1 /* 2 Copyright 2018 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1alpha1 18 19 import ( 20 corev1 "k8s.io/api/core/v1" 21 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 ) 23 24 // OpenstackProviderSpec is the type that will be embedded in a Machine.Spec.ProviderSpec field 25 // for an OpenStack Instance. It is used by the Openstack machine actuator to create a single machine instance. 26 // +k8s:openapi-gen=true 27 // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. 28 // +openshift:compatibility-gen:level=4 29 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 30 type OpenstackProviderSpec struct { 31 metav1.TypeMeta `json:",inline"` 32 33 // metadata is the standard object's metadata. 34 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 35 metav1.ObjectMeta `json:"metadata,omitempty"` 36 37 // The name of the secret containing the openstack credentials 38 CloudsSecret *corev1.SecretReference `json:"cloudsSecret"` 39 40 // The name of the cloud to use from the clouds secret 41 CloudName string `json:"cloudName"` 42 43 // The flavor reference for the flavor for your server instance. 44 Flavor string `json:"flavor"` 45 46 // The name of the image to use for your server instance. 47 // If the RootVolume is specified, this will be ignored and use rootVolume directly. 48 Image string `json:"image"` 49 50 // The ssh key to inject in the instance 51 KeyName string `json:"keyName,omitempty"` 52 53 // The machine ssh username 54 SshUserName string `json:"sshUserName,omitempty"` 55 56 // A networks object. Required parameter when there are multiple networks defined for the tenant. 57 // When you do not specify the networks parameter, the server attaches to the only network created for the current tenant. 58 Networks []NetworkParam `json:"networks,omitempty"` 59 60 // Create and assign additional ports to instances 61 Ports []PortOpts `json:"ports,omitempty"` 62 63 // floatingIP specifies a floating IP to be associated with the machine. 64 // Note that it is not safe to use this parameter in a MachineSet, as 65 // only one Machine may be assigned the same floating IP. 66 // 67 // Deprecated: floatingIP will be removed in a future release as it cannot be implemented correctly. 68 FloatingIP string `json:"floatingIP,omitempty"` 69 70 // The availability zone from which to launch the server. 71 AvailabilityZone string `json:"availabilityZone,omitempty"` 72 73 // The names of the security groups to assign to the instance 74 SecurityGroups []SecurityGroupParam `json:"securityGroups,omitempty"` 75 76 // The name of the secret containing the user data (startup script in most cases) 77 UserDataSecret *corev1.SecretReference `json:"userDataSecret,omitempty"` 78 79 // Whether the server instance is created on a trunk port or not. 80 Trunk bool `json:"trunk,omitempty"` 81 82 // Machine tags 83 // Requires Nova api 2.52 minimum! 84 Tags []string `json:"tags,omitempty"` 85 86 // Metadata mapping. Allows you to create a map of key value pairs to add to the server instance. 87 ServerMetadata map[string]string `json:"serverMetadata,omitempty"` 88 89 // Config Drive support 90 ConfigDrive *bool `json:"configDrive,omitempty"` 91 92 // The volume metadata to boot from 93 RootVolume *RootVolume `json:"rootVolume,omitempty"` 94 95 // The server group to assign the machine to. 96 ServerGroupID string `json:"serverGroupID,omitempty"` 97 98 // The server group to assign the machine to. A server group with that 99 // name will be created if it does not exist. If both ServerGroupID and 100 // ServerGroupName are non-empty, they must refer to the same OpenStack 101 // resource. 102 ServerGroupName string `json:"serverGroupName,omitempty"` 103 104 // The subnet that a set of machines will get ingress/egress traffic from 105 PrimarySubnet string `json:"primarySubnet,omitempty"` 106 } 107 108 type SecurityGroupParam struct { 109 // Security Group UUID 110 UUID string `json:"uuid,omitempty"` 111 // Security Group name 112 Name string `json:"name,omitempty"` 113 // Filters used to query security groups in openstack 114 Filter SecurityGroupFilter `json:"filter,omitempty"` 115 } 116 117 type SecurityGroupFilter struct { 118 // id specifies the ID of a security group to use. If set, id will not 119 // be validated before use. An invalid id will result in failure to 120 // create a server with an appropriate error message. 