@soft-stech/karpenter
Version:
383 lines (382 loc) • 18.4 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.IEC2NodeClassSchema = void 0;
// Generated by ts-to-zod
const zod_1 = require("zod");
const ObjectMeta_schema_1 = require("@soft-stech/apimachinery/apis/meta/v1/ObjectMeta.schema");
/**
* EC2NodeClass is the Schema for the EC2NodeClass API
*/
exports.IEC2NodeClassSchema = zod_1.z.object({
/**
* APIVersion defines the versioned schema of this representation of an object.
* Servers should convert recognized schemas to the latest internal value, and
* may reject unrecognized values.
* More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
"apiVersion": zod_1.z.literal("karpenter.k8s.aws/v1beta1"),
/**
* Kind is a string value representing the REST resource this object represents.
* Servers may infer this from the endpoint the client submits requests to.
* Cannot be updated.
* In CamelCase.
* More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
"kind": zod_1.z.literal("EC2NodeClass"),
"metadata": ObjectMeta_schema_1.iObjectMetaSchema.optional(),
/**
* EC2NodeClassSpec is the top level specification for the AWS Karpenter Provider.
* This will contain configuration necessary to launch instances in AWS.
*/
"spec": zod_1.z.object({
/**
* AMIFamily is the AMI family that instances use.
*/
"amiFamily": zod_1.z.union([zod_1.z.literal("AL2"), zod_1.z.literal("AL2023"), zod_1.z.literal("Bottlerocket"), zod_1.z.literal("Ubuntu"), zod_1.z.literal("Custom"), zod_1.z.literal("Windows2019"), zod_1.z.literal("Windows2022")]),
/**
* AMISelectorTerms is a list of or ami selector terms. The terms are ORed.
*/
"amiSelectorTerms": zod_1.z.array(zod_1.z.object({
/**
* ID is the ami id in EC2
* @pattern ami-[0-9a-z]+
*/
"id": zod_1.z.string().regex(/ami-[0-9a-z]+/).optional(),
/**
* Name is the ami name in EC2.
* This value is the name field, which is different from the name tag.
*/
"name": zod_1.z.string().optional(),
/**
* Owner is the owner for the ami.
* You can specify a combination of AWS account IDs, "self", "amazon", and "aws-marketplace"
*/
"owner": zod_1.z.string().optional(),
/**
* Tags is a map of key/value tags used to select subnets
* Specifying '\*' for a value selects all values for a given tag key.
*/
"tags": zod_1.z.record(zod_1.z.string(), zod_1.z.string()).optional()
})).optional(),
/**
* AssociatePublicIPAddress controls if public IP addresses are assigned to instances that are launched with the nodeclass.
*/
"associatePublicIPAddress": zod_1.z.boolean().optional(),
/**
* BlockDeviceMappings to be applied to provisioned nodes.
*/
"blockDeviceMappings": zod_1.z.array(zod_1.z.object({
/**
* The device name (for example, /dev/sdh or xvdh).
*/
"deviceName": zod_1.z.string().optional(),
/**
* EBS contains parameters used to automatically set up EBS volumes when an instance is launched.
*/
"ebs": zod_1.z.object({
/**
* DeleteOnTermination indicates whether the EBS volume is deleted on instance termination.
*/
"deleteOnTermination": zod_1.z.boolean().optional(),
/**
* Encrypted indicates whether the EBS volume is encrypted. Encrypted volumes can only
* be attached to instances that support Amazon EBS encryption. If you are creating
* a volume from a snapshot, you can't specify an encryption value.
*/
"encrypted": zod_1.z.boolean().optional(),
/**
* IOPS is the number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes,
* this represents the number of IOPS that are provisioned for the volume. For
* gp2 volumes, this represents the baseline performance of the volume and the
* rate at which the volume accumulates I/O credits for bursting.
*
*
* The following are the supported values for each volume type:
*
*
* \* gp3: 3,000-16,000 IOPS
*
*
* \* io1: 100-64,000 IOPS
*
*
* \* io2: 100-64,000 IOPS
*
*
* For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built
* on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
* Other instance families guarantee performance up to 32,000 IOPS.
*
*
* This parameter is supported for io1, io2, and gp3 volumes only. This parameter
* is not supported for gp2, st1, sc1, or standard volumes.
*/
"iops": zod_1.z.number().optional(),
/**
* KMSKeyID (ARN) of the symmetric Key Management Service (KMS) CMK used for encryption.
*/
"kmsKeyID": zod_1.z.string().optional(),
/**
* SnapshotID is the ID of an EBS snapshot
*/
"snapshotID": zod_1.z.string().optional(),
/**
* Throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
* Valid Range: Minimum value of 125. Maximum value of 1000.
