Documentation
¶
Index ¶
- Constants
- func DeepValidate(c *Cluster, groups []*InstanceGroup, strict bool) error
- func FindLatestKubernetesVersion() (string, error)
- func IsValidValue(fldPath *field.Path, v *string, validValues []string) field.ErrorList
- func ParseKubernetesVersion(version string) (*semver.Version, error)
- func ParseYaml(data []byte, dest interface{}) error
- func PerformAssignmentsInstanceGroups(groups []*InstanceGroup) error
- func ToYaml(dest interface{}) ([]byte, error)
- func ValidateDockerConfig(config *DockerConfig, fldPath *field.Path) field.ErrorList
- type Channel
- type ChannelImageSpec
- type ChannelSpec
- type ClassicNetworkingSpec
- type Cluster
- type ClusterList
- type ClusterSpec
- type ClusterZoneSpec
- type DockerConfig
- type EtcdClusterSpec
- type EtcdMemberSpec
- type ExternalNetworkingSpec
- type InstanceGroup
- type InstanceGroupList
- type InstanceGroupRole
- type InstanceGroupSpec
- type KubeAPIServerConfig
- type KubeControllerManagerConfig
- type KubeDNSConfig
- type KubeProxyConfig
- type KubeSchedulerConfig
- type KubeletConfig
- type KubeletConfigSpec
- type KubenetNetworkingSpec
- type LeaderElectionConfiguration
- type NetworkingSpec
Constants ¶
View Source
const AnnotationNameManagement = "kops.kubernetes.io/management"
AnnotationNameManagement is the annotation that indicates that a cluster is under external or non-standard management
View Source
const AnnotationValueManagementImported = "imported"
AnnotationValueManagementImported is the annotation value that indicates a cluster was imported, typically as part of an upgrade
View Source
const DefaultChannel = "stable"
View Source
const DefaultChannelBase = "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
View Source
const RoleLabelName = "kubernetes.io/role"
View Source
const RoleMasterLabelValue = "master"
View Source
const UpdatePolicyExternal = "external"
UpdatePolicyExternal is a value for ClusterSpec.UpdatePolicy indicating that upgrades are done externally, and we should disable automatic upgrades
Variables ¶
This section is empty.
Functions ¶
func DeepValidate ¶
func DeepValidate(c *Cluster, groups []*InstanceGroup, strict bool) error
func FindLatestKubernetesVersion ¶
FindLatestKubernetesVersion returns the latest kubernetes version, as stored at https://storage.googleapis.com/kubernetes-release/release/stable.txt
func IsValidValue ¶
func PerformAssignmentsInstanceGroups ¶
func PerformAssignmentsInstanceGroups(groups []*InstanceGroup) error
PerformAssignmentsInstanceGroups populates InstanceGroups with default values
func ValidateDockerConfig ¶
func ValidateDockerConfig(config *DockerConfig, fldPath *field.Path) field.ErrorList
Types ¶
type Channel ¶
type Channel struct {
unversioned.TypeMeta `json:",inline"`
k8sapi.ObjectMeta `json:"metadata,omitempty"`
Spec ChannelSpec `json:"spec,omitempty"`
}
func LoadChannel ¶
LoadChannel loads a Channel object from the specified VFS location
func (*Channel) FindImage ¶
func (c *Channel) FindImage(provider fi.CloudProviderID) *ChannelImageSpec
FindImage returns the image for the cloudprovider, or nil if none found
type ChannelImageSpec ¶
type ChannelSpec ¶
type ChannelSpec struct {
Images []*ChannelImageSpec `json:"images,omitempty"`
Cluster *ClusterSpec `json:"cluster,omitempty"`
}
type ClassicNetworkingSpec ¶
type ClassicNetworkingSpec struct {
}
ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes
type Cluster ¶
type Cluster struct {
unversioned.TypeMeta `json:",inline"`
k8sapi.ObjectMeta `json:"metadata,omitempty"`
Spec ClusterSpec `json:"spec,omitempty"`
}
func (*Cluster) FillDefaults ¶
FillDefaults populates default values. This is different from PerformAssignments, because these values are changeable, and thus we don't need to store them (i.e. we don't need to 'lock them')
func (*Cluster) PerformAssignments ¶
PerformAssignments populates values that are required and immutable For example, it assigns stable Keys to NodeSets & Masters, and it assigns CIDRs to subnets We also assign KubernetesVersion, because we want it to be explicit
type ClusterList ¶ added in v1.4.1
type ClusterList struct {
Items []Cluster `json:"items"`
}
type ClusterSpec ¶
type ClusterSpec struct {
// The Channel we are following
Channel string `json:"channel,omitempty"`
// ConfigBase is the path where we store configuration for the cluster
// This might be different that the location when the cluster spec itself is stored,
// both because this must be accessible to the cluster,
// and because it might be on a different cloud or storage system (etcd vs S3)
ConfigBase string `json:"configBase,omitempty"`
// The CloudProvider to use (aws or gce)
CloudProvider string `json:"cloudProvider,omitempty"`
// The version of kubernetes to install (optional, and can be a "spec" like stable)
KubernetesVersion string `json:"kubernetesVersion,omitempty"`
// Configuration of zones we are targeting
Zones []*ClusterZoneSpec `json:"zones,omitempty"`
// Project is the cloud project we should use, required on GCE
Project string `json:"project,omitempty"`
// MasterPublicName is the external DNS name for the master nodes
MasterPublicName string `json:"masterPublicName,omitempty"`
// MasterInternalName is the internal DNS name for the master nodes