121 ID string `json:"id,omitempty"` 122 // name filters security groups by name. 123 Name string `json:"name,omitempty"` 124 // description filters security groups by description. 125 Description string `json:"description,omitempty"` 126 // tenantId filters security groups by tenant ID. 127 // Deprecated: use projectId instead. tenantId will be ignored if projectId is set. 128 TenantID string `json:"tenantId,omitempty"` 129 // projectId filters security groups by project ID. 130 ProjectID string `json:"projectId,omitempty"` 131 // tags filters by security groups containing all specified tags. 132 // Multiple tags are comma separated. 133 Tags string `json:"tags,omitempty"` 134 // tagsAny filters by security groups containing any specified tags. 135 // Multiple tags are comma separated. 136 TagsAny string `json:"tagsAny,omitempty"` 137 // notTags filters by security groups which don't match all specified tags. NOT (t1 AND t2...) 138 // Multiple tags are comma separated. 139 NotTags string `json:"notTags,omitempty"` 140 // notTagsAny filters by security groups which don't match any specified tags. NOT (t1 OR t2...) 141 // Multiple tags are comma separated. 142 NotTagsAny string `json:"notTagsAny,omitempty"` 143 144 // Deprecated: limit is silently ignored. It has no replacement. 145 DeprecatedLimit int `json:"limit,omitempty"` 146 // Deprecated: marker is silently ignored. It has no replacement. 147 DeprecatedMarker string `json:"marker,omitempty"` 148 // Deprecated: sortKey is silently ignored. It has no replacement. 149 DeprecatedSortKey string `json:"sortKey,omitempty"` 150 // Deprecated: sortDir is silently ignored. It has no replacement. 151 DeprecatedSortDir string `json:"sortDir,omitempty"` 152 } 153 154 type NetworkParam struct { 155 // The UUID of the network. Required if you omit the port attribute. 156 UUID string `json:"uuid,omitempty"` 157 // A fixed IPv4 address for the NIC. 158 FixedIp string `json:"fixedIp,omitempty"` 159 // Filters for optional network query 160 Filter Filter `json:"filter,omitempty"` 161 // Subnet within a network to use 162 Subnets []SubnetParam `json:"subnets,omitempty"` 163 // NoAllowedAddressPairs disables creation of allowed address pairs for the network ports 164 NoAllowedAddressPairs bool `json:"noAllowedAddressPairs,omitempty"` 165 // PortTags allows users to specify a list of tags to add to ports created in a given network 166 PortTags []string `json:"portTags,omitempty"` 167 // The virtual network interface card (vNIC) type that is bound to the 168 // neutron port. 169 VNICType string `json:"vnicType,omitempty"` 170 // A dictionary that enables the application running on the specified 171 // host to pass and receive virtual network interface (VIF) port-specific 172 // information to the plug-in. 173 Profile map[string]string `json:"profile,omitempty"` 174 // PortSecurity optionally enables or disables security on ports managed by OpenStack 175 PortSecurity *bool `json:"portSecurity,omitempty"` 176 } 177 178 type Filter struct { 179 // Deprecated: use NetworkParam.uuid instead. Ignored if NetworkParam.uuid is set. 180 ID string `json:"id,omitempty"` 181 // name filters networks by name. 182 Name string `json:"name,omitempty"` 183 // description filters networks by description. 184 Description string `json:"description,omitempty"` 185 // tenantId filters networks by tenant ID. 186 // Deprecated: use projectId instead. tenantId will be ignored if projectId is set. 187 TenantID string `json:"tenantId,omitempty"` 188 // projectId filters networks by project ID. 189 ProjectID string `json:"projectId,omitempty"` 190 // tags filters by networks containing all specified tags. 191 // Multiple tags are comma separated. 192 Tags string `json:"tags,omitempty"` 193 // tagsAny filters by networks containing any specified tags. 194 // Multiple tags are comma separated. 195 TagsAny string `json:"tagsAny,omitempty"` 196 // notTags filters by networks which don't match all specified tags. NOT (t1 AND t2...) 197 // Multiple tags are comma separated. 198 NotTags string `json:"notTags,omitempty"` 199 // notTagsAny filters by networks which don't match any specified tags. NOT (t1 OR t2...) 200 // Multiple tags are comma separated. 201 NotTagsAny string `json:"notTagsAny,omitempty"` 202 203 // Deprecated: status is silently ignored. It has no replacement. 