From b1d72f22ec18dc745649fcc43d7bdcf94e789899 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 13:10:13 +0200 Subject: [PATCH 01/49] Added ADR for the provisioning functionality in KIM --- .../assets/keb-kim-target-arch.drawio.svg | 4 + .../assets/runtime-examples/aws-freemium.yaml | 66 ++++++ .../assets/runtime-examples/aws-minimal.yaml | 64 ++++++ .../assets/runtime-examples/aws-trial.yaml | 57 +++++ docs/adrs/assets/runtime-examples/aws.yaml | 92 ++++++++ .../runtime-examples/azure-fremium.yaml | 57 +++++ .../assets/runtime-examples/azure-lite.yaml | 71 ++++++ docs/adrs/assets/runtime-examples/azure.yaml | 91 ++++++++ docs/adrs/assets/runtime-examples/gcp.yaml | 91 ++++++++ .../runtime-examples/sap-converged-cloud.yaml | 87 +++++++ docs/adrs/provisioning.md | 214 ++++++++++++++++++ 11 files changed, 894 insertions(+) create mode 100644 docs/adrs/assets/keb-kim-target-arch.drawio.svg create mode 100644 docs/adrs/assets/runtime-examples/aws-freemium.yaml create mode 100644 docs/adrs/assets/runtime-examples/aws-minimal.yaml create mode 100644 docs/adrs/assets/runtime-examples/aws-trial.yaml create mode 100644 docs/adrs/assets/runtime-examples/aws.yaml create mode 100644 docs/adrs/assets/runtime-examples/azure-fremium.yaml create mode 100644 docs/adrs/assets/runtime-examples/azure-lite.yaml create mode 100644 docs/adrs/assets/runtime-examples/azure.yaml create mode 100644 docs/adrs/assets/runtime-examples/gcp.yaml create mode 100644 docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml create mode 100644 docs/adrs/provisioning.md diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg new file mode 100644 index 00000000..6f6a3887 --- /dev/null +++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Do not edit this file with editors other than draw.io --> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="<mxfile host="app.diagrams.net" modified="2024-04-24T09:57:06.901Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="idLHjtmgS96FVphwHZih" scale="1" border="0" version="24.2.8" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="1217" dy="581" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="720" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="GardenerCluster CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="GardenerClusterKubeconfig&amp;nbsp;CRD contains details for fetching kubeconfig. &lt;b&gt;Mind currently GardenerCluster is used for that&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="515" y="620" width="190" height="200" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="GardenerClusterKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="GardenerClusterCR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerCluster CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerCluster CRD...</text></switch></g></g><g><path d="M 505 470 L 695 470 L 695 640 Q 647.5 586 600 640 Q 552.5 694 505 640 L 505 500 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 540px; margin-left: 506px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CRD contains details for fetching kubeconfig. <b>Mind currently GardenerCluster is used for that </b></div></div></div></foreignObject><text x="600" y="544" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CRD c...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterCR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterCR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml new file mode 100644 index 00000000..c353b39c --- /dev/null +++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml @@ -0,0 +1,66 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # Set by KEB, required + name: shoot-name + # Set by KEB, required + purpose: trial + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + provider: + ## Provided by the KEB, required + type: aws + ## Provided by the KEB, required + region: eu-central-1 + # Provided by the KEB, required. + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + workers: + - machine: + # Set by KEB, required + type: m5.xlarge + # Optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # Provided by the KEB, required for the first release + # Finally can be moved into KIM, as it is hardcoded in KEB + volume: + type: gp2 + size: 50Gi + # Provided by the KEB, required + zones: + - eu-central-1a + # Optional, if not provided default will be used + name: cpu-worker-0 + # Provided by the KEB, required + minimum: 1 + # Provided by the KEB, required + maximum: 1 + # Provided by the KEB, required in the first release. + # It can be optional removed in the future, as it equals to zone count + maxSurge: 1 + # Provided by the KEB, required in the first release. + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # Provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml new file mode 100644 index 00000000..a148d4e1 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml @@ -0,0 +1,64 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 100.64.0.0/12 + nodes: 10.250.0.0/16 + services: 100.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: m6i.large + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking is provided by the KEB, required + egress: + enabled: false + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml new file mode 100644 index 00000000..16115add --- /dev/null +++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml @@ -0,0 +1,57 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: evaluation + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: mx5.large + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 1 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 1 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml new file mode 100644 index 00000000..39207214 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/aws.yaml @@ -0,0 +1,92 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + # Will be modified by the SRE + kubernetes: + # spec.shoot.kubernetes.version is optional, when not provided default will be used + version: "1.28.7" + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + additionalOidcConfig: + - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://some.others.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + usernamePrefix: 'someother' + ## spec.shoot.provider is provided by the KEB, required + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 100.64.0.0/12 + nodes: 10.250.0.0/16 + services: 100.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: m6i.large + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is provided by the KEB, required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: gp2 + size: 50Gi + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + ingress: + enabled: true + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml new file mode 100644 index 00000000..16115add --- /dev/null +++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml @@ -0,0 +1,57 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: evaluation + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: mx5.large + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 1 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 1 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml new file mode 100644 index 00000000..91f6c2f2 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml @@ -0,0 +1,71 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.provider is provided by the KEB, required + provider: + type: aws + region: eastus + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: Standard_D4s_v5 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is provided by the KEB, required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: Standard_LRS + size: 50Gi + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eastus1 + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 2 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 10 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml new file mode 100644 index 00000000..67883bd8 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/azure.yaml @@ -0,0 +1,91 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + # spec.shoot.kubernetes.version is optional, when not provided default will be used + version: "1.28.7" + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + additionalOidcConfig: + - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://some.others.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + usernamePrefix: 'someother' + ## spec.shoot.provider is provided by the KEB, required + provider: + type: aws + region: eastus + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: Standard_D2s_v5 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is provided by the KEB, required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: Standard_LRS + size: 50Gi + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eastus1 + - eastus2 + - eastus3 + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + ingress: + enabled: true + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml new file mode 100644 index 00000000..c1c6c3d8 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/gcp.yaml @@ -0,0 +1,91 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + # spec.shoot.kubernetes.version is optional, when not provided default will be used + version: "1.28.7" + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + additionalOidcConfig: + - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://some.others.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + usernamePrefix: 'someother' + ## spec.shoot.provider is provided by the KEB, required + provider: + type: aws + region: europe-west3 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: n2-standard-2 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is provided by the KEB, required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: pd-standard + size: 50Gi + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - europe-west3a + - europe-west3b + - europe-west3c + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + ingress: + enabled: true + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com \ No newline at end of file diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml new file mode 100644 index 00000000..d8a37668 --- /dev/null +++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml @@ -0,0 +1,87 @@ +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + # spec.shoot.kubernetes.version is optional, when not provided default will be used + version: "1.28.7" + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + additionalOidcConfig: + - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://some.others.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + usernamePrefix: 'someother' + ## spec.shoot.provider is provided by the KEB, required + provider: + type: openstack + region: eu-de-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 10.96.0.0/13 + nodes: 10.250.0.0/22 + services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: g_c2_m8 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # Note: KEB doesn't specify the volume, Gardener defaults used + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-de-1a + - eu-de-1b + - eu-de-1d + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + ingress: + enabled: true + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md new file mode 100644 index 00000000..eae5230c --- /dev/null +++ b/docs/adrs/provisioning.md @@ -0,0 +1,214 @@ +# Introduction +This document defines architecture, and API for provisioning functionality. + +# Target architecture + +The following picture shows the proposed architecture: +![](./assets/keb-kim-target-arch.drawio.svg) + +The following assumptions were taken: +- KEB is responsible for: + - Creating `Runtime` CR containing the following data: + - provider config (type, region, and secret with credentials for hyperscaler) + - worker pool specification + - cluster networking settings (nodes, pods, and services API ranges) + - OIDC settings + - cluster administrators list + - Egress network filter settings + - Control Plane failure tolerance + - Observing status of the CR to determine whether provisioning succeeded +- Kyma Infrastructure Manager is responsible for: + - creating shoots based on: + - corresponding `Runtime` CR properties + - predefined defaults for the optional properties: + - Kubernetes version + - Machine image version + - predefined configuration for the following extensions: + - DNS + - Certificates + - upgrading, and deleting shoots for corresponding `Runtime` CRs + - applying audit log configuration on the shoot resource + - generating kubeconfig + +# API proposal + +## CR examples + +The example below shows the CR that should be created by the KEB to provision AWS production cluster: +```ayaml +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + kubernetes: + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 100.64.0.0/12 + nodes: 10.250.0.0/16 + services: 100.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: m6i.large + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com +``` + +There are some additional optional fields (please see [this example](assets/runtime-examples/aws.yaml) that could be specified: +- `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration +- `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration +- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured +- `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used +- `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used + +Please, see the following examples to understand what CRs need to be created for particular KEB plans: +- [AWS trial plan](assets/runtime-examples/aws-trial.yaml)) +- [Azure](assets/runtime-examples/azure.yaml) +- [Azure lite](assets/runtime-examples/azure-lite.yaml) +- [GCP](assets/runtime-examples/gcp.yaml) +- [SAP Converge Cloud](assets/runtime-examples/sap-converged-cloud.yaml) + +## API structures +```go +package v2 + +import ( + gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type Runtime struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec RuntimeSpec `json:"spec"` + Status RuntimeStatus `json:"status,omitempty"` +} + +type RuntimeSpec struct { + Shoot Shoot `json:"spec"` + Security Security `json:"security"` +} + +type Shoot struct { + Name string `json:"name"` + Purpose string `json:"purpose"` + Kubernetes Kubernetes `json:"kubernetes"` + Provider Provider `json:"provider"` + Networking Networking `json:"networking"` + Workers *[]gardener.Worker `json:"workers,omitempty"` +} + +type Provider struct { + Type string `json:"type"` + Region string `json:"region"` + SecretBindingName string `json:"secretBindingName"` +} + +type Networking struct { + Pods *string `json:"pods,omitempty"` + Nodes *string `json:"nodes,omitempty"` + Services *string `json:"services,omitempty"` +} + +type Kubernetes struct { + Version string `json:"version"` + KubeAPIServer *APIServer `json:"kubeAPIServer,omitempty"` +} + +type APIServer struct { + oidcConfig gardener.OIDCConfig `json:"oidcConfig"` + additionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""` +} + +type Security struct { + Administrators []string `json:"administrators"` + Networking NetworkingSecurity `json:"networking""` +} + +type NetworkingSecurity struct { + Filter Filter `json:"filter"` +} + +type Filter struct { + Ingress Ingress `json:"ingress"` + Egress Egress `json:"egress"` +} + +type Ingress struct { + Enabled bool `json:"enabled"` +} + +type Egress struct { + Enabled bool `json:"enabled"` +} + +type State string + +// +kubebuilder:object:root=true +// RuntimeStatus defines the observed state of Runtime +type RuntimeStatus struct { + // State signifies current state of Runtime. + // Value can be one of ("Ready", "Processing", "Error", "Deleting"). + State State `json:"state,omitempty"` + + // List of status conditions to indicate the status of a ServiceInstance. + // +optional + // +listType=map + // +listMapKey=type + Conditions []metav1.Condition `json:"conditions,omitempty"` +} +``` From d1e330e90982462984013d07198402872345cbc9 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 13:43:10 +0200 Subject: [PATCH 02/49] Diagram updated --- docs/adrs/assets/keb-kim-target-arch.drawio.svg | 2 +- docs/adrs/provisioning.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg index 6f6a3887..2dfd2206 100644 --- a/docs/adrs/assets/keb-kim-target-arch.drawio.svg +++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- Do not edit this file with editors other than draw.io --> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> -<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="<mxfile host="app.diagrams.net" modified="2024-04-24T09:57:06.901Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="idLHjtmgS96FVphwHZih" scale="1" border="0" version="24.2.8" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="1217" dy="581" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="720" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="GardenerCluster CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="GardenerClusterKubeconfig&amp;nbsp;CRD contains details for fetching kubeconfig. &lt;b&gt;Mind currently GardenerCluster is used for that&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="515" y="620" width="190" height="200" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="GardenerClusterKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="GardenerClusterCR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerCluster CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerCluster CRD...</text></switch></g></g><g><path d="M 505 470 L 695 470 L 695 640 Q 647.5 586 600 640 Q 552.5 694 505 640 L 505 500 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 540px; margin-left: 506px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CRD contains details for fetching kubeconfig. <b>Mind currently GardenerCluster is used for that </b></div></div></div></foreignObject><text x="600" y="544" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CRD c...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterCR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterCR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="<mxfile host="app.diagrams.net" modified="2024-05-08T11:28:51.402Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="0IuS16Wp7--JE4fZthXc" scale="1" border="0" version="24.3.1" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="577" dy="1271" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="720" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="Runtime CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="RuntimeKubeconfig&amp;nbsp;CRD contains data needed to fetch kubeconfig. &lt;b&gt;&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="490" y="610" width="190" height="100" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="RuntimeKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="Runtime CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md index eae5230c..0a47c87f 100644 --- a/docs/adrs/provisioning.md +++ b/docs/adrs/provisioning.md @@ -6,6 +6,8 @@ This document defines architecture, and API for provisioning functionality. The following picture shows the proposed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) +> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager include renaming the CR to maintain consistency. + The following assumptions were taken: - KEB is responsible for: - Creating `Runtime` CR containing the following data: From 32e7b22b9f7afcaf1f83574bfa76c5c6c853e9c5 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 13:44:11 +0200 Subject: [PATCH 03/49] Update provisioning.md --- docs/adrs/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md index 0a47c87f..fbbb7b73 100644 --- a/docs/adrs/provisioning.md +++ b/docs/adrs/provisioning.md @@ -6,7 +6,7 @@ This document defines architecture, and API for provisioning functionality. The following picture shows the proposed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) -> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager include renaming the CR to maintain consistency. +> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency. The following assumptions were taken: - KEB is responsible for: From 6db8a66fee841be2acc4296826e6a19e77328499 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 14:02:09 +0200 Subject: [PATCH 04/49] Added labels to the examples --- docs/adrs/assets/runtime-examples/aws-freemium.