kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #42577 from tengqm/configapi-1.28 

Revise config API docs for v1.28
pull/42615/head
Kubernetes Prow Robot 2023-08-17 10:37:23 -07:00 committed by GitHub
parent 5757935b4b 79a86279a7
commit bcc29e3357
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 2240 additions and 1935 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/docs/reference/_index.md
View File

@ -87,7 +87,6 @@ operator to use or manage a cluster.
* [kubelet credential providers (v1alpha1)](/docs/reference/config-api/kubelet-credentialprovider.v1alpha1/), * [kubelet credential providers (v1alpha1)](/docs/reference/config-api/kubelet-credentialprovider.v1alpha1/),
[kubelet credential providers (v1beta1)](/docs/reference/config-api/kubelet-credentialprovider.v1beta1/) and [kubelet credential providers (v1beta1)](/docs/reference/config-api/kubelet-credentialprovider.v1beta1/) and
[kubelet credential providers (v1)](/docs/reference/config-api/kubelet-credentialprovider.v1/) [kubelet credential providers (v1)](/docs/reference/config-api/kubelet-credentialprovider.v1/)
* [kube-scheduler configuration (v1beta2)](/docs/reference/config-api/kube-scheduler-config.v1beta2/),
[kube-scheduler configuration (v1beta3)](/docs/reference/config-api/kube-scheduler-config.v1beta3/) and [kube-scheduler configuration (v1beta3)](/docs/reference/config-api/kube-scheduler-config.v1beta3/) and
[kube-scheduler configuration (v1)](/docs/reference/config-api/kube-scheduler-config.v1/) [kube-scheduler configuration (v1)](/docs/reference/config-api/kube-scheduler-config.v1/)
* [kube-controller-manager configuration (v1alpha1)](/docs/reference/config-api/kube-controller-manager-config.v1alpha1/) * [kube-controller-manager configuration (v1alpha1)](/docs/reference/config-api/kube-controller-manager-config.v1alpha1/)
@ -101,6 +100,7 @@ operator to use or manage a cluster.
## Config API for kubeadm ## Config API for kubeadm
* [v1beta3](/docs/reference/config-api/kubeadm-config.v1beta3/) * [v1beta3](/docs/reference/config-api/kubeadm-config.v1beta3/)
* [v1beta4](/docs/reference/config-api/kubeadm-config.v1beta4/)
## Design Docs ## Design Docs

4
content/en/docs/reference/config-api/apiserver-admission.v1.md
View File

@ -153,7 +153,7 @@ requested. e.g. a patch can result in either a CREATE or UPDATE Operation.</p>
</td> </td>
</tr> </tr>
<tr><td><code>userInfo</code> <B>[Required]</B><br/> <tr><td><code>userInfo</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td> </td>
<td> <td>
<p>UserInfo is information about the requesting user</p> <p>UserInfo is information about the requesting user</p>
@ -227,7 +227,7 @@ This must be copied over from the corresponding AdmissionRequest.</p>
</td> </td>
</tr> </tr>
<tr><td><code>status</code><br/> <tr><td><code>status</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#status-v1-meta"><code>meta/v1.Status</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#status-v1-meta"><code>meta/v1.Status</code></a>
</td> </td>
<td> <td>
<p>Result contains extra details into why an admission request was denied. <p>Result contains extra details into why an admission request was denied.

40
content/en/docs/reference/config-api/apiserver-audit.v1.md
View File

@ -72,14 +72,14 @@ For non-resource requests, this is the lower-cased HTTP method.</p>
</td> </td>
</tr> </tr>
<tr><td><code>user</code> <B>[Required]</B><br/> <tr><td><code>user</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#userinfo-v1-authentication"><code>authentication/v1.UserInfo</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td> </td>
<td> <td>
<p>Authenticated user information.</p> <p>Authenticated user information.</p>
</td> </td>
</tr> </tr>
<tr><td><code>impersonatedUser</code><br/> <tr><td><code>impersonatedUser</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#userinfo-v1-authentication"><code>authentication/v1.UserInfo</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td> </td>
<td> <td>
<p>Impersonated user information.</p> <p>Impersonated user information.</p>
@ -117,7 +117,7 @@ Does not apply for List-type requests, or non-resource requests.</p>
</td> </td>
</tr> </tr>
<tr><td><code>responseStatus</code><br/> <tr><td><code>responseStatus</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#status-v1-meta"><code>meta/v1.Status</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#status-v1-meta"><code>meta/v1.Status</code></a>
</td> </td>
<td> <td>
<p>The response status, populated even when the ResponseObject is not a Status type. <p>The response status, populated even when the ResponseObject is not a Status type.
@ -145,14 +145,14 @@ at Response Level.</p>
</td> </td>
</tr> </tr>
<tr><td><code>requestReceivedTimestamp</code><br/> <tr><td><code>requestReceivedTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
</td> </td>
<td> <td>
<p>Time the request reached the apiserver.</p> <p>Time the request reached the apiserver.</p>
</td> </td>
</tr> </tr>
<tr><td><code>stageTimestamp</code><br/> <tr><td><code>stageTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
</td> </td>
<td> <td>
<p>Time the request reached current audit stage.</p> <p>Time the request reached current audit stage.</p>
@ -189,7 +189,7 @@ should be short. Annotations are included in the Metadata level.</p>
<tr><td><code>metadata</code><br/> <tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
</td> </td>
<td> <td>
<span class="text-muted">No description provided.</span></td> <span class="text-muted">No description provided.</span></td>
@ -224,7 +224,7 @@ categories are logged.</p>
<tr><td><code>metadata</code><br/> <tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
</td> </td>
<td> <td>
<p>ObjectMeta is included for interoperability with API infrastructure.</p> <p>ObjectMeta is included for interoperability with API infrastructure.</p>
@ -279,7 +279,7 @@ in a rule will override the global default.</p>
<tr><td><code>metadata</code><br/> <tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
</td> </td>
<td> <td>
<span class="text-muted">No description provided.</span></td> <span class="text-muted">No description provided.</span></td>
@ -322,14 +322,12 @@ The empty string represents the core API group.</p>
</td> </td>
<td> <td>
<p>Resources is a list of resources this rule applies to.</p> <p>Resources is a list of resources this rule applies to.</p>
<p>For example:</p> <p>For example:
<ul> 'pods' matches pods.
<li><code>pods</code> matches pods.</li> 'pods/log' matches the log subresource of pods.
<li><code>pods/log</code> matches the log subresource of pods.</li> '<em>' matches all resources and their subresources.
<li><code>&ast;<code> matches all resources and their subresources.</li> 'pods/</em>' matches all subresources of pods.
<li><code>pods/&ast;</code> matches all subresources of pods.</li> '*/scale' matches all scale subresources.</p>
<li><code>&ast;/scale</code> matches all scale subresources.</li>
</ul>
<p>If wildcard is present, the validation rule will ensure resources do not <p>If wildcard is present, the validation rule will ensure resources do not
overlap with each other.</p> overlap with each other.</p>
<p>An empty list implies all resources and subresources in this API groups apply.</p> <p>An empty list implies all resources and subresources in this API groups apply.</p>
@ -503,12 +501,10 @@ An empty list implies every namespace.</p>
</td> </td>
<td> <td>
<p>NonResourceURLs is a set of URL paths that should be audited. <p>NonResourceURLs is a set of URL paths that should be audited.
<code>&ast;<code>s are allowed, but only as the full, final step in the path. <em>s are allowed, but only as the full, final step in the path.
Examples:</p> Examples:
<ul> &quot;/metrics&quot; - Log requests for apiserver metrics
<li>&quot;/metrics&quot; - Log requests for apiserver metrics</li> &quot;/healthz</em>&quot; - Log all health checks</p>
<li>&quot;/healthz&ast;&quot; - Log all health checks</li>
</ul>
</td> </td>
</tr> </tr>
<tr><td><code>omitStages</code><br/> <tr><td><code>omitStages</code><br/>

