@jaxxstorm/pulumi-rke
Version:
A Pulumi package for creating and managing rke cloud resources.
1,888 lines • 65.5 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import { input as inputs } from "../types";
export interface ClusterAuthentication {
/**
* List of additional hostnames and IPs to include in the api server PKI cert (list)
*/
sans?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Authentication strategy that will be used in RKE k8s cluster. Default: `x509` (string)
*/
strategy?: pulumi.Input<string>;
/**
* Webhook configuration options (list maxitem: 1)
*/
webhook?: pulumi.Input<inputs.ClusterAuthenticationWebhook>;
}
export interface ClusterAuthenticationWebhook {
/**
* Controls how long to cache authentication decisions (string)
*/
cacheTimeout?: pulumi.Input<string>;
/**
* Multiline string that represent a custom webhook config file (string)
*/
configFile?: pulumi.Input<string>;
}
export interface ClusterAuthorization {
/**
* RKE mode for authorization. `rbac` and `none` modes are available. Default `rbac` (string)
*/
mode?: pulumi.Input<string>;
/**
* Network provider options (map)
*/
options?: pulumi.Input<{
[key: string]: any;
}>;
}
export interface ClusterBastionHost {
/**
* Address ip for node (string)
*/
address: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* SSH Agent Auth enable (bool)
*/
sshAgentAuth?: pulumi.Input<boolean>;
/**
* SSH Certificate (string)
*/
sshCert?: pulumi.Input<string>;
/**
* SSH Certificate path (string)
*/
sshCertPath?: pulumi.Input<string>;
/**
* SSH Private Key (string)
*/
sshKey?: pulumi.Input<string>;
/**
* SSH Private Key path (string)
*/
sshKeyPath?: pulumi.Input<string>;
/**
* Registry user (string)
*/
user: pulumi.Input<string>;
}
export interface ClusterCertificate {
certificate?: pulumi.Input<string>;
commonName?: pulumi.Input<string>;
config?: pulumi.Input<string>;
configEnvName?: pulumi.Input<string>;
configPath?: pulumi.Input<string>;
envName?: pulumi.Input<string>;
/**
* (Computed) The ID of the resource (string)
*/
id?: pulumi.Input<string>;
/**
* TLS key for etcd service (string)
*/
key?: pulumi.Input<string>;
keyEnvName?: pulumi.Input<string>;
keyPath?: pulumi.Input<string>;
/**
* Name of virtualcenter config for Vsphere Cloud Provider config (string)
*/
name?: pulumi.Input<string>;
ouName?: pulumi.Input<string>;
/**
* Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
*/
path?: pulumi.Input<string>;
}
export interface ClusterCloudProvider {
/**
* Use awsCloudProvider instead
*
* @deprecated Use aws_cloud_provider instead
*/
awsCloudConfig?: pulumi.Input<inputs.ClusterCloudProviderAwsCloudConfig>;
/**
* AWS Cloud Provider config [rke-aws-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/aws/) (list maxitems:1)
*/
awsCloudProvider?: pulumi.Input<inputs.ClusterCloudProviderAwsCloudProvider>;
/**
* Use azureCloudProvider instead
*
* @deprecated Use azure_cloud_provider instead
*/
azureCloudConfig?: pulumi.Input<inputs.ClusterCloudProviderAzureCloudConfig>;
/**
* Azure Cloud Provider config [rke-azure-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/azure/) (list maxitems:1)
*/
azureCloudProvider?: pulumi.Input<inputs.ClusterCloudProviderAzureCloudProvider>;
/**
* Use customCloudProvider instead
*
* @deprecated Use custom_cloud_provider instead
*/
customCloudConfig?: pulumi.Input<string>;
/**
* Custom Cloud Provider config (string)
*/
customCloudProvider?: pulumi.Input<string>;
/**
* Name of virtualcenter config for Vsphere Cloud Provider config (string)
*/
name: pulumi.Input<string>;
/**
* Use openstackCloudProvider instead
*
* @deprecated Use openstack_cloud_provider instead
*/
openstackCloudConfig?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfig>;
/**
* Openstack Cloud Provider config [rke-openstack-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/openstack/) (list maxitems:1)
*/
openstackCloudProvider?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProvider>;
/**
* Use vsphereCloudProvider instead
*
* @deprecated Use vsphere_cloud_provider instead
*/
vsphereCloudConfig?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfig>;
/**
* Vsphere Cloud Provider config [rke-vsphere-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/vsphere/) Extra argument `name` is required on `virtualCenter` configuration. (list maxitems:1)
*/
vsphereCloudProvider?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProvider>;
}
export interface ClusterCloudProviderAwsCloudConfig {
/**
* (list maxitems:1)
*/
global?: pulumi.Input<inputs.ClusterCloudProviderAwsCloudConfigGlobal>;
/**
* (list)
*/
serviceOverrides?: pulumi.Input<pulumi.Input<inputs.ClusterCloudProviderAwsCloudConfigServiceOverride>[]>;
}
export interface ClusterCloudProviderAwsCloudConfigGlobal {
/**
* Disables the automatic ingress creation. Default `false` (bool)
*/
disableSecurityGroupIngress?: pulumi.Input<boolean>;
/**
* Setting this to true will disable the check and provide a warning that the check was skipped. Default `false` (bool)
*/
disableStrictZoneCheck?: pulumi.Input<boolean>;
/**
* Use these ELB security groups instead create new (string)
*/
elbSecurityGroup?: pulumi.Input<string>;
