From 9548d4451c25c5e2f9d02a38ddac9bb2d233a31e Mon Sep 17 00:00:00 2001 From: Michael Shitrit Date: Wed, 25 Oct 2023 15:58:32 +0300 Subject: [PATCH] snr 0.7.1 Signed-off-by: Michael Shitrit --- ...er-manager-metrics-service_v1_service.yaml | 18 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 27 + ...mediation-manager-config_v1_configmap.yaml | 19 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 12 + ...emediation-webhook-service_v1_service.yaml | 16 + ...ode-remediation.clusterserviceversion.yaml | 502 ++++++++++++++++++ ...medik8s.io_selfnoderemediationconfigs.yaml | 173 ++++++ ...ation.medik8s.io_selfnoderemediations.yaml | 158 ++++++ ...dik8s.io_selfnoderemediationtemplates.yaml | 88 +++ .../0.7.1/metadata/annotations.yaml | 15 + .../0.7.1/tests/scorecard/config.yaml | 70 +++ 11 files changed, 1098 insertions(+) create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation-controller-manager-metrics-service_v1_service.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation-ext-remediation_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation-manager-config_v1_configmap.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation-webhook-service_v1_service.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation.clusterserviceversion.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationconfigs.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediations.yaml create mode 100644 operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationtemplates.yaml create mode 100644 operators/self-node-remediation/0.7.1/metadata/annotations.yaml create mode 100644 operators/self-node-remediation/0.7.1/tests/scorecard/config.yaml diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-controller-manager-metrics-service_v1_service.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..837a67bbb9d --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + control-plane: controller-manager + self-node-remediation-operator: "" + name: self-node-remediation-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager + self-node-remediation-operator: "" +status: + loadBalancer: {} diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-ext-remediation_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-ext-remediation_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..d0521ee7f57 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-ext-remediation_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,27 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + rbac.ext-remediation/aggregate-to-ext-remediation: "true" + self-node-remediation-operator: "" + name: self-node-remediation-ext-remediation +rules: +- apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationtemplates + verbs: + - get +- apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediations + verbs: + - get + - list + - watch + - create + - update + - patch + - delete diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-manager-config_v1_configmap.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-manager-config_v1_configmap.yaml new file mode 100644 index 00000000000..5aa55b41ac4 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-manager-config_v1_configmap.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 547f6cb6.medik8s.io +kind: ConfigMap +metadata: + labels: + self-node-remediation-operator: "" + name: self-node-remediation-manager-config diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..72e94f1cd6d --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + self-node-remediation-operator: "" + name: self-node-remediation-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-webhook-service_v1_service.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..058b065fab8 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation-webhook-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + self-node-remediation-operator: "" + name: self-node-remediation-webhook-service +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + control-plane: controller-manager + self-node-remediation-operator: "" +status: + loadBalancer: {} diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.clusterserviceversion.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.clusterserviceversion.yaml new file mode 100644 index 00000000000..09569704369 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.clusterserviceversion.yaml @@ -0,0 +1,502 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "self-node-remediation.medik8s.io/v1alpha1", + "kind": "SelfNodeRemediation", + "metadata": { + "name": "selfnoderemediation-sample" + }, + "spec": {} + }, + { + "apiVersion": "self-node-remediation.medik8s.io/v1alpha1", + "kind": "SelfNodeRemediationConfig", + "metadata": { + "name": "self-node-remediation-config", + "namespace": "self-node-remediation" + }, + "spec": {} + }, + { + "apiVersion": "self-node-remediation.medik8s.io/v1alpha1", + "kind": "SelfNodeRemediationTemplate", + "metadata": { + "name": "selfnoderemediationtemplate-sample" + }, + "spec": { + "template": { + "spec": {} + } + } + } + ] + capabilities: Basic Install + categories: OpenShift Optional + containerImage: quay.io/medik8s/self-node-remediation-operator:v0.7.1 + createdAt: "2023-10-25 14:32:21" + description: Self Node Remediation Operator for remediate itself in case of a + failure. + olm.skipRange: '>=0.4.0 <0.7.1' + operators.operatorframework.io/builder: operator-sdk-v1.28.1 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/medik8s/self-node-remediation + support: Medik8s + name: self-node-remediation.v0.7.