talos

1
syntax = "proto3";
2

3
package talos.resource.definitions.k8s;
4

5
option go_package = "github.com/siderolabs/talos/pkg/machinery/api/resource/definitions/k8s";
6

7
import "common/common.proto";
8
import "google/protobuf/struct.proto";
9
import "resource/definitions/proto/proto.proto";
10

11
// APIServerConfigSpec is configuration for kube-apiserver.
12
message APIServerConfigSpec {
13
  string image = 1;
14
  string cloud_provider = 2;
15
  string control_plane_endpoint = 3;
16
  repeated string etcd_servers = 4;
17
  int64 local_port = 5;
18
  repeated string service_cid_rs = 6;
19
  map<string, string> extra_args = 7;
20
  repeated ExtraVolume extra_volumes = 8;
21
  map<string, string> environment_variables = 9;
22
  bool pod_security_policy_enabled = 10;
23
  string advertised_address = 11;
24
  Resources resources = 12;
25
}
26

27
// AdmissionControlConfigSpec is configuration for kube-apiserver.
28
message AdmissionControlConfigSpec {
29
  repeated AdmissionPluginSpec config = 1;
30
}
31

32
// AdmissionPluginSpec is a single admission plugin configuration Admission Control plugins.
33
message AdmissionPluginSpec {
34
  string name = 1;
35
  google.protobuf.Struct configuration = 2;
36
}
37

38
// AuditPolicyConfigSpec is audit policy configuration for kube-apiserver.
39
message AuditPolicyConfigSpec {
40
  google.protobuf.Struct config = 1;
41
}
42

43
// BootstrapManifestsConfigSpec is configuration for bootstrap manifests.
44
message BootstrapManifestsConfigSpec {
45
  string server = 1;
46
  string cluster_domain = 2;
47
  repeated string pod_cid_rs = 3;
48
  bool proxy_enabled = 4;
49
  string proxy_image = 5;
50
  repeated string proxy_args = 6;
51
  bool core_dns_enabled = 7;
52
  string core_dns_image = 8;
53
  string dns_service_ip = 9;
54
  string dns_service_i_pv6 = 10;
55
  bool flannel_enabled = 11;
56
  string flannel_image = 12;
57
  string flannel_cni_image = 13;
58
  bool pod_security_policy_enabled = 14;
59
  bool talos_api_service_enabled = 15;
60
  repeated string flannel_extra_args = 16;
61
  string flannel_kube_service_host = 17;
62
  string flannel_kube_service_port = 18;
63
  string service_host_dns_address = 19;
64
}
65

66
// ConfigStatusSpec describes status of rendered secrets.
67
message ConfigStatusSpec {
68
  bool ready = 1;
69
  string version = 2;
70
}
71

72
// ControllerManagerConfigSpec is configuration for kube-controller-manager.
73
message ControllerManagerConfigSpec {
74
  bool enabled = 1;
75
  string image = 2;
76
  string cloud_provider = 3;
77
  repeated string pod_cid_rs = 4;
78
  repeated string service_cid_rs = 5;
79
  map<string, string> extra_args = 6;
80
  repeated ExtraVolume extra_volumes = 7;
81
  map<string, string> environment_variables = 8;
82
  Resources resources = 9;
83
}
84

85
// EndpointSpec describes status of rendered secrets.
86
message EndpointSpec {
87
  repeated common.NetIP addresses = 1;
88
}
89

90
// ExtraManifest defines a single extra manifest to download.
91
message ExtraManifest {
92
  string name = 1;
93
  string url = 2;
94
  string priority = 3;
95
  map<string, string> extra_headers = 4;
96
  string inline_manifest = 5;
97
}
98

99
// ExtraManifestsConfigSpec is configuration for extra bootstrap manifests.
100
message ExtraManifestsConfigSpec {
101
  repeated ExtraManifest extra_manifests = 1;
102
}
103

104
// ExtraVolume is a configuration of extra volume.
105
message ExtraVolume {
106
  string name = 1;
107
  string host_path = 2;
108
  string mount_path = 3;
109
  bool read_only = 4;
110
}
111

112
// KubePrismConfigSpec describes KubePrismConfig data.
113
message KubePrismConfigSpec {
114
  string host = 1;
115
  int64 port = 2;
116
  repeated KubePrismEndpoint endpoints = 3;
117
}
118

119
// KubePrismEndpoint holds data for control plane endpoint.
120
message KubePrismEndpoint {
121
  string host = 1;
122
  uint32 port = 2;
123
}
124