MasterInternalName string `json:"masterInternalName,omitempty"`
// The CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s
// This is a real CIDR, not the internal k8s network
NetworkCIDR string `json:"networkCIDR,omitempty"`
// NetworkID is an identifier of a network, if we want to reuse/share an existing network (e.g. an AWS VPC)
NetworkID string `json:"networkID,omitempty"`
// SecretStore is the VFS path to where secrets are stored
SecretStore string `json:"secretStore,omitempty"`
// KeyStore is the VFS path to where SSL keys and certificates are stored
KeyStore string `json:"keyStore,omitempty"`
// ConfigStore is the VFS path to where the configuration (CloudConfig, NodeSetConfig etc) is stored
ConfigStore string `json:"configStore,omitempty"`
// DNSZone is the DNS zone we should use when configuring DNS
// This is because some clouds let us define a managed zone foo.bar, and then have
// kubernetes.dev.foo.bar, without needing to define dev.foo.bar as a hosted zone.
// DNSZone will probably be a suffix of the MasterPublicName and MasterInternalName
// Note that DNSZone can either by the host name of the zone (containing dots),
// or can be an identifier for the zone.
DNSZone string `json:"dnsZone,omitempty"`
// ClusterDNSDomain is the suffix we use for internal DNS names (normally cluster.local)
ClusterDNSDomain string `json:"clusterDNSDomain,omitempty"`
Multizone *bool `json:"multizone,omitempty"`
// ServiceClusterIPRange is the CIDR, from the internal network, where we allocate IPs for services
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty"`
// NonMasqueradeCIDR is the CIDR for the internal k8s network (on which pods & services live)
// It cannot overlap ServiceClusterIPRange
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty"`
// AdminAccess determines the permitted access to the admin endpoints (SSH & master HTTPS)
// Currently only a single CIDR is supported (though a richer grammar could be added in future)
AdminAccess []string `json:"adminAccess,omitempty"`
// IsolatesMasters determines whether we should lock down masters so that they are not on the pod network.
// true is the kube-up behaviour, but it is very surprising: it means that daemonsets only work on the master
// if they have hostNetwork=true.
// false is now the default, and it will:
// * give the master a normal PodCIDR
// * run kube-proxy on the master
// * enable debugging handlers on the master, so kubectl logs works
IsolateMasters *bool `json:"isolateMasters,omitempty"`
// UpdatePolicy determines the policy for applying upgrades automatically.
// Valid values:
// 'external' do not apply updates automatically - they are applied manually or by an external system
// missing: default policy (currently OS security upgrades that do not require a reboot)
UpdatePolicy *string `json:"updatePolicy,omitempty"`
// EtcdClusters stores the configuration for each cluster
EtcdClusters []*EtcdClusterSpec `json:"etcdClusters,omitempty"`
// Component configurations
Docker *DockerConfig `json:"docker,omitempty"`
KubeDNS *KubeDNSConfig `json:"kubeDNS,omitempty"`
KubeAPIServer *KubeAPIServerConfig `json:"kubeAPIServer,omitempty"`
KubeControllerManager *KubeControllerManagerConfig `json:"kubeControllerManager,omitempty"`
KubeScheduler *KubeSchedulerConfig `json:"kubeScheduler,omitempty"`
KubeProxy *KubeProxyConfig `json:"kubeProxy,omitempty"`
Kubelet *KubeletConfigSpec `json:"kubelet,omitempty"`
MasterKubelet *KubeletConfigSpec `json:"masterKubelet,omitempty"`
// Networking configuration
Networking *NetworkingSpec `json:"networking,omitempty"`
}
type ClusterZoneSpec ¶
type DockerConfig ¶
type DockerConfig struct {
Bridge *string `json:"bridge,omitempty" flag:"bridge"`
LogLevel *string `json:"logLevel,omitempty" flag:"log-level"`
IPTables *bool `json:"ipTables,omitempty" flag:"iptables"`
IPMasq *bool `json:"ipMasq,omitempty" flag:"ip-masq"`
// Storage maps to the docker storage flag
// But nodeup will also process a comma-separate list, selecting the first supported option
Storage *string `json:"storage,omitempty" flag:"storage-driver"`
InsecureRegistry *string `json:"insecureRegistry,omitempty" flag:"insecure-registry"`
MTU *int `json:"mtu,omitempty" flag:"mtu"`
}
type EtcdClusterSpec ¶
type EtcdClusterSpec struct {
// Name is the name of the etcd cluster (main, events etc)
Name string `json:"name,omitempty"`
// EtcdMember stores the configurations for each member of the cluster (including the data volume)
Members []*EtcdMemberSpec `json:"etcdMembers,omitempty"`
}
type EtcdMemberSpec ¶
type EtcdMemberSpec struct {
// Name is the name of the member within the etcd cluster
Name string `json:"name,omitempty"`
Zone *string `json:"zone,omitempty"`
VolumeType *string `json:"volumeType,omitempty"`
VolumeSize *int `json:"volumeSize,omitempty"`
KmsKeyId *string `json:"kmsKeyId,omitempty"`
EncryptedVolume *bool `json:"encryptedVolume,omitempty"`
}
type ExternalNetworkingSpec ¶
type ExternalNetworkingSpec struct {
}
ExternalNetworkingSpec is the specification for networking that is implemented by a Daemonset Networking is not managed by kops - we can create options here that directly configure e.g. weave but this is useful for arbitrary network modes or for modes that don't need additional configuration.
