diff --git a/content/en/docs/reference/_index.md b/content/en/docs/reference/_index.md index 960881e77f..7fa6d578fd 100644 --- a/content/en/docs/reference/_index.md +++ b/content/en/docs/reference/_index.md @@ -100,7 +100,6 @@ operator to use or manage a cluster. ## Config API for kubeadm -* [v1beta2](/docs/reference/config-api/kubeadm-config.v1beta2/) * [v1beta3](/docs/reference/config-api/kubeadm-config.v1beta3/) ## Design Docs diff --git a/content/en/docs/reference/config-api/apiserver-admission.v1.md b/content/en/docs/reference/config-api/apiserver-admission.v1.md index a4c70ac9f0..946b011e77 100644 --- a/content/en/docs/reference/config-api/apiserver-admission.v1.md +++ b/content/en/docs/reference/config-api/apiserver-admission.v1.md @@ -72,14 +72,14 @@ It is suitable for correlating log entries between the webhook and apiserver, fo kind [Required]
-meta/v1.GroupVersionKind +meta/v1.GroupVersionKind

Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)

resource [Required]
-meta/v1.GroupVersionResource +meta/v1.GroupVersionResource

Resource is the fully-qualified resource being requested (for example, v1.pods)

@@ -93,7 +93,7 @@ It is suitable for correlating log entries between the webhook and apiserver, fo requestKind
-meta/v1.GroupVersionKind +meta/v1.GroupVersionKind

RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale). @@ -107,7 +107,7 @@ and requestKind: {group:"apps", version:"v1beta1", kin requestResource
-meta/v1.GroupVersionResource +meta/v1.GroupVersionResource

RequestResource is the fully-qualified resource of the original API request (for example, v1.pods). @@ -153,7 +153,7 @@ requested. e.g. a patch can result in either a CREATE or UPDATE Operation.

userInfo [Required]
-authentication/v1.UserInfo +authentication/v1.UserInfo

UserInfo is information about the requesting user

@@ -227,7 +227,7 @@ This must be copied over from the corresponding AdmissionRequest.

status
-meta/v1.Status +meta/v1.Status

Result contains extra details into why an admission request was denied. diff --git a/content/en/docs/reference/config-api/apiserver-audit.v1.md b/content/en/docs/reference/config-api/apiserver-audit.v1.md index ffef0b7f2b..e89270a91a 100644 --- a/content/en/docs/reference/config-api/apiserver-audit.v1.md +++ b/content/en/docs/reference/config-api/apiserver-audit.v1.md @@ -72,14 +72,14 @@ For non-resource requests, this is the lower-cased HTTP method.

user [Required]
-authentication/v1.UserInfo +authentication/v1.UserInfo

Authenticated user information.

impersonatedUser
-authentication/v1.UserInfo +authentication/v1.UserInfo

Impersonated user information.

@@ -117,7 +117,7 @@ Does not apply for List-type requests, or non-resource requests.

responseStatus
-meta/v1.Status +meta/v1.Status

The response status, populated even when the ResponseObject is not a Status type. @@ -145,14 +145,14 @@ at Response Level.

requestReceivedTimestamp
-meta/v1.MicroTime +meta/v1.MicroTime

Time the request reached the apiserver.

stageTimestamp
-meta/v1.MicroTime +meta/v1.MicroTime

Time the request reached current audit stage.

@@ -189,7 +189,7 @@ should be short. Annotations are included in the Metadata level.

metadata
-meta/v1.ListMeta +meta/v1.ListMeta No description provided. @@ -224,7 +224,7 @@ categories are logged.

metadata
-meta/v1.ObjectMeta +meta/v1.ObjectMeta

ObjectMeta is included for interoperability with API infrastructure.

@@ -279,7 +279,7 @@ in a rule will override the global default.

metadata
-meta/v1.ListMeta +meta/v1.ListMeta No description provided. diff --git a/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md b/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md index f2dc0bf595..0c85b397f6 100644 --- a/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md @@ -81,23 +81,11 @@ auto_generated: true kind
stringTracingConfiguration -endpoint
-string +TracingConfiguration [Required]
+TracingConfiguration - -

Endpoint of the collector that's running on the control-plane node. -The APIServer uses the egressType ControlPlane when sending data to the collector. -The syntax is defined in https://github.com/grpc/grpc/blob/master/doc/naming.md. -Defaults to the otlpgrpc default, localhost:4317 -The connection is insecure, and does not support TLS.

- - -samplingRatePerMillion
-int32 - - -

SamplingRatePerMillion is the number of samples to collect per million spans. -Defaults to 0.

+(Members of TracingConfiguration are embedded into this type.) +

Embed the component config tracing configuration struct

@@ -372,4 +360,45 @@ This does not use a unix:// prefix. (Eg: /etc/srv/kubernetes/konnectivity-server - \ No newline at end of file + + + + +## `TracingConfiguration` {#TracingConfiguration} + + +**Appears in:** + +- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1alpha1-TracingConfiguration) + + +

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
endpoint
+string +		 +

Endpoint of the collector this component will report traces to. +The connection is insecure, and does not currently support TLS. +Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

+
samplingRatePerMillion
+int32 +		 +

SamplingRatePerMillion is the number of samples to collect per million spans. +Recommended is unset. If unset, sampler respects its parent span's sampling +rate, but otherwise never samples.

+
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/apiserver-config.v1beta1.md b/content/en/docs/reference/config-api/apiserver-config.v1beta1.md index 0ed8e17a44..6acb3540cd 100644 --- a/content/en/docs/reference/config-api/apiserver-config.v1beta1.md +++ b/content/en/docs/reference/config-api/apiserver-config.v1beta1.md @@ -11,6 +11,7 @@ auto_generated: true - [EgressSelectorConfiguration](#apiserver-k8s-io-v1beta1-EgressSelectorConfiguration) +- [TracingConfiguration](#apiserver-k8s-io-v1beta1-TracingConfiguration) @@ -39,6 +40,31 @@ auto_generated: true +## `TracingConfiguration` {#apiserver-k8s-io-v1beta1-TracingConfiguration} + + + +

TracingConfiguration provides versioned configuration for tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		apiserver.k8s.io/v1beta1
kind
string		TracingConfiguration
TracingConfiguration [Required]
+TracingConfiguration +		(Members of TracingConfiguration are embedded into this type.) +

Embed the component config tracing configuration struct

+
+ ## `Connection` {#apiserver-k8s-io-v1beta1-Connection} @@ -265,4 +291,47 @@ This does not use a unix:// prefix. (Eg: /etc/srv/kubernetes/konnectivity-server - \ No newline at end of file + + + + +## `TracingConfiguration` {#TracingConfiguration} + + +**Appears in:** + +- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1alpha1-TracingConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1beta1-TracingConfiguration) + + +

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
endpoint
+string +		 +

Endpoint of the collector this component will report traces to. +The connection is insecure, and does not currently support TLS. +Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

+
samplingRatePerMillion
+int32 +		 +

SamplingRatePerMillion is the number of samples to collect per million spans. +Recommended is unset. If unset, sampler respects its parent span's sampling +rate, but otherwise never samples.

+
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/apiserver-encryption.v1.md b/content/en/docs/reference/config-api/apiserver-encryption.v1.md index bd12284f30..ecc82b7db7 100644 --- a/content/en/docs/reference/config-api/apiserver-encryption.v1.md +++ b/content/en/docs/reference/config-api/apiserver-encryption.v1.md @@ -18,7 +18,45 @@ auto_generated: true -

EncryptionConfiguration stores the complete configuration for encryption providers.