/**
* The cluster id we'll use to identify our cluster resources (string)
*/
kubernetesClusterId?: pulumi.Input<string>;
/**
* Legacy cluster id we'll use to identify our cluster resources (string)
*/
kubernetesClusterTag?: pulumi.Input<string>;
/**
* IAM role to assume when interaction with AWS APIs (string)
*/
roleArn?: pulumi.Input<string>;
/**
* Enables using a specific RouteTable (string)
*/
routeTableId?: pulumi.Input<string>;
/**
* (string)
*/
subnetId?: pulumi.Input<string>;
/**
* The AWS VPC flag enables the possibility to run the master components on a different aws account, on a different cloud provider or on-premises. If the flag is set also the KubernetesClusterTag must be provided (string)
*/
vpc?: pulumi.Input<string>;
/**
* The AWS zone (string)
*/
zone?: pulumi.Input<string>;
}
export interface ClusterCloudProviderAwsCloudConfigServiceOverride {
/**
* TLS key for etcd service (string)
*
* @deprecated Use service instead
*/
key?: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* (string)
*/
service: pulumi.Input<string>;
/**
* (string)
*/
signingMethod?: pulumi.Input<string>;
/**
* (string)
*/
signingName?: pulumi.Input<string>;
/**
* (string)
*/
signingRegion?: pulumi.Input<string>;
/**
* Registry URL (string)
*/
url?: pulumi.Input<string>;
}
export interface ClusterCloudProviderAwsCloudProvider {
/**
* (list maxitems:1)
*/
global?: pulumi.Input<inputs.ClusterCloudProviderAwsCloudProviderGlobal>;
/**
* (list)
*/
serviceOverrides?: pulumi.Input<pulumi.Input<inputs.ClusterCloudProviderAwsCloudProviderServiceOverride>[]>;
}
export interface ClusterCloudProviderAwsCloudProviderGlobal {
/**
* Disables the automatic ingress creation. Default `false` (bool)
*/
disableSecurityGroupIngress?: pulumi.Input<boolean>;
/**
* Setting this to true will disable the check and provide a warning that the check was skipped. Default `false` (bool)
*/
disableStrictZoneCheck?: pulumi.Input<boolean>;
/**
* Use these ELB security groups instead create new (string)
*/
elbSecurityGroup?: pulumi.Input<string>;
/**
* The cluster id we'll use to identify our cluster resources (string)
*/
kubernetesClusterId?: pulumi.Input<string>;
/**
* Legacy cluster id we'll use to identify our cluster resources (string)
*/
kubernetesClusterTag?: pulumi.Input<string>;
/**
* IAM role to assume when interaction with AWS APIs (string)
*/
roleArn?: pulumi.Input<string>;
/**
* Enables using a specific RouteTable (string)
*/
routeTableId?: pulumi.Input<string>;
/**
* (string)
*/
subnetId?: pulumi.Input<string>;
/**
* The AWS VPC flag enables the possibility to run the master components on a different aws account, on a different cloud provider or on-premises. If the flag is set also the KubernetesClusterTag must be provided (string)
*/
vpc?: pulumi.Input<string>;
/**
* The AWS zone (string)
*/
zone?: pulumi.Input<string>;
}
export interface ClusterCloudProviderAwsCloudProviderServiceOverride {
/**
* TLS key for etcd service (string)
*
* @deprecated Use service instead
*/
key?: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* (string)
*/
service: pulumi.Input<string>;
/**
* (string)
*/
signingMethod?: pulumi.Input<string>;
/**
* (string)
*/
signingName?: pulumi.Input<string>;
/**
* (string)
*/
signingRegion?: pulumi.Input<string>;
/**
* Registry URL (string)
*/
url?: pulumi.Input<string>;
}
export interface ClusterCloudProviderAzureCloudConfig {
/**
* (string)
*/
aadClientCertPassword?: pulumi.Input<string>;
/**
* (string)
*/
aadClientCertPath?: pulumi.Input<string>;
/**
* (string)
*/
aadClientId: pulumi.Input<string>;
/**
* (string)
*/
aadClientSecret: pulumi.Input<string>;
/**
* (string)
*/
cloud?: pulumi.Input<string>;
/**
* (bool)
*/
cloudProviderBackoff?: pulumi.Input<boolean>;
/**
* (int)
*/
cloudProviderBackoffDuration?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffExponent?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffJitter?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffRetries?: pulumi.Input<number>;
/**
* (bool)
*/
cloudProviderRateLimit?: pulumi.Input<boolean>;
/**
* (int)
*/
cloudProviderRateLimitBucket?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderRateLimitQps?: pulumi.Input<number>;
loadBalancerSku?: pulumi.Input<string>;
/**
* (string)
*/
location?: pulumi.Input<string>;
/**
* (int)
*/
maximumLoadBalancerRuleCount?: pulumi.Input<number>;
/**
* (string)
*/
primaryAvailabilitySetName?: pulumi.Input<string>;
/**
* (string)
*/
primaryScaleSetName?: pulumi.Input<string>;
/**
* (string)
*/
resourceGroup?: pulumi.Input<string>;
/**
* (string)
*/
routeTableName?: pulumi.Input<string>;
/**
* (string)
*/
securityGroupName?: pulumi.Input<string>;
/**
* (string)
*/
subnetName?: pulumi.Input<string>;
/**
* (string)
*/
subscriptionId: pulumi.Input<string>;
/**
* Required if `tenantName` not provided. (string)
*/
tenantId: pulumi.Input<string>;
/**
* (bool)
*/
useInstanceMetadata?: pulumi.Input<boolean>;
/**
* (bool)
*/
useManagedIdentityExtension?: pulumi.Input<boolean>;
/**
* (string)
*/
vmType?: pulumi.Input<string>;
/**
* (string)
*/
vnetName?: pulumi.Input<string>;
/**
* (string)
*/
vnetResourceGroup?: pulumi.Input<string>;
}
