sigs.k8s.io/cluster-api@v1.6.3/bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.13.0 7 name: kubeadmconfigs.bootstrap.cluster.x-k8s.io 8 spec: 9 group: bootstrap.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: KubeadmConfig 14 listKind: KubeadmConfigList 15 plural: kubeadmconfigs 16 singular: kubeadmconfig 17 scope: Namespaced 18 versions: 19 - deprecated: true 20 name: v1alpha3 21 schema: 22 openAPIV3Schema: 23 description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: 24 This type will be removed in one of the next releases." 25 properties: 26 apiVersion: 27 description: 'APIVersion defines the versioned schema of this representation 28 of an object. Servers should convert recognized schemas to the latest 29 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 30 type: string 31 kind: 32 description: 'Kind is a string value representing the REST resource this 33 object represents. Servers may infer this from the endpoint the client 34 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 35 type: string 36 metadata: 37 type: object 38 spec: 39 description: KubeadmConfigSpec defines the desired state of KubeadmConfig. 40 Either ClusterConfiguration and InitConfiguration should be defined 41 or the JoinConfiguration should be defined. 42 properties: 43 clusterConfiguration: 44 description: ClusterConfiguration along with InitConfiguration are 45 the configurations necessary for the init command 46 properties: 47 apiServer: 48 description: APIServer contains extra settings for the API server 49 control plane component 50 properties: 51 certSANs: 52 description: CertSANs sets extra Subject Alternative Names 53 for the API Server signing cert. 54 items: 55 type: string 56 type: array 57 extraArgs: 58 additionalProperties: 59 type: string 60 description: 'ExtraArgs is an extra set of flags to pass to 61 the control plane component. TODO: This is temporary and 62 ideally we would like to switch all components to use ComponentConfig 63 + ConfigMaps.' 64 type: object 65 extraVolumes: 66 description: ExtraVolumes is an extra set of host volumes, 67 mounted to the control plane component. 68 items: 69 description: HostPathMount contains elements describing 70 volumes that are mounted from the host. 71 properties: 72 hostPath: 73 description: HostPath is the path in the host that will 74 be mounted inside the pod. 75 type: string 76 mountPath: 77 description: MountPath is the path inside the pod where 78 hostPath will be mounted. 79 type: string 80 name: 81 description: Name of the volume inside the pod template. 82 type: string 83 pathType: 84 description: PathType is the type of the HostPath. 85 type: string 86 readOnly: 87 description: ReadOnly controls write access to the volume 88 type: boolean 89 required: 90 - hostPath 91 - mountPath 92 - name 93 type: object 94 type: array 95 timeoutForControlPlane: 96 description: TimeoutForControlPlane controls the timeout that 97 we use for API server to appear 98 type: string 99 type: object 100 apiVersion: 101 description: 'APIVersion defines the versioned schema of this 102 representation of an object. Servers should convert recognized 103 schemas to the latest internal value, and may reject unrecognized 104 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 105 type: string 106 certificatesDir: 107 description: 'CertificatesDir specifies where to store or look 108 for all required certificates. NB: if not provided, this will 109 default to `/etc/kubernetes/pki`' 110 type: string 111 clusterName: 112 description: The cluster name 113 type: string 114 controlPlaneEndpoint: 115 description: 'ControlPlaneEndpoint sets a stable IP address or 116 DNS name for the control plane; it can be a valid IP address 117 or a RFC-1123 DNS subdomain, both with optional TCP port. In 118 case the ControlPlaneEndpoint is not specified, the AdvertiseAddress 119 + BindPort are used; in case the ControlPlaneEndpoint is specified 120 but without a TCP port, the BindPort is used. Possible usages 121 are: e.g. In a cluster with more than one control plane instances, 122 this field should be assigned the address of the external load 123 balancer in front of the control plane instances. e.g. in environments 124 with enforced node recycling, the ControlPlaneEndpoint could 125 be used for assigning a stable DNS to the control plane. NB: 126 This value defaults to the first value in the Cluster object 127 status.apiEndpoints array.' 128 type: string 129 controllerManager: 130 description: ControllerManager contains extra settings for the 131 controller manager control plane component 132 properties: 133 extraArgs: 134 additionalProperties: 135 type: string 136 description: 'ExtraArgs is an extra set of flags to pass to 137 the control plane component. TODO: This is temporary and 138 ideally we would like to switch all components to use ComponentConfig 139 + ConfigMaps.' 140 type: object 141 extraVolumes: 142 description: ExtraVolumes is an extra set of host volumes, 143 mounted to the control plane component. 144 items: 145 description: HostPathMount contains elements describing 146 volumes that are mounted from the host. 147 properties: 148 hostPath: 149 description: HostPath is the path in the host that will 150 be mounted inside the pod. 151 type: string 152 mountPath: 153 description: MountPath is the path inside the pod where 154 hostPath will be mounted. 155 type: string 156 name: 157 description: Name of the volume inside the pod template. 158 type: string 159 pathType: 160 description: PathType is the type of the HostPath. 161 type: string 162 readOnly: 163 description: ReadOnly controls write access to the volume 164 type: boolean 165 required: 166 - hostPath 167 - mountPath 168 - name 169 type: object 170 type: array 171 type: object 172 dns: 173 description: DNS defines the options for the DNS add-on installed 174 in the cluster. 175 properties: 176 imageRepository: 177 description: ImageRepository sets the container registry to 178 pull images from. if not set, the ImageRepository defined 179 in ClusterConfiguration will be used instead. 180 type: string 181 imageTag: 182 description: ImageTag allows to specify a tag for the image. 183 In case this value is set, kubeadm does not change automatically 184 the version of the above components during upgrades. 185 type: string 186 type: 187 description: Type defines the DNS add-on to be used 188 type: string 189 type: object 190 etcd: 191 description: 'Etcd holds configuration for etcd. NB: This value 192 defaults to a Local (stacked) etcd' 193 properties: 194 external: 195 description: External describes how to connect to an external 196 etcd cluster Local and External are mutually exclusive 197 properties: 198 caFile: 199 description: CAFile is an SSL Certificate Authority file 200 used to secure etcd communication. Required if using 201 a TLS connection. 202 type: string 203 certFile: 204 description: CertFile is an SSL certification file used 205 to secure etcd communication. Required if using a TLS 206 connection. 207 type: string 208 endpoints: 209 description: Endpoints of etcd members. Required for ExternalEtcd. 210 items: 211 type: string 212 type: array 213 keyFile: 214 description: KeyFile is an SSL key file used to secure 215 etcd communication. Required if using a TLS connection. 216 type: string 217 required: 218 - caFile 219 - certFile 220 - endpoints 221 - keyFile 222 type: object 223 local: 224 description: Local provides configuration knobs for configuring 225 the local etcd instance Local and External are mutually 226 exclusive 227 properties: 228 dataDir: 229 description: DataDir is the directory etcd will place 230 its data. Defaults to "/var/lib/etcd". 231 type: string 232 extraArgs: 233 additionalProperties: 234 type: string 235 description: ExtraArgs are extra arguments provided to 236 the etcd binary when run inside a static pod. 237 type: object 238 imageRepository: 239 description: ImageRepository sets the container registry 240 to pull images from. if not set, the ImageRepository 241 defined in ClusterConfiguration will be used instead. 242 type: string 243 imageTag: 244 description: ImageTag allows to specify a tag for the 245 image. In case this value is set, kubeadm does not change 246 automatically the version of the above components during 247 upgrades. 248 type: string 249 peerCertSANs: 250 description: PeerCertSANs sets extra Subject Alternative 251 Names for the etcd peer signing cert. 252 items: 253 type: string 254 type: array 255 serverCertSANs: 256 description: ServerCertSANs sets extra Subject Alternative 257 Names for the etcd server signing cert. 258 items: 259 type: string 260 type: array 261 type: object 262 type: object 263 featureGates: 264 additionalProperties: 265 type: boolean 266 description: FeatureGates enabled by the user. 267 type: object 268 imageRepository: 269 description: ImageRepository sets the container registry to pull 270 images from. If empty, `k8s.gcr.io` will be used by default; 271 in case of kubernetes version is a CI build (kubernetes version 272 starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 273 will be used as a default for control plane components and for 274 kube-proxy, while `k8s.gcr.io` will be used for all the other 275 images. 276 type: string 277 kind: 278 description: 'Kind is a string value representing the REST resource 279 this object represents. Servers may infer this from the endpoint 280 the client submits requests to. Cannot be updated. In CamelCase. 281 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 282 type: string 283 kubernetesVersion: 284 description: 'KubernetesVersion is the target version of the control 285 plane. NB: This value defaults to the Machine object spec.version' 286 type: string 287 networking: 288 description: 'Networking holds configuration for the networking 289 topology of the cluster. NB: This value defaults to the Cluster 290 object spec.clusterNetwork.' 291 properties: 292 dnsDomain: 293 description: DNSDomain is the dns domain used by k8s services. 294 Defaults to "cluster.local". 295 type: string 296 podSubnet: 297 description: PodSubnet is the subnet used by pods. If unset, 298 the API server will not allocate CIDR ranges for every node. 299 Defaults to a comma-delimited string of the Cluster object's 300 spec.clusterNetwork.services.cidrBlocks if that is set 301 type: string 302 serviceSubnet: 303 description: ServiceSubnet is the subnet used by k8s services. 304 Defaults to a comma-delimited string of the Cluster object's 305 spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" 306 if that's unset. 307 type: string 308 type: object 309 scheduler: 310 description: Scheduler contains extra settings for the scheduler 311 control plane component 312 properties: 313 extraArgs: 314 additionalProperties: 315 type: string 316 description: 'ExtraArgs is an extra set of flags to pass to 317 the control plane component. TODO: This is temporary and 318 ideally we would like to switch all components to use ComponentConfig 319 + ConfigMaps.' 320 type: object 321 extraVolumes: 322 description: ExtraVolumes is an extra set of host volumes, 323 mounted to the control plane component. 324 items: 325 description: HostPathMount contains elements describing 326 volumes that are mounted from the host. 327 properties: 328 hostPath: 329 description: HostPath is the path in the host that will 330 be mounted inside the pod. 331 type: string 332 mountPath: 333 description: MountPath is the path inside the pod where 334 hostPath will be mounted. 335 type: string 336 name: 337 description: Name of the volume inside the pod template. 338 type: string 339 pathType: 340 description: PathType is the type of the HostPath. 341 type: string 342 readOnly: 343 description: ReadOnly controls write access to the volume 344 type: boolean 345 required: 346 - hostPath 347 - mountPath 348 - name 349 type: object 350 type: array 351 type: object 352 useHyperKubeImage: 353 description: UseHyperKubeImage controls if hyperkube should be 354 used for Kubernetes components instead of their respective separate 355 images 356 type: boolean 357 type: object 358 diskSetup: 359 description: DiskSetup specifies options for the creation of partition 360 tables and file systems on devices. 361 properties: 362 filesystems: 363 description: Filesystems specifies the list of file systems to 364 setup. 365 items: 366 description: Filesystem defines the file systems to be created. 367 properties: 368 device: 369 description: Device specifies the device name 370 type: string 371 extraOpts: 372 description: ExtraOpts defined extra options to add to the 373 command for creating the file system. 374 items: 375 type: string 376 type: array 377 filesystem: 378 description: Filesystem specifies the file system type. 379 type: string 380 label: 381 description: Label specifies the file system label to be 382 used. If set to None, no label is used. 383 type: string 384 overwrite: 385 description: Overwrite defines whether or not to overwrite 386 any existing filesystem. If true, any pre-existing file 387 system will be destroyed. Use with Caution. 388 type: boolean 389 partition: 390 description: 'Partition specifies the partition to use. 391 The valid options are: "auto|any", "auto", "any", "none", 392 and <NUM>, where NUM is the actual partition number.' 393 type: string 394 replaceFS: 395 description: 'ReplaceFS is a special directive, used for 396 Microsoft Azure that instructs cloud-init to replace a 397 file system of <FS_TYPE>. NOTE: unless you define a label, 398 this requires the use of the ''any'' partition directive.' 399 type: string 400 required: 401 - device 402 - filesystem 403 - label 404 type: object 405 type: array 406 partitions: 407 description: Partitions specifies the list of the partitions to 408 setup. 409 items: 410 description: Partition defines how to create and layout a partition. 411 properties: 412 device: 413 description: Device is the name of the device. 