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/aws-minimal.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/aws-trial.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/aws.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/azure-fremium.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/azure-lite.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/azure.yaml | 10 ++++++++++ docs/adrs/assets/runtime-examples/gcp.yaml | 10 ++++++++++ .../assets/runtime-examples/sap-converged-cloud.yaml | 10 ++++++++++ docs/adrs/provisioning.md | 6 +++--- 10 files changed, 93 insertions(+), 3 deletions(-) diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml index c353b39c..1604a388 100644 --- a/docs/adrs/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml index a148d4e1..5ff78c5a 100644 --- a/docs/adrs/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml index 16115add..ca7c2d11 100644 --- a/docs/adrs/assets/runtime-examples/aws-trial.yaml +++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml index 39207214..b3582a0b 100644 --- a/docs/adrs/assets/runtime-examples/aws.yaml +++ b/docs/adrs/assets/runtime-examples/aws.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml index 16115add..ca7c2d11 100644 --- a/docs/adrs/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml index 91f6c2f2..b03679a3 100644 --- a/docs/adrs/assets/runtime-examples/azure-lite.yaml +++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml index 67883bd8..7ca7e435 100644 --- a/docs/adrs/assets/runtime-examples/azure.yaml +++ b/docs/adrs/assets/runtime-examples/azure.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml index c1c6c3d8..b29c5080 100644 --- a/docs/adrs/assets/runtime-examples/gcp.yaml +++ b/docs/adrs/assets/runtime-examples/gcp.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml index d8a37668..e02daf6d 100644 --- a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml @@ -1,6 +1,16 @@ apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md index fbbb7b73..e6848d82 100644 --- a/docs/adrs/provisioning.md +++ b/docs/adrs/provisioning.md @@ -37,12 +37,10 @@ The following assumptions were taken: ## CR examples The example below shows the CR that should be created by the KEB to provision AWS production cluster: -```ayaml +```yaml apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: - name: runtime-id - namespace: kcp-system labels: kyma-project.io/instance-id: instance-id kyma-project.io/runtime-id: runtime-id @@ -53,6 +51,8 @@ metadata: kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName + name: runtime-id + namespace: kcp-system spec: shoot: # spec.shoot.name is set by the KEB, required From e9ac6882a5ffdb3b117701c839dbe9c56cc2ca0d Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 14:17:32 +0200 Subject: [PATCH 05/49] Added example with additional oidc provider, and ingress filtering --- docs/adrs/provisioning.md | 133 ++++++++++++++++++++++++++++++++++---- 1 file changed, 121 insertions(+), 12 deletions(-) diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md index e6848d82..1564dee1 100644 --- a/docs/adrs/provisioning.md +++ b/docs/adrs/provisioning.md @@ -36,21 +36,26 @@ The following assumptions were taken: ## CR examples +Please mind that the `Runtime` CR should contain the following labels: +```yaml + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + operator.kyma-project.io/kyma-name: kymaName +``` + +The labels are skipped in the following examples due to clarity. + The example below shows the CR that should be created by the KEB to provision AWS production cluster: ```yaml apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: - labels: - kyma-project.io/instance-id: instance-id - kyma-project.io/runtime-id: runtime-id - kyma-project.io/broker-plan-id: plan-id - kyma-project.io/broker-plan-name: plan-name - kyma-project.io/global-account-id: global-account-id - kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name - kyma-project.io/region: region - operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -104,26 +109,130 @@ spec: # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: + networking: + filter: + # spec.security.networking is provided by the KEB, required + egress: + enabled: false # spec.security.administrators is provided by the KEB, required administrators: - admin@myorg.com ``` -There are some additional optional fields (please see [this example](assets/runtime-examples/aws.yaml) that could be specified: +There are some additional optional fields that could be specified: - `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration - `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured - `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used - `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used +The following example shows what `Runtime` CR should be created to provision a cluster with additional OIDC provider, and ingress network filtering enabled: +```yaml +apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 +kind: Runtime +metadata: + name: runtime-id + namespace: kcp-system +spec: + shoot: + # spec.shoot.name is set by the KEB, required + name: shoot-name + # spec.shoot.purpose is set by the KEB, required + purpose: production + # Will be modified by the SRE + kubernetes: + # spec.shoot.kubernetes.version is optional, when not provided default will be used + version: "1.28.7" + kubeAPIServer: + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + oidcConfig: + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://my.cool.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + additionalOidcConfig: + - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + groupsClaim: groups + issuerURL: https://some.others.tokens.com + signingAlgs: + - RS256 + usernameClaim: sub + usernamePrefix: 'someother' + ## spec.shoot.provider is provided by the KEB, required + provider: + type: aws + region: eu-central-1 + # We must consider whether it makes sense to move HAP into KIM + secretBindingName: "hypersaler secret" + # spec.shoot.Networking is Provided by the KEB, required + networking: + pods: 100.64.0.0/12 + nodes: 10.250.0.0/16 + services: 100.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node + workers: + - machine: + # spec.shoot.workers.machine.type provided by the KEB, required + type: m6i.large + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is provided by the KEB, required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: gp2 + size: 50Gi + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is provided by the KEB, required + minimum: 3 + # spec.shoot.workers.maximum is provided by the KEB, required + maximum: 20 + # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 + security: + networking: + filter: + # spec.security.networking.filter.egress.enabled is provided by the KEB, required + egress: + enabled: false + # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + ingress: + enabled: true + # spec.security.administrators is provided by the KEB, required + administrators: + - admin@myorg.com +``` + +The following example + Please, see the following examples to understand what CRs need to be created for particular KEB plans: -- [AWS trial plan](assets/runtime-examples/aws-trial.yaml)) +- [AWS trial plan](assets/runtime-examples/aws-trial.yaml) - [Azure](assets/runtime-examples/azure.yaml) - [Azure lite](assets/runtime-examples/azure-lite.yaml) - [GCP](assets/runtime-examples/gcp.yaml) - [SAP Converge Cloud](assets/runtime-examples/sap-converged-cloud.yaml) ## API structures + ```go package v2 From 8ae664e4a4a6a7264baeae39165f71f78d14f84d Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 14:19:30 +0200 Subject: [PATCH 06/49] Minor updates --- docs/adrs/provisioning.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md index 1564dee1..b5c123c1 100644 --- a/docs/adrs/provisioning.md +++ b/docs/adrs/provisioning.md @@ -221,8 +221,7 @@ spec: administrators: - admin@myorg.com ``` - -The following example +> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in teh first release. Please, see the following examples to understand what CRs need to be created for particular KEB plans: - [AWS trial plan](assets/runtime-examples/aws-trial.yaml) From 1e975a7ac0dd88176a1c2d08e03b4aeeb667c133 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 14:21:56 +0200 Subject: [PATCH 07/49] Minor diagram update --- docs/adrs/assets/keb-kim-target-arch.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg index 2dfd2206..439cb4ba 100644 --- a/docs/adrs/assets/keb-kim-target-arch.drawio.svg +++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- Do not edit this file with editors other than draw.io --> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> -<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="<mxfile host="app.diagrams.net" modified="2024-05-08T11:28:51.402Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="0IuS16Wp7--JE4fZthXc" scale="1" border="0" version="24.3.1" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="577" dy="1271" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="720" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="Runtime CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="RuntimeKubeconfig&amp;nbsp;CRD contains data needed to fetch kubeconfig. &lt;b&gt;&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="490" y="610" width="190" height="100" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="RuntimeKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="Runtime CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="591px" viewBox="-0.5 -0.5 822 591" content="<mxfile host="app.diagrams.net" modified="2024-05-08T12:21:32.566Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="9fDpxlZcrvNXN_X_p45L" scale="1" border="0" version="24.3.1" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="577" dy="1271" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="580" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="Runtime CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="RuntimeKubeconfig&amp;nbsp;CRD contains data needed to fetch kubeconfig. &lt;b&gt;&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="490" y="610" width="190" height="100" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="RuntimeKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="Runtime CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> <mxCell id="mGOWFElGAteea3bxPiqX-24" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" edge="1" parent="1" source="6NZ_8cFfOJs-itlOXwdO-31" target="6NZ_8cFfOJs-itlOXwdO-31"> <mxGeometry relative="1" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file From 3ec8899f8e43eb854a9254f9c0ce0aa3dbfdcccb Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:14:25 +0200 Subject: [PATCH 08/49] Examples updated --- docs/adrs/assets/runtime-examples/aws-freemium.yaml | 11 ++++++++++- docs/adrs/assets/runtime-examples/aws-minimal.yaml | 2 +- docs/adrs/assets/runtime-examples/aws-trial.yaml | 5 +++++ docs/adrs/assets/runtime-examples/aws.yaml | 5 ++--- docs/adrs/assets/runtime-examples/azure-fremium.yaml | 5 +++++ docs/adrs/assets/runtime-examples/azure-lite.yaml | 4 ++++ docs/adrs/assets/runtime-examples/azure.yaml | 4 ++-- docs/adrs/assets/runtime-examples/gcp.yaml | 2 +- .../assets/runtime-examples/sap-converged-cloud.yaml | 4 ++-- 9 files changed, 32 insertions(+), 10 deletions(-) diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml index 1604a388..1ad50aa0 100644 --- a/docs/adrs/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml @@ -18,7 +18,7 @@ spec: # Set by KEB, required name: shoot-name # Set by KEB, required - purpose: trial + purpose: evaluation kubernetes: kubeAPIServer: ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required @@ -37,6 +37,15 @@ spec: # Provided by the KEB, required. # We must consider whether it makes sense to move HAP into KIM secretBindingName: "hypersaler secret" + networking: + pods: 100.64.0.0/12 + nodes: 10.250.0.0/16 + services: 100.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, required + controlPlane: + highAvailability: + failureTolerance: + type: zone workers: - machine: # Set by KEB, required diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml index 5ff78c5a..90d1f71b 100644 --- a/docs/adrs/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml @@ -39,7 +39,7 @@ spec: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml index ca7c2d11..1b28520a 100644 --- a/docs/adrs/assets/runtime-examples/aws-trial.yaml +++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml @@ -39,6 +39,11 @@ spec: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, required + controlPlane: + highAvailability: + failureTolerance: + type: zone workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml index b3582a0b..a3f1b6dd 100644 --- a/docs/adrs/assets/runtime-examples/aws.yaml +++ b/docs/adrs/assets/runtime-examples/aws.yaml @@ -45,18 +45,17 @@ spec: provider: type: aws region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM secretBindingName: "hypersaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: - type: node + type: zone workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml index ca7c2d11..0a953844 100644 --- a/docs/adrs/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml @@ -39,6 +39,11 @@ spec: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 + # spec.shoot.controlPlane is provided by the KEB, required + controlPlane: + highAvailability: + failureTolerance: + type: node workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml index b03679a3..c9ffe6d3 100644 --- a/docs/adrs/assets/runtime-examples/azure-lite.yaml +++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml @@ -41,6 +41,10 @@ spec: nodes: 10.250.0.0/22 services: 10.104.0.0/13 # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + controlPlane: + highAvailability: + failureTolerance: + type: node workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml index 7ca7e435..d5c7d92c 100644 --- a/docs/adrs/assets/runtime-examples/azure.yaml +++ b/docs/adrs/assets/runtime-examples/azure.yaml @@ -51,11 +51,11 @@ spec: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: - type: node + type: zone workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml index b29c5080..103cc665 100644 --- a/docs/adrs/assets/runtime-examples/gcp.yaml +++ b/docs/adrs/assets/runtime-examples/gcp.yaml @@ -55,7 +55,7 @@ spec: controlPlane: highAvailability: failureTolerance: - type: node + type: zone workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml index e02daf6d..9716fe2c 100644 --- a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml @@ -51,11 +51,11 @@ spec: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: - type: node + type: zone workers: - machine: # spec.shoot.workers.machine.type provided by the KEB, required From a317f5edb05a9a6afaede4f35e7ef939e9182880 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:15:55 +0200 Subject: [PATCH 09/49] Folder name changed --- docs/{adrs => adr}/assets/keb-kim-target-arch.drawio.svg | 0 docs/{adrs => adr}/assets/runtime-examples/aws-freemium.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/aws-minimal.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/aws-trial.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/aws.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/azure-fremium.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/azure-lite.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/azure.yaml | 0 docs/{adrs => adr}/assets/runtime-examples/gcp.yaml | 0 .../assets/runtime-examples/sap-converged-cloud.yaml | 0 docs/{adrs => adr}/provisioning.md | 0 11 files changed, 0 insertions(+), 0 deletions(-) rename docs/{adrs => adr}/assets/keb-kim-target-arch.drawio.svg (100%) rename docs/{adrs => adr}/assets/runtime-examples/aws-freemium.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/aws-minimal.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/aws-trial.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/aws.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/azure-fremium.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/azure-lite.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/azure.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/gcp.yaml (100%) rename docs/{adrs => adr}/assets/runtime-examples/sap-converged-cloud.yaml (100%) rename docs/{adrs => adr}/provisioning.md (100%) diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adr/assets/keb-kim-target-arch.drawio.svg similarity index 100% rename from docs/adrs/assets/keb-kim-target-arch.drawio.svg rename to docs/adr/assets/keb-kim-target-arch.drawio.svg diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/aws-freemium.yaml rename to docs/adr/assets/runtime-examples/aws-freemium.yaml diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/aws-minimal.yaml rename to docs/adr/assets/runtime-examples/aws-minimal.yaml diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/aws-trial.yaml rename to docs/adr/assets/runtime-examples/aws-trial.yaml diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/aws.yaml rename to docs/adr/assets/runtime-examples/aws.yaml diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/azure-fremium.yaml rename to docs/adr/assets/runtime-examples/azure-fremium.yaml diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/azure-lite.yaml rename to docs/adr/assets/runtime-examples/azure-lite.yaml diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/azure.yaml rename to docs/adr/assets/runtime-examples/azure.yaml diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/gcp.yaml rename to docs/adr/assets/runtime-examples/gcp.yaml diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml similarity index 100% rename from docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml rename to docs/adr/assets/runtime-examples/sap-converged-cloud.yaml diff --git a/docs/adrs/provisioning.md b/docs/adr/provisioning.md similarity index 100% rename from docs/adrs/provisioning.md rename to docs/adr/provisioning.md From 68b441c9c0142c2a578124067c174a6e5fabefc5 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:26:24 +0200 Subject: [PATCH 10/49] Minor fixes --- docs/adr/provisioning.md | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index b5c123c1..a53e12fd 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -1,36 +1,36 @@ # Introduction -This document defines architecture, and API for provisioning functionality. +This document defines architecture, and API for the provisioning functionality. # Target architecture -The following picture shows the proposed architecture: +The following picture shows the agreed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency. The following assumptions were taken: -- KEB is responsible for: +- KEB has the following responsibilities: - Creating `Runtime` CR containing the following data: - - provider config (type, region, and secret with credentials for hyperscaler) - - worker pool specification - - cluster networking settings (nodes, pods, and services API ranges) + - Provider config (type, region, and secret with credentials for hyperscaler) + - Worker pool specification + - Cluster networking settings (nodes, pods, and services API ranges) - OIDC settings - - cluster administrators list + - Cluster administrators list - Egress network filter settings - Control Plane failure tolerance - - Observing status of the CR to determine whether provisioning succeeded -- Kyma Infrastructure Manager is responsible for: - - creating shoots based on: - - corresponding `Runtime` CR properties - - predefined defaults for the optional properties: + - observing status of the CR to determine whether provisioning succeeded +- Kyma Infrastructure Manager has the following responsibilities: + - Creating shoots based on: + - Corresponding `Runtime` CR properties + - Predefined defaults for the optional properties: - Kubernetes version - Machine image version - - predefined configuration for the following extensions: + - Predefined configuration for the following extensions: - DNS - Certificates - - upgrading, and deleting shoots for corresponding `Runtime` CRs - - applying audit log configuration on the shoot resource - - generating kubeconfig + - Upgrading, and deleting shoots for corresponding `Runtime` CRs + - Applying audit log configuration on the shoot resource + - Generating kubeconfig # API proposal @@ -119,9 +119,9 @@ spec: - admin@myorg.com ``` -There are some additional optional fields that could be specified: -- `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration -- `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration +There are some additional optional fields that could be specified: +- `spec.shoot.kubernetes.version` ; if not provided default value will be read by the KIM from configuration +- `spec.shoot.workers.machine.image` ; if not provided default value will be read by the KIM from configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured - `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used - `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used From 033249b042969824482511224ee6c1938c28c061 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:28:34 +0200 Subject: [PATCH 11/49] Minor fix --- docs/adr/assets/runtime-examples/aws-freemium.