"" // +kubebuilder:validation:XValidation:rule="oldSelf == 'CustomNoUpgrade' ? self == 'CustomNoUpgrade' : true",message="CustomNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'TechPreviewNoUpgrade' ? self == 'TechPreviewNoUpgrade' : true",message="TechPreviewNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'DevPreviewNoUpgrade' ? self == 'DevPreviewNoUpgrade' : true",message="DevPreviewNoUpgrade may not be changed" + // +kubebuilder:validation:XValidation:rule="oldSelf == 'OKD' ? self != '' : true",message="OKD cannot transition to Default" FeatureSet FeatureSet `json:"featureSet,omitempty"` // customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. diff --git a/vendor/github.com/openshift/api/config/v1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1/types_image_policy.go index 54bd21adb4..a6a6405130 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image_policy.go +++ b/vendor/github.com/openshift/api/config/v1/types_image_policy.go @@ -82,7 +82,7 @@ type PolicyRootOfTrust struct { // Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI". // When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. // When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification. - // When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. + // When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). // +unionDiscriminator // +required PolicyType PolicyType `json:"policyType"` diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 778fed917c..766ac5ddab 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -1335,7 +1335,7 @@ func (PolicyMatchRemapIdentity) SwaggerDoc() map[string]string { var map_PolicyRootOfTrust = map[string]string{ "": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "policyType": "policyType is a required field specifies the type of the policy for verification. This field must correspond to how the policy was generated. Allowed values are \"PublicKey\", \"FulcioCAWithRekor\", and \"PKI\". When set to \"PublicKey\", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. When set to \"FulcioCAWithRekor\", the policy is based on the Fulcio certification and incorporates a Rekor verification. When set to \"PKI\", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", + "policyType": "policyType is a required field specifies the type of the policy for verification. This field must correspond to how the policy was generated. Allowed values are \"PublicKey\", \"FulcioCAWithRekor\", and \"PKI\". When set to \"PublicKey\", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. When set to \"FulcioCAWithRekor\", the policy is based on the Fulcio certification and incorporates a Rekor verification. When set to \"PKI\", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).", "publicKey": "publicKey defines the root of trust configuration based on a sigstore public key. Optionally include a Rekor public key for Rekor verification. publicKey is required when policyType is PublicKey, and forbidden otherwise.", "fulcioCAWithRekor": "fulcioCAWithRekor defines the root of trust configuration based on the Fulcio certificate and the Rekor public key. fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", "pki": "pki defines the root of trust configuration based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. pki is required when policyType is PKI, and forbidden otherwise.", diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index 7b858756db..9ca59207ca 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -1,115 +1,115 @@ -| FeatureGate | Default on Hypershift | Default on SelfManagedHA | DevPreviewNoUpgrade on Hypershift | DevPreviewNoUpgrade on SelfManagedHA | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | -| ------ | --- | --- | --- | --- | --- | --- | -| ClientsAllowCBOR| | | | | | | -| ClusterAPIInstall| | | | | | | -| EventedPLEG| | | | | | | -| MachineAPIOperatorDisableMachineHealthCheckController| | | | | | | -| MultiArchInstallAzure| | | | | | | -| NewOLMBoxCutterRuntime| | | | | | | -| ShortCertRotation| | | | | | | -| ClusterAPIMachineManagementVSphere| | | Enabled | Enabled | | | -| Example2| | | Enabled | Enabled | | | -| ExternalSnapshotMetadata| | | Enabled | Enabled | | | -| IngressControllerDynamicConfigurationManager| | | Enabled | Enabled | | | -| NewOLMCatalogdAPIV1Metas| | | | Enabled | | Enabled | -| NewOLMOwnSingleNamespace| | | | Enabled | | Enabled | -| NewOLMPreflightPermissionChecks| | | | Enabled | | Enabled | -| NoRegistryClusterInstall| | | | Enabled | | Enabled | -| ProvisioningRequestAvailable| | | Enabled | Enabled | | | -| HyperShiftOnlyDynamicResourceAllocation| Enabled | | Enabled | | Enabled | | -| NewOLM| | Enabled | | Enabled | | Enabled | -| NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | -| AWSClusterHostedDNS| | | Enabled | Enabled | Enabled | Enabled | -| AWSClusterHostedDNSInstall| | | Enabled | Enabled | Enabled | Enabled | -| AWSDedicatedHosts| | | Enabled | Enabled | Enabled | Enabled | -| AWSDualStackInstall| | | Enabled | Enabled | Enabled | Enabled | -| AWSServiceLBNetworkSecurityGroup| | | Enabled | Enabled | Enabled | Enabled | -| AutomatedEtcdBackup| | | Enabled | Enabled | Enabled | Enabled | -| AzureClusterHostedDNSInstall| | | Enabled | Enabled | Enabled | Enabled | -| AzureDedicatedHosts| | | Enabled | Enabled | Enabled | Enabled | -| AzureDualStackInstall| | | Enabled | Enabled | Enabled | Enabled | -| AzureMultiDisk| | | Enabled | Enabled | Enabled | Enabled | -| BootImageSkewEnforcement| | | Enabled | Enabled | Enabled | Enabled | -| BootcNodeManagement| | | Enabled | Enabled | Enabled | Enabled | -| CBORServingAndStorage| | | Enabled | Enabled | Enabled | Enabled | -| CRDCompatibilityRequirementOperator| | | Enabled | Enabled | Enabled | Enabled | -| ClientsPreferCBOR| | | Enabled | Enabled | Enabled | Enabled | -| ClusterAPIInstallIBMCloud| | | Enabled | Enabled | Enabled | Enabled | -| ClusterAPIMachineManagement| | | Enabled | Enabled | Enabled | Enabled | -| ClusterMonitoringConfig| | | Enabled | Enabled | Enabled | Enabled | -| ClusterVersionOperatorConfiguration| | | Enabled | Enabled | Enabled | Enabled | -| DNSNameResolver| | | Enabled | Enabled | Enabled | Enabled | -| DualReplica| | | Enabled | Enabled | Enabled | Enabled | -| DyanmicServiceEndpointIBMCloud| | | Enabled | Enabled | Enabled | Enabled | -| EtcdBackendQuota| | | Enabled | Enabled | Enabled | Enabled | -| EventTTL| | | Enabled | Enabled | Enabled | Enabled | -| Example| | | Enabled | Enabled | Enabled | Enabled | -| GCPClusterHostedDNS| | | Enabled | Enabled | Enabled | Enabled | -| GCPCustomAPIEndpoints| | | Enabled | Enabled | Enabled | Enabled | -| GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | Enabled | Enabled | -| GCPDualStackInstall| | | Enabled | Enabled | Enabled | Enabled | -| ImageModeStatusReporting| | | Enabled | Enabled | Enabled | Enabled | -| InsightsConfig| | | Enabled | Enabled | Enabled | Enabled | -| InsightsOnDemandDataGather| | | Enabled | Enabled | Enabled | Enabled | -| IrreconcilableMachineConfig| | | Enabled | Enabled | Enabled | Enabled | -| KMSEncryptionProvider| | | Enabled | Enabled | Enabled | Enabled | -| MachineAPIMigration| | | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesCPMS| | | Enabled | Enabled | Enabled | Enabled | -| MaxUnavailableStatefulSet| | | Enabled | Enabled | Enabled | Enabled | -| MinimumKubeletVersion| | | Enabled | Enabled | Enabled | Enabled | -| MixedCPUsAllocation| | | Enabled | Enabled | Enabled | Enabled | -| MultiDiskSetup| | | Enabled | Enabled | Enabled | Enabled | -| MutableCSINodeAllocatableCount| | | Enabled | Enabled | Enabled | Enabled | -| MutatingAdmissionPolicy| | | Enabled | Enabled | Enabled | Enabled | -| NutanixMultiSubnets| | | Enabled | Enabled | Enabled | Enabled | -| OSStreams| | | Enabled | Enabled | Enabled | Enabled | -| OVNObservability| | | Enabled | Enabled | Enabled | Enabled | -| OnPremDNSRecords| | | Enabled | Enabled | Enabled | Enabled | -| SELinuxMount| | | Enabled | Enabled | Enabled | Enabled | -| SignatureStores| | | Enabled | Enabled | Enabled | Enabled | -| SigstoreImageVerificationPKI| | | Enabled | Enabled | Enabled | Enabled | -| TranslateStreamCloseWebsocketRequests| | | Enabled | Enabled | Enabled | Enabled | -| VSphereConfigurableMaxAllowedBlockVolumesPerNode| | | Enabled | Enabled | Enabled | Enabled | -| VSphereHostVMGroupZonal| | | Enabled | Enabled | Enabled | Enabled | -| VSphereMixedNodeEnv| | | Enabled | Enabled | Enabled | Enabled | -| VolumeGroupSnapshot| | | Enabled | Enabled | Enabled | Enabled | -| AdditionalRoutingCapabilities| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| AdminNetworkPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| CPMSMachineNamePrefix| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPIController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ImageVolume| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| MachineConfigNodes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesvSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| MetricsCollectionProfiles| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| NetworkDiagnosticsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| NetworkSegmentation| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PinnedImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PreconfiguredUDNAddresses| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ProcMountType| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| RouteAdvertisements| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| RouteExternalCertificate| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ServiceAccountTokenNodeBinding| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| SigstoreImageVerification| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| StoragePerformantSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UpgradeStatus| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesPodSecurityStandards| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesSupport| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereMultiDisk| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereMultiNetworks| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VolumeAttributesClass| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| FeatureGate | Default on Hypershift | Default on SelfManagedHA | DevPreviewNoUpgrade on Hypershift | DevPreviewNoUpgrade on SelfManagedHA | OKD on Hypershift | OKD on SelfManagedHA | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | +| ------ | --- | --- | --- | --- | --- | --- | --- | --- | +| ClientsAllowCBOR| | | | | | | | | +| ClusterAPIInstall| | | | | | | | | +| EventedPLEG| | | | | | | | | +| MachineAPIOperatorDisableMachineHealthCheckController| | | | | | | | | +| MultiArchInstallAzure| | | | | | | | | +| NewOLMBoxCutterRuntime| | | | | | | | | +| ShortCertRotation| | | | | | | | | +| ClusterAPIMachineManagementVSphere| | | Enabled | Enabled | | | | | +| Example2| | | Enabled | Enabled | | | | | +| ExternalSnapshotMetadata| | | Enabled | Enabled | | | | | +| IngressControllerDynamicConfigurationManager| | | Enabled | Enabled | | | | | +| NewOLMCatalogdAPIV1Metas| | | | Enabled | | | | Enabled | +| NewOLMOwnSingleNamespace| | | | Enabled | | | | Enabled | +| NewOLMPreflightPermissionChecks| | | | Enabled | | | | Enabled | +| NoOverlayMode| | | | | | | Enabled | Enabled | +| NoRegistryClusterInstall| | | | Enabled | | | | Enabled | +| ProvisioningRequestAvailable| | | Enabled | Enabled | | | | | +| AWSClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSServiceLBNetworkSecurityGroup| | | Enabled | Enabled | | | Enabled | Enabled | +| AutomatedEtcdBackup| | | Enabled | Enabled | | | Enabled | Enabled | +| AzureClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| AzureDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | +| AzureDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| AzureMultiDisk| | | Enabled | Enabled | | | Enabled | Enabled | +| BootImageSkewEnforcement| | | Enabled | Enabled | | | Enabled | Enabled | +| BootcNodeManagement| | | Enabled | Enabled | | | Enabled | Enabled | +| CBORServingAndStorage| | | Enabled | Enabled | | | Enabled | Enabled | +| CRDCompatibilityRequirementOperator| | | Enabled | Enabled | | | Enabled | Enabled | +| ClientsPreferCBOR| | | Enabled | Enabled | | | Enabled | Enabled | +| ClusterAPIInstallIBMCloud| | | Enabled | Enabled | | | Enabled | Enabled | +| ClusterAPIMachineManagement| | | Enabled | Enabled | | | Enabled | Enabled | +| ClusterMonitoringConfig| | | Enabled | Enabled | | | Enabled | Enabled | +| ClusterVersionOperatorConfiguration| | | Enabled | Enabled | | | Enabled | Enabled | +| DNSNameResolver| | | Enabled | Enabled | | | Enabled | Enabled | +| DualReplica| | | Enabled | Enabled | | | Enabled | Enabled | +| DyanmicServiceEndpointIBMCloud| | | Enabled | Enabled | | | Enabled | Enabled | +| EtcdBackendQuota| | | Enabled | Enabled | | | Enabled | Enabled | +| EventTTL| | | Enabled | Enabled | | | Enabled | Enabled | +| Example| | | Enabled | Enabled | | | Enabled | Enabled | +| GCPClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | +| GCPCustomAPIEndpoints| | | Enabled | Enabled | | | Enabled | Enabled | +| GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| GCPDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | +| HyperShiftOnlyDynamicResourceAllocation| Enabled | | Enabled | | Enabled | | Enabled | | +| ImageModeStatusReporting| | | Enabled | Enabled | | | Enabled | Enabled | +| InsightsConfig| | | Enabled | Enabled | | | Enabled | Enabled | +| InsightsOnDemandDataGather| | | Enabled | Enabled | | | Enabled | Enabled | +| IrreconcilableMachineConfig| | | Enabled | Enabled | | | Enabled | Enabled | +| KMSEncryptionProvider| | | Enabled | Enabled | | | Enabled | Enabled | +| MachineAPIMigration| | | Enabled | Enabled | | | Enabled | Enabled | +| ManagedBootImagesCPMS| | | Enabled | Enabled | | | Enabled | Enabled | +| MaxUnavailableStatefulSet| | | Enabled | Enabled | | | Enabled | Enabled | +| MinimumKubeletVersion| | | Enabled | Enabled | | | Enabled | Enabled | +| MixedCPUsAllocation| | | Enabled | Enabled | | | Enabled | Enabled | +| MultiDiskSetup| | | Enabled | Enabled | | | Enabled | Enabled | +| MutableCSINodeAllocatableCount| | | Enabled | Enabled | | | Enabled | Enabled | +| MutatingAdmissionPolicy| | | Enabled | Enabled | | | Enabled | Enabled | +| NewOLM| | Enabled | | Enabled | | Enabled | | Enabled | +| NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled | +| NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled | +| OSStreams| | | Enabled | Enabled | | | Enabled | Enabled | +| OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled | +| OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled | +| SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled | +| SignatureStores| | | Enabled | Enabled | | | Enabled | Enabled | +| VSphereConfigurableMaxAllowedBlockVolumesPerNode| | | Enabled | Enabled | | | Enabled | Enabled | +| VSphereHostVMGroupZonal| | | Enabled | Enabled | | | Enabled | Enabled | +| VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled | +| VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled | +| AdditionalRoutingCapabilities| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| AdminNetworkPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| CPMSMachineNamePrefix| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GatewayAPI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GatewayAPIController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ImageVolume| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| MachineConfigNodes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImagesAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImagesAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImagesvSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| MetricsCollectionProfiles| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| NetworkDiagnosticsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| NetworkSegmentation| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| PinnedImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| PreconfiguredUDNAddresses| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ProcMountType| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| RouteAdvertisements| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| RouteExternalCertificate| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ServiceAccountTokenNodeBinding| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| SigstoreImageVerification| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| SigstoreImageVerificationPKI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| StoragePerformantSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| UpgradeStatus| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| UserNamespacesPodSecurityStandards| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| UserNamespacesSupport| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| VSphereMultiDisk| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| VSphereMultiNetworks| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| VolumeAttributesClass| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go index 0cc634a5fd..c6442186a0 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go @@ -115,13 +115,14 @@ type AWSMachineProviderConfig struct { // +optional MarketType MarketType `json:"marketType,omitempty"` + // Tombstone: This field was moved into the Placement struct to belong w/ the Tenancy field due to involvement with the setting. // hostPlacement configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host // for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), // and to gain visibility and control over instance placement on a physical server. // When omitted, the instance is not constrained to a dedicated host. // +openshift:enable:FeatureGate=AWSDedicatedHosts // +optional - HostPlacement *HostPlacement `json:"hostPlacement,omitempty"` + //HostPlacement *HostPlacement `json:"hostPlacement,omitempty"` } // AWSConfidentialComputePolicy represents the confidential compute configuration for the instance. @@ -294,6 +295,7 @@ type AWSResourceReference struct { } // Placement indicates where to create the instance in AWS +// +kubebuilder:validation:XValidation:rule="has(self.tenancy) && self.tenancy == 'host' ? true : !has(self.host)",message="host may only be specified when tenancy is host" type Placement struct { // region is the region to use to create the instance // +optional @@ -303,8 +305,19 @@ type Placement struct { AvailabilityZone string `json:"availabilityZone,omitempty"` // tenancy indicates if instance should run on shared or single-tenant hardware. There are // supported 3 options: default, dedicated and