From 5d1b7e3f2c7771c2d97e6db9c5e12ce729149154 Mon Sep 17 00:00:00 2001 From: Andrey Lebedev Date: Tue, 26 Mar 2024 12:36:19 +0100 Subject: [PATCH 1/2] OCPBUGS-28673: implement connect timeout tuning option --- go.mod | 4 ++-- go.sum | 4 ++-- .../00-custom-resource-definition-internal.yaml | 1 - manifests/00-custom-resource-definition.yaml | 13 ++++++++++++- pkg/operator/controller/ingress/deployment.go | 3 +++ pkg/operator/controller/ingress/deployment_test.go | 3 +++ 6 files changed, 22 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index b647ea2b66..e3883791a2 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/openshift/cluster-ingress-operator go 1.21 -toolchain go1.21.5 +toolchain go1.21.7 require ( github.com/Azure/azure-sdk-for-go v46.0.0+incompatible @@ -150,6 +150,6 @@ require ( // github.com/operator-framework/operator-sdk. replace ( bitbucket.org/ww/goautoneg => github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d - github.com/openshift/api => github.com/openshift/api v0.0.0-20240326215622-ff84c2c73227 + github.com/openshift/api => github.com/openshift/api v0.0.0-20240405164942-0cc42a39da45 k8s.io/client-go => k8s.io/client-go v0.29.0 ) diff --git a/go.sum b/go.sum index 2e9b1cc55e..829a81a63e 100644 --- a/go.sum +++ b/go.sum @@ -1645,8 +1645,8 @@ github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.m github.com/opencontainers/runtime-spec v0.1.2-0.20190618234442-a950415649c7/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/openshift/api v0.0.0-20240326215622-ff84c2c73227 h1:rqvWUAipMFoiAZW4UQlEVnVxWcLfFBu3LOtSKFescSk= -github.com/openshift/api v0.0.0-20240326215622-ff84c2c73227/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= +github.com/openshift/api v0.0.0-20240405164942-0cc42a39da45 h1:b7xiV2SQrAHlV7CBbGcOLSE8fsBscJ1dCo4akExV5aU= +github.com/openshift/api v0.0.0-20240405164942-0cc42a39da45/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= github.com/openshift/build-machinery-go v0.0.0-20200211121458-5e3d6e570160/go.mod h1:1CkcsT3aVebzRBzVTSbiKSkJMsC/CASqxesfqEMfJEc= github.com/openshift/client-go v0.0.0-20200116152001-92a2713fa240/go.mod h1:4riOwdj99Hd/q+iAcJZfNCsQQQMwURnZV6RL4WHYS5w= github.com/openshift/client-go v0.0.0-20230120202327-72f107311084 h1:66uaqNwA+qYyQDwsMWUfjjau8ezmg1dzCqub13KZOcE= diff --git a/manifests/00-custom-resource-definition-internal.yaml b/manifests/00-custom-resource-definition-internal.yaml index 173d84277a..69bf00ef62 100644 --- a/manifests/00-custom-resource-definition-internal.yaml +++ b/manifests/00-custom-resource-definition-internal.yaml @@ -7,7 +7,6 @@ metadata: capability.openshift.io/name: Ingress include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: dnsrecords.ingress.operator.openshift.io spec: group: ingress.operator.openshift.io diff --git a/manifests/00-custom-resource-definition.yaml b/manifests/00-custom-resource-definition.yaml index b928dd0ccc..39be693ccc 100644 --- a/manifests/00-custom-resource-definition.yaml +++ b/manifests/00-custom-resource-definition.yaml @@ -7,7 +7,6 @@ metadata: capability.openshift.io/name: Ingress include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: ingresscontrollers.operator.openshift.io spec: group: operator.openshift.io @@ -1552,6 +1551,18 @@ spec: the default timeout is 30s" format: duration type: string + connectTimeout: + description: "ConnectTimeout defines the maximum time to wait + for a connection attempt to a server/backend to succeed. \n + This field expects an unsigned duration string of decimal numbers, + each with optional fraction and a unit suffix, e.g. \"300ms\", + \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or + \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\". + \n When omitted, this means the user has no opinion and the + platform is left to choose a reasonable default. This default + is subject to change over time. The current default is 5s." + pattern: ^(0|([0-9]+(\.[0-9]+)?(ns|us|µs|μs|ms|s|m|h))+)$ + type: string headerBufferBytes: description: "headerBufferBytes describes how much memory should be reserved (in bytes) for IngressController connection sessions. diff --git a/pkg/operator/controller/ingress/deployment.go b/pkg/operator/controller/ingress/deployment.go index c0b1c41638..62b4aea791 100644 --- a/pkg/operator/controller/ingress/deployment.go +++ b/pkg/operator/controller/ingress/deployment.go @@ -610,6 +610,9 @@ func desiredRouterDeployment(ci *operatorv1.IngressController, ingressController if ci.Spec.TuningOptions.TunnelTimeout != nil && ci.Spec.TuningOptions.TunnelTimeout.Duration > 0*time.Second { env = append(env, corev1.EnvVar{Name: "ROUTER_DEFAULT_TUNNEL_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.TunnelTimeout.Duration)}) } + if ci.Spec.TuningOptions.ConnectTimeout != nil && ci.Spec.TuningOptions.ConnectTimeout.Duration > 0*time.Second { + env = append(env, corev1.EnvVar{Name: "ROUTER_DEFAULT_CONNECT_TIMEOUT", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.ConnectTimeout.Duration)}) + } if ci.Spec.TuningOptions.TLSInspectDelay != nil && ci.Spec.TuningOptions.TLSInspectDelay.Duration > 0*time.Second { env = append(env, corev1.EnvVar{Name: "ROUTER_INSPECT_DELAY", Value: durationToHAProxyTimespec(ci.Spec.TuningOptions.TLSInspectDelay.Duration)}) } diff --git a/pkg/operator/controller/ingress/deployment_test.go b/pkg/operator/controller/ingress/deployment_test.go index 159f1a96b9..418515b04b 100644 --- a/pkg/operator/controller/ingress/deployment_test.go +++ b/pkg/operator/controller/ingress/deployment_test.go @@ -166,6 +166,7 @@ func TestTuningOptions(t *testing.T) { ic.Spec.TuningOptions.ServerTimeout = &metav1.Duration{Duration: 60 * time.Second} ic.Spec.TuningOptions.ServerFinTimeout = &metav1.Duration{Duration: 4 * time.Second} ic.Spec.TuningOptions.TunnelTimeout = &metav1.Duration{Duration: 30 * time.Minute} + ic.Spec.TuningOptions.ConnectTimeout = &metav1.Duration{Duration: 30 * time.Second} ic.Spec.TuningOptions.TLSInspectDelay = &metav1.Duration{Duration: 5 * time.Second} ic.Spec.TuningOptions.HealthCheckInterval = &metav1.Duration{Duration: 15 * time.Second} ic.Spec.TuningOptions.ReloadInterval = metav1.Duration{Duration: 30 * time.Second} @@ -182,6 +183,7 @@ func TestTuningOptions(t *testing.T) { {"ROUTER_DEFAULT_SERVER_TIMEOUT", true, "1m"}, {"ROUTER_DEFAULT_SERVER_FIN_TIMEOUT", true, "4s"}, {"ROUTER_DEFAULT_TUNNEL_TIMEOUT", true, "30m"}, + {"ROUTER_DEFAULT_CONNECT_TIMEOUT", true, "30s"}, {"ROUTER_INSPECT_DELAY", true, "5s"}, {RouterBackendCheckInterval, true, "15s"}, {RouterReloadIntervalEnvName, true, "30s"}, @@ -432,6 +434,7 @@ func Test_desiredRouterDeployment(t *testing.T) { {"ROUTER_DEFAULT_SERVER_FIN_TIMEOUT", false, ""}, {"ROUTER_DEFAULT_SERVER_TIMEOUT", false, ""}, {"ROUTER_DEFAULT_TUNNEL_TIMEOUT", false, ""}, + {"ROUTER_DEFAULT_CONNECT_TIMEOUT", false, ""}, {"ROUTER_ERRORFILE_503", false, ""}, {"ROUTER_ERRORFILE_404", false, ""}, {"ROUTER_HAPROXY_CONFIG_MANAGER", false, ""}, From 15785bfdca54150b8eff2868261eec062064416c Mon Sep 17 00:00:00 2001 From: Andrey Lebedev Date: Thu, 18 Apr 2024 14:06:54 +0200 Subject: [PATCH 2/2] OCPBUGS-28673: api bump vendor --- vendor/github.com/openshift/api/Makefile | 3 +- vendor/github.com/openshift/api/README.md | 49 ++++++- .../api/apiserver/v1/types_apirequestcount.go | 1 - ..._generated.featuregated-crd-manifests.yaml | 1 - .../openshift/api/config/v1/feature_gates.go | 41 +++++- .../api/config/v1/types_cluster_operator.go | 1 - .../api/config/v1/types_cluster_version.go | 1 - .../openshift/api/config/v1/types_feature.go | 2 + .../openshift/api/config/v1/types_ingress.go | 28 ++-- .../openshift/api/config/v1/types_network.go | 108 ++++++++++++++- .../api/config/v1/zz_generated.deepcopy.go | 79 +++++++++++ ..._generated.featuregated-crd-manifests.yaml | 3 +- .../v1/zz_generated.swagger_doc_generated.go | 33 ++++- vendor/github.com/openshift/api/features.md | 114 ++++++++-------- .../api/machine/v1beta1/types_machine.go | 1 - .../v1beta1/types_machinehealthcheck.go | 1 - .../api/machine/v1beta1/types_machineset.go | 1 - ..._generated.featuregated-crd-manifests.yaml | 3 - .../api/operator/v1/types_authentication.go | 1 - .../api/operator/v1/types_ingress.go | 17 +++ .../api/operator/v1/types_network.go | 83 +++++++++++- ...000_10_config-operator_01_configs.crd.yaml | 1 - ..._12_etcd_01_etcds-CustomNoUpgrade.crd.yaml | 1 - .../0000_12_etcd_01_etcds-Default.crd.yaml | 1 - ...tcd_01_etcds-TechPreviewNoUpgrade.crd.yaml | 1 - ..._kube-apiserver_01_kubeapiservers.crd.yaml | 1 - ...manager_01_kubecontrollermanagers.crd.yaml | 1 - ..._kube-scheduler_01_kubeschedulers.crd.yaml | 1 - ...-apiserver_01_openshiftapiservers.crd.yaml | 1 - ...ud-credential_00_cloudcredentials.crd.yaml | 1 - ...or_00_kubestorageversionmigrators.crd.yaml | 1 - ...authentication_01_authentications.crd.yaml | 1 - .../0000_50_console_01_consoles.crd.yaml | 1 - ..._50_ingress_00_ingresscontrollers.crd.yaml | 13 +- ..._50_insights_00_insightsoperators.crd.yaml | 1 - ...er_02_openshiftcontrollermanagers.crd.yaml | 1 - .../0000_50_service-ca_02_servicecas.crd.yaml | 1 - .../0000_50_storage_01_storages.crd.yaml | 1 - .../0000_70_dns_00_dnses.crd.yaml | 1 - .../0000_70_network_01_networks.crd.yaml | 128 +++++++++++++++++- ...troller_01_csisnapshotcontrollers.crd.yaml | 1 - ...ineconfigurations-CustomNoUpgrade.crd.yaml | 1 - ..._01_machineconfigurations-Default.crd.yaml | 1 - ...nfigurations-TechPreviewNoUpgrade.crd.yaml | 1 - ...0_csi-driver_01_clustercsidrivers.crd.yaml | 1 - .../api/operator/v1/zz_generated.deepcopy.go | 47 +++++++ ..._generated.featuregated-crd-manifests.yaml | 2 - .../v1/zz_generated.swagger_doc_generated.go | 21 +++ .../v1alpha1/types_conditioncheck.go | 1 - ..._generated.featuregated-crd-manifests.yaml | 1 - .../0000_50_dns_01_dnsrecords.crd.yaml | 1 - vendor/modules.txt | 4 +- 52 files changed, 689 insertions(+), 122 deletions(-) diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 30ce998bd4..3b3c94edce 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -153,7 +153,8 @@ write-available-featuresets: .PHONY: clean clean: - rm render write-available-featuresets + rm -f render write-available-featuresets models-schema + rm -rf tools/_output VERSION ?