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 1ad50aa0..ef024091 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -15,9 +15,9 @@ metadata: namespace: kcp-system spec: shoot: - # Set by KEB, required + # Set by the KEB, required name: shoot-name - # Set by KEB, required + # Set by the KEB, required purpose: evaluation kubernetes: kubeAPIServer: @@ -48,7 +48,7 @@ spec: type: zone workers: - machine: - # Set by KEB, required + # Set by the KEB, required type: m5.xlarge # Optional, when not provider default will be used # Will be modified by the SRE From 754b5d45a4a0fa289043034ce39ddd6f0ca328d5 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:32:57 +0200 Subject: [PATCH 12/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index a53e12fd..424282e9 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -17,7 +17,7 @@ The following assumptions were taken: - OIDC settings - Cluster administrators list - Egress network filter settings - - Control Plane failure tolerance + - Control Plane failure tolerance config - observing status of the CR to determine whether provisioning succeeded - Kyma Infrastructure Manager has the following responsibilities: - Creating shoots based on: From d56059a8cf282127ca3c3e5aaf1289ce9cca0780 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:33:21 +0200 Subject: [PATCH 13/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 424282e9..7e27f70e 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -18,7 +18,7 @@ The following assumptions were taken: - Cluster administrators list - Egress network filter settings - Control Plane failure tolerance config - - observing status of the CR to determine whether provisioning succeeded + - Observing status of the CR to determine whether provisioning succeeded - Kyma Infrastructure Manager has the following responsibilities: - Creating shoots based on: - Corresponding `Runtime` CR properties From 93ca88777706ffc3d77d2efc0104f13cd032590b Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:39:19 +0200 Subject: [PATCH 14/49] Minor fix --- docs/adr/assets/runtime-examples/aws-freemium.yaml | 2 +- docs/adr/assets/runtime-examples/aws-minimal.yaml | 2 +- docs/adr/assets/runtime-examples/aws-trial.yaml | 2 +- docs/adr/assets/runtime-examples/aws.yaml | 2 +- docs/adr/assets/runtime-examples/azure-fremium.yaml | 2 +- docs/adr/assets/runtime-examples/azure-lite.yaml | 2 +- docs/adr/assets/runtime-examples/azure.yaml | 2 +- docs/adr/assets/runtime-examples/gcp.yaml | 2 +- docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 2 +- docs/adr/provisioning.md | 4 ++-- 10 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index ef024091..874a0203 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -36,7 +36,7 @@ spec: region: eu-central-1 # Provided by the KEB, required. # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index 90d1f71b..7b6a76fb 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -33,7 +33,7 @@ spec: type: aws region: eu-central-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index 1b28520a..f5397bba 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -33,7 +33,7 @@ spec: type: aws region: eu-central-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index a3f1b6dd..5f06a280 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -45,7 +45,7 @@ spec: provider: type: aws region: eu-central-1 - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index 0a953844..ef8d8867 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -33,7 +33,7 @@ spec: type: aws region: eu-central-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index c9ffe6d3..64886014 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -34,7 +34,7 @@ spec: type: aws region: eastus # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index d5c7d92c..b910b7fe 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -45,7 +45,7 @@ spec: type: aws region: eastus # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 103cc665..04a5d329 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -45,7 +45,7 @@ spec: type: aws region: europe-west3 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 9716fe2c..51915f39 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -45,7 +45,7 @@ spec: type: openstack region: eu-de-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 7e27f70e..72c8cbfc 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -78,7 +78,7 @@ spec: type: aws region: eu-central-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 100.64.0.0/12 @@ -166,7 +166,7 @@ spec: type: aws region: eu-central-1 # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hypersaler secret" + secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: pods: 100.64.0.0/12 From 7b689567e8a9e7da757d41e0048bcdb424a01875 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:42:25 +0200 Subject: [PATCH 15/49] Update provisioning.md --- docs/adr/provisioning.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 72c8cbfc..cb5b3dbe 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -44,7 +44,6 @@ Please mind that the `Runtime` CR should contain the following labels: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName ``` From adf002904fdbae2717cdc7e5bcc5c69baa88a8ed Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:44:29 +0200 Subject: [PATCH 16/49] shoot-name label removed --- docs/adr/assets/runtime-examples/aws-freemium.yaml | 1 - docs/adr/assets/runtime-examples/aws-minimal.yaml | 1 - docs/adr/assets/runtime-examples/aws-trial.yaml | 1 - docs/adr/assets/runtime-examples/aws.yaml | 1 - docs/adr/assets/runtime-examples/azure-fremium.yaml | 1 - docs/adr/assets/runtime-examples/azure-lite.yaml | 1 - docs/adr/assets/runtime-examples/azure.yaml | 1 - docs/adr/assets/runtime-examples/gcp.yaml | 1 - docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 1 - 9 files changed, 9 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 874a0203..a5b90c0f 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index 7b6a76fb..ff7e626f 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index f5397bba..a222bfb9 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 5f06a280..8124ef2e 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index ef8d8867..a80145c6 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 64886014..12344999 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index b910b7fe..a79cf8a9 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 04a5d329..32bd9896 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 51915f39..ad387d1c 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -8,7 +8,6 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id From c47deaca7e3d808981e187886f987bbd6548496f Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:47:39 +0200 Subject: [PATCH 17/49] Revert "shoot-name label removed" This reverts commit adf002904fdbae2717cdc7e5bcc5c69baa88a8ed. --- docs/adr/assets/runtime-examples/aws-freemium.yaml | 1 + docs/adr/assets/runtime-examples/aws-minimal.yaml | 1 + docs/adr/assets/runtime-examples/aws-trial.yaml | 1 + docs/adr/assets/runtime-examples/aws.yaml | 1 + docs/adr/assets/runtime-examples/azure-fremium.yaml | 1 + docs/adr/assets/runtime-examples/azure-lite.yaml | 1 + docs/adr/assets/runtime-examples/azure.yaml | 1 + docs/adr/assets/runtime-examples/gcp.yaml | 1 + docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 1 + 9 files changed, 9 insertions(+) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index a5b90c0f..874a0203 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index ff7e626f..7b6a76fb 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index a222bfb9..f5397bba 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 8124ef2e..5f06a280 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index a80145c6..ef8d8867 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 12344999..64886014 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index a79cf8a9..b910b7fe 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 32bd9896..04a5d329 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index ad387d1c..51915f39 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -8,6 +8,7 @@ metadata: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName name: runtime-id From 20029d584ad6728ebc0b716cf661cb167fe800ce Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:48:34 +0200 Subject: [PATCH 18/49] last changes reverted --- docs/adr/provisioning.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index cb5b3dbe..72c8cbfc 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -44,6 +44,7 @@ Please mind that the `Runtime` CR should contain the following labels: kyma-project.io/broker-plan-name: plan-name kyma-project.io/global-account-id: global-account-id kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region operator.kyma-project.io/kyma-name: kymaName ``` From e63d3645ea90cd275c2e211c4e85f3047c1901d2 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:49:59 +0200 Subject: [PATCH 19/49] Update provisioning.md --- docs/adr/provisioning.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 72c8cbfc..6879dcdd 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -74,6 +74,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub + # spec.shoot.provider is provided by the KEB, required provider: type: aws region: eu-central-1 @@ -161,7 +162,7 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is provided by the KEB, required + # spec.shoot.provider is provided by the KEB, required provider: type: aws region: eu-central-1 From 512508096ed5d5da957ca36b3e096fc5a672aedb Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:50:50 +0200 Subject: [PATCH 20/49] Update provisioning.md --- docs/adr/provisioning.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 6879dcdd..fc873f96 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -78,7 +78,6 @@ spec: provider: type: aws region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: @@ -166,7 +165,6 @@ spec: provider: type: aws region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM secretBindingName: "hyperscaler secret" # spec.shoot.Networking is Provided by the KEB, required networking: From 01c53d71db72c0a4eb9cd9272bedd6ccb5b9aa2f Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:51:39 +0200 Subject: [PATCH 21/49] Update provisioning.md --- docs/adr/provisioning.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index fc873f96..a8f1d754 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -84,7 +84,7 @@ spec: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: @@ -171,7 +171,7 @@ spec: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is provided by the KEB, required controlPlane: highAvailability: failureTolerance: From eca112aee1082dde648341600b155b07387cc1aa Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:52:53 +0200 Subject: [PATCH 22/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index a8f1d754..ee93c700 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -111,7 +111,7 @@ spec: security: networking: filter: - # spec.security.networking is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is provided by the KEB, required egress: enabled: false # spec.security.administrators is provided by the KEB, required From ff8a2f04a1c3d85a3adac91cd07f2ab494080b4a Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 15:53:31 +0200 Subject: [PATCH 23/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index ee93c700..e99a7426 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -220,7 +220,7 @@ spec: administrators: - admin@myorg.com ``` -> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in teh first release. +> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in the first release. Please, see the following examples to understand what CRs need to be created for particular KEB plans: - [AWS trial plan](assets/runtime-examples/aws-trial.yaml) From c7468f0e39eddaeb3b7592882b66d498d0de4d7e Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 16:03:11 +0200 Subject: [PATCH 24/49] README in adr folder added --- docs/adr/README.md | 2 ++ docs/adr/provisioning.md | 16 ++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) create mode 100644 docs/adr/README.md diff --git a/docs/adr/README.md b/docs/adr/README.md new file mode 100644 index 00000000..00b25f5f --- /dev/null +++ b/docs/adr/README.md @@ -0,0 +1,2 @@ +This folder contains architecture decision records. + diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index e99a7426..bbf5a5eb 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -232,7 +232,7 @@ Please, see the following examples to understand what CRs need to be created for ## API structures ```go -package v2 +package v1 import ( gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1" @@ -268,14 +268,14 @@ type Provider struct { } type Networking struct { - Pods *string `json:"pods,omitempty"` - Nodes *string `json:"nodes,omitempty"` - Services *string `json:"services,omitempty"` + Pods string `json:"pods,omitempty"` + Nodes string `json:"nodes,omitempty"` + Services string `json:"services,omitempty"` } type Kubernetes struct { - Version string `json:"version"` - KubeAPIServer *APIServer `json:"kubeAPIServer,omitempty"` + Version string `json:"version"` + KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"` } type APIServer struct { @@ -293,8 +293,8 @@ type NetworkingSecurity struct { } type Filter struct { - Ingress Ingress `json:"ingress"` - Egress Egress `json:"egress"` + Ingress *Ingress `json:"ingress"` + Egress Egress `json:"egress"` } type Ingress struct { From 3d91dcb23824c819912697ad1ae26a5be76c50c2 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 16:04:52 +0200 Subject: [PATCH 25/49] README in adr folder added --- docs/adr/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/adr/README.md b/docs/adr/README.md index 00b25f5f..8e4669d2 100644 --- a/docs/adr/README.md +++ b/docs/adr/README.md @@ -1,2 +1,8 @@ +# Overview + This folder contains architecture decision records. +# Documents + +- [Provisioning functionality](./provisioning.md) + From fa9269b131f549e00d61c1cda7bea7a9fb1509c0 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 16:05:32 +0200 Subject: [PATCH 26/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index bbf5a5eb..09a18926 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -1,5 +1,5 @@ # Introduction -This document defines architecture, and API for the provisioning functionality. +This document defines architecture, and API for the Gardener cluster provisioning functionality. # Target architecture From 35f213477d4e58350cd4d4cbbc06ec81d6a7d9fd Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Wed, 8 May 2024 16:06:04 +0200 Subject: [PATCH 27/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 09a18926..115c9113 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -6,7 +6,7 @@ This document defines architecture, and API for the Gardener cluster provisionin The following picture shows the agreed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) -> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency. +> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency. The following assumptions were taken: - KEB has the following responsibilities: From 8c65e3a332fe42daecefb06710fcacacf1ea2bec Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 9 May 2024 11:06:18 +0200 Subject: [PATCH 28/49] Review remarks applied --- .../adr/assets/keb-kim-target-arch.drawio.svg | 2 +- .../assets/runtime-examples/aws-freemium.yaml | 1 + .../assets/runtime-examples/aws-minimal.yaml | 1 + .../assets/runtime-examples/aws-trial.yaml | 1 + docs/adr/assets/runtime-examples/aws.yaml | 1 + .../runtime-examples/azure-fremium.yaml | 1 + .../assets/runtime-examples/azure-lite.yaml | 1 + docs/adr/assets/runtime-examples/azure.yaml | 1 + docs/adr/assets/runtime-examples/gcp.yaml | 1 + .../runtime-examples/sap-converged-cloud.yaml | 1 + docs/adr/provisioning.md | 57 ++++++++++++------- 11 files changed, 45 insertions(+), 23 deletions(-) diff --git a/docs/adr/assets/keb-kim-target-arch.drawio.svg b/docs/adr/assets/keb-kim-target-arch.drawio.svg index 439cb4ba..b53f8f70 100644 --- a/docs/adr/assets/keb-kim-target-arch.drawio.svg +++ b/docs/adr/assets/keb-kim-target-arch.drawio.svg @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- Do not edit this file with editors other than draw.io --> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> -<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="591px" viewBox="-0.5 -0.5 822 591" content="<mxfile host="app.diagrams.net" modified="2024-05-08T12:21:32.566Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="9fDpxlZcrvNXN_X_p45L" scale="1" border="0" version="24.3.1" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="577" dy="1271" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="690" height="580" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="750" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="800" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="Runtime CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="RuntimeKubeconfig&amp;nbsp;CRD contains data needed to fetch kubeconfig. &lt;b&gt;&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="490" y="610" width="190" height="100" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="640" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="RuntimeKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="Runtime CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> <mxCell id="mGOWFElGAteea3bxPiqX-24" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" edge="1" parent="1" source="6NZ_8cFfOJs-itlOXwdO-31" target="6NZ_8cFfOJs-itlOXwdO-31"> <mxGeometry relative="1" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="690" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="851px" height="591px" viewBox="-0.5 -0.5 851 591" content="<mxfile host="app.diagrams.net" modified="2024-05-09T08:35:35.937Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" etag="SLstISsH5nRcHgYSm9at" scale="1" border="0" version="24.3.1" type="device"> <diagram name="Page-1" id="0ahoYHhgpX2lhLgWHN-l"> <mxGraphModel dx="1217" dy="631" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="6NZ_8cFfOJs-itlOXwdO-31" value="" style="rounded=0;whiteSpace=wrap;html=1;dashed=1" parent="1" vertex="1"> <mxGeometry x="141" y="150" width="599" height="580" as="geometry" /> </mxCell> <mxCell id="2" value="Kyma Environment Broker" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="170" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="3" value="BTP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="10" y="280" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="4" value="Kyma Infrastructure Manager" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="510" y="360" width="120" height="60" as="geometry" /> </mxCell> <mxCell id="5" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="3" target="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="130" y="460" as="sourcePoint" /> <mxPoint x="180" y="410" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="7" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="2" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="320" y="290" as="sourcePoint" /> <mxPoint x="340" y="310" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="8" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="520" y="310" as="sourcePoint" /> <mxPoint x="670" y="240" as="targetPoint" /> <Array as="points"> <mxPoint x="582" y="310" /> </Array> </mxGeometry> </mxCell> <mxCell