host. + // When set to default Runs on shared multi-tenant hardware. + // When dedicated Runs on single-tenant hardware (any dedicated instance hardware). + // When host and the host object is not provided: Runs on Dedicated Host; best-effort restart on same host. + // When `host` and `host` object is provided with affinity `dedicatedHost` defined: Runs on specified Dedicated Host. // +optional Tenancy InstanceTenancy `json:"tenancy,omitempty"` + // host configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host + // for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), + // and to gain visibility and control over instance placement on a physical server. + // When omitted, the instance is not constrained to a dedicated host. + // +openshift:enable:FeatureGate=AWSDedicatedHosts + // +optional + Host *HostPlacement `json:"host,omitempty"` } // Filter is a filter used to identify an AWS resource @@ -416,19 +429,20 @@ const ( ) // HostPlacement is the type that will be used to configure the placement of AWS instances. -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.affinity == 'DedicatedHost' ? has(self.dedicatedHost) : !has(self.dedicatedHost)",message="dedicatedHost is required when affinity is DedicatedHost, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.affinity) && self.affinity == 'DedicatedHost' ? has(self.dedicatedHost) : true",message="dedicatedHost is required when affinity is DedicatedHost, and optional otherwise" // +union type HostPlacement struct { // affinity specifies the affinity setting for the instance. // Allowed values are AnyAvailable and DedicatedHost. // When Affinity is set to DedicatedHost, an instance started onto a specific host always restarts on the same host if stopped. In this scenario, the `dedicatedHost` field must be set. // When Affinity is set to AnyAvailable, and you stop and restart the instance, it can be restarted on any available host. + // When Affinity is set to AnyAvailable and the `dedicatedHost` field is defined, it runs on specified Dedicated Host, but may move if stopped. // +required // +unionDiscriminator Affinity *HostAffinity `json:"affinity,omitempty"` // dedicatedHost specifies the exact host that an instance should be restarted on if stopped. - // dedicatedHost is required when 'affinity' is set to DedicatedHost, and forbidden otherwise. + // dedicatedHost is required when 'affinity' is set to DedicatedHost, and optional otherwise. // +optional // +unionMember DedicatedHost *DedicatedHost `json:"dedicatedHost,omitempty"` diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go index 0150060f46..d08906c7d8 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go @@ -61,7 +61,7 @@ func (in *AWSMachineProviderConfig) DeepCopyInto(out *AWSMachineProviderConfig) } } in.Subnet.DeepCopyInto(&out.Subnet) - out.Placement = in.Placement + in.Placement.DeepCopyInto(&out.Placement) if in.LoadBalancers != nil { in, out := &in.LoadBalancers, &out.LoadBalancers *out = make([]LoadBalancerReference, len(*in)) @@ -85,11 +85,6 @@ func (in *AWSMachineProviderConfig) DeepCopyInto(out *AWSMachineProviderConfig) *out = new(int32) **out = **in } - if in.HostPlacement != nil { - in, out := &in.HostPlacement, &out.HostPlacement - *out = new(HostPlacement) - (*in).DeepCopyInto(*out) - } return } @@ -1634,6 +1629,11 @@ func (in *ObjectMeta) DeepCopy() *ObjectMeta { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Placement) DeepCopyInto(out *Placement) { *out = *in + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(HostPlacement) + (*in).DeepCopyInto(*out) + } return } diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go index f03e5cc4ef..903faf94ba 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go @@ -35,7 +35,6 @@ var map_AWSMachineProviderConfig = map[string]string{ "placementGroupPartition": "placementGroupPartition is the partition number within the placement group in which to launch the instance. This must be an integer value between 1 and 7. It is only valid if the placement group, referred in `PlacementGroupName` was created with strategy set to partition.", "capacityReservationId": "capacityReservationId specifies the target Capacity Reservation into which the instance should be launched. The field size should be greater than 0 and the field input must start with cr-***", "marketType": "marketType specifies the type of market for the EC2 instance. Valid values are OnDemand, Spot, CapacityBlock and omitted.\n\nDefaults to OnDemand. When SpotMarketOptions is provided, the marketType defaults to \"Spot\".\n\nWhen set to OnDemand the instance runs as a standard OnDemand instance. When set to Spot the instance runs as a Spot instance. When set to CapacityBlock the instance utilizes pre-purchased compute capacity (capacity blocks) with AWS Capacity Reservations. If this value is selected, capacityReservationID must be specified to identify the target reservation.", - "hostPlacement": "hostPlacement configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), and to gain visibility and control over instance placement on a physical server. When omitted, the instance is not constrained to a dedicated host.", } func (AWSMachineProviderConfig) SwaggerDoc() map[string]string { @@ -129,8 +128,8 @@ func (Filter) SwaggerDoc() map[string]string { var map_HostPlacement = map[string]string{ "": "HostPlacement is the type that will be used to configure the placement of AWS instances.", - "affinity": "affinity specifies the affinity setting for the instance. Allowed values are AnyAvailable and DedicatedHost. When Affinity is set to DedicatedHost, an instance started onto a specific host always restarts on the same host if stopped. In this scenario, the `dedicatedHost` field must be set. When Affinity is set to AnyAvailable, and you stop and restart the instance, it can be restarted on any available host.", - "dedicatedHost": "dedicatedHost specifies the exact host that an instance should be restarted on if stopped. dedicatedHost is required when 'affinity' is set to DedicatedHost, and forbidden otherwise.", + "affinity": "affinity specifies the affinity setting for the instance. Allowed values are AnyAvailable and DedicatedHost. When Affinity is set to DedicatedHost, an instance started onto a specific host always