---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.1
name: awsnodetemplates.karpenter.k8s.aws
spec:
group: karpenter.k8s.aws
names:
categories:
- karpenter
kind: AWSNodeTemplate
listKind: AWSNodeTemplateList
plural: awsnodetemplates
singular: awsnodetemplate
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: AWSNodeTemplate is the Schema for the AWSNodeTemplate API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AWSNodeTemplateSpec is the top level specification for the
AWS Karpenter Provider. This will contain configuration necessary to
launch instances in AWS.
properties:
amiFamily:
description: AMIFamily is the AMI family that instances use.
type: string
amiSelector:
additionalProperties:
type: string
description: AMISelector discovers AMIs to be used by Amazon EC2 tags.
type: object
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
blockDeviceMappings:
description: BlockDeviceMappings to be applied to provisioned nodes.
items:
properties:
deviceName:
description: The device name (for example, /dev/sdh or xvdh).
type: string
ebs:
description: EBS contains parameters used to automatically set
up EBS volumes when an instance is launched.
properties:
deleteOnTermination:
description: DeleteOnTermination indicates whether the EBS
volume is deleted on instance termination.
type: boolean
encrypted:
description: Encrypted indicates whether the EBS volume
is encrypted. Encrypted volumes can only be attached to
instances that support Amazon EBS encryption. If you are
creating a volume from a snapshot, you can't specify an
encryption value.
type: boolean
iops:
description: "IOPS is the number of I/O operations per second
(IOPS). For gp3, io1, and io2 volumes, this represents
the number of IOPS that are provisioned for the volume.
For gp2 volumes, this represents the baseline performance
of the volume and the rate at which the volume accumulates
I/O credits for bursting. \n The following are the supported
values for each volume type: \n * gp3: 3,000-16,000 IOPS
\n * io1: 100-64,000 IOPS \n * io2: 100-64,000 IOPS \n
For io1 and io2 volumes, we guarantee 64,000 IOPS only
for Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
Other instance families guarantee performance up to 32,000
IOPS. \n This parameter is supported for io1, io2, and
gp3 volumes only. This parameter is not supported for
gp2, st1, sc1, or standard volumes."
format: int64
type: integer
kmsKeyID:
description: KMSKeyID (ARN) of the symmetric Key Management
Service (KMS) CMK used for encryption.
type: string
snapshotID:
description: SnapshotID is the ID of an EBS snapshot
type: string
throughput:
description: 'Throughput to provision for a gp3 volume,
with a maximum of 1,000 MiB/s. Valid Range: Minimum value
of 125. Maximum value of 1000.'
format: int64
type: integer
volumeSize:
anyOf:
- type: integer
- type: string
description: "VolumeSize in GiBs. You must specify either
a snapshot ID or a volume size. The following are the
supported volumes sizes for each volume type: \n * gp2
and gp3: 1-16,384 \n * io1 and io2: 4-16,384 \n * st1
and sc1: 125-16,384 \n * standard: 1-1,024"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
volumeType:
description: VolumeType of the block device. For more information,
see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
in the Amazon Elastic Compute Cloud User Guide.
type: string
type: object
type: object
type: array
context:
description: Context is a Reserved field in EC2 APIs https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html
type: string
detailedMonitoring:
description: DetailedMonitoring controls if detailed monitoring is
enabled for instances that are launched
type: boolean
instanceProfile:
description: InstanceProfile is the AWS identity that instances use.
type: string
kind:
description: 'Kind is a string value representing the REST resource
this object represents. Servers may infer this from the endpoint
the client submits requests to. Cannot be updated. In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
launchTemplate:
description: 'LaunchTemplateName for the node. If not specified, a
launch template will be generated. NOTE: This field is for specifying
a custom launch template and is exposed in the Spec as `launchTemplate`
for backwards compatibility.'
type: string
metadataOptions:
description: "MetadataOptions for the generated launch template of
provisioned nodes. \n This specifies the exposure of the Instance
Metadata Service to provisioned EC2 nodes. For more information,
see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
in the Amazon Elastic Compute Cloud User Guide. \n Refer to recommended,
security best practices (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node)
for limiting exposure of Instance Metadata and User Data to pods.
