Last generated January 9, 2023
AWSCluster
Deprecation: This CRD will be removed once Cluster API resources are used for all AWS workload clusters.
AWSCluster is the infrastructure provider referenced in upstream CAPI Cluster CRs.
Version v1alpha2
Example CR
apiVersion: infrastructure.giantswarm.io/v1alpha2
kind: AWSCluster
metadata:
annotations:
giantswarm.io/docs: https://docs.giantswarm.io/ui-api/management-api/crd/awsclusters.infrastructure.giantswarm.io/
creationTimestamp: null
name: g8kw3
spec:
cluster:
description: Dev cluster
dns:
domain: g8s.example.com
kubeProxy:
conntrackMaxPerCore: 100000
oidc:
claims:
groups: groups-field
username: username-field
clientID: some-example-client-id
issuerURL: https://idp.example.com/
provider:
credentialSecret:
name: example-credential
namespace: example-namespace
master:
availabilityZone: eu-central-1b
instanceType: m5.2xlarge
nodes: {}
pods:
cidrBlock: 10.2.0.0/16
externalSNAT: true
region: eu-central-1
Properties
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
.metadata
.spec
AWSClusterSpec is the spec part for the AWSCluster resource.
.spec.cluster
Cluster specification details.
.spec.cluster.description
User-friendly description that should explain the purpose of the cluster to humans.
.spec.cluster.dns
DNS configuration details.
.spec.cluster.dns.domain
.spec.cluster.kubeProxy
Flags passed to kube-proxy on each node.
.spec.cluster.kubeProxy.conntrackMaxPerCore
Maximum number of NAT connections to track per CPU core (0 for default). Passed to kube-proxy as –conntrack-max-per-core.
.spec.cluster.oidc
Configuration for OpenID Connect (OIDC) authentication.
.spec.cluster.oidc.claims
AWSClusterSpecClusterOIDCClaims defines OIDC claims.
.spec.cluster.oidc.claims.groups
.spec.cluster.oidc.claims.username
.spec.cluster.oidc.clientID
.spec.cluster.oidc.issuerURL
.spec.provider
Provider-specific configuration details.
.spec.provider.credentialSecret
Location of a secret providing the ARN of AWS IAM identity to use with this cluster.
.spec.provider.credentialSecret.name
Name of the provider credential resoure.
.spec.provider.credentialSecret.namespace
Kubernetes namespace holding the provider credential.
.spec.provider.master
Master holds master node configuration details. Note that this attribute is being deprecated. The master node specification can now be found in the AWSControlPlane resource.
.spec.provider.master.availabilityZone
AWS availability zone to place the master node in.
.spec.provider.master.instanceType
AWS EC2 instance type to use for the master node.
.spec.provider.nodes
Node network configuration.
.spec.provider.nodes.networkPool
NetworkPool represents a range of IP addresses to chose chunks from for master and worker node subnets.
.spec.provider.pods
Pod network configuration.
.spec.provider.pods.cidrBlock
IPv4 address block used for pods, in CIDR notation.
.spec.provider.pods.externalSNAT
When set to false, pod connections outside the VPC where the pod is located will be NATed through the node primary IP. When set to true, all connections will use the pod IP.
.spec.provider.region
AWS region the cluster is to be running in.
.status
Spec part of the AWSCluster resource.
.status.cluster
Cluster-specific status details, including conditions and versions.
.status.cluster.conditions
One or several conditions that are currently applicable to the cluster.
.status.cluster.conditions[*]
CommonClusterStatusCondition explains the current condition(s) of the cluster.
.status.cluster.conditions[*].condition
Condition string, e. g. Creating, Created, Upgraded.
.status.cluster.conditions[*].lastTransitionTime
Time the condition occurred.
.status.cluster.id
Identifier of the cluster.
.status.cluster.versions
Workload cluster release versions the cluster used so far.
.status.cluster.versions[*]
CommonClusterStatusVersion informs which aws-operator version was/responsible for this cluster.
.status.cluster.versions[*].lastTransitionTime
Time the cluster assumed the given version.
.status.cluster.versions[*].version
The aws-operator version responsible for handling the cluster.
.status.provider
Provider-specific status details.
.status.provider.network
Network-specific configuration details
.status.provider.network.cidr
IPv4 address block used by the workload cluster nodes, in CIDR notation.
.status.provider.network.vpcID
Identifier of the AWS Virtual Private Cloud (VPC) of the workload cluster, e.g. vpc-1234567890abcdef0.