type InstanceGroup ¶
type InstanceGroup struct {
unversioned.TypeMeta `json:",inline"`
k8sapi.ObjectMeta `json:"metadata,omitempty"`
Spec InstanceGroupSpec `json:"spec,omitempty"`
}
InstanceGroup represents a group of instances (either nodes or masters) with the same configuration
func (*InstanceGroup) CrossValidate ¶
func (g *InstanceGroup) CrossValidate(cluster *Cluster, strict bool) error
CrossValidate performs validation of the instance group, including that it is consistent with the Cluster It calls Validate, so all that validation is included.
func (*InstanceGroup) IsMaster ¶
func (g *InstanceGroup) IsMaster() bool
func (*InstanceGroup) Validate ¶
func (g *InstanceGroup) Validate(strict bool) error
type InstanceGroupList ¶ added in v1.4.1
type InstanceGroupList struct {
Items []InstanceGroup `json:"items"`
}
type InstanceGroupRole ¶
type InstanceGroupRole string
InstanceGroupRole string describes the roles of the nodes in this InstanceGroup (master or nodes)
const ( InstanceGroupRoleMaster InstanceGroupRole = "Master" InstanceGroupRoleNode InstanceGroupRole = "Node" )
type InstanceGroupSpec ¶
type InstanceGroupSpec struct {
// Type determines the role of instances in this group: masters or nodes
Role InstanceGroupRole `json:"role,omitempty"`
Image string `json:"image,omitempty"`
MinSize *int `json:"minSize,omitempty"`
MaxSize *int `json:"maxSize,omitempty"`
//NodeInstancePrefix string `json:",omitempty"`
//NodeLabels string `json:",omitempty"`
MachineType string `json:"machineType,omitempty"`
// RootVolumeSize is the size of the EBS root volume to use, in GB
RootVolumeSize *int `json:"rootVolumeSize,omitempty"`
// RootVolumeType is the type of the EBS root volume to use (e.g. gp2)
RootVolumeType *string `json:"rootVolumeType,omitempty"`
Zones []string `json:"zones,omitempty"`
// MaxPrice indicates this is a spot-pricing group, with the specified value as our max-price bid
MaxPrice *string `json:"maxPrice,omitempty"`
// AssociatePublicIP is true if we want instances to have a public IP
AssociatePublicIP *bool `json:"associatePublicIp,omitempty"`
// CloudLabels indicates the labels for instances in this group, at the AWS level
CloudLabels map[string]string `json:"cloudLabels,omitempty"`
// NodeLabels indicates the kubernetes labels for nodes in this group
NodeLabels map[string]string `json:"nodeLabels,omitempty"`
}
type KubeAPIServerConfig ¶
type KubeAPIServerConfig struct {
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
PathSrvSshproxy string `json:"pathSrvSshproxy,omitempty"`
Image string `json:"image,omitempty"`
LogLevel int `json:"logLevel,omitempty" flag:"v"`
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
SecurePort int `json:"securePort,omitempty" flag:"secure-port"`
Address string `json:"address,omitempty" flag:"address"`
EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"`
EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"`
AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"`
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"`
ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"`
BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"`
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"`
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"`
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"`
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
APIServerCount *int `json:"apiServerCount,omitempty" flag:"apiserver-count"`
RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"`
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
}
type KubeControllerManagerConfig ¶
type KubeControllerManagerConfig struct {
Master string `json:"master,omitempty" flag:"master"`
LogLevel int `json:"logLevel,omitempty" flag:"v"`
ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"`
Image string `json:"image,omitempty"`
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
//// port is the port that the controller-manager's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on (set to 0.0.0.0 for all interfaces).