12
content/en/docs/reference/config-api/apiserver-encryption.v1.md
View File

@ -20,8 +20,8 @@ auto_generated: true
<p>EncryptionConfiguration stores the complete configuration for encryption providers. <p>EncryptionConfiguration stores the complete configuration for encryption providers.
It also allows the use of wildcards to specify the resources that should be encrypted. It also allows the use of wildcards to specify the resources that should be encrypted.
Use <code>&ast;.&lt;group&gt;</code> to encrypt all resources within a group or <code>&ast;.&ast;</code> to encrypt all resources. Use '<em>.<!-- raw HTML omitted -->' to encrypt all resources within a group or '</em>.<em>' to encrypt all resources.
<code>&ast;.</code> can be used to encrypt all resource in the core group. <code>&ast;.&ast;</code> will encrypt all '</em>.' can be used to encrypt all resource in the core group. '<em>.</em>' will encrypt all
resources, even custom resources that are added after API server start. resources, even custom resources that are added after API server start.
Use of wildcards that overlap within the same resource list or across multiple Use of wildcards that overlap within the same resource list or across multiple
entries are not allowed since part of the configuration would be ineffective. entries are not allowed since part of the configuration would be ineffective.
@ -282,10 +282,10 @@ Set to a negative value to disable caching. This field is only allowed for KMS v
</td> </td>
<td> <td>
<p>resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from <code>resource</code> or <code>resource.group</code> of the group/version/resource. <p>resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from <code>resource</code> or <code>resource.group</code> of the group/version/resource.
eg: <code>pandas.awesome.bears.example</code> is a custom resource with 'group': <code>awesome.bears.example</code>, 'resource': <code>pandas</code>. eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas.
Use <code>&ast;.&ast;</code> to encrypt all resources and <code>&ast;.&lt;group&gt;</code>' to encrypt all resources in a specific group. Use '<em>.</em>' to encrypt all resources and '<em>.<!-- raw HTML omitted -->' to encrypt all resources in a specific group.
eg: <code>&ast;.awesome.bears.example</code> will encrypt all resources in the group <code>awesome.bears.example</code>. eg: '</em>.awesome.bears.example' will encrypt all resources in the group 'awesome.bears.example'.
eg: <code>&ast;.</code> will encrypt all resources in the core group (such as pods, configmaps, etc).</p> eg: '*.' will encrypt all resources in the core group (such as pods, configmaps, etc).</p>
</td> </td>
</tr> </tr>
<tr><td><code>providers</code> <B>[Required]</B><br/> <tr><td><code>providers</code> <B>[Required]</B><br/>

2
content/en/docs/reference/config-api/client-authentication.v1.md
View File

@ -206,7 +206,7 @@ itself should at least be protected via file permissions.</p>
<tr><td><code>expirationTimestamp</code><br/> <tr><td><code>expirationTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta"><code>meta/v1.Time</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta"><code>meta/v1.Time</code></a>
</td> </td>
<td> <td>
<p>ExpirationTimestamp indicates a time when the provided credentials expire.</p> <p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>

2
content/en/docs/reference/config-api/client-authentication.v1beta1.md
View File

@ -206,7 +206,7 @@ itself should at least be protected via file permissions.</p>
<tr><td><code>expirationTimestamp</code><br/> <tr><td><code>expirationTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta"><code>meta/v1.Time</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta"><code>meta/v1.Time</code></a>
</td> </td>
<td> <td>
<p>ExpirationTimestamp indicates a time when the provided credentials expire.</p> <p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>

2
content/en/docs/reference/config-api/imagepolicy.v1alpha1.md
View File

@ -29,7 +29,7 @@ auto_generated: true
<tr><td><code>metadata</code><br/> <tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
</td> </td>
<td> <td>
<p>Standard object's metadata. <p>Standard object's metadata.