+

EncryptionConfiguration stores the complete configuration for encryption providers. +It also allows the use of wildcards to specify the resources that should be encrypted. +Use '.' to encrypt all resources within a group or '.' to encrypt all resources. +'.' can be used to encrypt all resource in the core group. '.' will encrypt all +resources, even custom resources that are added after API server start. +Use of wildcards that overlap within the same resource list or across multiple +entries are not allowed since part of the configuration would be ineffective. +Resource lists are processed in order, with earlier lists taking precedence.

+

Example:

+
kind: EncryptionConfiguration
+apiVersion: apiserver.config.k8s.io/v1
+resources:
+- resources:
+  - events
+  providers:
+  - identity: {}  # do not encrypt events even though *.* is specified below
+- resources:
+  - secrets
+  - configmaps
+  - pandas.awesome.bears.example
+  providers:
+  - aescbc:
+      keys:
+      - name: key1
+        secret: c2VjcmV0IGlzIHNlY3VyZQ==
+- resources:
+  - '*.apps'
+  providers:
+  - aescbc:
+      keys:
+      - name: key2
+        secret: c2VjcmV0IGlzIHNlY3VyZSwgb3IgaXMgaXQ/Cg==
+- resources:
+  - '*.*'
+  providers:
+  - aescbc:
+      keys:
+      - name: key3
+        secret: c2VjcmV0IGlzIHNlY3VyZSwgSSB0aGluaw==
@@ -114,7 +152,7 @@ Each key has to be 32 bytes long for AES-CBC and 16, 24 or 32 bytes for AES-GCM. diff --git a/content/en/docs/reference/config-api/client-authentication.v1.md b/content/en/docs/reference/config-api/client-authentication.v1.md index 0a3fab1a5c..63bbeb0017 100644 --- a/content/en/docs/reference/config-api/client-authentication.v1.md +++ b/content/en/docs/reference/config-api/client-authentication.v1.md @@ -206,7 +206,7 @@ itself should at least be protected via file permissions.

cachesize is the maximum number of secrets which are cached in memory. The default value is 1000. -Set to a negative value to disable caching.

+Set to a negative value to disable caching. This field is only allowed for KMS v1 providers.
endpoint [Required]
@@ -243,7 +281,11 @@ Set to a negative value to disable caching.

[]string 		-

resources is a list of kubernetes resources which have to be encrypted.

+

resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from resource or resource.group of the group/version/resource. +eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas. +Use '.' to encrypt all resources and '.' to encrypt all resources in a specific group. +eg: '.awesome.bears.example' will encrypt all resources in the group 'awesome.bears.example'. +eg: '*.' will encrypt all resources in the core group (such as pods, configmaps, etc).
providers [Required]
@@ -251,7 +293,7 @@ Set to a negative value to disable caching.

providers is a list of transformers to be used for reading and writing the resources to disk. -eg: aesgcm, aescbc, secretbox, identity.

+eg: aesgcm, aescbc, secretbox, identity, kms.
expirationTimestamp
-meta/v1.Time +meta/v1.Time

ExpirationTimestamp indicates a time when the provided credentials expire.

diff --git a/content/en/docs/reference/config-api/client-authentication.v1beta1.md b/content/en/docs/reference/config-api/client-authentication.v1beta1.md index 09aa4dcc87..f8cab963cd 100644 --- a/content/en/docs/reference/config-api/client-authentication.v1beta1.md +++ b/content/en/docs/reference/config-api/client-authentication.v1beta1.md @@ -206,7 +206,7 @@ itself should at least be protected via file permissions.

expirationTimestamp
-meta/v1.Time +meta/v1.Time

ExpirationTimestamp indicates a time when the provided credentials expire.

diff --git a/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md b/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md index 0eaa8f14ad..fb55f9a06b 100644 --- a/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md +++ b/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md @@ -29,7 +29,7 @@ auto_generated: true
metadata
-meta/v1.ObjectMeta +meta/v1.ObjectMeta

Standard object's metadata. diff --git a/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md b/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md index 4ec29226a5..1b4b120abd 100644 --- a/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md @@ -1,7 +1,7 @@ --- title: kube-controller-manager Configuration (v1alpha1) content_type: tool-reference -package: controllermanager.config.k8s.io/v1alpha1 +package: cloudcontrollermanager.config.k8s.io/v1alpha1 auto_generated: true --- @@ -9,11 +9,358 @@ auto_generated: true ## Resource Types -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) +- [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration) +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) +## `NodeControllerConfiguration` {#NodeControllerConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + + +

NodeControllerConfiguration contains elements describing NodeController.

+ + + + + + + + + + + +
FieldDescription
ConcurrentNodeSyncs [Required]
+int32 +		 +

ConcurrentNodeSyncs is the number of workers +concurrently synchronizing nodes

+
+ +## `ServiceControllerConfiguration` {#ServiceControllerConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) + + +

ServiceControllerConfiguration contains elements describing ServiceController.

+ + + + + + + + + + + +
FieldDescription
ConcurrentServiceSyncs [Required]
+int32 +		 +

concurrentServiceSyncs is the number of services that are +allowed to sync concurrently. Larger number = more responsive service +management, but more CPU (and network) load.

+
+ + + +## `CloudControllerManagerConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration} + + + +

CloudControllerManagerConfiguration contains elements describing cloud-controller manager.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		cloudcontrollermanager.config.k8s.io/v1alpha1
kind
string		CloudControllerManagerConfiguration
Generic [Required]
+GenericControllerManagerConfiguration +		 +

Generic holds configuration for a generic controller-manager

+
KubeCloudShared [Required]
+KubeCloudSharedConfiguration +		 +

KubeCloudSharedConfiguration holds configuration for shared related features +both in cloud controller manager and kube-controller manager.

+
NodeController [Required]
+NodeControllerConfiguration +		 +

NodeController holds configuration for node controller +related features.

+
ServiceController [Required]
+ServiceControllerConfiguration +		 +

ServiceControllerConfiguration holds configuration for ServiceController +related features.

+
NodeStatusUpdateFrequency [Required]
+meta/v1.Duration +		 +

NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status

+
Webhook [Required]
+WebhookConfiguration +		 +

Webhook is the configuration for cloud-controller-manager hosted webhooks

+
+ +## `CloudProviderConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudProviderConfiguration} + + +**Appears in:** + +- [KubeCloudSharedConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration) + + +

CloudProviderConfiguration contains basically elements about cloud provider.

+ + + + + + + + + + + + + + +
FieldDescription
Name [Required]
+string +		 +

Name is the provider for cloud services.

+
CloudConfigFile [Required]
+string +		 +

cloudConfigFile is the path to the cloud provider configuration file.

+
+ +## `KubeCloudSharedConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) + + +

KubeCloudSharedConfiguration contains elements shared by both kube-controller manager +and cloud-controller manager, but not genericconfig.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
CloudProvider [Required]
+CloudProviderConfiguration +		 +

CloudProviderConfiguration holds configuration for CloudProvider related features.

+
ExternalCloudVolumePlugin [Required]
+string +		 +

externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". +It is currently used by the in repo cloud providers to handle node and volume control in the KCM.

+
UseServiceAccountCredentials [Required]
+bool +		 +

useServiceAccountCredentials indicates whether controllers should be run with +individual service account credentials.

+
AllowUntaggedCloud [Required]
+bool +		 +

run with untagged cloud instances

+
RouteReconciliationPeriod [Required]
+meta/v1.Duration +		 +

routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider..

+
NodeMonitorPeriod [Required]
+meta/v1.Duration +		 +

nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.

+
ClusterName [Required]
+string +		 +

clusterName is the instance prefix for the cluster.