204 DeprecatedStatus string `json:"status,omitempty"` 205 // Deprecated: adminStateUp is silently ignored. It has no replacement. 206 DeprecatedAdminStateUp *bool `json:"adminStateUp,omitempty"` 207 // Deprecated: shared is silently ignored. It has no replacement. 208 DeprecatedShared *bool `json:"shared,omitempty"` 209 // Deprecated: marker is silently ignored. It has no replacement. 210 DeprecatedMarker string `json:"marker,omitempty"` 211 // Deprecated: limit is silently ignored. It has no replacement. 212 DeprecatedLimit int `json:"limit,omitempty"` 213 // Deprecated: sortKey is silently ignored. It has no replacement. 214 DeprecatedSortKey string `json:"sortKey,omitempty"` 215 // Deprecated: sortDir is silently ignored. It has no replacement. 216 DeprecatedSortDir string `json:"sortDir,omitempty"` 217 } 218 219 type SubnetParam struct { 220 // The UUID of the network. Required if you omit the port attribute. 221 UUID string `json:"uuid,omitempty"` 222 223 // Filters for optional network query 224 Filter SubnetFilter `json:"filter,omitempty"` 225 226 // PortTags are tags that are added to ports created on this subnet 227 PortTags []string `json:"portTags,omitempty"` 228 229 // PortSecurity optionally enables or disables security on ports managed by OpenStack 230 PortSecurity *bool `json:"portSecurity,omitempty"` 231 } 232 233 type SubnetFilter struct { 234 // id is the uuid of a specific subnet to use. If specified, id will not 235 // be validated. Instead server creation will fail with an appropriate 236 // error. 237 ID string `json:"id,omitempty"` 238 // name filters subnets by name. 239 Name string `json:"name,omitempty"` 240 // description filters subnets by description. 241 Description string `json:"description,omitempty"` 242 // Deprecated: networkId is silently ignored. Set uuid on the containing network definition instead. 243 NetworkID string `json:"networkId,omitempty"` 244 // tenantId filters subnets by tenant ID. 245 // Deprecated: use projectId instead. tenantId will be ignored if projectId is set. 246 TenantID string `json:"tenantId,omitempty"` 247 // projectId filters subnets by project ID. 248 ProjectID string `json:"projectId,omitempty"` 249 // ipVersion filters subnets by IP version. 250 IPVersion int `json:"ipVersion,omitempty"` 251 // gateway_ip filters subnets by gateway IP. 252 GatewayIP string `json:"gateway_ip,omitempty"` 253 // cidr filters subnets by CIDR. 254 CIDR string `json:"cidr,omitempty"` 255 // ipv6AddressMode filters subnets by IPv6 address mode. 256 IPv6AddressMode string `json:"ipv6AddressMode,omitempty"` 257 // ipv6RaMode filters subnets by IPv6 router adversiement mode. 258 IPv6RAMode string `json:"ipv6RaMode,omitempty"` 259 // subnetpoolId filters subnets by subnet pool ID. 260 SubnetPoolID string `json:"subnetpoolId,omitempty"` 261 // tags filters by subnets containing all specified tags. 262 // Multiple tags are comma separated. 263 Tags string `json:"tags,omitempty"` 264 // tagsAny filters by subnets containing any specified tags. 265 // Multiple tags are comma separated. 266 TagsAny string `json:"tagsAny,omitempty"` 267 // notTags filters by subnets which don't match all specified tags. NOT (t1 AND t2...) 268 // Multiple tags are comma separated. 269 NotTags string `json:"notTags,omitempty"` 270 // notTagsAny filters by subnets which don't match any specified tags. NOT (t1 OR t2...) 271 // Multiple tags are comma separated. 272 NotTagsAny string `json:"notTagsAny,omitempty"` 273 274 // Deprecated: enableDhcp is silently ignored. It has no replacement. 275 DeprecatedEnableDHCP *bool `json:"enableDhcp,omitempty"` 276 // Deprecated: limit is silently ignored. It has no replacement. 277 DeprecatedLimit int `json:"limit,omitempty"` 278 // Deprecated: marker is silently ignored. It has no replacement. 279 DeprecatedMarker string `json:"marker,omitempty"` 280 // Deprecated: sortKey is silently ignored. It has no replacement. 281 DeprecatedSortKey string `json:"sortKey,omitempty"` 282 // Deprecated: sortDir is silently ignored. It has no replacement. 283 DeprecatedSortDir string `json:"sortDir,omitempty"` 284 } 285 286 type PortOpts struct { 287 // networkID is the ID of the network the port will be created in. It is required. 288 // +required 289 NetworkID string `json:"networkID"` 290 // If nameSuffix is specified the created port will be named <machine name>-<nameSuffix>. 291 // If not specified the port will be named <machine-name>-<index of this port>. 