441
content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md
View File

@ -1,7 +1,7 @@
--- ---
title: kube-controller-manager Configuration (v1alpha1) title: kube-controller-manager Configuration (v1alpha1)
content_type: tool-reference content_type: tool-reference
package: controllermanager.config.k8s.io/v1alpha1 package: kubecontrollermanager.config.k8s.io/v1alpha1
auto_generated: true auto_generated: true
--- ---
@ -9,192 +9,11 @@ auto_generated: true
## Resource Types ## Resource Types
- [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration)
- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration)
- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) - [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration)
## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration}
**Appears in:**
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>apiVersion</code><br/>string</td><td><code>controllermanager.config.k8s.io/v1alpha1</code></td></tr>
<tr><td><code>kind</code><br/>string</td><td><code>LeaderMigrationConfiguration</code></td></tr>
<tr><td><code>leaderName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>LeaderName is the name of the leader election resource that protects the migration
E.g. 1-20-KCM-to-1-21-CCM</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>ResourceLock indicates the resource object type that will be used to lock
Should be &quot;leases&quot; or &quot;endpoints&quot;</p>
</td>
</tr>
<tr><td><code>controllerLeaders</code> <B>[Required]</B><br/>
<a href="#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration"><code>[]ControllerLeaderConfiguration</code></a>
</td>
<td>
<p>ControllerLeaders contains a list of migrating leader lock configurations</p>
</td>
</tr>
</tbody>
</table>
## `ControllerLeaderConfiguration` {#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration}
**Appears in:**
- [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration) - [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration)
<p>ControllerLeaderConfiguration provides the configuration for a migrating leader lock.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>name</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Name is the name of the controller being migrated
E.g. service-controller, route-controller, cloud-node-controller, etc</p>
</td>
</tr>
<tr><td><code>component</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Component is the name of the component in which the controller should be running.
E.g. kube-controller-manager, cloud-controller-manager, etc
Or '*' meaning the controller can be run under any component that participates in the migration</p>
</td>
</tr>
</tbody>
</table>
## `GenericControllerManagerConfiguration` {#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration}
**Appears in:**
- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration)
- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration)
<p>GenericControllerManagerConfiguration holds configuration for a generic controller-manager.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>Port</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>port is the port that the controller-manager's http service runs on.</p>
</td>
</tr>
<tr><td><code>Address</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>address is the IP address to serve on (set to 0.0.0.0 for all interfaces).</p>
</td>
</tr>
<tr><td><code>MinResyncPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>minResyncPeriod is the resync period in reflectors; will be random between
minResyncPeriod and 2*minResyncPeriod.</p>
</td>
</tr>
<tr><td><code>ClientConnection</code> <B>[Required]</B><br/>
<a href="#ClientConnectionConfiguration"><code>ClientConnectionConfiguration</code></a>
</td>
<td>
<p>ClientConnection specifies the kubeconfig file and client connection
settings for the proxy server to use when communicating with the apiserver.</p>
</td>
</tr>
<tr><td><code>ControllerStartInterval</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>How long to wait between starting controller managers</p>
</td>
</tr>
<tr><td><code>LeaderElection</code> <B>[Required]</B><br/>
<a href="#LeaderElectionConfiguration"><code>LeaderElectionConfiguration</code></a>
</td>
<td>
<p>leaderElection defines the configuration of leader election client.</p>
</td>
</tr>
<tr><td><code>Controllers</code> <B>[Required]</B><br/>
<code>[]string</code>
</td>
<td>
<p>Controllers is the list of controllers to enable or disable
'*' means &quot;all enabled by default controllers&quot;
'foo' means &quot;enable 'foo'&quot;
'-foo' means &quot;disable 'foo'&quot;
first item for a particular name wins</p>
</td>
</tr>
<tr><td><code>Debugging</code> <B>[Required]</B><br/>
<a href="#DebuggingConfiguration"><code>DebuggingConfiguration</code></a>
</td>
<td>
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
</td>
</tr>
<tr><td><code>LeaderMigrationEnabled</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>LeaderMigrationEnabled indicates whether Leader Migration should be enabled for the controller manager.</p>
</td>
</tr>
<tr><td><code>LeaderMigration</code> <B>[Required]</B><br/>
<a href="#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration"><code>LeaderMigrationConfiguration</code></a>
</td>
<td>
<p>LeaderMigration holds the configuration for Leader Migration.</p>
</td>
</tr>
</tbody>
</table>
## `KubeControllerManagerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration} ## `KubeControllerManagerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration}
@ -335,13 +154,18 @@ GarbageCollectorController related features.</p>
<p>CronJobControllerConfiguration holds configuration for CronJobController related features.</p> <p>CronJobControllerConfiguration holds configuration for CronJobController related features.</p>
</td> </td>
</tr> </tr>
<tr><td><code>LegacySATokenCleaner</code> <B>[Required]</B><br/>
<a href="#kubecontrollermanager-config-k8s-io-v1alpha1-LegacySATokenCleanerConfiguration"><code>LegacySATokenCleanerConfiguration</code></a>
</td>
<td>
<p>LegacySATokenCleanerConfiguration holds configuration for LegacySATokenCleaner related features.</p>
</td>
</tr>
<tr><td><code>NamespaceController</code> <B>[Required]</B><br/> <tr><td><code>NamespaceController</code> <B>[Required]</B><br/>
<a href="#kubecontrollermanager-config-k8s-io-v1alpha1-NamespaceControllerConfiguration"><code>NamespaceControllerConfiguration</code></a> <a href="#kubecontrollermanager-config-k8s-io-v1alpha1-NamespaceControllerConfiguration"><code>NamespaceControllerConfiguration</code></a>
</td> </td>
<td> <td>
<p>NamespaceControllerConfiguration holds configuration for NamespaceController <p>NamespaceControllerConfiguration holds configuration for NamespaceController
related features.
NamespaceControllerConfiguration holds configuration for NamespaceController
related features.</p> related features.</p>
</td> </td>
</tr> </tr>
@ -424,6 +248,14 @@ related features.</p>
TTLAfterFinishedController related features.</p> TTLAfterFinishedController related features.</p>
</td> </td>
</tr> </tr>
<tr><td><code>ValidatingAdmissionPolicyStatusController</code> <B>[Required]</B><br/>
<a href="#kubecontrollermanager-config-k8s-io-v1alpha1-ValidatingAdmissionPolicyStatusControllerConfiguration"><code>ValidatingAdmissionPolicyStatusControllerConfiguration</code></a>
</td>
<td>
<p>ValidatingAdmissionPolicyStatusControllerConfiguration holds configuration for
ValidatingAdmissionPolicyStatusController related features.</p>
</td>
</tr>
</tbody> </tbody>
</table> </table>
@ -1014,6 +846,33 @@ but more CPU (and network) load.</p>
</tbody> </tbody>
</table> </table>
## `LegacySATokenCleanerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-LegacySATokenCleanerConfiguration}
**Appears in:**
- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration)
<p>LegacySATokenCleanerConfiguration contains elements describing LegacySATokenCleaner</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>CleanUpPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>CleanUpPeriod is the period of time since the last usage of an
auto-generated service account token before it can be deleted.</p>
</td>
</tr>
</tbody>
</table>
## `NamespaceControllerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-NamespaceControllerConfiguration} ## `NamespaceControllerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-NamespaceControllerConfiguration}
@ -1212,7 +1071,7 @@ and persistent volume claims.</p>
<code>[]string</code> <code>[]string</code>
</td> </td>
<td> <td>
<p>VolumeHostCIDRDenylist is a list of CIDRs that should not be reachable by the <p>DEPRECATED: VolumeHostCIDRDenylist is a list of CIDRs that should not be reachable by the
controller from plugins.</p> controller from plugins.</p>
</td> </td>
</tr> </tr>
@ -1220,7 +1079,7 @@ controller from plugins.</p>
<code>bool</code> <code>bool</code>
</td> </td>
<td> <td>
<p>VolumeHostAllowLocalLoopback indicates if local loopback hosts (127.0.0.1, etc) <p>DEPRECATED: VolumeHostAllowLocalLoopback indicates if local loopback hosts (127.0.0.1, etc)
should be allowed from plugins.</p> should be allowed from plugins.</p>
</td> </td>
</tr> </tr>
@ -1523,6 +1382,35 @@ allowed to sync concurrently.</p>
</tbody> </tbody>
</table> </table>
## `ValidatingAdmissionPolicyStatusControllerConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-ValidatingAdmissionPolicyStatusControllerConfiguration}
**Appears in:**
- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration)
<p>ValidatingAdmissionPolicyStatusControllerConfiguration contains elements describing ValidatingAdmissionPolicyStatusController.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>ConcurrentPolicySyncs</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>ConcurrentPolicySyncs is the number of policy objects that are
allowed to sync concurrently. Larger number = quicker type checking,
but more CPU (and network) load.
The default value is 5.</p>
</td>
</tr>
</tbody>
</table>
## `VolumeConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-VolumeConfiguration} ## `VolumeConfiguration` {#kubecontrollermanager-config-k8s-io-v1alpha1-VolumeConfiguration}
@ -1880,3 +1768,184 @@ first item for a particular name wins</p>
</tbody> </tbody>
</table> </table>
## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration}
**Appears in:**
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>apiVersion</code><br/>string</td><td><code>controllermanager.config.k8s.io/v1alpha1</code></td></tr>
<tr><td><code>kind</code><br/>string</td><td><code>LeaderMigrationConfiguration</code></td></tr>
<tr><td><code>leaderName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>LeaderName is the name of the leader election resource that protects the migration
E.g. 1-20-KCM-to-1-21-CCM</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>ResourceLock indicates the resource object type that will be used to lock
Should be &quot;leases&quot; or &quot;endpoints&quot;</p>
</td>
</tr>
<tr><td><code>controllerLeaders</code> <B>[Required]</B><br/>
<a href="#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration"><code>[]ControllerLeaderConfiguration</code></a>
</td>
<td>
<p>ControllerLeaders contains a list of migrating leader lock configurations</p>
</td>
</tr>
</tbody>
</table>
## `ControllerLeaderConfiguration` {#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration}
**Appears in:**
- [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration)
<p>ControllerLeaderConfiguration provides the configuration for a migrating leader lock.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>name</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Name is the name of the controller being migrated
E.g. service-controller, route-controller, cloud-node-controller, etc</p>
</td>
</tr>
<tr><td><code>component</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Component is the name of the component in which the controller should be running.
E.g. kube-controller-manager, cloud-controller-manager, etc
Or '*' meaning the controller can be run under any component that participates in the migration</p>
</td>
</tr>
</tbody>
</table>
## `GenericControllerManagerConfiguration` {#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration}
**Appears in:**
- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration)
- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration)
<p>GenericControllerManagerConfiguration holds configuration for a generic controller-manager.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>Port</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>port is the port that the controller-manager's http service runs on.</p>
</td>
</tr>
<tr><td><code>Address</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>address is the IP address to serve on (set to 0.0.0.0 for all interfaces).</p>
</td>
</tr>
<tr><td><code>MinResyncPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>minResyncPeriod is the resync period in reflectors; will be random between
minResyncPeriod and 2*minResyncPeriod.</p>
</td>
</tr>
<tr><td><code>ClientConnection</code> <B>[Required]</B><br/>
<a href="#ClientConnectionConfiguration"><code>ClientConnectionConfiguration</code></a>
</td>
<td>
<p>ClientConnection specifies the kubeconfig file and client connection
settings for the proxy server to use when communicating with the apiserver.</p>
</td>
</tr>
<tr><td><code>ControllerStartInterval</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>How long to wait between starting controller managers</p>
</td>
</tr>
<tr><td><code>LeaderElection</code> <B>[Required]</B><br/>
<a href="#LeaderElectionConfiguration"><code>LeaderElectionConfiguration</code></a>
</td>
<td>
<p>leaderElection defines the configuration of leader election client.</p>
</td>
</tr>
<tr><td><code>Controllers</code> <B>[Required]</B><br/>
<code>[]string</code>
</td>
<td>
<p>Controllers is the list of controllers to enable or disable
'*' means &quot;all enabled by default controllers&quot;
'foo' means &quot;enable 'foo'&quot;
'-foo' means &quot;disable 'foo'&quot;
first item for a particular name wins</p>
</td>
</tr>
<tr><td><code>Debugging</code> <B>[Required]</B><br/>
<a href="#DebuggingConfiguration"><code>DebuggingConfiguration</code></a>
</td>
<td>
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
</td>
</tr>
<tr><td><code>LeaderMigrationEnabled</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>LeaderMigrationEnabled indicates whether Leader Migration should be enabled for the controller manager.</p>
</td>
</tr>
<tr><td><code>LeaderMigration</code> <B>[Required]</B><br/>
<a href="#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration"><code>LeaderMigrationConfiguration</code></a>
</td>
<td>
<p>LeaderMigration holds the configuration for Leader Migration.</p>
</td>
</tr>
</tbody>
</table>

