feat(docker-image)!: Update quay.io/containerdisks/ubuntu Docker tag to v24

.gitattributes

@@ -0,0 +1,3 @@
+*.sh	text eol=lf
+*.yml	text eol=lf
+*.yaml	text eol=lf

.gitignore

@@ -0,0 +1,33 @@
+# Eclipse
+.project
+.classpath
+.settings/
+bin/
+
+# IntelliJ
+.idea
+*.ipr
+*.iml
+*.iws
+
+# NetBeans
+nb-configuration.xml
+
+# Visual Studio Code
+.vscode
+.factorypath
+
+# OSX
+.DS_Store
+
+# Vim
+*.swp
+*.swo
+
+# patch
+*.orig
+*.rej
+
+# Local environment
+.env
+

container/debug2/alpine.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-test2
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  containers:
+    - name: alpine2
+      image: alpine:latest
+      command: ["/bin/sh"]
+      args: ["-c", "while true; do sleep 3600; done"]
+      stdin: true
+      tty: true
+  restartPolicy: Never

firewall-s3/ks-vm.yaml

@@ -7,7 +7,7 @@ spec:
   commonMetadata:
     labels:
       app.kubernetes.io/name: *app
-  path: ./firewall-s3
+  path: ./firewall-s3/vm/ksd
   prune: true
   sourceRef:
     kind: GitRepository

firewall-s3/test-connectivity/loadbalancers/fortigate-wan.yaml

@@ -1,30 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: fortigate-lb-test
-  namespace: ${TENANT_NAMESPACE}
-  labels:
-    app.kubernetes.io/component: fortigate-lb
-spec:
-  type: LoadBalancer
-  externalTrafficPolicy: Local
-  ports:
-    - port: 4500
-      name: ipsec-nat
-      targetPort: 4500
-      protocol: UDP
-    - port: 500
-      name: key-management
-      targetPort: 500
-      protocol: UDP
-    #- port: 22
-    #  name: ssh
-    #  targetPort: 22
-    #  protocol: TCP
-    - port: 443
-      name: https
-      targetPort: 443
-      protocol: TCP
-  selector:
-    kubevirt.io/domain: fortigate-ksd

firewall-s3/test-connectivity/network-definitions/lan.yaml

@@ -1,20 +0,0 @@
-# apiVersion: "k8s.cni.cncf.io/v1"
-# kind: NetworkAttachmentDefinition
-# metadata:
-#   name: lan-net
-#   namespace: ${TENANT_NAMESPACE}
-# spec:
-#   config: '{
-#     "cniVersion": "0.3.1",
-#     "type": "bridge",
-#     "bridge": "br-lan",
-#     "ipam": {
-#       "type": "static",
-#       "addresses": [
-#         {
-#           "address": "172.168.100.2/24",
-#           "gateway": "172.168.100.1"
-#         }
-#       ]
-#     }
-#   }'

firewall-s3/test-connectivity/network-definitions/mgmt.yaml

@@ -1,20 +0,0 @@
-# apiVersion: "k8s.cni.cncf.io/v1"
-# kind: NetworkAttachmentDefinition
-# metadata:
-#   name: mgmt-net
-#   namespace: ${TENANT_NAMESPACE}
-# spec:
-#   config: '{
-#     "cniVersion": "0.3.1",
-#     "type": "bridge",
-#     "bridge": "br-mgmt",
-#     "ipam": {
-#       "type": "static",
-#       "addresses": [
-#         {
-#           "address": "192.168.10.100/24",
-#           "gateway": "192.168.10.1"
-#         }
-#       ]
-#     }
-#   }'