export interface ClusterCloudProviderAzureCloudProvider {
/**
* (string)
*/
aadClientCertPassword?: pulumi.Input<string>;
/**
* (string)
*/
aadClientCertPath?: pulumi.Input<string>;
/**
* (string)
*/
aadClientId: pulumi.Input<string>;
/**
* (string)
*/
aadClientSecret: pulumi.Input<string>;
/**
* (string)
*/
cloud?: pulumi.Input<string>;
/**
* (bool)
*/
cloudProviderBackoff?: pulumi.Input<boolean>;
/**
* (int)
*/
cloudProviderBackoffDuration?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffExponent?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffJitter?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderBackoffRetries?: pulumi.Input<number>;
/**
* (bool)
*/
cloudProviderRateLimit?: pulumi.Input<boolean>;
/**
* (int)
*/
cloudProviderRateLimitBucket?: pulumi.Input<number>;
/**
* (int)
*/
cloudProviderRateLimitQps?: pulumi.Input<number>;
loadBalancerSku?: pulumi.Input<string>;
/**
* (string)
*/
location?: pulumi.Input<string>;
/**
* (int)
*/
maximumLoadBalancerRuleCount?: pulumi.Input<number>;
/**
* (string)
*/
primaryAvailabilitySetName?: pulumi.Input<string>;
/**
* (string)
*/
primaryScaleSetName?: pulumi.Input<string>;
/**
* (string)
*/
resourceGroup?: pulumi.Input<string>;
/**
* (string)
*/
routeTableName?: pulumi.Input<string>;
/**
* (string)
*/
securityGroupName?: pulumi.Input<string>;
/**
* (string)
*/
subnetName?: pulumi.Input<string>;
/**
* (string)
*/
subscriptionId: pulumi.Input<string>;
/**
* Required if `tenantName` not provided. (string)
*/
tenantId: pulumi.Input<string>;
/**
* (bool)
*/
useInstanceMetadata?: pulumi.Input<boolean>;
/**
* (bool)
*/
useManagedIdentityExtension?: pulumi.Input<boolean>;
/**
* (string)
*/
vmType?: pulumi.Input<string>;
/**
* (string)
*/
vnetName?: pulumi.Input<string>;
/**
* (string)
*/
vnetResourceGroup?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudConfig {
/**
* (list maxitems:1)
*/
blockStorage?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfigBlockStorage>;
/**
* (list maxitems:1)
*/
global: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfigGlobal>;
/**
* (list maxitems:1)
*/
loadBalancer?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfigLoadBalancer>;
/**
* (list maxitems:1)
*/
metadata?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfigMetadata>;
/**
* (list maxitems:1)
*/
route?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudConfigRoute>;
}
export interface ClusterCloudProviderOpenstackCloudConfigBlockStorage {
/**
* (string)
*/
bsVersion?: pulumi.Input<string>;
/**
* (string)
*/
ignoreVolumeAz?: pulumi.Input<boolean>;
/**
* (string)
*/
trustDevicePath?: pulumi.Input<boolean>;
}
export interface ClusterCloudProviderOpenstackCloudConfigGlobal {
/**
* (string)
*/
authUrl: pulumi.Input<string>;
/**
* (string)
*/
caFile?: pulumi.Input<string>;
/**
* Required if `domainName` not provided. (string)
*/
domainId?: pulumi.Input<string>;
/**
* Required if `domainId` not provided. (string)
*/
domainName?: pulumi.Input<string>;
/**
* Registry password (string)
*/
password: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* Required if `tenantName` not provided. (string)
*/
tenantId?: pulumi.Input<string>;
/**
* Required if `tenantId` not provided. (string)
*/
tenantName?: pulumi.Input<string>;
/**
* (string)
*/
trustId?: pulumi.Input<string>;
/**
* Required if `username` not provided. (string)
*/
userId?: pulumi.Input<string>;
/**
* Required if `userId` not provided. (string)
*/
username?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudConfigLoadBalancer {
/**
* (bool)
*/
createMonitor?: pulumi.Input<boolean>;
/**
* (string)
*/
floatingNetworkId?: pulumi.Input<string>;
/**
* (string)
*/
lbMethod?: pulumi.Input<string>;
/**
* (string)
*/
lbProvider?: pulumi.Input<string>;
/**
* (string)
*/
lbVersion?: pulumi.Input<string>;
/**
* (bool)
*/
manageSecurityGroups?: pulumi.Input<boolean>;
/**
* (string)
*/
monitorDelay?: pulumi.Input<string>;
/**
* (int)
*/
monitorMaxRetries?: pulumi.Input<number>;
/**
* (string)
*/
monitorTimeout?: pulumi.Input<string>;
/**
* (string)
*/
subnetId?: pulumi.Input<string>;
/**
* (bool)
*/
useOctavia?: pulumi.Input<boolean>;
}
export interface ClusterCloudProviderOpenstackCloudConfigMetadata {
/**
* (int)
*/
requestTimeout?: pulumi.Input<number>;
/**
* (string)
*/
searchOrder?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudConfigRoute {
/**
* (string)
*/
routerId?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudProvider {
/**
* (list maxitems:1)
*/
blockStorage?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProviderBlockStorage>;
/**
* (list maxitems:1)
*/
global: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProviderGlobal>;
/**
* (list maxitems:1)
*/
loadBalancer?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProviderLoadBalancer>;
/**
* (list maxitems:1)
*/
metadata?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProviderMetadata>;
/**
* (list maxitems:1)
*/
route?: pulumi.Input<inputs.ClusterCloudProviderOpenstackCloudProviderRoute>;
}
export interface ClusterCloudProviderOpenstackCloudProviderBlockStorage {
/**
* (string)
*/
bsVersion?: pulumi.Input<string>;
/**
* (string)
*/
