--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: capability.openshift.io/name: baremetal controller-gen.kubebuilder.io/version: (unknown) include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" creationTimestamp: "2025-10-11T10:25:47Z" generation: 1 managedFields: - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:capability.openshift.io/name: {} f:controller-gen.kubebuilder.io/version: {} f:include.release.openshift.io/self-managed-high-availability: {} f:include.release.openshift.io/single-node-developer: {} f:ownerReferences: .: {} k:{"uid":"d5f199fe-acec-4610-b505-6d5fa3929e77"}: {} f:spec: f:conversion: .: {} f:strategy: {} f:group: {} f:names: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:scope: {} f:versions: {} manager: cluster-version-operator operation: Update time: "2025-10-11T10:25:47Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:status: f:acceptedNames: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:conditions: k:{"type":"Established"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} k:{"type":"NamesAccepted"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} manager: kube-apiserver operation: Update subresource: status time: "2025-10-11T10:25:47Z" name: provisionings.metal3.io ownerReferences: - apiVersion: config.openshift.io/v1 controller: true kind: ClusterVersion name: version uid: d5f199fe-acec-4610-b505-6d5fa3929e77 resourceVersion: "2018" uid: aec308bc-9594-419c-a93d-100a4e1324d9 spec: conversion: strategy: None group: metal3.io names: kind: Provisioning listKind: ProvisioningList plural: provisionings singular: provisioning scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: description: |- Provisioning contains configuration used by the Provisioning service (Ironic) to provision baremetal hosts. Provisioning is created by the OpenShift installer using admin or user provided information about the provisioning network and the NIC on the server that can be used to PXE boot it. This CR is a singleton, created by the installer and currently only consumed by the cluster-baremetal-operator to bring up and update containers in a metal3 cluster. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: ProvisioningSpec defines the desired state of Provisioning properties: additionalNTPServers: description: |- AdditionalNTPServers is a list of NTP Servers to be used by the provisioning service items: type: string type: array bootIsoSource: description: |- BootIsoSource provides a way to set the location where the iso image to boot the nodes will be served from. By default the boot iso image is cached locally and served from the Provisioning service (Ironic) nodes using an auxiliary httpd server. If the boot iso image is already served by an httpd server, setting this option to http allows to directly provide the image from there; in this case, the network (either internal or external) where the httpd server that hosts the boot iso is needs to be accessible by the metal3 pod. enum: - local - http type: string disableVirtualMediaTLS: description: |- DisableVirtualMediaTLS turns off TLS on the virtual media server, which may be required for hardware that cannot accept HTTPS links. type: boolean preProvisioningOSDownloadURLs: description: |- PreprovisioningOSDownloadURLs is set of CoreOS Live URLs that would be necessary to provision a worker either using virtual media or PXE. properties: initramfsURL: description: InitramfsURL Image URL to be used for PXE deployments type: string isoURL: description: IsoURL Image URL to be used for Live ISO deployments type: string kernelURL: description: KernelURL is an Image URL to be used for PXE deployments type: string rootfsURL: description: RootfsURL Image URL to be used for PXE deployments type: string type: object provisioningDHCPExternal: description: |- ProvisioningDHCPExternal indicates whether the DHCP server for IP addresses in the provisioning DHCP range is present within the metal3 cluster or external to it. This field is being deprecated in favor of provisioningNetwork. type: boolean provisioningDHCPRange: description: |- ProvisioningDHCPRange needs to be interpreted along with ProvisioningDHCPExternal. If the value of provisioningDHCPExternal is set to False, then ProvisioningDHCPRange represents the range of IP addresses that the DHCP server running within the metal3 cluster can use while provisioning baremetal servers. If the value of ProvisioningDHCPExternal is set to True, then the value of ProvisioningDHCPRange will be ignored. When the value of ProvisioningDHCPExternal is set to False, indicating an internal DHCP server and the value of ProvisioningDHCPRange is not set, then the DHCP range is taken to be the default range which goes from .10 to .100 of the ProvisioningNetworkCIDR. This is the only value in all of the Provisioning configuration that can be changed after the installer has created the CR. This value needs to be two comma sererated IP addresses within the ProvisioningNetworkCIDR where the 1st address represents the start of the range and the 2nd address represents the last usable address in the range. type: string provisioningDNS: description: |- ProvisioningDNS allows sending the DNS information via DHCP on the provisionig network. It is off by default since