//Address string `json:"address"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
//// cloudConfigFile is the path to the cloud provider configuration file.
//CloudConfigFile string `json:"cloudConfigFile"`
//// concurrentEndpointSyncs is the number of endpoint syncing operations
//// that will be done concurrently. Larger number = faster endpoint updating,
//// but more CPU (and network) load.
//ConcurrentEndpointSyncs int32 `json:"concurrentEndpointSyncs"`
//// concurrentRSSyncs is the number of replica sets that are allowed to sync
//// concurrently. Larger number = more responsive replica management, but more
//// CPU (and network) load.
//ConcurrentRSSyncs int32 `json:"concurrentRSSyncs"`
//// concurrentRCSyncs is the number of replication controllers that are
//// allowed to sync concurrently. Larger number = more responsive replica
//// management, but more CPU (and network) load.
//ConcurrentRCSyncs int32 `json:"concurrentRCSyncs"`
//// concurrentResourceQuotaSyncs is the number of resource quotas that are
//// allowed to sync concurrently. Larger number = more responsive quota
//// management, but more CPU (and network) load.
//ConcurrentResourceQuotaSyncs int32 `json:"concurrentResourceQuotaSyncs"`
//// concurrentDeploymentSyncs is the number of deployment objects that are
//// allowed to sync concurrently. Larger number = more responsive deployments,
//// but more CPU (and network) load.
//ConcurrentDeploymentSyncs int32 `json:"concurrentDeploymentSyncs"`
//// concurrentDaemonSetSyncs is the number of daemonset objects that are
//// allowed to sync concurrently. Larger number = more responsive daemonset,
//// but more CPU (and network) load.
//ConcurrentDaemonSetSyncs int32 `json:"concurrentDaemonSetSyncs"`
//// concurrentJobSyncs is the number of job objects that are
//// allowed to sync concurrently. Larger number = more responsive jobs,
//// but more CPU (and network) load.
//ConcurrentJobSyncs int32 `json:"concurrentJobSyncs"`
//// concurrentNamespaceSyncs is the number of namespace objects that are
//// allowed to sync concurrently.
//ConcurrentNamespaceSyncs int32 `json:"concurrentNamespaceSyncs"`
//// lookupCacheSizeForRC is the size of lookup cache for replication controllers.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRC int32 `json:"lookupCacheSizeForRC"`
//// lookupCacheSizeForRS is the size of lookup cache for replicatsets.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRS int32 `json:"lookupCacheSizeForRS"`
//// lookupCacheSizeForDaemonSet is the size of lookup cache for daemonsets.
//// Larger number = more responsive daemonset, but more MEM load.
//LookupCacheSizeForDaemonSet int32 `json:"lookupCacheSizeForDaemonSet"`
//// serviceSyncPeriod is the period for syncing services with their external
//// load balancers.
//ServiceSyncPeriod unversioned.Duration `json:"serviceSyncPeriod"`
//// nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer
//// periods will result in fewer calls to cloud provider, but may delay addition
//// of new nodes to cluster.
//NodeSyncPeriod unversioned.Duration `json:"nodeSyncPeriod"`
//// resourceQuotaSyncPeriod is the period for syncing quota usage status
//// in the system.
//ResourceQuotaSyncPeriod unversioned.Duration `json:"resourceQuotaSyncPeriod"`
//// namespaceSyncPeriod is the period for syncing namespace life-cycle
//// updates.
//NamespaceSyncPeriod unversioned.Duration `json:"namespaceSyncPeriod"`
//// pvClaimBinderSyncPeriod is the period for syncing persistent volumes
//// and persistent volume claims.
//PVClaimBinderSyncPeriod unversioned.Duration `json:"pvClaimBinderSyncPeriod"`
//// minResyncPeriod is the resync period in reflectors; will be random between
//// minResyncPeriod and 2*minResyncPeriod.
//MinResyncPeriod unversioned.Duration `json:"minResyncPeriod"`
//// terminatedPodGCThreshold is the number of terminated pods that can exist
//// before the terminated pod garbage collector starts deleting terminated pods.
//// If <= 0, the terminated pod garbage collector is disabled.
//TerminatedPodGCThreshold int32 `json:"terminatedPodGCThreshold"`
//// horizontalPodAutoscalerSyncPeriod is the period for syncing the number of
//// pods in horizontal pod autoscaler.
//HorizontalPodAutoscalerSyncPeriod unversioned.Duration `json:"horizontalPodAutoscalerSyncPeriod"`
//// deploymentControllerSyncPeriod is the period for syncing the deployments.