id="9" value="Gardener" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="780" y="350" width="80" height="80" as="geometry" /> </mxCell> <mxCell id="10" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="660" y="380" as="sourcePoint" /> <mxPoint x="710" y="330" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="12" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" edge="1"> <mxGeometry width="100" height="100" relative="1" as="geometry"> <mxPoint x="700" y="570" as="sourcePoint" /> <mxPoint x="570" y="490" as="targetPoint" /> </mxGeometry> </mxCell> <mxCell id="13" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="290" y="380" width="90" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="Create CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="600" y="460" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="15" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="310" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="16" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="590" y="290" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="17" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="660" y="340" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="18" value="Start provisioning" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="540" y="260" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="19" value="Create shoot CR" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="620" y="310" width="140" height="30" as="geometry" /> </mxCell> <mxCell id="20" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="17" target="17" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> <mxCell id="21" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="610" y="427" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="22" value="" style="shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="4" target="9" edge="1"> <mxGeometry width="50" height="50" relative="1" as="geometry"> <mxPoint x="420" y="530" as="sourcePoint" /> <mxPoint x="470" y="480" as="targetPoint" /> <Array as="points"> <mxPoint x="440" y="390" /> <mxPoint x="440" y="590" /> <mxPoint x="830" y="590" /> </Array> </mxGeometry> </mxCell> <mxCell id="23" value="5" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1"> <mxGeometry x="379" y="440" width="40" height="40" as="geometry" /> </mxCell> <mxCell id="24" value="Fetch kubeconfig" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;" parent="1" vertex="1"> <mxGeometry x="369" y="480" width="60" height="30" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-25" value="Runtime CRD&amp;nbsp;contains details of the cluster" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="370" y="190" width="120" height="80" as="geometry" /> </mxCell> <mxCell id="uJiPobTpmp8qSl2DZlkU-26" value="RuntimeKubeconfig&amp;nbsp;CRD contains data needed to fetch kubeconfig. &lt;b&gt;&amp;nbsp;&lt;/b&gt;" style="shape=document;whiteSpace=wrap;html=1;boundedLbl=1;" parent="1" vertex="1"> <mxGeometry x="490" y="610" width="190" height="100" as="geometry" /> </mxCell> <mxCell id="6NZ_8cFfOJs-itlOXwdO-32" value="Kyma Control Plane" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;" parent="1" vertex="1"> <mxGeometry x="560" y="160" width="170" height="30" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-24" value="RuntimeKubeconfig CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="485" y="490" width="170" height="60" as="geometry" /> </mxCell> <mxCell id="nGG45oqGqh6GDVyRlN8J-25" value="Runtime CR" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="340" y="280" width="180" height="60" as="geometry" /> </mxCell> <mxCell id="mGOWFElGAteea3bxPiqX-24" style="edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;" parent="1" source="6NZ_8cFfOJs-itlOXwdO-31" target="6NZ_8cFfOJs-itlOXwdO-31" edge="1"> <mxGeometry relative="1" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><g><rect x="131" y="0" width="599" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="770" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 771px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="810" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 750.5 235 L 750.5 224.5 L 769.5 240 L 750.5 255.5 L 750.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 815 435 L 815 304.54 L 804.5 304.54 L 820 279.54 L 835.5 304.54 L 825 304.54 L 825 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 815 304.54 L 804.5 304.54 L 820 279.54 L 835.5 304.54 L 825 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="550" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 551px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="635" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 874a0203..0a938793 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index 7b6a76fb..df882352 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index f5397bba..afb7909d 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 5f06a280..7f00d576 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index ef8d8867..e503843b 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 64886014..1b405683 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index b910b7fe..efe49305 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 04a5d329..175e57d0 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 51915f39..bfa45b4b 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -10,6 +10,7 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 115c9113..ff3dfd20 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -9,28 +9,40 @@ The following picture shows the agreed architecture: > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency. The following assumptions were taken: -- KEB has the following responsibilities: - - Creating `Runtime` CR containing the following data: - - Provider config (type, region, and secret with credentials for hyperscaler) - - Worker pool specification - - Cluster networking settings (nodes, pods, and services API ranges) - - OIDC settings - - Cluster administrators list - - Egress network filter settings - - Control Plane failure tolerance config - - Observing status of the CR to determine whether provisioning succeeded -- Kyma Infrastructure Manager has the following responsibilities: - - Creating shoots based on: - - Corresponding `Runtime` CR properties - - Predefined defaults for the optional properties: - - Kubernetes version - - Machine image version - - Predefined configuration for the following extensions: - - DNS - - Certificates - - Upgrading, and deleting shoots for corresponding `Runtime` CRs - - Applying audit log configuration on the shoot resource - - Generating kubeconfig +- Kyma Environment Broker should not contain all the details of the cluster infrastructure. +- Kyma Infrastructure Manager's API should expose properties that: + - can be set in the BTP cockpit by the user + - are directly related to plans in the KEB +- Kyma Infrastructure Manager's API should not expose properties that are: + - hardcoded in the Provisioner, or the KEB + - statically configured in the management-plane-config + +The Kyma Environment Broker has the following responsibilities: +- Creating `Runtime` CR containing the following data: + - Provider config (type, region, and secret with credentials for hyperscaler) + - Worker pool specification + - Cluster networking settings (nodes, pods, and services API ranges) + - OIDC settings + - Cluster administrators list + - Egress network filter settings + - Control Plane failure tolerance config + - Observing status of the CR to determine whether provisioning succeeded + + The Kyma Infrastructure Manager has the following responsibilities: +- Creating shoots based on: + - Corresponding `Runtime` CR properties + - Corresponding `Runtime` CR labels: + - `kyma-project.io/platform-region` for determining if the cluster is located in EU + - Predefined defaults for the optional properties: + - Kubernetes version + - Machine image version + - Predefined configuration for the following functionalities: + - configuring DNS extension + - configuring Certificates extension + - providing maintenance settings (Kubernetes, and image autoupdates) + - Upgrading, and deleting shoots for corresponding `Runtime` CRs + - Applying audit log configuration on the shoot resource + - Generating kubeconfig # API proposal @@ -46,6 +58,7 @@ Please mind that the `Runtime` CR should contain the following labels: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region + kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName ``` From a3147e6a0e4addd1e2d4df95e2fbe94758f2d72d Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 9 May 2024 11:07:57 +0200 Subject: [PATCH 29/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index ff3dfd20..f9125231 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -3,7 +3,7 @@ This document defines architecture, and API for the Gardener cluster provisionin # Target architecture -The following picture shows the agreed architecture: +The following picture shows the proposed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency. From ce71c36dfa0b90a848204f685fb7a0c359e6e261 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 9 May 2024 11:09:59 +0200 Subject: [PATCH 30/49] Update provisioning.md --- docs/adr/provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index f9125231..c1b2bbc1 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -26,7 +26,7 @@ The Kyma Environment Broker has the following responsibilities: - Cluster administrators list - Egress network filter settings - Control Plane failure tolerance config - - Observing status of the CR to determine whether provisioning succeeded +- Observing status of the CR to determine whether provisioning succeeded The Kyma Infrastructure Manager has the following responsibilities: - Creating shoots based on: From 506e938779cfdb2c054dcd5a1a93acdb3c887cf9 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 9 May 2024 13:52:05 +0200 Subject: [PATCH 31/49] Apply suggestions from code review Co-authored-by: Grzegorz Karaluch <grzegorz.karaluch@sap.com> --- docs/adr/provisioning.md | 46 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index c1b2bbc1..38fb3649 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -1,24 +1,24 @@ # Introduction -This document defines architecture, and API for the Gardener cluster provisioning functionality. +This document defines the architecture and API for the Gardener cluster provisioning functionality. # Target architecture -The following picture shows the proposed architecture: +The following diagram shows the proposed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) -> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency. +> Note: At the time of writing, the GardenerCluster CR was used to generate kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency. The following assumptions were taken: -- Kyma Environment Broker should not contain all the details of the cluster infrastructure. -- Kyma Infrastructure Manager's API should expose properties that: +- Kyma Environment Broker must not contain all the details of the cluster infrastructure. +- Kyma Infrastructure Manager's API must expose properties that: - can be set in the BTP cockpit by the user - are directly related to plans in the KEB -- Kyma Infrastructure Manager's API should not expose properties that are: +- Kyma Infrastructure Manager's API must not expose properties that are: - hardcoded in the Provisioner, or the KEB - statically configured in the management-plane-config -The Kyma Environment Broker has the following responsibilities: -- Creating `Runtime` CR containing the following data: +Kyma Environment Broker has the following responsibilities: +- Create Runtime CR containing the following data: - Provider config (type, region, and secret with credentials for hyperscaler) - Worker pool specification - Cluster networking settings (nodes, pods, and services API ranges) @@ -26,10 +26,10 @@ The Kyma Environment Broker has the following responsibilities: - Cluster administrators list - Egress network filter settings - Control Plane failure tolerance config -- Observing status of the CR to determine whether provisioning succeeded +- Observe the status of the CR to determine whether provisioning succeeded - The Kyma Infrastructure Manager has the following responsibilities: -- Creating shoots based on: + Kyma Infrastructure Manager has the following responsibilities: +- Create shoots based on: - Corresponding `Runtime` CR properties - Corresponding `Runtime` CR labels: - `kyma-project.io/platform-region` for determining if the cluster is located in EU @@ -40,15 +40,15 @@ The Kyma Environment Broker has the following responsibilities: - configuring DNS extension - configuring Certificates extension - providing maintenance settings (Kubernetes, and image autoupdates) - - Upgrading, and deleting shoots for corresponding `Runtime` CRs - - Applying audit log configuration on the shoot resource - - Generating kubeconfig + - Upgrade and delete shoots for the corresponding `Runtime` CRs + - Apply the audit log configuration on the shoot resource + - Generate the kubeconfig # API proposal ## CR examples -Please mind that the `Runtime` CR should contain the following labels: +MInd that the Runtime CR must contain the following labels: ```yaml kyma-project.io/instance-id: instance-id kyma-project.io/runtime-id: runtime-id @@ -64,7 +64,7 @@ Please mind that the `Runtime` CR should contain the following labels: The labels are skipped in the following examples due to clarity. -The example below shows the CR that should be created by the KEB to provision AWS production cluster: +The example below shows the CR that must be created by the KEB to provision the AWS production cluster: ```yaml apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime @@ -133,13 +133,13 @@ spec: ``` There are some additional optional fields that could be specified: -- `spec.shoot.kubernetes.version` ; if not provided default value will be read by the KIM from configuration -- `spec.shoot.workers.machine.image` ; if not provided default value will be read by the KIM from configuration -- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured -- `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used -- `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used +- `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration +- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration +- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured +- `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used +- `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used -The following example shows what `Runtime` CR should be created to provision a cluster with additional OIDC provider, and ingress network filtering enabled: +The following example shows the Runtime CR that must be created to provision a cluster with an additional OIDC provider and to enable ingress network filtering: ```yaml apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime @@ -235,7 +235,7 @@ spec: ``` > Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in the first release. -Please, see the following examples to understand what CRs need to be created for particular KEB plans: +Please see the following examples to understand what CRs must be created for particular KEB plans: - [AWS trial plan](assets/runtime-examples/aws-trial.yaml) - [Azure](assets/runtime-examples/azure.yaml) - [Azure lite](assets/runtime-examples/azure-lite.yaml) From a00237d10520368698c1ca7dc693c3a6096249cf Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 9 May 2024 18:01:10 +0200 Subject: [PATCH 32/49] Minor refactoring --- .../assets/runtime-examples/aws-freemium.yaml | 46 ++++---- .../assets/runtime-examples/aws-minimal.yaml | 33 +++--- .../assets/runtime-examples/aws-trial.yaml | 33 +++--- docs/adr/assets/runtime-examples/aws.yaml | 44 ++++---- .../runtime-examples/azure-fremium.yaml | 33 +++--- .../assets/runtime-examples/azure-lite.yaml | 39 +++---- docs/adr/assets/runtime-examples/azure.yaml | 43 ++++---- docs/adr/assets/runtime-examples/gcp.yaml | 43 ++++---- .../runtime-examples/sap-converged-cloud.yaml | 39 +++---- docs/adr/provisioning.md | 100 ++++++++++-------- 10 files changed, 234 insertions(+), 219 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 0a938793..70067d62 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -16,13 +16,17 @@ metadata: namespace: kcp-system spec: shoot: - # Set by the KEB, required + # spec.shoot.name is required name: shoot-name - # Set by the KEB, required + # spec.shoot.purpose is required purpose: evaluation + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -31,56 +35,52 @@ spec: - RS256 usernameClaim: sub provider: - ## Provided by the KEB, required type: aws - ## Provided by the KEB, required - region: eu-central-1 - # Provided by the KEB, required. - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" + # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # Set by the KEB, required + # spec.shoot.workers.machine.type is required type: m5.xlarge - # Optional, when not provider default will be used + # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # Provided by the KEB, required for the first release - # Finally can be moved into KIM, as it is hardcoded in KEB + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: gp2 size: 50Gi - # Provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - # Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # Provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 1 - # Provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 1 - # Provided by the KEB, required in the first release. - # It can be optional removed in the future, as it equals to zone count + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count maxSurge: 1 - # Provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # Provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index df882352..6c4bf1f0 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -16,13 +16,17 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,44 +36,41 @@ spec: usernameClaim: sub provider: type: aws - region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: node workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: m6i.large - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b - eu-central-1c - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking is provided by the KEB, required + # spec.security.networking is required egress: enabled: false - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index afb7909d..1f4517d1 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -16,13 +16,17 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: evaluation + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,42 +36,39 @@ spec: usernameClaim: sub provider: type: aws - region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: mx5.large - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 1 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 1 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 1 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 7f00d576..bf75089d 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -16,16 +16,20 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production - # Will be modified by the SRE + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used + # Will be modified by the SRE version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -33,7 +37,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -42,61 +46,59 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is provided by the KEB, required + ## spec.shoot.provider is required provider: type: aws - region: eu-central-1 - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: m6i.large # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # spec.shoot.workers.volume is provided by the KEB, required for the first release + # spec.shoot.workers.volume is required for the first release # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b - eu-central-1c - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + # spec.security.networking.filter.ingress.enabled is optional (default=false), not implemented in the first KIM release ingress: enabled: true - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index e503843b..ffd75ea8 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -16,13 +16,17 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is set