restarts on the same host if stopped. In this scenario, the `dedicatedHost` field must be set. When Affinity is set to AnyAvailable, and you stop and restart the instance, it can be restarted on any available host. When Affinity is set to AnyAvailable and the `dedicatedHost` field is defined, it runs on specified Dedicated Host, but may move if stopped.", + "dedicatedHost": "dedicatedHost specifies the exact host that an instance should be restarted on if stopped. dedicatedHost is required when 'affinity' is set to DedicatedHost, and optional otherwise.", } func (HostPlacement) SwaggerDoc() map[string]string { @@ -158,7 +157,8 @@ var map_Placement = map[string]string{ "": "Placement indicates where to create the instance in AWS", "region": "region is the region to use to create the instance", "availabilityZone": "availabilityZone is the availability zone of the instance", - "tenancy": "tenancy indicates if instance should run on shared or single-tenant hardware. There are supported 3 options: default, dedicated and host.", + "tenancy": "tenancy indicates if instance should run on shared or single-tenant hardware. There are supported 3 options: default, dedicated and host. When set to default Runs on shared multi-tenant hardware. When dedicated Runs on single-tenant hardware (any dedicated instance hardware). When host and the host object is not provided: Runs on Dedicated Host; best-effort restart on same host. When `host` and `host` object is provided with affinity `dedicatedHost` defined: Runs on specified Dedicated Host.", + "host": "host configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), and to gain visibility and control over instance placement on a physical server. When omitted, the instance is not constrained to a dedicated host.", } func (Placement) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/openapi/openapi.json b/vendor/github.com/openshift/api/openapi/openapi.json index e1ff54c9c1..c245dbafb2 100644 --- a/vendor/github.com/openshift/api/openapi/openapi.json +++ b/vendor/github.com/openshift/api/openapi/openapi.json @@ -9881,7 +9881,7 @@ "$ref": "#/definitions/com.github.openshift.api.config.v1.PKI" }, "policyType": { - "description": "policyType is a required field specifies the type of the policy for verification. This field must correspond to how the policy was generated. Allowed values are \"PublicKey\", \"FulcioCAWithRekor\", and \"PKI\". When set to \"PublicKey\", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. When set to \"FulcioCAWithRekor\", the policy is based on the Fulcio certification and incorporates a Rekor verification. When set to \"PKI\", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", + "description": "policyType is a required field specifies the type of the policy for verification. This field must correspond to how the policy was generated. Allowed values are \"PublicKey\", \"FulcioCAWithRekor\", and \"PKI\". When set to \"PublicKey\", the policy relies on a sigstore publicKey and may optionally use a Rekor verification. When set to \"FulcioCAWithRekor\", the policy is based on the Fulcio certification and incorporates a Rekor verification. When set to \"PKI\", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).", "type": "string", "default": "" }, @@ -14292,7 +14292,8 @@ "items": { "type": "string", "default": "" - } + }, + "x-kubernetes-list-type": "atomic" }, "subnets": { "description": "subnets is a list of subnets. It may contain up to 2 subnets. The list may be either 1 IPv4 subnet, 1 IPv6 subnet, or 1 of each.", @@ -22141,10 +22142,6 @@ "format": "int64", "default": 0 }, - "hostPlacement": { - "description": "hostPlacement configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), and to gain visibility and control over instance placement on a physical server. When omitted, the instance is not constrained to a dedicated host.", - "$ref": "#/definitions/com.github.openshift.api.machine.v1beta1.HostPlacement" - }, "iamInstanceProfile": { "description": "iamInstanceProfile is a reference to an IAM role to assign to the instance", "$ref": "#/definitions/com.github.openshift.api.machine.v1beta1.AWSResourceReference" @@ -23232,11 +23229,11 @@ ], "properties": { "affinity": { - "description": "affinity specifies the affinity setting for the instance. Allowed values are AnyAvailable and DedicatedHost. When Affinity is set to DedicatedHost, an instance started onto a specific host always restarts on the same host if stopped. In this scenario, the `dedicatedHost` field must be set. When Affinity is set to AnyAvailable, and you stop and restart the instance, it can be restarted on any available host.", + "description": "affinity specifies the affinity setting for the instance. Allowed values are AnyAvailable and DedicatedHost. When Affinity is set to DedicatedHost, an instance started onto a specific host always restarts on the same host if stopped. In this scenario, the `dedicatedHost` field must be set. When Affinity is set to AnyAvailable, and you stop and restart the instance, it can be restarted on any available host. When Affinity is set to AnyAvailable and the `dedicatedHost` field is defined, it runs on specified Dedicated Host, but may move if stopped.", "type": "string" }, "dedicatedHost": { - "description": "dedicatedHost specifies the exact host that an instance should be restarted on if stopped. dedicatedHost is required when 'affinity' is set to DedicatedHost, and forbidden otherwise.", + "description": "dedicatedHost specifies the exact host that an instance should be restarted on if stopped. dedicatedHost is required when 'affinity' is set to DedicatedHost, and optional otherwise.", "$ref": "#/definitions/com.github.openshift.api.machine.v1beta1.DedicatedHost" } }, @@ -24016,12 +24013,16 @@ "description": "availabilityZone is the availability zone of the instance", "type": "string" }, + "host": { + "description": "host configures placement on AWS Dedicated Hosts. This allows admins to assign instances to specific host for a variety of needs including for regulatory compliance, to leverage existing per-socket or per-core software licenses (BYOL), and to gain visibility and control over instance placement on a physical server. When omitted, the instance is not constrained to a dedicated