firewall-s3/test-connectivity/vm/fortigate.yaml

@@ -1,77 +0,0 @@
-# apiVersion: kubevirt.io/v1
-# kind: VirtualMachine
-# metadata:
-#   name: fortigate-ksd
-#   namespace: ${TENANT_NAMESPACE}
-# spec:
-#   dataVolumeTemplates:
-#     - metadata:
-#         name: fortigate-rootdisk-ksd
-#       spec:
-#         source:
-#           http:
-#             url: "https://glacier-1.kvant.cloud/ocp-virt-images/sources/fortios_7_6_3.qcow2"
-#             #secretRef: s3-virt-credentials
-#         storage:
-#           resources:
-#             requests:
-#               storage: 30Gi
-#   runStrategy: Always
-#   template:
-#     metadata:
-#       labels:
-#         kubevirt.io/domain: fortigate-ksd
-#     spec:
-#       domain:
-#         cpu:
-#           cores: 1
-#         memory:
-#           guest: 2Gi
-#         features:
-#           acpi: {}
-#           smm:
-#             enabled: true
-#         firmware:
-#           bootloader:
-#             efi:
-#               secureBoot: false
-#         devices:
-#           rng: {}
-#           networkInterfaceMultiqueue: true
-#           interfaces:
-#             - name: wan
-#               masquerade: {}
-#               ports:
-#               - port: 4500
-#               - port: 443
-#               - port: 22
-#               - port: 500
-#             - name: mgmt
-#               bridge: {}
-#             - name: lan
-#               bridge: {}
-#           disks:
-#             - disk:
-#                 bus: sata
-#               name: rootdisk
-#         resources:
-#           requests:
-#             memory: 2Gi
-#             cpu: 1
-#           limits:
-#             memory: 2Gi
-#             cpu: 1
-#       networks:
-#         - name: wan
-#           pod: {}
-#         - name: mgmt
-#           multus:
-#             networkName: ${TENANT_NAMESPACE}/mgmt-net
-#         - name: lan
-#           multus:
-#             networkName: ${TENANT_NAMESPACE}/lan-net
-#       terminationGracePeriodSeconds: 180
-#       volumes:
-#         - name: rootdisk
-#           dataVolume:
-#             name: fortigate-rootdisk-ksd

firewall-s3/test-connectivity/vm/strongswan.yaml

@@ -1,73 +0,0 @@
-# apiVersion: kubevirt.io/v1
-# kind: VirtualMachine
-# metadata:
-#   name: strongswan
-#   namespace: ${TENANT_NAMESPACE}
-# spec:
-#   running: true
-#   template:
-#     metadata:
-#       labels:
-#         kubevirt.io/domain: strongswan
-#     spec:
-#       domain:
-#         cpu:
-#           cores: 2
-#         resources:
-#           requests:
-#             memory: 2Gi
-#             cpu: 1
-#           limits:
-#             memory: 2Gi
-#             cpu: 2
-#         memory:
-#           guest: 2Gi
-#         devices:
-#           rng: {}
-#           networkInterfaceMultiqueue: true
-#           disks:
-#             - name: containerdisk
-#               disk:
-#                 bus: virtio
-#             - name: cloudinitdisk
-#               disk:
-#                 bus: virtio
-#           interfaces:
-#             - name: wan
-#               masquerade: {}
-#               ports:
-#                 - port: 4500
-#                 - port: 443
-#                 - port: 22
-#                 - port: 500
-#             - name: mgmt
-#               bridge: {}
-#             - name: lan
-#               bridge: {}
-#       networks:
-#         - name: wan
-#           pod: {}
-#         - name: mgmt
-#           multus:
-#             networkName: ${TENANT_NAMESPACE}/mgmt-net
-#         - name: lan
-#           multus:
-#             networkName: ${TENANT_NAMESPACE}/lan-net
-#       terminationGracePeriodSeconds: 180
-#       volumes:
-#         - name: containerdisk
-#           containerDisk:
-#             image: quay.io/containerdisks/ubuntu:22.04
-#         - name: cloudinitdisk
-#           cloudInitNoCloud:
-#             userData: |
-#               #cloud-config
-#               users:
-#                 - name: testuser
-#                   groups: [sudo]
-#                   sudo: "ALL=(ALL) NOPASSWD:ALL"
-#                   lock_passwd: false
-#                   passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1"
-#               chpasswd:
-#                 expire: false
-#               ssh_pwauth: true

firewall-s3/vm/ksd/network-definitions/lan.yaml

@@ -12,7 +12,7 @@ spec:
       "type": "static",
       "addresses": [
         {
-          "address": "172.168.100.2/24",
+          "address": "172.168.100.0/24",
           "gateway": "172.168.100.1"
         }
       ]

firewall-s3/vm/ksd/network-definitions/mgmt.yaml

@@ -12,7 +12,7 @@ spec:
       "type": "static",
       "addresses": [
         {
-          "address": "192.168.10.100/24",
+          "address": "192.168.10.0/24",
           "gateway": "192.168.10.1"
         }
       ]