414 type: string 415 layout: 416 description: Layout specifies the device layout. If it is 417 true, a single partition will be created for the entire 418 device. When layout is false, it means don't partition 419 or ignore existing partitioning. 420 type: boolean 421 overwrite: 422 description: Overwrite describes whether to skip checks 423 and create the partition if a partition or filesystem 424 is found on the device. Use with caution. Default is 'false'. 425 type: boolean 426 tableType: 427 description: 'TableType specifies the tupe of partition 428 table. The following are supported: ''mbr'': default and 429 setups a MS-DOS partition table ''gpt'': setups a GPT 430 partition table' 431 type: string 432 required: 433 - device 434 - layout 435 type: object 436 type: array 437 type: object 438 files: 439 description: Files specifies extra files to be passed to user_data 440 upon creation. 441 items: 442 description: File defines the input for generating write_files in 443 cloud-init. 444 properties: 445 content: 446 description: Content is the actual content of the file. 447 type: string 448 contentFrom: 449 description: ContentFrom is a referenced source of content to 450 populate the file. 451 properties: 452 secret: 453 description: Secret represents a secret that should populate 454 this file. 455 properties: 456 key: 457 description: Key is the key in the secret's data map 458 for this value. 459 type: string 460 name: 461 description: Name of the secret in the KubeadmBootstrapConfig's 462 namespace to use. 463 type: string 464 required: 465 - key 466 - name 467 type: object 468 required: 469 - secret 470 type: object 471 encoding: 472 description: Encoding specifies the encoding of the file contents. 473 enum: 474 - base64 475 - gzip 476 - gzip+base64 477 type: string 478 owner: 479 description: Owner specifies the ownership of the file, e.g. 480 "root:root". 481 type: string 482 path: 483 description: Path specifies the full path on disk where to store 484 the file. 485 type: string 486 permissions: 487 description: Permissions specifies the permissions to assign 488 to the file, e.g. "0640". 489 type: string 490 required: 491 - path 492 type: object 493 type: array 494 format: 495 description: Format specifies the output format of the bootstrap data 496 enum: 497 - cloud-config 498 type: string 499 initConfiguration: 500 description: InitConfiguration along with ClusterConfiguration are 501 the configurations necessary for the init command 502 properties: 503 apiVersion: 504 description: 'APIVersion defines the versioned schema of this 505 representation of an object. Servers should convert recognized 506 schemas to the latest internal value, and may reject unrecognized 507 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 508 type: string 509 bootstrapTokens: 510 description: BootstrapTokens is respected at `kubeadm init` time 511 and describes a set of Bootstrap Tokens to create. This information 512 IS NOT uploaded to the kubeadm cluster configmap, partly because 513 of its sensitive nature 514 items: 515 description: BootstrapToken describes one bootstrap token, stored 516 as a Secret in the cluster. 517 properties: 518 description: 519 description: Description sets a human-friendly message why 520 this token exists and what it's used for, so other administrators 521 can know its purpose. 522 type: string 523 expires: 524 description: Expires specifies the timestamp when this token 525 expires. Defaults to being set dynamically at runtime 526 based on the TTL. Expires and TTL are mutually exclusive. 527 format: date-time 528 type: string 529 groups: 530 description: Groups specifies the extra groups that this 531 token will authenticate as when/if used for authentication 532 items: 533 type: string 534 type: array 535 token: 536 description: Token is used for establishing bidirectional 537 trust between nodes and control-planes. Used for joining 538 nodes in the cluster. 539 type: string 540 ttl: 541 description: TTL defines the time to live for this token. 542 Defaults to 24h. Expires and TTL are mutually exclusive. 543 type: string 544 usages: 545 description: Usages describes the ways in which this token 546 can be used. Can by default be used for establishing bidirectional 547 trust, but that can be changed here. 548 items: 549 type: string 550 type: array 551 required: 552 - token 553 type: object 554 type: array 555 kind: 556 description: 'Kind is a string value representing the REST resource 557 this object represents. Servers may infer this from the endpoint 558 the client submits requests to. Cannot be updated. In CamelCase. 559 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 560 type: string 561 localAPIEndpoint: 562 description: LocalAPIEndpoint represents the endpoint of the API 563 server instance that's deployed on this control plane node In 564 HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 565 in the sense that ControlPlaneEndpoint is the global endpoint 566 for the cluster, which then loadbalances the requests to each 567 individual API server. This configuration object lets you customize 568 what IP/DNS name and port the local API server advertises it's 569 accessible on. By default, kubeadm tries to auto-detect the 570 IP of the default interface and use that, but in case that process 571 fails you may set the desired value here. 572 properties: 573 advertiseAddress: 574 description: AdvertiseAddress sets the IP address for the 575 API server to advertise. 576 type: string 577 bindPort: 578 description: BindPort sets the secure port for the API Server 579 to bind to. Defaults to 6443. 580 format: int32 581 type: integer 582 required: 583 - advertiseAddress 584 - bindPort 585 type: object 586 nodeRegistration: 587 description: NodeRegistration holds fields that relate to registering 588 the new control-plane node to the cluster. When used in the 589 context of control plane nodes, NodeRegistration should remain 590 consistent across both InitConfiguration and JoinConfiguration 591 properties: 592 criSocket: 593 description: CRISocket is used to retrieve container runtime 594 info. This information will be annotated to the Node API 595 object, for later re-use 596 type: string 597 kubeletExtraArgs: 598 additionalProperties: 599 type: string 600 description: KubeletExtraArgs passes through extra arguments 601 to the kubelet. The arguments here are passed to the kubelet 602 command line via the environment file kubeadm writes at 603 runtime for the kubelet to source. This overrides the generic 604 base-level configuration in the kubelet-config-1.X ConfigMap 605 Flags have higher priority when parsing. These values are 606 local and specific to the node kubeadm is executing on. 607 type: object 608 name: 609 description: Name is the `.Metadata.Name` field of the Node 610 API object that will be created in this `kubeadm init` or 611 `kubeadm join` operation. This field is also used in the 612 CommonName field of the kubelet's client certificate to 613 the API server. Defaults to the hostname of the node if 614 not provided. 615 type: string 616 taints: 617 description: 'Taints specifies the taints the Node API object 618 should be registered with. If this field is unset, i.e. 619 nil, in the `kubeadm init` process it will be defaulted 620 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 621 you don''t want to taint your control-plane node, set this 622 field to an empty slice, i.e. `taints: {}` in the YAML file. 623 This field is solely used for Node registration.' 624 items: 625 description: The node this Taint is attached to has the 626 "effect" on any pod that does not tolerate the Taint. 627 properties: 628 effect: 629 description: Required. The effect of the taint on pods 630 that do not tolerate the taint. Valid effects are 631 NoSchedule, PreferNoSchedule and NoExecute. 632 type: string 633 key: 634 description: Required. The taint key to be applied to 635 a node. 636 type: string 637 timeAdded: 638 description: TimeAdded represents the time at which 639 the taint was added. It is only written for NoExecute 640 taints. 641 format: date-time 642 type: string 643 value: 644 description: The taint value corresponding to the taint 645 key. 646 type: string 647 required: 648 - effect 649 - key 650 type: object 651 type: array 652 type: object 653 type: object 654 joinConfiguration: 655 description: JoinConfiguration is the kubeadm configuration for the 656 join command 657 properties: 658 apiVersion: 659 description: 'APIVersion defines the versioned schema of this 660 representation of an object. Servers should convert recognized 661 schemas to the latest internal value, and may reject unrecognized 662 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 663 type: string 664 caCertPath: 665 description: 'CACertPath is the path to the SSL certificate authority 666 used to secure comunications between node and control-plane. 667 Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when 668 there is defaulting from k/k' 669 type: string 670 controlPlane: 671 description: ControlPlane defines the additional control plane 672 instance to be deployed on the joining node. If nil, no additional 673 control plane instance will be deployed. 674 properties: 675 localAPIEndpoint: 676 description: LocalAPIEndpoint represents the endpoint of the 677 API server instance to be deployed on this node. 678 properties: 679 advertiseAddress: 680 description: AdvertiseAddress sets the IP address for 681 the API server to advertise. 682 type: string 683 bindPort: 684 description: BindPort sets the secure port for the API 685 Server to bind to. Defaults to 6443. 686 format: int32 687 type: integer 688 required: 689 - advertiseAddress 690 - bindPort 691 type: object 692 type: object 693 discovery: 694 description: 'Discovery specifies the options for the kubelet 695 to use during the TLS Bootstrap process TODO: revisit when there 696 is defaulting from k/k' 697 properties: 698 bootstrapToken: 699 description: BootstrapToken is used to set the options for 700 bootstrap token based discovery BootstrapToken and File 701 are mutually exclusive 702 properties: 703 apiServerEndpoint: 704 description: APIServerEndpoint is an IP or domain name 705 to the API server from which info will be fetched. 706 type: string 707 caCertHashes: 708 description: 'CACertHashes specifies a set of public key 709 pins to verify when token-based discovery is used. The 710 root CA found during discovery must match one of these 711 values. Specifying an empty set disables root CA pinning, 712 which can be unsafe. Each hash is specified as "<type>:<value>", 713 where the only currently supported type is "sha256". 714 This is a hex-encoded SHA-256 hash of the Subject Public 715 Key Info (SPKI) object in DER-encoded ASN.1. These hashes 716 can be calculated using, for example, OpenSSL: openssl 717 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 718 der 2>&/dev/null | openssl dgst -sha256 -hex' 719 items: 720 type: string 721 type: array 722 token: 723 description: Token is a token used to validate cluster 724 information fetched from the control-plane. 725 type: string 726 unsafeSkipCAVerification: 727 description: UnsafeSkipCAVerification allows token-based 728 discovery without CA verification via CACertHashes. 729 This can weaken the security of kubeadm since other 730 nodes can impersonate the control-plane. 731 type: boolean 732 required: 733 - token 734 - unsafeSkipCAVerification 735 type: object 736 file: 737 description: File is used to specify a file or URL to a kubeconfig 738 file from which to load cluster information BootstrapToken 739 and File are mutually exclusive 740 properties: 741 kubeConfigPath: 742 description: KubeConfigPath is used to specify the actual 743 file path or URL to the kubeconfig file from which to 744 load cluster information 745 type: string 746 required: 747 - kubeConfigPath 748 type: object 749 timeout: 750 description: Timeout modifies the discovery timeout 751 type: string 752 tlsBootstrapToken: 753 description: 'TLSBootstrapToken is a token used for TLS bootstrapping. 754 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, 755 but can be overridden. If .File is set, this field **must 756 be set** in case the KubeConfigFile does not contain any 757 other authentication information TODO: revisit when there 758 is defaulting from k/k' 759 type: string 760 type: object 761 kind: 762 description: 'Kind is a string value representing the REST resource 763 this object represents. Servers may infer this from the endpoint 764 the client submits requests to. Cannot be updated. In CamelCase. 765 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 766 type: string 767 nodeRegistration: 768 description: NodeRegistration holds fields that relate to registering 769 the new control-plane node to the cluster. When used in the 770 context of control plane nodes, NodeRegistration should remain 771 consistent across both InitConfiguration and JoinConfiguration 772 properties: 773 criSocket: 774 description: CRISocket is used to retrieve container runtime 775 info. This information will be annotated to the Node API 776 object, for later re-use 777 type: string 778 kubeletExtraArgs: 779 additionalProperties: 780 type: string 781 description: KubeletExtraArgs passes through extra arguments 782 to the kubelet. The arguments here are passed to the kubelet 783 command line via the environment file kubeadm writes at 784 runtime for the kubelet to source. This overrides the generic 785 base-level configuration in the kubelet-config-1.X ConfigMap 786 Flags have higher priority when parsing. These values are 787 local and specific to the node kubeadm is executing on. 788 type: object 789 name: 790 description: Name is the `.Metadata.Name` field of the Node 791 API object that will be created in this `kubeadm init` or 792 `kubeadm join` operation. This field is also used in the 793 CommonName field of the kubelet's client certificate to 794 the API server. Defaults to the hostname of the node if 795 not provided. 