= $(shell git describe --always --abbrev=7) MUTABLE_TAG ?= latest diff --git a/vendor/github.com/openshift/api/README.md b/vendor/github.com/openshift/api/README.md index ce497ea6ed..b46693a108 100644 --- a/vendor/github.com/openshift/api/README.md +++ b/vendor/github.com/openshift/api/README.md @@ -52,6 +52,42 @@ FeatureGateMyFeatureName = newFeatureGate("MyFeatureName"). mustRegister() ``` +### defining tests +Tests are logically associated with FeatureGates. +When adding any FeatureGated functionality a new test file is required. +The test files are located in `//tests//FeatureGate.yaml`: +``` +route/ + v1/ + tests/ + routes.route.openshift.io/ + AAA_ungated.yaml + ExternalRouteCertificate.yaml +``` +Here's an `AAA_ungated.yaml` example: +```yaml +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this. +name: Route +crdName: routes.route.openshift.io +tests: +``` + +Here's an `ExternalRouteCertificate.yaml` example: +```yaml +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this. +name: Route +crdName: routes.route.openshift.io +featureGate: ExternalRouteCertificate +tests: +``` + +The integration tests use the crdName and featureGate to determine which tests apply to which manifests and automatically +react to changes when the FeatureGates are enabled/disabled on various FeatureSets and ClusterProfiles. + +[`gen-minimal-test.sh`](tests/hack/gen-minimal-test.sh) can still function to stub out files if you don't want to +copy/paste an existing one. + + ## defining new APIs When defining a new API, please follow [the OpenShift API @@ -81,7 +117,6 @@ When copying, it matters which `// +foo` markers are two comments blocks up and // +kubebuilder:printcolumn:name=Column Name,JSONPath=.status.something,type=string,description=how users should interpret this. // +kubebuilder:metadata:annotations=key=value // +kubebuilder:metadata:labels=key=value -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // +kubebuilder:validation:XValidation:rule= type MyAPI struct { metav1.TypeMeta `json:",inline"` @@ -173,6 +208,18 @@ No, signing a team up to be a no-FF team includes some basic education on the pr participants are aware the team is moving to that model. If you'd like to sign your team up, please speak with Gina Hargan who will be happy to help on-board your team. +## vendoring generated manifests into other repositories +If your repository relies on vendoring and copying CRD manifests (good job!), you'll need have an import line that +depends on the package that contains the CRD manifests. +For example, adding +```go +import ( + _ "github.com/openshift/api/operatoringress/v1/zz_generated.crd-manifests" +) +``` +to any .go file will work, but some commonly chosen files are `tools/tools.go` or `pkg/dependencymagnet/doc.go`. +Once added, a `go mod vendor` will pick up the package containing the manifests for you to copy. + ## generating CRD schemas Since Kubernetes 1.16, every CRD created in `apiextensions.k8s.io/v1` is required to have a [structural OpenAPIV3 schema](https://kubernetes.io/blog/2019/06/20/crd-structural-schema/). The schemas provide server-side validation for fields, as well as providing the descriptions for `oc explain`. Moreover, schemas ensure structural consistency of data in etcd. Without it anything can be stored in a resource which can have security implications. As we host many of our CRDs in this repo along with their corresponding Go types we also require them to have schemas. However, the following instructions apply for CRDs that are not hosted here as well. diff --git a/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go index 1503571d11..eb4918a661 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go +++ b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go @@ -24,7 +24,6 @@ const ( // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/897 // +openshift:file-pattern=operatorName=kube-apiserver // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // +kubebuilder:printcolumn:name=RemovedInRelease,JSONPath=.status.removedInRelease,type=string,description=Release in which an API will be removed. // +kubebuilder:printcolumn:name=RequestsInCurrentHour,JSONPath=.status.currentHour.requestCount,type=integer,description=Number of requests in the current hour. // +kubebuilder:printcolumn:name=RequestsInLast24h,JSONPath=.status.requestCount,type=integer,description=Number of requests in the last 24h. diff --git a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml index 9a0fd8fd56..f5ff911a2f 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml @@ -1,7 +1,6 @@ apirequestcounts.apiserver.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/897 CRDName: apirequestcounts.apiserver.openshift.io Capability: "" diff --git a/vendor/github.com/openshift/api/config/v1/feature_gates.go b/vendor/github.com/openshift/api/config/v1/feature_gates.go index d7f0b65939..7a9d129cfb 100644 --- a/vendor/github.com/openshift/api/config/v1/feature_gates.go +++ b/vendor/github.com/openshift/api/config/v1/feature_gates.go @@ -22,8 +22,7 @@ type ClusterProfileName string var ( Hypershift = ClusterProfileName("include.release.openshift.io/ibm-cloud-managed") SelfManaged = ClusterProfileName("include.release.openshift.io/self-managed-high-availability") - SingleNode = ClusterProfileName("include.release.openshift.io/single-node-developer") - AllClusterProfiles = []ClusterProfileName{Hypershift, SelfManaged, SingleNode} + AllClusterProfiles = []ClusterProfileName{Hypershift, SelfManaged} ) type OwningProduct string @@ -172,6 +171,27 @@ func AllFeatureSets() map[ClusterProfileName]map[FeatureSet]*FeatureGateEnabledD var ( allFeatureGates = map[ClusterProfileName]map[FeatureSet]*FeatureGateEnabledDisabled{} + FeatureGateServiceAccountTokenNodeBindingValidation = newFeatureGate("ServiceAccountTokenNodeBindingValidation"). + reportProblemsToJiraComponent("apiserver-auth"). + contactPerson("stlaz"). + productScope(kubernetes). + enableIn(TechPreviewNoUpgrade). + mustRegister() + + FeatureGateServiceAccountTokenNodeBinding = newFeatureGate("ServiceAccountTokenNodeBinding"). + reportProblemsToJiraComponent("apiserver-auth"). + contactPerson("stlaz"). + productScope(kubernetes). + enableIn(TechPreviewNoUpgrade). + mustRegister() + + FeatureGateServiceAccountTokenPodNodeInfo = newFeatureGate("ServiceAccountTokenPodNodeInfo"). + reportProblemsToJiraComponent("apiserver-auth"). + contactPerson("stlaz"). + productScope(kubernetes). + enableIn(TechPreviewNoUpgrade). + mustRegister() + FeatureGateValidatingAdmissionPolicy = newFeatureGate("ValidatingAdmissionPolicy"). reportProblemsToJiraComponent("kube-apiserver"). contactPerson("benluddy"). @@ -336,7 +356,7 @@ var ( reportProblemsToJiraComponent("Networking/ovn-kubernetes"). contactPerson("tssurya"). productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). + enableIn(Default, TechPreviewNoUpgrade). mustRegister() FeatureGateNetworkLiveMigration = newFeatureGate("NetworkLiveMigration"). @@ -346,6 +366,13 @@ var ( enableIn(Default, TechPreviewNoUpgrade). mustRegister() + FeatureGateNetworkDiagnosticsConfig = newFeatureGate("NetworkDiagnosticsConfig"). + reportProblemsToJiraComponent("Networking/cluster-network-operator"). + contactPerson("kyrtapz"). + productScope(ocpSpecific). + enableIn(TechPreviewNoUpgrade). + mustRegister() + FeatureGateHardwareSpeed = newFeatureGate("HardwareSpeed"). reportProblemsToJiraComponent("etcd"). contactPerson("hasbro17"). @@ -432,6 +459,7 @@ var ( reportProblemsToJiraComponent("cloud-provider"). contactPerson("jspeed"). productScope(kubernetes). + enableIn(Default, TechPreviewNoUpgrade). mustRegister() FeatureGateOnClusterBuild = newFeatureGate("OnClusterBuild"). @@ -560,4 +588,11 @@ var ( productScope(ocpSpecific). enableIn(TechPreviewNoUpgrade). mustRegister() + + FeatureGateMetricsCollectionProfiles = newFeatureGate("MetricsCollectionProfiles"). + reportProblemsToJiraComponent("Monitoring"). + contactPerson("rexagod"). + productScope(ocpSpecific). + enableIn(TechPreviewNoUpgrade). + mustRegister() ) diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index a5666a78da..7951762ccd 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -26,7 +26,6 @@ import ( // +kubebuilder:printcolumn:name=Degraded,JSONPath=.status.conditions[?(@.type=="Degraded")].status,type=string,description=Whether the operator is degraded. // +kubebuilder:printcolumn:name=Since,JSONPath=.status.conditions[?(@.type=="Available")].lastTransitionTime,type=date,description=The time the operator's Available status last changed. // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true type ClusterOperator struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index d568e1dbe9..2b8c302134 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -26,7 +26,6 @@ import ( // +kubebuilder:printcolumn:name=Since,JSONPath=.status.conditions[?