mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-10-29 07:21:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
talos/api/resource/definitions/k8s/k8s.proto
Andrey Smirnov 61a1c946bf
feat: bundle (some) CNI plugins with Talos core 
Fixes https://github.com/siderolabs/extensions/issues/448

Bundle some CNI standard plugins plus Flannel CNI plugin (as Flannel is
the default CNI in Talos) in the Talos `initramfs`.

With this change, no plugin install is required, so the `install-cni`
step is dropped from the Flannel default manifest.

The bundled plugins:

```
$ talosctl -n 172.20.0.2 ls -lH /opt/cni/bin/
NODE         MODE         UID   GID   SIZE(B)   LASTMOD       NAME
172.20.0.2   drwxr-xr-x   0     0     109 B     7 hours ago   .
172.20.0.2   -rwxr-xr-x   0     0     3.2 MB    7 hours ago   bridge
172.20.0.2   -rwxr-xr-x   0     0     3.3 MB    7 hours ago   firewall
172.20.0.2   -rwxr-xr-x   0     0     2.4 MB    7 hours ago   flannel
172.20.0.2   -rwxr-xr-x   0     0     2.4 MB    7 hours ago   host-local
172.20.0.2   -rwxr-xr-x   0     0     2.4 MB    7 hours ago   loopback
172.20.0.2   -rwxr-xr-x   0     0     2.8 MB    7 hours ago   portmap
```

The `initramfs` for amd64 grows 67 -> 73 MiB with this change.

The path `/opt/cni/bin` is still an overlay mount, so extra plugins can
be dropped to this directory (no change here).