required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: evaluation + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,42 +36,39 @@ spec: usernameClaim: sub provider: type: aws - region: eu-central-1 - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: node workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: mx5.large - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 1 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 1 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 1 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 1b405683..f214560e 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -16,13 +16,17 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: eastus + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -30,57 +34,54 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.provider is provided by the KEB, required + # spec.shoot.provider is required provider: type: aws - region: eastus - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is optional, default=nil controlPlane: highAvailability: failureTolerance: type: node workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: Standard_D4s_v5 # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # spec.shoot.workers.volume is provided by the KEB, required for the first release + # spec.shoot.workers.volume is required for the first release # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: Standard_LRS size: 50Gi - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eastus1 - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 2 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 10 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 1 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index efe49305..383dff61 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -16,15 +16,19 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: eastus + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,7 +36,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -41,62 +45,59 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is provided by the KEB, required + ## spec.shoot.provider is required provider: type: aws - region: eastus - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type provided is required type: Standard_D2s_v5 # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # spec.shoot.workers.volume is provided by the KEB, required for the first release + # spec.shoot.workers.volume is required for the first release # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: Standard_LRS size: 50Gi - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eastus1 - eastus2 - eastus3 - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + # spec.security.networking.filter.ingress.enabled is optional (default=false) ingress: enabled: true - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 175e57d0..6f3b5a38 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -16,15 +16,19 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: europe-west3 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,7 +36,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -41,62 +45,59 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is provided by the KEB, required + ## spec.shoot.provider is required provider: type: aws - region: europe-west3 - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, optional, default=nil + # spec.shoot.controlPlane is optional, default=nil controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: n2-standard-2 # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # spec.shoot.workers.volume is provided by the KEB, required for the first release + # spec.shoot.workers.volume is required for the first release # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: pd-standard size: 50Gi - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - europe-west3a - europe-west3b - europe-west3c - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + # spec.security.networking.filter.ingress.enabled is optional (default=false) ingress: enabled: true - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com \ No newline at end of file diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index bfa45b4b..74ccaab5 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -16,15 +16,19 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: eu-de-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -32,7 +36,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -41,25 +45,22 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is provided by the KEB, required + ## spec.shoot.provider is required provider: type: openstack - region: eu-de-1 - # We must consider whether it makes sense to move HAP into KIM - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 nodes: 10.250.0.0/22 services: 10.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: g_c2_m8 # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE @@ -72,27 +73,27 @@ spec: - eu-de-1a - eu-de-1b - eu-de-1d - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + # spec.security.networking.filter.ingress.enabled is optional (default=false) ingress: enabled: true - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 38fb3649..f570603e 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -73,13 +73,17 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -87,47 +91,44 @@ spec: signingAlgs: - RS256 usernameClaim: sub - # spec.shoot.provider is provided by the KEB, required provider: type: aws - region: eu-central-1 - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: type: node workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: m6i.large - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b - eu-central-1c - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking is required egress: enabled: false - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com ``` @@ -148,16 +149,20 @@ metadata: namespace: kcp-system spec: shoot: - # spec.shoot.name is set by the KEB, required + # spec.shoot.name is required name: shoot-name - # spec.shoot.purpose is set by the KEB, required + # spec.shoot.purpose is required purpose: production - # Will be modified by the SRE + # spec.shoot.region is required + region: eu-central-1 + # spec.shoot.secretBindingName is required + secretBindingName: "hyperscaler secret" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used + # Will be modified by the SRE version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required + ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -165,7 +170,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release + # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -174,62 +179,60 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - # spec.shoot.provider is provided by the KEB, required + ## spec.shoot.provider is required provider: type: aws - region: eu-central-1 - secretBindingName: "hyperscaler secret" - # spec.shoot.Networking is Provided by the KEB, required + # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 nodes: 10.250.0.0/16 services: 100.104.0.0/13 - # spec.shoot.controlPlane is provided by the KEB, required + # spec.shoot.controlPlane is required controlPlane: highAvailability: failureTolerance: - type: node + type: zone workers: - machine: - # spec.shoot.workers.machine.type provided by the KEB, required + # spec.shoot.workers.machine.type is required type: m6i.large # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: name: gardenlinux version: 1312.3.0 - # spec.shoot.workers.volume is provided by the KEB, required for the first release + # spec.shoot.workers.volume is required for the first release # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b - eu-central-1c - # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used + # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 - # spec.shoot.workers.minimum is provided by the KEB, required + # spec.shoot.workers.minimum is required minimum: 3 - # spec.shoot.workers.maximum is provided by the KEB, required + # spec.shoot.workers.maximum is required maximum: 20 - # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release. + # spec.shoot.workers.maxSurge is required in the first release. # It can be optional in the future, as it equals to zone count maxSurge: 3 - # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release. + # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 security: networking: filter: - # spec.security.networking.filter.egress.enabled is provided by the KEB, required + # spec.security.networking.filter.egress.enabled is required egress: enabled: false - # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false) + # spec.security.networking.filter.ingress.enabled is optional (default=false), not implemented in the first KIM release ingress: enabled: true - # spec.security.administrators is provided by the KEB, required + # spec.security.administrators is required administrators: - admin@myorg.com ``` @@ -250,6 +253,7 @@ package v1 import ( gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" ) type Runtime struct { @@ -266,18 +270,20 @@ type RuntimeSpec struct { } type Shoot struct { - Name string `json:"name"` - Purpose string `json:"purpose"` - Kubernetes Kubernetes `json:"kubernetes"` - Provider Provider `json:"provider"` - Networking Networking `json:"networking"` - Workers *[]gardener.Worker `json:"workers,omitempty"` + Name string `json:"name"` + Purpose string `json:"purpose"` + Region string `json:"region"` + SecretBindingName string `json:"secretBindingName"` + Kubernetes Kubernetes `json:"kubernetes"` + Provider Provider `json:"provider"` + Networking Networking `json:"networking"` + Workers *[]gardener.Worker `json:"workers,omitempty"` } type Provider struct { - Type string `json:"type"` - Region string `json:"region"` - SecretBindingName string `json:"secretBindingName"` + Type string `json:"type"` + ControlPlaneConfig *runtime.RawExtension `json:"controlPlaneConfig,omitempty"` + InfrastructureConfig *runtime.RawExtension `json:"infrastructureConfig,omitempty"` } type Networking struct { From af9a219ce00fa515d95033f099469bc5e317a53e Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 08:34:59 +0200 Subject: [PATCH 33/49] Added Provider Specific Config to the examples --- .../assets/runtime-examples/aws-freemium.yaml | 18 ++++++++++++- .../assets/runtime-examples/aws-minimal.yaml | 24 +++++++++++++++++ .../assets/runtime-examples/aws-trial.yaml | 18 ++++++++++++- docs/adr/assets/runtime-examples/aws.yaml | 26 ++++++++++++++++++- .../runtime-examples/azure-fremium.yaml | 19 +++++++++++++- .../assets/runtime-examples/azure-lite.yaml | 19 +++++++++++++- docs/adr/assets/runtime-examples/azure.yaml | 26 +++++++++++++++++-- docs/adr/assets/runtime-examples/gcp.yaml | 14 +++++++++- .../runtime-examples/sap-converged-cloud.yaml | 12 +++++++++ 9 files changed, 168 insertions(+), 8 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 70067d62..2dfa5323 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -36,6 +36,22 @@ spec: usernameClaim: sub provider: type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + kind: InfrastructureConfig + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + networks: + vpc: + cidr: 10.250.0.0/22 + zones: + - name: eu-central-1b + internal: 10.250.0.192/26 + public: 10.250.0.128/26 + workers: 10.250.0.0/25 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 @@ -62,7 +78,7 @@ spec: size: 50Gi # spec.shoot.workers.zones is required zones: - - eu-central-1a + - eu-central-1b # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 # spec.shoot.workers.minimum is required diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index 6c4bf1f0..fd3f09e6 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -36,6 +36,30 @@ spec: usernameClaim: sub provider: type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vpc: + cidr: 10.250.0.0/16 + zones: + - internal: 10.250.48.0/20 + name: eu-central-1c + public: 10.250.32.0/20 + workers: 10.250.0.0/19 + - internal: 10.250.112.0/20 + name: eu-central-1b + public: 10.250.96.0/20 + workers: 10.250.64.0/19 + - internal: 10.250.176.0/20 + name: eu-central-1a + public: 10.250.160.0/20 + workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index 1f4517d1..636bd871 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -36,6 +36,22 @@ spec: usernameClaim: sub provider: type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + kind: InfrastructureConfig + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + networks: + vpc: + cidr: 10.250.0.0/22 + zones: + - name: eu-central-1b + internal: 10.250.0.192/26 + public: 10.250.0.128/26 + workers: 10.250.0.0/25 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 @@ -52,7 +68,7 @@ spec: type: mx5.large # spec.shoot.workers.zones is required zones: - - eu-central-1a + - eu-central-1b # spec.shoot.workers.minimum is required minimum: 1 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index bf75089d..8fb3fe78 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -46,9 +46,33 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is required provider: + ## spec.shoot.provider.type is required type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vpc: + cidr: 10.250.0.0/16 + zones: + - internal: 10.250.48.0/20 + name: eu-central-1c + public: 10.250.32.0/20 + workers: 10.250.0.0/19 + - internal: 10.250.112.0/20 + name: eu-central-1b + public: 10.250.96.0/20 + workers: 10.250.64.0/19 + - internal: 10.250.176.0/20 + name: eu-central-1a + public: 10.250.160.0/20 + workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index ffd75ea8..d61da7b0 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -35,7 +35,24 @@ spec: - RS256 usernameClaim: sub provider: - type: aws + type: azure + # spec.shoot.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vnet: + cidr: 10.250.0.0/19 + zones: + - cidr: 10.250.0.0/24 + name: 1 + natGateway: + enabled: true + idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index f214560e..a2fbcc4d 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -36,7 +36,24 @@ spec: usernameClaim: sub # spec.shoot.provider is required provider: - type: aws + type: azure + # spec.shoot.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vnet: + cidr: 10.250.0.0/19 + zones: + - cidr: 10.250.0.0/24 + name: 1 + natGateway: + enabled: true + idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 383dff61..7496755e 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -45,9 +45,31 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is required + # spec.shoot.provider is required provider: - type: aws + type: azure + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vnet: + cidr: 10.250.0.0/19 + zones: + - cidr: 10.250.0.0/24 + name: 1 + natGateway: + enabled: true + idleConnectionTimeoutMinutes: 4 + - cidr: 10.250.1.0/24 + name: 2 + natGateway: + enabled: true + idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 6f3b5a38..e7ca9076 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -47,7 +47,19 @@ spec: usernamePrefix: 'someother' ## spec.shoot.provider is required provider: - type: aws + type: gcp + # spec.shoot.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + zone: us-central1-b + # spec.shoot.infrastructureConfig is required + infrastructureConfig: + apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + worker: 10.250.0.0/22 + workers: 10.250.0.0/22 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 74ccaab5..1ad714fa 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -48,6 +48,18 @@ spec: ## spec.shoot.provider is required provider: type: openstack + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + loadBalancerProvider: f5 + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1 + floatingPoolName: FloatingIP-external-kyma-01 + kind: InfrastructureConfig + networks: + workers: 10.180.0.0/16 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 From b379f6355ece741c6b43c989441394aa56674e1c Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 08:56:07 +0200 Subject: [PATCH 34/49] Licence type added --- docs/adr/assets/runtime-examples/aws-trial.yaml | 2 ++ docs/adr/assets/runtime-examples/azure-lite.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index 636bd871..35db3cd1 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -20,6 +20,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: evaluation + # spec.shoot.licenceType is optional, default=nil + licenceType: "TestDevelopmentAndDemo" # spec.shoot.region is required region: eu-central-1 # spec.shoot.secretBindingName is required diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index a2fbcc4d..f44d90cb 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eastus + # spec.shoot.licenceType is optional, default=nil + licenceType: "TestDevelopmentAndDemo" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: From a3267a8a0201a6a3beebfcdbfecdf83650a36f56 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 09:35:08 +0200 Subject: [PATCH 35/49] Optional seedName added --- .../assets/runtime-examples/aws-freemium.yaml | 1 + .../assets/runtime-examples/aws-minimal.yaml | 3 +- .../assets/runtime-examples/aws-trial.yaml | 3 +- docs/adr/assets/runtime-examples/aws.yaml | 6 +- .../runtime-examples/azure-fremium.yaml | 3 +- .../assets/runtime-examples/azure-lite.yaml | 3 +- docs/adr/assets/runtime-examples/azure.yaml | 7 ++- docs/adr/assets/runtime-examples/gcp.yaml | 9 ++- .../runtime-examples/sap-converged-cloud.yaml | 9 ++- docs/adr/provisioning.md | 62 ++++++++++++++++++- 10 files changed, 89 insertions(+), 17 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 2dfa5323..a4e0e00f 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -35,6 +35,7 @@ spec: - RS256 usernameClaim: sub provider: + # spec.shoot.provider.type is required type: aws # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index fd3f09e6..a2a67ccd 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -26,7 +26,7 @@ spec: secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -35,6 +35,7 @@ spec: - RS256 usernameClaim: sub provider: + # spec.shoot.provider.type is required type: aws # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index 35db3cd1..b1067f8d 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -28,7 +28,7 @@ spec: secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -37,6 +37,7 @@ spec: - RS256 usernameClaim: sub provider: + # spec.shoot.provider.type is required type: aws # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 8fb3fe78..c6e420e6 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -20,6 +20,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production + # spec.shoot.seedName is optional, default=nil + seedName: aws-ha-eu1 # spec.shoot.region is required region: eu-central-1 # spec.shoot.secretBindingName is required @@ -29,7 +31,7 @@ spec: # Will be modified by the SRE version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -47,7 +49,7 @@ spec: usernameClaim: sub usernamePrefix: 'someother' provider: - ## spec.shoot.provider.type is required + # spec.shoot.provider.type is required type: aws # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index d61da7b0..2b0cda29 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -26,7 +26,7 @@ spec: secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -35,6 +35,7 @@ spec: - RS256 usernameClaim: sub provider: + # spec.shoot.provider.type is required type: azure # spec.shoot.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index f44d90cb..7535f5b9 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -28,7 +28,7 @@ spec: secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -38,6 +38,7 @@ spec: usernameClaim: sub # spec.shoot.provider is required provider: + # spec.shoot.provider.type is required type: azure # spec.shoot.