kustomization.yaml

@@ -4,8 +4,6 @@ resources:
   - vars/ks.yaml
   - repos/ks.yaml
   - network/ks-lb.yaml
-  - firewall/ks-vm.yaml
-  - firewall-dev/ks-vm.yaml
   - firewall-s3/ks-vm.yaml
   - windows-vm-standard/ks-vm.yaml
   - windows-vm-standard/ks-pvc.yaml
@@ -13,9 +11,15 @@ resources:
   - windows-vm-standard-dev/ks-pvc.yaml
   - ubuntu-vm-1/ks.yaml
   - ubuntu-vm-2/ks.yaml
+  - ubuntu-vm-3/ks.yaml
+  - ubuntu-vm-4-john/ks.yaml
   - container/ks-debug.yaml
   - templates/image-server/ks-nginx.yaml
   - templates/image-server/ks-pvc.yaml
   - templates/image-server/ks-route.yaml
   - templates/windowsserver/ks-flavor.yaml
-  - templates/windowsserver-rh/ks-flavor.yaml
+  - templates/windowsserver-rh/ks-flavor.yaml
+  - postgres/ks.yaml
+# - windows-vm-standard-john/ks-vm.yaml
+# - windows-vm-standard-john/ks-pvc.yaml
+# - windows-vm-standard-john/windows-lb.yaml

postgres/app/helmrelease.yaml

@@ -0,0 +1,122 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: postgres
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  serviceAccountName: ${TECHNICAL_ACCOUNT}
+  interval: 30m
+  chart:
+    spec:
+      chart: cluster
+      version: 0.3.1
+      sourceRef:
+        kind: HelmRepository
+        name: cloudnative-pg
+        namespace: ${TENANT_NAMESPACE}
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      strategy: rollback
+      retries: 3
+  values:
+    # check the complete configuration options at
+    # https://raw.githubusercontent.com/cloudnative-pg/charts/refs/tags/cluster-v0.3.1/charts/cluster/values.yaml
+    type: postgresql
+    mode: standalone
+    version:
+      postgresql: "17.5"
+    cluster:
+      instances: 3
+      storage:
+        size: 10Gi
+        # default storage class on ai-2 cluster, on basel or staging you
+        # should use 'ocs-storagecluster-ceph-rbd' instead
+        storageClass: ibm-spectrum-scale-fileset
+      walStorage:
+        # It's not mandatory to split WAL from the main data volume. 
+        # However, doing so helps to avoid issues with the main data volume 
+        # in cases where WAL exporting to the backup server experiences
+        # issues. For example, in scenarios where there's network congestion
+        # or even failures, the WAL may end up accumulating too much data
+        # to the point where the volume fills up, blocking the cluster from
+        # operating properly.
+        enabled: true 
+        size: 10Gi
+        storageClass: ibm-spectrum-scale-fileset
+      resources:
+        requests:
+          cpu: "500m"
+          memory: 1Gi
+        limits:
+          cpu: "1"
+          memory: 1Gi
+      enableSuperuserAccess: true
+      superuserSecret: postgres-superuser
+      affinity:
+        topologyKey: failure-domain.beta.kubernetes.io/zone
+      postgresql:
+        parameters:
+          shared_buffers: 256MB
+          max_connections: "400"
+      initdb:
+        database: app
+        owner: app
+        options: []
+        encoding: UTF8
+    backups:
+      # As indicated by the 'enabled' flag, backups are disabled on
+      # this deployment. But the remaining of the block serves as an
+      # example of how to configure this cluster to export backups to
+      # a S3 bucket hosted on a MinIO server.
+      # 
+      # For more information, refer to the helm chart's values.yaml 
+      # or the official documentation at 
+      # https://cloudnative-pg.io/documentation/1.26/backup/
+      enabled: false
+      endpointURL: https://glacier-1.kvant.cloud
+      provider: s3
+      s3:
+        bucket: phoenix-openshift-backups
+        path: /demo-postgres
+        # Ideally, you will never commit credentials in plain text;
+        # these values are here just for illustration. For a way to
+        # properly load them from kubernetes' secrets, refer to the
+        # commented-ou section 'valuesFrom' placed right below
+        accessKey: your-access-key
+        secretKey: your-secret-key
+      secret:
+        create: true
+      wal:
+        # If exporting to MinIO S3, you may have to disable encryption.
+        # This is how you achieve it
+        encryption: ""
+      data:
+        encryption: ""
+      scheduledBackups:
+        # You can give it any name and change the scheduled time to what
+        # fits your strategy. This serves as an example of how to configure
+        # the cluster to export a daily backup to the S3 bucket using
+        # barman object storage. You can also back up volumes instead.
+        # Check the backup documentation to find more information on
+        # which option suits you best.
+        - name: daily-minio
+          schedule: "@daily"
+          backupOwnerReference: self
+          method: barmanObjectStore
+      retentionPolicy: "180d" # It is mandatory to match this value with the bucket's retention period
+#  valuesFrom:
+#    - kind: Secret
+#      name: postgres-backup-s3 # name of the pre-existing secret that holds the key pair
+#      valuesKey: ACCESS_KEY_ID # name of the key inside the secret that holds the access key value
+#      targetPath: backups.s3.accessKey # path of the configuration that will be assigned the access key value
+#      optional: false
+#    - kind: Secret
+#      name: postgres-backup-s3 # name of the pre-existing secret that holds the key pair
+#      valuesKey: ACCESS_SECRET_KEY # name of the key inside the secret that holds the secret key value
+#      targetPath: backups.s3.secretKey # path of the configuration that will be assigned the secret key value
+#      optional: false

