kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
kubeadmConfigPatches:
  - |
    kind: ClusterConfiguration
    dns:
      type: CoreDNS
      imageRepository: {{.CorednsRepository}}
      imageTag: {{.CorednsVersion}}
    etcd:
      local:
        imageRepository: {{.EtcdRepository}}
        imageTag: {{.EtcdVersion}}
    imageRepository: {{.KubernetesRepository}}
    kubernetesVersion: {{.KubernetesVersion}}
{{- if .RegistryMirrorMap }}
containerdConfigPatches:
  - |
    [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
{{- range $orig, $mirror := .RegistryMirrorMap }}
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ $orig }}"]
        endpoint = ["https://{{ $mirror }}"]
{{- end }}
      [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ .MirrorBase }}".tls]
{{- if (eq .RegistryCACertPath "") }}
        insecure_skip_verify = true
{{- else }}
        ca_file = "/etc/containerd/certs.d/{{ .MirrorBase }}/ca.crt"
{{- end }}
{{- if .RegistryAuth }}
      [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ .MirrorBase }}".auth]
        username = "{{.RegistryUsername}}"
        password = "{{.RegistryPassword}}"
{{- end }}
{{- end }}
{{- if or (ne .RegistryCACertPath "") (.DockerExtraMounts) (ne (len .ExtraPortMappings) 0)}}
nodes:
- role: control-plane
{{- if or (ne .RegistryCACertPath "") (.DockerExtraMounts) }}
  extraMounts:
{{- if (ne .RegistryCACertPath "") }}
    - containerPath: /etc/containerd/certs.d
      hostPath: {{.RegistryCACertPath}}
      readOnly: true
{{- end }}
{{- if .DockerExtraMounts }}
    - hostPath: /var/run/docker.sock
      containerPath: /var/run/docker.sock
{{- end }}
{{- end }}
{{- if ne (len .ExtraPortMappings) 0 }}
  extraPortMappings:
{{- range .ExtraPortMappings }}
  - containerPort: {{ . }}
    hostPort: {{ . }}
{{- end }}
{{- end }}
{{- end }}