796 type: string 797 taints: 798 description: 'Taints specifies the taints the Node API object 799 should be registered with. If this field is unset, i.e. 800 nil, in the `kubeadm init` process it will be defaulted 801 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 802 you don''t want to taint your control-plane node, set this 803 field to an empty slice, i.e. `taints: {}` in the YAML file. 804 This field is solely used for Node registration.' 805 items: 806 description: The node this Taint is attached to has the 807 "effect" on any pod that does not tolerate the Taint. 808 properties: 809 effect: 810 description: Required. The effect of the taint on pods 811 that do not tolerate the taint. Valid effects are 812 NoSchedule, PreferNoSchedule and NoExecute. 813 type: string 814 key: 815 description: Required. The taint key to be applied to 816 a node. 817 type: string 818 timeAdded: 819 description: TimeAdded represents the time at which 820 the taint was added. It is only written for NoExecute 821 taints. 822 format: date-time 823 type: string 824 value: 825 description: The taint value corresponding to the taint 826 key. 827 type: string 828 required: 829 - effect 830 - key 831 type: object 832 type: array 833 type: object 834 type: object 835 mounts: 836 description: Mounts specifies a list of mount points to be setup. 837 items: 838 description: MountPoints defines input for generated mounts in cloud-init. 839 items: 840 type: string 841 type: array 842 type: array 843 ntp: 844 description: NTP specifies NTP configuration 845 properties: 846 enabled: 847 description: Enabled specifies whether NTP should be enabled 848 type: boolean 849 servers: 850 description: Servers specifies which NTP servers to use 851 items: 852 type: string 853 type: array 854 type: object 855 postKubeadmCommands: 856 description: PostKubeadmCommands specifies extra commands to run after 857 kubeadm runs 858 items: 859 type: string 860 type: array 861 preKubeadmCommands: 862 description: PreKubeadmCommands specifies extra commands to run before 863 kubeadm runs 864 items: 865 type: string 866 type: array 867 useExperimentalRetryJoin: 868 description: "UseExperimentalRetryJoin replaces a basic kubeadm command 869 with a shell script with retries for joins. \n This is meant to 870 be an experimental temporary workaround on some environments where 871 joins fail due to timing (and other issues). The long term goal 872 is to add retries to kubeadm proper and use that functionality. 873 \n This will add about 40KB to userdata \n For more information, 874 refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." 875 type: boolean 876 users: 877 description: Users specifies extra users to add 878 items: 879 description: User defines the input for a generated user in cloud-init. 880 properties: 881 gecos: 882 description: Gecos specifies the gecos to use for the user 883 type: string 884 groups: 885 description: Groups specifies the additional groups for the 886 user 887 type: string 888 homeDir: 889 description: HomeDir specifies the home directory to use for 890 the user 891 type: string 892 inactive: 893 description: Inactive specifies whether to mark the user as 894 inactive 895 type: boolean 896 lockPassword: 897 description: LockPassword specifies if password login should 898 be disabled 899 type: boolean 900 name: 901 description: Name specifies the user name 902 type: string 903 passwd: 904 description: Passwd specifies a hashed password for the user 905 type: string 906 primaryGroup: 907 description: PrimaryGroup specifies the primary group for the 908 user 909 type: string 910 shell: 911 description: Shell specifies the user's shell 912 type: string 913 sshAuthorizedKeys: 914 description: SSHAuthorizedKeys specifies a list of ssh authorized 915 keys for the user 916 items: 917 type: string 918 type: array 919 sudo: 920 description: Sudo specifies a sudo role for the user 921 type: string 922 required: 923 - name 924 type: object 925 type: array 926 verbosity: 927 description: Verbosity is the number for the kubeadm log level verbosity. 928 It overrides the `--v` flag in kubeadm commands. 929 format: int32 930 type: integer 931 type: object 932 status: 933 description: KubeadmConfigStatus defines the observed state of KubeadmConfig. 934 properties: 935 bootstrapData: 936 description: "BootstrapData will be a cloud-init script for now. \n 937 Deprecated: Switch to DataSecretName." 938 format: byte 939 type: string 940 conditions: 941 description: Conditions defines current service state of the KubeadmConfig. 942 items: 943 description: Condition defines an observation of a Cluster API resource 944 operational state. 945 properties: 946 lastTransitionTime: 947 description: Last time the condition transitioned from one status 948 to another. This should be when the underlying condition changed. 949 If that is not known, then using the time when the API field 950 changed is acceptable. 951 format: date-time 952 type: string 953 message: 954 description: A human readable message indicating details about 955 the transition. This field may be empty. 956 type: string 957 reason: 958 description: The reason for the condition's last transition 959 in CamelCase. The specific API may choose whether or not this 960 field is considered a guaranteed API. This field may not be 961 empty. 962 type: string 963 severity: 964 description: Severity provides an explicit classification of 965 Reason code, so the users or machines can immediately understand 966 the current situation and act accordingly. The Severity field 967 MUST be set only when Status=False. 968 type: string 969 status: 970 description: Status of the condition, one of True, False, Unknown. 971 type: string 972 type: 973 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 974 Many .condition.type values are consistent across resources 975 like Available, but because arbitrary conditions can be useful 976 (see .node.status.conditions), the ability to deconflict is 977 important. 978 type: string 979 required: 980 - status 981 - type 982 type: object 983 type: array 984 dataSecretName: 985 description: DataSecretName is the name of the secret that stores 986 the bootstrap data script. 987 type: string 988 failureMessage: 989 description: FailureMessage will be set on non-retryable errors 990 type: string 991 failureReason: 992 description: FailureReason will be set on non-retryable errors 993 type: string 994 observedGeneration: 995 description: ObservedGeneration is the latest generation observed 996 by the controller. 997 format: int64 998 type: integer 999 ready: 1000 description: Ready indicates the BootstrapData field is ready to be 1001 consumed 1002 type: boolean 1003 type: object 1004 type: object 1005 served: false 1006 storage: false 1007 subresources: 1008 status: {} 1009 - additionalPrinterColumns: 1010 - description: Time duration since creation of KubeadmConfig 1011 jsonPath: .metadata.creationTimestamp 1012 name: Age 1013 type: date 1014 deprecated: true 1015 name: v1alpha4 1016 schema: 1017 openAPIV3Schema: 1018 description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: 1019 This type will be removed in one of the next releases." 1020 properties: 1021 apiVersion: 1022 description: 'APIVersion defines the versioned schema of this representation 1023 of an object. Servers should convert recognized schemas to the latest 1024 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1025 type: string 1026 kind: 1027 description: 'Kind is a string value representing the REST resource this 1028 object represents. Servers may infer this from the endpoint the client 1029 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1030 type: string 1031 metadata: 1032 type: object 1033 spec: 1034 description: KubeadmConfigSpec defines the desired state of KubeadmConfig. 1035 Either ClusterConfiguration and InitConfiguration should be defined 1036 or the JoinConfiguration should be defined. 1037 properties: 1038 clusterConfiguration: 1039 description: ClusterConfiguration along with InitConfiguration are 1040 the configurations necessary for the init command 1041 properties: 1042 apiServer: 1043 description: APIServer contains extra settings for the API server 1044 control plane component 1045 properties: 1046 certSANs: 1047 description: CertSANs sets extra Subject Alternative Names 1048 for the API Server signing cert. 1049 items: 1050 type: string 1051 type: array 1052 extraArgs: 1053 additionalProperties: 1054 type: string 1055 description: 'ExtraArgs is an extra set of flags to pass to 1056 the control plane component. TODO: This is temporary and 1057 ideally we would like to switch all components to use ComponentConfig 1058 + ConfigMaps.' 1059 type: object 1060 extraVolumes: 1061 description: ExtraVolumes is an extra set of host volumes, 1062 mounted to the control plane component. 1063 items: 1064 description: HostPathMount contains elements describing 1065 volumes that are mounted from the host. 1066 properties: 1067 hostPath: 1068 description: HostPath is the path in the host that will 1069 be mounted inside the pod. 1070 type: string 1071 mountPath: 1072 description: MountPath is the path inside the pod where 1073 hostPath will be mounted. 1074 type: string 1075 name: 1076 description: Name of the volume inside the pod template. 1077 type: string 1078 pathType: 1079 description: PathType is the type of the HostPath. 1080 type: string 1081 readOnly: 1082 description: ReadOnly controls write access to the volume 1083 type: boolean 1084 required: 1085 - hostPath 1086 - mountPath 1087 - name 1088 type: object 1089 type: array 1090 timeoutForControlPlane: 1091 description: TimeoutForControlPlane controls the timeout that 1092 we use for API server to appear 1093 type: string 1094 type: object 1095 apiVersion: 1096 description: 'APIVersion defines the versioned schema of this 1097 representation of an object. Servers should convert recognized 1098 schemas to the latest internal value, and may reject unrecognized 1099 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1100 type: string 1101 certificatesDir: 1102 description: 'CertificatesDir specifies where to store or look 1103 for all required certificates. NB: if not provided, this will 1104 default to `/etc/kubernetes/pki`' 1105 type: string 1106 clusterName: 1107 description: The cluster name 1108 type: string 1109 controlPlaneEndpoint: 1110 description: 'ControlPlaneEndpoint sets a stable IP address or 1111 DNS name for the control plane; it can be a valid IP address 1112 or a RFC-1123 DNS subdomain, both with optional TCP port. In 1113 case the ControlPlaneEndpoint is not specified, the AdvertiseAddress 1114 + BindPort are used; in case the ControlPlaneEndpoint is specified 1115 but without a TCP port, the BindPort is used. Possible usages 1116 are: e.g. In a cluster with more than one control plane instances, 1117 this field should be assigned the address of the external load 1118 balancer in front of the control plane instances. e.g. in environments 1119 with enforced node recycling, the ControlPlaneEndpoint could 1120 be used for assigning a stable DNS to the control plane. NB: 1121 This value defaults to the first value in the Cluster object 1122 status.apiEndpoints array.' 1123 type: string 1124 controllerManager: 1125 description: ControllerManager contains extra settings for the 1126 controller manager control plane component 1127 properties: 1128 extraArgs: 1129 additionalProperties: 1130 type: string 1131 description: 'ExtraArgs is an extra set of flags to pass to 1132 the control plane component. TODO: This is temporary and 1133 ideally we would like to switch all components to use ComponentConfig 1134 + ConfigMaps.' 1135 type: object 1136 extraVolumes: 1137 description: ExtraVolumes is an extra set of host volumes, 1138 mounted to the control plane component. 1139 items: 1140 description: HostPathMount contains elements describing 1141 volumes that are mounted from the host. 1142 properties: 1143 hostPath: 1144 description: HostPath is the path in the host that will 1145 be mounted inside the pod. 1146 type: string 1147 mountPath: 1148 description: MountPath is the path inside the pod where 1149 hostPath will be mounted. 1150 type: string 1151 name: 1152 description: Name of the volume inside the pod template. 1153 type: string 1154 pathType: 1155 description: PathType is the type of the HostPath. 1156 type: string 1157 readOnly: 1158 description: ReadOnly controls write access to the volume 1159 type: boolean 1160 required: 1161 - hostPath 1162 - mountPath 1163 - name 1164 type: object 1165 type: array 1166 type: object 1167 dns: 1168 description: DNS defines the options for the DNS add-on installed 1169 in the cluster. 1170 properties: 1171 imageRepository: 1172 description: ImageRepository sets the container registry to 1173 pull images from. if not set, the ImageRepository defined 1174 in ClusterConfiguration will be used instead. 1175 type: string 1176 imageTag: 1177 description: ImageTag allows to specify a tag for the image. 1178 In case this value is set, kubeadm does not change automatically 1179 the version of the above components during upgrades. 1180 type: string 1181 type: object 1182 etcd: 1183 description: 'Etcd holds configuration for etcd. NB: This value 1184 defaults to a Local (stacked) etcd' 1185 properties: 1186 external: 1187 description: External describes how to connect to an external 1188 etcd cluster Local and External are mutually exclusive 1189 properties: 1190 caFile: 1191 description: CAFile is an SSL Certificate Authority file 1192 used to secure etcd communication. Required if using 1193 a TLS connection. 1194 type: string 1195 certFile: 1196 description: CertFile is an SSL certification file used 1197 to secure etcd communication. Required if using a TLS 1198 connection. 