the Provisioning service itself (Ironic) does not require DNS, but it may be useful for layered products (e.g. ZTP). type: boolean provisioningIP: description: |- ProvisioningIP is the IP address assigned to the provisioningInterface of the baremetal server. This IP address should be within the provisioning subnet, and outside of the DHCP range. type: string provisioningInterface: description: |- ProvisioningInterface is the name of the network interface on a baremetal server to the provisioning network. It can have values like eth1 or ens3. type: string provisioningMacAddresses: description: |- ProvisioningMacAddresses is a list of mac addresses of network interfaces on a baremetal server to the provisioning network. Use this instead of ProvisioningInterface to allow interfaces of different names. If not provided it will be populated by the BMH.Spec.BootMacAddress of each master. items: type: string type: array provisioningNetwork: description: |- ProvisioningNetwork provides a way to indicate the state of the underlying network configuration for the provisioning network. This field can have one of the following values - `Managed`- when the provisioning network is completely managed by the Baremetal IPI solution. `Unmanaged`- when the provsioning network is present and used but the user is responsible for managing DHCP. Virtual media provisioning is recommended but PXE is still available if required. `Disabled`- when the provisioning network is fully disabled. User can bring up the baremetal cluster using virtual media or assisted installation. If using metal3 for power management, BMCs must be accessible from the machine networks. User should provide two IPs on the external network that would be used for provisioning services. enum: - Managed - Unmanaged - Disabled type: string provisioningNetworkCIDR: description: |- ProvisioningNetworkCIDR is the network on which the baremetal nodes are provisioned. The provisioningIP and the IPs in the dhcpRange all come from within this network. When using IPv6 and in a network managed by the Baremetal IPI solution this cannot be a network larger than a /64. type: string provisioningOSDownloadURL: description: |- ProvisioningOSDownloadURL is the location from which the OS Image used to boot baremetal host machines can be downloaded by the metal3 cluster. type: string virtualMediaViaExternalNetwork: description: |- VirtualMediaViaExternalNetwork flag when set to "true" allows for workers to boot via Virtual Media and contact metal3 over the External Network. When the flag is set to "false" (which is the default), virtual media deployments can still happen based on the configuration specified in the ProvisioningNetwork i.e when in Disabled mode, over the External Network and over Provisioning Network when in Managed mode. PXE deployments will always use the Provisioning Network and will not be affected by this flag. type: boolean watchAllNamespaces: description: |- WatchAllNamespaces provides a way to explicitly allow use of this Provisioning configuration across all Namespaces. It is an optional configuration which defaults to false and in that state will be used to provision baremetal hosts in only the openshift-machine-api namespace. When set to true, this provisioning configuration would be used for baremetal hosts across all namespaces. type: boolean type: object status: description: ProvisioningStatus defines the observed state of Provisioning properties: conditions: description: conditions is a list of conditions and their status items: description: OperatorCondition is just the standard condition fields. properties: lastTransitionTime: format: date-time type: string message: type: string reason: type: string status: type: string type: type: string required: - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map generations: description: generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. items: description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. properties: group: description: group is the group of the thing you're tracking type: string hash: description: hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps type: string lastGeneration: description: lastGeneration is the last generation of the workload controller involved format: int64 type: integer name: description: name is the name of the thing you're tracking type: string namespace: description: namespace is where the thing you're tracking is type: string resource: description: resource is the resource type of the thing you're tracking type: string type: object type: array x-kubernetes-list-type: atomic observedGeneration: description: observedGeneration is the last generation change you've dealt with format: int64 type: integer readyReplicas: description: readyReplicas indicates how many replicas are ready and at the desired state format: int32 type: integer version: description: version is the level this availability applies to type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: Provisioning listKind: ProvisioningList plural: provisionings singular: provisioning conditions: - lastTransitionTime: "2025-10-11T10:25:47Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2025-10-11T10:25:47Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1alpha1