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: SelfNodeRemediationConfig is the Schema for the selfnoderemediationconfigs + API in which a user can configure the self node remediation agents + displayName: Self Node Remediation Config + kind: SelfNodeRemediationConfig + name: selfnoderemediationconfigs.self-node-remediation.medik8s.io + resources: + - kind: SelfNodeRemediationConfig + name: selfnoderemediationconfigs + version: v1alpha1 + version: v1alpha1 + - description: SelfNodeRemediation is the Schema for the selfnoderemediations + API + displayName: Self Node Remediation + kind: SelfNodeRemediation + name: selfnoderemediations.self-node-remediation.medik8s.io + resources: + - kind: SelfNodeRemediation + name: selfnoderemediations + version: v1alpha1 + statusDescriptors: + - description: 'Represents the observations of a SelfNodeRemediation''s current + state. Known .status.conditions.type are: "Processing"' + displayName: conditions + path: conditions + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:conditions + - description: LastError captures the last error that occurred during remediation. + If no error occurred it would be empty + displayName: Last Error + path: lastError + - description: 'Phase represents the current phase of remediation, One of: TBD' + displayName: Phase + path: phase + - description: TimeAssumedRebooted is the time by then the unhealthy node assumed + to be rebooted + displayName: Time Assumed Rebooted + path: timeAssumedRebooted + version: v1alpha1 + - description: SelfNodeRemediationTemplate is the Schema for the selfnoderemediationtemplates + API + displayName: Self Node Remediation Template + kind: SelfNodeRemediationTemplate + name: selfnoderemediationtemplates.self-node-remediation.medik8s.io + resources: + - kind: SelfNodeRemediationTemplate + name: selfnoderemediationtemplates + version: v1alpha1 + specDescriptors: + - description: Template defines the desired state of SelfNodeRemediationTemplate + displayName: Template + path: template + version: v1alpha1 + description: This self node remediation operator is using an alternate mechanism + for a node in a cluster to detect its health status and take actions to remediate + itself in case of a failure. While not all remediation events can result in the + node returning to a healthy state, the operator does allow surviving parts of + the cluster to assume the node has reached a safe state so that it’s workloads + can be automatically recovered. A prerequisite for the Self Node Remediation operator + is a functioning health detection system that implements the external remediation + API, such as Node Health Check Operator or Machine Health Check Controller (in + OCP or Cluster-API based clusters). Once a node/machine is unhealthy, the detection + system will create the SelfNodeRemediation CR, which triggers the Self Node Remediation + Operator. For this the configuration of the health detection system needs to refer + to a SelfNodeRemediationTemplate CR. Such a template is created by default in + the operator's namespace, for usage in other namespaces it needs to be created + manually. The Node Health Check Operator is configured to use Self Node Remediation + by default. + displayName: Self Node Remediation Operator - Community Edition + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAqKnpUWHRSYXcgcHJvZmlsZSB0eXBlIGV4aWYAAHjarZxpllw5rqT/cxW1BM4klsPxnLeDXn5/Ro9QKkvKrKzXnSHJI324lyQAgxkIujv/53+u+9e//hW8r9Xl0nq1Wj3/ZcsWB790/8d/5+vRvL/6PfM3fD0XfrwruD+98P1b4Od3z0ceE4/p8+SP+yVdKP30gfrjMfzu+VD+7fn04zbxTyPq3xeK/Pz0/Kqx+p//63/8vXf3y5yd3p1HrqxP/ZrU91Teb7xxsjDpfazy0/hb+L29H+On++GXC9lvv/zkZwULMSR/Qw47jHDDeY8rLIaY44mNxxhXTO+5nlq0uJJPIWWXcsrhxpYs7dRTTCuelHg2/hhLePe1d7sVOjfegXfGwMUCn3g/7vuX/9ef317o3qUlCsz+e60YV4wyQ9AqJv3LuzBIuN9+VN4Cf//8+38Ylotk3qVl7kxw+Pm5xCzhD99K7hk68cbCY/58uO2vC7BE3LswmJCwgK8hlVCDbzG2EFjHjn0GI4/J5TgxQSglbkYZc0oV4/Soe/OZFt57Y4mfpwkhDFFSTQ3TWBrYKueSibWWOz40Siq5lFJLK71YGTXVXEuttVXF4mip5VZaba31Zm301HMvvfbWe7c+nEVLxGqxas26mY3BTQdXHnx69METM8408yyzzjb7tDkW7rPyKquutvqyNdyOO+28y6677b5tjxMOrnTyKaeedvqxMy6udtPNt9x62+3X7vhhtWdV9yeb/Wq5v7da+LIaBnPPZpk3fVuNp1v7vkQQnBTZDIvFHLB4kwVw6Cib+R5yjrKck828RaKiREZZZJwdZDEsmE+I5YYftvvDcr/YzRH3/1u7xZ8t52S6/x+WczLdbyz3q91+Y7UtfF+KQw+wKQy1qD4Rfrzh9BE774j/3aP7+Qmre+xR55w9M4HW17I4bcXRzy373t7a4qbVdoh7lbOqxXJSxS9cFuadk8I9u83LbFiV662noeUqI83WUhibD7CM+5xme4dyWIBNJhvrlrbWdPeMyCqk29ZIyXyaIdhpDIG3hZvHTWtj4TXn5oZ+pYYjloO5Gos87uHO8xZH3Pe5fCkrJd5bEzPwfuxeMn7nx5z1lKzZx9n7Xn+1VC7+79b2ry90c76+HsO8/vQb9hmjVhLHJrmwDl6m7eHghEtjNoIAN7pjrT3S7i4a1mFVa414dSaCZrjTcJYczmo7+dbn9qlcm7nMTh5aVvtpt1m4o1289BDFTlcnAHeYd/tb6k56ppPEdm2FLNDxLBLWAnQLHtnjmEFLeCsRdSMOcpnH50I+LcPkLZ/ZsFHZSVnOz6URZuJiF+JaoB0xPrPtOPOScxMRa7dirTjCsY2xrTPanO14XG4Y87k1ajR2ZjkNrFNeZCHnKsXfefYpC0dj9ZY/w1/HrDuXPiRQjb+0CS540Pymuu8InVEBT7XFVjX6pnhbvDBOHsF6Pn22nIKr48wq5z9n3kHoYqyAa5azY59xnWknsMg7vstsvOqwfv3AyUI7ta8mOwS3Z3guaC2UhTePdYiLqZAL9