1199 type: string 1200 endpoints: 1201 description: Endpoints of etcd members. Required for ExternalEtcd. 1202 items: 1203 type: string 1204 type: array 1205 keyFile: 1206 description: KeyFile is an SSL key file used to secure 1207 etcd communication. Required if using a TLS connection. 1208 type: string 1209 required: 1210 - caFile 1211 - certFile 1212 - endpoints 1213 - keyFile 1214 type: object 1215 local: 1216 description: Local provides configuration knobs for configuring 1217 the local etcd instance Local and External are mutually 1218 exclusive 1219 properties: 1220 dataDir: 1221 description: DataDir is the directory etcd will place 1222 its data. Defaults to "/var/lib/etcd". 1223 type: string 1224 extraArgs: 1225 additionalProperties: 1226 type: string 1227 description: ExtraArgs are extra arguments provided to 1228 the etcd binary when run inside a static pod. 1229 type: object 1230 imageRepository: 1231 description: ImageRepository sets the container registry 1232 to pull images from. if not set, the ImageRepository 1233 defined in ClusterConfiguration will be used instead. 1234 type: string 1235 imageTag: 1236 description: ImageTag allows to specify a tag for the 1237 image. In case this value is set, kubeadm does not change 1238 automatically the version of the above components during 1239 upgrades. 1240 type: string 1241 peerCertSANs: 1242 description: PeerCertSANs sets extra Subject Alternative 1243 Names for the etcd peer signing cert. 1244 items: 1245 type: string 1246 type: array 1247 serverCertSANs: 1248 description: ServerCertSANs sets extra Subject Alternative 1249 Names for the etcd server signing cert. 1250 items: 1251 type: string 1252 type: array 1253 type: object 1254 type: object 1255 featureGates: 1256 additionalProperties: 1257 type: boolean 1258 description: FeatureGates enabled by the user. 1259 type: object 1260 imageRepository: 1261 description: ImageRepository sets the container registry to pull 1262 images from. If empty, `registry.k8s.io` will be used by default; 1263 in case of kubernetes version is a CI build (kubernetes version 1264 starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 1265 will be used as a default for control plane components and for 1266 kube-proxy, while `registry.k8s.io` will be used for all the 1267 other images. 1268 type: string 1269 kind: 1270 description: 'Kind is a string value representing the REST resource 1271 this object represents. Servers may infer this from the endpoint 1272 the client submits requests to. Cannot be updated. In CamelCase. 1273 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1274 type: string 1275 kubernetesVersion: 1276 description: 'KubernetesVersion is the target version of the control 1277 plane. NB: This value defaults to the Machine object spec.version' 1278 type: string 1279 networking: 1280 description: 'Networking holds configuration for the networking 1281 topology of the cluster. NB: This value defaults to the Cluster 1282 object spec.clusterNetwork.' 1283 properties: 1284 dnsDomain: 1285 description: DNSDomain is the dns domain used by k8s services. 1286 Defaults to "cluster.local". 1287 type: string 1288 podSubnet: 1289 description: PodSubnet is the subnet used by pods. If unset, 1290 the API server will not allocate CIDR ranges for every node. 1291 Defaults to a comma-delimited string of the Cluster object's 1292 spec.clusterNetwork.services.cidrBlocks if that is set 1293 type: string 1294 serviceSubnet: 1295 description: ServiceSubnet is the subnet used by k8s services. 1296 Defaults to a comma-delimited string of the Cluster object's 1297 spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" 1298 if that's unset. 1299 type: string 1300 type: object 1301 scheduler: 1302 description: Scheduler contains extra settings for the scheduler 1303 control plane component 1304 properties: 1305 extraArgs: 1306 additionalProperties: 1307 type: string 1308 description: 'ExtraArgs is an extra set of flags to pass to 1309 the control plane component. TODO: This is temporary and 1310 ideally we would like to switch all components to use ComponentConfig 1311 + ConfigMaps.' 1312 type: object 1313 extraVolumes: 1314 description: ExtraVolumes is an extra set of host volumes, 1315 mounted to the control plane component. 1316 items: 1317 description: HostPathMount contains elements describing 1318 volumes that are mounted from the host. 1319 properties: 1320 hostPath: 1321 description: HostPath is the path in the host that will 1322 be mounted inside the pod. 1323 type: string 1324 mountPath: 1325 description: MountPath is the path inside the pod where 1326 hostPath will be mounted. 1327 type: string 1328 name: 1329 description: Name of the volume inside the pod template. 1330 type: string 1331 pathType: 1332 description: PathType is the type of the HostPath. 1333 type: string 1334 readOnly: 1335 description: ReadOnly controls write access to the volume 1336 type: boolean 1337 required: 1338 - hostPath 1339 - mountPath 1340 - name 1341 type: object 1342 type: array 1343 type: object 1344 type: object 1345 diskSetup: 1346 description: DiskSetup specifies options for the creation of partition 1347 tables and file systems on devices. 1348 properties: 1349 filesystems: 1350 description: Filesystems specifies the list of file systems to 1351 setup. 1352 items: 1353 description: Filesystem defines the file systems to be created. 1354 properties: 1355 device: 1356 description: Device specifies the device name 1357 type: string 1358 extraOpts: 1359 description: ExtraOpts defined extra options to add to the 1360 command for creating the file system. 1361 items: 1362 type: string 1363 type: array 1364 filesystem: 1365 description: Filesystem specifies the file system type. 1366 type: string 1367 label: 1368 description: Label specifies the file system label to be 1369 used. If set to None, no label is used. 1370 type: string 1371 overwrite: 1372 description: Overwrite defines whether or not to overwrite 1373 any existing filesystem. If true, any pre-existing file 1374 system will be destroyed. Use with Caution. 1375 type: boolean 1376 partition: 1377 description: 'Partition specifies the partition to use. 1378 The valid options are: "auto|any", "auto", "any", "none", 1379 and <NUM>, where NUM is the actual partition number.' 1380 type: string 1381 replaceFS: 1382 description: 'ReplaceFS is a special directive, used for 1383 Microsoft Azure that instructs cloud-init to replace a 1384 file system of <FS_TYPE>. NOTE: unless you define a label, 1385 this requires the use of the ''any'' partition directive.' 1386 type: string 1387 required: 1388 - device 1389 - filesystem 1390 - label 1391 type: object 1392 type: array 1393 partitions: 1394 description: Partitions specifies the list of the partitions to 1395 setup. 1396 items: 1397 description: Partition defines how to create and layout a partition. 1398 properties: 1399 device: 1400 description: Device is the name of the device. 1401 type: string 1402 layout: 1403 description: Layout specifies the device layout. If it is 1404 true, a single partition will be created for the entire 1405 device. When layout is false, it means don't partition 1406 or ignore existing partitioning. 1407 type: boolean 1408 overwrite: 1409 description: Overwrite describes whether to skip checks 1410 and create the partition if a partition or filesystem 1411 is found on the device. Use with caution. Default is 'false'. 1412 type: boolean 1413 tableType: 1414 description: 'TableType specifies the tupe of partition 1415 table. The following are supported: ''mbr'': default and 1416 setups a MS-DOS partition table ''gpt'': setups a GPT 1417 partition table' 1418 type: string 1419 required: 1420 - device 1421 - layout 1422 type: object 1423 type: array 1424 type: object 1425 files: 1426 description: Files specifies extra files to be passed to user_data 1427 upon creation. 1428 items: 1429 description: File defines the input for generating write_files in 1430 cloud-init. 1431 properties: 1432 content: 1433 description: Content is the actual content of the file. 1434 type: string 1435 contentFrom: 1436 description: ContentFrom is a referenced source of content to 1437 populate the file. 1438 properties: 1439 secret: 1440 description: Secret represents a secret that should populate 1441 this file. 1442 properties: 1443 key: 1444 description: Key is the key in the secret's data map 1445 for this value. 1446 type: string 1447 name: 1448 description: Name of the secret in the KubeadmBootstrapConfig's 1449 namespace to use. 1450 type: string 1451 required: 1452 - key 1453 - name 1454 type: object 1455 required: 1456 - secret 1457 type: object 1458 encoding: 1459 description: Encoding specifies the encoding of the file contents. 1460 enum: 1461 - base64 1462 - gzip 1463 - gzip+base64 1464 type: string 1465 owner: 1466 description: Owner specifies the ownership of the file, e.g. 1467 "root:root". 1468 type: string 1469 path: 1470 description: Path specifies the full path on disk where to store 1471 the file. 1472 type: string 1473 permissions: 1474 description: Permissions specifies the permissions to assign 1475 to the file, e.g. "0640". 1476 type: string 1477 required: 1478 - path 1479 type: object 1480 type: array 1481 format: 1482 description: Format specifies the output format of the bootstrap data 1483 enum: 1484 - cloud-config 1485 type: string 1486 initConfiguration: 1487 description: InitConfiguration along with ClusterConfiguration are 1488 the configurations necessary for the init command 1489 properties: 1490 apiVersion: 1491 description: 'APIVersion defines the versioned schema of this 1492 representation of an object. Servers should convert recognized 1493 schemas to the latest internal value, and may reject unrecognized 1494 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1495 type: string 1496 bootstrapTokens: 1497 description: BootstrapTokens is respected at `kubeadm init` time 1498 and describes a set of Bootstrap Tokens to create. This information 1499 IS NOT uploaded to the kubeadm cluster configmap, partly because 1500 of its sensitive nature 1501 items: 1502 description: BootstrapToken describes one bootstrap token, stored 1503 as a Secret in the cluster. 1504 properties: 1505 description: 1506 description: Description sets a human-friendly message why 1507 this token exists and what it's used for, so other administrators 1508 can know its purpose. 1509 type: string 1510 expires: 1511 description: Expires specifies the timestamp when this token 1512 expires. Defaults to being set dynamically at runtime 1513 based on the TTL. Expires and TTL are mutually exclusive. 1514 format: date-time 1515 type: string 1516 groups: 1517 description: Groups specifies the extra groups that this 1518 token will authenticate as when/if used for authentication 1519 items: 1520 type: string 1521 type: array 1522 token: 1523 description: Token is used for establishing bidirectional 1524 trust between nodes and control-planes. Used for joining 1525 nodes in the cluster. 1526 type: string 1527 ttl: 1528 description: TTL defines the time to live for this token. 1529 Defaults to 24h. Expires and TTL are mutually exclusive. 1530 type: string 1531 usages: 1532 description: Usages describes the ways in which this token 1533 can be used. Can by default be used for establishing bidirectional 1534 trust, but that can be changed here. 1535 items: 1536 type: string 1537 type: array 1538 required: 1539 - token 1540 type: object 1541 type: array 1542 kind: 1543 description: 'Kind is a string value representing the REST resource 1544 this object represents. Servers may infer this from the endpoint 1545 the client submits requests to. Cannot be updated. In CamelCase. 1546 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1547 type: string 1548 localAPIEndpoint: 1549 description: LocalAPIEndpoint represents the endpoint of the API 1550 server instance that's deployed on this control plane node In 1551 HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 1552 in the sense that ControlPlaneEndpoint is the global endpoint 1553 for the cluster, which then loadbalances the requests to each 1554 individual API server. This configuration object lets you customize 1555 what IP/DNS name and port the local API server advertises it's 1556 accessible on. By default, kubeadm tries to auto-detect the 1557 IP of the default interface and use that, but in case that process 1558 fails you may set the desired value here. 1559 properties: 1560 advertiseAddress: 1561 description: AdvertiseAddress sets the IP address for the 1562 API server to advertise. 1563 type: string 1564 bindPort: 1565 description: BindPort sets the secure port for the API Server 1566 to bind to. Defaults to 6443. 1567 format: int32 1568 type: integer 1569 type: object 1570 nodeRegistration: 1571 description: NodeRegistration holds fields that relate to registering 1572 the new control-plane node to the cluster. When used in the 1573 context of control plane nodes, NodeRegistration should remain 1574 consistent across both InitConfiguration and JoinConfiguration 1575 properties: 1576 criSocket: 1577 description: CRISocket is used to retrieve container runtime 1578 info. This information will be annotated to the Node API 1579 object, for later re-use 1580 type: string 1581 ignorePreflightErrors: 1582 description: IgnorePreflightErrors provides a slice of pre-flight 1583 errors to be ignored when the current node is registered. 