ignoreVolumeAz?: pulumi.Input<boolean>;
/**
* (string)
*/
trustDevicePath?: pulumi.Input<boolean>;
}
export interface ClusterCloudProviderOpenstackCloudProviderGlobal {
/**
* (string)
*/
authUrl: pulumi.Input<string>;
/**
* (string)
*/
caFile?: pulumi.Input<string>;
/**
* Required if `domainName` not provided. (string)
*/
domainId?: pulumi.Input<string>;
/**
* Required if `domainId` not provided. (string)
*/
domainName?: pulumi.Input<string>;
/**
* Registry password (string)
*/
password: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* Required if `tenantName` not provided. (string)
*/
tenantId?: pulumi.Input<string>;
/**
* Required if `tenantId` not provided. (string)
*/
tenantName?: pulumi.Input<string>;
/**
* (string)
*/
trustId?: pulumi.Input<string>;
/**
* Required if `username` not provided. (string)
*/
userId?: pulumi.Input<string>;
/**
* Required if `userId` not provided. (string)
*/
username?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudProviderLoadBalancer {
/**
* (bool)
*/
createMonitor?: pulumi.Input<boolean>;
/**
* (string)
*/
floatingNetworkId?: pulumi.Input<string>;
/**
* (string)
*/
lbMethod?: pulumi.Input<string>;
/**
* (string)
*/
lbProvider?: pulumi.Input<string>;
/**
* (string)
*/
lbVersion?: pulumi.Input<string>;
/**
* (bool)
*/
manageSecurityGroups?: pulumi.Input<boolean>;
/**
* (string)
*/
monitorDelay?: pulumi.Input<string>;
/**
* (int)
*/
monitorMaxRetries?: pulumi.Input<number>;
/**
* (string)
*/
monitorTimeout?: pulumi.Input<string>;
/**
* (string)
*/
subnetId?: pulumi.Input<string>;
/**
* (bool)
*/
useOctavia?: pulumi.Input<boolean>;
}
export interface ClusterCloudProviderOpenstackCloudProviderMetadata {
/**
* (int)
*/
requestTimeout?: pulumi.Input<number>;
/**
* (string)
*/
searchOrder?: pulumi.Input<string>;
}
export interface ClusterCloudProviderOpenstackCloudProviderRoute {
/**
* (string)
*/
routerId?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudConfig {
/**
* (list maxitems:1)
*/
disk?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfigDisk>;
/**
* (list maxitems:1)
*/
global?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfigGlobal>;
/**
* (list maxitems:1)
*/
network?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfigNetwork>;
/**
* (List)
*/
virtualCenters: pulumi.Input<pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfigVirtualCenter>[]>;
/**
* (list maxitems:1)
*/
workspace: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudConfigWorkspace>;
}
export interface ClusterCloudProviderVsphereCloudConfigDisk {
/**
* (string)
*/
scsiControllerType?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudConfigGlobal {
/**
* (string)
*/
datacenter?: pulumi.Input<string>;
/**
* (string)
*/
datacenters?: pulumi.Input<string>;
/**
* (string)
*/
datastore?: pulumi.Input<string>;
/**
* (bool)
*/
insecureFlag?: pulumi.Input<boolean>;
/**
* Registry password (string)
*/
password?: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* (int)
*/
soapRoundtripCount?: pulumi.Input<number>;
/**
* Registry user (string)
*/
user?: pulumi.Input<string>;
/**
* (string)
*/
vmName?: pulumi.Input<string>;
/**
* (string)
*/
vmUuid?: pulumi.Input<string>;
/**
* (string)
*/
workingDir?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudConfigNetwork {
/**
* (string)
*/
publicNetwork?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudConfigVirtualCenter {
/**
* (string)
*/
datacenters: pulumi.Input<string>;
/**
* Name of virtualcenter config for Vsphere Cloud Provider config (string)
*/
name: pulumi.Input<string>;
/**
* Registry password (string)
*/
password: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* (int)
*/
soapRoundtripCount?: pulumi.Input<number>;
/**
* Registry user (string)
*/
user: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudConfigWorkspace {
/**
* (string)
*/
datacenter: pulumi.Input<string>;
/**
* (string)
*/
defaultDatastore?: pulumi.Input<string>;
/**
* Folder for S3 service. Available from Rancher v2.2.7 (string)
*/
folder?: pulumi.Input<string>;
/**
* (string)
*/
resourcepoolPath?: pulumi.Input<string>;
/**
* (string)
*/
server: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudProvider {
/**
* (list maxitems:1)
*/
disk?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProviderDisk>;
/**
* (list maxitems:1)
*/
global?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProviderGlobal>;
/**
* (list maxitems:1)
*/
network?: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProviderNetwork>;
/**
* (List)
*/
virtualCenters: pulumi.Input<pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProviderVirtualCenter>[]>;
/**
* (list maxitems:1)
*/
workspace: pulumi.Input<inputs.ClusterCloudProviderVsphereCloudProviderWorkspace>;
}
export interface ClusterCloudProviderVsphereCloudProviderDisk {
/**
* (string)
*/
scsiControllerType?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudProviderGlobal {
/**
* (string)
*/
datacenter?: pulumi.Input<string>;
/**
* (string)
*/
datacenters?: pulumi.Input<string>;
/**
* (string)
*/
datastore?: pulumi.Input<string>;
/**
* (bool)
*/
insecureFlag?: pulumi.Input<boolean>;
/**
* Registry password (string)
*/