dQ6sfKNxnyxO0l4gF/4bTxzHiW0Y4EAy8exgnsp9Fue8ubVhsfsNx98POUaAaIS+53P9cfZhOM9OQ0CotrFZ/Y6uKUbbUFrmF0E4WrfJ1lg9bXguR1fidsTGNYOtk/IhT/g+a+P7q9e+MePjOj2et2Sg0V8ZoP0fkd4lkXfAnkn7dKBlIm5BlNlnWqoCgPcMJ0LGhELA0zCxNAa8Bc8AzJialaVULL5WpgJcMVCZa7FfSf0zXYjJCLZZrU0k/GnHVLP6uT+ey5myaljMR+Jqlb8Tqxp4a0NqLe8F/AB4RjDzlIE1rlWKm3HwdIBXGND2CtGqwfswRsn7pHkXousU5mlleZhMqXaxGCQ13bwMiIJDyTbafg7jVvJH44rT/LAWvB+v7qHsXFjO30N3XiWvp+j8D96F/yTxBjWIDcDqzDWAnUDD12Z6YR0iUdCEQ+dC74rmL6TVcYXV904FCGE9/i7s43zNa+AX66geeFtbp3PvOJ+82JpmFfbeRBUYD6rFcPIu4Ew974w6TDgk6JhwtHiwsFrs0KIFDCOFKsgwYyhA9HJSg0bvF47tMUnLtm1v6CtZea7bF9byvZbgIGdWCPSRCezpmeso3SxvoxFOD9jJf+MdeJQAiK+QZK6Im8oBNE6e+BJZBGS1d1H0TqAkPKJ1hgmrELRSrSEF63cee5moIQUwdzMuU/GYcTXzi6LxWOs1MOcd5Id22mPCAgiiyUy4az73NTWrZ3pFlhUapAV/uCudYW0WnAwhJ4I1QHPGJCoTv5LrANmOqK9yI2TZeQzSaV4mmVFkWVc4MsKA+RoLkQrGYai1NuxxoXrMoE6cYd9MquF+2SDs2FPSNklDIEZuE6vEwweEAHD8YARyFP+hDOTLu837/+bR4AnDHh2gbgBqfBL+FqwSNKDcXrCqExwvgPSZnPNdGvefYgcQSNyJSynkTyB/JrwbBYGAQj4yYMJqt0rCzwb0RGhS2UxfvxjIi9bSAlyJcdcCxDpfRRScm6xZEd42sttaEKsmPX7BZA+zleUYSAvh/GBMwyMeCL/tErQz5l5BUwOZEGHlbgDKXD5GqPlNwL82QaiBWU46rUab4mHJEvY8FGSV50Dw6VLPoxnFbzWEclgMlBFvF0GPgcMwtfZDSVjY/q8MVQ8UGDgkqAoyrQKDgyPp8JwE068HcDEJA5uRVLoA3LhO5TjghphXQa9GhCZCWdkL3S15Q9bIB2QNExPZXJsxGqQfgJ9T95d8LoCMSOSEp7A8jGNeeP2J648SCYlDoMYwtR6w/GhtrhxB/ucNaBgbUj2kjw58N0Qto8wpEmQEYNYRTSowgZ4wPt6rSQovBag8OktFZ7NkmhqUBUle2KDO2YYUesRVWmJwM0yT2m4NY6PiTR03h8gTvx+eqibdKTccTxJMGxwhtUJG9wi5Bvuc1cHmHphneK+fnOD+fgalkbSj8n8IAubAHJYAdQEV8zERQC3veH+/fgDQfXEN8SZPATV4y4H5GjyasaYM69BqIGuupKDFUHEYrvy8E2KJsWXCUINclfOy1KOLGyBQvBDWN0OJqB+pU0K2KhqBQTIwTFxx0la26vB4c4mmzV0x1r9gGpddEFqCjc7B9uSLm8EzeEEDQvDHSa2Kw5vg4VVaERvqCp0W4cNYT2mRR4hPiCkeNTOXtwdFwA/WGiuBIpB/EB/RYyqNTuAc17SECyeYFOD4VaN3UBn+E+v4TCmwrLhYSiAtsJuSKkyNEU4V4doDckTPiP1fzPjgIPN0vDZNgiAOLzG6rcSgGIPDsecGTcMGbAjSo3sfB2ZlCTP4BtLDDBCm+olu3sYB25NtGJPwg5shiQs6W2k42A2ZIpLPoUfM43h0Bfw7+ElPQiyFr9iKUoknqzrH26k3IuRsaZIzO4fwXCQtv7plM4afX75/WODy+d+hiAM5+p+QOYYI7IAnAUrQEcER9vDjSmOz0RwSD6D/Im4PdIAYU4gEZP4xNMpkp18NPpKsHtMK2aAJ/g8o13HpKUOu0peTJFbh4fqurVKbGj9sys6H3K+gR6gEmPPF6CSEhuwhR2Yww3wQnAcO5C87sBgwOdYvTcQIksYN14GA3ac6EksjEwN3eeESUjN4TmuA7o6muNCipJkObyMIAA4Ngoi25ZVeEsi7QAf6NFkqnoBMjdhDCjDJbdxIW77oAeNLyZE6EM/mDfojsRAXqGNxqz+ghCgM0kROg9+HsTRAW3QuqTLiKiB3sJUiWYy/ORlqFJrFRlTDKgQdOLfgFi+jWS0E8hBRhZYEEUVP57I/Z2ckXwnWF2BnI+UaLCOp2txmLDAyplJ52d6wYdggKnMzMDhqBCGkBjEafgRYQv3AdolT+SMnnxxhd4ktwwtI5FxZZ62+Z5+t8GavPDHJ9yfPoL03uXlOBYeMjgAy+ALLEJujJhNhwcSTDuR4cGeytgqJtTslvg4ZFfEBUEMLcUHYGHoziQuCyZLFKBSEQJGdoGRR/I9GLbRO1mL7QFD50PMKeK0XSUIAj7aJw2QAtoOUoF41VnMCBdYYofAOf88LrBqkxaGMTilWbI6gkKhcrqYEUysDcTpHUpBReh6EYbnMfO/IObuw8yZFFdCs5csxfjNxOyVu0h4QE6CVV+AljQSgalThVqRG6Gs/TQXekSqG7DDxBg7PmSBNELqScgmqJFUJ4uMlgRmLyi5Tz/QeXgaeLDgyYzeuzTFG2En9yQ+xQ1YRHwWZCzAWZJwINg7Q+NWohfLj+2ZgM3OUiMEIBcpOyMo+OCF4xOAjwFWQgSlomJ5JqVOOOkurDl8JLSo4Bfq6y/Jpot6I78cORYeQ/omr0G5BoEqx56TaZKfrhxukvY2hIv/E80ACVhARjAQHUQNwRaqw14LAictzPRVqbQECN9GyBF01wasZdYGqgLYzJ94At8uQgEFjTAhhlVlFa2p0CEiDc98d9+ovgVIeGQzxpFwz0rykiMMMj4hwEKj7iEmARoXiQCHvyaoiqoGM1cCdW9VrJ7sXb7l/h+J8YcXu98Q44ZiwvcbOIAVgQAz2U8Iuo/SI2zAk72PofKQliPPRtAaTt0JrkQymkdpnuS+ydfa54gfhhDbN0HApwTNS+JbBKF7mBJpMDhYmPyHuaWJfOn9wI0NAQkfH/YhYTjDKCtUL67EagGqqg/yYr5RaSgWISQBydJB56scvj6NrULKCSuS22L2+rMawesrF2foplrPBEsWN889AUFuefAAFhwHtsADe5KjVcwM4p28a1G5FtSpqL5MgBnYhdiFJVfVg4Sh+E5yoGyBDxy0c7ItMsIiwLkZ5gid1UODWR1fZcMbyT3fuRjPaw88hZHuJ/z8Az3/hLaC1W+8fbD620+4Xz+iUp5WDJNgLuQCDAgdfT++JUcdC+GEqzTSCZl3tW3H1QxnHCEJUw66qFkUvZNgNFi2Cpa79q06L+kJgmWIwJ4r8hkdAcoTn4b3u2EoYbAG3t0UIEQVeRdKLr4uWU1Uo4MxJ4vICwiiDNUdCmrdiQVHtt/ktL4Tl4WdoSRrHKBJQCokQAgsAHp6gqsN5XxrMGJiGROABAF/vqiRKKXbHfwsI6xKUInoIg+hoUdYiuLCXmjd1uSXLEfnMT0/VIH1itdlg1SuTYA6ech+O1K2iFroAa9eKTDI6TWRyXm7yCwBan7Dm0LXpgYkSPutGQAdDJUEiTG0ZI1UfMA2/kGTwke+0zrxupGfki4M4aaI2MZNO0MxUguIk4kR18sgIrZAK6FxkRFIR1Uk8NYhwQUlZj4g9wngpCmxvZImYkK58ageBit0mAdRUcFNr/WF+41mIIkqYqw1agjpkzu4TiqsvSB9DO1mKB2MxorpbSyuSMQZg/AjKgME6LIa7eLFK7ECYR5t8Eg9ADpAmL1iU4DeNpXAnu1UZTWHeIvNzKuKqSof7IrP4SMK7raflIMzInQQY1BVEE0sdaGBcS8w/aWyccBsMQPsJZ6BYgAVAAJo4yuIwNfsk9Qj4+4vqaNVxEDb8Mb8SeYvqTuyO8wz4IkBYa3C1RIjD0/ekShSQs2hdvIQuyW7MoJObp5K+QW1BwXR9q1jXYEysj9qIOvu0CNSzUYE+flqrS2H2JGfkEri2wN7v7uY09XexcBXKBQJQBBZMKqqs02uo+oneIinCgDItfPXlNKQoqqReRvbtBGAvADoJWcOrFX73Vm6LT3yJKarkhwaDnNc+V85sQfJbleUGUAqGMbGecQ1IXGHueYdQk1ZScsP7XgoZ6FRWGWYAViJ2iCsoByzlulA8xX6HjgiMovYLzgjNBwNTDDscypOV0dUHQarQLIYIaSO1/IsiJCCEZFcqvlzdd41SAhjSEcaaQy1UaJyNR4xSBAovLgJW+CV5L1GDJAdxIPqxOjP1CFaKCUV3wEhUiokiWW/KBOIO/6T8oqErAg874J7XZkXnkmEwOumNjO0a1UcTq19REx5SEdB2+osALhD7vqoEtXktPvl42sR6MQ/vyCxYNCNzMy6l3Id6hzt0VQwjcQxF1VZR9vYpK1KeEuoRe0FSumAsk2fTLCkjewNkq+obNIR4icsVidJZvP3YJ34VfqEdWG2AYX6VCeXLAUpBCLgkYjnt1m2EL8ruh+bWdpbBz57iK8mC6V9j9uDYein9l4K4rUGzPI0YfbTJ9w/+ojE4StXkc4idJi8B1Qp8PbH29dyGPrb0UODV5HyoTgbyXkWlA/aCiZVAJ1E4+vbLeGK0CIDjFgJsgjCGylamxpPCAaAD46gdbr41lWdpKvGSwJNKvaEtQPSAv1Y8cwWbL1OhDkiDryqg5dBeDy3hjyi6hZKiGR7mkyGdHm7oiKzBXTGa7FmyGhPIZiS+xIixt0AfxgbiA0wJ209Pzs85vt7OfVbNYWEdWdr/1v8HMfu2o8DdlUlRF4CJPmVoBroTEokORVAP6oEnrtHdfV8tEPJsjlEKI/ixvUgGJpqBmgVbqzdDdYcHocjXv2LFAuLj5I05lK5FK0cBsQMluFa10gA8CrbZM9bm+BwvL1IIA3V8R+Wm+AvkIgE28CXI6BgoDl+epS5kUbEqH9kycuV1vzbbQH3tS8wtXmCo+qtFds9xY1LidvUQOoeA0PNpu1TeLMqa5BKHClAegYY605uYM/ZUcSZtemG45IEVYze2ifRpcn7z/fxAHgLCQiN89lFxzWw4onDbTEHiQ3+TJL1R2xAc8WRYWOhTgBdDHqmWkIF4yNrmzF5OvPBgfAbzFYFbYbgtUt8ueGFYSvOgGACBVD2DBRfe/Wsg2pfbZF2g7Zna5EfE1oxOSQQDo68wXFUXMcTj8QBVlGKEJeGOmrfwpNmFhT65iFjZiX6D0GFEHmnX2Ej2oStE7jCHHvPxFxIIVwapRhl6ZKgxa3mSOSM00RpE0gXIFTJz15dgSSpLIQEDtqE0JYhAPG8daK5T4RgoWIS1BKmdgkwVgukr1oEub/vpP7jEN0KMz/KXPCXFOLRtlbxXQ0J2nj1Cr6pPS6QXptipzPj61FzkEXWOBAurBGUHOUHRIFeb/t8WZMWxqXhoRuixKtFxES1uSS6psLap5kDVpP2K/y53xX8foiM/1Ch+blA4/5ZUedPNZ2vsPmzynC/yoz/sMnL1R+kqBNARoPEZFDOAYjwHzgOdMMXkR9pzXxsa98belQnFGlm9EdRfRwFAf/WLgBciCXdLahyVhwa+C9qCJj/RxVBQP5HFQE0YKaqx/VFtHSMA4kAmXP5bJkzSeifl+uMnRJ83yYOx9gEq3iN9lV781BMuRhJ8xW2UbMQdlyE+YhudSCiI9FzayKhW20JAVKLn1lANIvOwvTVgfDZ1MQ1DC1FNodSOHjS2xNVOxC04u2JdsQRTtNnYCGH2mzEUyGTTA4wx0OehOs42IXgis0lJxr99k14b0jaN+kWI9T7s28C7GD5V3BeRAqLCZpcNdsgpLj1baOo32A7ggpEvJqffHsD/ls9BwgelDgMXBu0hxBJEdEnrB4dTcC/zF+cl3ViJOa2Jqh1EvxrnUq+7ZEw3rcD0P/ZQF4QekswzrdCS0oWLRYXQ2MqM7lEXkEnXux/CA6IXS8Y6kKWBEZVNQ5VW1Fi6S60mxe51I6+KlskeeQt+mS7HVAOsQ5xO9RB05Yyj1GZ0fZWLxraDqqu+lLWzjivIFvVwOCHjCfzaVusEuNFZBp74eIv0mIoLFYFD29Q18MsIhYzlHjKyMwyXnWDLYPrhfbYgbOnPckzYKGHc5qkOuqDS3SWH1moFQZVYSpQzebRoF5bDAzW16TyPJKzbMgoy4vc6fDCt9mJbOPSyND5qUHhtrZ/DWVA/09VJvfnMhPTQQNpB2OpcBDeiwBX6iiCo21O7Ue9hjAyTBJ7Ldon8NnBmnlLzejKsrtfVX1BAXV8eoJzXxSFZ3WQ8kBAEdEg5ki8FqHJQAjm2VD96FiNhuPiexmQAmXRbfoslBvexfO8Ot97lUcy4wwQNLyfmMepEeuC+grRYrWGmoUUObbViUhkohgJN0RufpLVqybYj2VS9hgkxlH5XGVBDAvDxzQ1cglTIzpIAeT1Cs9Ti5+pc2RBAe2+9hHUayAH8GtqBEZBCXFHNbeC9Syhw3M93hyT9ki1raC9RFZxonrwHnJkNAgf8g2pq6oJM7EgaqwMBe0fUEtVa6r6IA1bt6Q3JB+0fYsLqOnpmrYBfSy9Qpxso+pBVw/8MTaiycpXoQt1dOxvd6GUnESowU70top9sdzWN/CYpSWjodxZw+ogeSup3+1op3pvgrf2InSuFUOGAj4DxS8G5yvCqjllwMSPgQanQiwhX2D2SEFCGQodHylEFKBWriYjbCNigsq0AbbcTY2ILK16naq6e7RTCiYAwm7K5crbkb/azCBNvL1kRGnTjtpA9xcI0iSfkPCb/Pm2Ik2Oi3q1puDfI7rI1bvP5+ArJIeuzXRwV1th6kcru6JzjAhSYyNPbIQoS0ZKVAu4emOy1HQji3QRo0GUx9dlAgmD5T+EaEoliDfDeqRDCRY+9bJcmeHJuJRJoWpZdWvGslQ/8vLpCNeu6kf59Bm+nIv8ZxGL2taHEQCpaHPhmtreWoWwgjd5OOlz6Ewr+C4PMMBF0HusigdPRFiYIjFEC3gRcCvI43ztRCJLRZ0ZiQttp1ZuRFfIBnhNzyAj4YWRUV+3Lfgk13jdmUMt883UnWGXlYwzqCWiK+mW48Zn11wb7+ZB6s8mfPw0fALv4irQC2zb1MlkSUlyMXzWlBUnOs9FRQQHkW23w/7T+FwqfV3qs8cGj2zYXLWzggmikH5V4KssyA3ZfZz7iJT7XYEX1Zg92kg7kSRHXOp4C+jcCAcImlyWZwPolSEpK4zhyFEo1a1S6VBJAx5yJSZHAJQ2FOqqCw2qCAfpou+d5B7RVmCQtC0RocYx/AhSgOAsyv3pCYlWFY2B3BcJMOAFtXDUSgD8wuFJwSrz5CguHQvLBGXaGZnlkQEDNXq+m35QxH9sY0i+KxOi8cbLhKC32uj923Sy+Hglqc89EYgrIkjhAIAM2cCvTOq9auTMQWkZyj6RoSpB4fkIGYkdpQ1itqwbEV6QCIHCXQc4JRiqdnIGXjXDUqcs41RkQOZLliLLAmU14OLp8Kxhgm68PLllYhlLLWDqZkB0rL3Wy3vQn4ahXtqzWlX87x/w+Q32uAKOqToBSqsCYEAJsySehyppJb1KGsxLHSAYWz0YwOT1Rxsn2D6pkIbxkFmEzspDEjxq89m/0oASJdMJr7pzGbYOOAA8qnIM39UDmRYOvLQJLxrhtIsvsiyxyDoge431hilskjuJFcxXUw/phKFzI1U6o0gdS4WPovDnNDS/k1waylgqFH2KxLZEiiQF4vlZCjDkavNAdJkdeNQANW5TpXu9G4Ysb+S1CB75q0a6NpS0GkkGPkVwkoXU5J24zj4steUV0Pf6zMApJ/jlq9ph0dLq6iL81EUAOR/465gTmgMQwszMFFxk2aTm7wZdAR2BpQgZOf4dN+guTfwDxoKzLP9q+0lNwAnGzKR60rYXiEXWgWSYStRVpCZ89rmwKrlmgJuu3IKBRBS7aT+MdGuvAy8tHFslUpV2+JwqNNIn+B9xjOG5WlZJ/W4CBTZCTjwiYIwySI3A9Cfqt2sTVUcaFDsZ88MDkWVdFBoMiUldmxlIh+yptuQMmQ+0X0IXoly5pWViVC0VTTmAiCUw1aCTELk6tZCUQ6zaWXwE2o93D/NORRKCZ8lt1hBdgFodaV5ocxbp6cgfbWwaDCVLD/BOEhVe38lgou4BuznkTcWK4BFBzsDb0UR6e2lnArSqKoN0NTFXgO0g1WNStQzPYglVm+C6BwU5uw5MqNcIRUNuv+AOjnMtfzXQZDXQCJqJhTFleLikF3WF/8UmXKrevXRQJ1LqDJDIkn4RsnZEELMNr4tw6GSW/1Qr+1Ur1IV+XUg6aUSaAE1bVoWQGiuf4Kgnb1/KDi2KyQ4YMW+r+nAVdO7XCT5VgD2vob1n5RRUi2OBUJykep+iKMSUfFLLaLJFOhbqqCkd5wU4UQTklK/oY2HQPN9Vf/cNzWNKuBIbxq8A8xkA7iG2TS0IoEXGloBbkkwLHlBo6gBAs8PekgWHg5OokloDADjt8Y3XXr/VXp+zTm6ZtmkQbIsFhPhubZxuu2oy23XuulSMc3AsEjmCP6g6mJbq7GA9hEV7ucTvkWqXTVPEAdVKkl6JlKFeZfvXsDOCE71QviP6xHgILR/VNrk+G3hAlrqXXukO+E6mCgNrx708vtbEPRaLbE5nJFFQGTqeoet4j6lWodp/rIH02x/oBh1bUTZK6uSJ5Bqy11QLBRJlx3vgkK9yy3C1QdgiFnrakSwBeqQ+VbAk4aqdjKjPOnAYdTYDAbHz24K6WHy7hLtnVvn1BokekiaYIUmHBRtVhwonHFMdTVnMry+vVixsFF9+xISmUpdbbzO8vx5HJl7Vt+pP8uqYBVRY0KAeKNwOYQQLJ4rb1hbgei3Xu6qFfEFGh3YJLAa19zQVdcaK5LmMthpfCrpUdWfyFlXulg5uvWJ1iv3HeZg53dF5PPgblAQdGtQlCGThWSCSF8BDEviHSFWbFTgM2scM6yPLdSQW/HtE1ktkFFMwneW1N4OrINswh7pxoaH9Bh2GeJ11SR2tKUI4oHASspsBXhZE1UvnRw5fUd2I6oVhyyvfQbeRKWOrnXFj/qVWmhq/MQDXR9RDCSyRGUoGIaFoYv8I1vE966uC5q9qCVeJUHnVd4iYGhRXnlTFWFFHKHCdcoDAEGCFT41BJiZZQZp06G0O7TzqEBXIKWKJbCLrtaCm2KbufTWoH0caUINbUmuxzq2APNrrh4QwfohoBaHR5ErfWc2YhGDrC6Kd1GQMS4OFhIE4NgiWcmvoqrqsDHZedTp67QJEVZS7mi9YYBI0bwVWSxlh6yDS1/Erbd4MtyJyS8rSGwDqT6hfJc/+VfL8O3EJlK+5mE40dWjCCJqqveoS8Sr0vbMx3b8arPIbPrnUQL4ZzsqEEZ7WINwYtkBA1YQX3MHq0DG0LkwQUQruiS6oyRFmq3YSFVNY/eVfe0pVjxbDGSrAobBxRp4o1UHT8g68YOTr8lXpJlp/0KIiSqPghCuoSwtxgBRdom8ZiGpDB95udV5g+TcbqZAExjLQkzdVdOnKOi9Qs/rP6nPO1iUuXYf5TWP+wOoepDj168BqyR19CPNVUSXrA02BD/AKHLCQjdUuDr+Fft0ByXRBHQYRsshEonoWVMXSASiVZYi99g5+AmnakWX9dZRPrGEdOeAkQ4faEPbu9dTqBFjW1vhBIcNNURSME3w/2sNXTSx8ZzNkxm/ryk6FZRUHNkpIvZaDnFthNagzlMvUCWz+36tv674mYJgdQhmIInPGt/tVms5CqCW/SoNp74AQUalFEgu9DgYUBpKUfVVHhP7pZCi8kiiAxUFemiSWDsgFx2UiTAcXWiohw7/xR9Ug7U7szNqpJfBKmzf8ZSxg9egkiY78SX5ZV6f+2xXdpbCqavUg2uIhxrJ235kBZC+wVhWIbV4HHm9hcuQdFUXGn5oH3HcrwlfzgPWj5U1ogHi7OlSL0ECOPNX7EHSkJkEEdMA9yjVRojPG4GJ4TV35dHBt6LQg8hy39UyiTFUuYs6CBSghXsCnyTHzwKnRu7OXiysLDUT9kMOspr6doKuPwoCcd8YI9gXcKrfAo33/rMDn3CaMvPSunQI1mCOFjvuCVvz6P2OGDfxhqskTh+HzptN5WIYc6LW9qiLQUstpgW0wMZ20bFXdByScl+Wi0qwP81V9PoSCRW8DBgDsJh0Tc2fpMO5WZXy95ncVT3hhNZGqz6mTm7kEararYZtcVcgXLJBOnGyVq0aJxQXI42nmReCl+SYs4jVSRpjeeY2UZLHwGil7A3gBU135qjaNoDSSQIUaECKvS0NYkEf8UUMj8R/RSTFvr/aerdKm9oPwoKJwlsTSUS58lCiIDv9In/qu2vyK6rtBTUbwr6W3AZddRUkVbpHRwBX+4FVlhWGK7CsAWVmnA1o6tqJKZs/aPNUJnahee6FufW1dcCAoihavqdNj/6bV1X33usIpN89BWAv6ARzWlXQBJgmbz0cVO8z91RejbVL7uenS/b77EhD5p3samdmOnt1WEwWcV+01WLFWMggpSpuOfZsOfvigypuvqHjpmUlMveM7fr4tF3Up4Otuo4u6jpKCR9FDXGzoGEISGlTh6yvuEuIBwotil+1QdLVH4iNWosZIgW04rN5SB2rVMEN2VwiMi0lhDxiGa8E2/FHMIpRJlgKJrXSDMyX/2XpRB4IKYjrKo01AVZLVwgw1BP6u6LFaU9TzPYRxXQd9wY7O1T0yVNwTkj7Fld07zmqzqbiaIbd8HDJ4SNlX0naq50gbNYRIVJK9dZFyMt6aXvNXjeZVI3TNk5LfbpGysdgrRjmkw6nDMATkASWm+lYIjjJYzK8GFp3t/Qkg3HwHknTCVypVpxxxwJyhFKg6LmUA2Tle7TNd52zVjNSgOqAoXHqo7gJTrxV6HH0B/7Y2ChAAPvMZ/qrIrxNhaFfY0ZJy0Haqms9xgCuRLWe1TxVlZVf/OG1bdG5060yV+CTRgGokzRKC8ZS3DayTwHm8jad/7wR2f7QCAyIJga9bQ9pYTRw7vA7MEKeOegIf6JijkeqXcfZSjXGoQbc6NZoMOcRV2yEya6ruG6dcdqrFHi9X+VaddnggHNwHZY42j1cd4uqkf9qLEFmSaedTUNM8cngFtaFvTLCugpS2VvU8uQShtz6Hdwh00RAEJ3TOV4dtc9ZRVTWQQx/0XQlkXBMmQe0mcIrnAgovfyRSbtPZX1wOqsMIiJ+tGqebBFpVSQNFySCgtYGIi2puVPnxVdNJEG0/8JjqWzV9kwPyeatehUqHwPSvjij7Lw5Alrdr2ubUgV0GUHEkcqPrKoaauhCItgrrh5yr5fV9mQXkkZSLnzx8UTkjINo+x1LH9dr3nAG9EYu26Ytw8IHAq1IN5EEr6rYQFOuQoYyZkDmoW9+0I4RKXK9ZUk72VeB0v+6uEEy1dfXWwlelCRDHZA/4e3pH08VvIXAgMWRK56elw83x0QW0MbeEDmF54a46BCeZSTwUf1XtBUVJwCpKohKV7JgrSwPPgqKqyaQ4CRN7PqlNcNM556KDtMQqv6vittSs3HWwA6dFdSP0NDGUsb0TxvpeiyEYUeYsvpFfsLSaanizBNNQs4H/0KcuwgsdEZUXnDBadTFddST5V7pX+VCt/8HGq1riGTr1XBZ5V3tFKdS9CB7EFNAPOIiQFcaIblUtEA3+9ra70/Hs12FMtjd9fcjpEA7eeBpSlbwLV74AjooZAak6JYL03SVFhA0Np20F4sJ5MB3A4sPQtoHUmmh7BkTg6FtXyOaWu068ohdQDeiOuNXmptZ7OKjO7igA1BKzX/vdvvVFkyTO51hsPJ/+kESSex5252vlOzBeNc+SwVTLRFWRCq/DTwMCy+Csp+kEVqvi76ESObhqAF96AJuW1uei93W8ER+f4vhR3zQSdbBuu6WkPJEa5W0wv+5JtR/toGaMkGKTq38KP0J8XETd3eJUkPm6dcrKoDyux88xKyNP+9ePrY1k1mtfr+1KxL92HNUgCm0jCdflpyBdvdM4jmZ/XtDWqG/lALSXTmyp5TcoypO+xEYtPlesk5yullHrOq4W1YWYdbwCyXoA79Hy1NeEkITU/GP6VATI8Cqmegx/8TNO0YQ09sqhmtemJJxWU1iobP4uG4x5OH2jREHeFfJqJfcTERtPIkUhs29AZ4UjKqa+AKiwuM1SNasmUml/R1h1xe7ejusTNMr/iDYWLkR9/4iKZSaMQNthGVkdkYzJIE0NXvDp1wDKxXmjs4k8+RyohpMOtXu1Npa+p2Kpfz2sq+8gqGqw3xLvTOYBMMbUlopaJwn+6NAF0Dpl3aWvvdAC1y+NiAD+59/M4n7/QvubJvLZ6uslwzbkuFEfOzwO54EYQuYkI6K+vmFKsusUhToY9QUasXY1CKSkXXVcESMSnEhZIlzNlXBxRE3VfqC6NnQMIAFI7/BDVYvWAttJXfoqtIMOtXcOaCpbB7V4iF/mlNAQOhnmjFX7uD/LGlHCjApElMI4R9lbeo2xo2/s9CC8R5Li1rHrdDeEzauKeDF/kRp/zRXq5wcR1Q2TdCj/NSztzaqgkY6aHDzyo2nLhrWw2q+aYuBUeKiDk0LUn8h+3VepeuXVfbu6tk3UPoHCuOdSp2wvMCXtjF61Syd1DGZ9PUJ2a1Ztbj85o1bwrBPopiIrzt26vktIX7tgSuvktEPa7tohgHtO9bSmDMtYmRAp+rC6fFWYB1Rkm88GRgLexSOunq1NX08FoDOdrybjYmrW/WJp7h9+14m6O839X+zihZyAeRxrAAABhGlDQ1BJQ0MgcHJvZmlsZQAAeJx9kT1Iw0AcxV9Ti0UrDnYQcYhQnVoQFXHUKhShQqgVWnUwuX5Ck4YkxcVRcC04+LFYdXBx1tXBVRAEP0AcnZwUXaTE/yWFFjEeHPfj3b3H3TtAaFSYanaNA6pmGalEXMxkV8XuVwQRQC9GEJWZqc9JUhKe4+sePr7exXiW97k/R18ubzLAJxLPMt2wiDeIpzctnfM+cZiV5BzxOXHUoAsSP3JdcfmNc9FhgWeGjXRqnjhMLBY7WOlgVjJU4iniSE7VKF/IuJzjvMVZrdRY6578haG8trLMdZrDSGARS5AgQkENZVRgIUarRoqJFO3HPfxDjl8il0KuMhg5FlCFCtnxg//B727NwuSEmxSKA4EX2/4YBbp3gWbdtr+Pbbt5AvifgSut7a82gJlP0uttLXIE9G8DF9dtTdkDLneAwSddNmRH8tMUCgXg/Yy+KQsM3AI9a25vrX2cPgBp6ip5AxwcAmNFyl73eHews7d/z7T6+wFrSnKkzy5YiwAAAAZiS0dEAAAAAAAA+UO7fwAAAAlwSFlzAAAOwwAADsMBx2+oZAAADFdJREFUeJzt3V122zizhWE4K7PwZc8g48pwPC4Poe8yjXZfdCtWZEkkfgq1q+p9rs46X8ciAdQGCFFkawAAAAAAAAAAAAAAIIsX7wNAXD9+/vq4/N/vb6+MpYDoNHS7LvxrhEA8dBi6PCr+awRBHHQUTjtT/BeEQAx0Ek7pKf5rBIE2OgeHRov/ghDQRcfgodnCv0YIaKJTcNfK4r9GEGihM/CFVfFfEAI6vnkfALT0Fv9IMVsHDM4jifHbTPHzLUFMND5aa2tmfkIgHhoerbW1N/kQBHGwB4AuZ4p0tJDZG9iPAICJ97fXl/e31+7xRQjsxZILrTXb+/y5JNBFA+M3QqAeGhd/sP7FH0GghUbFF4RAHTQo7trx23+CwB8NiYcIgfxoRDy16ylAI0FACMyjAXGIEMiLxsMpZ4tztiC5JNiLRsNpu0Kg57MsPrsSGgtdCIFcaCh0IwTyoJHQzeP9AASBDRoHQwiBHGgYDPN6UxBBsA4NgimEQGw0BqZf8+35zkCCYA5PBCrutoCs78Zb/cQfCnkOjVfUUSFargQsipbbiMeUb4CKLAvVMwR6Pt/6OKLgEqCYngKxfEAn7x7UQAAUMlJ0ljMqIeCPhipittgsHwJqWbBnjqNyYLACKGDFTBtxJdB7HBURAMl5vmhDJQSUP9sbAZDY6oEd7R4BHCMAkrJaskcMAS4DHiMAEurdgNvxlh+KUBMBUNhtUVrP1JarjFlVLz8IgGRm78SzDIEoG5KVEAAFHRWDRQhUnWHVEQDFnC3u3hB4VuDcn6+LAMBDKzYHKX5tBEAx1gV5vRqg+PURAAXtKEyKPwYCIBmrQrIsUIrfDw2flNWDOVbu5u8ufIunIEVX7oS9zRSQVbHuWOKv+MxZBMBX5U54J+/72nf8Jj/KbcE8F+C+cidsYfdNLhYhMDP4VR7+8Qyz/31sAk44ugFGQc/999bP2K9aZMrokA4qxa7+8o7bz1IofFYA95U86V4qhX+x43o9U0FQ/I9xCfDAZUmsVvwzvB/MAT0EwJWMRX9rJgQ+Wnv5YNWYCgHQYmzmrTQaAi+thWujSv06onQAVCv8a5VCAI+VXM6pPpnG47162TcGvd9VqO679wHs5FH46gPr/e31peepPurngz4lOnNX4a/+/tzqc2Y+e9Xnf7T2suNyIvsKZ1b6E4702inv5erOYvn4b//pgxDwlfJkrWd87wL0fpnmquPYtQpojRB4pPS3AD0uL9DIPjh23iy08xsFboK6L9Vg9v757SyFFUDvsVxECUZWAn9Kc4KRn1RzoRQArRECrcU5p1HhLwFW38yTvcN7eD4uzBKXA59CD/Zsha+2AriI8tSfXqwEAgfAiuJX61TVAGht77MMzxyDxd88ojZeVgh3QqtmfcXOVA6A1nweBLrjt/yVQyDUyWSc9a+pB0BrmtfEO0NAefyMCLMJmL34o8jahj3PTrQ+lp1CdGbEZ9CPiDYLKRXD7j0BlT6YJX8SCptPu0QdfCpBQAj0k74EUBlYeE6lEHaPlwzjU6Lj7qk0819kmHkUioJvBs6TPPCKxd9ajgC4pvrkpbMqhIDcQVu/nUZZtgB4ZOY8dxdl9hCQOuCqM/9FlQCYRQisI7MJODPzR2t0zNn9Y57MPx6SCIDKy36M2d33WUPAPQAofozaffdexhBwD4ARFD8uCIE5rgGQ9Xfm0EQIfOUWABQ/VvEoyCxj0SUAKH6spjwrK68CwjxY4kwHP/q7UcIj430Au/uEewT6bF8BjDxpdqb44Uf9XYzcI7A5AKwa4OjvKjZ8dSqvbKseAtJfA3q9BhvzzrQ3IeBvSwCMPLtf8XoJsRACxyRXABQ/ViEEnpMLAKviJ1T2OtPeu/qEEHjMPAC8TxBojRB4xDQAdl33H31VyOzvQ61PlEPAi9wlwIzbBudZAf7u9Mk3zz5R/Rmx1yrArDHY9e+X8U5AVbvbWrVvJVYADGioyv67AZMAYOMP6pT3A3bWj/sKgNkfXggBgwCI/uso1FI9BNxXAIC3yiGwNACY/RFV1RBgBQD8T/UegdbsQmBZADD7I4NqTxlmBQDcqBQC2wOA2R8RVAmBJQHAjT+oLHIIcAkAPKD+voEVn7k1AFj+Ixr1EJg1HQCqv3ICVvHeqbf8PC4BgBOy3ig0FQBs/qGSjCHACgDokC0EtgQA1//IRDkEerECAAaohkDvZw0HALv/qE41BHqwAgAmWIXA5XV6t/9m9ZuyhwKA3X/g0