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 7496755e..ab09fa7b 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -20,6 +20,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production + # spec.shoot.seedName is optional, default=nil + seedName: az-ha-us2 # spec.shoot.region is required region: eastus # spec.shoot.secretBindingName is required @@ -28,7 +30,7 @@ spec: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -36,7 +38,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release + # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -47,6 +49,7 @@ spec: usernamePrefix: 'someother' # spec.shoot.provider is required provider: + # spec.shoot.provider.type is required type: azure # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index e7ca9076..de49dfbb 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -20,6 +20,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production + # spec.shoot.seedName is optional, default=nil + seedName: gcp-ha-us1 # spec.shoot.region is required region: europe-west3 # spec.shoot.secretBindingName is required @@ -28,7 +30,7 @@ spec: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -36,7 +38,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release + # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -45,8 +47,9 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is required + # spec.shoot.provider is required provider: + # spec.shoot.provider.type is required type: gcp # spec.shoot.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 1ad714fa..9dcbadd7 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -20,6 +20,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production + # spec.shoot.region is optional, default=nil + seedName: cc-ha-eu1 # spec.shoot.region is required region: eu-de-1 # spec.shoot.secretBindingName is required @@ -28,7 +30,7 @@ spec: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -36,7 +38,7 @@ spec: signingAlgs: - RS256 usernameClaim: sub - ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release + # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -45,8 +47,9 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is required + # spec.shoot.provider is required provider: + # spec.shoot.provider.type is required type: openstack # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index f570603e..55b4ed07 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -21,6 +21,7 @@ Kyma Environment Broker has the following responsibilities: - Create Runtime CR containing the following data: - Provider config (type, region, and secret with credentials for hyperscaler) - Worker pool specification + - Provider specific config - Cluster networking settings (nodes, pods, and services API ranges) - OIDC settings - Cluster administrators list @@ -92,7 +93,32 @@ spec: - RS256 usernameClaim: sub provider: + ## spec.shoot.provider.type is required type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vpc: + cidr: 10.250.0.0/16 + zones: + - internal: 10.250.48.0/20 + name: eu-central-1c + public: 10.250.32.0/20 + workers: 10.250.0.0/19 + - internal: 10.250.112.0/20 + name: eu-central-1b + public: 10.250.96.0/20 + workers: 10.250.64.0/19 + - internal: 10.250.176.0/20 + name: eu-central-1a + public: 10.250.160.0/20 + workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 @@ -153,6 +179,8 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production + # spec.shoot.seedName is optional, default=nil + seedName: aws-ha-eu1 # spec.shoot.region is required region: eu-central-1 # spec.shoot.secretBindingName is required @@ -168,7 +196,7 @@ spec: groupsClaim: groups issuerURL: https://my.cool.tokens.com signingAlgs: - - RS256 + - RS256 usernameClaim: sub # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: @@ -179,9 +207,33 @@ spec: - RS256 usernameClaim: sub usernamePrefix: 'someother' - ## spec.shoot.provider is required provider: + ## spec.shoot.provider.type is required type: aws + # spec.shoot.provider.controlPlaneConfig is required + controlPlaneConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + # spec.shoot.provider.infrastructureConfig is required + infrastructureConfig: + apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + vpc: + cidr: 10.250.0.0/16 + zones: + - internal: 10.250.48.0/20 + name: eu-central-1c + public: 10.250.32.0/20 + workers: 10.250.0.0/19 + - internal: 10.250.112.0/20 + name: eu-central-1b + public: 10.250.96.0/20 + workers: 10.250.64.0/19 + - internal: 10.250.176.0/20 + name: eu-central-1a + public: 10.250.160.0/20 + workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 @@ -248,7 +300,7 @@ Please see the following examples to understand what CRs must be created for par ## API structures ```go -package v1 +package v2 import ( gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1" @@ -273,6 +325,8 @@ type Shoot struct { Name string `json:"name"` Purpose string `json:"purpose"` Region string `json:"region"` + SeedName *string `json:"seedName,omitempty"` + LicenceType *string `json:"licenceType,omitempty"` SecretBindingName string `json:"secretBindingName"` Kubernetes Kubernetes `json:"kubernetes"` Provider Provider `json:"provider"` @@ -339,4 +393,6 @@ type RuntimeStatus struct { // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty"` } + + ``` From 5e598bdb4893deeb3966ae9a5126b703ced5f992 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 09:39:36 +0200 Subject: [PATCH 36/49] Adjusted to ADR format --- docs/adr/provisioning.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 55b4ed07..2022448f 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -1,7 +1,10 @@ -# Introduction +# Context This document defines the architecture and API for the Gardener cluster provisioning functionality. -# Target architecture +# Status +Proposed + +# Decision The following diagram shows the proposed architecture: ![](./assets/keb-kim-target-arch.drawio.svg) @@ -45,9 +48,9 @@ Kyma Environment Broker has the following responsibilities: - Apply the audit log configuration on the shoot resource - Generate the kubeconfig -# API proposal +## API proposal -## CR examples +### CR examples MInd that the Runtime CR must contain the following labels: ```yaml From c12ce307dc7aef8bc887808ec2c5c41fa58227d6 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 10:42:40 +0200 Subject: [PATCH 37/49] Added information on the additional fields --- docs/adr/provisioning.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md index 2022448f..3f00643f 100644 --- a/docs/adr/provisioning.md +++ b/docs/adr/provisioning.md @@ -163,9 +163,11 @@ spec: ``` There are some additional optional fields that could be specified: +- `spec.shoot.seedName` ; if not provided `nil` value will be used +- `spec.shoot.seedName.licenceType` ; if not provided `nil` value will be used - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration -- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured +- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration - `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used - `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used From 2a54485d8ae411faddddbae0564d8e56fdcc07eb Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 10:47:05 +0200 Subject: [PATCH 38/49] File renamed --- docs/adr/{provisioning.md => 001-provisioning.md} | 0 docs/adr/README.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename docs/adr/{provisioning.md => 001-provisioning.md} (100%) diff --git a/docs/adr/provisioning.md b/docs/adr/001-provisioning.md similarity index 100% rename from docs/adr/provisioning.md rename to docs/adr/001-provisioning.md diff --git a/docs/adr/README.md b/docs/adr/README.md index 8e4669d2..0fb75fd6 100644 --- a/docs/adr/README.md +++ b/docs/adr/README.md @@ -4,5 +4,5 @@ This folder contains architecture decision records. # Documents -- [Provisioning functionality](./provisioning.md) +- [Provisioning functionality](./001-provisioning.md) From 5a52cb38101d7480c14631444f9c1e177c6ab352 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 10:56:33 +0200 Subject: [PATCH 39/49] Mentioned creating cluster role bindings --- docs/adr/001-provisioning.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 3f00643f..0f1d7794 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -46,6 +46,7 @@ Kyma Environment Broker has the following responsibilities: - providing maintenance settings (Kubernetes, and image autoupdates) - Upgrade and delete shoots for the corresponding `Runtime` CRs - Apply the audit log configuration on the shoot resource + - Create cluster role bindings for administrators - Generate the kubeconfig ## API proposal From 52234ed773ff0c0477f4dedebd67372f5fb948df Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 12:27:59 +0200 Subject: [PATCH 40/49] Update docs/adr/001-provisioning.md Co-authored-by: Benjamin Somhegyi <somhegyi.b@gmail.com> --- docs/adr/001-provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 0f1d7794..327dc21d 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -165,7 +165,7 @@ spec: There are some additional optional fields that could be specified: - `spec.shoot.seedName` ; if not provided `nil` value will be used -- `spec.shoot.seedName.licenceType` ; if not provided `nil` value will be used +- `spec.shoot.licenceType` ; if not provided `nil` value will be used - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured - `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration From aba00807c748920409c77598ea99045e115b4481 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 12:30:28 +0200 Subject: [PATCH 41/49] Removed seed name --- docs/adr/assets/runtime-examples/aws.yaml | 2 -- docs/adr/assets/runtime-examples/azure.yaml | 2 -- docs/adr/assets/runtime-examples/gcp.yaml | 2 -- docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 2 -- 4 files changed, 8 deletions(-) diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index c6e420e6..1a17b40d 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -20,8 +20,6 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production - # spec.shoot.seedName is optional, default=nil - seedName: aws-ha-eu1 # spec.shoot.region is required region: eu-central-1 # spec.shoot.secretBindingName is required diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index ab09fa7b..5ecb2d34 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -20,8 +20,6 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production - # spec.shoot.seedName is optional, default=nil - seedName: az-ha-us2 # spec.shoot.region is required region: eastus # spec.shoot.secretBindingName is required diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index de49dfbb..684e8550 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -20,8 +20,6 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production - # spec.shoot.seedName is optional, default=nil - seedName: gcp-ha-us1 # spec.shoot.region is required region: europe-west3 # spec.shoot.secretBindingName is required diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 9dcbadd7..71c65a76 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -20,8 +20,6 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production - # spec.shoot.region is optional, default=nil - seedName: cc-ha-eu1 # spec.shoot.region is required region: eu-de-1 # spec.shoot.secretBindingName is required From 7dc7e90ae767e37cc38f9b18760a00f153c4344e Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 18:26:43 +0200 Subject: [PATCH 42/49] Fixed hierarchy to have the same as in the shoot --- docs/adr/001-provisioning.md | 136 ++++++++++-------- .../assets/runtime-examples/aws-freemium.yaml | 59 ++++---- .../assets/runtime-examples/aws-minimal.yaml | 39 ++--- .../assets/runtime-examples/aws-trial.yaml | 35 ++--- docs/adr/assets/runtime-examples/aws.yaml | 63 ++++---- .../runtime-examples/azure-fremium.yaml | 35 ++--- .../assets/runtime-examples/azure-lite.yaml | 59 ++++---- docs/adr/assets/runtime-examples/azure.yaml | 63 ++++---- docs/adr/assets/runtime-examples/gcp.yaml | 63 ++++---- .../runtime-examples/sap-converged-cloud.yaml | 55 +++---- 10 files changed, 319 insertions(+), 288 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 327dc21d..475ad4a3 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -74,6 +74,17 @@ The example below shows the CR that must be created by the KEB to provision the apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + kyma-project.io/platform-region: platform-region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -88,7 +99,7 @@ spec: secretBindingName: "hyperscaler secret" kubernetes: kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups @@ -97,8 +108,28 @@ spec: - RS256 usernameClaim: sub provider: - ## spec.shoot.provider.type is required + # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: m6i.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -133,25 +164,6 @@ spec: highAvailability: failureTolerance: type: node - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: @@ -177,6 +189,17 @@ The following example shows the Runtime CR that must be created to provision a c apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + kyma-project.io/platform-region: platform-region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -185,8 +208,6 @@ spec: name: shoot-name # spec.shoot.purpose is required purpose: production - # spec.shoot.seedName is optional, default=nil - seedName: aws-ha-eu1 # spec.shoot.region is required region: eu-central-1 # spec.shoot.secretBindingName is required @@ -196,13 +217,13 @@ spec: # Will be modified by the SRE version: "1.28.7" kubeAPIServer: - ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required + # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required oidcConfig: clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx groupsClaim: groups issuerURL: https://my.cool.tokens.com signingAlgs: - - RS256 + - RS256 usernameClaim: sub # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release additionalOidcConfig: @@ -214,8 +235,40 @@ spec: usernameClaim: sub usernamePrefix: 'someother' provider: - ## spec.shoot.provider.type is required + # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: m6i.large + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: gp2 + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -250,37 +303,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: gp2 - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index a4e0e00f..9b036258 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -37,6 +37,36 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: m5.xlarge + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: gp2 + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - eu-central-1b + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 1 + # spec.shoot.workers.maximum is required + maximum: 1 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -63,35 +93,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: m5.xlarge - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: gp2 - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eu-central-1b - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 1 - # spec.shoot.workers.maximum is required - maximum: 1 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 1 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index a2a67ccd..72176e4a 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -37,6 +37,26 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: m6i.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -71,25 +91,6 @@ spec: highAvailability: failureTolerance: type: node - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index b1067f8d..44ed3041 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -39,6 +39,24 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: mx5.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1b + # spec.shoot.workers.minimum is required + minimum: 1 + # spec.shoot.workers.maximum is required + maximum: 1 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -65,23 +83,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: mx5.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1b - # spec.shoot.workers.minimum is required - minimum: 1 - # spec.shoot.workers.maximum is required - maximum: 1 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 1 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 1a17b40d..8022b7d9 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -49,6 +49,38 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: m6i.large + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: gp2 + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 @@ -83,37 +115,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: gp2 - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index 2b0cda29..312e0673 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -37,6 +37,24 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: mx5.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + # spec.shoot.workers.minimum is required + minimum: 1 + # spec.shoot.workers.maximum is required + maximum: 1 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.controlPlaneConfig is required controlPlaneConfig: apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 @@ -64,23 +82,6 @@ spec: highAvailability: failureTolerance: type: node - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: mx5.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - # spec.shoot.workers.minimum is required - minimum: 1 - # spec.shoot.workers.maximum is required - maximum: 1 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 1 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 7535f5b9..6136f5b3 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -40,6 +40,36 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: Standard_D4s_v5 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: Standard_LRS + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - eastus1 + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 2 + # spec.shoot.workers.maximum is required + maximum: 10 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 1 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.controlPlaneConfig is required controlPlaneConfig: apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 @@ -67,35 +97,6 @@ spec: highAvailability: failureTolerance: type: node - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: Standard_D4s_v5 - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: Standard_LRS - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eastus1 - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 2 - # spec.shoot.workers.maximum is required - maximum: 10 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 1 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 5ecb2d34..029767db 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -49,6 +49,38 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type provided is required + type: Standard_D2s_v5 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: Standard_LRS + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - eastus1 + - eastus2 + - eastus3 + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 @@ -81,37 +113,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type provided is required - type: Standard_D2s_v5 - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: Standard_LRS - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eastus1 - - eastus2 - - eastus3 - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 684e8550..0b0b73a7 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -49,6 +49,38 @@ spec: provider: # spec.shoot.provider.type is required type: gcp + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: n2-standard-2 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # spec.shoot.workers.volume is required for the first release + # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan + volume: + type: pd-standard + size: 50Gi + # spec.shoot.workers.zones is required + zones: + - europe-west3a + - europe-west3b + - europe-west3c + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.controlPlaneConfig is required controlPlaneConfig: apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 @@ -71,37 +103,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: n2-standard-2 - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # spec.shoot.workers.volume is required for the first release - # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan - volume: - type: pd-standard - size: 50Gi - # spec.shoot.workers.zones is required - zones: - - europe-west3a - - europe-west3b - - europe-west3c - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 71c65a76..ca3e9352 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -49,6 +49,34 @@ spec: provider: # spec.shoot.provider.type is required type: openstack + # spec.shoot.provider.workers is required + workers: + - machine: + # spec.shoot.workers.machine.type is required + type: g_c2_m8 + # spec.shoot.workers.machine.image is optional, when not provider default will be used + # Will be modified by the SRE + image: + name: gardenlinux + version: 1312.3.0 + # Note: KEB doesn't specify the volume, Gardener defaults