host.", + "$ref": "#/definitions/com.github.openshift.api.machine.v1beta1.HostPlacement" + }, "region": { "description": "region is the region to use to create the instance", "type": "string" }, "tenancy": { - "description": "tenancy indicates if instance should run on shared or single-tenant hardware. There are supported 3 options: default, dedicated and host.", + "description": "tenancy indicates if instance should run on shared or single-tenant hardware. There are supported 3 options: default, dedicated and host. When set to default Runs on shared multi-tenant hardware. When dedicated Runs on single-tenant hardware (any dedicated instance hardware). When host and the host object is not provided: Runs on Dedicated Host; best-effort restart on same host. When `host` and `host` object is provided with affinity `dedicatedHost` defined: Runs on specified Dedicated Host.", "type": "string" } } @@ -27700,6 +27701,24 @@ } } }, + "com.github.openshift.api.operator.v1.BGPManagedConfig": { + "description": "BGPManagedConfig contains configuration options for BGP when routing is \"Managed\".", + "type": "object", + "required": [ + "bgpTopology" + ], + "properties": { + "asNumber": { + "description": "asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) to be used in the generated FRR configuration. Valid values are 1 to 4294967295. When omitted, this defaults to 64512.", + "type": "integer", + "format": "int64" + }, + "bgpTopology": { + "description": "bgpTopology defines the BGP topology to be used. Allowed values are \"FullMesh\". When set to \"FullMesh\", every node deploys a BGP router, forming a BGP full mesh. This field is required when BGPManagedConfig is specified.", + "type": "string" + } + } + }, "com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig": { "description": "BootImageSkewEnforcementConfig is used to configure how boot image version skew is enforced on the cluster.", "type": "object", @@ -32071,6 +32090,24 @@ } } }, + "com.github.openshift.api.operator.v1.NoOverlayOptions": { + "description": "NoOverlayOptions contains configuration options for networks operating in no-overlay mode.", + "type": "object", + "required": [ + "outboundSNAT", + "routing" + ], + "properties": { + "outboundSNAT": { + "description": "outboundSNAT defines the SNAT behavior for outbound traffic from pods. Allowed values are \"Enabled\" and \"Disabled\". When set to \"Enabled\", SNAT is performed on outbound traffic from pods. When set to \"Disabled\", SNAT is not performed and pod IPs are preserved in outbound traffic. This field is required when the network operates in no-overlay mode.", + "type": "string" + }, + "routing": { + "description": "routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. Allowed values are \"Managed\" and \"Unmanaged\". When set to \"Managed\", OVN-Kubernetes manages the pod network routing configuration through BGP. When set to \"Unmanaged\", users are responsible for configuring the pod network routing. This field is required when the network operates in no-overlay mode.", + "type": "string" + } + } + }, "com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus": { "description": "NodeDisruptionPolicyClusterStatus is the type for the status object, rendered by the controller as a merge of cluster defaults and user provided policies", "type": "object", @@ -32587,6 +32624,20 @@ "description": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", "type": "object", "properties": { + "bgpManagedConfig": { + "description": "bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) in no-overlay mode that specify routing=\"Managed\" in their NoOverlayOptions. It is required when DefaultNetworkNoOverlayOptions.Routing is set to \"Managed\". When omitted, this means the user does not configure BGP for managed routing.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.BGPManagedConfig" + }, + "defaultNetworkNoOverlayOptions": { + "description": "defaultNetworkNoOverlayOptions contains configuration for no-overlay mode for the default network. It is required when DefaultNetworkTransport is \"NoOverlay\". When omitted, this means the user does not configure no-overlay mode options.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.NoOverlayOptions" + }, + "defaultNetworkTransport": { + "description": "defaultNetworkTransport describes the transport protocol for east-west traffic for the default network. Allowed values are \"NoOverlay\" and \"Geneve\". When set to \"NoOverlay\", the default network operates in no-overlay mode. When set to \"Geneve\", the default network uses Geneve overlay. When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. The current default is \"Geneve\".", + "type": "string" + }, "egressIPConfig": { "description": "egressIPConfig holds the configuration for EgressIP options.", "default": {}, diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 111240eecf..6d95e5905a 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -397,8 +397,18 @@ type OpenShiftSDNConfig struct { EnableUnidling *bool `json:"enableUnidling,omitempty"` } +// Maintainer note for NoOverlayMode feature (TechPreview): +// When NoOverlayMode graduates to GA, add '+kubebuilder:default=Geneve' to the DefaultNetworkTransport +// field so the default is visible in the CRD schema and applied by the API server automatically. +// Currently CNO handles the default (treating omitted as Geneve) because the field is feature-gated +// and existing ungated tests don't expect this field in outputs. + // ovnKubernetesConfig contains the configuration parameters for networks // using the ovn-kubernetes network project +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(self.defaultNetworkTransport) || self.defaultNetworkTransport != 'NoOverlay' || has(self.defaultNetworkNoOverlayOptions)",message="defaultNetworkNoOverlayOptions is required when defaultNetworkTransport is NoOverlay" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(self.defaultNetworkNoOverlayOptions) || self.defaultNetworkNoOverlayOptions.routing != 'Managed' || has(self.bgpManagedConfig)",message="bgpManagedConfig is required when defaultNetworkNoOverlayOptions.routing is Managed" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.defaultNetworkTransport) || oldSelf.defaultNetworkTransport == '' || has(self.defaultNetworkTransport)",message="defaultNetworkTransport cannot be removed once set to a non-empty value" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.defaultNetworkNoOverlayOptions) || has(self.defaultNetworkNoOverlayOptions)",message="defaultNetworkNoOverlayOptions cannot be removed once set" type OVNKubernetesConfig struct { // mtu is the MTU to use for the tunnel interface. This must be 100 // bytes smaller than the uplink mtu. @@ -468,6 +478,35 @@ type OVNKubernetesConfig struct { // +openshift:enable:FeatureGate=RouteAdvertisements // +optional RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + + // defaultNetworkTransport describes the transport protocol for east-west traffic for the default network. + // Allowed values are "NoOverlay" and "Geneve". + // When set to "NoOverlay", the default network operates in no-overlay mode. + // When set to "Geneve", the default network uses Geneve overlay. + // When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. + // The current default is "Geneve". + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:Enum=NoOverlay;Geneve + // +kubebuilder:validation:XValidation:rule="oldSelf == '' || self == oldSelf",message="defaultNetworkTransport is immutable once set" + // +optional + DefaultNetworkTransport TransportOption `json:"defaultNetworkTransport,omitempty"` + + // defaultNetworkNoOverlayOptions contains configuration for no-overlay mode for the default network. + // It is required when DefaultNetworkTransport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:XValidation:rule="!oldSelf.hasValue() || self == oldSelf.value()",message="defaultNetworkNoOverlayOptions is immutable once set",optionalOldSelf=true + // +optional + DefaultNetworkNoOverlayOptions NoOverlayOptions `json:"defaultNetworkNoOverlayOptions,omitzero,omitempty"` + + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their NoOverlayOptions. + // It is required when DefaultNetworkNoOverlayOptions.Routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="bgpManagedConfig field is immutable" + // +optional + BGPManagedConfig BGPManagedConfig `json:"bgpManagedConfig,omitzero,omitempty"` } type IPv4OVNKubernetesConfig struct { @@ -898,3 +937,77 @@ type AdditionalRoutingCapabilities struct { // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" Providers []RoutingCapabilitiesProvider `json:"providers"` } + +// TransportOption is the type for network transport options +type TransportOption string + +// SNATOption is the type for SNAT configuration options +type SNATOption string + +// RoutingOption is the type for routing configuration options +type RoutingOption string + +// BGPTopology is the type for BGP topology configuration +type BGPTopology string + +const ( + // TransportOptionNoOverlay indicates the network operates in no-overlay mode + TransportOptionNoOverlay TransportOption = "NoOverlay" + // TransportOptionGeneve indicates the network uses Geneve overlay + TransportOptionGeneve TransportOption = "Geneve" + + // SNATEnabled indicates outbound SNAT is enabled + SNATEnabled SNATOption = "Enabled" + // SNATDisabled indicates outbound SNAT is disabled + SNATDisabled SNATOption = "Disabled" + + // RoutingManaged indicates routing is managed by OVN-Kubernetes + RoutingManaged RoutingOption = "Managed" + // RoutingUnmanaged indicates routing is managed by users + RoutingUnmanaged RoutingOption = "Unmanaged" + + // BGPTopologyFullMesh indicates every node deploys a BGP router, forming a BGP full mesh + BGPTopologyFullMesh BGPTopology = "FullMesh" +) + +// NoOverlayOptions contains configuration options for networks operating in no-overlay mode. +type NoOverlayOptions struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // +kubebuilder:validation:Enum=Enabled;Disabled + // +required + OutboundSNAT SNATOption `json:"outboundSNAT,omitempty"` + + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // +kubebuilder:validation:Enum=Managed;Unmanaged + // +required + Routing RoutingOption `json:"routing,omitempty"` +} + +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfig struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=4294967295 + // +kubebuilder:default=64512 + // +optional + ASNumber int64 `json:"asNumber,omitempty"` + + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node deploys a BGP router, forming a BGP full mesh. + // This field is required when BGPManagedConfig is specified. + // +kubebuilder:validation:Enum=FullMesh + // +required + BGPTopology BGPTopology `json:"bgpTopology,omitempty"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 3bc6b81de4..30f437b45a 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -390,6 +390,22 @@ func (in *AzureDiskEncryptionSet) DeepCopy() *AzureDiskEncryptionSet { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPManagedConfig) DeepCopyInto(out *BGPManagedConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPManagedConfig. +func (in *BGPManagedConfig) DeepCopy() *BGPManagedConfig { + if in == nil { + return nil + } + out := new(BGPManagedConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootImageSkewEnforcementConfig) DeepCopyInto(out *BootImageSkewEnforcementConfig) { *out = *in @@ -3665,6 +3681,22 @@ func (in *NetworkStatus) DeepCopy() *NetworkStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NoOverlayOptions) DeepCopyInto(out *NoOverlayOptions) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NoOverlayOptions. +func (in *NoOverlayOptions) DeepCopy() *NoOverlayOptions { + if in == nil { + return nil + } + out := new(NoOverlayOptions) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeDisruptionPolicyClusterStatus) DeepCopyInto(out *NodeDisruptionPolicyClusterStatus) { *out = *in @@ -4158,6 +4190,8 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { *out = new(IPv6OVNKubernetesConfig) **out = **in } + out.DefaultNetworkNoOverlayOptions = in.DefaultNetworkNoOverlayOptions + out.BGPManagedConfig = in.BGPManagedConfig return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index e7c94e2869..c35554548a 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -330,6 +330,7 @@ networks.operator.openshift.io: FeatureGates: - AdditionalRoutingCapabilities - NetworkLiveMigration + - NoOverlayMode - RouteAdvertisements FilenameOperatorName: network