//DeploymentControllerSyncPeriod unversioned.Duration `json:"deploymentControllerSyncPeriod"`
//// podEvictionTimeout is the grace period for deleting pods on failed nodes.
//PodEvictionTimeout unversioned.Duration `json:"podEvictionTimeout"`
//// deletingPodsQps is the number of nodes per second on which pods are deleted in
//// case of node failure.
//DeletingPodsQps float32 `json:"deletingPodsQps"`
//// deletingPodsBurst is the number of nodes on which pods are bursty deleted in
//// case of node failure. For more details look into RateLimiter.
//DeletingPodsBurst int32 `json:"deletingPodsBurst"`
//// nodeMontiorGracePeriod is the amount of time which we allow a running node to be
//// unresponsive before marking it unhealty. Must be N times more than kubelet's
//// nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet
//// to post node status.
//NodeMonitorGracePeriod unversioned.Duration `json:"nodeMonitorGracePeriod"`
//// registerRetryCount is the number of retries for initial node registration.
//// Retry interval equals node-sync-period.
//RegisterRetryCount int32 `json:"registerRetryCount"`
//// nodeStartupGracePeriod is the amount of time which we allow starting a node to
//// be unresponsive before marking it unhealty.
//NodeStartupGracePeriod unversioned.Duration `json:"nodeStartupGracePeriod"`
//// nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.
//NodeMonitorPeriod unversioned.Duration `json:"nodeMonitorPeriod"`
//// serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key
//// used to sign service account tokens.
//ServiceAccountKeyFile string `json:"serviceAccountKeyFile"`
//// enableProfiling enables profiling via web interface host:port/debug/pprof/
//EnableProfiling bool `json:"enableProfiling"`
// clusterName is the instance prefix for the cluster.
ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"`
// clusterCIDR is CIDR Range for Pods in cluster.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
//// serviceCIDR is CIDR Range for Services in cluster.
//ServiceCIDR string `json:"serviceCIDR"`
//// NodeCIDRMaskSize is the mask size for node cidr in cluster.
//NodeCIDRMaskSize int32 `json:"nodeCIDRMaskSize"`
// allocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
// ConfigureCloudRoutes is true, to be set on the cloud provider.
AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"`
// configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs
// to be configured on the cloud provider.
ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"`
// rootCAFile is the root certificate authority will be included in service
// account's token secret. This must be a valid PEM-encoded CA bundle.
RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"`
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}
type KubeDNSConfig ¶
type KubeProxyConfig ¶
type KubeProxyConfig struct {
Image string `json:"image,omitempty"`
// TODO: Better type ?
CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m"
LogLevel int `json:"logLevel,omitempty" flag:"v"`
//// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
//// for all interfaces)
//BindAddress string `json:"bindAddress"`
//// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
//// bridge traffic coming from outside of the cluster. If not provided,
//// no off-cluster bridging will be performed.
//ClusterCIDR string `json:"clusterCIDR"`
//// healthzBindAddress is the IP address for the health check server to serve on,
//// defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)
//HealthzBindAddress string `json:"healthzBindAddress"`
//// healthzPort is the port to bind the health check server. Use 0 to disable.
//HealthzPort int32 `json:"healthzPort"`
//// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
//HostnameOverride string `json:"hostnameOverride"`
//// iptablesMasqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
//// the pure iptables proxy mode. Values must be within the range [0, 31].
//IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit"`
//// iptablesSyncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
//// '2h22m'). Must be greater than 0.
//IPTablesSyncPeriod unversioned.Duration `json:"iptablesSyncPeriodSeconds"`
//// kubeconfigPath is the path to the kubeconfig file with authorization information (the
//// master location is set by the master flag).
//KubeconfigPath string `json:"kubeconfigPath"`
//// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
//MasqueradeAll bool `json:"masqueradeAll"`
// master is the address of the Kubernetes API server (overrides any value in kubeconfig)
Master string `json:"master,omitempty" flag:"master"`
}
type KubeSchedulerConfig ¶
type KubeSchedulerConfig struct {
Master string `json:"master,omitempty" flag:"master"`
LogLevel int `json:"logLevel,omitempty" flag:"v"`
Image string `json:"image,omitempty"`
//// port is the port that the scheduler's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on.
//Address string `json:"address"`
//// algorithmProvider is the scheduling algorithm provider to use.
//AlgorithmProvider string `json:"algorithmProvider"`
//// policyConfigFile is the filepath to the scheduler policy configuration.
//PolicyConfigFile string `json:"policyConfigFile"`
//// enableProfiling enables profiling via web interface.
//EnableProfiling bool `json:"enableProfiling"`
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the QPS burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// schedulerName is name of the scheduler, used to select which pods
//// will be processed by this scheduler, based on pod's annotation with
//// key 'scheduler.alpha.kubernetes.io/name'.
//SchedulerName string `json:"schedulerName"`
//// RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule
//// corresponding to every RequiredDuringScheduling affinity rule.
//// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 0-100.
//HardPodAffinitySymmetricWeight int `json:"hardPodAffinitySymmetricWeight"`
//// Indicate the "all topologies" set for empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.
//FailureDomains string `json:"failureDomains"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}
type KubeletConfig ¶
type KubeletConfig struct {
unversioned.TypeMeta `json:",inline"`
k8sapi.ObjectMeta `json:"metadata,omitempty"`
Spec ClusterSpec `json:"spec,omitempty"`
}
type KubeletConfigSpec ¶
type KubeletConfigSpec struct {
APIServers string `json:"apiServers,omitempty" flag:"api-servers"`
LogLevel *int `json:"logLevel,omitempty" flag:"v"`
// config is the path to the config file or directory of files
Config string `json:"config,omitempty" flag:"config"`
//// syncFrequency is the max period between synchronizing running
//// containers and config
//SyncFrequency unversioned.Duration `json:"syncFrequency"`
//// fileCheckFrequency is the duration between checking config files for
//// new data
//FileCheckFrequency unversioned.Duration `json:"fileCheckFrequency"`
//// httpCheckFrequency is the duration between checking http for new data
//HTTPCheckFrequency unversioned.Duration `json:"httpCheckFrequency"`
//// manifestURL is the URL for accessing the container manifest
//ManifestURL string `json:"manifestURL"`
//// manifestURLHeader is the HTTP header to use when accessing the manifest
//// URL, with the key separated from the value with a ':', as in 'key:value'
//ManifestURLHeader string `json:"manifestURLHeader"`
//// enableServer enables the Kubelet's server
//EnableServer bool `json:"enableServer"`
//// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
//// for all interfaces)
//Address string `json:"address"`
//// port is the port for the Kubelet to serve on.
//Port uint `json:"port"`
//// readOnlyPort is the read-only port for the Kubelet to serve on with
//// no authentication/authorization (set to 0 to disable)
//ReadOnlyPort uint `json:"readOnlyPort"`
//// tLSCertFile is the file containing x509 Certificate for HTTPS. (CA cert,
//// if any, concatenated after server cert). If tlsCertFile and
//// tlsPrivateKeyFile are not provided, a self-signed certificate
//// and key are generated for the public address and saved to the directory
//// passed to certDir.
//TLSCertFile string `json:"tlsCertFile"`
//// tLSPrivateKeyFile is the ile containing x509 private key matching
//// tlsCertFile.
//TLSPrivateKeyFile string `json:"tlsPrivateKeyFile"`
//// certDirectory is the directory where the TLS certs are located (by
//// default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile
//// are provided, this flag will be ignored.
//CertDirectory string `json:"certDirectory"`
// hostnameOverride is the hostname used to identify the kubelet instead
// of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
//// podInfraContainerImage is the image whose network/ipc namespaces
//// containers in each pod will use.
//PodInfraContainerImage string `json:"podInfraContainerImage"`
//// dockerEndpoint is the path to the docker endpoint to communicate with.
//DockerEndpoint string `json:"dockerEndpoint"`
//// rootDirectory is the directory path to place kubelet files (volume
//// mounts,etc).
//RootDirectory string `json:"rootDirectory"`
//// seccompProfileRoot is the directory path for seccomp profiles.
//SeccompProfileRoot string `json:"seccompProfileRoot"`
// allowPrivileged enables containers to request privileged mode.
// Defaults to false.
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
//// hostNetworkSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use of host network. Defaults to "*".
//HostNetworkSources []string `json:"hostNetworkSources"`
//// hostPIDSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host pid namespace. Defaults to "*".
//HostPIDSources []string `json:"hostPIDSources"`
//// hostIPCSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
//HostIPCSources []string `json:"hostIPCSources"`
//// registryPullQPS is the limit of registry pulls per second. If 0,
//// unlimited. Set to 0 for no limit. Defaults to 5.0.
//RegistryPullQPS float64 `json:"registryPullQPS"`
//// registryBurst is the maximum size of a bursty pulls, temporarily allows
//// pulls to burst to this number, while still not exceeding registryQps.
//// Only used if registryQps > 0.
//RegistryBurst int32 `json:"registryBurst"`
//// eventRecordQPS is the maximum event creations per second. If 0, there
//// is no limit enforced.
//EventRecordQPS float32 `json:"eventRecordQPS"`
//// eventBurst is the maximum size of a bursty event records, temporarily
//// allows event records to burst to this number, while still not exceeding
//// event-qps. Only used if eventQps > 0
//EventBurst int32 `json:"eventBurst"`
// enableDebuggingHandlers enables server endpoints for log collection
// and local running of containers and commands
EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"`
//// minimumGCAge is the minimum age for a finished container before it is
//// garbage collected.