*/
"throughput": zod_1.z.number().optional(),
/**
* VolumeSize in `Gi`, `G`, `Ti`, or `T`. You must specify either a snapshot ID or
* a volume size. The following are the supported volumes sizes for each volume
* type:
*
*
* \* gp2 and gp3: 1-16,384
*
*
* \* io1 and io2: 4-16,384
*
*
* \* st1 and sc1: 125-16,384
*
*
* \* standard: 1-1,024
*/
"volumeSize": zod_1.z.union([zod_1.z.number().and(zod_1.z.number().and(zod_1.z.number())), zod_1.z.string().and(zod_1.z.string().and(zod_1.z.string()))]).optional(),
/**
* VolumeType of the block device.
* For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
* in the Amazon Elastic Compute Cloud User Guide.
*/
"volumeType": zod_1.z.union([zod_1.z.literal("standard"), zod_1.z.literal("io1"), zod_1.z.literal("io2"), zod_1.z.literal("gp2"), zod_1.z.literal("sc1"), zod_1.z.literal("st1"), zod_1.z.literal("gp3")]).optional()
}).optional(),
/**
* RootVolume is a flag indicating if this device is mounted as kubelet root dir. You can
* configure at most one root volume in BlockDeviceMappings.
*/
"rootVolume": zod_1.z.boolean().optional()
})).optional(),
/**
* Context is a Reserved field in EC2 APIs
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html
*/
"context": zod_1.z.string().optional(),
/**
* DetailedMonitoring controls if detailed monitoring is enabled for instances that are launched
*/
"detailedMonitoring": zod_1.z.boolean().optional(),
/**
* InstanceProfile is the AWS entity that instances use.
* This field is mutually exclusive from role.
* The instance profile should already have a role assigned to it that Karpenter
* has PassRole permission on for instance launch using this instanceProfile to succeed.
*/
"instanceProfile": zod_1.z.string().optional(),
/**
* InstanceStorePolicy specifies how to handle instance-store disks.
*/
"instanceStorePolicy": zod_1.z.literal("RAID0").optional(),
/**
* MetadataOptions for the generated launch template of provisioned nodes.
*
*
* This specifies the exposure of the Instance Metadata Service to
* provisioned EC2 nodes. For more information,
* see Instance Metadata and User Data
* (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
* in the Amazon Elastic Compute Cloud User Guide.
*
*
* Refer to recommended, security best practices
* (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node)
* for limiting exposure of Instance Metadata and User Data to pods.
* If omitted, defaults to httpEndpoint enabled, with httpProtocolIPv6
* disabled, with httpPutResponseLimit of 2, and with httpTokens
* required.
*/
"metadataOptions": zod_1.z.object({
/**
* HTTPEndpoint enables or disables the HTTP metadata endpoint on provisioned
* nodes. If metadata options is non-nil, but this parameter is not specified,
* the default state is "enabled".
*
*
* If you specify a value of "disabled", instance metadata will not be accessible
* on the node.
* @default "enabled"
*/
"httpEndpoint": zod_1.z.union([zod_1.z.literal("enabled"), zod_1.z.literal("disabled")]).optional().default("enabled"),
/**
* HTTPProtocolIPv6 enables or disables the IPv6 endpoint for the instance metadata
* service on provisioned nodes. If metadata options is non-nil, but this parameter
* is not specified, the default state is "disabled".
* @default "disabled"
*/
"httpProtocolIPv6": zod_1.z.union([zod_1.z.literal("enabled"), zod_1.z.literal("disabled")]).optional().default("disabled"),
/**
* HTTPPutResponseHopLimit is the desired HTTP PUT response hop limit for
* instance metadata requests. The larger the number, the further instance
* metadata requests can travel. Possible values are integers from 1 to 64.
* If metadata options is non-nil, but this parameter is not specified, the
* default value is 2.
* @default 2
* @minimum 1
* @maximum 64
*/
"httpPutResponseHopLimit": zod_1.z.number().min(1).max(64).optional().default(2),
/**
* HTTPTokens determines the state of token usage for instance metadata
* requests. If metadata options is non-nil, but this parameter is not
* specified, the default state is "required".
*
*
* If the state is optional, one can choose to retrieve instance metadata with
* or without a signed token header on the request. If one retrieves the IAM
* role credentials without a token, the version 1.0 role credentials are
* returned. If one retrieves the IAM role credentials using a valid signed
* token, the version 2.0 role credentials are returned.
*
*
* If the state is "required", one must send a signed token header with any
* instance metadata retrieval requests. In this state, retrieving the IAM
* role credentials always returns the version 2.0 credentials; the version
* 1.0 credentials are not available.