FilenameOperatorOrdering: "01" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 06096a6c81..526e4c2014 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -1669,6 +1669,16 @@ func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string { return map_AdditionalRoutingCapabilities } +var map_BGPManagedConfig = map[string]string{ + "": "BGPManagedConfig contains configuration options for BGP when routing is \"Managed\".", + "asNumber": "asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) to be used in the generated FRR configuration. Valid values are 1 to 4294967295. When omitted, this defaults to 64512.", + "bgpTopology": "bgpTopology defines the BGP topology to be used. Allowed values are \"FullMesh\". When set to \"FullMesh\", every node deploys a BGP router, forming a BGP full mesh. This field is required when BGPManagedConfig is specified.", +} + +func (BGPManagedConfig) SwaggerDoc() map[string]string { + return map_BGPManagedConfig +} + var map_ClusterNetworkEntry = map[string]string{ "": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks", } @@ -1896,20 +1906,33 @@ func (NetworkStatus) SwaggerDoc() map[string]string { return map_NetworkStatus } +var map_NoOverlayOptions = map[string]string{ + "": "NoOverlayOptions contains configuration options for networks operating in no-overlay mode.", + "outboundSNAT": "outboundSNAT defines the SNAT behavior for outbound traffic from pods. Allowed values are \"Enabled\" and \"Disabled\". When set to \"Enabled\", SNAT is performed on outbound traffic from pods. When set to \"Disabled\", SNAT is not performed and pod IPs are preserved in outbound traffic. This field is required when the network operates in no-overlay mode.", + "routing": "routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. Allowed values are \"Managed\" and \"Unmanaged\". When set to \"Managed\", OVN-Kubernetes manages the pod network routing configuration through BGP. When set to \"Unmanaged\", users are responsible for configuring the pod network routing. This field is required when the network operates in no-overlay mode.", +} + +func (NoOverlayOptions) SwaggerDoc() map[string]string { + return map_NoOverlayOptions +} + var map_OVNKubernetesConfig = map[string]string{ - "": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", - "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", - "genevePort": "geneve port is the UDP port to be used by geneve encapulation. Default is 6081", - "hybridOverlayConfig": "hybridOverlayConfig configures an additional overlay network for peers that are not using OVN.", - "ipsecConfig": "ipsecConfig enables and configures IPsec for pods on the pod network within the cluster.", - "policyAuditConfig": "policyAuditConfig is the configuration for network policy audit events. If unset, reported defaults are used.", - "gatewayConfig": "gatewayConfig holds the configuration for node gateway options.", - "v4InternalSubnet": "v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. Default is 100.64.0.0/16", - "v6InternalSubnet": "v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. Default is fd98::/64", - "egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.", - "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", - "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", - "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", + "": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", + "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", + "genevePort": "geneve port is the UDP port to be used by geneve encapulation. Default is 6081", + "hybridOverlayConfig": "hybridOverlayConfig configures an additional overlay network for peers that are not using OVN.", + "ipsecConfig": "ipsecConfig enables and configures IPsec for pods on the pod network within the cluster.", + "policyAuditConfig": "policyAuditConfig is the configuration for network policy audit events. If unset, reported defaults are used.", + "gatewayConfig": "gatewayConfig holds the configuration for node gateway options.", + "v4InternalSubnet": "v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. Default is 100.64.0.0/16", + "v6InternalSubnet": "v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. Default is fd98::/64", + "egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.", + "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", + "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", + "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", + "defaultNetworkTransport": "defaultNetworkTransport describes the transport protocol for east-west traffic for the default network. Allowed values are \"NoOverlay\" and \"Geneve\". When set to \"NoOverlay\", the default network operates in no-overlay mode. When set to \"Geneve\", the default network uses Geneve overlay. When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. The current default is \"Geneve\".", + "defaultNetworkNoOverlayOptions": "defaultNetworkNoOverlayOptions contains configuration for no-overlay mode for the default network. It is required when DefaultNetworkTransport is \"NoOverlay\". When omitted, this means the user does not configure no-overlay mode options.", + "bgpManagedConfig": "bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) in no-overlay mode that specify routing=\"Managed\" in their NoOverlayOptions. It is required when DefaultNetworkNoOverlayOptions.Routing is set to \"Managed\". When omitted, this means the user does not configure BGP for managed routing.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { diff --git a/vendor/modules.txt b/vendor/modules.txt index b2ac8ff484..a79f9a52c9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -62,7 +62,7 @@ github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 ## explicit github.com/munnerz/goautoneg -# github.com/openshift/api v0.0.0-20251204164930-cd2e40c5883a +# github.com/openshift/api v0.0.0-20251204164930-cd2e40c5883a => github.com/ricky-rav/api v0.0.0-20251215092810-0a87dc54a866 ## explicit; go 1.24.0 github.com/openshift/api github.com/openshift/api/apiserver @@ -528,3 +528,4 @@ sigs.k8s.io/structured-merge-diff/v6/value # sigs.k8s.io/yaml v1.6.0 ## explicit; go 1.22 sigs.k8s.io/yaml +# github.com/openshift/api => github.com/ricky-rav/api v0.0.0-20251215092810-0a87dc54a866