1584 items: 1585 type: string 1586 type: array 1587 kubeletExtraArgs: 1588 additionalProperties: 1589 type: string 1590 description: KubeletExtraArgs passes through extra arguments 1591 to the kubelet. The arguments here are passed to the kubelet 1592 command line via the environment file kubeadm writes at 1593 runtime for the kubelet to source. This overrides the generic 1594 base-level configuration in the kubelet-config-1.X ConfigMap 1595 Flags have higher priority when parsing. These values are 1596 local and specific to the node kubeadm is executing on. 1597 type: object 1598 name: 1599 description: Name is the `.Metadata.Name` field of the Node 1600 API object that will be created in this `kubeadm init` or 1601 `kubeadm join` operation. This field is also used in the 1602 CommonName field of the kubelet's client certificate to 1603 the API server. Defaults to the hostname of the node if 1604 not provided. 1605 type: string 1606 taints: 1607 description: 'Taints specifies the taints the Node API object 1608 should be registered with. If this field is unset, i.e. 1609 nil, in the `kubeadm init` process it will be defaulted 1610 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 1611 you don''t want to taint your control-plane node, set this 1612 field to an empty slice, i.e. `taints: {}` in the YAML file. 1613 This field is solely used for Node registration.' 1614 items: 1615 description: The node this Taint is attached to has the 1616 "effect" on any pod that does not tolerate the Taint. 1617 properties: 1618 effect: 1619 description: Required. The effect of the taint on pods 1620 that do not tolerate the taint. Valid effects are 1621 NoSchedule, PreferNoSchedule and NoExecute. 1622 type: string 1623 key: 1624 description: Required. The taint key to be applied to 1625 a node. 1626 type: string 1627 timeAdded: 1628 description: TimeAdded represents the time at which 1629 the taint was added. It is only written for NoExecute 1630 taints. 1631 format: date-time 1632 type: string 1633 value: 1634 description: The taint value corresponding to the taint 1635 key. 1636 type: string 1637 required: 1638 - effect 1639 - key 1640 type: object 1641 type: array 1642 type: object 1643 type: object 1644 joinConfiguration: 1645 description: JoinConfiguration is the kubeadm configuration for the 1646 join command 1647 properties: 1648 apiVersion: 1649 description: 'APIVersion defines the versioned schema of this 1650 representation of an object. Servers should convert recognized 1651 schemas to the latest internal value, and may reject unrecognized 1652 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1653 type: string 1654 caCertPath: 1655 description: 'CACertPath is the path to the SSL certificate authority 1656 used to secure comunications between node and control-plane. 1657 Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when 1658 there is defaulting from k/k' 1659 type: string 1660 controlPlane: 1661 description: ControlPlane defines the additional control plane 1662 instance to be deployed on the joining node. If nil, no additional 1663 control plane instance will be deployed. 1664 properties: 1665 localAPIEndpoint: 1666 description: LocalAPIEndpoint represents the endpoint of the 1667 API server instance to be deployed on this node. 1668 properties: 1669 advertiseAddress: 1670 description: AdvertiseAddress sets the IP address for 1671 the API server to advertise. 1672 type: string 1673 bindPort: 1674 description: BindPort sets the secure port for the API 1675 Server to bind to. Defaults to 6443. 1676 format: int32 1677 type: integer 1678 type: object 1679 type: object 1680 discovery: 1681 description: 'Discovery specifies the options for the kubelet 1682 to use during the TLS Bootstrap process TODO: revisit when there 1683 is defaulting from k/k' 1684 properties: 1685 bootstrapToken: 1686 description: BootstrapToken is used to set the options for 1687 bootstrap token based discovery BootstrapToken and File 1688 are mutually exclusive 1689 properties: 1690 apiServerEndpoint: 1691 description: APIServerEndpoint is an IP or domain name 1692 to the API server from which info will be fetched. 1693 type: string 1694 caCertHashes: 1695 description: 'CACertHashes specifies a set of public key 1696 pins to verify when token-based discovery is used. The 1697 root CA found during discovery must match one of these 1698 values. Specifying an empty set disables root CA pinning, 1699 which can be unsafe. Each hash is specified as "<type>:<value>", 1700 where the only currently supported type is "sha256". 1701 This is a hex-encoded SHA-256 hash of the Subject Public 1702 Key Info (SPKI) object in DER-encoded ASN.1. These hashes 1703 can be calculated using, for example, OpenSSL: openssl 1704 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 1705 der 2>&/dev/null | openssl dgst -sha256 -hex' 1706 items: 1707 type: string 1708 type: array 1709 token: 1710 description: Token is a token used to validate cluster 1711 information fetched from the control-plane. 1712 type: string 1713 unsafeSkipCAVerification: 1714 description: UnsafeSkipCAVerification allows token-based 1715 discovery without CA verification via CACertHashes. 1716 This can weaken the security of kubeadm since other 1717 nodes can impersonate the control-plane. 1718 type: boolean 1719 required: 1720 - token 1721 type: object 1722 file: 1723 description: File is used to specify a file or URL to a kubeconfig 1724 file from which to load cluster information BootstrapToken 1725 and File are mutually exclusive 1726 properties: 1727 kubeConfigPath: 1728 description: KubeConfigPath is used to specify the actual 1729 file path or URL to the kubeconfig file from which to 1730 load cluster information 1731 type: string 1732 required: 1733 - kubeConfigPath 1734 type: object 1735 timeout: 1736 description: Timeout modifies the discovery timeout 1737 type: string 1738 tlsBootstrapToken: 1739 description: TLSBootstrapToken is a token used for TLS bootstrapping. 1740 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, 1741 but can be overridden. If .File is set, this field **must 1742 be set** in case the KubeConfigFile does not contain any 1743 other authentication information 1744 type: string 1745 type: object 1746 kind: 1747 description: 'Kind is a string value representing the REST resource 1748 this object represents. Servers may infer this from the endpoint 1749 the client submits requests to. Cannot be updated. In CamelCase. 1750 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1751 type: string 1752 nodeRegistration: 1753 description: NodeRegistration holds fields that relate to registering 1754 the new control-plane node to the cluster. When used in the 1755 context of control plane nodes, NodeRegistration should remain 1756 consistent across both InitConfiguration and JoinConfiguration 1757 properties: 1758 criSocket: 1759 description: CRISocket is used to retrieve container runtime 1760 info. This information will be annotated to the Node API 1761 object, for later re-use 1762 type: string 1763 ignorePreflightErrors: 1764 description: IgnorePreflightErrors provides a slice of pre-flight 1765 errors to be ignored when the current node is registered. 1766 items: 1767 type: string 1768 type: array 1769 kubeletExtraArgs: 1770 additionalProperties: 1771 type: string 1772 description: KubeletExtraArgs passes through extra arguments 1773 to the kubelet. The arguments here are passed to the kubelet 1774 command line via the environment file kubeadm writes at 1775 runtime for the kubelet to source. This overrides the generic 1776 base-level configuration in the kubelet-config-1.X ConfigMap 1777 Flags have higher priority when parsing. These values are 1778 local and specific to the node kubeadm is executing on. 1779 type: object 1780 name: 1781 description: Name is the `.Metadata.Name` field of the Node 1782 API object that will be created in this `kubeadm init` or 1783 `kubeadm join` operation. This field is also used in the 1784 CommonName field of the kubelet's client certificate to 1785 the API server. Defaults to the hostname of the node if 1786 not provided. 1787 type: string 1788 taints: 1789 description: 'Taints specifies the taints the Node API object 1790 should be registered with. If this field is unset, i.e. 1791 nil, in the `kubeadm init` process it will be defaulted 1792 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 1793 you don''t want to taint your control-plane node, set this 1794 field to an empty slice, i.e. `taints: {}` in the YAML file. 1795 This field is solely used for Node registration.' 1796 items: 1797 description: The node this Taint is attached to has the 1798 "effect" on any pod that does not tolerate the Taint. 1799 properties: 1800 effect: 1801 description: Required. The effect of the taint on pods 1802 that do not tolerate the taint. Valid effects are 1803 NoSchedule, PreferNoSchedule and NoExecute. 1804 type: string 1805 key: 1806 description: Required. The taint key to be applied to 1807 a node. 1808 type: string 1809 timeAdded: 1810 description: TimeAdded represents the time at which 1811 the taint was added. It is only written for NoExecute 1812 taints. 1813 format: date-time 1814 type: string 1815 value: 1816 description: The taint value corresponding to the taint 1817 key. 1818 type: string 1819 required: 1820 - effect 1821 - key 1822 type: object 1823 type: array 1824 type: object 1825 type: object 1826 mounts: 1827 description: Mounts specifies a list of mount points to be setup. 1828 items: 1829 description: MountPoints defines input for generated mounts in cloud-init. 1830 items: 1831 type: string 1832 type: array 1833 type: array 1834 ntp: 1835 description: NTP specifies NTP configuration 1836 properties: 1837 enabled: 1838 description: Enabled specifies whether NTP should be enabled 1839 type: boolean 1840 servers: 1841 description: Servers specifies which NTP servers to use 1842 items: 1843 type: string 1844 type: array 1845 type: object 1846 postKubeadmCommands: 1847 description: PostKubeadmCommands specifies extra commands to run after 1848 kubeadm runs 1849 items: 1850 type: string 1851 type: array 1852 preKubeadmCommands: 1853 description: PreKubeadmCommands specifies extra commands to run before 1854 kubeadm runs 1855 items: 1856 type: string 1857 type: array 1858 useExperimentalRetryJoin: 1859 description: "UseExperimentalRetryJoin replaces a basic kubeadm command 1860 with a shell script with retries for joins. \n This is meant to 1861 be an experimental temporary workaround on some environments where 1862 joins fail due to timing (and other issues). The long term goal 1863 is to add retries to kubeadm proper and use that functionality. 1864 \n This will add about 40KB to userdata \n For more information, 1865 refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." 1866 type: boolean 1867 users: 1868 description: Users specifies extra users to add 1869 items: 1870 description: User defines the input for a generated user in cloud-init. 1871 properties: 1872 gecos: 1873 description: Gecos specifies the gecos to use for the user 1874 type: string 1875 groups: 1876 description: Groups specifies the additional groups for the 1877 user 1878 type: string 1879 homeDir: 1880 description: HomeDir specifies the home directory to use for 1881 the user 1882 type: string 1883 inactive: 1884 description: Inactive specifies whether to mark the user as 1885 inactive 1886 type: boolean 1887 lockPassword: 1888 description: LockPassword specifies if password login should 1889 be disabled 1890 type: boolean 1891 name: 1892 description: Name specifies the user name 1893 type: string 1894 passwd: 1895 description: Passwd specifies a hashed password for the user 1896 type: string 1897 primaryGroup: 1898 description: PrimaryGroup specifies the primary group for the 1899 user 1900 type: string 1901 shell: 1902 description: Shell specifies the user's shell 1903 type: string 1904 sshAuthorizedKeys: 1905 description: SSHAuthorizedKeys specifies a list of ssh authorized 1906 keys for the user 1907 items: 1908 type: string 1909 type: array 1910 sudo: 1911 description: Sudo specifies a sudo role for the user 1912 type: string 1913 required: 1914 - name 1915 type: object 1916 type: array 1917 verbosity: 1918 description: Verbosity is the number for the kubeadm log level verbosity. 1919 It overrides the `--v` flag in kubeadm commands. 1920 format: int32 1921 type: integer 1922 type: object 1923 status: 1924 description: KubeadmConfigStatus defines the observed state of KubeadmConfig. 1925 properties: 1926 conditions: 1927 description: Conditions defines current service state of the KubeadmConfig. 1928 items: 1929 description: Condition defines an observation of a Cluster API resource 1930 operational state. 1931 properties: 1932 lastTransitionTime: 1933 description: Last time the condition transitioned from one status 1934 to another. This should be when the underlying condition changed. 1935 If that is not known, then using the time when the API field 1936 changed is acceptable. 1937 format: date-time 1938 type: string 1939 message: 1940 description: A human readable message indicating details about 1941 the transition. This field may be empty. 1942 type: string 1943 reason: 1944 description: The reason for the condition's last transition 1945 in CamelCase. The specific API may choose whether or not this 1946 field is considered a guaranteed API. This field may not be 1947 empty. 1948 type: string 1949 severity: 1950 description: Severity provides an explicit classification of 1951 Reason code, so the users or machines can immediately understand 1952 the current situation and act accordingly. The Severity field 1953 MUST be set only when Status=False. 1954 type: string 1955 status: 1956 description: Status of the condition, one of True, False, Unknown. 1957 type: string 1958 type: 1959 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1960 Many .condition.type values are consistent across resources 1961 like Available, but because arbitrary conditions can be useful 1962 (see .node.status.conditions), the ability to deconflict is 1963 important. 1964 type: string 1965 required: 1966 - status 1967 - type 1968 type: object 1969 type: array 1970 dataSecretName: 1971 description: DataSecretName is the name of the secret that stores 1972 the bootstrap data script. 