+
ClusterCIDR [Required]
+string +		 +

clusterCIDR is CIDR Range for Pods in cluster.

+
AllocateNodeCIDRs [Required]
+bool +		 +

AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if +ConfigureCloudRoutes is true, to be set on the cloud provider.

+
CIDRAllocatorType [Required]
+string +		 +

CIDRAllocatorType determines what kind of pod CIDR allocator will be used.

+
ConfigureCloudRoutes [Required]
+bool +		 +

configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs +to be configured on the cloud provider.

+
NodeSyncPeriod [Required]
+meta/v1.Duration +		 +

nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer +periods will result in fewer calls to cloud provider, but may delay addition +of new nodes to cluster.

+
+ +## `WebhookConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-WebhookConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + + +

WebhookConfiguration contains configuration related to +cloud-controller-manager hosted webhooks

+ + + + + + + + + + + +
FieldDescription
Webhooks [Required]
+[]string +		 +

Webhooks is the list of webhooks to enable or disable +'*' means "all enabled by default webhooks" +'foo' means "enable 'foo'" +'-foo' means "disable 'foo'" +first item for a particular name wins

+
+ + + + +## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration} + + +**Appears in:** + +- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) + + +

LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.

+ + + + + + + + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		controllermanager.config.k8s.io/v1alpha1
kind
string		LeaderMigrationConfiguration
leaderName [Required]
+string +		 +

LeaderName is the name of the leader election resource that protects the migration +E.g. 1-20-KCM-to-1-21-CCM

+
resourceLock [Required]
+string +		 +

ResourceLock indicates the resource object type that will be used to lock +Should be "leases" or "endpoints"

+
controllerLeaders [Required]
+[]ControllerLeaderConfiguration +		 +

ControllerLeaders contains a list of migrating leader lock configurations

+
+ ## `ControllerLeaderConfiguration` {#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration} @@ -146,48 +493,6 @@ first item for a particular name wins
- -## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration} - - -**Appears in:** - -- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) - - -

LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.

- - - - - - - - - - - - - - - - - -
FieldDescription
leaderName [Required]
-string -		 -

LeaderName is the name of the leader election resource that protects the migration -E.g. 1-20-KCM-to-1-21-CCM

-
resourceLock [Required]
-string -		 -

ResourceLock indicates the resource object type that will be used to lock -Should be "leases" or "endpoints"

-
controllerLeaders [Required]
-[]ControllerLeaderConfiguration -		 -

ControllerLeaders contains a list of migrating leader lock configurations

-
@@ -1115,14 +1420,6 @@ allowed to sync concurrently.

-EnableTaintManager [Required]
-bool - - -

If set to true enables NoExecute Taints and will evict all not-tolerating -Pod running on Nodes tainted with this kind of Taints.

- - NodeEvictionRate [Required]
float32 @@ -1582,230 +1879,4 @@ volume plugin should search for additional third party volume plugins

- - - - -## `ServiceControllerConfiguration` {#ServiceControllerConfiguration} - - -**Appears in:** - -- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) - -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - - -

ServiceControllerConfiguration contains elements describing ServiceController.

- - - - - - - - - - - -
FieldDescription
ConcurrentServiceSyncs [Required]
-int32 -		 -

concurrentServiceSyncs is the number of services that are -allowed to sync concurrently. Larger number = more responsive service -management, but more CPU (and network) load.

-
- - - -## `CloudControllerManagerConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration} - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		cloudcontrollermanager.config.k8s.io/v1alpha1
kind
string		CloudControllerManagerConfiguration
Generic [Required]
-GenericControllerManagerConfiguration -		 -

Generic holds configuration for a generic controller-manager

-
KubeCloudShared [Required]
-KubeCloudSharedConfiguration -		 -

KubeCloudSharedConfiguration holds configuration for shared related features -both in cloud controller manager and kube-controller manager.

-
ServiceController [Required]
-ServiceControllerConfiguration -		 -

ServiceControllerConfiguration holds configuration for ServiceController -related features.

-
NodeStatusUpdateFrequency [Required]
-meta/v1.Duration -		 -

NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status

-
- -## `CloudProviderConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudProviderConfiguration} - - -**Appears in:** - -- [KubeCloudSharedConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration) - - -

CloudProviderConfiguration contains basically elements about cloud provider.

- - - - - - - - - - - - - - -
FieldDescription
Name [Required]
-string -		 -

Name is the provider for cloud services.

-
CloudConfigFile [Required]
-string -		 -

cloudConfigFile is the path to the cloud provider configuration file.

-
- -## `KubeCloudSharedConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration} - - -**Appears in:** - -- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) - -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - - -

KubeCloudSharedConfiguration contains elements shared by both kube-controller manager -and cloud-controller manager, but not genericconfig.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
CloudProvider [Required]
-CloudProviderConfiguration -		 -

CloudProviderConfiguration holds configuration for CloudProvider related features.

-
ExternalCloudVolumePlugin [Required]
-string -		 -

externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". -It is currently used by the in repo cloud providers to handle node and volume control in the KCM.

-
UseServiceAccountCredentials [Required]
-bool -		 -

useServiceAccountCredentials indicates whether controllers should be run with -individual service account credentials.

-
AllowUntaggedCloud [Required]
-bool -		 -

run with untagged cloud instances

-
RouteReconciliationPeriod [Required]
-meta/v1.Duration -		 -

routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider..

-
NodeMonitorPeriod [Required]
-meta/v1.Duration -		 -

nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.

-
ClusterName [Required]
-string -		 -

clusterName is the instance prefix for the cluster.

-
ClusterCIDR [Required]
-string -		 -

clusterCIDR is CIDR Range for Pods in cluster.

-
AllocateNodeCIDRs [Required]
-bool -		 -

AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if -ConfigureCloudRoutes is true, to be set on the cloud provider.

-
CIDRAllocatorType [Required]
-string -		 -

CIDRAllocatorType determines what kind of pod CIDR allocator will be used.

-
ConfigureCloudRoutes [Required]
-bool -		 -

configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs -to be configured on the cloud provider.

-
NodeSyncPeriod [Required]
-meta/v1.Duration -		 -

nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer -periods will result in fewer calls to cloud provider, but may delay addition -of new nodes to cluster.

-
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md b/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md index 6dfcb913e9..96baf23267 100644 --- a/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md @@ -531,12 +531,12 @@ will exit with an error.

- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration) -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) - - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) + - [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) @@ -593,12 +593,12 @@ client.

**Appears in:** -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) - - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) + - [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) @@ -621,7 +621,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1.md index 876122ef54..1ef0143f31 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -202,7 +210,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -301,7 +309,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1176,7 +1184,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

@@ -1188,12 +1196,12 @@ enableProfiling is true.

**Appears in:** +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) + - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) -

LeaderElectionConfiguration defines the configuration of leader election clients for components that can run with leader election enabled.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md index edf1071e18..bcd0377d7c 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -218,7 +226,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -317,7 +325,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1153,7 +1161,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md index 1f67ffce6c..278b963727 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -202,7 +210,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -301,7 +309,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1157,7 +1165,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md b/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md deleted file mode 100644 index dca15f101f..0000000000 --- a/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md +++ /dev/null @@ -1,1311 +0,0 @@ ---- -title: kubeadm Configuration (v1beta2) -content_type: tool-reference -package: kubeadm.k8s.io/v1beta2 -auto_generated: true ---- -

Overview

-

Package v1beta2 has been DEPRECATED by v1beta3.

-

Package v1beta2 defines the v1beta2 version of the kubeadm configuration file format. -This version improves on the v1beta1 format by fixing some minor issues and adding a few new fields.