395
content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md
View File

@ -13,6 +13,196 @@ auto_generated: true
## `ClientConnectionConfiguration` {#ClientConnectionConfiguration}
**Appears in:**
- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>ClientConnectionConfiguration contains details for constructing a client.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>kubeconfig</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>kubeconfig is the path to a KubeConfig file.</p>
</td>
</tr>
<tr><td><code>acceptContentTypes</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
default value of 'application/json'. This field will control all connections to the server used by a particular
client.</p>
</td>
</tr>
<tr><td><code>contentType</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>contentType is the content type used when sending data to the server from this client.</p>
</td>
</tr>
<tr><td><code>qps</code> <B>[Required]</B><br/>
<code>float32</code>
</td>
<td>
<p>qps controls the number of queries per second allowed for this connection.</p>
</td>
</tr>
<tr><td><code>burst</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>burst allows extra queries to accumulate when a client is exceeding its rate.</p>
</td>
</tr>
</tbody>
</table>
## `DebuggingConfiguration` {#DebuggingConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enableProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableProfiling enables profiling via web interface host:port/debug/pprof/</p>
</td>
</tr>
<tr><td><code>enableContentionProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableContentionProfiling enables block profiling, if
enableProfiling is true.</p>
</td>
</tr>
</tbody>
</table>
## `LeaderElectionConfiguration` {#LeaderElectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>LeaderElectionConfiguration defines the configuration of leader election
clients for components that can run with leader election enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>leaderElect</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>leaderElect enables a leader election client to gain leadership
before executing the main loop. Enable this when running replicated
components for high availability.</p>
</td>
</tr>
<tr><td><code>leaseDuration</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>leaseDuration is the duration that non-leader candidates will wait
after observing a leadership renewal until attempting to acquire
leadership of a led but unrenewed leader slot. This is effectively the
maximum duration that a leader can be stopped before it is replaced
by another candidate. This is only applicable if leader election is
enabled.</p>
</td>
</tr>
<tr><td><code>renewDeadline</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>renewDeadline is the interval between attempts by the acting master to
renew a leadership slot before it stops leading. This must be less
than or equal to the lease duration. This is only applicable if leader
election is enabled.</p>
</td>
</tr>
<tr><td><code>retryPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>retryPeriod is the duration the clients should wait between attempting
acquisition and renewal of a leadership. This is only applicable if
leader election is enabled.</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceLock indicates the resource object type that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the name of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceNamespace</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the namespace of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
</tbody>
</table>
## `KubeProxyConfiguration` {#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration} ## `KubeProxyConfiguration` {#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration}
@ -192,6 +382,15 @@ An empty string slice is meant to select all network interfaces.</p>
<p>DetectLocal contains optional configuration settings related to DetectLocalMode.</p> <p>DetectLocal contains optional configuration settings related to DetectLocalMode.</p>
</td> </td>
</tr> </tr>
<tr><td><code>logging</code> <B>[Required]</B><br/>
<a href="#LoggingConfiguration"><code>LoggingConfiguration</code></a>
</td>
<td>
<p>logging specifies the options of logging.
Refer to <a href="https://github.com/kubernetes/component-base/blob/master/logs/options.go">Logs Options</a>
for more information.</p>
</td>
</tr>
</tbody> </tbody>
</table> </table>
@ -521,199 +720,3 @@ will exit with an error.</p>
## `ClientConnectionConfiguration` {#ClientConnectionConfiguration}
**Appears in:**
- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>ClientConnectionConfiguration contains details for constructing a client.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>kubeconfig</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>kubeconfig is the path to a KubeConfig file.</p>
</td>
</tr>
<tr><td><code>acceptContentTypes</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
default value of 'application/json'. This field will control all connections to the server used by a particular
client.</p>
</td>
</tr>
<tr><td><code>contentType</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>contentType is the content type used when sending data to the server from this client.</p>
</td>
</tr>
<tr><td><code>qps</code> <B>[Required]</B><br/>
<code>float32</code>
</td>
<td>
<p>qps controls the number of queries per second allowed for this connection.</p>
</td>
</tr>
<tr><td><code>burst</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>burst allows extra queries to accumulate when a client is exceeding its rate.</p>
</td>
</tr>
</tbody>
</table>
## `DebuggingConfiguration` {#DebuggingConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enableProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableProfiling enables profiling via web interface host:port/debug/pprof/</p>
</td>
</tr>
<tr><td><code>enableContentionProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableContentionProfiling enables block profiling, if
enableProfiling is true.</p>
</td>
</tr>
</tbody>
</table>
## `LeaderElectionConfiguration` {#LeaderElectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
<p>LeaderElectionConfiguration defines the configuration of leader election
clients for components that can run with leader election enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>leaderElect</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>leaderElect enables a leader election client to gain leadership
before executing the main loop. Enable this when running replicated
components for high availability.</p>
</td>
</tr>
<tr><td><code>leaseDuration</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>leaseDuration is the duration that non-leader candidates will wait
after observing a leadership renewal until attempting to acquire
leadership of a led but unrenewed leader slot. This is effectively the
maximum duration that a leader can be stopped before it is replaced
by another candidate. This is only applicable if leader election is
enabled.</p>
</td>
</tr>
<tr><td><code>renewDeadline</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>renewDeadline is the interval between attempts by the acting master to
renew a leadership slot before it stops leading. This must be less
than or equal to the lease duration. This is only applicable if leader
election is enabled.</p>
</td>
</tr>
<tr><td><code>retryPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>retryPeriod is the duration the clients should wait between attempting
acquisition and renewal of a leadership. This is only applicable if
leader election is enabled.</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceLock indicates the resource object type that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the name of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceNamespace</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the namespace of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
</tbody>
</table>