292 NameSuffix string `json:"nameSuffix,omitempty"` 293 // description specifies the description of the created port. 294 Description string `json:"description,omitempty"` 295 // adminStateUp sets the administrative state of the created port to up (true), or down (false). 296 AdminStateUp *bool `json:"adminStateUp,omitempty"` 297 // macAddress specifies the MAC address of the created port. 298 MACAddress string `json:"macAddress,omitempty"` 299 // fixedIPs specifies a set of fixed IPs to assign to the port. They must all be valid for the port's network. 300 FixedIPs []FixedIPs `json:"fixedIPs,omitempty"` 301 // tenantID specifies the tenant ID of the created port. Note that this 302 // requires OpenShift to have administrative permissions, which is 303 // typically not the case. Use of this field is not recommended. 304 // Deprecated: use projectID instead. It will be ignored if projectID is set. 305 TenantID string `json:"tenantID,omitempty"` 306 // projectID specifies the project ID of the created port. Note that this 307 // requires OpenShift to have administrative permissions, which is 308 // typically not the case. Use of this field is not recommended. 309 ProjectID string `json:"projectID,omitempty"` 310 // securityGroups specifies a set of security group UUIDs to use instead 311 // of the machine's default security groups. The default security groups 312 // will be used if this is left empty or not specified. 313 SecurityGroups *[]string `json:"securityGroups,omitempty"` 314 // allowedAddressPairs specifies a set of allowed address pairs to add to the port. 315 AllowedAddressPairs []AddressPair `json:"allowedAddressPairs,omitempty"` 316 // tags species a set of tags to add to the port. 317 Tags []string `json:"tags,omitempty"` 318 // The virtual network interface card (vNIC) type that is bound to the 319 // neutron port. 320 VNICType string `json:"vnicType,omitempty"` 321 // A dictionary that enables the application running on the specified 322 // host to pass and receive virtual network interface (VIF) port-specific 323 // information to the plug-in. 324 Profile map[string]string `json:"profile,omitempty"` 325 // enable or disable security on a given port 326 // incompatible with securityGroups and allowedAddressPairs 327 PortSecurity *bool `json:"portSecurity,omitempty"` 328 // Enables and disables trunk at port level. If not provided, openStackMachine.Spec.Trunk is inherited. 329 Trunk *bool `json:"trunk,omitempty"` 330 331 // The ID of the host where the port is allocated. Do not use this 332 // field: it cannot be used correctly. 333 // Deprecated: hostID is silently ignored. It will be removed with no replacement. 334 DeprecatedHostID string `json:"hostID,omitempty"` 335 } 336 337 type AddressPair struct { 338 IPAddress string `json:"ipAddress,omitempty"` 339 MACAddress string `json:"macAddress,omitempty"` 340 } 341 342 type FixedIPs struct { 343 // subnetID specifies the ID of the subnet where the fixed IP will be allocated. 344 SubnetID string `json:"subnetID"` 345 // ipAddress is a specific IP address to use in the given subnet. Port 346 // creation will fail if the address is not available. If not specified, 347 // an available IP from the given subnet will be selected automatically. 348 IPAddress string `json:"ipAddress,omitempty"` 349 } 350 351 type RootVolume struct { 352 // sourceUUID specifies the UUID of a glance image used to populate the root volume. 353 // Deprecated: set image in the platform spec instead. This will be 354 // ignored if image is set in the platform spec. 355 SourceUUID string `json:"sourceUUID,omitempty"` 356 // volumeType specifies a volume type to use when creating the root 357 // volume. If not specified the default volume type will be used. 358 VolumeType string `json:"volumeType,omitempty"` 359 // diskSize specifies the size, in GB, of the created root volume. 360 Size int `json:"diskSize,omitempty"` 361 // availabilityZone specifies the Cinder availability where the root volume will be created. 362 Zone string `json:"availabilityZone,omitempty"` 363 364 // Deprecated: sourceType will be silently ignored. There is no replacement. 365 DeprecatedSourceType string `json:"sourceType,omitempty"` 366 // Deprecated: deviceType will be silently ignored. There is no replacement. 367 DeprecatedDeviceType string `json:"deviceType,omitempty"` 368 } 369