Verrazzano Custom Resource Definition

The Verrazzano custom resource contains the configuration information for an installation. Here is a sample Verrazzano custom resource file that uses OCI DNS. See other examples here.

kind: Verrazzano
  name: my-verrazzano
  environmentName: env
  profile: prod
          provider: letsEncrypt
        ociConfigSecret: oci
        dnsZoneCompartmentOCID: dnsZoneCompartmentOcid
        dnsZoneOCID: dnsZoneOcid
      type: LoadBalancer

The following table describes the spec portion of the Verrazzano custom resource:

Field Type Description Required
environmentName string Name of the installation. This name is part of the endpoint access URLs that are generated. The default value is default. No
profile string The installation profile to select. Valid values are prod (production) and dev (development). The default is prod. No
version string The version to install. Valid versions can be found here. Defaults to the current version supported by the Verrazzano platform operator. No
components Components The Verrazzano components. No


Field Type Description Required
certManager CertManagerComponent The cert-manager component configuration. No
dns DNSComponent The DNS component configuration. No
ingress IngressComponent The ingress component configuration. No
istio IstioComponent The Istio component configuration. No

CertManager Component

Field Type Description Required
certificate Certificate The certificate configuration. No


Field Type Description Required
acme Acme The ACME configuration. Either acme or ca must be specified. No
ca CertificateAuthority The certificate authority configuration. Either acme or ca must be specified. No


Field Type Description Required
provider string Name of the Acme provider. Yes
emailAddress string Email address of the user. Yes


Field Type Description Required
secretName string The secret name. Yes
clusterResourceNamespace string The secrete namespace. Yes

DNS Component

Field Type Description Required
wildcard DNS-Wilcard Wildcard DNS configuration. This is the default with a domain of No
oci DNS-OCI OCI DNS configuration. No
external DNS-External External DNS configuration. No

DNS Wildcard

Field Type Description Required
domain string The type of wildcard DNS domain. For example,,, etc. Yes


Field Type Description Required
ociConfigSecret string Name of the OCI configuration secret. Generate a secret based on the OCI configuration profile you want to use. You can specify a profile other than DEFAULT and specify the secret name. See instructions by running ./install/ Yes
dnsZoneCompartmentOCID string The OCI DNS compartment OCID. Yes
dnsZoneOCID string The OCI DNS zone OCID. Yes
dnsZoneName string Name of OCI DNS zone. Yes

DNS External

Field Type Description Required
suffix string The suffix for DNS names. Yes

Ingress Component

Field Type Description Required
type string The ingress type. Valid values are LoadBalancer and NodePort. The default value is LoadBalancer. Yes
ingressNginxArgs NameValue list The list of argument names and values. No
ports PortConfig list The list port configurations used by the ingress. No

Port Config

Field Type Description Required
name string The port name. No
port string The port value. Yes
targetPort string The target port value. The default is same as the port value. Yes
protocol string The protocol used by the port. TCP is the default. No
nodePort string The nodePort value. No

Name Value

Field Type Description Required
name string The argument name. Yes
value string The argument value. Either value or valueList must be specifed. No
valueList string list The list of argument values. Either value or valueList must be specified. No
setString Boolean Specifies if the value is a string No

Istio Component

Field Type Description Required
istioInstallArgs NameValue list A list of Istio Helm chart arguments and values to apply during the installation of Istio. Each argument is specified as either a name/value or name/valueList pair. No

Last modified May 7, 2021: Rdonat/vz 2634 (#124) (e402442)