384
content/en/docs/reference/config-api/kube-scheduler-config.v1.md
View File

@ -20,6 +20,188 @@ auto_generated: true
## `ClientConnectionConfiguration` {#ClientConnectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
<p>ClientConnectionConfiguration contains details for constructing a client.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>kubeconfig</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>kubeconfig is the path to a KubeConfig file.</p>
</td>
</tr>
<tr><td><code>acceptContentTypes</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
default value of 'application/json'. This field will control all connections to the server used by a particular
client.</p>
</td>
</tr>
<tr><td><code>contentType</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>contentType is the content type used when sending data to the server from this client.</p>
</td>
</tr>
<tr><td><code>qps</code> <B>[Required]</B><br/>
<code>float32</code>
</td>
<td>
<p>qps controls the number of queries per second allowed for this connection.</p>
</td>
</tr>
<tr><td><code>burst</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>burst allows extra queries to accumulate when a client is exceeding its rate.</p>
</td>
</tr>
</tbody>
</table>
## `DebuggingConfiguration` {#DebuggingConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enableProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableProfiling enables profiling via web interface host:port/debug/pprof/</p>
</td>
</tr>
<tr><td><code>enableContentionProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableContentionProfiling enables block profiling, if
enableProfiling is true.</p>
</td>
</tr>
</tbody>
</table>
## `LeaderElectionConfiguration` {#LeaderElectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
<p>LeaderElectionConfiguration defines the configuration of leader election
clients for components that can run with leader election enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>leaderElect</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>leaderElect enables a leader election client to gain leadership
before executing the main loop. Enable this when running replicated
components for high availability.</p>
</td>
</tr>
<tr><td><code>leaseDuration</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>leaseDuration is the duration that non-leader candidates will wait
after observing a leadership renewal until attempting to acquire
leadership of a led but unrenewed leader slot. This is effectively the
maximum duration that a leader can be stopped before it is replaced
by another candidate. This is only applicable if leader election is
enabled.</p>
</td>
</tr>
<tr><td><code>renewDeadline</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>renewDeadline is the interval between attempts by the acting master to
renew a leadership slot before it stops leading. This must be less
than or equal to the lease duration. This is only applicable if leader
election is enabled.</p>
</td>
</tr>
<tr><td><code>retryPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>retryPeriod is the duration the clients should wait between attempting
acquisition and renewal of a leadership. This is only applicable if
leader election is enabled.</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceLock indicates the resource object type that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the name of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceNamespace</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the namespace of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
</tbody>
</table>
## `DefaultPreemptionArgs` {#kubescheduler-config-k8s-io-v1-DefaultPreemptionArgs} ## `DefaultPreemptionArgs` {#kubescheduler-config-k8s-io-v1-DefaultPreemptionArgs}
@ -191,6 +373,16 @@ with the &quot;default-scheduler&quot; profile, if present here.</p>
with the extender. These extenders are shared by all scheduler profiles.</p> with the extender. These extenders are shared by all scheduler profiles.</p>
</td> </td>
</tr> </tr>
<tr><td><code>delayCacheUntilActive</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>DelayCacheUntilActive specifies when to start caching. If this is true and leader election is enabled,
the scheduler will wait to fill informer caches until it is the leader. Doing so will have slower
failover with the benefit of lower memory overhead while waiting to become leader.
Defaults to false.</p>
</td>
</tr>
</tbody> </tbody>
</table> </table>
@ -210,7 +402,7 @@ with the extender. These extenders are shared by all scheduler profiles.</p>
<tr><td><code>addedAffinity</code><br/> <tr><td><code>addedAffinity</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a>
</td> </td>
<td> <td>
<p>AddedAffinity is applied to all Pods additionally to the NodeAffinity <p>AddedAffinity is applied to all Pods additionally to the NodeAffinity
@ -309,7 +501,7 @@ The default strategy is LeastAllocated with an equal &quot;cpu&quot; and &quot;m
<tr><td><code>defaultConstraints</code><br/> <tr><td><code>defaultConstraints</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a>
</td> </td>
<td> <td>
<p>DefaultConstraints defines topology spread constraints to be applied to <p>DefaultConstraints defines topology spread constraints to be applied to
@ -1090,191 +1282,3 @@ Weight defaults to 1 if not specified or explicitly set to 0.</p>
</tbody> </tbody>
</table> </table>
## `ClientConnectionConfiguration` {#ClientConnectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
<p>ClientConnectionConfiguration contains details for constructing a client.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>kubeconfig</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>kubeconfig is the path to a KubeConfig file.</p>
</td>
</tr>
<tr><td><code>acceptContentTypes</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
default value of 'application/json'. This field will control all connections to the server used by a particular
client.</p>
</td>
</tr>
<tr><td><code>contentType</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>contentType is the content type used when sending data to the server from this client.</p>
</td>
</tr>
<tr><td><code>qps</code> <B>[Required]</B><br/>
<code>float32</code>
</td>
<td>
<p>qps controls the number of queries per second allowed for this connection.</p>
</td>
</tr>
<tr><td><code>burst</code> <B>[Required]</B><br/>
<code>int32</code>
</td>
<td>
<p>burst allows extra queries to accumulate when a client is exceeding its rate.</p>
</td>
</tr>
</tbody>
</table>
## `DebuggingConfiguration` {#DebuggingConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
<p>DebuggingConfiguration holds configuration for Debugging related features.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enableProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableProfiling enables profiling via web interface host:port/debug/pprof/</p>
</td>
</tr>
<tr><td><code>enableContentionProfiling</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>enableContentionProfiling enables block profiling, if
enableProfiling is true.</p>
</td>
</tr>
</tbody>
</table>
## `LeaderElectionConfiguration` {#LeaderElectionConfiguration}
**Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
<p>LeaderElectionConfiguration defines the configuration of leader election
clients for components that can run with leader election enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>leaderElect</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>leaderElect enables a leader election client to gain leadership
before executing the main loop. Enable this when running replicated
components for high availability.</p>
</td>
</tr>
<tr><td><code>leaseDuration</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>leaseDuration is the duration that non-leader candidates will wait
after observing a leadership renewal until attempting to acquire
leadership of a led but unrenewed leader slot. This is effectively the
maximum duration that a leader can be stopped before it is replaced
by another candidate. This is only applicable if leader election is
enabled.</p>
</td>
</tr>
<tr><td><code>renewDeadline</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>renewDeadline is the interval between attempts by the acting master to
renew a leadership slot before it stops leading. This must be less
than or equal to the lease duration. This is only applicable if leader
election is enabled.</p>
</td>
</tr>
<tr><td><code>retryPeriod</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>retryPeriod is the duration the clients should wait between attempting
acquisition and renewal of a leadership. This is only applicable if
leader election is enabled.</p>
</td>
</tr>
<tr><td><code>resourceLock</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceLock indicates the resource object type that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceName</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the name of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
<tr><td><code>resourceNamespace</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>resourceName indicates the namespace of resource object that will be used to lock
during leader election cycles.</p>
</td>
</tr>
</tbody>
</table>