(@.type=="Progressing")].lastTransitionTime,type=date // +kubebuilder:printcolumn:name=Status,JSONPath=.status.conditions[?(@.type=="Progressing")].message,type=string // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true type ClusterVersion struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index 1497077a19..2efe16f4e6 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -65,6 +65,8 @@ type FeatureGateSelection struct { // Turning on or off features may cause irreversible changes in your cluster which cannot be undone. // +unionDiscriminator // +optional + // +kubebuilder:validation:XValidation:rule="oldSelf == 'CustomNoUpgrade' ? self == 'CustomNoUpgrade' : true",message="CustomNoUpgrade may not be changed" + // +kubebuilder:validation:XValidation:rule="oldSelf == 'TechPreviewNoUpgrade' ? self == 'TechPreviewNoUpgrade' : true",message="TechPreviewNoUpgrade may not be changed" FeatureSet FeatureSet `json:"featureSet,omitempty"` // customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. diff --git a/vendor/github.com/openshift/api/config/v1/types_ingress.go b/vendor/github.com/openshift/api/config/v1/types_ingress.go index e7c547d9db..e58ad7f00b 100644 --- a/vendor/github.com/openshift/api/config/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/config/v1/types_ingress.go @@ -169,20 +169,20 @@ const ( // +kubebuilder:validation:MaxLength=512 type ConsumingUser string -// Hostname is an alias for hostname string validation. -// -// The left operand of the | is the original kubebuilder hostname validation format, which is incorrect because it -// allows upper case letters, disallows hyphen or number in the TLD, and allows labels to start/end in non-alphanumeric -// characters. See https://bugzilla.redhat.com/show_bug.cgi?id=2039256. -// ^([a-zA-Z0-9\p{S}\p{L}]((-?[a-zA-Z0-9\p{S}\p{L}]{0,62})?)|([a-zA-Z0-9\p{S}\p{L}](([a-zA-Z0-9-\p{S}\p{L}]{0,61}[a-zA-Z0-9\p{S}\p{L}])?)(\.)){1,}([a-zA-Z\p{L}]){2,63})$ -// -// The right operand of the | is a new pattern that mimics the current API route admission validation on hostname, -// except that it allows hostnames longer than the maximum length: -// ^(([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})[\.]){0,}([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})$ -// -// Both operand patterns are made available so that modifications on ingress spec can still happen after an invalid hostname -// was saved via validation by the incorrect left operand of the | operator. -// +// Hostname is a host name as defined by RFC-1123. +// + --- +// + The left operand of the | is the original kubebuilder hostname validation format, which is incorrect because it +// + allows upper case letters, disallows hyphen or number in the TLD, and allows labels to start/end in non-alphanumeric +// + characters. See https://bugzilla.redhat.com/show_bug.cgi?id=2039256. +// + ^([a-zA-Z0-9\p{S}\p{L}]((-?[a-zA-Z0-9\p{S}\p{L}]{0,62})?)|([a-zA-Z0-9\p{S}\p{L}](([a-zA-Z0-9-\p{S}\p{L}]{0,61}[a-zA-Z0-9\p{S}\p{L}])?)(\.)){1,}([a-zA-Z\p{L}]){2,63})$ +// + +// + The right operand of the | is a new pattern that mimics the current API route admission validation on hostname, +// + except that it allows hostnames longer than the maximum length: +// + ^(([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})[\.]){0,}([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})$ +// + +// + Both operand patterns are made available so that modifications on ingress spec can still happen after an invalid hostname +// + was saved via validation by the incorrect left operand of the | operator. +// + // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9\p{S}\p{L}]((-?[a-zA-Z0-9\p{S}\p{L}]{0,62})?)|([a-zA-Z0-9\p{S}\p{L}](([a-zA-Z0-9-\p{S}\p{L}]{0,61}[a-zA-Z0-9\p{S}\p{L}])?)(\.)){1,}([a-zA-Z\p{L}]){2,63})$|^(([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})[\.]){0,}([a-z0-9][-a-z0-9]{0,61}[a-z0-9]|[a-z0-9]{1,63})$` type Hostname string diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go index e87785e3ec..618aeff3b0 100644 --- a/vendor/github.com/openshift/api/config/v1/types_network.go +++ b/vendor/github.com/openshift/api/config/v1/types_network.go @@ -1,6 +1,9 @@ package v1 -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) // +genclient // +genclient:nonNamespaced @@ -38,6 +41,7 @@ type Network struct { // As a general rule, this SHOULD NOT be read directly. Instead, you should // consume the NetworkStatus, as it indicates the currently deployed configuration. // Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NetworkDiagnosticsConfig,rule="!has(self.networkDiagnostics) || !has(self.networkDiagnostics.mode) || self.networkDiagnostics.mode!='Disabled' || !has(self.networkDiagnostics.sourcePlacement) && !has(self.networkDiagnostics.targetPlacement)",message="cannot set networkDiagnostics.sourcePlacement and networkDiagnostics.targetPlacement when networkDiagnostics.mode is Disabled" type NetworkSpec struct { // IP address pool to use for pod IPs. // This field is immutable after installation. @@ -70,6 +74,17 @@ type NetworkSpec struct { // installed. // +kubebuilder:validation:Pattern=`^([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])-([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$` ServiceNodePortRange string `json:"serviceNodePortRange,omitempty"` + + // networkDiagnostics defines network diagnostics configuration. + // + // Takes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. + // If networkDiagnostics is not specified or is empty, + // and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, + // the network diagnostics feature will be disabled. + // + // +optional + // +openshift:enable:FeatureGate=NetworkDiagnosticsConfig + NetworkDiagnostics NetworkDiagnostics `json:"networkDiagnostics"` } // NetworkStatus is the current network configuration. @@ -92,14 +107,15 @@ type NetworkStatus struct { // conditions represents the observations of a network.config current state. // Known .status.conditions.type are: "NetworkTypeMigrationInProgress", "NetworkTypeMigrationMTUReady", - // "NetworkTypeMigrationTargetCNIAvailable", "NetworkTypeMigrationTargetCNIInUse" - // and "NetworkTypeMigrationOriginalCNIPurged" + // "NetworkTypeMigrationTargetCNIAvailable", "NetworkTypeMigrationTargetCNIInUse", + // "NetworkTypeMigrationOriginalCNIPurged" and "NetworkDiagnosticsAvailable" // +optional // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type // +openshift:enable:FeatureGate=NetworkLiveMigration + // +openshift:enable:FeatureGate=NetworkDiagnosticsConfig Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } @@ -197,3 +213,89 @@ type MTUMigrationValues struct { // +optional From *uint32 `json:"from,omitempty"` } + +// NetworkDiagnosticsMode is an enumeration of the available network diagnostics modes +// Valid values are "", "All", "Disabled". +// +kubebuilder:validation:Enum:="";All;Disabled +type NetworkDiagnosticsMode string + +const ( + // NetworkDiagnosticsNoOpinion means that the user has no opinion and the platform is left + // to choose reasonable default. The current default is All and is a subject to change over time. + NetworkDiagnosticsNoOpinion NetworkDiagnosticsMode = "" + // NetworkDiagnosticsAll means that all network diagnostics checks are enabled + NetworkDiagnosticsAll NetworkDiagnosticsMode = "All" + // NetworkDiagnosticsDisabled means that network diagnostics is disabled + NetworkDiagnosticsDisabled NetworkDiagnosticsMode = "Disabled" +) + +// NetworkDiagnostics defines network diagnostics configuration + +type NetworkDiagnostics struct { + // mode controls the network diagnostics mode + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is All. + // + // +optional + Mode NetworkDiagnosticsMode `json:"mode"` + + // sourcePlacement controls the scheduling of network diagnostics source deployment + // + // See NetworkDiagnosticsSourcePlacement for more details about default values. + // + // +optional + SourcePlacement NetworkDiagnosticsSourcePlacement `json:"sourcePlacement"` + + // targetPlacement controls the scheduling of network diagnostics target daemonset + // + // See NetworkDiagnosticsTargetPlacement for more details about default values. + // + // +optional + TargetPlacement NetworkDiagnosticsTargetPlacement `json:"targetPlacement"` +} + +// NetworkDiagnosticsSourcePlacement defines node scheduling configuration network diagnostics source components +type NetworkDiagnosticsSourcePlacement struct { + // nodeSelector is the node selector applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `kubernetes.io/os: linux`. + // + // +optional + NodeSelector map[string]string `json:"nodeSelector"` + + // tolerations is a list of tolerations applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is an empty list. + // + // +optional + // +listType=atomic + Tolerations []corev1.Toleration `json:"tolerations"` +} + +// NetworkDiagnosticsTargetPlacement defines node scheduling configuration network diagnostics target components +type NetworkDiagnosticsTargetPlacement struct { + // nodeSelector is the node selector applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `kubernetes.io/os: linux`. + // + // +optional + NodeSelector map[string]string `json:"nodeSelector"` + + // tolerations is a list of tolerations applied to network diagnostics components + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is `- operator: "Exists"` which means that all taints are tolerated. + // + // +optional + // +listType=atomic + Tolerations []corev1.Toleration `json:"tolerations"` +} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index ff9409905d..02c2d7221d 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -3597,6 +3597,84 @@ func (in *Network) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkDiagnostics) DeepCopyInto(out *NetworkDiagnostics) { + *out = *in + in.SourcePlacement.DeepCopyInto(&out.SourcePlacement) + in.TargetPlacement.DeepCopyInto(&out.TargetPlacement) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkDiagnostics. +func (in *NetworkDiagnostics) DeepCopy() *NetworkDiagnostics { + if in == nil { + return nil + } + out := new(NetworkDiagnostics) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkDiagnosticsSourcePlacement) DeepCopyInto(out *NetworkDiagnosticsSourcePlacement) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]corev1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkDiagnosticsSourcePlacement. +func (in *NetworkDiagnosticsSourcePlacement) DeepCopy() *NetworkDiagnosticsSourcePlacement { + if in == nil { + return nil + } + out := new(NetworkDiagnosticsSourcePlacement) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkDiagnosticsTargetPlacement) DeepCopyInto(out *NetworkDiagnosticsTargetPlacement) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]corev1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkDiagnosticsTargetPlacement. +func (in *NetworkDiagnosticsTargetPlacement) DeepCopy() *NetworkDiagnosticsTargetPlacement { + if in == nil { + return nil + } + out := new(NetworkDiagnosticsTargetPlacement) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkList) DeepCopyInto(out *NetworkList) { *out = *in @@ -3669,6 +3747,7 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = new(ExternalIPConfig) (*in).DeepCopyInto(*out) } + in.NetworkDiagnostics.DeepCopyInto(&out.NetworkDiagnostics) return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index 5caf575661..286bbbd84e 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -65,7 +65,6 @@ builds.config.openshift.io: clusteroperators.config.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/497 CRDName: clusteroperators.config.openshift.io Capability: "" @@ -109,7 +108,6 @@ clusteroperators.config.openshift.io: clusterversions.config.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/495 CRDName: clusterversions.config.openshift.io Capability: "" @@ -347,6 +345,7 @@ networks.config.openshift.io: Capability: "" Category: "" FeatureGates: + - NetworkDiagnosticsConfig - NetworkLiveMigration FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index f751368b34..5a163ebdc8 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -1987,6 +1987,36 @@ func (Network) SwaggerDoc() map[string]string { return map_Network } +var map_NetworkDiagnostics = map[string]string{ + "mode": "mode controls the network diagnostics mode\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is All.", + "sourcePlacement": "sourcePlacement controls the scheduling of network diagnostics source deployment\n\nSee NetworkDiagnosticsSourcePlacement for more details about default values.", + "targetPlacement": "targetPlacement controls the scheduling of network diagnostics target daemonset\n\nSee NetworkDiagnosticsTargetPlacement for more details about default values.", +} + +func (NetworkDiagnostics) SwaggerDoc() map[string]string { + return map_NetworkDiagnostics +} + +var map_NetworkDiagnosticsSourcePlacement = map[string]string{ + "": "NetworkDiagnosticsSourcePlacement defines node scheduling configuration network diagnostics source components", + "nodeSelector": "nodeSelector is the node selector applied to network diagnostics components\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is `kubernetes.io/os: linux`.", + "tolerations": "tolerations is a list of tolerations applied to network diagnostics components\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is an empty list.", +} + +func (NetworkDiagnosticsSourcePlacement) SwaggerDoc() map[string]string { + return map_NetworkDiagnosticsSourcePlacement +} + +var map_NetworkDiagnosticsTargetPlacement = map[string]string{ + "": "NetworkDiagnosticsTargetPlacement defines node scheduling configuration network diagnostics target components", + "nodeSelector": "nodeSelector is the node selector applied to network diagnostics components\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is `kubernetes.io/os: linux`.", + "tolerations": "tolerations is a list of tolerations applied to network diagnostics components\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is `- operator: \"Exists\"` which means that all taints are tolerated.", +} + +func (NetworkDiagnosticsTargetPlacement) SwaggerDoc() map[string]string { + return map_NetworkDiagnosticsTargetPlacement +} + var map_NetworkList = map[string]string{ "": "Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -2013,6 +2043,7 @@ var map_NetworkSpec = map[string]string{ "networkType": "NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OpenShiftSDN This field is immutable after installation.", "externalIP": "externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set.", "serviceNodePortRange": "The port range allowed for Services of type NodePort. If not specified, the default of 30000-32767 will be used. Such Services without a NodePort specified will have one automatically allocated from this range. This parameter can be updated after the cluster is installed.", + "networkDiagnostics": "networkDiagnostics defines network diagnostics configuration.\n\nTakes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. If networkDiagnostics is not specified or is empty, and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, the network diagnostics feature will be disabled.", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -2026,7 +2057,7 @@ var map_NetworkStatus = map[string]string{ "networkType": "NetworkType is the plugin that is deployed (e.g. OpenShiftSDN).", "clusterNetworkMTU": "ClusterNetworkMTU is the MTU for inter-pod networking.", "migration": "Migration contains the cluster network migration configuration.", - "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkTypeMigrationInProgress\", \"NetworkTypeMigrationMTUReady\", \"NetworkTypeMigrationTargetCNIAvailable\", \"NetworkTypeMigrationTargetCNIInUse\" and \"NetworkTypeMigrationOriginalCNIPurged\"", + "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkTypeMigrationInProgress\", \"NetworkTypeMigrationMTUReady\", \"NetworkTypeMigrationTargetCNIAvailable\", \"NetworkTypeMigrationTargetCNIInUse\", \"NetworkTypeMigrationOriginalCNIPurged\" and \"NetworkDiagnosticsAvailable\"", } func (NetworkStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index 3f99a8a6ef..fd496313af 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -1,54 +1,60 @@ -| FeatureGate | Default on Hypershift | Default on SelfManagedHA | Default on SingleNode | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | TechPreviewNoUpgrade on SingleNode | -| ------ | --- | --- | --- | --- | --- | --- | -| AdminNetworkPolicy| | | | Enabled | Enabled | Enabled | -| AlertingRules| | | | Enabled | Enabled | Enabled | -| AutomatedEtcdBackup| | | | Enabled | Enabled | Enabled | -| CSIDriverSharedResource| | | | Enabled | Enabled | Enabled | -| DNSNameResolver| | | | Enabled | Enabled | Enabled | -| DynamicResourceAllocation| | | | Enabled | Enabled | Enabled | -| Example| | | | Enabled | Enabled | Enabled | -| ExternalRouteCertificate| | | | Enabled | Enabled | Enabled | -| GCPClusterHostedDNS| | | | Enabled | Enabled | Enabled | -| GCPLabelsTags| | | | Enabled | Enabled | Enabled | -| GatewayAPI| | | | Enabled | Enabled | Enabled | -| HardwareSpeed| | | | Enabled | Enabled | Enabled | -| ImagePolicy| | | | Enabled | Enabled | Enabled | -| InsightsConfig| | | | Enabled | Enabled | Enabled | -| InsightsConfigAPI| | | | Enabled | Enabled | Enabled | -| InsightsOnDemandDataGather| | | | Enabled | Enabled | Enabled | -| InstallAlternateInfrastructureAWS| | | | Enabled | Enabled | Enabled | -| MachineAPIProviderOpenStack| | | | Enabled | Enabled | Enabled | -| MachineConfigNodes| | | | Enabled | Enabled | Enabled | -| ManagedBootImages| | | | Enabled | Enabled | Enabled | -| MaxUnavailableStatefulSet| | | | Enabled | Enabled | Enabled | -| MetricsServer| | | | Enabled | Enabled | Enabled | -| MixedCPUsAllocation| | | | Enabled | Enabled | Enabled | -| NewOLM| | | | Enabled | Enabled | Enabled | -| NodeDisruptionPolicy| | | | Enabled | Enabled | Enabled | -| NodeSwap| | | | Enabled | Enabled | Enabled | -| OnClusterBuild| | | | Enabled | Enabled | Enabled | -| PinnedImages| | | | Enabled | Enabled | Enabled | -| PlatformOperators| | | | Enabled | Enabled | Enabled | -| RouteExternalCertificate| | | | Enabled | Enabled | Enabled | -| SignatureStores| | | | Enabled | Enabled | Enabled | -| SigstoreImageVerification| | | | Enabled | Enabled | Enabled | -| TranslateStreamCloseWebsocketRequests| | | | Enabled | Enabled | Enabled | -| UpgradeStatus| | | | Enabled | Enabled | Enabled | -| ValidatingAdmissionPolicy| | | | Enabled | Enabled | Enabled | -| VolumeGroupSnapshot| | | | Enabled | Enabled | Enabled | -| ExternalOIDC| Enabled | | | Enabled | Enabled | Enabled | -| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| BareMetalLoadBalancer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| FeatureGate | Default on Hypershift | Default on SelfManagedHA | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | +| ------ | --- | --- | --- | --- | +| AlertingRules| | | Enabled | Enabled | +| AutomatedEtcdBackup| | | Enabled | Enabled | +| CSIDriverSharedResource| | | Enabled | Enabled | +| DNSNameResolver| | | Enabled | Enabled | +| DynamicResourceAllocation| | | Enabled | Enabled | +| Example| | | Enabled | Enabled | +| ExternalRouteCertificate| | | Enabled | Enabled | +| GCPClusterHostedDNS| | | Enabled | Enabled | +| GCPLabelsTags| | | Enabled | Enabled | +| GatewayAPI| | | Enabled | Enabled | +| HardwareSpeed| | | Enabled | Enabled | +| ImagePolicy| | | Enabled | Enabled | +| InsightsConfig| | | Enabled | Enabled | +| InsightsConfigAPI| | | Enabled | Enabled | +| InsightsOnDemandDataGather| | | Enabled | Enabled | +| InstallAlternateInfrastructureAWS| | | Enabled | Enabled | +| MachineAPIProviderOpenStack| | | Enabled | Enabled | +| MachineConfigNodes| | | Enabled | Enabled | +| ManagedBootImages| | | Enabled | Enabled | +| MaxUnavailableStatefulSet| | | Enabled | Enabled | +| MetricsCollectionProfiles| | | Enabled | Enabled | +| MetricsServer| | | Enabled | Enabled | +| MixedCPUsAllocation| | | Enabled | Enabled | +| NetworkDiagnosticsConfig| | | Enabled | Enabled | +| NewOLM| | | Enabled | Enabled | +| NodeDisruptionPolicy| | | Enabled | Enabled | +| NodeSwap| | | Enabled | Enabled | +| OnClusterBuild| | | Enabled | Enabled | +| PinnedImages| | | Enabled | Enabled | +| PlatformOperators| | | Enabled | Enabled | +| RouteExternalCertificate| | | Enabled | Enabled | +| ServiceAccountTokenNodeBinding| | | Enabled | Enabled | +| ServiceAccountTokenNodeBindingValidation| | | Enabled | Enabled | +| ServiceAccountTokenPodNodeInfo| | | Enabled | Enabled | +| SignatureStores| | | Enabled | Enabled | +| SigstoreImageVerification| | | Enabled | Enabled | +| TranslateStreamCloseWebsocketRequests| | | Enabled | Enabled | +| UpgradeStatus| | | Enabled | Enabled | +| ValidatingAdmissionPolicy| | | Enabled | Enabled | +| VolumeGroupSnapshot| | | Enabled | Enabled | +| ExternalOIDC| Enabled | | Enabled | Enabled | +| AdminNetworkPolicy| Enabled | Enabled | Enabled | Enabled | +| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | +| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | +| BareMetalLoadBalancer| Enabled | Enabled | Enabled | Enabled | +| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | +| CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | +| DisableKubeletCloudCredentialProviders| Enabled | Enabled | Enabled | Enabled | +| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | +| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | +| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | +| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | +| KMSv1| Enabled | Enabled | Enabled | Enabled | +| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | +| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | +| PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | +| VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | +| VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go index 8fbe7859b5..a2752733df 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go @@ -184,7 +184,6 @@ const ( // +openshift:capability=MachineAPI // +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" // +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" // +kubebuilder:printcolumn:name="Phase",type="string",JSONPath=".status.phase",description="Phase of machine" // +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".metadata.labels['machine\\.openshift\\.io/instance-type']",description="Type of instance" // +kubebuilder:printcolumn:name="Region",type="string",JSONPath=".metadata.labels['machine\\.openshift\\.io/region']",description="Region associated with machine" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go index 3f166a9b9f..9963690f8f 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go @@ -21,7 +21,6 @@ type RemediationStrategyType string // +openshift:capability=MachineAPI // +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" // +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" // +k8s:openapi-gen=true // +kubebuilder:printcolumn:name="MaxUnhealthy",type="string",JSONPath=".spec.maxUnhealthy",description="Maximum number of unhealthy machines allowed" // +kubebuilder:printcolumn:name="ExpectedMachines",type="integer",JSONPath=".status.expectedMachines",description="Number of machines currently monitored" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go index 153477137e..aadb519b7d 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go @@ -17,7 +17,6 @@ import ( // +openshift:capability=MachineAPI // +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" // +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" // +kubebuilder:subresource:scale:specpath=.spec.replicas,statuspath=.status.replicas,selectorpath=.status.labelSelector // +kubebuilder:printcolumn:name="Desired",type="integer",JSONPath=".spec.replicas",description="Desired Replicas" // +kubebuilder:printcolumn:name="Current",type="integer",JSONPath=".status.replicas",description="Current Replicas" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml index 61f304ee09..34e093b258 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml @@ -2,7 +2,6 @@ machines.machine.openshift.io: Annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/948 CRDName: machines.machine.openshift.io Capability: MachineAPI @@ -61,7 +60,6 @@ machinehealthchecks.machine.openshift.io: Annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/1032 CRDName: machinehealthchecks.machine.openshift.io Capability: MachineAPI @@ -99,7 +97,6 @@ machinesets.machine.openshift.io: Annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/1032 CRDName: machinesets.machine.openshift.io Capability: MachineAPI diff --git a/vendor/github.com/openshift/api/operator/v1/types_authentication.go b/vendor/github.com/openshift/api/operator/v1/types_authentication.go index 888e8205be..58d8748d97 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/operator/v1/types_authentication.go @@ -13,7 +13,6 @@ import ( // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 // +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=authentication,operatorOrdering=01 // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // Authentication provides information to configure an operator to manage authentication. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 77f5ff7a10..64419ddfc0 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -1649,6 +1649,23 @@ type IngressControllerTuningOptions struct { // +optional TunnelTimeout *metav1.Duration `json:"tunnelTimeout,omitempty"` + // ConnectTimeout defines the maximum time to wait for + // a connection attempt to a server/backend to succeed. + // + // This field expects an unsigned duration string of decimal numbers, each with optional + // fraction and a unit suffix, e.g. "300ms", "1.5h" or "2h45m". + // Valid time units are "ns", "us" (or "µs" U+00B5 or "μs" U+03BC), "ms", "s", "m", "h". + // + // When omitted, this means the user has no opinion and the platform is left + // to choose a reasonable default. This default is subject to change over time. + // The current default is 5s. + // + // +kubebuilder:validation:Optional + // +kubebuilder:validation:Pattern=^(0|([0-9]+(\.[0-9]+)?(ns|us|µs|μs|ms|s|m|h))+)$ + // +kubebuilder:validation:Type:=string + // +optional + ConnectTimeout *metav1.Duration `json:"connectTimeout,omitempty"` + // tlsInspectDelay defines how long the router can hold data to find a // matching route. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index c81707b4c2..970be707e7 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -12,7 +12,6 @@ import ( // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 // +openshift:file-pattern=cvoRunLevel=0000_70,operatorName=network,operatorOrdering=01 // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // Network describes the cluster's desired network configuration. It is // consumed by the cluster-network-operator. @@ -425,6 +424,88 @@ type OVNKubernetesConfig struct { // egressIPConfig holds the configuration for EgressIP options. // +optional EgressIPConfig EgressIPConfig `json:"egressIPConfig,omitempty"` + // ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, + // this means no opinions and the default configuration is used. Check individual + // fields within ipv4 for details of default values. + // +optional + IPv4 *IPv4OVNKubernetesConfig `json:"ipv4,omitempty"` + // ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, + // this means no opinions and the default configuration is used. Check individual + // fields within ipv4 for details of default values. + // +optional + IPv6 *IPv6OVNKubernetesConfig `json:"ipv6,omitempty"` +} + +type IPv4OVNKubernetesConfig struct { + // internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + // by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + // architecture that connects the cluster routers on each node together to enable + // east west traffic. The subnet chosen should not overlap with other networks + // specified for OVN-Kubernetes as well as other networks used on the host. + // The value cannot be changed after installation. + // When ommitted, this means no opinion and the platform is left to choose a reasonable + // default which is subject to change over time. + // The current default subnet is 100.88.0.0/16 + // The subnet must be large enough to accomadate one IP per node in your cluster + // The value must be in