If omitted, defaults to httpEndpoint enabled, with httpProtocolIPv6
disabled, with httpPutResponseLimit of 2, and with httpTokens required."
properties:
httpEndpoint:
description: "HTTPEndpoint enables or disables the HTTP metadata
endpoint on provisioned nodes. If metadata options is non-nil,
but this parameter is not specified, the default state is \"enabled\".
\n If you specify a value of \"disabled\", instance metadata
will not be accessible on the node."
type: string
httpProtocolIPv6:
description: HTTPProtocolIPv6 enables or disables the IPv6 endpoint
for the instance metadata service on provisioned nodes. If metadata
options is non-nil, but this parameter is not specified, the
default state is "disabled".
type: string
httpPutResponseHopLimit:
description: HTTPPutResponseHopLimit is the desired HTTP PUT response
hop limit for instance metadata requests. The larger the number,
the further instance metadata requests can travel. Possible
values are integers from 1 to 64. If metadata options is non-nil,
but this parameter is not specified, the default value is 1.
format: int64
type: integer
httpTokens:
description: "HTTPTokens determines the state of token usage for
instance metadata requests. If metadata options is non-nil,
but this parameter is not specified, the default state is \"optional\".
\n If the state is optional, one can choose to retrieve instance
metadata with or without a signed token header on the request.
If one retrieves the IAM role credentials without a token, the
version 1.0 role credentials are returned. If one retrieves
the IAM role credentials using a valid signed token, the version
2.0 role credentials are returned. \n If the state is \"required\",
one must send a signed token header with any instance metadata
retrieval requests. In this state, retrieving the IAM role credentials
always returns the version 2.0 credentials; the version 1.0
credentials are not available."
type: string
type: object
securityGroupSelector:
additionalProperties:
type: string
description: SecurityGroups specify the names of the security groups.
type: object
subnetSelector:
additionalProperties:
type: string
description: SubnetSelector discovers subnets by tags. A value of
"" is a wildcard.
type: object
tags:
additionalProperties:
type: string
description: Tags to be applied on ec2 resources like instances and
launch templates.
type: object
userData:
description: UserData to be applied to the provisioned nodes. It must
be in the appropriate format based on the AMIFamily in use. Karpenter
will merge certain fields into this UserData to ensure nodes are
being provisioned with the correct configuration.
type: string
type: object
status:
description: AWSNodeTemplateStatus contains the resolved state of the
AWSNodeTemplate
properties:
amis:
description: AMI contains the current AMI values that are available
to the cluster under the AMI selectors.
items:
description: AMI contains resolved AMI selector values utilized
for node launch
properties:
id:
description: ID of the AMI
type: string
name:
description: Name of the AMI
type: string
requirements:
description: Requirements of the AMI to be utilized on an instance
type
items:
description: A node selector requirement is a selector that
contains values, a key, and an operator that relates the
key and values.
properties:
key:
description: The label key that the selector applies to.
type: string
operator:
description: Represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists, DoesNotExist.
Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. If the operator is Gt or Lt, the
values array must have a single element, which will
be interpreted as an integer. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
required:
- id
- requirements
type: object
type: array
securityGroups:
description: SecurityGroups contains the current Security Groups values
that are available to the cluster under the SecurityGroups selectors.
items:
description: SecurityGroup contains resolved SecurityGroup selector
values utilized for node launch
properties:
id:
description: ID of the security group
type: string
name:
description: Name of the security group
type: string
required:
- id
type: object
type: array
subnets:
description: Subnets contains the current Subnet values that are available
to the cluster under the subnet selectors.
items:
description: Subnet contains resolved Subnet selector values utilized
for node launch
properties:
id:
description: ID of the subnet
type: string
zone:
description: The associated availability zone
type: string
required:
- id
- zone
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}