Annotations
alpha.aws.giantswarm.io/aws-subnet-size
This annotation is used to configure the workload cluster’s control plane subnet size when used on an AWSCluster resource or to configure the workload cluster’s node pool subnet size when used on an AWSMachineDeployment resource. The value is a number that will represent the subnet mask used when creating the subnet. It must be smaller than 28 due to AWS restrictions.
alpha.aws.giantswarm.io/update-max-batch-size
This annotation is used for configuring maximum batch size for instances termination during ASG update. The value can be either a whole number specifying the number of instances or a percentage of total instances as decimal number ie 0.3 for 30%. See fine-tuning upgrade disruption and AWS documentation for additional information.
alpha.aws.giantswarm.io/update-pause-time
This annotation is used for configuring time pause between rolling a single batch during ASG update. The value must be in ISO 8601 duration format, e. g. “PT5M” for five minutes or “PT10S” for 10 seconds. See fine-tuning upgrade disruption and AWS documentation for additional information.
alpha.cni.aws.giantswarm.io/minimum-ip-target
This annotation allows configuration of the MINIMUM_IP_TARGET parameter for AWS CNI. See CNI Configuration Variables and ENI and IP Target
alpha.cni.aws.giantswarm.io/prefix-delegation
This annotation allows configuration of the ENABLE_PREFIX_DELEGATION parameter for AWS CNI. See Enable Prefix Delegation
alpha.cni.aws.giantswarm.io/warm-ip-target
This annotation allows configuration of the WARM_IP_TARGET parameter for AWS CNI. See CNI Configuration Variables and ENI and IP Target
Version v1alpha3
Example CR
apiVersion: infrastructure.giantswarm.io/v1alpha3
kind: AWSCluster
metadata:
annotations:
giantswarm.io/docs: https://docs.giantswarm.io/ui-api/management-api/crd/awsclusters.infrastructure.giantswarm.io/
creationTimestamp: null
name: g8kw3
spec:
cluster:
description: Dev cluster
dns:
domain: g8s.example.com
kubeProxy:
conntrackMaxPerCore: 100000
oidc:
claims:
groups: groups-field
username: username-field
clientID: some-example-client-id
issuerURL: https://idp.example.com/
provider:
credentialSecret:
name: example-credential
namespace: example-namespace
master:
availabilityZone: eu-central-1b
instanceType: m5.2xlarge
nodes: {}
pods:
cidrBlock: 10.2.0.0/16
externalSNAT: true
region: eu-central-1
Properties
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
.metadata
.spec
AWSClusterSpec is the spec part for the AWSCluster resource.
.spec.cluster
Cluster specification details.
.spec.cluster.description
User-friendly description that should explain the purpose of the cluster to humans.
.spec.cluster.dns
DNS configuration details.
.spec.cluster.dns.domain
.spec.cluster.kubeProxy
Flags passed to kube-proxy on each node.
.spec.cluster.kubeProxy.conntrackMaxPerCore
Maximum number of NAT connections to track per CPU core (0 for default). Passed to kube-proxy as –conntrack-max-per-core.
.spec.cluster.oidc
Configuration for OpenID Connect (OIDC) authentication.
.spec.cluster.oidc.claims
AWSClusterSpecClusterOIDCClaims defines OIDC claims.
.spec.cluster.oidc.claims.groups
.spec.cluster.oidc.claims.username
.spec.cluster.oidc.clientID
.spec.cluster.oidc.issuerURL
.spec.provider
Provider-specific configuration details.
.spec.provider.credentialSecret
Location of a secret providing the ARN of AWS IAM identity to use with this cluster.
.spec.provider.credentialSecret.name
Name of the provider credential resoure.
.spec.provider.credentialSecret.namespace
Kubernetes namespace holding the provider credential.
.spec.provider.master
Master holds master node configuration details. Note that this attribute is being deprecated. The master node specification can now be found in the AWSControlPlane resource.
.spec.provider.master.availabilityZone
AWS availability zone to place the master node in.
.spec.provider.master.instanceType
AWS EC2 instance type to use for the master node.
.spec.provider.nodes
Node network configuration.
.spec.provider.nodes.networkPool
NetworkPool represents a range of IP addresses to chose chunks from for master and worker node subnets.
.spec.provider.pods
Pod network configuration.
.spec.provider.pods.cidrBlock
IPv4 address block used for pods, in CIDR notation.
.spec.provider.pods.externalSNAT
When set to false, pod connections outside the VPC where the pod is located will be NATed through the node primary IP. When set to true, all connections will use the pod IP.
.spec.provider.region
AWS region the cluster is to be running in.
.status
Spec part of the AWSCluster resource.
.status.cluster
Cluster-specific status details, including conditions and versions.
.status.cluster.conditions
One or several conditions that are currently applicable to the cluster.
.status.cluster.conditions[*]
CommonClusterStatusCondition explains the current condition(s) of the cluster.
.status.cluster.conditions[*].condition
Condition string, e. g. Creating, Created, Upgraded.
.status.cluster.conditions[*].lastTransitionTime
Time the condition occurred.
.status.cluster.id
Identifier of the cluster.
.status.cluster.versions
Workload cluster release versions the cluster used so far.
.status.cluster.versions[*]
CommonClusterStatusVersion informs which aws-operator version was/responsible for this cluster.
.status.cluster.versions[*].lastTransitionTime
Time the cluster assumed the given version.
.status.cluster.versions[*].version
The aws-operator version responsible for handling the cluster.
.status.provider
Provider-specific status details.
.status.provider.network
Network-specific configuration details
.status.provider.network.cidr
IPv4 address block used by the workload cluster nodes, in CIDR notation.
.status.provider.network.vpcID
Identifier of the AWS Virtual Private Cloud (VPC) of the workload cluster, e.g. vpc-1234567890abcdef0.
This documentation page shows information based on apiextensions v5.0.0.
Need help with the Management API?
We listen in your Slack support channel. And of course, we welcome your pull requests to improve these docs!