password?: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* (int)
*/
soapRoundtripCount?: pulumi.Input<number>;
/**
* Registry user (string)
*/
user?: pulumi.Input<string>;
/**
* (string)
*/
vmName?: pulumi.Input<string>;
/**
* (string)
*/
vmUuid?: pulumi.Input<string>;
/**
* (string)
*/
workingDir?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudProviderNetwork {
/**
* (string)
*/
publicNetwork?: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudProviderVirtualCenter {
/**
* (string)
*/
datacenters: pulumi.Input<string>;
/**
* Name of virtualcenter config for Vsphere Cloud Provider config (string)
*/
name: pulumi.Input<string>;
/**
* Registry password (string)
*/
password: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* (int)
*/
soapRoundtripCount?: pulumi.Input<number>;
/**
* Registry user (string)
*/
user: pulumi.Input<string>;
}
export interface ClusterCloudProviderVsphereCloudProviderWorkspace {
/**
* (string)
*/
datacenter: pulumi.Input<string>;
/**
* (string)
*/
defaultDatastore?: pulumi.Input<string>;
/**
* Folder for S3 service. Available from Rancher v2.2.7 (string)
*/
folder?: pulumi.Input<string>;
/**
* (string)
*/
resourcepoolPath?: pulumi.Input<string>;
/**
* (string)
*/
server: pulumi.Input<string>;
}
export interface ClusterControlPlaneHost {
/**
* Address ip for node (string)
*/
address?: pulumi.Input<string>;
/**
* Name of the host provisioned via docker machine (string)
*/
nodeName?: pulumi.Input<string>;
}
export interface ClusterDns {
/**
* Node selector key pair (map)
*/
nodeSelector?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Docker image for nodelocal (string)
*/
nodelocal?: pulumi.Input<inputs.ClusterDnsNodelocal>;
/**
* Monitoring provider (string)
*/
provider?: pulumi.Input<string>;
/**
* Reverse CIDRs (list)
*/
reverseCidrs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Upstream nameservers (list)
*/
upstreamNameservers?: pulumi.Input<pulumi.Input<string>[]>;
}
export interface ClusterDnsNodelocal {
/**
* Nodelocal dns ip address (string)
*/
ipAddress?: pulumi.Input<string>;
/**
* Node selector key pair (map)
*/
nodeSelector?: pulumi.Input<{
[key: string]: any;
}>;
}
export interface ClusterEtcdHost {
/**
* Address ip for node (string)
*/
address?: pulumi.Input<string>;
/**
* Name of the host provisioned via docker machine (string)
*/
nodeName?: pulumi.Input<string>;
}
export interface ClusterInactiveHost {
/**
* Address ip for node (string)
*/
address?: pulumi.Input<string>;
/**
* Name of the host provisioned via docker machine (string)
*/
nodeName?: pulumi.Input<string>;
}
export interface ClusterIngress {
/**
* Ingress controller DNS policy. `ClusterFirstWithHostNet`, `ClusterFirst`, `Default`, and `None` are supported. [K8S dns Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) (string)
*/
dnsPolicy?: pulumi.Input<string>;
/**
* Extra arguments for scheduler service (map)
*/
extraArgs?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Node selector key pair (map)
*/
nodeSelector?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Network provider options (map)
*/
options?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Monitoring provider (string)
*/
provider?: pulumi.Input<string>;
}
export interface ClusterMonitoring {
/**
* Node selector key pair (map)
*/
nodeSelector?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Network provider options (map)
*/
options?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Monitoring provider (string)
*/
provider?: pulumi.Input<string>;
}
export interface ClusterNetwork {
/**
* Calico network provider config (list maxitems:1)
*/
calicoNetworkProvider?: pulumi.Input<inputs.ClusterNetworkCalicoNetworkProvider>;
/**
* Canal network provider config (list maxitems:1)
*/
canalNetworkProvider?: pulumi.Input<inputs.ClusterNetworkCanalNetworkProvider>;
/**
* Flannel network provider config (list maxitems:1)
*/
flannelNetworkProvider?: pulumi.Input<inputs.ClusterNetworkFlannelNetworkProvider>;
/**
* Network provider MTU. Default `0` (int)
*/
mtu?: pulumi.Input<number>;
/**
* Network provider options (map)
*/
options?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Network provider plugin. `calico`, `canal` (default), `flannel`, `none` and `weave` are supported. (string)
*/
plugin?: pulumi.Input<string>;
/**
* Weave network provider config (list maxitems:1)
*/
weaveNetworkProvider?: pulumi.Input<inputs.ClusterNetworkWeaveNetworkProvider>;
}
export interface ClusterNetworkCalicoNetworkProvider {
/**
* Calico cloud provider (string)
*/
cloudProvider?: pulumi.Input<string>;
}
export interface ClusterNetworkCanalNetworkProvider {
/**
* Flannel network interface (string)
*/
iface?: pulumi.Input<string>;
}
export interface ClusterNetworkFlannelNetworkProvider {
/**
* Flannel network interface (string)
*/
iface?: pulumi.Input<string>;
}
export interface ClusterNetworkWeaveNetworkProvider {
/**
* Registry password (string)
*/
password: pulumi.Input<string>;
}
export interface ClusterNode {
/**
* Address ip for node (string)
*/
address: pulumi.Input<string>;
/**
* Docker socket on the node that will be used in tunneling (string)
*/
dockerSocket?: pulumi.Input<string>;
/**