125
// KubePrismEndpointsSpec describes KubePrismEndpoints configuration.
126
message KubePrismEndpointsSpec {
127
  repeated KubePrismEndpoint endpoints = 1;
128
}
129

130
// KubePrismStatusesSpec describes KubePrismStatuses data.
131
message KubePrismStatusesSpec {
132
  string host = 1;
133
  bool healthy = 2;
134
}
135

136
// KubeletConfigSpec holds the source of kubelet configuration.
137
message KubeletConfigSpec {
138
  string image = 1;
139
  repeated string cluster_dns = 2;
140
  string cluster_domain = 3;
141
  map<string, string> extra_args = 4;
142
  repeated talos.resource.definitions.proto.Mount extra_mounts = 5;
143
  google.protobuf.Struct extra_config = 6;
144
  bool cloud_provider_external = 7;
145
  bool default_runtime_seccomp_enabled = 8;
146
  bool skip_node_registration = 9;
147
  string static_pod_list_url = 10;
148
  bool disable_manifests_directory = 11;
149
  bool enable_fs_quota_monitoring = 12;
150
  google.protobuf.Struct credential_provider_config = 13;
151
}
152

153
// KubeletSpecSpec holds the source of kubelet configuration.
154
message KubeletSpecSpec {
155
  string image = 1;
156
  repeated string args = 2;
157
  repeated talos.resource.definitions.proto.Mount extra_mounts = 3;
158
  string expected_nodename = 4;
159
  google.protobuf.Struct config = 5;
160
  google.protobuf.Struct credential_provider_config = 6;
161
}
162

163
// ManifestSpec holds the Kubernetes resources spec.
164
message ManifestSpec {
165
  repeated SingleManifest items = 1;
166
}
167

168
// ManifestStatusSpec describes manifest application status.
169
message ManifestStatusSpec {
170
  repeated string manifests_applied = 1;
171
}
172

173
// NodeIPConfigSpec holds the Node IP specification.
174
message NodeIPConfigSpec {
175
  repeated string valid_subnets = 1;
176
  repeated string exclude_subnets = 2;
177
}
178

179
// NodeIPSpec holds the Node IP specification.
180
message NodeIPSpec {
181
  repeated common.NetIP addresses = 1;
182
}
183

184
// NodeLabelSpecSpec represents a label that's attached to a Talos node.
185
message NodeLabelSpecSpec {
186
  string key = 1;
187
  string value = 2;
188
}
189

190
// NodeStatusSpec describes Kubernetes NodeStatus.
191
message NodeStatusSpec {
192
  string nodename = 1;
193
  bool node_ready = 2;
194
  bool unschedulable = 3;
195
  map<string, string> labels = 4;
196
  map<string, string> annotations = 5;
197
}
198

199
// NodeTaintSpecSpec represents a label that's attached to a Talos node.
200
message NodeTaintSpecSpec {
201
  string key = 1;
202
  string effect = 2;
203
  string value = 3;
204
}
205

206
// NodenameSpec describes Kubernetes nodename.
207
message NodenameSpec {
208
  string nodename = 1;
209
  string hostname_version = 2;
210
  bool skip_node_registration = 3;
211
}
212

213
// Resources is a configuration of cpu and memory resources.
214
message Resources {
215
  map<string, string> requests = 1;
216
  map<string, string> limits = 2;
217
}
218

219
// SchedulerConfigSpec is configuration for kube-scheduler.
220
message SchedulerConfigSpec {
221
  bool enabled = 1;
222
  string image = 2;
223
  map<string, string> extra_args = 3;
224
  repeated ExtraVolume extra_volumes = 4;
225
  map<string, string> environment_variables = 5;
226
  Resources resources = 6;
227
  google.protobuf.Struct config = 7;
228
}
229

230
// SecretsStatusSpec describes status of rendered secrets.
231
message SecretsStatusSpec {
232
  bool ready = 1;
233
  string version = 2;
234
}
235

236
// SingleManifest is a single manifest.
237
message SingleManifest {
238
  google.protobuf.Struct object = 1;
239
}
240

241
// StaticPodServerStatusSpec describes static pod spec, it contains marshaled *v1.Pod spec.
242
message StaticPodServerStatusSpec {
243
  string url = 1;
244
}
245

246
// StaticPodSpec describes static pod spec, it contains marshaled *v1.Pod spec.
247
message StaticPodSpec {
248
  google.protobuf.Struct pod = 1;
249
}
250

251
// StaticPodStatusSpec describes kubelet static pod status.
252
message StaticPodStatusSpec {
253
  google.protobuf.Struct pod_status = 1;
254
}
255

256