apiVersion: cluster.x-k8s.io/v1alpha4 kind: Cluster metadata: labels: cni: flannel-windows name: ${CLUSTER_NAME} namespace: default spec: clusterNetwork: pods: cidrBlocks: - 10.244.0.0/16 controlPlaneRef: apiVersion: controlplane.cluster.x-k8s.io/v1alpha4 kind: KubeadmControlPlane name: ${CLUSTER_NAME}-control-plane infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureCluster name: ${CLUSTER_NAME} --- apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureCluster metadata: name: ${CLUSTER_NAME} namespace: default spec: location: ${AZURE_LOCATION} networkSpec: vnet: name: ${AZURE_VNET_NAME:=${CLUSTER_NAME}-vnet} resourceGroup: ${AZURE_RESOURCE_GROUP:=${CLUSTER_NAME}} subscriptionID: ${AZURE_SUBSCRIPTION_ID} --- apiVersion: controlplane.cluster.x-k8s.io/v1alpha4 kind: KubeadmControlPlane metadata: name: ${CLUSTER_NAME}-control-plane namespace: default spec: infrastructureTemplate: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate name: ${CLUSTER_NAME}-control-plane kubeadmConfigSpec: clusterConfiguration: apiServer: extraArgs: cloud-config: /etc/kubernetes/azure.json cloud-provider: azure extraVolumes: - hostPath: /etc/kubernetes/azure.json mountPath: /etc/kubernetes/azure.json name: cloud-config readOnly: true timeoutForControlPlane: 20m controllerManager: extraArgs: allocate-node-cidrs: "true" cloud-config: /etc/kubernetes/azure.json cloud-provider: azure cluster-name: ${CLUSTER_NAME} configure-cloud-routes: "false" extraVolumes: - hostPath: /etc/kubernetes/azure.json mountPath: /etc/kubernetes/azure.json name: cloud-config readOnly: true etcd: local: dataDir: /var/lib/etcddisk/etcd diskSetup: filesystems: - device: /dev/disk/azure/scsi1/lun0 extraOpts: - -E - lazy_itable_init=1,lazy_journal_init=1 filesystem: ext4 label: etcd_disk - device: ephemeral0.1 filesystem: ext4 label: ephemeral0 replaceFS: ntfs partitions: - device: /dev/disk/azure/scsi1/lun0 layout: true overwrite: false tableType: gpt files: - contentFrom: secret: key: control-plane-azure.json name: ${CLUSTER_NAME}-control-plane-azure-json owner: root:root path: /etc/kubernetes/azure.json permissions: "0644" initConfiguration: nodeRegistration: kubeletExtraArgs: cloud-config: /etc/kubernetes/azure.json cloud-provider: azure name: '{{ ds.meta_data["local_hostname"] }}' joinConfiguration: nodeRegistration: kubeletExtraArgs: cloud-config: /etc/kubernetes/azure.json cloud-provider: azure name: '{{ ds.meta_data["local_hostname"] }}' mounts: - - LABEL=etcd_disk - /var/lib/etcddisk replicas: ${CONTROL_PLANE_MACHINE_COUNT} version: ${KUBERNETES_VERSION} --- apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate metadata: name: ${CLUSTER_NAME}-control-plane namespace: default spec: template: spec: dataDisks: - diskSizeGB: 256 lun: 0 nameSuffix: etcddisk osDisk: diskSizeGB: 128 managedDisk: storageAccountType: Premium_LRS osType: Linux sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} vmSize: ${AZURE_CONTROL_PLANE_MACHINE_TYPE} --- apiVersion: cluster.x-k8s.io/v1alpha4 kind: MachineDeployment metadata: name: ${CLUSTER_NAME}-md-0 namespace: default spec: clusterName: ${CLUSTER_NAME} replicas: ${WORKER_MACHINE_COUNT} selector: matchLabels: null template: spec: bootstrap: configRef: apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 kind: KubeadmConfigTemplate name: ${CLUSTER_NAME}-md-0 clusterName: ${CLUSTER_NAME} infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate name: ${CLUSTER_NAME}-md-0 