-

A list of changes since v1beta1:

- -

See the Kubernetes 1.15 changelog for further details.

-

Migration from old kubeadm config versions

-

Please convert your v1beta1 configuration files to v1beta2 using the "kubeadm config migrate" command of kubeadm v1.15.x -(conversion from older releases of kubeadm config files requires older release of kubeadm as well e.g.

- -

Nevertheless, kubeadm v1.15.x will support reading from v1beta1 version of the kubeadm config file format.

-

Basics

-

The preferred way to configure kubeadm is to pass an YAML configuration file with the --config option. Some of the -configuration options defined in the kubeadm config file are also available as command line flags, but only -the most common/simple use case are supported with this approach.

-

A kubeadm config file could contain multiple configuration types separated using three dashes (---).

-

kubeadm supports the following configuration types:

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-
-apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
-
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: JoinConfiguration
-

To print the defaults for "init" and "join" actions use the following commands:

-
kubeadm config print init-defaults
-kubeadm config print join-defaults
-

The list of configuration types that must be included in a configuration file depends by the action you are -performing (init or join) and by the configuration options you are going to use (defaults or advanced customization).

-

If some configuration types are not provided, or provided only partially, kubeadm will use default values; defaults -provided by kubeadm includes also enforcing consistency of values across components when required (e.g. ---cluster-cidr flag on controller manager and clusterCIDR on kube-proxy).

-

Users are always allowed to override default values, with the only exception of a small subset of setting with -relevance for security (e.g. enforce authorization-mode Node and RBAC on API server)

-

If the user provides a configuration types that is not expected for the action you are performing, kubeadm will -ignore those types and print a warning.

-

Kubeadm init configuration types

-

When executing kubeadm init with the --config option, the following configuration types could be used: -InitConfiguration, ClusterConfiguration, KubeProxyConfiguration, KubeletConfiguration, but only one -between InitConfiguration and ClusterConfiguration is mandatory.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-bootstrapTokens:
-  ...
-nodeRegistration:
-  ...
-

The InitConfiguration type should be used to configure runtime settings, that in case of kubeadm init -are the configuration of the bootstrap token and all the setting which are specific to the node where kubeadm -is executed, including:

- -
apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-networking:
-  ...
-etcd:
-  ...
-apiServer:
-  extraArgs:
-    ...
-  extraVolumes:
-    ...
-...
-

The ClusterConfiguration type should be used to configure cluster-wide settings, -including settings for:

- -
apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
- ...
-

The KubeProxyConfiguration type should be used to change the configuration passed to kube-proxy instances deployed -in the cluster. If this object is not provided or provided only partially, kubeadm applies defaults.

-

See https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ or -https://pkg.go.dev/k8s.io/kube-proxy/config/v1alpha1#KubeProxyConfiguration -for kube proxy official documentation.

-
apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
- ...
-

The KubeletConfiguration type should be used to change the configurations that will be passed to all kubelet instances -deployed in the cluster. If this object is not provided or provided only partially, kubeadm applies defaults.

-

See https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ or -https://pkg.go.dev/k8s.io/kubelet/config/v1beta1#KubeletConfiguration -for kubelet official documentation.

-

Here is a fully populated example of a single YAML file containing multiple -configuration types to be used during a kubeadm init run.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-bootstrapTokens:
-  - token: "9a08jv.c0izixklcxtmnze7"
-    description: "kubeadm bootstrap token"
-    ttl: "24h"
-  - token: "783bde.3f89s0fje9f38fhf"
-    description: "another bootstrap token"
-    usages:
-      - authentication
-      - signing
-    groups:
-      - system:bootstrappers:kubeadm:default-node-token
-nodeRegistration:
-  name: "ec2-10-100-0-1"
-  criSocket: "/var/run/dockershim.sock"
-  taints:
-    - key: "kubeadmNode"
-      value: "someValue"
-      effect: "NoSchedule"
-  kubeletExtraArgs:
-    v: 4
-  ignorePreflightErrors:
-    - IsPrivilegedUser
-localAPIEndpoint:
-  advertiseAddress: "10.100.0.1"
-  bindPort: 6443
-certificateKey: "e6a2eb8581237ab72a4f494f30285ec12a9694d750b9785706a83bfcbbbd2204"
----
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-etcd:
-  # one of local or external
-  local:
-    imageRepository: "registry.k8s.io"
-    imageTag: "3.2.24"
-    dataDir: "/var/lib/etcd"
-    extraArgs:
-      listen-client-urls: "http://10.100.0.1:2379"
-    serverCertSANs:
-      -  "ec2-10-100-0-1.compute-1.amazonaws.com"
-    peerCertSANs:
-      - "10.100.0.1"
-  # external:
-  #   endpoints:
-  #     - "10.100.0.1:2379"
-  #     - "10.100.0.2:2379"
-  #   caFile: "/etcd/kubernetes/pki/etcd/etcd-ca.crt"
-  #   certFile: "/etcd/kubernetes/pki/etcd/etcd.crt"
-  #   keyFile: "/etcd/kubernetes/pki/etcd/etcd.key"
-networking:
-  serviceSubnet: "10.96.0.0/16"
-  podSubnet: "10.244.0.0/24"
-  dnsDomain: "cluster.local"
-kubernetesVersion: "v1.12.0"
-controlPlaneEndpoint: "10.100.0.1:6443"
-apiServer:
-  extraArgs:
-    authorization-mode: "Node,RBAC"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-  certSANs:
-    - "10.100.1.1"
-    - "ec2-10-100-0-1.compute-1.amazonaws.com"
-  timeoutForControlPlane: 4m0s
-controllerManager:
-  extraArgs:
-    "node-cidr-mask-size": "20"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-scheduler:
-  extraArgs:
-    address: "10.100.0.1"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-certificatesDir: "/etc/kubernetes/pki"
-imageRepository: "registry.k8s.io"
-useHyperKubeImage: false
-clusterName: "example-cluster"
----
-apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
-# kubelet specific options here
----
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-# kube-proxy specific options here
-

Kubeadm join configuration types

-

When executing kubeadm join with the --config option, the JoinConfiguration type should be provided.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: JoinConfiguration
- ...
-

The JoinConfiguration type should be used to configure runtime settings, that in case of kubeadm join -are the discovery method used for accessing the cluster info and all the setting which are specific -to the node where kubeadm is executed, including:

- - - -## Resource Types - - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) -- [ClusterStatus](#kubeadm-k8s-io-v1beta2-ClusterStatus) -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - - -## `ClusterConfiguration` {#kubeadm-k8s-io-v1beta2-ClusterConfiguration} - - - -

ClusterConfiguration contains cluster-wide configuration for a kubeadm cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		ClusterConfiguration
etcd [Required]
-Etcd -		 -

etcd holds configuration for etcd.

-
networking [Required]
-Networking -		 -

networking holds configuration for the networking topology of the cluster.

-
kubernetesVersion [Required]
-string -		 -

kubernetesVersion is the target version of the control plane.

-
controlPlaneEndpoint [Required]
-string -		 -

controlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it -can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. -In case the controlPlaneEndpoint is not specified, the advertiseAddress + bindPort -are used; in case the controlPlaneEndpoint is specified but without a TCP port, -the bindPort is used. -Possible usages are:

-
    -
  • In a cluster with more than one control plane instances, this field should be -assigned the address of the external load balancer in front of the -control plane instances.
    • -
  • In environments with enforced node recycling, the controlPlaneEndpoint -could be used for assigning a stable DNS to the control plane.
    • -
-
apiServer [Required]
-APIServer -		 -

apiServer contains extra settings for the API server.