* @default "required"
*/
"httpTokens": zod_1.z.union([zod_1.z.literal("required"), zod_1.z.literal("optional")]).optional().default("required")
}).optional(),
/**
* Role is the AWS identity that nodes use. This field is immutable.
* This field is mutually exclusive from instanceProfile.
* Marking this field as immutable avoids concerns around terminating managed instance profiles from running instances.
* This field may be made mutable in the future, assuming the correct garbage collection and drift handling is implemented
* for the old instance profiles on an update.
*/
"role": zod_1.z.string().optional(),
/**
* SecurityGroupSelectorTerms is a list of or security group selector terms. The terms are ORed.
*/
"securityGroupSelectorTerms": zod_1.z.array(zod_1.z.object({
/**
* ID is the security group id in EC2
* @pattern sg-[0-9a-z]+
*/
"id": zod_1.z.string().regex(/sg-[0-9a-z]+/).optional(),
/**
* Name is the security group name in EC2.
* This value is the name field, which is different from the name tag.
*/
"name": zod_1.z.string().optional(),
/**
* Tags is a map of key/value tags used to select subnets
* Specifying '\*' for a value selects all values for a given tag key.
*/
"tags": zod_1.z.record(zod_1.z.string(), zod_1.z.string()).optional()
})),
/**
* SubnetSelectorTerms is a list of or subnet selector terms. The terms are ORed.
*/
"subnetSelectorTerms": zod_1.z.array(zod_1.z.object({
/**
* ID is the subnet id in EC2
* @pattern subnet-[0-9a-z]+
*/
"id": zod_1.z.string().regex(/subnet-[0-9a-z]+/).optional(),
/**
* Tags is a map of key/value tags used to select subnets
* Specifying '\*' for a value selects all values for a given tag key.
*/
"tags": zod_1.z.record(zod_1.z.string(), zod_1.z.string()).optional()
})),
/**
* Tags to be applied on ec2 resources like instances and launch templates.
*/
"tags": zod_1.z.record(zod_1.z.string(), zod_1.z.string()).optional(),
/**
* UserData to be applied to the provisioned nodes.
* It must be in the appropriate format based on the AMIFamily in use. Karpenter will merge certain fields into
* this UserData to ensure nodes are being provisioned with the correct configuration.
*/
"userData": zod_1.z.string().optional()
}).optional(),
/**
* EC2NodeClassStatus contains the resolved state of the EC2NodeClass
*/
"status": zod_1.z.object({
/**
* AMI contains the current AMI values that are available to the
* cluster under the AMI selectors.
*/
"amis": zod_1.z.array(zod_1.z.object({
/**
* ID of the AMI
*/
"id": zod_1.z.string(),
/**
* Name of the AMI
*/
"name": zod_1.z.string().optional(),
/**
* Requirements of the AMI to be utilized on an instance type
*/
"requirements": zod_1.z.array(zod_1.z.object({
/**
* The label key that the selector applies to.
*/
"key": zod_1.z.string(),
/**
* This field is ALPHA and can be dropped or replaced at any time
* MinValues is the minimum number of unique values required to define the flexibility of the specific requirement.
* @minimum 1
* @maximum 50
*/
"minValues": zod_1.z.number().min(1).max(50).optional(),
/**
* Represents a key's relationship to a set of values.
* Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
*/
"operator": zod_1.z.string(),
/**
* An array of string values. If the operator is In or NotIn,
* the values array must be non-empty. If the operator is Exists or DoesNotExist,
* the values array must be empty. If the operator is Gt or Lt, the values
* array must have a single element, which will be interpreted as an integer.
* This array is replaced during a strategic merge patch.
*/
"values": zod_1.z.array(zod_1.z.string()).optional()
}))
})).optional(),
/**
* InstanceProfile contains the resolved instance profile for the role
*/
"instanceProfile": zod_1.z.string().optional(),
/**
* SecurityGroups contains the current Security Groups values that are available to the
* cluster under the SecurityGroups selectors.
*/
"securityGroups": zod_1.z.array(zod_1.z.object({
/**
* ID of the security group
*/
"id": zod_1.z.string(),
/**
* Name of the security group
*/
"name": zod_1.z.string().optional()
})).optional(),
/**
* Subnets contains the current Subnet values that are available to the
* cluster under the subnet selectors.
*/
"subnets": zod_1.z.array(zod_1.z.object({
/**
* ID of the subnet
*/
"id": zod_1.z.string(),
/**
* The associated availability zone
*/
"zone": zod_1.z.string()
})).optional()
}).optional()
});