used + # spec.shoot.workers.zones is provided by the KEB, required + zones: + - eu-de-1a + - eu-de-1b + - eu-de-1d + # spec.shoot.workers.name is optional, if not provided default will be used + name: cpu-worker-0 + # spec.shoot.workers.minimum is required + minimum: 3 + # spec.shoot.workers.maximum is required + maximum: 20 + # spec.shoot.workers.maxSurge is required in the first release. + # It can be optional in the future, as it equals to zone count + maxSurge: 3 + # spec.shoot.workers.maxUnavailable is required in the first release. + # It can be optional in the future, as it is always set to 0 + maxUnavailable: 0 # spec.shoot.provider.controlPlaneConfig is required controlPlaneConfig: apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1 @@ -71,33 +99,6 @@ spec: highAvailability: failureTolerance: type: zone - workers: - - machine: - # spec.shoot.workers.machine.type is required - type: g_c2_m8 - # spec.shoot.workers.machine.image is optional, when not provider default will be used - # Will be modified by the SRE - image: - name: gardenlinux - version: 1312.3.0 - # Note: KEB doesn't specify the volume, Gardener defaults used - # spec.shoot.workers.zones is provided by the KEB, required - zones: - - eu-de-1a - - eu-de-1b - - eu-de-1d - # spec.shoot.workers.name is optional, if not provided default will be used - name: cpu-worker-0 - # spec.shoot.workers.minimum is required - minimum: 3 - # spec.shoot.workers.maximum is required - maximum: 20 - # spec.shoot.workers.maxSurge is required in the first release. - # It can be optional in the future, as it equals to zone count - maxSurge: 3 - # spec.shoot.workers.maxUnavailable is required in the first release. - # It can be optional in the future, as it is always set to 0 - maxUnavailable: 0 security: networking: filter: From 18b165c0dce578f5554b110a9dbec75f42e1f7cf Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 18:28:49 +0200 Subject: [PATCH 43/49] Update 001-provisioning.md --- docs/adr/001-provisioning.md | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 475ad4a3..5ef996ff 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -74,17 +74,6 @@ The example below shows the CR that must be created by the KEB to provision the apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: - labels: - kyma-project.io/instance-id: instance-id - kyma-project.io/runtime-id: runtime-id - kyma-project.io/broker-plan-id: plan-id - kyma-project.io/broker-plan-name: plan-name - kyma-project.io/global-account-id: global-account-id - kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name - kyma-project.io/region: region - kyma-project.io/platform-region: platform-region - operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -189,17 +178,6 @@ The following example shows the Runtime CR that must be created to provision a c apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: - labels: - kyma-project.io/instance-id: instance-id - kyma-project.io/runtime-id: runtime-id - kyma-project.io/broker-plan-id: plan-id - kyma-project.io/broker-plan-name: plan-name - kyma-project.io/global-account-id: global-account-id - kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name - kyma-project.io/region: region - kyma-project.io/platform-region: platform-region - operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: From 2de7101c6f866f6b2e4905cfeac65ab42b55128b Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 10 May 2024 18:35:24 +0200 Subject: [PATCH 44/49] Update 001-provisioning.md --- docs/adr/001-provisioning.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 5ef996ff..c8cd8530 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -331,35 +331,34 @@ type Shoot struct { Name string `json:"name"` Purpose string `json:"purpose"` Region string `json:"region"` - SeedName *string `json:"seedName,omitempty"` LicenceType *string `json:"licenceType,omitempty"` SecretBindingName string `json:"secretBindingName"` Kubernetes Kubernetes `json:"kubernetes"` Provider Provider `json:"provider"` Networking Networking `json:"networking"` - Workers *[]gardener.Worker `json:"workers,omitempty"` } type Provider struct { Type string `json:"type"` - ControlPlaneConfig *runtime.RawExtension `json:"controlPlaneConfig,omitempty"` - InfrastructureConfig *runtime.RawExtension `json:"infrastructureConfig,omitempty"` + ControlPlaneConfig runtime.RawExtension `json:"controlPlaneConfig"` + InfrastructureConfig runtime.RawExtension `json:"infrastructureConfig"` + Workers []gardener.Worker `json:"workers"` } type Networking struct { - Pods string `json:"pods,omitempty"` - Nodes string `json:"nodes,omitempty"` - Services string `json:"services,omitempty"` + Pods string `json:"pods"` + Nodes string `json:"nodes"` + Services string `json:"services"` } type Kubernetes struct { - Version string `json:"version"` - KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"` + Version *string `json:"version,omitempty"` + KubeAPIServer APIServer `json:"kubeAPIServer"` } type APIServer struct { - oidcConfig gardener.OIDCConfig `json:"oidcConfig"` - additionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""` + OidcConfig gardener.OIDCConfig `json:"oidcConfig"` + AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""` } type Security struct { @@ -372,7 +371,7 @@ type NetworkingSecurity struct { } type Filter struct { - Ingress *Ingress `json:"ingress"` + Ingress *Ingress `json:"ingress,omitempty"` Egress Egress `json:"egress"` } From ccdd1301f97e4d76367d1c67ffdb3a987da57dde Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Tue, 14 May 2024 10:48:30 +0200 Subject: [PATCH 45/49] KIM is responsible for provider specific config. --- docs/adr/001-provisioning.md | 133 +++++------------- .../assets/runtime-examples/aws-freemium.yaml | 16 --- .../assets/runtime-examples/aws-minimal.yaml | 24 ---- .../assets/runtime-examples/aws-trial.yaml | 16 --- docs/adr/assets/runtime-examples/aws.yaml | 24 ---- .../runtime-examples/azure-fremium.yaml | 17 --- .../assets/runtime-examples/azure-lite.yaml | 17 --- docs/adr/assets/runtime-examples/azure.yaml | 22 --- docs/adr/assets/runtime-examples/gcp.yaml | 12 -- .../runtime-examples/sap-converged-cloud.yaml | 12 -- 10 files changed, 38 insertions(+), 255 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index c8cd8530..1d01698a 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -24,7 +24,6 @@ Kyma Environment Broker has the following responsibilities: - Create Runtime CR containing the following data: - Provider config (type, region, and secret with credentials for hyperscaler) - Worker pool specification - - Provider specific config - Cluster networking settings (nodes, pods, and services API ranges) - OIDC settings - Cluster administrators list @@ -44,6 +43,7 @@ Kyma Environment Broker has the following responsibilities: - configuring DNS extension - configuring Certificates extension - providing maintenance settings (Kubernetes, and image autoupdates) + - creating provider specific config - Upgrade and delete shoots for the corresponding `Runtime` CRs - Apply the audit log configuration on the shoot resource - Create cluster role bindings for administrators @@ -119,30 +119,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vpc: - cidr: 10.250.0.0/16 - zones: - - internal: 10.250.48.0/20 - name: eu-central-1c - public: 10.250.32.0/20 - workers: 10.250.0.0/19 - - internal: 10.250.112.0/20 - name: eu-central-1b - public: 10.250.96.0/20 - workers: 10.250.64.0/19 - - internal: 10.250.176.0/20 - name: eu-central-1a - public: 10.250.160.0/20 - workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 @@ -247,30 +223,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vpc: - cidr: 10.250.0.0/16 - zones: - - internal: 10.250.48.0/20 - name: eu-central-1c - public: 10.250.32.0/20 - workers: 10.250.0.0/19 - - internal: 10.250.112.0/20 - name: eu-central-1b - public: 10.250.96.0/20 - workers: 10.250.64.0/19 - - internal: 10.250.176.0/20 - name: eu-central-1a - public: 10.250.160.0/20 - workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 @@ -306,64 +258,72 @@ Please see the following examples to understand what CRs must be created for par ## API structures ```go -package v2 +package v1 import ( gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" ) +// Runtime is the Schema for the runtimes API type Runtime struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuntimeSpec `json:"spec"` + Spec RuntimeSpec `json:"spec,omitempty"` Status RuntimeStatus `json:"status,omitempty"` } +// RuntimeSpec defines the desired state of Runtime type RuntimeSpec struct { - Shoot Shoot `json:"spec"` - Security Security `json:"security"` + Shoot RuntimeShoot `json:"shoot"` + Security Security `json:"security"` } -type Shoot struct { - Name string `json:"name"` - Purpose string `json:"purpose"` - Region string `json:"region"` - LicenceType *string `json:"licenceType,omitempty"` - SecretBindingName string `json:"secretBindingName"` - Kubernetes Kubernetes `json:"kubernetes"` - Provider Provider `json:"provider"` - Networking Networking `json:"networking"` -} - -type Provider struct { - Type string `json:"type"` - ControlPlaneConfig runtime.RawExtension `json:"controlPlaneConfig"` - InfrastructureConfig runtime.RawExtension `json:"infrastructureConfig"` - Workers []gardener.Worker `json:"workers"` +// RuntimeStatus defines the observed state of Runtime +type RuntimeStatus struct { + // State signifies current state of Runtime + State State `json:"state,omitempty"` + // List of status conditions to indicate the status of a ServiceInstance. + Conditions []metav1.Condition `json:"conditions,omitempty"` } -type Networking struct { - Pods string `json:"pods"` - Nodes string `json:"nodes"` - Services string `json:"services"` +type RuntimeShoot struct { + Name string `json:"name"` + Purpose gardener.ShootPurpose `json:"purpose"` + Region string `json:"region"` + LicenceType *string `json:"licenceType,omitempty"` + SecretBindingName string `json:"secretBindingName"` + Kubernetes Kubernetes `json:"kubernetes"` + Provider Provider `json:"provider"` + Networking Networking `json:"networking"` + ControlPlane gardener.ControlPlane `json:"controlPlane"` } type Kubernetes struct { - Version *string `json:"version,omitempty"` - KubeAPIServer APIServer `json:"kubeAPIServer"` + Version *string `json:"version,omitempty"` + KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"` } type APIServer struct { OidcConfig gardener.OIDCConfig `json:"oidcConfig"` - AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""` + AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig,omitempty"` +} + +type Provider struct { + Type string `json:"type"` + Workers []gardener.Worker `json:"workers"` +} + +type Networking struct { + Pods string `json:"pods"` + Nodes string `json:"nodes"` + Services string `json:"services"` } type Security struct { Administrators []string `json:"administrators"` - Networking NetworkingSecurity `json:"networking""` + Networking NetworkingSecurity `json:"networking"` } type NetworkingSecurity struct { @@ -383,21 +343,4 @@ type Egress struct { Enabled bool `json:"enabled"` } -type State string - -// +kubebuilder:object:root=true -// RuntimeStatus defines the observed state of Runtime -type RuntimeStatus struct { - // State signifies current state of Runtime. - // Value can be one of ("Ready", "Processing", "Error", "Deleting"). - State State `json:"state,omitempty"` - - // List of status conditions to indicate the status of a ServiceInstance. - // +optional - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - - ``` diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 9b036258..fc1cdc2c 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -67,22 +67,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - kind: InfrastructureConfig - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - networks: - vpc: - cidr: 10.250.0.0/22 - zones: - - name: eu-central-1b - internal: 10.250.0.192/26 - public: 10.250.0.128/26 - workers: 10.250.0.0/25 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index 72176e4a..f31f50d5 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -57,30 +57,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vpc: - cidr: 10.250.0.0/16 - zones: - - internal: 10.250.48.0/20 - name: eu-central-1c - public: 10.250.32.0/20 - workers: 10.250.0.0/19 - - internal: 10.250.112.0/20 - name: eu-central-1b - public: 10.250.96.0/20 - workers: 10.250.64.0/19 - - internal: 10.250.176.0/20 - name: eu-central-1a - public: 10.250.160.0/20 - workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index 44ed3041..d3ec90a8 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -57,22 +57,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - kind: InfrastructureConfig - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - networks: - vpc: - cidr: 10.250.0.0/22 - zones: - - name: eu-central-1b - internal: 10.250.0.192/26 - public: 10.250.0.128/26 - workers: 10.250.0.0/25 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 8022b7d9..8c76545a 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -81,30 +81,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vpc: - cidr: 10.250.0.0/16 - zones: - - internal: 10.250.48.0/20 - name: eu-central-1c - public: 10.250.32.0/20 - workers: 10.250.0.0/19 - - internal: 10.250.112.0/20 - name: eu-central-1b - public: 10.250.96.0/20 - workers: 10.250.64.0/19 - - internal: 10.250.176.0/20 - name: eu-central-1a - public: 10.250.160.0/20 - workers: 10.250.128.0/19 # spec.shoot.Networking is required networking: pods: 100.64.0.0/12 diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index 312e0673..a2cd223c 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -55,23 +55,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vnet: - cidr: 10.250.0.0/19 - zones: - - cidr: 10.250.0.0/24 - name: 1 - natGateway: - enabled: true - idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 6136f5b3..b426219f 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -70,23 +70,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vnet: - cidr: 10.250.0.0/19 - zones: - - cidr: 10.250.0.0/24 - name: 1 - natGateway: - enabled: true - idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 029767db..caf8093c 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -81,28 +81,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - vnet: - cidr: 10.250.0.0/19 - zones: - - cidr: 10.250.0.0/24 - name: 1 - natGateway: - enabled: true - idleConnectionTimeoutMinutes: 4 - - cidr: 10.250.1.0/24 - name: 2 - natGateway: - enabled: true - idleConnectionTimeoutMinutes: 4 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 0b0b73a7..7490e3d7 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -81,18 +81,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - zone: us-central1-b - # spec.shoot.infrastructureConfig is required - infrastructureConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - worker: 10.250.0.0/22 - workers: 10.250.0.0/22 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index ca3e9352..bc153ecb 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -77,18 +77,6 @@ spec: # spec.shoot.workers.maxUnavailable is required in the first release. # It can be optional in the future, as it is always set to 0 maxUnavailable: 0 - # spec.shoot.provider.controlPlaneConfig is required - controlPlaneConfig: - apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - loadBalancerProvider: f5 - # spec.shoot.provider.infrastructureConfig is required - infrastructureConfig: - apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1 - floatingPoolName: FloatingIP-external-kyma-01 - kind: InfrastructureConfig - networks: - workers: 10.180.0.0/16 # spec.shoot.Networking is required networking: pods: 10.96.0.0/13 From 06630bbb9f19531a25a4f600dd276cc87e6ac472 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Tue, 14 May 2024 15:37:30 +0200 Subject: [PATCH 46/49] Added code for provider specific config --- docs/adr/001-provisioning.md | 22 ++++++++++++------- .../assets/runtime-examples/aws-freemium.yaml | 6 ++--- .../assets/runtime-examples/aws-minimal.yaml | 14 ++++++------ .../assets/runtime-examples/aws-trial.yaml | 6 ++--- docs/adr/assets/runtime-examples/aws.yaml | 7 +++++- .../runtime-examples/azure-fremium.yaml | 10 ++++----- .../assets/runtime-examples/azure-lite.yaml | 6 ++--- docs/adr/assets/runtime-examples/azure.yaml | 7 +++++- docs/adr/assets/runtime-examples/gcp.yaml | 7 +++++- .../runtime-examples/sap-converged-cloud.yaml | 7 +++++- 10 files changed, 59 insertions(+), 33 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 1d01698a..a11684b1 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -99,16 +99,16 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c + # spec.shoot.workers.machine.type is required + type: m6i.large # spec.shoot.workers.minimum is required minimum: 3 # spec.shoot.workers.maximum is required @@ -191,6 +191,11 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: @@ -206,7 +211,7 @@ spec: volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is required + # spec.shoot.workers.zones is optional zones: - eu-central-1a - eu-central-1b @@ -312,6 +317,7 @@ type APIServer struct { type Provider struct { Type string `json:"type"` + Zones []string `json:"workers"` Workers []gardener.Worker `json:"workers"` } diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index fc1cdc2c..86abe756 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -42,6 +42,9 @@ spec: - machine: # spec.shoot.workers.machine.type is required type: m5.xlarge + # spec.shoot.provider.zones is required + zones: + - eu-central-1b # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: @@ -52,9 +55,6 @@ spec: volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eu-central-1b # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 # spec.shoot.workers.minimum is required diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index f31f50d5..b47214d3 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -37,16 +37,16 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: - # spec.shoot.workers.machine.type is required - type: m6i.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c + # spec.shoot.workers.machine.type is required + type: m6i.large # spec.shoot.workers.minimum is required minimum: 3 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index d3ec90a8..e1b1858f 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -39,14 +39,14 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.zones is required + zones: + - eu-central-1b # spec.shoot.provider.workers is required workers: - machine: # spec.shoot.workers.machine.type is required type: mx5.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1b # spec.shoot.workers.minimum is required minimum: 1 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 8c76545a..ccdf5bbb 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -49,6 +49,11 @@ spec: provider: # spec.shoot.provider.type is required type: aws + # spec.shoot.provider.