-
controllerManager [Required]
-ControlPlaneComponent -		 -

controllerManager contains extra settings for the controller manager.

-
scheduler [Required]
-ControlPlaneComponent -		 -

scheduler contains extra settings for the scheduler.

-
dns [Required]
-DNS -		 -

dns defines the options for the DNS add-on installed in the cluster.

-
certificatesDir [Required]
-string -		 -

certificatesDir specifies where to store or look for all required certificates.

-
imageRepository [Required]
-string -		 -

imageRepository sets the container registry to pull images from. -If empty, registry.k8s.io will be used by default; in case of kubernetes version is -a CI build (kubernetes version starts with ci/) gcr.io/k8s-staging-ci-images -is used as a default for control plane components and for kube-proxy, while -registry.k8s.io will be used for all the other images.

-
useHyperKubeImage [Required]
-bool -		 -

useHyperKubeImage controls if hyperkube should be used for Kubernetes components -instead of their respective separate images. -DEPRECATED: As hyperkube is itself deprecated, this fields is too. It will be -removed in future kubeadm config versions, kubeadm will print multiple warnings -when this set to true, and at some point it may become ignored.

-
featureGates [Required]
-map[string]bool -		 -

featureGates contains the feature gates enabled by the user.

-
clusterName [Required]
-string -		 -

The cluster name.

-
- -## `ClusterStatus` {#kubeadm-k8s-io-v1beta2-ClusterStatus} - - - -

ClusterStatus contains the cluster status. The ClusterStatus will be stored in -the kubeadm-config ConfigMap in the cluster, and then updated by kubeadm when -additional control plane instance joins or leaves the cluster.

- - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		ClusterStatus
apiEndpoints [Required]
-map[string]github.com/tengqm/kubeconfig/config/kubeadm/v1beta2.APIEndpoint -		 -

apiEndpoints currently available in the cluster, one for each control -plane/API server instance. -The key of the map is the IP of the host's default interface.

-
- -## `InitConfiguration` {#kubeadm-k8s-io-v1beta2-InitConfiguration} - - - -

InitConfiguration contains a list of elements that is specific "kubeadm init"-only runtime -information.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		InitConfiguration
bootstrapTokens [Required]
-[]BootstrapToken -		 -

bootstrapTokens is respected at kubeadm init time and describes a set of bootstrap tokens to create. -This information IS NOT uploaded to the kubeadm cluster ConfigMap, partly because of its sensitive nature.

-
nodeRegistration [Required]
-NodeRegistrationOptions -		 -

nodeRegistration holds fields that relate to registering the new control-plane node to the cluster.

-
localAPIEndpoint [Required]
-APIEndpoint -		 -

localAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node. -In HA setups, this differs from ClusterConfiguration.controlPlaneEndpoint in the sense that ControlPlaneEndpoint -is the global endpoint for the cluster, which then load-balances the requests to each individual API server. This -configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible -on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process -fails you may set the desired value here.

-
certificateKey [Required]
-string -		 -

certificateKey sets the key with which certificates and keys are encrypted prior to being uploaded in -a secret in the cluster during the uploadcerts init phase.

-
- -## `JoinConfiguration` {#kubeadm-k8s-io-v1beta2-JoinConfiguration} - - - -

JoinConfiguration contains elements describing a particular node.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		JoinConfiguration
nodeRegistration [Required]
-NodeRegistrationOptions -		 -

nodeRegistration holds fields that relate to registering the new -control-plane node to the cluster

-
caCertPath [Required]
-string -		 -

caCertPath is the path to the SSL certificate authority used to -secure comunications between a node and the control-plane. -Defaults to "/etc/kubernetes/pki/ca.crt".

-
discovery [Required]
-Discovery -		 -

discovery specifies the options for the kubelet to use during the TLS -bootstrap process.

-
controlPlane [Required]
-JoinControlPlane -		 -

controlPlane defines the additional control plane instance to be deployed -on the joining node. If nil, no additional control plane instance will be deployed.

-
- -## `APIEndpoint` {#kubeadm-k8s-io-v1beta2-APIEndpoint} - - -**Appears in:** - -- [ClusterStatus](#kubeadm-k8s-io-v1beta2-ClusterStatus) - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - -- [JoinControlPlane](#kubeadm-k8s-io-v1beta2-JoinControlPlane) - - -

APIEndpoint struct contains elements of API server instance deployed on a node.

- - - - - - - - - - - - - - -
FieldDescription
advertiseAddress [Required]
-string -		 -

advertiseAddress sets the IP address for the API server to advertise.

-
bindPort [Required]
-int32 -		 -

bindPort sets the secure port for the API Server to bind to. -Defaults to 6443.

-
- -## `APIServer` {#kubeadm-k8s-io-v1beta2-APIServer} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

APIServer holds settings necessary for API server deployments in the cluster.

- - - - - - - - - - - - - - - - - -
FieldDescription
ControlPlaneComponent [Required]
-ControlPlaneComponent -		(Members of ControlPlaneComponent are embedded into this type.) - No description provided.
certSANs [Required]
-[]string -		 -

certSANs sets extra Subject Alternative Names (SANs) for the API Server -signing certificate.

-
timeoutForControlPlane [Required]
-meta/v1.Duration -		 -

timeoutForControlPlane controls the timeout that we wait for the API server -to appear.

-
- -## `BootstrapToken` {#kubeadm-k8s-io-v1beta2-BootstrapToken} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - - -

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-BootstrapTokenString -		 -

token is used for establishing bidirectional trust between nodes and control-planes. -Used for joining nodes in the cluster.

-
description [Required]
-string -		 -

description sets a human-friendly message why this token exists and what it's used -for, so other administrators can know its purpose.

-
ttl [Required]
-meta/v1.Duration -		 -

ttl defines the time to live for this token. Defaults to '24h'. -expires and ttl are mutually exclusive.

-
expires [Required]
-meta/v1.Time -		 -

expires specifies the timestamp when this token expires. Defaults to being set -dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

-
usages [Required]
-[]string -		 -

usages describes the ways in which this token can be used. Can by default be used -for establishing bidirectional trust, but that can be changed here.

-
groups [Required]
-[]string -		 -

groups specifies the extra groups that this token will authenticate as when/if -used for authentication.

-
- -## `BootstrapTokenDiscovery` {#kubeadm-k8s-io-v1beta2-BootstrapTokenDiscovery} - - -**Appears in:** - -- [Discovery](#kubeadm-k8s-io-v1beta2-Discovery) - - -

BootstrapTokenDiscovery is used to set the options for bootstrap token based discovery

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-string -		 -

token is a token used to validate cluster information fetched from -the control-plane.

-
apiServerEndpoint [Required]
-string -		 -

apiServerEndpoint is an IP or domain name to the API server from which information -will be fetched.

-
caCertHashes [Required]
-[]string -		 -

caCertHashes specifies a set of public key pins to verify when token-based discovery -is used. The root CA found during discovery must match one of these values. -Specifying an empty set disables root CA pinning, which can be unsafe. -Each hash is specified as ":", where the only currently supported type is "sha256". -This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in -DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL.

-
unsafeSkipCAVerification [Required]
-bool -		 -

unsafeSkipCAVerification allows token-based discovery without CA verification via -caCertHashes. This can weaken the security of kubeadm since other nodes can -impersonate the control-plane.