proper IPV4 CIDR format + // +kubebuilder:validation:MaxLength=18 + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4",message="Subnet must be in valid IPV4 CIDR format" + // +kubebuilder:validation:XValidation:rule="[self.findAll('[0-9]+')[0]].all(x, x != '0' && int(x) <= 255 && !x.startsWith('0'))",message="first IP address octet must not contain leading zeros, must be greater than 0 and less or equal to 255" + // +kubebuilder:validation:XValidation:rule="[int(self.split('/')[1])].all(x, x <= 30 && x >= 0)",message="subnet must be in the range /0 to /30 inclusive" + // +optional + InternalTransitSwitchSubnet string `json:"internalTransitSwitchSubnet,omitempty"` + // internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. The value cannot be changed + // after installation. + // The current default value is 100.64.0.0/16 + // The subnet must be large enough to accomadate one IP per node in your cluster + // The value must be in proper IPV4 CIDR format + // +kubebuilder:validation:MaxLength=18 + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4",message="Subnet must be in valid IPV4 CIDR format" + // +kubebuilder:validation:XValidation:rule="[self.findAll('[0-9]+')[0]].all(x, x != '0' && int(x) <= 255 && !x.startsWith('0'))",message="first IP address octet must not contain leading zeros, must be greater than 0 and less or equal to 255" + // +kubebuilder:validation:XValidation:rule="[int(self.split('/')[1])].all(x, x <= 30 && x >= 0)",message="subnet must be in the range /0 to /30 inclusive" + // +optional + InternalJoinSubnet string `json:"internalJoinSubnet,omitempty"` +} + +type IPv6OVNKubernetesConfig struct { + // internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + // by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + // architecture that connects the cluster routers on each node together to enable + // east west traffic. The subnet chosen should not overlap with other networks + // specified for OVN-Kubernetes as well as other networks used on the host. + // The value cannot be changed after installation. + // When ommitted, this means no opinion and the platform is left to choose a reasonable + // default which is subject to change over time. + // The subnet must be large enough to accomadate one IP per node in your cluster + // The current default subnet is fd97::/64 + // The value must be in proper IPV6 CIDR format + // Note that IPV6 dual addresses are not permitted + // +kubebuilder:validation:MaxLength=48 + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 6",message="Subnet must be in valid IPV6 CIDR format" + // +kubebuilder:validation:XValidation:rule="self.split('/').size() == 2 && [int(self.split('/')[1])].all(x, x <= 125 && x >= 0)",message="subnet must be in the range /0 to /125 inclusive" + // +kubebuilder:validation:XValidation:rule="self.contains('::') ? self.split('/')[0].split(':').size() <= 8 : self.split('/')[0].split(':').size() == 8",message="a valid IPv6 address must contain 8 segments unless elided (::), in which case it must contain at most 6 non-empty segments" + // +kubebuilder:validation:XValidation:rule="!self.contains('.')",message="IPv6 dual addresses are not permitted, value should not contain `.` characters" + // +optional + InternalTransitSwitchSubnet string `json:"internalTransitSwitchSubnet,omitempty"` + // internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. The value cannot be changed + // after installation. + // The subnet must be large enough to accomadate one IP per node in your cluster + // The current default value is fd98::/48 + // The value must be in proper IPV6 CIDR format + // Note that IPV6 dual addresses are not permitted + // +kubebuilder:validation:MaxLength=48 + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 6",message="Subnet must be in valid IPV6 CIDR format" + // +kubebuilder:validation:XValidation:rule="self.split('/').size() == 2 && [int(self.split('/')[1])].all(x, x <= 125 && x >= 0)",message="subnet must be in the range /0 to /125 inclusive" + // +kubebuilder:validation:XValidation:rule="self.contains('::') ? self.split('/')[0].split(':').size() <= 8 : self.split('/')[0].split(':').size() == 8",message="a valid IPv6 address must contain 8 segments unless elided (::), in which case it must contain at most 6 non-empty segments" + // +kubebuilder:validation:XValidation:rule="!self.contains('.')",message="IPv6 dual addresses are not permitted, value should not contain `.` characters" + // +optional + InternalJoinSubnet string `json:"internalJoinSubnet,omitempty"` } type HybridOverlayConfig struct { diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml index 50c38b36b5..e22cf83ee2 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: configs.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml index faa169690e..ea5b9116e0 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: CustomNoUpgrade name: etcds.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml index 2f4211da83..ec45629b1b 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: Default name: etcds.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml index 31342d3713..5026260cd9 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade name: etcds.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml index 345ef5d988..8e8092e660 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: kubeapiservers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml index 735710f2e5..53d23595a4 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: kubecontrollermanagers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml index 28075e212e..0d9e983d77 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: kubeschedulers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml index ffef1975d3..2cf95765f7 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: openshiftapiservers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml index 12cbcb0225..824107e5df 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml @@ -7,7 +7,6 @@ metadata: capability.openshift.io/name: CloudCredential include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: cloudcredentials.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml index e76f33eb19..1fce4a4522 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: kubestorageversionmigrators.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml index c102c4c03e..bde860827a 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/475 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: authentications.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml index 4c0519ab36..427450931c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: consoles.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml index b928dd0ccc..39be693ccc 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml @@ -7,7 +7,6 @@ metadata: capability.openshift.io/name: Ingress include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: ingresscontrollers.operator.openshift.io spec: group: operator.openshift.io @@ -1552,6 +1551,18 @@ spec: the default timeout is 30s" format: duration type: string + connectTimeout: + description: "ConnectTimeout defines the maximum time to wait + for a connection attempt to a server/backend to succeed. \n + This field expects an unsigned duration string of decimal numbers, + each with optional fraction and a unit suffix, e.g. \"300ms\", + \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or + \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\". + \n When omitted, this means the user has no opinion and the + platform is left to choose a reasonable default. This default + is subject to change over time. The current default is 5s." + pattern: ^(0|([0-9]+(\.[0-9]+)?(ns|us|µs|μs|ms|s|m|h))+)$ + type: string headerBufferBytes: description: "headerBufferBytes describes how much memory should be reserved (in bytes) for IngressController connection sessions. diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml index ca3368f007..b2f695eba3 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: insightsoperators.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml index 6fddefcd7c..723785d33f 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: openshiftcontrollermanagers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml index 818e3306b7..ce25973f70 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: servicecas.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml index 52ba59ffb3..bd14ee8c42 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: storages.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml index 3bedcf2801..8810d71bb3 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: dnses.