1973 type: string 1974 failureMessage: 1975 description: FailureMessage will be set on non-retryable errors 1976 type: string 1977 failureReason: 1978 description: FailureReason will be set on non-retryable errors 1979 type: string 1980 observedGeneration: 1981 description: ObservedGeneration is the latest generation observed 1982 by the controller. 1983 format: int64 1984 type: integer 1985 ready: 1986 description: Ready indicates the BootstrapData field is ready to be 1987 consumed 1988 type: boolean 1989 type: object 1990 type: object 1991 served: false 1992 storage: false 1993 subresources: 1994 status: {} 1995 - additionalPrinterColumns: 1996 - description: Cluster 1997 jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] 1998 name: Cluster 1999 type: string 2000 - description: Time duration since creation of KubeadmConfig 2001 jsonPath: .metadata.creationTimestamp 2002 name: Age 2003 type: date 2004 name: v1beta1 2005 schema: 2006 openAPIV3Schema: 2007 description: KubeadmConfig is the Schema for the kubeadmconfigs API. 2008 properties: 2009 apiVersion: 2010 description: 'APIVersion defines the versioned schema of this representation 2011 of an object. Servers should convert recognized schemas to the latest 2012 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2013 type: string 2014 kind: 2015 description: 'Kind is a string value representing the REST resource this 2016 object represents. Servers may infer this from the endpoint the client 2017 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2018 type: string 2019 metadata: 2020 type: object 2021 spec: 2022 description: KubeadmConfigSpec defines the desired state of KubeadmConfig. 2023 Either ClusterConfiguration and InitConfiguration should be defined 2024 or the JoinConfiguration should be defined. 2025 properties: 2026 clusterConfiguration: 2027 description: ClusterConfiguration along with InitConfiguration are 2028 the configurations necessary for the init command 2029 properties: 2030 apiServer: 2031 description: APIServer contains extra settings for the API server 2032 control plane component 2033 properties: 2034 certSANs: 2035 description: CertSANs sets extra Subject Alternative Names 2036 for the API Server signing cert. 2037 items: 2038 type: string 2039 type: array 2040 extraArgs: 2041 additionalProperties: 2042 type: string 2043 description: 'ExtraArgs is an extra set of flags to pass to 2044 the control plane component. TODO: This is temporary and 2045 ideally we would like to switch all components to use ComponentConfig 2046 + ConfigMaps.' 2047 type: object 2048 extraVolumes: 2049 description: ExtraVolumes is an extra set of host volumes, 2050 mounted to the control plane component. 2051 items: 2052 description: HostPathMount contains elements describing 2053 volumes that are mounted from the host. 2054 properties: 2055 hostPath: 2056 description: HostPath is the path in the host that will 2057 be mounted inside the pod. 2058 type: string 2059 mountPath: 2060 description: MountPath is the path inside the pod where 2061 hostPath will be mounted. 2062 type: string 2063 name: 2064 description: Name of the volume inside the pod template. 2065 type: string 2066 pathType: 2067 description: PathType is the type of the HostPath. 2068 type: string 2069 readOnly: 2070 description: ReadOnly controls write access to the volume 2071 type: boolean 2072 required: 2073 - hostPath 2074 - mountPath 2075 - name 2076 type: object 2077 type: array 2078 timeoutForControlPlane: 2079 description: TimeoutForControlPlane controls the timeout that 2080 we use for API server to appear 2081 type: string 2082 type: object 2083 apiVersion: 2084 description: 'APIVersion defines the versioned schema of this 2085 representation of an object. Servers should convert recognized 2086 schemas to the latest internal value, and may reject unrecognized 2087 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2088 type: string 2089 certificatesDir: 2090 description: 'CertificatesDir specifies where to store or look 2091 for all required certificates. NB: if not provided, this will 2092 default to `/etc/kubernetes/pki`' 2093 type: string 2094 clusterName: 2095 description: The cluster name 2096 type: string 2097 controlPlaneEndpoint: 2098 description: 'ControlPlaneEndpoint sets a stable IP address or 2099 DNS name for the control plane; it can be a valid IP address 2100 or a RFC-1123 DNS subdomain, both with optional TCP port. In 2101 case the ControlPlaneEndpoint is not specified, the AdvertiseAddress 2102 + BindPort are used; in case the ControlPlaneEndpoint is specified 2103 but without a TCP port, the BindPort is used. Possible usages 2104 are: e.g. In a cluster with more than one control plane instances, 2105 this field should be assigned the address of the external load 2106 balancer in front of the control plane instances. e.g. in environments 2107 with enforced node recycling, the ControlPlaneEndpoint could 2108 be used for assigning a stable DNS to the control plane. NB: 2109 This value defaults to the first value in the Cluster object 2110 status.apiEndpoints array.' 2111 type: string 2112 controllerManager: 2113 description: ControllerManager contains extra settings for the 2114 controller manager control plane component 2115 properties: 2116 extraArgs: 2117 additionalProperties: 2118 type: string 2119 description: 'ExtraArgs is an extra set of flags to pass to 2120 the control plane component. TODO: This is temporary and 2121 ideally we would like to switch all components to use ComponentConfig 2122 + ConfigMaps.' 2123 type: object 2124 extraVolumes: 2125 description: ExtraVolumes is an extra set of host volumes, 2126 mounted to the control plane component. 2127 items: 2128 description: HostPathMount contains elements describing 2129 volumes that are mounted from the host. 2130 properties: 2131 hostPath: 2132 description: HostPath is the path in the host that will 2133 be mounted inside the pod. 2134 type: string 2135 mountPath: 2136 description: MountPath is the path inside the pod where 2137 hostPath will be mounted. 2138 type: string 2139 name: 2140 description: Name of the volume inside the pod template. 2141 type: string 2142 pathType: 2143 description: PathType is the type of the HostPath. 2144 type: string 2145 readOnly: 2146 description: ReadOnly controls write access to the volume 2147 type: boolean 2148 required: 2149 - hostPath 2150 - mountPath 2151 - name 2152 type: object 2153 type: array 2154 type: object 2155 dns: 2156 description: DNS defines the options for the DNS add-on installed 2157 in the cluster. 2158 properties: 2159 imageRepository: 2160 description: ImageRepository sets the container registry to 2161 pull images from. if not set, the ImageRepository defined 2162 in ClusterConfiguration will be used instead. 2163 type: string 2164 imageTag: 2165 description: ImageTag allows to specify a tag for the image. 2166 In case this value is set, kubeadm does not change automatically 2167 the version of the above components during upgrades. 2168 type: string 2169 type: object 2170 etcd: 2171 description: 'Etcd holds configuration for etcd. NB: This value 2172 defaults to a Local (stacked) etcd' 2173 properties: 2174 external: 2175 description: External describes how to connect to an external 2176 etcd cluster Local and External are mutually exclusive 2177 properties: 2178 caFile: 2179 description: CAFile is an SSL Certificate Authority file 2180 used to secure etcd communication. Required if using 2181 a TLS connection. 2182 type: string 2183 certFile: 2184 description: CertFile is an SSL certification file used 2185 to secure etcd communication. Required if using a TLS 2186 connection. 2187 type: string 2188 endpoints: 2189 description: Endpoints of etcd members. Required for ExternalEtcd. 2190 items: 2191 type: string 2192 type: array 2193 keyFile: 2194 description: KeyFile is an SSL key file used to secure 2195 etcd communication. Required if using a TLS connection. 2196 type: string 2197 required: 2198 - caFile 2199 - certFile 2200 - endpoints 2201 - keyFile 2202 type: object 2203 local: 2204 description: Local provides configuration knobs for configuring 2205 the local etcd instance Local and External are mutually 2206 exclusive 2207 properties: 2208 dataDir: 2209 description: DataDir is the directory etcd will place 2210 its data. Defaults to "/var/lib/etcd". 2211 type: string 2212 extraArgs: 2213 additionalProperties: 2214 type: string 2215 description: ExtraArgs are extra arguments provided to 2216 the etcd binary when run inside a static pod. 2217 type: object 2218 imageRepository: 2219 description: ImageRepository sets the container registry 2220 to pull images from. if not set, the ImageRepository 2221 defined in ClusterConfiguration will be used instead. 2222 type: string 2223 imageTag: 2224 description: ImageTag allows to specify a tag for the 2225 image. In case this value is set, kubeadm does not change 2226 automatically the version of the above components during 2227 upgrades. 2228 type: string 2229 peerCertSANs: 2230 description: PeerCertSANs sets extra Subject Alternative 2231 Names for the etcd peer signing cert. 2232 items: 2233 type: string 2234 type: array 2235 serverCertSANs: 2236 description: ServerCertSANs sets extra Subject Alternative 2237 Names for the etcd server signing cert. 2238 items: 2239 type: string 2240 type: array 2241 type: object 2242 type: object 2243 featureGates: 2244 additionalProperties: 2245 type: boolean 2246 description: FeatureGates enabled by the user. 2247 type: object 2248 imageRepository: 2249 description: 'ImageRepository sets the container registry to pull 2250 images from. * If not set, the default registry of kubeadm will 2251 be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, 2252 >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): 2253 all older versions Please note that when imageRepository is 2254 not set we don''t allow upgrades to versions >= v1.22.0 which 2255 use the old registry (k8s.gcr.io). Please use a newer patch 2256 version with the new registry instead (i.e. >= v1.22.17, >= 2257 v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI 2258 build (kubernetes version starts with `ci/` or `ci-cross/`) 2259 `gcr.io/k8s-staging-ci-images` will be used as a default for 2260 control plane components and for kube-proxy, while `registry.k8s.io` 2261 will be used for all the other images.' 2262 type: string 2263 kind: 2264 description: 'Kind is a string value representing the REST resource 2265 this object represents. Servers may infer this from the endpoint 2266 the client submits requests to. Cannot be updated. In CamelCase. 2267 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2268 type: string 2269 kubernetesVersion: 2270 description: 'KubernetesVersion is the target version of the control 2271 plane. NB: This value defaults to the Machine object spec.version' 2272 type: string 2273 networking: 2274 description: 'Networking holds configuration for the networking 2275 topology of the cluster. NB: This value defaults to the Cluster 2276 object spec.clusterNetwork.' 2277 properties: 2278 dnsDomain: 2279 description: DNSDomain is the dns domain used by k8s services. 2280 Defaults to "cluster.local". 2281 type: string 2282 podSubnet: 2283 description: PodSubnet is the subnet used by pods. If unset, 2284 the API server will not allocate CIDR ranges for every node. 2285 Defaults to a comma-delimited string of the Cluster object's 2286 spec.clusterNetwork.services.cidrBlocks if that is set 2287 type: string 2288 serviceSubnet: 2289 description: ServiceSubnet is the subnet used by k8s services. 2290 Defaults to a comma-delimited string of the Cluster object's 2291 spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" 2292 if that's unset. 2293 type: string 2294 type: object 2295 scheduler: 2296 description: Scheduler contains extra settings for the scheduler 2297 control plane component 2298 properties: 2299 extraArgs: 2300 additionalProperties: 2301 type: string 2302 description: 'ExtraArgs is an extra set of flags to pass to 2303 the control plane component. TODO: This is temporary and 2304 ideally we would like to switch all components to use ComponentConfig 2305 + ConfigMaps.' 2306 type: object 2307 extraVolumes: 2308 description: ExtraVolumes is an extra set of host volumes, 2309 mounted to the control plane component. 2310 items: 2311 description: HostPathMount contains elements describing 2312 volumes that are mounted from the host. 2313 properties: 2314 hostPath: 2315 description: HostPath is the path in the host that will 2316 be mounted inside the pod. 2317 type: string 2318 mountPath: 2319 description: MountPath is the path inside the pod where 2320 hostPath will be mounted. 2321 type: string 2322 name: 2323 description: Name of the volume inside the pod template. 2324 type: string 2325 pathType: 2326 description: PathType is the type of the HostPath. 2327 type: string 2328 readOnly: 2329 description: ReadOnly controls write access to the volume 2330 type: boolean 2331 required: 2332 - hostPath 2333 - mountPath 2334 - name 2335 type: object 2336 type: array 2337 type: object 2338 type: object 2339 diskSetup: 2340 description: DiskSetup specifies options for the creation of partition 2341 tables and file systems on devices. 2342 properties: 2343 filesystems: 2344 description: Filesystems specifies the list of file systems to 2345 setup. 2346 items: 2347 description: Filesystem defines the file systems to be created. 2348 properties: 2349 device: 2350 description: Device specifies the device name 2351 type: string 2352 extraOpts: 2353 description: ExtraOpts defined extra options to add to the 2354 command for creating the file system. 2355 items: 2356 type: string 2357 type: array 2358 filesystem: 2359 description: Filesystem specifies the file system type. 2360 type: string 2361 label: 2362 description: Label specifies the file system label to be 2363 used. If set to None, no label is used. 2364 type: string 2365 overwrite: 2366 description: Overwrite defines whether or not to overwrite 2367 any existing filesystem. If true, any pre-existing file 2368 system will be destroyed. Use with Caution. 