postgres/ks.yaml

@@ -0,0 +1,23 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app postgres
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  targetNamespace: ${TENANT_NAMESPACE}
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./postgres/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: true
+  interval: 10m
+  retryInterval: 1m
+  timeout: 5m
+  dependsOn:
+    - name: vars

repos/helm/cloudnative-pg.yaml

@@ -0,0 +1,10 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: cloudnative-pg
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  interval: 5m0s
+  url: https://cloudnative-pg.github.io/charts

ubuntu-vm-3/ks.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app ubuntu-vm-3
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./ubuntu-vm-3/ubuntu
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m

ubuntu-vm-3/ubuntu/ubuntu-vm.yaml

@@ -0,0 +1,50 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: ubuntu-vm-3
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  running: true
+  template:
+    metadata:
+      labels:
+        kubevirt.io/domain: ubuntu-vm-3
+    spec:
+      domain:
+        cpu:
+          cores: 2
+        devices:
+          disks:
+            - disk:
+                bus: virtio
+              name: containerdisk
+            - disk:
+                bus: virtio
+              name: cloudinitdisk
+        resources:
+          requests:
+            memory: 2Gi
+            cpu: 1
+          limits:
+            memory: 2Gi
+            cpu: 2
+        memory:
+          guest: 2Gi
+      volumes:
+        - name: containerdisk
+          containerDisk:
+            image: quay.io/containerdisks/ubuntu:24.04
+        - name: cloudinitdisk
+          cloudInitNoCloud:
+            userData: |
+              #cloud-config
+              users:
+                - name: testuser
+                groups: [sudo]
+                sudo: "ALL=(ALL) NOPASSWD:ALL"
+                lock_passwd: false
+                passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1"
+
+                chpasswd: 
+                expire: false
+                ssh_pwauth: true

ubuntu-vm-4-john/ks.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app ubuntu-vm-4-john
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./ubuntu-vm-4-john/ubuntu
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m

ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml

@@ -0,0 +1,48 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: ubuntu-vm-4-john
+  namespace: kubevirt-vms
+spec:
+  running: true
+  template:
+    metadata:
+      labels:
+        kubevirt.io/domain: ubuntu-vm-4-john
+    spec:
+      domain:
+        cpu:
+          cores: 2
+        devices:
+          disks:
+            - disk:
+                bus: virtio
+              name: containerdisk
+            - disk:
+                bus: virtio
+              name: cloudinitdisk
+        resources:
+          requests:
+            memory: 2Gi
+            cpu: 1
+          limits:
+            memory: 2Gi
+            cpu: 2
+        memory:
+          guest: 2Gi
+      volumes:
+        - name: containerdisk
+          containerDisk:
+            image: quay.io/containerdisks/ubuntu:24.04
+        - name: cloudinitdisk
+          cloudInitNoCloud:
+            userData: |
+              #cloud-config
+              hostname: ubuntu-vm-2
+              ssh_pwauth: True
+              users:
+                - name: ubuntu
+                  ssh-authorized-keys:
+                    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPqlhZW/pPLK8zENt3o6tgl0QVinhGAF1sHvajqq3UvI ubuntu
+                  sudo: ['ALL=(ALL) NOPASSWD:ALL']
+                  shell: /bin/bash