-
- -## `BootstrapTokenString` {#kubeadm-k8s-io-v1beta2-BootstrapTokenString} - - -**Appears in:** - -- [BootstrapToken](#kubeadm-k8s-io-v1beta2-BootstrapToken) - - -

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used -for both validation of the practically of the API server from a joining node's point -of view and as an authentication method for the node in the bootstrap phase of -"kubeadm join". This token is and should be short-lived

- - - - - - - - - - - - - - -
FieldDescription
- [Required]
-string -		 - No description provided.
- [Required]
-string -		 - No description provided.
- -## `ControlPlaneComponent` {#kubeadm-k8s-io-v1beta2-ControlPlaneComponent} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - -- [APIServer](#kubeadm-k8s-io-v1beta2-APIServer) - - -

ControlPlaneComponent holds settings common to control plane component of the cluster

- - - - - - - - - - - - - - -
FieldDescription
extraArgs [Required]
-map[string]string -		 -

extraArgs is an extra set of flags to pass to a control plane component. -A key in this map is the flag name as it appears on the command line except -without leading dash(es).

-
extraVolumes [Required]
-[]HostPathMount -		 -

extraVolumes is an extra set of host volumes mounted to the control plane -component.

-
- -## `DNS` {#kubeadm-k8s-io-v1beta2-DNS} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

DNS defines the DNS addon that should be used in the cluster

- - - - - - - - - - - - - - -
FieldDescription
type [Required]
-DNSAddOnType -		 -

type defines the DNS add-on to be used.

-
ImageMeta [Required]
-ImageMeta -		(Members of ImageMeta are embedded into this type.) -

ImageMeta allows to customize the image used for the DNS component

-
- -## `DNSAddOnType` {#kubeadm-k8s-io-v1beta2-DNSAddOnType} - -(Alias of `string`) - -**Appears in:** - -- [DNS](#kubeadm-k8s-io-v1beta2-DNS) - - -

DNSAddOnType defines string identifying DNS add-on types.

- - - - -## `Discovery` {#kubeadm-k8s-io-v1beta2-Discovery} - - -**Appears in:** - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

Discovery specifies the options for the kubelet to use during the TLS Bootstrap process

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
bootstrapToken [Required]
-BootstrapTokenDiscovery -		 -

bootstrapToken is used to set the options for bootstrap token based discovery. -bootstrapToken and file are mutually exclusive.

-
file [Required]
-FileDiscovery -		 -

file is used to specify a file or URL to a kubeconfig file from which to load -cluster information. -bootstrapToken and file are mutually exclusive.

-
tlsBootstrapToken [Required]
-string -		 -

tlsBootstrapToken is a token used for TLS bootstrapping. -If bootstrapToken is set, this field is defaulted to .bootstrapToken.token, -but can be overridden. -If file is set, this field must be set in case the KubeConfigFile does not -contain any other authentication information.

-
timeout [Required]
-meta/v1.Duration -		 -

timeout modifies the discovery timeout.

-
- -## `Etcd` {#kubeadm-k8s-io-v1beta2-Etcd} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

Etcd contains elements describing Etcd configuration.

- - - - - - - - - - - - - - -
FieldDescription
local [Required]
-LocalEtcd -		 -

local provides configuration knobs for configuring the local etcd instance. -local and external are mutually exclusive.

-
external [Required]
-ExternalEtcd -		 -

external describes how to connect to an external etcd cluster. -local and external are mutually exclusive.

-
- -## `ExternalEtcd` {#kubeadm-k8s-io-v1beta2-ExternalEtcd} - - -**Appears in:** - -- [Etcd](#kubeadm-k8s-io-v1beta2-Etcd) - - -

ExternalEtcd describes an external etcd cluster. -Kubeadm has no knowledge of where certificate files live and they must be supplied.

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
endpoints [Required]
-[]string -		 -

endpoints of etcd members. Required for external etcd.

-
caFile [Required]
-string -		 -

caFile is an SSL Certificate Authority (CA) file used to secure etcd communication. -Required if using a TLS connection.

-
certFile [Required]
-string -		 -

certFile is an SSL certification file used to secure etcd communication. -Required if using a TLS connection.

-
keyFile [Required]
-string -		 -

keyFile is an SSL key file used to secure etcd communication. -Required if using a TLS connection.

-
- -## `FileDiscovery` {#kubeadm-k8s-io-v1beta2-FileDiscovery} - - -**Appears in:** - -- [Discovery](#kubeadm-k8s-io-v1beta2-Discovery) - - -

FileDiscovery is used to specify a file or URL to a kubeconfig file from which to load cluster information

- - - - - - - - - - - -
FieldDescription
kubeConfigPath [Required]
-string -		 -

kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file -from which to load cluster information.

-
- -## `HostPathMount` {#kubeadm-k8s-io-v1beta2-HostPathMount} - - -**Appears in:** - -- [ControlPlaneComponent](#kubeadm-k8s-io-v1beta2-ControlPlaneComponent) - - -

HostPathMount contains elements describing volumes that are mounted from the host.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
name [Required]
-string -		 -

name of the volume inside the Pod template.

-
hostPath [Required]
-string -		 -

hostPath is the path in the host that will be mounted inside the Pod.

-
mountPath [Required]
-string -		 -

mountPathis the path inside the Pod where hostPath volume will be mounted.

-
readOnly [Required]
-bool -		 -

readOnly controls write access to the volume.

-
pathType [Required]
-core/v1.HostPathType -		 -

pathType is the type of the HostPath.

-
- -## `ImageMeta` {#kubeadm-k8s-io-v1beta2-ImageMeta} - - -**Appears in:** - -- [DNS](#kubeadm-k8s-io-v1beta2-DNS) - -- [LocalEtcd](#kubeadm-k8s-io-v1beta2-LocalEtcd) - - -

ImageMeta allows to customize the image used for components that are not -originated from the Kubernetes/Kubernetes release process

- - - - - - - - - - - - - - -
FieldDescription
imageRepository [Required]
-string -		 -

imageRepository sets the container registry to pull images from. -If not set, the imageRepository defined in ClusterConfiguration will be used.

-
imageTag [Required]
-string -		 -

imageTag allows for specifying a tag for the image. -In case this value is set, kubeadm does not change automatically the -version of the above components during upgrades.

-
- -## `JoinControlPlane` {#kubeadm-k8s-io-v1beta2-JoinControlPlane} - - -**Appears in:** - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

JoinControlPlane contains elements describing an additional control plane instance -to be deployed on the joining node.

- - - - - - - - - - - - - - -
FieldDescription
localAPIEndpoint [Required]
-APIEndpoint -		 -

localAPIEndpoint represents the endpoint of the API server instance -to be deployed on this node.

-
certificateKey [Required]
-string -		 -

certificateKey is the key that is used for decryption of certificates after -they are downloaded from the secret upon joining a new control plane node. -The corresponding encryption key is in the InitConfiguration.

-
- -## `LocalEtcd` {#kubeadm-k8s-io-v1beta2-LocalEtcd} - - -**Appears in:** - -- [Etcd](#kubeadm-k8s-io-v1beta2-Etcd) - - -

LocalEtcd describes that kubeadm should run an etcd cluster locally.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
ImageMeta [Required]
-ImageMeta -		(Members of ImageMeta are embedded into this type.) -

ImageMeta allows to customize the container used for etcd.

-
dataDir [Required]
-string -		 -

dataDir is the directory etcd will place its data. -Defaults to "/var/lib/etcd".

-
extraArgs [Required]
-map[string]string -		 -

extraArgs are extra arguments provided to the etcd binary when run -inside a static pod. -A key in this map is the flag name as it appears on the -command line except without leading dash(es).

-
serverCertSANs [Required]
-[]string -		 -

serverCertSANs sets extra Subject Alternative Names (SANs) for the -etcd server signing certificate.

-
peerCertSANs [Required]
-[]string -		 -

peerCertSANs sets extra Subject Alternative Names (SANs) for the -etcd peer signing certificate.