2369 type: boolean 2370 partition: 2371 description: 'Partition specifies the partition to use. 2372 The valid options are: "auto|any", "auto", "any", "none", 2373 and <NUM>, where NUM is the actual partition number.' 2374 type: string 2375 replaceFS: 2376 description: 'ReplaceFS is a special directive, used for 2377 Microsoft Azure that instructs cloud-init to replace a 2378 file system of <FS_TYPE>. NOTE: unless you define a label, 2379 this requires the use of the ''any'' partition directive.' 2380 type: string 2381 required: 2382 - device 2383 - filesystem 2384 - label 2385 type: object 2386 type: array 2387 partitions: 2388 description: Partitions specifies the list of the partitions to 2389 setup. 2390 items: 2391 description: Partition defines how to create and layout a partition. 2392 properties: 2393 device: 2394 description: Device is the name of the device. 2395 type: string 2396 layout: 2397 description: Layout specifies the device layout. If it is 2398 true, a single partition will be created for the entire 2399 device. When layout is false, it means don't partition 2400 or ignore existing partitioning. 2401 type: boolean 2402 overwrite: 2403 description: Overwrite describes whether to skip checks 2404 and create the partition if a partition or filesystem 2405 is found on the device. Use with caution. Default is 'false'. 2406 type: boolean 2407 tableType: 2408 description: 'TableType specifies the tupe of partition 2409 table. The following are supported: ''mbr'': default and 2410 setups a MS-DOS partition table ''gpt'': setups a GPT 2411 partition table' 2412 type: string 2413 required: 2414 - device 2415 - layout 2416 type: object 2417 type: array 2418 type: object 2419 files: 2420 description: Files specifies extra files to be passed to user_data 2421 upon creation. 2422 items: 2423 description: File defines the input for generating write_files in 2424 cloud-init. 2425 properties: 2426 append: 2427 description: Append specifies whether to append Content to existing 2428 file if Path exists. 2429 type: boolean 2430 content: 2431 description: Content is the actual content of the file. 2432 type: string 2433 contentFrom: 2434 description: ContentFrom is a referenced source of content to 2435 populate the file. 2436 properties: 2437 secret: 2438 description: Secret represents a secret that should populate 2439 this file. 2440 properties: 2441 key: 2442 description: Key is the key in the secret's data map 2443 for this value. 2444 type: string 2445 name: 2446 description: Name of the secret in the KubeadmBootstrapConfig's 2447 namespace to use. 2448 type: string 2449 required: 2450 - key 2451 - name 2452 type: object 2453 required: 2454 - secret 2455 type: object 2456 encoding: 2457 description: Encoding specifies the encoding of the file contents. 2458 enum: 2459 - base64 2460 - gzip 2461 - gzip+base64 2462 type: string 2463 owner: 2464 description: Owner specifies the ownership of the file, e.g. 2465 "root:root". 2466 type: string 2467 path: 2468 description: Path specifies the full path on disk where to store 2469 the file. 2470 type: string 2471 permissions: 2472 description: Permissions specifies the permissions to assign 2473 to the file, e.g. "0640". 2474 type: string 2475 required: 2476 - path 2477 type: object 2478 type: array 2479 format: 2480 description: Format specifies the output format of the bootstrap data 2481 enum: 2482 - cloud-config 2483 - ignition 2484 type: string 2485 ignition: 2486 description: Ignition contains Ignition specific configuration. 2487 properties: 2488 containerLinuxConfig: 2489 description: ContainerLinuxConfig contains CLC specific configuration. 2490 properties: 2491 additionalConfig: 2492 description: "AdditionalConfig contains additional configuration 2493 to be merged with the Ignition configuration generated by 2494 the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging 2495 \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" 2496 type: string 2497 strict: 2498 description: Strict controls if AdditionalConfig should be 2499 strictly parsed. If so, warnings are treated as errors. 2500 type: boolean 2501 type: object 2502 type: object 2503 initConfiguration: 2504 description: InitConfiguration along with ClusterConfiguration are 2505 the configurations necessary for the init command 2506 properties: 2507 apiVersion: 2508 description: 'APIVersion defines the versioned schema of this 2509 representation of an object. Servers should convert recognized 2510 schemas to the latest internal value, and may reject unrecognized 2511 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2512 type: string 2513 bootstrapTokens: 2514 description: BootstrapTokens is respected at `kubeadm init` time 2515 and describes a set of Bootstrap Tokens to create. This information 2516 IS NOT uploaded to the kubeadm cluster configmap, partly because 2517 of its sensitive nature 2518 items: 2519 description: BootstrapToken describes one bootstrap token, stored 2520 as a Secret in the cluster. 2521 properties: 2522 description: 2523 description: Description sets a human-friendly message why 2524 this token exists and what it's used for, so other administrators 2525 can know its purpose. 2526 type: string 2527 expires: 2528 description: Expires specifies the timestamp when this token 2529 expires. Defaults to being set dynamically at runtime 2530 based on the TTL. Expires and TTL are mutually exclusive. 2531 format: date-time 2532 type: string 2533 groups: 2534 description: Groups specifies the extra groups that this 2535 token will authenticate as when/if used for authentication 2536 items: 2537 type: string 2538 type: array 2539 token: 2540 description: Token is used for establishing bidirectional 2541 trust between nodes and control-planes. Used for joining 2542 nodes in the cluster. 2543 type: string 2544 ttl: 2545 description: TTL defines the time to live for this token. 2546 Defaults to 24h. Expires and TTL are mutually exclusive. 2547 type: string 2548 usages: 2549 description: Usages describes the ways in which this token 2550 can be used. Can by default be used for establishing bidirectional 2551 trust, but that can be changed here. 2552 items: 2553 type: string 2554 type: array 2555 required: 2556 - token 2557 type: object 2558 type: array 2559 kind: 2560 description: 'Kind is a string value representing the REST resource 2561 this object represents. Servers may infer this from the endpoint 2562 the client submits requests to. Cannot be updated. In CamelCase. 2563 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2564 type: string 2565 localAPIEndpoint: 2566 description: LocalAPIEndpoint represents the endpoint of the API 2567 server instance that's deployed on this control plane node In 2568 HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 2569 in the sense that ControlPlaneEndpoint is the global endpoint 2570 for the cluster, which then loadbalances the requests to each 2571 individual API server. This configuration object lets you customize 2572 what IP/DNS name and port the local API server advertises it's 2573 accessible on. By default, kubeadm tries to auto-detect the 2574 IP of the default interface and use that, but in case that process 2575 fails you may set the desired value here. 2576 properties: 2577 advertiseAddress: 2578 description: AdvertiseAddress sets the IP address for the 2579 API server to advertise. 2580 type: string 2581 bindPort: 2582 description: BindPort sets the secure port for the API Server 2583 to bind to. Defaults to 6443. 2584 format: int32 2585 type: integer 2586 type: object 2587 nodeRegistration: 2588 description: NodeRegistration holds fields that relate to registering 2589 the new control-plane node to the cluster. When used in the 2590 context of control plane nodes, NodeRegistration should remain 2591 consistent across both InitConfiguration and JoinConfiguration 2592 properties: 2593 criSocket: 2594 description: CRISocket is used to retrieve container runtime 2595 info. This information will be annotated to the Node API 2596 object, for later re-use 2597 type: string 2598 ignorePreflightErrors: 2599 description: IgnorePreflightErrors provides a slice of pre-flight 2600 errors to be ignored when the current node is registered. 2601 items: 2602 type: string 2603 type: array 2604 imagePullPolicy: 2605 description: ImagePullPolicy specifies the policy for image 2606 pulling during kubeadm "init" and "join" operations. The 2607 value of this field must be one of "Always", "IfNotPresent" 2608 or "Never". Defaults to "IfNotPresent". This can be used 2609 only with Kubernetes version equal to 1.22 and later. 2610 enum: 2611 - Always 2612 - IfNotPresent 2613 - Never 2614 type: string 2615 kubeletExtraArgs: 2616 additionalProperties: 2617 type: string 2618 description: KubeletExtraArgs passes through extra arguments 2619 to the kubelet. The arguments here are passed to the kubelet 2620 command line via the environment file kubeadm writes at 2621 runtime for the kubelet to source. This overrides the generic 2622 base-level configuration in the kubelet-config-1.X ConfigMap 2623 Flags have higher priority when parsing. These values are 2624 local and specific to the node kubeadm is executing on. 2625 type: object 2626 name: 2627 description: Name is the `.Metadata.Name` field of the Node 2628 API object that will be created in this `kubeadm init` or 2629 `kubeadm join` operation. This field is also used in the 2630 CommonName field of the kubelet's client certificate to 2631 the API server. Defaults to the hostname of the node if 2632 not provided. 2633 type: string 2634 taints: 2635 description: 'Taints specifies the taints the Node API object 2636 should be registered with. If this field is unset, i.e. 2637 nil, in the `kubeadm init` process it will be defaulted 2638 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 2639 you don''t want to taint your control-plane node, set this 2640 field to an empty slice, i.e. `taints: []` in the YAML file. 2641 This field is solely used for Node registration.' 2642 items: 2643 description: The node this Taint is attached to has the 2644 "effect" on any pod that does not tolerate the Taint. 2645 properties: 2646 effect: 2647 description: Required. The effect of the taint on pods 2648 that do not tolerate the taint. Valid effects are 2649 NoSchedule, PreferNoSchedule and NoExecute. 2650 type: string 2651 key: 2652 description: Required. The taint key to be applied to 2653 a node. 2654 type: string 2655 timeAdded: 2656 description: TimeAdded represents the time at which 2657 the taint was added. It is only written for NoExecute 2658 taints. 2659 format: date-time 2660 type: string 2661 value: 2662 description: The taint value corresponding to the taint 2663 key. 2664 type: string 2665 required: 2666 - effect 2667 - key 2668 type: object 2669 type: array 2670 type: object 2671 patches: 2672 description: Patches contains options related to applying patches 2673 to components deployed by kubeadm during "kubeadm init". The 2674 minimum kubernetes version needed to support Patches is v1.22 2675 properties: 2676 directory: 2677 description: Directory is a path to a directory that contains 2678 files named "target[suffix][+patchtype].extension". For 2679 example, "kube-apiserver0+merge.yaml" or just "etcd.json". 2680 "target" can be one of "kube-apiserver", "kube-controller-manager", 2681 "kube-scheduler", "etcd". "patchtype" can be one of "strategic" 2682 "merge" or "json" and they match the patch formats supported 2683 by kubectl. The default "patchtype" is "strategic". "extension" 2684 must be either "json" or "yaml". "suffix" is an optional 2685 string that can be used to determine which patches are applied 2686 first alpha-numerically. These files can be written into 2687 the target directory via KubeadmConfig.Files which specifies 2688 additional files to be created on the machine, either with 2689 content inline or by referencing a secret. 2690 type: string 2691 type: object 2692 skipPhases: 2693 description: SkipPhases is a list of phases to skip during command 2694 execution. The list of phases can be obtained with the "kubeadm 2695 init --help" command. This option takes effect only on Kubernetes 2696 >=1.22.0. 2697 items: 2698 type: string 2699 type: array 2700 type: object 2701 joinConfiguration: 2702 description: JoinConfiguration is the kubeadm configuration for the 2703 join command 2704 properties: 2705 apiVersion: 2706 description: 'APIVersion defines the versioned schema of this 2707 representation of an object. Servers should convert recognized 2708 schemas to the latest internal value, and may reject unrecognized 2709 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2710 type: string 2711 caCertPath: 2712 description: 'CACertPath is the path to the SSL certificate authority 2713 used to secure comunications between node and control-plane. 2714 Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when 2715 there is defaulting from k/k' 2716 type: string 2717 controlPlane: 2718 description: ControlPlane defines the additional control plane 2719 instance to be deployed on the joining node. If nil, no additional 2720 control plane instance will be deployed. 2721 properties: 2722 localAPIEndpoint: 2723 description: LocalAPIEndpoint represents the endpoint of the 2724 API server instance to be deployed on this node. 2725 properties: 2726 advertiseAddress: 2727 description: AdvertiseAddress sets the IP address for 2728 the API server to advertise. 2729 type: string 2730 bindPort: 2731 description: BindPort sets the secure port for the API 2732 Server to bind to. Defaults to 6443. 