Cluster is the Schema for the Clusters API. An Anthos cluster running on AWS.
Type
CRD
Group
containeraws.gcp.upbound.io
Version
v1beta1
apiVersion: containeraws.gcp.upbound.io/v1beta1
kind: Cluster
ClusterSpec defines the desired state of Cluster
No description provided.
Configuration related to the cluster RBAC settings.
Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
Configuration related to the cluster control plane.
Authentication configuration for management of AWS resources.
The ARN of the AWS KMS key used to encrypt cluster configuration.
The ARN of the AWS KMS key used to encrypt cluster secrets.
Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
Proxy configuration for outbound HTTP(S) traffic.
Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
Optional. SSH configuration for how to access the underlying control plane machines.
The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
Cluster-wide networking configuration.
All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
ClusterStatus defines the observed state of Cluster.
No description provided.
Fleet configuration.
Output only. Workload Identity settings.
Conditions of the resource.
example-aws-cluster
apiVersion: containeraws.gcp.upbound.io/v1beta1
kind: Cluster
metadata:
annotations:
meta.upbound.io/example-id: containeraws/v1beta1/cluster
upjet.upbound.io/manual-intervention: AWS Infrastructure is required to test
this resource. Manifests for deploying these via provider-aws are
available in the `provider-aws` folder.
labels:
testing.upbound.io/example-name: example-aws-cluster
name: example-aws-cluster
spec:
forProvider:
annotations:
example-name: example-aws-cluster
authorization:
- adminUsers:
- username: emailAddress:my@service-account.com
awsRegion: my-aws-region
controlPlane:
- awsServicesAuthentication:
- roleArn: arn:aws:iam::012345678910:role/containeraws-gcp-upbound-api-role
roleSessionName: example-aws-cluster-session
configEncryption:
- kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
databaseEncryption:
- kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
iamInstanceProfile: containeraws-gcp-upbound-ctp-profile
instanceType: t3.medium
mainVolume:
- iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
rootVolume:
- iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
subnetIds:
- subnet-00000000000000000
version: 1.23.8-gke.1700
description: Example aws cluster
fleet:
- project: my-project-number
location: us-west1
networking:
- podAddressCidrBlocks:
- 10.2.0.0/16
serviceAddressCidrBlocks:
- 10.1.0.0/16
vpcId: vpc-00000000000000000
project: my-project-name
example-aws-nodepool
apiVersion: containeraws.gcp.upbound.io/v1beta1
kind: Cluster
metadata:
annotations:
meta.upbound.io/example-id: containeraws/v1beta1/nodepool
upjet.upbound.io/manual-intervention: AWS Infrastructure is required to test
this resource. Manifests for deploying these via provider-aws are
available in the `provider-aws` folder.
labels:
testing.upbound.io/example-name: example-aws-nodepool
name: example-aws-nodepool
spec:
forProvider:
annotations:
example-name: example-aws-nodepool
authorization:
- adminUsers:
- username: emailAddress:my@service-account.com
awsRegion: my-aws-region
controlPlane:
- awsServicesAuthentication:
- roleArn: arn:aws:iam::012345678910:role/containeraws-gcp-upbound-api-role
roleSessionName: example-aws-nodepool-session
configEncryption:
- kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
databaseEncryption:
- kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
iamInstanceProfile: containeraws-gcp-upbound-ctp-profile
instanceType: t3.medium
mainVolume:
- iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
rootVolume:
- iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
subnetIds:
- subnet-00000000000000000
version: 1.23.8-gke.1700
description: Example aws nodepool
fleet:
- project: my-project-number
location: us-west1
networking:
- podAddressCidrBlocks:
- 10.2.0.0/16
serviceAddressCidrBlocks:
- 10.1.0.0/16
vpcId: vpc-00000000000000000
project: my-project-name
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.