1253
content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md
View File

File diff suppressed because it is too large Load Diff

10
content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md
View File

@ -210,7 +210,7 @@ with the extender. These extenders are shared by all scheduler profiles.</p>
<tr><td><code>addedAffinity</code><br/> <tr><td><code>addedAffinity</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a>
</td> </td>
<td> <td>
<p>AddedAffinity is applied to all Pods additionally to the NodeAffinity <p>AddedAffinity is applied to all Pods additionally to the NodeAffinity
@ -309,7 +309,7 @@ The default strategy is LeastAllocated with an equal &quot;cpu&quot; and &quot;m
<tr><td><code>defaultConstraints</code><br/> <tr><td><code>defaultConstraints</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a>
</td> </td>
<td> <td>
<p>DefaultConstraints defines topology spread constraints to be applied to <p>DefaultConstraints defines topology spread constraints to be applied to
@ -1083,8 +1083,6 @@ Weight defaults to 1 if not specified or explicitly set to 0.</p>
**Appears in:** **Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
@ -1141,8 +1139,6 @@ client.</p>
**Appears in:** **Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
@ -1177,8 +1173,6 @@ enableProfiling is true.</p>
**Appears in:** **Appears in:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)

15
content/en/docs/reference/config-api/kubeadm-config.v1beta3.md
View File

@ -62,7 +62,7 @@ customization).</p>
provided by kubeadm includes also enforcing consistency of values across components when required (e.g. provided by kubeadm includes also enforcing consistency of values across components when required (e.g.
<code>--cluster-cidr</code> flag on controller manager and <code>clusterCIDR</code> on kube-proxy).</p> <code>--cluster-cidr</code> flag on controller manager and <code>clusterCIDR</code> on kube-proxy).</p>
<p>Users are always allowed to override default values, with the only exception of a small subset of setting with <p>Users are always allowed to override default values, with the only exception of a small subset of setting with
relevance for security (e.g. enforce authorization-mode Node and RBAC on api server)</p> relevance for security (e.g. enforce authorization-mode Node and RBAC on api server).</p>
<p>If the user provides a configuration types that is not expected for the action you are performing, kubeadm will <p>If the user provides a configuration types that is not expected for the action you are performing, kubeadm will
ignore those types and print a warning.</p> ignore those types and print a warning.</p>
<h2>Kubeadm init configuration types</h2> <h2>Kubeadm init configuration types</h2>
@ -934,7 +934,7 @@ file from which to load cluster information.</p>
</td> </td>
</tr> </tr>
<tr><td><code>pathType</code><br/> <tr><td><code>pathType</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a>
</td> </td>
<td> <td>
<p><code>pathType</code> is the type of the <code>hostPath</code>.</p> <p><code>pathType</code> is the type of the <code>hostPath</code>.</p>
@ -1153,11 +1153,11 @@ Defaults to the hostname of the node if not provided.</p>
</td> </td>
<td> <td>
<p><code>criSocket</code> is used to retrieve container runtime info. <p><code>criSocket</code> is used to retrieve container runtime info.
This information will be annotated to the Node API object, for later re-use</p> This information will be annotated to the Node API object, for later re-use.</p>
</td> </td>
</tr> </tr>
<tr><td><code>taints</code> <B>[Required]</B><br/> <tr><td><code>taints</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#taint-v1-core"><code>[]core/v1.Taint</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#taint-v1-core"><code>[]core/v1.Taint</code></a>
</td> </td>
<td> <td>
<p><code>taints</code> specifies the taints the Node API object should be registered with. <p><code>taints</code> specifies the taints the Node API object should be registered with.
@ -1184,11 +1184,12 @@ command line except without leading dash(es).</p>
</td> </td>
<td> <td>
<p><code>ignorePreflightErrors</code> provides a list of pre-flight errors to be ignored when <p><code>ignorePreflightErrors</code> provides a list of pre-flight errors to be ignored when
the current node is registered.</p> the current node is registered, e.g. <code>IsPrevilegedUser,Swap</code>.
Value <code>all</code> ignores errors from all checks.</p>
</td> </td>
</tr> </tr>
<tr><td><code>imagePullPolicy</code><br/> <tr><td><code>imagePullPolicy</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
</td> </td>
<td> <td>
<p><code>imagePullPolicy</code> specifies the policy for image pulling during kubeadm &quot;init&quot; and <p><code>imagePullPolicy</code> specifies the policy for image pulling during kubeadm &quot;init&quot; and
@ -1281,7 +1282,7 @@ for, so other administrators can know its purpose.</p>
</td> </td>
</tr> </tr>
<tr><td><code>expires</code><br/> <tr><td><code>expires</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta"><code>meta/v1.Time</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta"><code>meta/v1.Time</code></a>
</td> </td>
<td> <td>
<p><code>expires</code> specifies the timestamp when this token expires. Defaults to being set <p><code>expires</code> specifies the timestamp when this token expires. Defaults to being set

1428
content/en/docs/reference/config-api/kubeadm-config.v1beta4.md Normal file
View File