//MinimumGCAge unversioned.Duration `json:"minimumGCAge"`
//// maxPerPodContainerCount is the maximum number of old instances to
//// retain per container. Each container takes up some disk space.
//MaxPerPodContainerCount int32 `json:"maxPerPodContainerCount"`
//// maxContainerCount is the maximum number of old instances of containers
//// to retain globally. Each container takes up some disk space.
//MaxContainerCount int32 `json:"maxContainerCount"`
//// cAdvisorPort is the port of the localhost cAdvisor endpoint
//CAdvisorPort uint `json:"cAdvisorPort"`
//// healthzPort is the port of the localhost healthz endpoint
//HealthzPort int32 `json:"healthzPort"`
//// healthzBindAddress is the IP address for the healthz server to serve
//// on.
//HealthzBindAddress string `json:"healthzBindAddress"`
//// oomScoreAdj is The oom-score-adj value for kubelet process. Values
//// must be within the range [-1000, 1000].
//OOMScoreAdj int32 `json:"oomScoreAdj"`
//// registerNode enables automatic registration with the apiserver.
//RegisterNode bool `json:"registerNode"`
// clusterDomain is the DNS domain for this cluster. If set, kubelet will
// configure all containers to search this domain in addition to the
// host's search domains.
ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"`
//// masterServiceNamespace is The namespace from which the kubernetes
//// master services should be injected into pods.
//MasterServiceNamespace string `json:"masterServiceNamespace"`
// clusterDNS is the IP address for a cluster DNS server. If set, kubelet
// will configure all containers to use this for DNS resolution in
// addition to the host's DNS servers
ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"`
//// streamingConnectionIdleTimeout is the maximum time a streaming connection
//// can be idle before the connection is automatically closed.
//StreamingConnectionIdleTimeout unversioned.Duration `json:"streamingConnectionIdleTimeout"`
//// nodeStatusUpdateFrequency is the frequency that kubelet posts node
//// status to master. Note: be cautious when changing the constant, it
//// must work with nodeMonitorGracePeriod in nodecontroller.
//NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
//// minimumGCAge is the minimum age for a unused image before it is
//// garbage collected.
//ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
//// imageGCHighThresholdPercent is the percent of disk usage after which
//// image garbage collection is always run.
//ImageGCHighThresholdPercent int32 `json:"imageGCHighThresholdPercent"`
//// imageGCLowThresholdPercent is the percent of disk usage before which
//// image garbage collection is never run. Lowest disk usage to garbage
//// collect to.
//ImageGCLowThresholdPercent int32 `json:"imageGCLowThresholdPercent"`
//// lowDiskSpaceThresholdMB is the absolute free disk space, in MB, to
//// maintain. When disk space falls below this threshold, new pods would
//// be rejected.
//LowDiskSpaceThresholdMB int32 `json:"lowDiskSpaceThresholdMB"`
//// How frequently to calculate and cache volume disk usage for all pods
//VolumeStatsAggPeriod unversioned.Duration `json:"volumeStatsAggPeriod"`
// networkPluginName is the name of the network plugin to be invoked for
// various events in kubelet/pod lifecycle
NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"`
//// networkPluginDir is the full path of the directory in which to search
//// for network plugins
//NetworkPluginDir string `json:"networkPluginDir"`
//// volumePluginDir is the full path of the directory in which to search
//// for additional third party volume plugins
//VolumePluginDir string `json:"volumePluginDir"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
//// cloudConfigFile is the path to the cloud provider configuration file.
//CloudConfigFile string `json:"cloudConfigFile,omitempty"`
// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"`
// Cgroups that container runtime is expected to be isolated in.
RuntimeCgroups string `json:"runtimeCgroups,omitempty" flag:"runtime-cgroups"`
// SystemCgroups is absolute name of cgroups in which to place
// all non-kernel processes that are not already in a container. Empty
// for no container. Rolling back the flag requires a reboot.
SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"`
// cgroupRoot is the root cgroup to use for pods. This is handled by the
// container runtime on a best effort basis.
CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"`
//// containerRuntime is the container runtime to use.
//ContainerRuntime string `json:"containerRuntime"`
//// rktPath is the path of rkt binary. Leave empty to use the first rkt in
//// $PATH.
//RktPath string `json:"rktPath,omitempty"`
//// rktApiEndpoint is the endpoint of the rkt API service to communicate with.
//RktAPIEndpoint string `json:"rktAPIEndpoint,omitempty"`
//// rktStage1Image is the image to use as stage1. Local paths and
//// http/https URLs are supported.
//RktStage1Image string `json:"rktStage1Image,omitempty"`
//// lockFilePath is the path that kubelet will use to as a lock file.
//// It uses this file as a lock to synchronize with other kubelet processes
//// that may be running.
//LockFilePath string `json:"lockFilePath"`
//// ExitOnLockContention is a flag that signifies to the kubelet that it is running
//// in "bootstrap" mode. This requires that 'LockFilePath' has been set.