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml index ca257267ce..5cbe491c57 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml @@ -5,7 +5,6 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/475 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: networks.operator.openshift.io spec: group: operator.openshift.io @@ -472,6 +471,133 @@ spec: x-kubernetes-validations: - message: ipsecConfig.mode is required rule: self == oldSelf || has(self.mode) + ipv4: + description: ipv4 allows users to configure IP settings for + IPv4 connections. When ommitted, this means no opinions + and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: internalJoinSubnet is a v4 subnet used internally + by ovn-kubernetes in case the default one is being already + used by something else. It must not overlap with any + other subnet being used by OpenShift or by the node + network. The size of the subnet must be larger than + the number of nodes. The value cannot be changed after + installation. The current default value is 100.64.0.0/16 + The subnet must be large enough to accomadate one IP + per node in your cluster The value must be in proper + IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: first IP address octet must not contain leading + zeros, must be greater than 0 and less or equal to + 255 + rule: '[self.findAll(''[0-9]+'')[0]].all(x, x != ''0'' + && int(x) <= 255 && !x.startsWith(''0''))' + - message: subnet must be in the range /0 to /30 inclusive + rule: '[int(self.split(''/'')[1])].all(x, x <= 30 && + x >= 0)' + internalTransitSwitchSubnet: + description: internalTransitSwitchSubnet is a v4 subnet + in IPV4 CIDR format used internally by OVN-Kubernetes + for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each + node together to enable east west traffic. The subnet + chosen should not overlap with other networks specified + for OVN-Kubernetes as well as other networks used on + the host. The value cannot be changed after installation. + When ommitted, this means no opinion and the platform + is left to choose a reasonable default which is subject + to change over time. The current default subnet is 100.88.0.0/16 + The subnet must be large enough to accomadate one IP + per node in your cluster The value must be in proper + IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: first IP address octet must not contain leading + zeros, must be greater than 0 and less or equal to + 255 + rule: '[self.findAll(''[0-9]+'')[0]].all(x, x != ''0'' + && int(x) <= 255 && !x.startsWith(''0''))' + - message: subnet must be in the range /0 to /30 inclusive + rule: '[int(self.split(''/'')[1])].all(x, x <= 30 && + x >= 0)' + type: object + ipv6: + description: ipv6 allows users to configure IP settings for + IPv6 connections. When ommitted, this means no opinions + and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: internalJoinSubnet is a v6 subnet used internally + by ovn-kubernetes in case the default one is being already + used by something else. It must not overlap with any + other subnet being used by OpenShift or by the node + network. The size of the subnet must be larger than + the number of nodes. The value cannot be changed after + installation. The subnet must be large enough to accomadate + one IP per node in your cluster The current default + value is fd98::/48 The value must be in proper IPV6 + CIDR format Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: self.split('/').size() == 2 && [int(self.split('/')[1])].all(x, + x <= 125 && x >= 0) + - message: a valid IPv6 address must contain 8 segments + unless elided (::), in which case it must contain + at most 6 non-empty segments + rule: 'self.contains(''::'') ? self.split(''/'')[0].split('':'').size() + <= 8 : self.split(''/'')[0].split('':'').size() == + 8' + - message: IPv6 dual addresses are not permitted, value + should not contain `.` characters + rule: '!self.contains(''.'')' + internalTransitSwitchSubnet: + description: internalTransitSwitchSubnet is a v4 subnet + in IPV4 CIDR format used internally by OVN-Kubernetes + for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each + node together to enable east west traffic. The subnet + chosen should not overlap with other networks specified + for OVN-Kubernetes as well as other networks used on + the host. The value cannot be changed after installation. + When ommitted, this means no opinion and the platform + is left to choose a reasonable default which is subject + to change over time. The subnet must be large enough + to accomadate one IP per node in your cluster The current + default subnet is fd97::/64 The value must be in proper + IPV6 CIDR format Note that IPV6 dual addresses are not + permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: self.split('/').size() == 2 && [int(self.split('/')[1])].all(x, + x <= 125 && x >= 0) + - message: a valid IPv6 address must contain 8 segments + unless elided (::), in which case it must contain + at most 6 non-empty segments + rule: 'self.contains(''::'') ? self.split(''/'')[0].split('':'').size() + <= 8 : self.split(''/'')[0].split('':'').size() == + 8' + - message: IPv6 dual addresses are not permitted, value + should not contain `.` characters + rule: '!self.contains(''.'')' + type: object mtu: description: mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml index d3f7ffec7d..ed15b82c73 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: csisnapshotcontrollers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml index 3a2d46d303..7acdf0d4b8 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: CustomNoUpgrade name: machineconfigurations.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml index 8fd0c546df..5cd178c2c1 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: Default name: machineconfigurations.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml index c030d3c82b..8bb4aa8715 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade name: machineconfigurations.operator.openshift.io spec: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml index 2efda222d2..492777737b 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml @@ -6,7 +6,6 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: clustercsidrivers.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index c98770feec..3df3ef544c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -1798,6 +1798,22 @@ func (in *IPv4GatewayConfig) DeepCopy() *IPv4GatewayConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPv4OVNKubernetesConfig) DeepCopyInto(out *IPv4OVNKubernetesConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPv4OVNKubernetesConfig. +func (in *IPv4OVNKubernetesConfig) DeepCopy() *IPv4OVNKubernetesConfig { + if in == nil { + return nil + } + out := new(IPv4OVNKubernetesConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPv6GatewayConfig) DeepCopyInto(out *IPv6GatewayConfig) { *out = *in @@ -1814,6 +1830,22 @@ func (in *IPv6GatewayConfig) DeepCopy() *IPv6GatewayConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPv6OVNKubernetesConfig) DeepCopyInto(out *IPv6OVNKubernetesConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPv6OVNKubernetesConfig. +func (in *IPv6OVNKubernetesConfig) DeepCopy() *IPv6OVNKubernetesConfig { + if in == nil { + return nil + } + out := new(IPv6OVNKubernetesConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IngressController) DeepCopyInto(out *IngressController) { *out = *in @@ -2236,6 +2268,11 @@ func (in *IngressControllerTuningOptions) DeepCopyInto(out *IngressControllerTun *out = new(metav1.Duration) **out = **in } + if in.ConnectTimeout != nil { + in, out := &in.ConnectTimeout, &out.ConnectTimeout + *out = new(metav1.Duration) + **out = **in + } if in.TLSInspectDelay != nil { in, out := &in.TLSInspectDelay, &out.TLSInspectDelay *out = new(metav1.Duration) @@ -3661,6 +3698,16 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { **out = **in } in.EgressIPConfig.DeepCopyInto(&out.EgressIPConfig) + if in.IPv4 != nil { + in, out := &in.IPv4, &out.IPv4 + *out = new(IPv4OVNKubernetesConfig) + **out = **in + } + if in.IPv6 != nil { + in, out := &in.IPv6, &out.IPv6 + *out = new(IPv6OVNKubernetesConfig) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index c118163875..82fb98c86c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -1,7 +1,6 @@ authentications.operator.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/475 CRDName: authentications.operator.openshift.io Capability: "" @@ -321,7 +320,6 @@ machineconfigurations.operator.openshift.io: networks.operator.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/475 CRDName: networks.operator.openshift.io Capability: "" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 6d9197407d..0743b412fe 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -999,6 +999,7 @@ var map_IngressControllerTuningOptions = map[string]string{ "serverTimeout": "serverTimeout defines how long a connection will be held open while waiting for a server/backend response.\n\nIf unset, the default timeout is 30s", "serverFinTimeout": "serverFinTimeout defines how long a connection will be held open while waiting for the server/backend response to the client closing the connection.\n\nIf unset, the default timeout is 1s", "tunnelTimeout": "tunnelTimeout defines how long a tunnel connection (including websockets) will be held open while the tunnel is idle.\n\nIf unset, the default timeout is 1h", + "connectTimeout": "ConnectTimeout defines the maximum time to wait for a connection attempt to a server/backend to succeed.\n\nThis field expects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, e.g. \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nWhen omitted, this means the user has no opinion and the platform is left to choose a reasonable default. This default is subject to change over time. The current default is 5s.", "tlsInspectDelay": "tlsInspectDelay defines how long the router can hold data to find a matching route.\n\nSetting this too short can cause the router to fall back to the default certificate for edge-terminated or reencrypt routes even when a better matching certificate could be used.