File diff suppressed because it is too large Load Diff

10
content/en/docs/reference/config-api/kubelet-config.v1.md
View File

@ -81,9 +81,9 @@ to provide credentials. Images are expected to contain the registry domain
and URL path.</p> and URL path.</p>
<p>Each entry in matchImages is a pattern which can optionally contain a port and a path. <p>Each entry in matchImages is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like <code>&ast;.k8s.io</code> or <code>k8s.&ast;.io</code>, and top-level-domains such as <code>k8s.&ast;</code>. as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like <code>app&ast;.k8s.io<code> is also supported. Each glob can only match Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.k8s.io</code>.</p> a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>A match exists between an image and a matchImage when all of the below are true:</p> <p>A match exists between an image and a matchImage when all of the below are true:</p>
<ul> <ul>
<li>Both contain the same number of domain parts and each part matches.</li> <li>Both contain the same number of domain parts and each part matches.</li>
@ -93,9 +93,9 @@ a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.
<p>Example values of matchImages:</p> <p>Example values of matchImages:</p>
<ul> <ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li> <li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li> <li>*.azurecr.io</li>
<li>gcr.io</li> <li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li> <li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li> <li>registry.io:8080/path</li>
</ul> </ul>
</td> </td>

129
content/en/docs/reference/config-api/kubelet-config.v1beta1.md
View File

@ -175,6 +175,7 @@ Default: &quot;&quot;</p>
</td> </td>
<td> <td>
<p>tlsCipherSuites is the list of allowed cipher suites for the server. <p>tlsCipherSuites is the list of allowed cipher suites for the server.
Note that TLS 1.3 ciphersuites are not configurable.
Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
Default: nil</p> Default: nil</p>
</td> </td>
@ -214,15 +215,13 @@ Default: false</p>
<a href="#kubelet-config-k8s-io-v1beta1-KubeletAuthentication"><code>KubeletAuthentication</code></a> <a href="#kubelet-config-k8s-io-v1beta1-KubeletAuthentication"><code>KubeletAuthentication</code></a>
</td> </td>
<td> <td>
<p>authentication specifies how requests to the Kubelet's server are authenticated.</p> <p>authentication specifies how requests to the Kubelet's server are authenticated.
<p>Defaults:</p> Defaults:
<p><code><pre>
anonymous: anonymous:
enabled: false enabled: false
webhook: webhook:
enabled: true enabled: true
cacheTTL: &quot;2m&quot; cacheTTL: &quot;2m&quot;</p>
</pre></code></p>
</td> </td>
</tr> </tr>
<tr><td><code>authorization</code><br/> <tr><td><code>authorization</code><br/>
@ -485,7 +484,7 @@ Default: &quot;cgroupfs&quot;</p>
<td> <td>
<p>cpuManagerPolicy is the name of the policy to use. <p>cpuManagerPolicy is the name of the policy to use.
Requires the CPUManager feature gate to be enabled. Requires the CPUManager feature gate to be enabled.
Default: &quot;none&quot;</p> Default: &quot;None&quot;</p>
</td> </td>
</tr> </tr>
<tr><td><code>cpuManagerPolicyOptions</code><br/> <tr><td><code>cpuManagerPolicyOptions</code><br/>
@ -503,6 +502,7 @@ Default: nil</p>
</td> </td>
<td> <td>
<p>cpuManagerReconcilePeriod is the reconciliation period for the CPU Manager. <p>cpuManagerReconcilePeriod is the reconciliation period for the CPU Manager.
Requires the CPUManager feature gate to be enabled.
Default: &quot;10s&quot;</p> Default: &quot;10s&quot;</p>
</td> </td>
</tr> </tr>
@ -825,10 +825,9 @@ Default: false</p>
<code>bool</code> <code>bool</code>
</td> </td>
<td> <td>
<p>makeIPTablesUtilChains, if true, causes the Kubelet ensures a set of iptables rules <p>makeIPTablesUtilChains, if true, causes the Kubelet to create the
are present on host. KUBE-IPTABLES-HINT chain in iptables as a hint to other components about the
These rules will serve as utility rules for various components, e.g. kube-proxy. configuration of iptables on the system.
The rules will be created based on iptablesMasqueradeBit and iptablesDropBit.
Default: true</p> Default: true</p>
</td> </td>
</tr> </tr>
@ -836,10 +835,9 @@ Default: true</p>
<code>int32</code> <code>int32</code>
</td> </td>
<td> <td>
<p>iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT. <p>iptablesMasqueradeBit formerly controlled the creation of the KUBE-MARK-MASQ
Values must be within the range [0, 31]. Must be different from other mark bits. chain.
Warning: Please match the value of the corresponding parameter in kube-proxy. Deprecated: no longer has any effect.
TODO: clean up IPTablesMasqueradeBit in kube-proxy.
Default: 14</p> Default: 14</p>
</td> </td>
</tr> </tr>
@ -847,8 +845,8 @@ Default: 14</p>
<code>int32</code> <code>int32</code>
</td> </td>
<td> <td>
<p>iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets. <p>iptablesDropBit formerly controlled the creation of the KUBE-MARK-DROP chain.
Values must be within the range [0, 31]. Must be different from other mark bits. Deprecated: no longer has any effect.
Default: 15</p> Default: 15</p>
</td> </td>
</tr> </tr>
@ -998,9 +996,9 @@ Default: [&quot;pods&quot;]</p>
<code>[]string</code> <code>[]string</code>
</td> </td>
<td> <td>
<p>A comma separated whitelist of unsafe sysctls or sysctl patterns (ending in <code>&#42;</code>). <p>A comma separated whitelist of unsafe sysctls or sysctl patterns (ending in <code>*</code>).
Unsafe sysctl groups are <code>kernel.shm&#42;</code>, <code>kernel.msg&#42;</code>, <code>kernel.sem</code>, <code>fs.mqueue.&#42;</code>, Unsafe sysctl groups are <code>kernel.shm*</code>, <code>kernel.msg*</code>, <code>kernel.sem</code>, <code>fs.mqueue.*</code>,
and <code>net.&#42;</code>. For example: &quot;<code>kernel.msg&#42;,net.ipv4.route.min_pmtu</code>&quot; and <code>net.*</code>. For example: &quot;<code>kernel.msg*,net.ipv4.route.min_pmtu</code>&quot;
Default: []</p> Default: []</p>
</td> </td>
</tr> </tr>
@ -1177,7 +1175,7 @@ Default: 0.9</p>
</td> </td>
</tr> </tr>
<tr><td><code>registerWithTaints</code><br/> <tr><td><code>registerWithTaints</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#taint-v1-core"><code>[]core/v1.Taint</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#taint-v1-core"><code>[]core/v1.Taint</code></a>
</td> </td>
<td> <td>
<p>registerWithTaints are an array of taints to add to a node object when <p>registerWithTaints are an array of taints to add to a node object when
@ -1257,7 +1255,7 @@ It exists in the kubeletconfig API group because it is classified as a versioned
<tr><td><code>source</code><br/> <tr><td><code>source</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#nodeconfigsource-v1-core"><code>core/v1.NodeConfigSource</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#nodeconfigsource-v1-core"><code>core/v1.NodeConfigSource</code></a>
</td> </td>
<td> <td>
<p>source is the source that we are serializing.</p> <p>source is the source that we are serializing.</p>
@ -1303,9 +1301,9 @@ to provide credentials. Images are expected to contain the registry domain
and URL path.</p> and URL path.</p>
<p>Each entry in matchImages is a pattern which can optionally contain a port and a path. <p>Each entry in matchImages is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like <code>&ast;.k8s.io</code> or <code>k8s.&ast;.io</code>, and top-level-domains such as <code>k8s.&ast;</code>. as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like <code>app&ast;.k8s.io</code> is also supported. Each glob can only match Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.k8s.io</code>.</p> a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>A match exists between an image and a matchImage when all of the below are true:</p> <p>A match exists between an image and a matchImage when all of the below are true:</p>
<ul> <ul>
<li>Both contain the same number of domain parts and each part matches.</li> <li>Both contain the same number of domain parts and each part matches.</li>
@ -1315,9 +1313,9 @@ a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.
<p>Example values of matchImages:</p> <p>Example values of matchImages:</p>
<ul> <ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li> <li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li> <li>*.azurecr.io</li>
<li>gcr.io</li> <li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li> <li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li> <li>registry.io:8080/path</li>
</ul> </ul>
</td> </td>
@ -1618,7 +1616,7 @@ and groups corresponding to the Organization in the client certificate.</p>
<span class="text-muted">No description provided.</span></td> <span class="text-muted">No description provided.</span></td>
</tr> </tr>
<tr><td><code>limits</code> <B>[Required]</B><br/> <tr><td><code>limits</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcelist-v1-core"><code>core/v1.ResourceList</code></a> <a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#resourcelist-v1-core"><code>core/v1.ResourceList</code></a>
</td> </td>
<td> <td>
<span class="text-muted">No description provided.</span></td> <span class="text-muted">No description provided.</span></td>
@ -1803,12 +1801,13 @@ default value of format is <code>text</code></p>
</td> </td>
</tr> </tr>
<tr><td><code>flushFrequency</code> <B>[Required]</B><br/> <tr><td><code>flushFrequency</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/time#Duration"><code>time.Duration</code></a> <a href="#TimeOrMetaDuration"><code>TimeOrMetaDuration</code></a>
</td> </td>
<td> <td>
<p>Maximum number of nanoseconds (i.e. 1s = 1000000000) between log <p>Maximum time between log flushes.
flushes. Ignored if the selected logging backend writes log If a string, parsed as a duration (i.e. &quot;1s&quot;)
messages without buffering.</p> If an int, the maximum number of nanoseconds (i.e. 1s = 1000000000).
Ignored if the selected logging backend writes log messages without buffering.</p>
</td> </td>
</tr> </tr>
<tr><td><code>verbosity</code> <B>[Required]</B><br/> <tr><td><code>verbosity</code> <B>[Required]</B><br/>
@ -1842,6 +1841,70 @@ Only available when the LoggingAlphaOptions feature gate is enabled.</p>
</tbody> </tbody>
</table> </table>
## `LoggingOptions` {#LoggingOptions}
<p>LoggingOptions can be used with ValidateAndApplyWithOptions to override
certain global defaults.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>ErrorStream</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/io#Writer"><code>io.Writer</code></a>
</td>
<td>
<p>ErrorStream can be used to override the os.Stderr default.</p>
</td>
</tr>
<tr><td><code>InfoStream</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/io#Writer"><code>io.Writer</code></a>
</td>
<td>
<p>InfoStream can be used to override the os.Stdout default.</p>
</td>
</tr>
</tbody>
</table>
## `TimeOrMetaDuration` {#TimeOrMetaDuration}
**Appears in:**
- [LoggingConfiguration](#LoggingConfiguration)
<p>TimeOrMetaDuration is present only for backwards compatibility for the
flushFrequency field, and new fields should use metav1.Duration.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>Duration</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>Duration holds the duration</p>
</td>
</tr>
<tr><td><code>-</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>SerializeAsString controls whether the value is serialized as a string or an integer</p>
</td>
</tr>
</tbody>
</table>
## `TracingConfiguration` {#TracingConfiguration} ## `TracingConfiguration` {#TracingConfiguration}

