--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.16.3 name: nodeconfigs.node.eks.aws spec: group: node.eks.aws names: kind: NodeConfig listKind: NodeConfigList plural: nodeconfigs singular: nodeconfig scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: description: NodeConfig is the primary configuration object for `nodeadm`. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: cluster: description: |- ClusterDetails contains the coordinates of your EKS cluster. These details can be found using the [DescribeCluster API](https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeCluster.html). properties: apiServerEndpoint: description: APIServerEndpoint is the URL of your EKS cluster's kube-apiserver. type: string certificateAuthority: description: CertificateAuthority is a base64-encoded string of your cluster's certificate authority chain. format: byte type: string cidr: description: CIDR is your cluster's Pod IP CIDR. This value is used to infer your cluster's DNS address. type: string enableOutpost: description: EnableOutpost determines how your node is configured when running on an AWS Outpost. type: boolean id: description: ID is an identifier for your cluster; this is only used when your node is running on an AWS Outpost. type: string name: description: Name is the name of your EKS cluster type: string region: description: |- Region is an AWS region (e.g. us-east-1) used to retrieve regional artifacts as well as region where EKS cluster lives. type: string type: object containerd: description: ContainerdOptions are additional parameters passed to `containerd`. properties: config: description: |- Config is inline [`containerd` configuration TOML](https://github.com/containerd/containerd/blob/main/docs/man/containerd-config.toml.5.md) that will be [imported](https://github.com/containerd/containerd/blob/32169d591dbc6133ef7411329b29d0c0433f8c4d/docs/man/containerd-config.toml.5.md?plain=1#L146-L154) by the default configuration file. type: string type: object hybrid: description: HybridOptions defines the options specific to hybrid node enrollment. properties: enableCredentialsFile: description: |- EnableCredentialsFile enables a shared credentials file on the host at /eks-hybrid/.aws/credentials For SSM, this means that nodeadm will create a symlink from `/root/.aws/credentials` to `/eks-hybrid/.aws/credentials`. For IAM Roles Anywhere, this means that nodeadm will set up a systemd service to write and refresh the credentials to `/eks-hybrid/.aws/credentials`. type: boolean iamRolesAnywhere: description: |- IAMRolesAnywhere includes IAM Roles Anywhere specific configuration and is mutually exclusive with SSM. properties: awsConfigPath: description: |- AwsConfigPath is the path where the Aws config is stored for hybrid nodes. This field is only used to init phase type: string certificatePath: description: CertificatePath is the location on disk for the certificate used to authenticate with AWS. type: string nodeName: description: NodeName is the name the node will adopt. type: string privateKeyPath: description: PrivateKeyPath is the location on disk for the certificate's private key. type: string profileArn: description: ProfileARN is the ARN of the profile linked with the Hybrid IAM Role. type: string roleArn: description: RoleARN is the role to IAM roles anywhere gets authorized as to get temporary credentials. type: string trustAnchorArn: description: TrustAnchorARN is the ARN of the trust anchor. type: string type: object ssm: description: |- SSM includes Systems Manager specific configuration and is mutually exclusive with IAMRolesAnywhere. properties: activationCode: description: ActivationCode is the token generated when creating an SSM activation. type: string activationId: description: ActivationToken is the ID generated when creating an SSM activation. type: string type: object type: object instance: description: InstanceOptions determines how the node's operating system and devices are configured. properties: localStorage: description: |- LocalStorageOptions control how [EC2 instance stores](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) are used when available. properties: strategy: description: LocalStorageStrategy specifies how to handle an instance's local storage devices. enum: - RAID0 - Mount type: string type: object type: object kubelet: description: KubeletOptions are additional parameters passed to `kubelet`. properties: config: additionalProperties: type: object x-kubernetes-preserve-unknown-fields: true description: |- Config is a [`KubeletConfiguration`](https://kubernetes.io/docs/reference/config-api/kubelet-config.v1/) that will be merged with the defaults. type: object flags: description: |- Flags are [command-line `kubelet`` arguments](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/). that will be appended to the defaults. items: type: string type: array type: object type: object type: object served: true storage: true