version: ${KUBERNETES_VERSION} --- apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate metadata: name: ${CLUSTER_NAME}-md-0 namespace: default spec: template: spec: osDisk: diskSizeGB: 128 managedDisk: storageAccountType: Premium_LRS osType: Linux sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} vmSize: ${AZURE_NODE_MACHINE_TYPE} --- apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 kind: KubeadmConfigTemplate metadata: name: ${CLUSTER_NAME}-md-0 namespace: default spec: template: spec: files: - contentFrom: secret: key: worker-node-azure.json name: ${CLUSTER_NAME}-md-0-azure-json owner: root:root path: /etc/kubernetes/azure.json permissions: "0644" joinConfiguration: nodeRegistration: kubeletExtraArgs: cloud-config: /etc/kubernetes/azure.json cloud-provider: azure name: '{{ ds.meta_data["local_hostname"] }}' useExperimentalRetryJoin: true --- apiVersion: cluster.x-k8s.io/v1alpha4 kind: MachineDeployment metadata: name: ${CLUSTER_NAME}-md-win namespace: default spec: clusterName: ${CLUSTER_NAME} replicas: ${WORKER_MACHINE_COUNT} selector: matchLabels: null template: spec: bootstrap: configRef: apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 kind: KubeadmConfigTemplate name: ${CLUSTER_NAME}-md-win clusterName: ${CLUSTER_NAME} infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate name: ${CLUSTER_NAME}-md-win version: ${KUBERNETES_VERSION} --- apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4 kind: AzureMachineTemplate metadata: name: ${CLUSTER_NAME}-md-win namespace: default spec: template: spec: osDisk: diskSizeGB: 128 managedDisk: storageAccountType: Premium_LRS osType: Windows sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} vmSize: ${AZURE_NODE_MACHINE_TYPE} --- apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4 kind: KubeadmConfigTemplate metadata: name: ${CLUSTER_NAME}-md-win namespace: default spec: template: spec: files: - contentFrom: secret: key: worker-node-azure.json name: ${CLUSTER_NAME}-md-win-azure-json owner: root:root path: c:/k/azure.json permissions: "0644" - content: | # required as a work around for Flannel and Wins bugs # https://github.com/coreos/flannel/issues/1359 # https://github.com/kubernetes-sigs/sig-windows-tools/issues/103#issuecomment-709426828 ipmo C:\k\debug\hns.psm1; New-HnsNetwork -Type Overlay -AddressPrefix "192.168.255.0/30" -Gateway "192.168.255.1" -Name "External" -AdapterName "Ethernet 2" -SubnetPolicies @(@{Type = "VSID"; VSID = 9999; }) path: C:/create-external-network.ps1 permissions: "0744" - content: | [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("${AZURE_SSH_PUBLIC_KEY_B64:=''}")) | Add-Content C:/ProgramData/ssh/administrators_authorized_keys icacls C:/ProgramData/ssh/administrators_authorized_keys /remove "NT AUTHORITY\Authenticated Users" icacls C:/ProgramData/ssh/administrators_authorized_keys /inheritance:r icacls C:/ProgramData/ssh/administrators_authorized_keys /grant SYSTEM:F icacls C:/ProgramData/ssh/administrators_authorized_keys /grant BUILTIN\Administrators:F restart-service sshd path: C:/configure-ssh.ps1 permissions: "0744" joinConfiguration: nodeRegistration: kubeletExtraArgs: cloud-config: c:/k/azure.json cloud-provider: azure pod-infra-container-image: mcr.microsoft.com/oss/kubernetes/pause:1.4.1 name: '{{ ds.meta_data["local_hostname"] }}' preKubeadmCommands: - powershell c:/create-external-network.ps1 - powershell c:/configure-ssh.ps1