* Hostname override for node (string)
*/
hostnameOverride?: pulumi.Input<string>;
/**
* Internal address that will be used for components communication (string)
*/
internalAddress?: pulumi.Input<string>;
/**
* Node labels (map)
*/
labels?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Name of the host provisioned via docker machine (string)
*/
nodeName?: pulumi.Input<string>;
/**
* Port used for SSH communication (string)
*/
port?: pulumi.Input<string>;
/**
* Node roles in k8s cluster. `controlplane`, `etcd` and `worker` are supported. (list)
*/
roles: pulumi.Input<pulumi.Input<string>[]>;
/**
* @deprecated Use role instead
*/
rolesDeprecated?: pulumi.Input<string>;
/**
* SSH Agent Auth enable (bool)
*/
sshAgentAuth?: pulumi.Input<boolean>;
/**
* SSH Certificate (string)
*/
sshCert?: pulumi.Input<string>;
/**
* SSH Certificate path (string)
*/
sshCertPath?: pulumi.Input<string>;
/**
* SSH Private Key (string)
*/
sshKey?: pulumi.Input<string>;
/**
* SSH Private Key path (string)
*/
sshKeyPath?: pulumi.Input<string>;
/**
* Node taints (list)
*/
taints?: pulumi.Input<pulumi.Input<inputs.ClusterNodeTaint>[]>;
/**
* Registry user (string)
*/
user: pulumi.Input<string>;
}
export interface ClusterNodeTaint {
/**
* Taint effect. `NoExecute`, `NoSchedule` (default) and `PreferNoSchedule` are supported (string)
*/
effect?: pulumi.Input<string>;
/**
* TLS key for etcd service (string)
*/
key: pulumi.Input<string>;
/**
* Taint value (string)
*/
value: pulumi.Input<string>;
}
export interface ClusterPrivateRegistry {
/**
* Set as default registry. Default `false` (bool)
*/
isDefault?: pulumi.Input<boolean>;
/**
* Registry password (string)
*/
password?: pulumi.Input<string>;
/**
* Registry URL (string)
*/
url: pulumi.Input<string>;
/**
* Registry user (string)
*/
user?: pulumi.Input<string>;
}
export interface ClusterRestore {
/**
* Restore cluster. Default `false` (bool)
*/
restore?: pulumi.Input<boolean>;
/**
* Snapshot name (string)
*/
snapshotName?: pulumi.Input<string>;
}
export interface ClusterRotateCertificates {
/**
* Rotate CA Certificates. Default `false` (bool)
*/
caCertificates?: pulumi.Input<boolean>;
/**
* Services to rotate their certs. `etcd`, `kubelet`, `kube-apiserver`, `kube-proxy`, `kube-scheduler` and `kube-controller-manager` are supported (list)
*/
services?: pulumi.Input<pulumi.Input<string>[]>;
}
export interface ClusterRunningSystemImages {
/**
* Docker image for alpine (string)
*/
alpine?: pulumi.Input<string>;
/**
* Docker image for calicoCni (string)
*/
calicoCni?: pulumi.Input<string>;
/**
* Docker image for calicoControllers (string)
*/
calicoControllers?: pulumi.Input<string>;
/**
* Docker image for calicoCtl (string)
*/
calicoCtl?: pulumi.Input<string>;
/**
* Docker image for calicoFlexVol (string)
*/
calicoFlexVol?: pulumi.Input<string>;
/**
* Docker image for calicoNode (string)
*/
calicoNode?: pulumi.Input<string>;
/**
* Docker image for canalCni (string)
*/
canalCni?: pulumi.Input<string>;
/**
* Docker image for canalFlannel (string)
*/
canalFlannel?: pulumi.Input<string>;
/**
* Docker image for canalFlexVol (string)
*/
canalFlexVol?: pulumi.Input<string>;
/**
* Docker image for canalNode (string)
*/
canalNode?: pulumi.Input<string>;
/**
* Docker image for certDownloader (string)
*/
certDownloader?: pulumi.Input<string>;
/**
* Docker image for coredns (string)
*/
coredns?: pulumi.Input<string>;
/**
* Docker image for corednsAutoscaler (string)
*/
corednsAutoscaler?: pulumi.Input<string>;
/**
* Docker image for dnsmasq (string)
*/
dnsmasq?: pulumi.Input<string>;
/**
* Docker image for etcd (string)
*/
etcd?: pulumi.Input<string>;
/**
* Docker image for flannel (string)
*/
flannel?: pulumi.Input<string>;
/**
* Docker image for flannelCni (string)
*/
flannelCni?: pulumi.Input<string>;
/**
* Docker image for ingress (string)
*/
ingress?: pulumi.Input<string>;
/**
* Docker image for ingressBackend (string)
*/
ingressBackend?: pulumi.Input<string>;
/**
* Docker image for kubeDns (string)
*/
kubeDns?: pulumi.Input<string>;
/**
* Docker image for kubeDnsAutoscaler (string)
*/
kubeDnsAutoscaler?: pulumi.Input<string>;
/**
* Docker image for kubeDnsSidecar (string)
*/
kubeDnsSidecar?: pulumi.Input<string>;
/**
* Docker image for kubernetes (string)
*/
kubernetes?: pulumi.Input<string>;
/**
* Docker image for kubernetesServicesSidecar (string)
*/
kubernetesServicesSidecar?: pulumi.Input<string>;
/**
* Docker image for metricsServer (string)
*/
metricsServer?: pulumi.Input<string>;
/**
* Docker image for nginxProxy (string)
*/
nginxProxy?: pulumi.Input<string>;
/**
* Docker image for nodelocal (string)
*/
nodelocal?: pulumi.Input<string>;
/**
* Docker image for podInfraContainer (string)
*/
podInfraContainer?: pulumi.Input<string>;
/**
* Docker image for weaveCni (string)
*/
weaveCni?: pulumi.Input<string>;
/**
* Docker image for weaveNode (string)
*/
weaveNode?: pulumi.Input<string>;
/**
* Docker image for windowsPodInfraContainer (string)
*/
windowsPodInfraContainer?: pulumi.Input<string>;
}
export interface ClusterServices {
/**
* Docker image for etcd (string)
*/
etcd?: pulumi.Input<inputs.ClusterServicesEtcd>;
/**