-
- -## `Networking` {#kubeadm-k8s-io-v1beta2-Networking} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

Networking contains elements describing cluster's networking configuration

- - - - - - - - - - - - - - - - - -
FieldDescription
serviceSubnet [Required]
-string -		 -

serviceSubnet is the subnet used by kubernetes Services. Defaults to "10.96.0.0/12".

-
podSubnet [Required]
-string -		 -

podSubnet is the subnet used by Pods.

-
dnsDomain [Required]
-string -		 -

dnsDomain is the DNS domain used by kubernetes Services. Defaults to "cluster.local".

-
- -## `NodeRegistrationOptions` {#kubeadm-k8s-io-v1beta2-NodeRegistrationOptions} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

NodeRegistrationOptions holds fields that relate to registering a new control-plane -or node to the cluster, either via "kubeadm init" or "kubeadm join".

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
name [Required]
-string -		 -

name is the .Metadata.Name field of the Node API object that will be created -in this kubeadm init or kubeadm join operation. -This field is also used in the CommonName field of the kubelet's client certificate -to the API server. -Defaults to the hostname of the node if not provided.

-
criSocket [Required]
-string -		 -

criSocket is used to retrieve container runtime information. This information will -be annotated to the Node API object, for later re-use.

-
taints [Required]
-[]core/v1.Taint -		 -

taints specifies the taints the Node API object should be registered with. -If this field is unset, i.e. nil, in the kubeadm init process it will be defaulted with -a control-plane taint for control-plane nodes. If you don't want to taint your control-plane -node, set this field to an empty list, i.e. taints: [], in the YAML file. This field is -solely used for Node registration.

-
kubeletExtraArgs [Required]
-map[string]string -		 -

kubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are -passed to the kubelet command line via the environment file kubeadm writes at runtime for -the kubelet to source. This overrides the generic base-level configuration in the -'kubelet-config-1.X' ConfigMap. -Flags have higher priority when parsing. These values are local and specific to the node -kubeadm is executing on. -A key in this map is the flag name as it appears on the command line except without leading dash(es).

-
ignorePreflightErrors [Required]
-[]string -		 -

ignorePreflightErrors provides a list of pre-flight errors to be ignored when the -current node is registered.

-
- \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md b/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md index 8abeb61fe3..5504f6070e 100644 --- a/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md +++ b/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md @@ -30,6 +30,7 @@ the user to configure a directory from which to take patches for components depl

Basics

The preferred way to configure kubeadm is to pass an YAML configuration file with the --config option. Some of the @@ -264,109 +265,6 @@ node only (e.g. the node ip).

-## `BootstrapToken` {#BootstrapToken} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta3-InitConfiguration) - - -

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-BootstrapTokenString -		 -

token is used for establishing bidirectional trust between nodes and control-planes. -Used for joining nodes in the cluster.

-
description
-string -		 -

description sets a human-friendly message why this token exists and what it's used -for, so other administrators can know its purpose.

-
ttl
-meta/v1.Duration -		 -

ttl defines the time to live for this token. Defaults to 24h. -expires and ttl are mutually exclusive.

-
expires
-meta/v1.Time -		 -

expires specifies the timestamp when this token expires. Defaults to being set -dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

-
usages
-[]string -		 -

usages describes the ways in which this token can be used. Can by default be used -for establishing bidirectional trust, but that can be changed here.

-
groups
-[]string -		 -

groups specifies the extra groups that this token will authenticate as when/if -used for authentication

-
- -## `BootstrapTokenString` {#BootstrapTokenString} - - -**Appears in:** - -- [BootstrapToken](#BootstrapToken) - - -

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used -for both validation of the practically of the API server from a joining node's point -of view and as an authentication method for the node in the bootstrap phase of -"kubeadm join". This token is and should be short-lived.

- - - - - - - - - - - - - - -
FieldDescription
- [Required]
-string -		 - No description provided.
- [Required]
-string -		 - No description provided.
- - - ## `ClusterConfiguration` {#kubeadm-k8s-io-v1beta3-ClusterConfiguration} @@ -1036,7 +934,7 @@ file from which to load cluster information.

pathType
-core/v1.HostPathType +core/v1.HostPathType

pathType is the type of the hostPath.

@@ -1259,7 +1157,7 @@ This information will be annotated to the Node API object, for later re-use

taints [Required]
-[]core/v1.Taint +[]core/v1.Taint

taints specifies the taints the Node API object should be registered with. @@ -1290,7 +1188,7 @@ the current node is registered.

imagePullPolicy
-core/v1.PullPolicy +core/v1.PullPolicy

imagePullPolicy specifies the policy for image pulling during kubeadm "init" and @@ -1338,4 +1236,107 @@ first alpha-numerically.

- \ No newline at end of file + + + + +## `BootstrapToken` {#BootstrapToken} + + +**Appears in:** + +- [InitConfiguration](#kubeadm-k8s-io-v1beta3-InitConfiguration) + + +

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
token [Required]
+BootstrapTokenString +		 +

token is used for establishing bidirectional trust between nodes and control-planes. +Used for joining nodes in the cluster.

+
description
+string +		 +

description sets a human-friendly message why this token exists and what it's used +for, so other administrators can know its purpose.

+
ttl
+meta/v1.Duration +		 +

ttl defines the time to live for this token. Defaults to 24h. +expires and ttl are mutually exclusive.

+
expires
+meta/v1.Time +		 +

expires specifies the timestamp when this token expires. Defaults to being set +dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

+
usages
+[]string +		 +

usages describes the ways in which this token can be used. Can by default be used +for establishing bidirectional trust, but that can be changed here.

+
groups
+[]string +		 +

groups specifies the extra groups that this token will authenticate as when/if +used for authentication

+
+ +## `BootstrapTokenString` {#BootstrapTokenString} + + +**Appears in:** + +- [BootstrapToken](#BootstrapToken) + + +

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used +for both validation of the practically of the API server from a joining node's point +of view and as an authentication method for the node in the bootstrap phase of +"kubeadm join". This token is and should be short-lived.

+ + + + + + + + + + + + + + +
FieldDescription
- [Required]
+string +		 + No description provided.
- [Required]
+string +		 + No description provided.
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1.md b/content/en/docs/reference/config-api/kubelet-config.v1.md index abaf48ec4b..407ce5f1a9 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1.md @@ -169,211 +169,4 @@ credential plugin.

- - - - -## `FormatOptions` {#FormatOptions} - - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - -

FormatOptions contains options for the different logging formats.

- - - - - - - - - - - -
FieldDescription
json [Required]
-JSONOptions -		 -

[Alpha] JSON contains options for logging format "json". -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `JSONOptions` {#JSONOptions} - - -**Appears in:** - -- [FormatOptions](#FormatOptions) - - -

JSONOptions contains options for logging format "json".

- - - - - - - - - - - - - - -
FieldDescription
splitStream [Required]
-bool -		 -

[Alpha] SplitStream redirects error messages to stderr while -info messages go to stdout, with buffering. The default is to write -both to stdout, without buffering. Only available when -the LoggingAlphaOptions feature gate is enabled.

-
infoBufferSize [Required]
-k8s.io/apimachinery/pkg/api/resource.QuantityValue -		 -

[Alpha] InfoBufferSize sets the size of the info stream when -using split streams. The default is zero, which disables buffering. -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `LogFormatFactory` {#LogFormatFactory} - - - -

LogFormatFactory provides support for a certain additional, -non-default log format.

