apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 creationTimestamp: "2026-04-02T13:56:58Z" generation: 1 name: ironicconductors.ironic.openstack.org resourceVersion: "37008" uid: 499dc693-d0f6-4511-9249-fa694d98d4b3 spec: conversion: strategy: None group: ironic.openstack.org names: kind: IronicConductor listKind: IronicConductorList plural: ironicconductors singular: ironicconductor scope: Namespaced versions: - additionalPrinterColumns: - description: NetworkAttachments jsonPath: .spec.networkAttachments name: NetworkAttachments type: string - description: Status jsonPath: .status.conditions[0].status name: Status type: string - description: Message jsonPath: .status.conditions[0].message name: Message type: string name: v1beta1 schema: openAPIV3Schema: description: IronicConductor is the Schema for the ironicconductors Conductor properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: IronicConductorSpec defines the desired state of IronicConductor properties: auth: description: Auth - Parameters related to authentication (inherited from parent Ironic CR) properties: applicationCredentialSecret: description: ApplicationCredentialSecret - Secret containing Application Credential ID and Secret type: string type: object conductorGroup: description: ConductorGroup - Ironic Conductor conductor group. type: string consoleImage: description: ConsoleImage - Ironic Graphical Console Container Image type: string containerImage: description: ContainerImage - Ironic Conductor Container Image type: string customServiceConfig: default: '# add your customization here' description: |- CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file. type: string databaseAccount: default: ironic description: DatabaseAccount - optional MariaDBAccount used for ironic DB, defaults to ironic. type: string databaseHostname: description: DatabaseHostname - Ironic Database Hostname type: string defaultConfigOverwrite: additionalProperties: type: string description: |- ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/ . type: object dhcpRanges: description: DHCPRanges - List of DHCP ranges to use for provisioning items: description: DHCPRange to define address range for DHCP requests properties: cidr: description: Cidr - IP address prefix (CIDR) representing an IP network. type: string end: description: End - End of DHCP range type: string gateway: description: Gateway - IP address for the router type: string mtu: description: MTU - Maximum Transmission Unit type: integer name: description: Name - Name of the DHCPRange (used for tagging in dnsmasq) type: string podIndex: description: PodIndex - Maps the DHCPRange to a specific statefulset pod index type: integer start: description: Start - Start of DHCP range type: string required: - cidr - end - start type: object type: array graphicalConsoles: default: Disabled description: 'Whether to enable graphical consoles. NOTE: Setting this to Enabled is not supported.' enum: - Enabled - Disabled - "" type: string ironicPythonAgentImage: description: IronicPythonAgentImage - Image containing the ironic-python-agent kernel and ramdisk type: string keystoneEndpoints: description: KeystoneEndpoints - Internally used Keystone API endpoints properties: internal: description: Internal endpoint URL type: string public: description: Public endpoint URL type: string type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network items: type: string type: array nodeSelector: additionalProperties: type: string description: |- NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Ironic CR type: object notificationsURLSecret: description: Secret containing RabbitMq notifications URL type: string novncproxyImage: description: NoVNCProxyImage - Ironic NoVNCProxy Container Image type: string passwordSelectors: default: service: IronicPassword description: PasswordSelectors - Selectors to identify the ServiceUser password from the Secret properties: service: default: IronicPassword description: Service - Selector to get the ironic service password from the Secret type: string type: object provisionNetwork: description: ProvisionNetwork - Additional network to attach to expose boot DHCP, TFTP, HTTP services. type: string pxeContainerImage: description: PxeContainerImage - Ironic DHCP/TFTP/HTTP Container Image type: string region: description: Region - OpenStack region name type: string replicas: default: 1 description: Replicas - format: int32 maximum: 32 minimum: 0 type: integer resources: description: |- Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: description: |- Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string request: description: |- Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object rpcTransport: default: json-rpc description: |- RPC transport type - Which RPC transport implementation to use between conductor and API services. 'oslo' to use oslo.messaging transport or 'json-rpc' to use JSON RPC transport. NOTE -> ironic requires oslo.messaging transport when not in standalone mode. enum: - oslo - json-rpc type: string secret: description: Secret containing OpenStack password information for AdminPassword type: string serviceUser: default: ironic description: ServiceUser - optional username used for this service to register in ironic type: string standalone: default: false description: Whether to deploy a standalone Ironic. type: boolean storageClass: default: "" description: StorageClass type: string storageRequest: description: StorageRequest type: string terminationGracePeriodSeconds: default: 120 description: |- terminationGracePeriodSeconds - Pod termination grace period in seconds. Controls how long to wait for conductor pods to shut down gracefully before they are forcefully terminated. The default value is long enough for periodic tasks to complete but not for long-running tasks (deployment, cleaning). A node reserved for a long running task will be put into a failed state when the conductor reserving it is forcefully terminated. The terminationGracePeriodSeconds should be chosen with this and maintenance processes in mind. Changing terminationGracePeriodSeconds results in conductor pods being restarted with the old value. format: int64 minimum: 30 type: integer tls: description: TLS - Parameters related to the TLS properties: caBundleSecretName: description: CaBundleSecretName - holding the CA certs in a pre-created bundle file type: string type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object transportURLSecret: description: TransportURLSecret - Secret containing RabbitMQ transportURL type: string required: - databaseHostname - storageClass - storageRequest type: object status: description: IronicConductorStatus defines the observed state of IronicConductor properties: conditions: description: Conditions items: description: Condition defines an observation of a API resource operational state. properties: lastTransitionTime: description: |- Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: A human readable message indicating details about the transition. type: string reason: description: The reason for the condition's last transition in CamelCase. type: string severity: description: |- Severity provides a classification of Reason code, so the current situation is immediately understandable and could act accordingly. It is meant for situations where Status=False and it should be indicated if it is just informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue and no actions to automatically resolve the issue can/should be done). For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: description: Type of condition in CamelCase. type: string required: - lastTransitionTime - status - type type: object type: array hash: additionalProperties: type: string description: Map of hashes to track e.g. job status type: object lastAppliedTopology: description: LastAppliedTopology - the last applied Topology properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object networkAttachments: additionalProperties: items: type: string type: array description: NetworkAttachments status of the deployment pods type: object observedGeneration: description: |- ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage) format: int64 type: integer readyCount: description: ReadyCount of ironic Conductor instances format: int32 type: integer type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: IronicConductor listKind: IronicConductorList plural: ironicconductors singular: ironicconductor conditions: - lastTransitionTime: "2026-04-02T13:56:58Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2026-04-02T13:56:58Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1beta1