* Kube API options for RKE services (list maxitems:1)
*/
kubeApi?: pulumi.Input<inputs.ClusterServicesKubeApi>;
/**
* Kube Controller options for RKE services (list maxitems:1)
*/
kubeController?: pulumi.Input<inputs.ClusterServicesKubeController>;
/**
* Kubelet options for RKE services (list maxitems:1)
*/
kubelet?: pulumi.Input<inputs.ClusterServicesKubelet>;
/**
* Kubeproxy options for RKE services (list maxitems:1)
*/
kubeproxy?: pulumi.Input<inputs.ClusterServicesKubeproxy>;
/**
* Scheduler options for RKE services (list maxitems:1)
*/
scheduler?: pulumi.Input<inputs.ClusterServicesScheduler>;
}
export interface ClusterServicesEtcd {
/**
* Backup options for etcd service. Just for Rancher v2.2.x (list maxitems:1)
*/
backupConfig?: pulumi.Input<inputs.ClusterServicesEtcdBackupConfig>;
/**
* TLS CA certificate for etcd service (string)
*/
caCert?: pulumi.Input<string>;
/**
* TLS certificate for etcd service (string)
*/
cert?: pulumi.Input<string>;
/**
* Creation option for etcd service (string)
*/
creation?: pulumi.Input<string>;
/**
* External urls for etcd service (list)
*/
externalUrls?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra arguments for scheduler service (map)
*/
extraArgs?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Extra binds for scheduler service (list)
*/
extraBinds?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra environment for scheduler service (list)
*/
extraEnvs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Etcd service GID. Default: `0`. For Rancher v2.3.x or above (int)
*/
gid?: pulumi.Input<number>;
/**
* Docker image for scheduler service (string)
*/
image?: pulumi.Input<string>;
/**
* TLS key for etcd service (string)
*/
key?: pulumi.Input<string>;
/**
* Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
*/
path?: pulumi.Input<string>;
/**
* Retention for etcd backup. Default `6` (int)
*/
retention?: pulumi.Input<string>;
/**
* Snapshot option for etcd service. Default `true` (bool)
*/
snapshot?: pulumi.Input<boolean>;
/**
* Etcd service UID. Default: `0`. For Rancher v2.3.x or above (int)
*/
uid?: pulumi.Input<number>;
}
export interface ClusterServicesEtcdBackupConfig {
/**
* Enable secrets encryption (bool)
*/
enabled?: pulumi.Input<boolean>;
/**
* Interval hours for etcd backup. Default `12` (int)
*/
intervalHours?: pulumi.Input<number>;
/**
* Retention for etcd backup. Default `6` (int)
*/
retention?: pulumi.Input<number>;
/**
* S3 config options for etcd backup (list maxitems:1)
*/
s3BackupConfig?: pulumi.Input<inputs.ClusterServicesEtcdBackupConfigS3BackupConfig>;
/**
* Safe timestamp for etcd backup. Default: `false` (bool)
*/
safeTimestamp?: pulumi.Input<boolean>;
}
export interface ClusterServicesEtcdBackupConfigS3BackupConfig {
/**
* Access key for S3 service (string)
*/
accessKey?: pulumi.Input<string>;
/**
* Bucket name for S3 service (string)
*/
bucketName?: pulumi.Input<string>;
/**
* Base64 encoded custom CA for S3 service. Use filebase64(<FILE>) for encoding file. Available from Rancher v2.2.5 (string)
*/
customCa?: pulumi.Input<string>;
/**
* Endpoint for S3 service (string)
*/
endpoint?: pulumi.Input<string>;
/**
* Folder for S3 service. Available from Rancher v2.2.7 (string)
*/
folder?: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* Secret key for S3 service (string)
*/
secretKey?: pulumi.Input<string>;
}
export interface ClusterServicesEtcdDeprecated {
/**
* Backup options for etcd service. Just for Rancher v2.2.x (list maxitems:1)
*/
backupConfig?: pulumi.Input<inputs.ClusterServicesEtcdDeprecatedBackupConfig>;
/**
* TLS CA certificate for etcd service (string)
*/
caCert?: pulumi.Input<string>;
/**
* TLS certificate for etcd service (string)
*/
cert?: pulumi.Input<string>;
/**
* Creation option for etcd service (string)
*/
creation?: pulumi.Input<string>;
/**
* External urls for etcd service (list)
*/
externalUrls?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra arguments for scheduler service (map)
*/
extraArgs?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Extra binds for scheduler service (list)
*/
extraBinds?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra environment for scheduler service (list)
*/
extraEnvs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Etcd service GID. Default: `0`. For Rancher v2.3.x or above (int)
*/
gid?: pulumi.Input<number>;
/**
* Docker image for scheduler service (string)
*/
image?: pulumi.Input<string>;
/**
* TLS key for etcd service (string)
*/
key?: pulumi.Input<string>;
/**
* Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
*/
path?: pulumi.Input<string>;
/**
* Retention for etcd backup. Default `6` (int)
*/
retention?: pulumi.Input<string>;
/**
* Snapshot option for etcd service. Default `true` (bool)
*/
snapshot?: pulumi.Input<boolean>;
/**
* Etcd service UID. Default: `0`. For Rancher v2.3.x or above (int)
*/
uid?: pulumi.Input<number>;
}
export interface ClusterServicesEtcdDeprecatedBackupConfig {
/**
* Enable secrets encryption (bool)
*/
enabled?: pulumi.Input<boolean>;
/**
* Interval hours for etcd backup. Default `12` (int)
*/
intervalHours?: pulumi.Input<number>;
/**
* Retention for etcd backup. Default `6` (int)