- - - - -## `LoggingConfiguration` {#LoggingConfiguration} - - -**Appears in:** - -- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) - - -

LoggingConfiguration contains logging options.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
format [Required]
-string -		 -

Format Flag specifies the structure of log messages. -default value of format is text

-
flushFrequency [Required]
-time.Duration -		 -

Maximum number of nanoseconds (i.e. 1s = 1000000000) between log -flushes. Ignored if the selected logging backend writes log -messages without buffering.

-
verbosity [Required]
-VerbosityLevel -		 -

Verbosity is the threshold that determines which log messages are -logged. Default is zero which logs only the most important -messages. Higher values enable additional messages. Error messages -are always logged.

-
vmodule [Required]
-VModuleConfiguration -		 -

VModule overrides the verbosity threshold for individual files. -Only supported for "text" log format.

-
options [Required]
-FormatOptions -		 -

[Alpha] Options holds additional parameters that are specific -to the different logging formats. Only the options for the selected -format get used, but all of them get validated. -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `TracingConfiguration` {#TracingConfiguration} - - -**Appears in:** - -- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) - - -

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

- - - - - - - - - - - - - - -
FieldDescription
endpoint
-string -		 -

Endpoint of the collector this component will report traces to. -The connection is insecure, and does not currently support TLS. -Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

-
samplingRatePerMillion
-int32 -		 -

SamplingRatePerMillion is the number of samples to collect per million spans. -Recommended is unset. If unset, sampler respects its parent span's sampling -rate, but otherwise never samples.

-
- -## `VModuleConfiguration` {#VModuleConfiguration} - -(Alias of `[]k8s.io/component-base/logs/api/v1.VModuleItem`) - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - -

VModuleConfiguration is a collection of individual file names or patterns -and the corresponding verbosity threshold.

- - - - -## `VerbosityLevel` {#VerbosityLevel} - -(Alias of `uint32`) - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - - -

VerbosityLevel represents a klog or logr verbosity threshold.

- - + \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md b/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md index 079c36a932..6082c2f7ec 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md @@ -169,6 +169,4 @@ credential plugin.

- - - \ No newline at end of file + \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md index a11c179a58..b40fb3f5e9 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md @@ -262,7 +262,7 @@ Default: 10

eventRecordQPS is the maximum event creations per second. If 0, there is no limit enforced. The value cannot be a negative number. -Default: 5

+Default: 50

eventBurst
@@ -273,7 +273,7 @@ Default: 5

allows event creations to burst to this number, while still not exceeding eventRecordQPS. This field canot be a negative number and it is only used when eventRecordQPS > 0. -Default: 10

+Default: 100

enableDebuggingHandlers
@@ -290,7 +290,7 @@ Default: true

bool -

enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true. +

enableContentionProfiling enables block profiling, if enableDebuggingHandlers is true. Default: false

@@ -529,8 +529,7 @@ resources;
  • single-numa-node: kubelet only allows pods with a single NUMA alignment of CPU and device resources.
    • -

    Policies other than "none" require the TopologyManager feature gate to be enabled. -Default: "none"

    +

    Default: "none"

    topologyManagerScope
    @@ -543,8 +542,7 @@ that topology manager requests and hint providers generate. Valid values include
  • container: topology policy is applied on a per-container basis.
  • pod: topology policy is applied on a per-pod basis.
    • -

    "pod" scope requires the TopologyManager feature gate to be enabled. -Default: "container"

    +

    Default: "container"

    topologyManagerPolicyOptions
    @@ -692,7 +690,7 @@ Default: "application/vnd.kubernetes.protobuf"

    kubeAPIQPS is the QPS to use while talking with kubernetes apiserver. -Default: 5

    +Default: 50

    kubeAPIBurst
    @@ -701,7 +699,7 @@ Default: 5

    kubeAPIBurst is the burst to allow while talking with kubernetes API server. This field cannot be a negative number. -Default: 10

    +Default: 100

    serializeImagePulls
    @@ -715,6 +713,16 @@ Issue #10959 has more details. Default: true

    +maxParallelImagePulls
    +int32 + + +

    MaxParallelImagePulls sets the maximum number of image pulls in parallel. +This field cannot be set if SerializeImagePulls is true. +Setting it to nil means no limit. +Default: nil

    + + evictionHard
    map[string]string @@ -953,7 +961,7 @@ Default: ""

    systemReservedCgroup helps the kubelet identify absolute name of top level CGroup used to enforce systemReserved compute resource reservation for OS system daemons. -Refer to Node Allocatable +Refer to Node Allocatable doc for more information. Default: ""

    @@ -964,7 +972,7 @@ Default: ""

    kubeReservedCgroup helps the kubelet identify absolute name of top level CGroup used to enforce KubeReserved compute resource reservation for Kubernetes node system daemons. -Refer to Node Allocatable +Refer to Node Allocatable doc for more information. Default: ""

    @@ -980,7 +988,7 @@ If none is specified, no other options may be specified. When system-reserved is in the list, systemReservedCgroup must be specified. When kube-reserved is in the list, kubeReservedCgroup must be specified. This field is supported only when cgroupsPerQOS is set to true. -Refer to Node Allocatable +Refer to Node Allocatable for more information. Default: ["pods"]

    @@ -1042,6 +1050,15 @@ Format: text

    Default: true

    +enableSystemLogQuery
    +bool + + +

    enableSystemLogQuery enables the node log query feature on the /logs endpoint. +EnableSystemLogHandler has to be enabled in addition for this feature to work. +Default: false

    + + shutdownGracePeriod
    meta/v1.Duration @@ -1143,7 +1160,6 @@ Default: true

    SeccompDefault enables the use of RuntimeDefault as the default seccomp profile for all workloads. -This requires the corresponding SeccompDefault feature gate to be enabled as well. Default: false

    @@ -1156,11 +1172,11 @@ when setting the cgroupv2 memory.high value to enforce MemoryQoS. Decreasing this factor will set lower high limit for container cgroups and put heavier reclaim pressure while increasing will put less reclaim pressure. See https://kep.k8s.io/2570 for more details. -Default: 0.8

    +Default: 0.9

    registerWithTaints
    -[]core/v1.Taint +[]core/v1.Taint

    registerWithTaints are an array of taints to add to a node object when @@ -1182,7 +1198,8 @@ Default: true

    Tracing specifies the versioned configuration for OpenTelemetry tracing clients. -See https://kep.k8s.io/2832 for more details.

    +See https://kep.k8s.io/2832 for more details. +Default: nil

    localStorageCapacityIsolation
    @@ -1199,6 +1216,25 @@ disabled. Once disabled, user should not set request/limit for container's ephem Default: true

    +containerRuntimeEndpoint [Required]
    +string + + +

    ContainerRuntimeEndpoint is the endpoint of container runtime. +Unix Domain Sockets are supported on Linux, while npipe and tcp endpoints are supported on Windows. +Examples:'unix:///path/to/runtime.sock', 'npipe:////./pipe/runtime'

    + + +imageServiceEndpoint
    +string + + +

    ImageServiceEndpoint is the endpoint of container image service. +Unix Domain Socket are supported on Linux, while npipe and tcp endpoints are supported on Windows. +Examples:'unix:///path/to/runtime.sock', 'npipe:////./pipe/runtime'. +If not specified, the value in containerRuntimeEndpoint is used.

    + + @@ -1220,7 +1256,7 @@ It exists in the kubeletconfig API group because it is classified as a versioned source
    -core/v1.NodeConfigSource +core/v1.NodeConfigSource

    source is the source that we are serializing.

    @@ -1581,7 +1617,7 @@ and groups corresponding to the Organization in the client certificate.

    No description provided. limits [Required]
    -core/v1.ResourceList +core/v1.ResourceList No description provided.