+oQuP1vLJ+wzQoAWMD68eHX//+jzzJfAZzF9T8qsf4FIc8DSKz3+tDyWDBO/U1At757H0BlM4NgZHMIWn78/PXh3W+sAJysngFUZhTYfTNgERbdf9D7gKPbUai0u4bRWrn3747+92f//TNmAcAg/GrXLE3b61g9Ya4s/ta4BNji3g0dmT4Pj628HOBbAHQhBDTMhoBloJtcArAE/aRQhPSHBsX9n64VgMJgjkSlvVSOozrFIOY+AFH3BguFHN/72+u3Hz9//WP0t7sDhj0AI6PF+v72+vKoIxVnEHQzCfHRsdH1j/gK8JyR4h9pM8tficGWyiPEWQEIGO3E3n/HJYSOZyu9nr8xexwEgDOFQQA/I0GwIjwu2ARcjFulMeJo09dqrBAACby/vb5UWd6vLIodBTZjxzG5B8DRDx+yqnCOqz16VNaKDdSZvxWZ6x7Amccf4ZxoD6LocXQr7MjDNlf8rQzcAsDjhw8qqs0y0CX9LUDmEMBaK8dKpXEnHQAAbBEAQGEEAFJgX2WMdABk7VTPa8yIbXp0zBHPSYVbAFTvVJ4K3Cf7ePDieiPQpVPV78iCBsbGeu53AraWq2M9bsvNPvvvlmk8HpHeA8huReFS/JhBADhb+XqwI5VmNpxDAAgYeewzM38/2uwrAsDA6Ex7JghGnxHP7I97JDYBM5rZDLSYqRTeRAs9XSsABlBsLIFxy+QSgIH2n5XPbluFvnlOrb+ssQdQECGACwJgA8VZhRBAawTANoQAFHUHQOZnz1kjBPxUOc9efA242XUIrByU935YBRzhEsDRihXBim8aRm8uiiLzuc1iBeCs5zXgZwqdlcA4xUs0awSAIK+BWPXlGJWZXgIwC/lRvAkJeoYCgIEVx4rXZlVQdUyzCYjUKoZZj+EAqJqYEXE5gEfMVwAkMLww9o5xCVAIKwHc2hIAJDGUVQ5FVgAFHa0EMhQEk845UzcCeTwDH+tkKHTM2bYCICgAPdMBwCwCNT2TTfXxu3UPgFUAoIVNQKTC7N9nSQD0NCSrAEAHKwCgMJcAYBUACyz/+y0LABoUnij+MUtXAOwFALGwB4DwmEzGuQYAHYfdWP7/aXkA0MDYiUlkjlmxsikDa73Fzzj7ij0AlEDx3ycRACzjAB+mqeixRLv+TFJfw+04WN3PZzAW7jNvlF17Ac8+h873YdUnFP86EpcAF6OXAkf/jksMPVZ9fYvif848AHo7wKpYCYG9zrR3b5/Qh+tJrQAu6GiswOx/bEsA0BGYxdLfxrYVgPelAAMiLlaEdiQvAS7o+LjOBO6Z/2ZkDBD257k0lNVy7tHfZUD4me0Tlv62pFcAF6MrAd6F5+9e+5+d+VkB2nMrDpZ2eIbxsUeIFcAFM0INFP8+bgFAh+Eein8v1xXASMexCshrsPhDrWLVSCTnzCbf6mOBD8aAD5nGYwDURd/7kWnAmaU9AyEm+tyfXCMyG9RBX/uTa0hmhfzoYx2SjVl9gGS+pbl636qRbtCJwfL3+9vrX0sPZqOsjzej+PVIN+rsd/4RB82Zc452XhX7MYoQDVtl5jh7nhnP6ZFI5xpR+ruo+FWZH4pfX4gA8HiOPOZQ/DGEa+QVhaw8uCLvAawKWdXzyyjECuDaqtUAK4K1FgXzN4p/r7CNnXm2iXQfQOZ+qCB8o2cegMrvOVy5glI7t0pSNHzmEFBE8eeRpvEtrukZnJ94T0NOqTrBamOv8mAlWHNL2REEwRzar47MHfLy4+evfyw/INOAtv5aNFNbZZK+U3Z83x95cFP4tZXpnJ03/qgO+t03P6m2Az6V66CKRUD44ZGynaVyK3CmHzpR/PGU7zCV4omMwo+LjvsfQdCHos+BTrxBEByj+POgI58gDD5R9DnRqSdUDgIKPzc6d0DmQKDga6GzF4gaCBQ7GACLqYcBRY9rDIaNdoUDRY6zGCgiesOBIgcAAAAAAAAAAAAAAAAAtNZa+xcb8OtAW7YijgAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - daemonsets/finalizers + verbs: + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - delete + - deletecollection + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - machine.openshift.io + resources: + - machines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - machine.openshift.io + resources: + - machines/status + verbs: + - get + - patch + - update + - apiGroups: + - security.openshift.io + resourceNames: + - privileged + resources: + - securitycontextconstraints + verbs: + - use + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationconfigs/finalizers + verbs: + - update + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationconfigs/status + verbs: + - get + - patch + - update + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediations/finalizers + verbs: + - update + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediations/status + verbs: + - get + - patch + - update + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationtemplates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationtemplates/finalizers + verbs: + - update + - apiGroups: + - self-node-remediation.medik8s.io + resources: + - selfnoderemediationtemplates/status + verbs: + - get + - patch + - update + - apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - delete + - deletecollection + - get + - list + - update + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: self-node-remediation-controller-manager + deployments: + - label: + control-plane: controller-manager + self-node-remediation-operator: "" + name: self-node-remediation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + self-node-remediation-operator: "" + strategy: {} + template: + metadata: + labels: + control-plane: controller-manager + self-node-remediation-operator: "" + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --is-manager + command: + - /manager + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: SELF_NODE_REMEDIATION_IMAGE + value: quay.io/medik8s/self-node-remediation-operator:v0.7.0 + - name: DEPLOYMENT_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: quay.io/medik8s/self-node-remediation-operator:v0.7.1 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + requests: + cpu: 20m + memory: 110Mi + securityContext: + allowPrivilegeEscalation: false + priorityClassName: system-cluster-critical + securityContext: + runAsNonRoot: false + serviceAccountName: self-node-remediation-controller-manager + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: self-node-remediation-controller-manager + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - fencing + - remediation + - auto-healing + - recovery + - high-availability + - baremetal + - SNR + links: + - name: Self Node Remediation + url: https://medik8s.io + - name: Source Code + url: https://github.com/medik8s/self-node-remediation + maintainers: + - email: medik8s@googlegroups.com + name: Medik8s Team + maturity: alpha + minKubeVersion: 1.20.0 + provider: + name: Medik8s + url: https://www.medik8s.io/ + version: 0.7.1 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: self-node-remediation-controller-manager + failurePolicy: Ignore + generateName: vselfnoderemediation.kb.io + rules: + - apiGroups: + - self-node-remediation.medik8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - selfnoderemediations + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-self-node-remediation-medik8s-io-v1alpha1-selfnoderemediation + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: self-node-remediation-controller-manager + failurePolicy: Fail + generateName: vselfnoderemediationconfig.kb.io + rules: + - apiGroups: + - self-node-remediation.medik8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - selfnoderemediationconfigs + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-self-node-remediation-medik8s-io-v1alpha1-selfnoderemediationconfig + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: self-node-remediation-controller-manager + failurePolicy: Fail + generateName: vselfnoderemediationtemplate.kb.io + rules: + - apiGroups: + - self-node-remediation.medik8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - selfnoderemediationtemplates + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-self-node-remediation-medik8s-io-v1alpha1-selfnoderemediationtemplate diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationconfigs.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationconfigs.yaml new file mode 100644 index 00000000000..d6babd30c03 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationconfigs.yaml @@ -0,0 +1,173 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + self-node-remediation-operator: "" + name: selfnoderemediationconfigs.self-node-remediation.medik8s.io +spec: + group: self-node-remediation.medik8s.io + names: + kind: SelfNodeRemediationConfig + listKind: SelfNodeRemediationConfigList + plural: selfnoderemediationconfigs + shortNames: + - snrc + - snrconfig + singular: selfnoderemediationconfig + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: SelfNodeRemediationConfig is the Schema for the selfnoderemediationconfigs + API in which a user can configure the self node remediation agents + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SelfNodeRemediationConfigSpec defines the desired state of + SelfNodeRemediationConfig + properties: + apiCheckInterval: + default: 15s + description: the frequency for api-server connectivity check Valid + time units are "ms", "s", "m", "h". the frequency for api-server + connectivity check + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + apiServerTimeout: + default: 5s + description: Valid time units are "ms", "s", "m", "h". timeout for + each api-connectivity check + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + customDsTolerations: + description: CustomDsTolerations allows to add custom tolerations + snr agents that are running on the ds in order to support remediation + for different types of nodes. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + endpointHealthCheckUrl: + description: EndpointHealthCheckUrl is an url that self node remediation + agents which run on control-plane node will try to access when they + can't contact their peers. This is a part of self diagnostics which + will decide whether the node should be remediated or not. It will + be ignored when empty (which is the default). + type: string + isSoftwareRebootEnabled: + default: true + description: IsSoftwareRebootEnabled indicates whether self node remediation + agent will do software reboot, if the watchdog device can not be + used or will use watchdog only, without a fallback to software reboot + type: boolean + maxApiErrorThreshold: + default: 3 + description: after this threshold, the node will start contacting + its peers + minimum: 1 + type: integer + peerApiServerTimeout: + default: 5s + description: Valid time units are "ms", "s", "m", "h". + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + peerDialTimeout: + default: 5s + description: Valid time units are "ms", "s", "m", "h". timeout for + establishing connection to peer + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + peerRequestTimeout: + default: 5s + description: Valid time units are "ms", "s", "m", "h". timeout for + each peer request + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + peerUpdateInterval: + default: 15m + description: Valid time units are "ms", "s", "m", "h". + pattern: ^(0|([0-9]+(\.[0-9]+)?(ms|s|m|h)))$ + type: string + safeTimeToAssumeNodeRebootedSeconds: + default: 180 + description: SafeTimeToAssumeNodeRebootedSeconds is the time after + which the healthy self node remediation agents will assume the unhealthy + node has been rebooted, and it is safe to recover affected workloads. + This is extremely important as starting replacement Pods while they + are still running on the failed node will likely lead to data corruption + and violation of run-once semantics. In an effort to prevent this, + the operator ignores values lower than a minimum calculated from + the ApiCheckInterval, ApiServerTimeout, MaxApiErrorThreshold, PeerDialTimeout, + and PeerRequestTimeout fields. + minimum: 0 + type: integer + watchdogFilePath: + default: /dev/watchdog + description: WatchdogFilePath is the watchdog file path that should + be available on each node, e.g. /dev/watchdog + type: string + type: object + status: + description: SelfNodeRemediationConfigStatus defines the observed state + of SelfNodeRemediationConfig + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediations.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediations.yaml new file mode 100644 index 00000000000..b1e6bd4464b --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediations.yaml @@ -0,0 +1,158 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + self-node-remediation-operator: "" + name: selfnoderemediations.self-node-remediation.medik8s.io +spec: + group: self-node-remediation.medik8s.io + names: + kind: SelfNodeRemediation + listKind: SelfNodeRemediationList + plural: selfnoderemediations + shortNames: + - snr + - snremediation + singular: selfnoderemediation + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: SelfNodeRemediation is the Schema for the selfnoderemediations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SelfNodeRemediationSpec defines the desired state of SelfNodeRemediation + properties: + remediationStrategy: + default: ResourceDeletion + description: RemediationStrategy is the remediation method for unhealthy + nodes. Currently, it could be either "ResourceDeletion" or "OutOfServiceTaint". + The first will iterate over all pods and VolumeAttachment related + to the unhealthy node and delete them. The latter will add the out-of-service + taint which is a new well-known taint "node.kubernetes.io/out-of-service" + that enables automatic deletion of pv-attached pods on failed nodes, + "OutOfServiceTaint" is only supported on clusters with k8s version + 1.26+ or OCP/OKD version 4.13+. + enum: + - ResourceDeletion + - OutOfServiceTaint + type: string + type: object + status: + description: SelfNodeRemediationStatus defines the observed state of SelfNodeRemediation + properties: + conditions: + description: 'Represents the observations of a SelfNodeRemediation''s + current state. Known .status.conditions.type are: "Processing"' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastError: + description: LastError captures the last error that occurred during + remediation. If no error occurred it would be empty + type: string + phase: + description: 'Phase represents the current phase of remediation, One + of: TBD' + type: string + timeAssumedRebooted: + description: TimeAssumedRebooted is the time by then the unhealthy + node assumed to be rebooted + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationtemplates.yaml b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationtemplates.yaml new file mode 100644 index 00000000000..365b4f9a8f5 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/manifests/self-node-remediation.medik8s.io_selfnoderemediationtemplates.yaml @@ -0,0 +1,88 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + self-node-remediation-operator: "" + name: selfnoderemediationtemplates.self-node-remediation.medik8s.io +spec: + group: self-node-remediation.medik8s.io + names: + kind: SelfNodeRemediationTemplate + listKind: SelfNodeRemediationTemplateList + plural: selfnoderemediationtemplates + shortNames: + - snrt + - snremediationtemplate + - snrtemplate + singular: selfnoderemediationtemplate + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: SelfNodeRemediationTemplate is the Schema for the selfnoderemediationtemplates + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SelfNodeRemediationTemplateSpec defines the desired state + of SelfNodeRemediationTemplate + properties: + template: + description: Template defines the desired state of SelfNodeRemediationTemplate + properties: + spec: + description: SelfNodeRemediationSpec defines the desired state + of SelfNodeRemediation + properties: + remediationStrategy: + default: ResourceDeletion + description: RemediationStrategy is the remediation method + for unhealthy nodes. Currently, it could be either "ResourceDeletion" + or "OutOfServiceTaint". The first will iterate over all + pods and VolumeAttachment related to the unhealthy node + and delete them. The latter will add the out-of-service + taint which is a new well-known taint "node.kubernetes.io/out-of-service" + that enables automatic deletion of pv-attached pods on failed + nodes, "OutOfServiceTaint" is only supported on clusters + with k8s version 1.26+ or OCP/OKD version 4.13+. + enum: + - ResourceDeletion + - OutOfServiceTaint + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + status: + description: SelfNodeRemediationTemplateStatus defines the observed state + of SelfNodeRemediationTemplate + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/self-node-remediation/0.7.1/metadata/annotations.yaml b/operators/self-node-remediation/0.7.1/metadata/annotations.yaml new file mode 100644 index 00000000000..5443d8f6668 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: self-node-remediation + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.28.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/self-node-remediation/0.7.1/tests/scorecard/config.yaml b/operators/self-node-remediation/0.7.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..8cf7faeaf68 --- /dev/null +++ b/operators/self-node-remediation/0.7.1/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.28.1 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}