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: @@ -64,7 +69,7 @@ spec: volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is required + # spec.shoot.workers.zones is optional zones: - eu-central-1a - eu-central-1b diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index a2cd223c..d4d9b113 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -37,14 +37,14 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.zones is required + zones: + - eu-central-1a # spec.shoot.provider.workers is required workers: - machine: - # spec.shoot.workers.machine.type is required - type: mx5.large - # spec.shoot.workers.zones is required - zones: - - eu-central-1a + # spec.shoot.workers.machine.type is required + type: mx5.large # spec.shoot.workers.minimum is required minimum: 1 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index b426219f..3bfe4fe0 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -40,6 +40,9 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.zones is required + zones: + - eastus1 # spec.shoot.provider.workers is required workers: - machine: @@ -55,9 +58,6 @@ spec: volume: type: Standard_LRS size: 50Gi - # spec.shoot.workers.zones is required - zones: - - eastus1 # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 # spec.shoot.workers.minimum is required diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index caf8093c..42994300 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -49,6 +49,11 @@ spec: provider: # spec.shoot.provider.type is required type: azure + # spec.shoot.provider.zones is required + zones: + - eastus1 + - eastus2 + - eastus3 # spec.shoot.provider.workers is required workers: - machine: @@ -64,7 +69,7 @@ spec: volume: type: Standard_LRS size: 50Gi - # spec.shoot.workers.zones is required + # spec.shoot.workers.zones is optional zones: - eastus1 - eastus2 diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 7490e3d7..409ad487 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -49,6 +49,11 @@ spec: provider: # spec.shoot.provider.type is required type: gcp + # spec.shoot.provider.zones is required + zones: + - europe-west3a + - europe-west3b + - europe-west3c # spec.shoot.provider.workers is required workers: - machine: @@ -64,7 +69,7 @@ spec: volume: type: pd-standard size: 50Gi - # spec.shoot.workers.zones is required + # spec.shoot.workers.zones is optional zones: - europe-west3a - europe-west3b diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index bc153ecb..d1aeb984 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -49,6 +49,11 @@ spec: provider: # spec.shoot.provider.type is required type: openstack + # spec.shoot.workers.zones is required + zones: + - eu-de-1a + - eu-de-1b + - eu-de-1d # spec.shoot.provider.workers is required workers: - machine: @@ -60,7 +65,7 @@ spec: name: gardenlinux version: 1312.3.0 # Note: KEB doesn't specify the volume, Gardener defaults used - # spec.shoot.workers.zones is provided by the KEB, required + # spec.shoot.workers.zones is optional zones: - eu-de-1a - eu-de-1b From d8707aa3249ab277d9184a6bdc1efc19f9049cbf Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 16 May 2024 15:02:01 +0200 Subject: [PATCH 47/49] Added spec.shoot.platformRegion --- docs/adr/001-provisioning.md | 10 +++++++--- docs/adr/assets/runtime-examples/aws-freemium.yaml | 2 ++ docs/adr/assets/runtime-examples/aws-minimal.yaml | 2 ++ docs/adr/assets/runtime-examples/aws-trial.yaml | 2 ++ docs/adr/assets/runtime-examples/aws.yaml | 2 ++ docs/adr/assets/runtime-examples/azure-fremium.yaml | 2 ++ docs/adr/assets/runtime-examples/azure-lite.yaml | 2 ++ docs/adr/assets/runtime-examples/azure.yaml | 2 ++ docs/adr/assets/runtime-examples/gcp.yaml | 2 ++ .../assets/runtime-examples/sap-converged-cloud.yaml | 2 ++ 10 files changed, 25 insertions(+), 3 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index a11684b1..194ca04b 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -53,7 +53,8 @@ Kyma Environment Broker has the following responsibilities: ### CR examples -MInd that the Runtime CR must contain the following labels: +Mind that the Runtime CR must be labeled to make searching easier. +The proposed list of labels to be added to the Runtime CR: ```yaml kyma-project.io/instance-id: instance-id kyma-project.io/runtime-id: runtime-id @@ -63,7 +64,6 @@ MInd that the Runtime CR must contain the following labels: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName ``` @@ -84,6 +84,8 @@ spec: purpose: production # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -141,7 +143,6 @@ spec: ``` There are some additional optional fields that could be specified: -- `spec.shoot.seedName` ; if not provided `nil` value will be used - `spec.shoot.licenceType` ; if not provided `nil` value will be used - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured @@ -164,6 +165,8 @@ spec: purpose: production # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -296,6 +299,7 @@ type RuntimeStatus struct { type RuntimeShoot struct { Name string `json:"name"` Purpose gardener.ShootPurpose `json:"purpose"` + PlatformRegion string `json:"platformRegion"` Region string `json:"region"` LicenceType *string `json:"licenceType,omitempty"` SecretBindingName string `json:"secretBindingName"` diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 86abe756..8fb8741a 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -22,6 +22,8 @@ spec: purpose: evaluation # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index b47214d3..d2aa68b6 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index e1b1858f..e28789b0 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -24,6 +24,8 @@ spec: licenceType: "TestDevelopmentAndDemo" # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index ccdf5bbb..79a79b33 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index d4d9b113..bc21cb79 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -22,6 +22,8 @@ spec: purpose: evaluation # spec.shoot.region is required region: eu-central-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-us11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index 3bfe4fe0..ae25d780 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eastus + # spec.shoot.platformRegion is required + platformRegion: "cd-us11" # spec.shoot.licenceType is optional, default=nil licenceType: "TestDevelopmentAndDemo" # spec.shoot.secretBindingName is required diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 42994300..22805322 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eastus + # spec.shoot.platformRegion is required + platformRegion: "cd-us11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 409ad487..998266fb 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: europe-west3 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index d1aeb984..2d08e8df 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -22,6 +22,8 @@ spec: purpose: production # spec.shoot.region is required region: eu-de-1 + # spec.shoot.platformRegion is required + platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: From 7b0765781c6ea1ff21cb07a367d7905895ee5d13 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Thu, 16 May 2024 17:26:48 +0200 Subject: [PATCH 48/49] spec.shoot.provider.zones removed --- docs/adr/001-provisioning.md | 33 +++++++++++-------- .../assets/runtime-examples/aws-freemium.yaml | 9 +++-- .../assets/runtime-examples/aws-minimal.yaml | 13 ++++---- .../assets/runtime-examples/aws-trial.yaml | 9 +++-- docs/adr/assets/runtime-examples/aws.yaml | 8 +---- .../runtime-examples/azure-fremium.yaml | 9 +++-- .../assets/runtime-examples/azure-lite.yaml | 9 +++-- docs/adr/assets/runtime-examples/azure.yaml | 10 ++---- docs/adr/assets/runtime-examples/gcp.yaml | 10 ++---- .../runtime-examples/sap-converged-cloud.yaml | 8 +---- 10 files changed, 47 insertions(+), 71 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 194ca04b..969144bf 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -53,7 +53,7 @@ Kyma Environment Broker has the following responsibilities: ### CR examples -Mind that the Runtime CR must be labeled to make searching easier. +Mind that the Runtime CR must be labeled to make searching for a particular instance easier. The proposed list of labels to be added to the Runtime CR: ```yaml kyma-project.io/instance-id: instance-id @@ -85,7 +85,7 @@ spec: # spec.shoot.region is required region: eu-central-1 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -101,16 +101,16 @@ spec: provider: # spec.shoot.provider.type is required type: aws - # spec.shoot.provider.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: # spec.shoot.workers.machine.type is required type: m6i.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.workers.minimum is required minimum: 3 # spec.shoot.workers.maximum is required @@ -155,6 +155,17 @@ The following example shows the Runtime CR that must be created to provision a c apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: + labels: + kyma-project.io/instance-id: instance-id + kyma-project.io/runtime-id: runtime-id + kyma-project.io/broker-plan-id: plan-id + kyma-project.io/broker-plan-name: plan-name + kyma-project.io/global-account-id: global-account-id + kyma-project.io/subaccount-id: subAccount-id + kyma-project.io/shoot-name: shoot-name + kyma-project.io/region: region + kyma-project.io/platform-region: platform-region + operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -194,11 +205,6 @@ spec: provider: # spec.shoot.provider.type is required type: aws - # spec.shoot.provider.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: @@ -214,7 +220,7 @@ spec: volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is optional + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b @@ -321,7 +327,6 @@ type APIServer struct { type Provider struct { Type string `json:"type"` - Zones []string `json:"workers"` Workers []gardener.Worker `json:"workers"` } diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml index 8fb8741a..86733d7e 100644 --- a/docs/adr/assets/runtime-examples/aws-freemium.yaml +++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eu-central-1 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -44,9 +43,6 @@ spec: - machine: # spec.shoot.workers.machine.type is required type: m5.xlarge - # spec.shoot.provider.zones is required - zones: - - eu-central-1b # spec.shoot.workers.machine.image is optional, when not provider default will be used # Will be modified by the SRE image: @@ -57,6 +53,9 @@ spec: volume: type: gp2 size: 50Gi + # spec.shoot.worker.zones is required + zones: + - eu-central-1b # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 # spec.shoot.workers.minimum is required diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml index d2aa68b6..10e4958c 100644 --- a/docs/adr/assets/runtime-examples/aws-minimal.yaml +++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eu-central-1 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -39,16 +38,16 @@ spec: provider: # spec.shoot.provider.type is required type: aws - # spec.shoot.provider.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: # spec.shoot.workers.machine.type is required type: m6i.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1a + - eu-central-1b + - eu-central-1c # spec.shoot.workers.minimum is required minimum: 3 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml index e28789b0..15df3583 100644 --- a/docs/adr/assets/runtime-examples/aws-trial.yaml +++ b/docs/adr/assets/runtime-examples/aws-trial.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -25,7 +24,7 @@ spec: # spec.shoot.region is required region: eu-central-1 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -41,14 +40,14 @@ spec: provider: # spec.shoot.provider.type is required type: aws - # spec.shoot.provider.zones is required - zones: - - eu-central-1b # spec.shoot.provider.workers is required workers: - machine: # spec.shoot.workers.machine.type is required type: mx5.large + # spec.shoot.workers.zones is required + zones: + - eu-central-1b # spec.shoot.workers.minimum is required minimum: 1 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 79a79b33..4bf62426 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -51,11 +50,6 @@ spec: provider: # spec.shoot.provider.type is required type: aws - # spec.shoot.provider.zones is required - zones: - - eu-central-1a - - eu-central-1b - - eu-central-1c # spec.shoot.provider.workers is required workers: - machine: @@ -71,7 +65,7 @@ spec: volume: type: gp2 size: 50Gi - # spec.shoot.workers.zones is optional + # spec.shoot.workers.zones is required zones: - eu-central-1a - eu-central-1b diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml index bc21cb79..8cce96d7 100644 --- a/docs/adr/assets/runtime-examples/azure-fremium.yaml +++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eu-central-1 # spec.shoot.platformRegion is required - platformRegion: "cd-us11" + platformRegion: "cf-us10" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -39,14 +38,14 @@ spec: provider: # spec.shoot.provider.type is required type: azure - # spec.shoot.provider.zones is required - zones: - - eu-central-1a # spec.shoot.provider.workers is required workers: - machine: # spec.shoot.workers.machine.type is required type: mx5.large + # spec.shoot.worker.zones is required + zones: + - eu-central-1a # spec.shoot.workers.minimum is required minimum: 1 # spec.shoot.workers.maximum is required diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml index ae25d780..e85b574e 100644 --- a/docs/adr/assets/runtime-examples/azure-lite.yaml +++ b/docs/adr/assets/runtime-examples/azure-lite.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eastus # spec.shoot.platformRegion is required - platformRegion: "cd-us11" + platformRegion: "cf-us10" # spec.shoot.licenceType is optional, default=nil licenceType: "TestDevelopmentAndDemo" # spec.shoot.secretBindingName is required @@ -42,9 +41,6 @@ spec: provider: # spec.shoot.provider.type is required type: azure - # spec.shoot.provider.zones is required - zones: - - eastus1 # spec.shoot.provider.workers is required workers: - machine: @@ -60,6 +56,9 @@ spec: volume: type: Standard_LRS size: 50Gi + # spec.shoot.worker.zones is required + zones: + - eastus1 # spec.shoot.workers.name is optional, if not provided default will be used name: cpu-worker-0 # spec.shoot.workers.minimum is required diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 22805322..73a91cbc 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eastus # spec.shoot.platformRegion is required - platformRegion: "cd-us11" + platformRegion: "cf-us10" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -51,11 +50,6 @@ spec: provider: # spec.shoot.provider.type is required type: azure - # spec.shoot.provider.zones is required - zones: - - eastus1 - - eastus2 - - eastus3 # spec.shoot.provider.workers is required workers: - machine: @@ -71,7 +65,7 @@ spec: volume: type: Standard_LRS size: 50Gi - # spec.shoot.workers.zones is optional + # spec.shoot.workers.zones is required zones: - eastus1 - eastus2 diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 998266fb..0d114a25 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: europe-west3 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -51,11 +50,6 @@ spec: provider: # spec.shoot.provider.type is required type: gcp - # spec.shoot.provider.zones is required - zones: - - europe-west3a - - europe-west3b - - europe-west3c # spec.shoot.provider.workers is required workers: - machine: @@ -71,7 +65,7 @@ spec: volume: type: pd-standard size: 50Gi - # spec.shoot.workers.zones is optional + # spec.shoot.workers.zones is required zones: - europe-west3a - europe-west3b diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index 2d08e8df..fbaec4ee 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -10,7 +10,6 @@ metadata: kyma-project.io/subaccount-id: subAccount-id kyma-project.io/shoot-name: shoot-name kyma-project.io/region: region - kyma-project.io/platform-region: platform-region operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system @@ -23,7 +22,7 @@ spec: # spec.shoot.region is required region: eu-de-1 # spec.shoot.platformRegion is required - platformRegion: "cd-eu11" + platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" kubernetes: @@ -51,11 +50,6 @@ spec: provider: # spec.shoot.provider.type is required type: openstack - # spec.shoot.workers.zones is required - zones: - - eu-de-1a - - eu-de-1b - - eu-de-1d # spec.shoot.provider.workers is required workers: - machine: From 53aa78b237cfff54a1e184ed3ac459c4ddf3fd0d Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas <arkadiusz.galwas@sap.com> Date: Fri, 17 May 2024 07:01:33 +0200 Subject: [PATCH 49/49] Add spec.shoot.enforceSeedLocation property added --- docs/adr/001-provisioning.md | 39 ++++++++----------- docs/adr/assets/runtime-examples/aws.yaml | 2 + docs/adr/assets/runtime-examples/azure.yaml | 2 + docs/adr/assets/runtime-examples/gcp.yaml | 2 + .../runtime-examples/sap-converged-cloud.yaml | 2 + 5 files changed, 24 insertions(+), 23 deletions(-) diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md index 969144bf..4639121b 100644 --- a/docs/adr/001-provisioning.md +++ b/docs/adr/001-provisioning.md @@ -143,11 +143,12 @@ spec: ``` There are some additional optional fields that could be specified: -- `spec.shoot.licenceType` ; if not provided `nil` value will be used +- `spec.shoot.enforceSeedLocation` ; if not provided `false` value will be used +- `spec.shoot.licenceType` ; if not provided `nil` value will be used - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured +- `spec.shoot.workers.name` ; if not provided, a Gardener default will be used - `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration -- `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used - `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used The following example shows the Runtime CR that must be created to provision a cluster with an additional OIDC provider and to enable ingress network filtering: @@ -155,17 +156,6 @@ The following example shows the Runtime CR that must be created to provision a c apiVersion: infrastructuremanager.kyma-project.io/v1alpha1 kind: Runtime metadata: - labels: - kyma-project.io/instance-id: instance-id - kyma-project.io/runtime-id: runtime-id - kyma-project.io/broker-plan-id: plan-id - kyma-project.io/broker-plan-name: plan-name - kyma-project.io/global-account-id: global-account-id - kyma-project.io/subaccount-id: subAccount-id - kyma-project.io/shoot-name: shoot-name - kyma-project.io/region: region - kyma-project.io/platform-region: platform-region - operator.kyma-project.io/kyma-name: kymaName name: runtime-id namespace: kcp-system spec: @@ -180,6 +170,8 @@ spec: platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" + # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the shoot cluster + enforceSeedLocation: "true" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used # Will be modified by the SRE @@ -303,16 +295,17 @@ type RuntimeStatus struct { } type RuntimeShoot struct { - Name string `json:"name"` - Purpose gardener.ShootPurpose `json:"purpose"` - PlatformRegion string `json:"platformRegion"` - Region string `json:"region"` - LicenceType *string `json:"licenceType,omitempty"` - SecretBindingName string `json:"secretBindingName"` - Kubernetes Kubernetes `json:"kubernetes"` - Provider Provider `json:"provider"` - Networking Networking `json:"networking"` - ControlPlane gardener.ControlPlane `json:"controlPlane"` + Name string `json:"name"` + Purpose gardener.ShootPurpose `json:"purpose"` + PlatformRegion string `json:"platformRegion"` + Region string `json:"region"` + LicenceType *string `json:"licenceType,omitempty"` + SecretBindingName string `json:"secretBindingName"` + EnforceSeedLocation *bool `json:"enforceSeedLocation,omitempty"` + Kubernetes Kubernetes `json:"kubernetes"` + Provider Provider `json:"provider"` + Networking Networking `json:"networking"` + ControlPlane gardener.ControlPlane `json:"controlPlane"` } type Kubernetes struct { diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml index 4bf62426..9761e722 100644 --- a/docs/adr/assets/runtime-examples/aws.yaml +++ b/docs/adr/assets/runtime-examples/aws.yaml @@ -25,6 +25,8 @@ spec: platformRegion: "cd-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" + # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime + enforceSeedLocation: "true" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used # Will be modified by the SRE diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml index 73a91cbc..e1267448 100644 --- a/docs/adr/assets/runtime-examples/azure.yaml +++ b/docs/adr/assets/runtime-examples/azure.yaml @@ -25,6 +25,8 @@ spec: platformRegion: "cf-us10" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" + # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime + enforceSeedLocation: "true" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml index 0d114a25..48b2db7f 100644 --- a/docs/adr/assets/runtime-examples/gcp.yaml +++ b/docs/adr/assets/runtime-examples/gcp.yaml @@ -25,6 +25,8 @@ spec: platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" + # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime + enforceSeedLocation: "true" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7" diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml index fbaec4ee..9a61e7c2 100644 --- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml +++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml @@ -25,6 +25,8 @@ spec: platformRegion: "cf-eu11" # spec.shoot.secretBindingName is required secretBindingName: "hyperscaler secret" + # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime + enforceSeedLocation: "true" kubernetes: # spec.shoot.kubernetes.version is optional, when not provided default will be used version: "1.28.7"