//// This will cause the kubelet to listen to inotify events on the lock file,
//// releasing it and exiting when another process tries to open that file.
//ExitOnLockContention bool `json:"exitOnLockContention"`
// configureCBR0 enables the kublet to configure cbr0 based on
// Node.Spec.PodCIDR.
ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"`
// How should the kubelet configure the container bridge for hairpin packets.
// Setting this flag allows endpoints in a Service to loadbalance back to
// themselves if they should try to access their own Service. Values:
// "promiscuous-bridge": make the container bridge promiscuous.
// "hairpin-veth": set the hairpin flag on container veth interfaces.
// "none": do nothing.
// Setting --configure-cbr0 to false implies that to achieve hairpin NAT
// one must set --hairpin-mode=veth-flag, because bridge assumes the
// existence of a container bridge named cbr0.
HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"`
// The node has babysitter process monitoring docker and kubelet.
BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"`
//// maxPods is the number of pods that can run on this Kubelet.
//MaxPods int32 `json:"maxPods"`
//// nvidiaGPUs is the number of NVIDIA GPU devices on this node.
//NvidiaGPUs int32 `json:"nvidiaGPUs"`
//// dockerExecHandlerName is the handler to use when executing a command
//// in a container. Valid values are 'native' and 'nsenter'. Defaults to
//// 'native'.
//DockerExecHandlerName string `json:"dockerExecHandlerName"`
// The CIDR to use for pod IP addresses, only used in standalone mode.
// In cluster mode, this is obtained from the master.
PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"`
//// ResolverConfig is the resolver configuration file used as the basis
//// for the container DNS resolution configuration."), []
//ResolverConfig string `json:"resolvConf"`
//// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that
//// specify CPU limits
//CPUCFSQuota bool `json:"cpuCFSQuota"`
//// containerized should be set to true if kubelet is running in a container.
//Containerized bool `json:"containerized"`
//// maxOpenFiles is Number of files that can be opened by Kubelet process.
//MaxOpenFiles uint64 `json:"maxOpenFiles"`
// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
// API server. No-op if register-node or configure-cbr0 is false.
ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"`
// registerSchedulable tells the kubelet to register the node as
// schedulable. No-op if register-node is false.
RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"`
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to allow while talking with kubernetes
//// apiserver
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// serializeImagePulls when enabled, tells the Kubelet to pull images one
//// at a time. We recommend *not* changing the default value on nodes that
//// run docker daemon with version < 1.9 or an Aufs storage backend.
//// Issue #10959 has more details.
//SerializeImagePulls bool `json:"serializeImagePulls"`
//// experimentalFlannelOverlay enables experimental support for starting the
//// kubelet with the default overlay network (flannel). Assumes flanneld
//// is already running in client mode.
//ExperimentalFlannelOverlay bool `json:"experimentalFlannelOverlay"`
//// outOfDiskTransitionFrequency is duration for which the kubelet has to
//// wait before transitioning out of out-of-disk node condition status.
//OutOfDiskTransitionFrequency unversioned.Duration `json:"outOfDiskTransitionFrequency,omitempty"`
//// nodeIP is IP address of the node. If set, kubelet will use this IP
//// address for the node.
//NodeIP string `json:"nodeIP,omitempty"`
// nodeLabels to add when registering the node in the cluster.
NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"`
// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"`
// networkPluginMTU is the MTU to be passed to the network plugin,
// and overrides the default MTU for cases where it cannot be automatically
// computed (such as IPSEC).
NetworkPluginMTU *int32 `json:"networkPluginMTU,omitEmpty" flag:"network-plugin-mtu"`
}
func BuildKubeletConfigSpec ¶
func BuildKubeletConfigSpec(cluster *Cluster, instanceGroup *InstanceGroup) (*KubeletConfigSpec, error)
BuildKubeletConfigSpec returns the kubeletconfig for the specified instanceGroup
type KubenetNetworkingSpec ¶
type KubenetNetworkingSpec struct {
}
KubenetNetworkingSpec is the specification for kubenet networking, largely integrated but intended to replace classic
type LeaderElectionConfiguration ¶
type LeaderElectionConfiguration struct {
// leaderElect enables a leader election client to gain leadership
// before executing the main loop. Enable this when running replicated
// components for high availability.
LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"`
}
LeaderElectionConfiguration defines the configuration of leader election clients for components that can run with leader election enabled.
type NetworkingSpec ¶
type NetworkingSpec struct {
Classic *ClassicNetworkingSpec `json:"classic,omitempty"`
Kubenet *KubenetNetworkingSpec `json:"kubenet,omitempty"`
External *ExternalNetworkingSpec `json:"external,omitempty"`
}
NetworkingSpec allows selection and configuration of a networking plugin
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.