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
2024-08-14 14:33:18 +04:00

261 lines
7.1 KiB
Protocol Buffer
Executable File
Raw Blame History

syntax = "proto3";
package talos.resource.definitions.k8s;
option go_package = "github.com/siderolabs/talos/pkg/machinery/api/resource/definitions/k8s";
import "common/common.proto";
import "google/protobuf/struct.proto";
import "resource/definitions/proto/proto.proto";
// APIServerConfigSpec is configuration for kube-apiserver.
message APIServerConfigSpec {
string image = 1;
string cloud_provider = 2;
string control_plane_endpoint = 3;
repeated string etcd_servers = 4;
int64 local_port = 5;
repeated string service_cid_rs = 6;
map<string, string> extra_args = 7;
repeated ExtraVolume extra_volumes = 8;
map<string, string> environment_variables = 9;
bool pod_security_policy_enabled = 10;
string advertised_address = 11;
Resources resources = 12;
}
// AdmissionControlConfigSpec is configuration for kube-apiserver.
message AdmissionControlConfigSpec {
repeated AdmissionPluginSpec config = 1;
}
// AdmissionPluginSpec is a single admission plugin configuration Admission Control plugins.
message AdmissionPluginSpec {
string name = 1;
google.protobuf.Struct configuration = 2;
}
// AuditPolicyConfigSpec is audit policy configuration for kube-apiserver.
message AuditPolicyConfigSpec {
google.protobuf.Struct config = 1;
}
// BootstrapManifestsConfigSpec is configuration for bootstrap manifests.
message BootstrapManifestsConfigSpec {
string server = 1;
string cluster_domain = 2;
repeated string pod_cid_rs = 3;
bool proxy_enabled = 4;
string proxy_image = 5;
repeated string proxy_args = 6;
bool core_dns_enabled = 7;
string core_dns_image = 8;
string dns_service_ip = 9;
string dns_service_i_pv6 = 10;
bool flannel_enabled = 11;
string flannel_image = 12;
bool pod_security_policy_enabled = 14;
bool talos_api_service_enabled = 15;
repeated string flannel_extra_args = 16;
string flannel_kube_service_host = 17;
string flannel_kube_service_port = 18;
string service_host_dns_address = 19;
}
// ConfigStatusSpec describes status of rendered secrets.
message ConfigStatusSpec {
bool ready = 1;
string version = 2;
}
// ControllerManagerConfigSpec is configuration for kube-controller-manager.
message ControllerManagerConfigSpec {
bool enabled = 1;
string image = 2;
string cloud_provider = 3;
repeated string pod_cid_rs = 4;
repeated string service_cid_rs = 5;
map<string, string> extra_args = 6;
repeated ExtraVolume extra_volumes = 7;
map<string, string> environment_variables = 8;
Resources resources = 9;
}
// EndpointSpec describes status of rendered secrets.
message EndpointSpec {
repeated common.NetIP addresses = 1;
}
// ExtraManifest defines a single extra manifest to download.
message ExtraManifest {
string name = 1;
string url = 2;
string priority = 3;
map<string, string> extra_headers = 4;
string inline_manifest = 5;
}
// ExtraManifestsConfigSpec is configuration for extra bootstrap manifests.
message ExtraManifestsConfigSpec {
repeated ExtraManifest extra_manifests = 1;
}
// ExtraVolume is a configuration of extra volume.
message ExtraVolume {
string name = 1;
string host_path = 2;
string mount_path = 3;
bool read_only = 4;
}
// KubePrismConfigSpec describes KubePrismConfig data.
message KubePrismConfigSpec {
string host = 1;
int64 port = 2;
repeated KubePrismEndpoint endpoints = 3;
}
// KubePrismEndpoint holds data for control plane endpoint.
message KubePrismEndpoint {
string host = 1;
uint32 port = 2;
}
// KubePrismEndpointsSpec describes KubePrismEndpoints configuration.
message KubePrismEndpointsSpec {
repeated KubePrismEndpoint endpoints = 1;
}
// KubePrismStatusesSpec describes KubePrismStatuses data.
message KubePrismStatusesSpec {
string host = 1;
bool healthy = 2;
}
// KubeletConfigSpec holds the source of kubelet configuration.
message KubeletConfigSpec {
string image = 1;
repeated string cluster_dns = 2;
string cluster_domain = 3;
map<string, string> extra_args = 4;
repeated talos.resource.definitions.proto.Mount extra_mounts = 5;
google.protobuf.Struct extra_config = 6;
bool cloud_provider_external = 7;
bool default_runtime_seccomp_enabled = 8;
bool skip_node_registration = 9;
string static_pod_list_url = 10;
bool disable_manifests_directory = 11;
bool enable_fs_quota_monitoring = 12;
google.protobuf.Struct credential_provider_config = 13;
}
// KubeletSpecSpec holds the source of kubelet configuration.
message KubeletSpecSpec {
string image = 1;
repeated string args = 2;
repeated talos.resource.definitions.proto.Mount extra_mounts = 3;
string expected_nodename = 4;
google.protobuf.Struct config = 5;
google.protobuf.Struct credential_provider_config = 6;
}
// ManifestSpec holds the Kubernetes resources spec.
message ManifestSpec {
repeated SingleManifest items = 1;
}
// ManifestStatusSpec describes manifest application status.
message ManifestStatusSpec {
repeated string manifests_applied = 1;
}
// NodeAnnotationSpecSpec represents an annoation that's attached to a Talos node.
message NodeAnnotationSpecSpec {
string key = 1;
string value = 2;
}
// NodeIPConfigSpec holds the Node IP specification.
message NodeIPConfigSpec {
repeated string valid_subnets = 1;
repeated string exclude_subnets = 2;
}
// NodeIPSpec holds the Node IP specification.
message NodeIPSpec {
repeated common.NetIP addresses = 1;
}
// NodeLabelSpecSpec represents a label that's attached to a Talos node.
message NodeLabelSpecSpec {
string key = 1;
string value = 2;
}
// NodeStatusSpec describes Kubernetes NodeStatus.
message NodeStatusSpec {
string nodename = 1;
bool node_ready = 2;
bool unschedulable = 3;
map<string, string> labels = 4;
map<string, string> annotations = 5;
}
// NodeTaintSpecSpec represents a label that's attached to a Talos node.
message NodeTaintSpecSpec {
string key = 1;
string effect = 2;
string value = 3;
}
// NodenameSpec describes Kubernetes nodename.
message NodenameSpec {
string nodename = 1;
string hostname_version = 2;
bool skip_node_registration = 3;
}
// Resources is a configuration of cpu and memory resources.
message Resources {
map<string, string> requests = 1;
map<string, string> limits = 2;
}
// SchedulerConfigSpec is configuration for kube-scheduler.
message SchedulerConfigSpec {
bool enabled = 1;
string image = 2;
map<string, string> extra_args = 3;
repeated ExtraVolume extra_volumes = 4;
map<string, string> environment_variables = 5;
Resources resources = 6;
google.protobuf.Struct config = 7;
}
// SecretsStatusSpec describes status of rendered secrets.
message SecretsStatusSpec {
bool ready = 1;
string version = 2;
}
// SingleManifest is a single manifest.
message SingleManifest {
google.protobuf.Struct object = 1;
}
// StaticPodServerStatusSpec describes static pod spec, it contains marshaled *v1.Pod spec.
message StaticPodServerStatusSpec {
string url = 1;
}
// StaticPodSpec describes static pod spec, it contains marshaled *v1.Pod spec.
message StaticPodSpec {
google.protobuf.Struct pod = 1;
}
// StaticPodStatusSpec describes kubelet static pod status.
message StaticPodStatusSpec {
google.protobuf.Struct pod_status = 1;
}
Reference in New Issue View Git Blame Copy Permalink