windows-vm-standard-dev/pvc/datadisk.yaml

@@ -9,4 +9,4 @@ spec:
     - ReadWriteMany
   resources:
     requests:
-      storage: 200Gi
+      storage: 50Gi

windows-vm-standard-dev/vm/server.yaml

@@ -10,7 +10,7 @@ spec:
       spec:
         source:
           http:
-            url: http://nginx.demo.svc.cluster.local:8080/windows-server-2022-uefi-ns.qcow2
+            url: "https://glacier-1.kvant.cloud/ocp-virt-images/sources/windows-server-2022-uefi-ns.qcow2"
         storage:
           resources:
             requests:

windows-vm-standard-john/ks-pvc.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app windows-pvc-john
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./windows-vm-standard-john/pvc
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m

windows-vm-standard-john/ks-vm.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app windows-vm-standard-john
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./windows-vm-standard-john/vm
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m

windows-vm-standard-john/pvc/datadisk.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: windows-vm-datadisk-john
+spec:
+  storageClassName: ibm-spectrum-scale-fileset
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 200Gi

windows-vm-standard-john/vm/server.yaml

@@ -0,0 +1,82 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: windows-vm-standard-john
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  dataVolumeTemplates:
+    - metadata:
+        name: windows-rootdisk-john
+      spec:
+        source:
+          http:
+            url: http://nginx.demo.svc.cluster.local:80/windows-server-2022-uefi-ns.qcow2
+        storage:
+          resources:
+            requests:
+              storage: 80Gi
+#        sourceRef:
+#          kind: DataSource
+#          name: win2k22
+#          namespace: openshift-virtualization-os-images
+  runStrategy: Always
+  template:
+    metadata:
+      labels:
+        kubevirt.io/domain: windows-vm-standard-john
+    spec:
+      domain:
+        cpu:
+          cores: 4
+        memory:
+          guest: 8Gi
+        features:
+          acpi: {}
+          smm:
+            enabled: true
+        firmware:
+          bootloader:
+            efi: {}
+        devices:
+          rng: {}
+          networkInterfaceMultiqueue: true
+          interfaces:
+            - name: default
+              masquerade: {}
+              ports:
+              - port: 8080
+              - port: 443
+              - port: 22
+              - port: 3389
+          disks:
+            - disk:
+                bus: sata
+              name: rootdisk-john
+            - disk:
+                bus: sata
+              name: datadisk-john
+           # - disk:
+           #     bus: scsi
+           #   name: cloudinitdisk
+        resources:
+          requests:
+            memory: 8Gi
+            cpu: 4
+          limits:
+            memory: 8Gi
+            cpu: 4
+      networks:
+        - name: default
+          pod: {}
+      terminationGracePeriodSeconds: 180
+      volumes:
+        - name: rootdisk-john
+          dataVolume:
+            name: windows-rootdisk-john
+        - name: datadisk-john
+          persistentVolumeClaim:
+            claimName: windows-vm-datadisk-john
+        #- name: cloudinitdisk
+        #  cloudInitNoCloud:
+        #    secretRef:
+        #      name: windows-cloud-init

windows-vm-standard-john/windows-lb.yaml

@@ -0,0 +1,29 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: windows-lb-john
+  namespace: ${TENANT_NAMESPACE}
+  labels:
+    app.kubernetes.io/component: windows-lb-john
+spec:
+  type: LoadBalancer
+  ports:
+    - port: 8080
+      name: http
+      targetPort: 8080
+      protocol: TCP
+    - port: 443
+      name: https
+      targetPort: 443
+      protocol: TCP
+    - port: 65022
+      name: ssh
+      targetPort: 22
+      protocol: TCP
+    - port: 3389
+      name: rdp
+      targetPort: 3389
+      protocol: TCP
+  selector:
+    kubevirt.io/domain: windows-vm-standard-john