2733 format: int32 2734 type: integer 2735 type: object 2736 type: object 2737 discovery: 2738 description: 'Discovery specifies the options for the kubelet 2739 to use during the TLS Bootstrap process TODO: revisit when there 2740 is defaulting from k/k' 2741 properties: 2742 bootstrapToken: 2743 description: BootstrapToken is used to set the options for 2744 bootstrap token based discovery BootstrapToken and File 2745 are mutually exclusive 2746 properties: 2747 apiServerEndpoint: 2748 description: APIServerEndpoint is an IP or domain name 2749 to the API server from which info will be fetched. 2750 type: string 2751 caCertHashes: 2752 description: 'CACertHashes specifies a set of public key 2753 pins to verify when token-based discovery is used. The 2754 root CA found during discovery must match one of these 2755 values. Specifying an empty set disables root CA pinning, 2756 which can be unsafe. Each hash is specified as "<type>:<value>", 2757 where the only currently supported type is "sha256". 2758 This is a hex-encoded SHA-256 hash of the Subject Public 2759 Key Info (SPKI) object in DER-encoded ASN.1. These hashes 2760 can be calculated using, for example, OpenSSL: openssl 2761 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 2762 der 2>&/dev/null | openssl dgst -sha256 -hex' 2763 items: 2764 type: string 2765 type: array 2766 token: 2767 description: Token is a token used to validate cluster 2768 information fetched from the control-plane. 2769 type: string 2770 unsafeSkipCAVerification: 2771 description: UnsafeSkipCAVerification allows token-based 2772 discovery without CA verification via CACertHashes. 2773 This can weaken the security of kubeadm since other 2774 nodes can impersonate the control-plane. 2775 type: boolean 2776 required: 2777 - token 2778 type: object 2779 file: 2780 description: File is used to specify a file or URL to a kubeconfig 2781 file from which to load cluster information BootstrapToken 2782 and File are mutually exclusive 2783 properties: 2784 kubeConfigPath: 2785 description: KubeConfigPath is used to specify the actual 2786 file path or URL to the kubeconfig file from which to 2787 load cluster information 2788 type: string 2789 required: 2790 - kubeConfigPath 2791 type: object 2792 timeout: 2793 description: Timeout modifies the discovery timeout 2794 type: string 2795 tlsBootstrapToken: 2796 description: TLSBootstrapToken is a token used for TLS bootstrapping. 2797 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, 2798 but can be overridden. If .File is set, this field **must 2799 be set** in case the KubeConfigFile does not contain any 2800 other authentication information 2801 type: string 2802 type: object 2803 kind: 2804 description: 'Kind is a string value representing the REST resource 2805 this object represents. Servers may infer this from the endpoint 2806 the client submits requests to. Cannot be updated. In CamelCase. 2807 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2808 type: string 2809 nodeRegistration: 2810 description: NodeRegistration holds fields that relate to registering 2811 the new control-plane node to the cluster. When used in the 2812 context of control plane nodes, NodeRegistration should remain 2813 consistent across both InitConfiguration and JoinConfiguration 2814 properties: 2815 criSocket: 2816 description: CRISocket is used to retrieve container runtime 2817 info. This information will be annotated to the Node API 2818 object, for later re-use 2819 type: string 2820 ignorePreflightErrors: 2821 description: IgnorePreflightErrors provides a slice of pre-flight 2822 errors to be ignored when the current node is registered. 2823 items: 2824 type: string 2825 type: array 2826 imagePullPolicy: 2827 description: ImagePullPolicy specifies the policy for image 2828 pulling during kubeadm "init" and "join" operations. The 2829 value of this field must be one of "Always", "IfNotPresent" 2830 or "Never". Defaults to "IfNotPresent". This can be used 2831 only with Kubernetes version equal to 1.22 and later. 2832 enum: 2833 - Always 2834 - IfNotPresent 2835 - Never 2836 type: string 2837 kubeletExtraArgs: 2838 additionalProperties: 2839 type: string 2840 description: KubeletExtraArgs passes through extra arguments 2841 to the kubelet. The arguments here are passed to the kubelet 2842 command line via the environment file kubeadm writes at 2843 runtime for the kubelet to source. This overrides the generic 2844 base-level configuration in the kubelet-config-1.X ConfigMap 2845 Flags have higher priority when parsing. These values are 2846 local and specific to the node kubeadm is executing on. 2847 type: object 2848 name: 2849 description: Name is the `.Metadata.Name` field of the Node 2850 API object that will be created in this `kubeadm init` or 2851 `kubeadm join` operation. This field is also used in the 2852 CommonName field of the kubelet's client certificate to 2853 the API server. Defaults to the hostname of the node if 2854 not provided. 2855 type: string 2856 taints: 2857 description: 'Taints specifies the taints the Node API object 2858 should be registered with. If this field is unset, i.e. 2859 nil, in the `kubeadm init` process it will be defaulted 2860 to []v1.Taint{''node-role.kubernetes.io/master=""''}. If 2861 you don''t want to taint your control-plane node, set this 2862 field to an empty slice, i.e. `taints: []` in the YAML file. 2863 This field is solely used for Node registration.' 2864 items: 2865 description: The node this Taint is attached to has the 2866 "effect" on any pod that does not tolerate the Taint. 2867 properties: 2868 effect: 2869 description: Required. The effect of the taint on pods 2870 that do not tolerate the taint. Valid effects are 2871 NoSchedule, PreferNoSchedule and NoExecute. 2872 type: string 2873 key: 2874 description: Required. The taint key to be applied to 2875 a node. 2876 type: string 2877 timeAdded: 2878 description: TimeAdded represents the time at which 2879 the taint was added. It is only written for NoExecute 2880 taints. 2881 format: date-time 2882 type: string 2883 value: 2884 description: The taint value corresponding to the taint 2885 key. 2886 type: string 2887 required: 2888 - effect 2889 - key 2890 type: object 2891 type: array 2892 type: object 2893 patches: 2894 description: Patches contains options related to applying patches 2895 to components deployed by kubeadm during "kubeadm join". The 2896 minimum kubernetes version needed to support Patches is v1.22 2897 properties: 2898 directory: 2899 description: Directory is a path to a directory that contains 2900 files named "target[suffix][+patchtype].extension". For 2901 example, "kube-apiserver0+merge.yaml" or just "etcd.json". 2902 "target" can be one of "kube-apiserver", "kube-controller-manager", 2903 "kube-scheduler", "etcd". "patchtype" can be one of "strategic" 2904 "merge" or "json" and they match the patch formats supported 2905 by kubectl. The default "patchtype" is "strategic". "extension" 2906 must be either "json" or "yaml". "suffix" is an optional 2907 string that can be used to determine which patches are applied 2908 first alpha-numerically. These files can be written into 2909 the target directory via KubeadmConfig.Files which specifies 2910 additional files to be created on the machine, either with 2911 content inline or by referencing a secret. 2912 type: string 2913 type: object 2914 skipPhases: 2915 description: SkipPhases is a list of phases to skip during command 2916 execution. The list of phases can be obtained with the "kubeadm 2917 init --help" command. This option takes effect only on Kubernetes 2918 >=1.22.0. 2919 items: 2920 type: string 2921 type: array 2922 type: object 2923 mounts: 2924 description: Mounts specifies a list of mount points to be setup. 2925 items: 2926 description: MountPoints defines input for generated mounts in cloud-init. 2927 items: 2928 type: string 2929 type: array 2930 type: array 2931 ntp: 2932 description: NTP specifies NTP configuration 2933 properties: 2934 enabled: 2935 description: Enabled specifies whether NTP should be enabled 2936 type: boolean 2937 servers: 2938 description: Servers specifies which NTP servers to use 2939 items: 2940 type: string 2941 type: array 2942 type: object 2943 postKubeadmCommands: 2944 description: PostKubeadmCommands specifies extra commands to run after 2945 kubeadm runs 2946 items: 2947 type: string 2948 type: array 2949 preKubeadmCommands: 2950 description: PreKubeadmCommands specifies extra commands to run before 2951 kubeadm runs 2952 items: 2953 type: string 2954 type: array 2955 useExperimentalRetryJoin: 2956 description: "UseExperimentalRetryJoin replaces a basic kubeadm command 2957 with a shell script with retries for joins. \n This is meant to 2958 be an experimental temporary workaround on some environments where 2959 joins fail due to timing (and other issues). The long term goal 2960 is to add retries to kubeadm proper and use that functionality. 2961 \n This will add about 40KB to userdata \n For more information, 2962 refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 2963 \n Deprecated: This experimental fix is no longer needed and this 2964 field will be removed in a future release. When removing also remove 2965 from staticcheck exclude-rules for SA1019 in golangci.yml" 2966 type: boolean 2967 users: 2968 description: Users specifies extra users to add 2969 items: 2970 description: User defines the input for a generated user in cloud-init. 2971 properties: 2972 gecos: 2973 description: Gecos specifies the gecos to use for the user 2974 type: string 2975 groups: 2976 description: Groups specifies the additional groups for the 2977 user 2978 type: string 2979 homeDir: 2980 description: HomeDir specifies the home directory to use for 2981 the user 2982 type: string 2983 inactive: 2984 description: Inactive specifies whether to mark the user as 2985 inactive 2986 type: boolean 2987 lockPassword: 2988 description: LockPassword specifies if password login should 2989 be disabled 2990 type: boolean 2991 name: 2992 description: Name specifies the user name 2993 type: string 2994 passwd: 2995 description: Passwd specifies a hashed password for the user 2996 type: string 2997 passwdFrom: 2998 description: PasswdFrom is a referenced source of passwd to 2999 populate the passwd. 3000 properties: 3001 secret: 3002 description: Secret represents a secret that should populate 3003 this password. 3004 properties: 3005 key: 3006 description: Key is the key in the secret's data map 3007 for this value. 3008 type: string 3009 name: 3010 description: Name of the secret in the KubeadmBootstrapConfig's 3011 namespace to use. 3012 type: string 3013 required: 3014 - key 3015 - name 3016 type: object 3017 required: 3018 - secret 3019 type: object 3020 primaryGroup: 3021 description: PrimaryGroup specifies the primary group for the 3022 user 3023 type: string 3024 shell: 3025 description: Shell specifies the user's shell 3026 type: string 3027 sshAuthorizedKeys: 3028 description: SSHAuthorizedKeys specifies a list of ssh authorized 3029 keys for the user 3030 items: 3031 type: string 3032 type: array 3033 sudo: 3034 description: Sudo specifies a sudo role for the user 3035 type: string 3036 required: 3037 - name 3038 type: object 3039 type: array 3040 verbosity: 3041 description: Verbosity is the number for the kubeadm log level verbosity. 3042 It overrides the `--v` flag in kubeadm commands. 3043 format: int32 3044 type: integer 3045 type: object 3046 status: 3047 description: KubeadmConfigStatus defines the observed state of KubeadmConfig. 3048 properties: 3049 conditions: 3050 description: Conditions defines current service state of the KubeadmConfig. 3051 items: 3052 description: Condition defines an observation of a Cluster API resource 3053 operational state. 3054 properties: 3055 lastTransitionTime: 3056 description: Last time the condition transitioned from one status 3057 to another. This should be when the underlying condition changed. 3058 If that is not known, then using the time when the API field 3059 changed is acceptable. 3060 format: date-time 3061 type: string 3062 message: 3063 description: A human readable message indicating details about 3064 the transition. This field may be empty. 3065 type: string 3066 reason: 3067 description: The reason for the condition's last transition 3068 in CamelCase. The specific API may choose whether or not this 3069 field is considered a guaranteed API. This field may not be 3070 empty. 3071 type: string 3072 severity: 3073 description: Severity provides an explicit classification of 3074 Reason code, so the users or machines can immediately understand 3075 the current situation and act accordingly. The Severity field 3076 MUST be set only when Status=False. 3077 type: string 3078 status: 3079 description: Status of the condition, one of True, False, Unknown. 3080 type: string 3081 type: 3082 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 3083 Many .condition.type values are consistent across resources 3084 like Available, but because arbitrary conditions can be useful 3085 (see .node.status.conditions), the ability to deconflict is 3086 important. 3087 type: string 3088 required: 3089 - lastTransitionTime 3090 - status 3091 - type 3092 type: object 3093 type: array 3094 dataSecretName: 3095 description: DataSecretName is the name of the secret that stores 3096 the bootstrap data script. 3097 type: string 3098 failureMessage: 3099 description: FailureMessage will be set on non-retryable errors 3100 type: string 3101 failureReason: 3102 description: FailureReason will be set on non-retryable errors 3103 type: string 3104 observedGeneration: 3105 description: ObservedGeneration is the latest generation observed 3106 by the controller. 3107 format: int64 3108 type: integer 3109 ready: 3110 description: Ready indicates the BootstrapData field is ready to be 3111 consumed 3112 type: boolean 3113 type: object 3114 type: object 3115 served: true 3116 storage: true 3117 subresources: 3118 status: {}