*/
retention?: pulumi.Input<number>;
/**
* S3 config options for etcd backup (list maxitems:1)
*/
s3BackupConfig?: pulumi.Input<inputs.ClusterServicesEtcdDeprecatedBackupConfigS3BackupConfig>;
/**
* Safe timestamp for etcd backup. Default: `false` (bool)
*/
safeTimestamp?: pulumi.Input<boolean>;
}
export interface ClusterServicesEtcdDeprecatedBackupConfigS3BackupConfig {
/**
* Access key for S3 service (string)
*/
accessKey?: pulumi.Input<string>;
/**
* Bucket name for S3 service (string)
*/
bucketName?: pulumi.Input<string>;
/**
* Base64 encoded custom CA for S3 service. Use filebase64(<FILE>) for encoding file. Available from Rancher v2.2.5 (string)
*/
customCa?: pulumi.Input<string>;
/**
* Endpoint for S3 service (string)
*/
endpoint?: pulumi.Input<string>;
/**
* Folder for S3 service. Available from Rancher v2.2.7 (string)
*/
folder?: pulumi.Input<string>;
/**
* Region for S3 service (string)
*/
region?: pulumi.Input<string>;
/**
* Secret key for S3 service (string)
*/
secretKey?: pulumi.Input<string>;
}
export interface ClusterServicesKubeApi {
/**
* Enable [AlwaysPullImages](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages) Admission controller plugin. [Rancher docs](https://rancher.com/docs/rke/latest/en/config-options/services/#kubernetes-api-server-options) (bool)
*/
alwaysPullImages?: pulumi.Input<boolean>;
/**
* K8s audit log configuration. (list maxitem: 1)
*/
auditLog?: pulumi.Input<inputs.ClusterServicesKubeApiAuditLog>;
/**
* K8s event rate limit configuration. (list maxitem: 1)
*/
eventRateLimit?: pulumi.Input<inputs.ClusterServicesKubeApiEventRateLimit>;
/**
* Extra arguments for scheduler service (map)
*/
extraArgs?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Extra binds for scheduler service (list)
*/
extraBinds?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra environment for scheduler service (list)
*/
extraEnvs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Docker image for scheduler service (string)
*/
image?: pulumi.Input<string>;
/**
* Pod Security Policy option for kube API service (bool)
*/
podSecurityPolicy?: pulumi.Input<boolean>;
/**
* [Encrypt k8s secret data configration](https://rancher.com/docs/rke/latest/en/config-options/secrets-encryption/). (list maxitem: 1)
*/
secretsEncryptionConfig?: pulumi.Input<inputs.ClusterServicesKubeApiSecretsEncryptionConfig>;
/**
* Service Cluster ip Range option for kube controller service (string)
*/
serviceClusterIpRange?: pulumi.Input<string>;
/**
* Service Node Port Range option for kube API service (string)
*/
serviceNodePortRange?: pulumi.Input<string>;
}
export interface ClusterServicesKubeApiAuditLog {
/**
* Event rate limit yaml encoded configuration. `"apiVersion"` and `"kind":"Configuration"` fields are required in the yaml. Ex. `apiVersion: eventratelimit.admission.k8s.io/v1alpha1\nkind: Configuration\nlimits:\n- type: Server\n burst: 30000\n qps: 6000\n` [More info](https://rancher.com/docs/rke/latest/en/config-options/rate-limiting/) (string)
*/
configuration?: pulumi.Input<inputs.ClusterServicesKubeApiAuditLogConfiguration>;
/**
* Enable secrets encryption (bool)
*/
enabled?: pulumi.Input<boolean>;
}
export interface ClusterServicesKubeApiAuditLogConfiguration {
/**
* Audit log format (string)
*/
format?: pulumi.Input<string>;
/**
* Audit log max age (int)
*/
maxAge?: pulumi.Input<number>;
/**
* Audit log max backup. Default: `10` (int)
*/
maxBackup?: pulumi.Input<number>;
/**
* Audit log max size. Default: `100` (int)
*/
maxSize?: pulumi.Input<number>;
/**
* Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
*/
path?: pulumi.Input<string>;
/**
* Audit policy json encoded definition. `"apiVersion"` and `"kind":"Policy","rules"` fields are required in the json. Ex. `jsonencode({"apiVersion":"audit.k8s.io/v1","kind":"Policy","rules":[{"level":"RequestResponse","resources":[{"group":"","resources":["pods"]}]}]})` [More info](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) (string)
*/
policy?: pulumi.Input<string>;
}
export interface ClusterServicesKubeApiDeprecated {
/**
* Enable [AlwaysPullImages](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages) Admission controller plugin. [Rancher docs](https://rancher.com/docs/rke/latest/en/config-options/services/#kubernetes-api-server-options) (bool)
*/
alwaysPullImages?: pulumi.Input<boolean>;
/**
* K8s audit log configuration. (list maxitem: 1)
*/
auditLog?: pulumi.Input<inputs.ClusterServicesKubeApiDeprecatedAuditLog>;
/**
* K8s event rate limit configuration. (list maxitem: 1)
*/
eventRateLimit?: pulumi.Input<inputs.ClusterServicesKubeApiDeprecatedEventRateLimit>;
/**
* Extra arguments for scheduler service (map)
*/
extraArgs?: pulumi.Input<{
[key: string]: any;
}>;
/**
* Extra binds for scheduler service (list)
*/
extraBinds?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Extra environment for scheduler service (list)
*/
extraEnvs?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Docker image for scheduler service (string)
*/
image?: pulumi.Input<string>;
/**
* Pod Security Policy option for kube API service (bool)
*/
podSecurityPolicy?: pulumi.Input<