\n\nIf unset, the default inspect delay is 5s", "healthCheckInterval": "healthCheckInterval defines how long the router waits between two consecutive health checks on its configured backends. This value is applied globally as a default for all routes, but may be overridden per-route by the route annotation \"router.openshift.io/haproxy.health.check.interval\".\n\nExpects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, eg \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nSetting this to less than 5s can cause excess traffic due to too frequent TCP health checks and accompanying SYN packet storms. Alternatively, setting this too high can result in increased latency, due to backend servers that are no longer available, but haven't yet been detected as such.\n\nAn empty or zero healthCheckInterval means no opinion and IngressController chooses a default, which is subject to change over time. Currently the default healthCheckInterval value is 5s.\n\nCurrently the minimum allowed value is 1s and the maximum allowed value is 2147483647ms (24.85 days). Both are subject to change over time.", "maxConnections": "maxConnections defines the maximum number of simultaneous connections that can be established per HAProxy process. Increasing this value allows each ingress controller pod to handle more connections but at the cost of additional system resources being consumed.\n\nPermitted values are: empty, 0, -1, and the range 2000-2000000.\n\nIf this field is empty or 0, the IngressController will use the default value of 50000, but the default is subject to change in future releases.\n\nIf the value is -1 then HAProxy will dynamically compute a maximum value based on the available ulimits in the running container. Selecting -1 (i.e., auto) will result in a large value being computed (~520000 on OpenShift >=4.10 clusters) and therefore each HAProxy process will incur significant memory usage compared to the current default of 50000.\n\nSetting a value that is greater than the current operating system limit will prevent the HAProxy process from starting.\n\nIf you choose a discrete value (e.g., 750000) and the router pod is migrated to a new node, there's no guarantee that that new node has identical ulimits configured. In such a scenario the pod would fail to start. If you have nodes with different ulimits configured (e.g., different tuned profiles) and you choose a discrete value then the guidance is to use -1 and let the value be computed dynamically at runtime.\n\nYou can monitor memory usage for router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}'.\n\nYou can monitor memory usage of individual HAProxy processes in router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}/container_processes{container=\"router\",namespace=\"openshift-ingress\"}'.", @@ -1571,6 +1572,15 @@ func (IPv4GatewayConfig) SwaggerDoc() map[string]string { return map_IPv4GatewayConfig } +var map_IPv4OVNKubernetesConfig = map[string]string{ + "internalTransitSwitchSubnet": "internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect architecture that connects the cluster routers on each node together to enable east west traffic. The subnet chosen should not overlap with other networks specified for OVN-Kubernetes as well as other networks used on the host. The value cannot be changed after installation. When ommitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The current default subnet is 100.88.0.0/16 The subnet must be large enough to accomadate one IP per node in your cluster The value must be in proper IPV4 CIDR format", + "internalJoinSubnet": "internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. The value cannot be changed after installation. The current default value is 100.64.0.0/16 The subnet must be large enough to accomadate one IP per node in your cluster The value must be in proper IPV4 CIDR format", +} + +func (IPv4OVNKubernetesConfig) SwaggerDoc() map[string]string { + return map_IPv4OVNKubernetesConfig +} + var map_IPv6GatewayConfig = map[string]string{ "": "IPV6GatewayConfig holds the configuration paramaters for IPV6 connections in the GatewayConfig for OVN-Kubernetes", "internalMasqueradeSubnet": "internalMasqueradeSubnet contains the masquerade addresses in IPV6 CIDR format used internally by ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these addresses, as well as the shared gateway bridge interface. The values can be changed after installation. The subnet chosen should not overlap with other networks specified for OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must be large enough to accommodate 6 IPs (maximum prefix length /125). When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The current default subnet is fd69::/125 Note that IPV6 dual addresses are not permitted", @@ -1580,6 +1590,15 @@ func (IPv6GatewayConfig) SwaggerDoc() map[string]string { return map_IPv6GatewayConfig } +var map_IPv6OVNKubernetesConfig = map[string]string{ + "internalTransitSwitchSubnet": "internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect architecture that connects the cluster routers on each node together to enable east west traffic. The subnet chosen should not overlap with other networks specified for OVN-Kubernetes as well as other networks used on the host. The value cannot be changed after installation. When ommitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The subnet must be large enough to accomadate one IP per node in your cluster The current default subnet is fd97::/64 The value must be in proper IPV6 CIDR format Note that IPV6 dual addresses are not permitted", + "internalJoinSubnet": "internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. The value cannot be changed after installation. The subnet must be large enough to accomadate one IP per node in your cluster The current default value is fd98::/48 The value must be in proper IPV6 CIDR format Note that IPV6 dual addresses are not permitted", +} + +func (IPv6OVNKubernetesConfig) SwaggerDoc() map[string]string { + return map_IPv6OVNKubernetesConfig +} + var map_MTUMigration = map[string]string{ "": "MTUMigration MTU contains infomation about MTU migration.", "network": "network contains information about MTU migration for the default network. Migrations are only allowed to MTU values lower than the machine's uplink MTU by the minimum appropriate offset.", @@ -1676,6 +1695,8 @@ var map_OVNKubernetesConfig = map[string]string{ "v4InternalSubnet": "v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. The value cannot be changed after installation. Default is 100.64.0.0/16", "v6InternalSubnet": "v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the default one is being already used by something else. It must not overlap with any other subnet being used by OpenShift or by the node network. The size of the subnet must be larger than the number of nodes. The value cannot be changed after installation. Default is fd98::/48", "egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.", + "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", + "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go index beccf6c11b..f4b48e8545 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go @@ -18,7 +18,6 @@ import ( // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/639 // +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=network,operatorOrdering=01 // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // +openshift:compatibility-gen:level=4 type PodNetworkConnectivityCheck struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 009ddfcc9b..2032118c9c 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -1,7 +1,6 @@ podnetworkconnectivitychecks.controlplane.operator.openshift.io: Annotations: include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/639 CRDName: podnetworkconnectivitychecks.controlplane.operator.openshift.io Capability: "" diff --git a/vendor/github.com/openshift/api/operatoringress/v1/zz_generated.crd-manifests/0000_50_dns_01_dnsrecords.crd.yaml b/vendor/github.com/openshift/api/operatoringress/v1/zz_generated.crd-manifests/0000_50_dns_01_dnsrecords.crd.yaml index 173d84277a..69bf00ef62 100644 --- a/vendor/github.com/openshift/api/operatoringress/v1/zz_generated.crd-manifests/0000_50_dns_01_dnsrecords.crd.yaml +++ b/vendor/github.com/openshift/api/operatoringress/v1/zz_generated.crd-manifests/0000_50_dns_01_dnsrecords.crd.yaml @@ -7,7 +7,6 @@ metadata: capability.openshift.io/name: Ingress include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" name: dnsrecords.ingress.operator.openshift.io spec: group: ingress.operator.openshift.io diff --git a/vendor/modules.txt b/vendor/modules.txt index 864f40b06f..7edec5674c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -381,7 +381,7 @@ github.com/mxk/go-flowrate/flowrate github.com/oklog/ulid # github.com/onsi/ginkgo v1.16.5 ## explicit; go 1.16 -# github.com/openshift/api v3.9.1-0.20190924102528-32369d4db2ad+incompatible => github.com/openshift/api v0.0.0-20240326215622-ff84c2c73227 +# github.com/openshift/api v3.9.1-0.20190924102528-32369d4db2ad+incompatible => github.com/openshift/api v0.0.0-20240405164942-0cc42a39da45 ## explicit; go 1.21 github.com/openshift/api github.com/openshift/api/apiserver @@ -1317,5 +1317,5 @@ sigs.k8s.io/structured-merge-diff/v4/value ## explicit; go 1.12 sigs.k8s.io/yaml # bitbucket.org/ww/goautoneg => github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d -# github.com/openshift/api => github.com/openshift/api v0.0.0-20240326215622-ff84c2c73227 +# github.com/openshift/api => github.com/openshift/api v0.0.0-20240405164942-0cc42a39da45 # k8s.io/client-go => k8s.io/client-go v0.29.0