Skip to content

Commit

Permalink
Wiring user identities
Browse files Browse the repository at this point in the history 
Signed-off-by: ritikaguptams <[email protected]>
  • Loading branch information
@ritikaguptams
ritikaguptams committed Jul 28, 2024
1 parent 240fc84 commit f6c3641
Show file tree
Hide file tree
Showing 6 changed files with 25 additions and 0 deletions.
2 changes: 2 additions & 0 deletions capz/templates/gmsa-ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down
2 changes: 2 additions & 0 deletions capz/templates/gmsa-pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down
5 changes: 5 additions & 0 deletions capz/templates/shared-image-gallery-ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down Expand Up @@ -433,6 +435,7 @@ spec:
annotations:
runtime: containerd
spec:
identity: UserAssigned
image:
sharedGallery:
gallery: SigwinTestingImages
Expand All @@ -446,4 +449,6 @@ spec:
storageAccountType: Premium_LRS
osType: Windows
sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
userAssignedIdentities:
- providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
vmSize: ${AZURE_NODE_MACHINE_TYPE:-"Standard_D4s_v3"}
5 changes: 5 additions & 0 deletions capz/templates/windows-base.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down Expand Up @@ -326,6 +328,7 @@ metadata:
namespace: default
spec:
template:
identity: UserAssigned
metadata:
annotations:
runtime: containerd
Expand All @@ -337,4 +340,6 @@ spec:
storageAccountType: Premium_LRS
osType: Windows
sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
userAssignedIdentities:
- providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
vmSize: ${AZURE_NODE_MACHINE_TYPE:-"Standard_D4s_v3"}
5 changes: 5 additions & 0 deletions capz/templates/windows-ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down Expand Up @@ -423,6 +425,7 @@ metadata:
namespace: default
spec:
template:
identity: UserAssigned
metadata:
annotations:
runtime: containerd
Expand All @@ -439,4 +442,6 @@ spec:
storageAccountType: Premium_LRS
osType: Windows
sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
userAssignedIdentities:
- providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
vmSize: ${AZURE_NODE_MACHINE_TYPE:-"Standard_D4s_v3"}
6 changes: 6 additions & 0 deletions capz/templates/windows-pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,8 @@ spec:
criSocket: npipe:////./pipe/containerd-containerd
kubeletExtraArgs:
cloud-provider: external
image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml
image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider
feature-gates: ${NODE_FEATURE_GATES:-"HPAContainerMetrics=true"}
v: "2"
windows-priorityclass: ABOVE_NORMAL_PRIORITY_CLASS
Expand Down Expand Up @@ -411,10 +413,12 @@ metadata:
namespace: default
spec:
template:
identity: UserAssigned
metadata:
annotations:
runtime: containerd
spec:
identity: UserAssigned
image:
marketplace:
offer: capi-windows
Expand All @@ -427,4 +431,6 @@ spec:
storageAccountType: Premium_LRS
osType: Windows
sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
userAssignedIdentities:
- providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
vmSize: ${AZURE_NODE_MACHINE_TYPE:-"Standard_D4s_v3"}

0 comments on commit f6c3641

Please sign in to comment.