10
content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md
View File

@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set
this field to null if no valid credentials can be returned for the requested image.</p> this field to null if no valid credentials can be returned for the requested image.</p>
<p>Each key in the map is a pattern which can optionally contain a port and a path. <p>Each key in the map is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like <code>&ast;.k8s.io</code> or <code>k8s.&ast;.io</code>, and top-level-domains such as <code>k8s.&ast;</code>. as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like <code>app&ast;.k8s.io</code> is also supported. Each glob can only match Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.k8s.io</code>.</p> a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>The kubelet will match images against the key when all of the below are true:</p> <p>The kubelet will match images against the key when all of the below are true:</p>
<ul> <ul>
<li>Both contain the same number of domain parts and each part matches.</li> <li>Both contain the same number of domain parts and each part matches.</li>
@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.</p>
<p>Example keys:</p> <p>Example keys:</p>
<ul> <ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li> <li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li> <li>*.azurecr.io</li>
<li>gcr.io</li> <li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li> <li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li> <li>registry.io:8080/path</li>
</ul> </ul>
</td> </td>

10
content/en/docs/reference/config-api/kubelet-credentialprovider.v1alpha1.md
View File

@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set
this field to null if no valid credentials can be returned for the requested image.</p> this field to null if no valid credentials can be returned for the requested image.</p>
<p>Each key in the map is a pattern which can optionally contain a port and a path. <p>Each key in the map is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like <code>&ast;.k8s.io</code> or <code>k8s.&ast;.io</code>, and top-level-domains such as <code>k8s.&ast;</code>. as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like <code>app&ast;.k8s.io</code> is also supported. Each glob can only match Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.k8s.io</code>.</p> a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>The kubelet will match images against the key when all of the below are true:</p> <p>The kubelet will match images against the key when all of the below are true:</p>
<ul> <ul>
<li>Both contain the same number of domain parts and each part matches.</li> <li>Both contain the same number of domain parts and each part matches.</li>
@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.</p>
<p>Example keys:</p> <p>Example keys:</p>
<ul> <ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li> <li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li> <li>*.azurecr.io</li>
<li>gcr.io</li> <li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li> <li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li> <li>registry.io:8080/path</li>
</ul> </ul>
</td> </td>

10
content/en/docs/reference/config-api/kubelet-credentialprovider.v1beta1.md
View File

@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set
this field to null if no valid credentials can be returned for the requested image.</p> this field to null if no valid credentials can be returned for the requested image.</p>
<p>Each key in the map is a pattern which can optionally contain a port and a path. <p>Each key in the map is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like <code>&ast;.k8s.io</code> or <code>k8s.&ast;.io</code>, and top-level-domains such as <code>k8s.&ast;</code>. as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like <code>app&ast;.k8s.io</code> is also supported. Each glob can only match Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so <code>&ast;.io</code> does not match <code>&ast;.k8s.io</code>.</p> a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>The kubelet will match images against the key when all of the below are true:</p> <p>The kubelet will match images against the key when all of the below are true:</p>
<ul> <ul>
<li>Both contain the same number of domain parts and each part matches.</li> <li>Both contain the same number of domain parts and each part matches.</li>
@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.</p>
<p>Example keys:</p> <p>Example keys:</p>
<ul> <ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li> <li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li> <li>*.azurecr.io</li>
<li>gcr.io</li> <li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li> <li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li> <li>registry.io:8080/path</li>
</ul> </ul>
</td> </td>