sigs.k8s.io/cluster-api@v1.6.3/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.13.0 7 name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io 8 spec: 9 group: controlplane.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: KubeadmControlPlane 14 listKind: KubeadmControlPlaneList 15 plural: kubeadmcontrolplanes 16 shortNames: 17 - kcp 18 singular: kubeadmcontrolplane 19 scope: Namespaced 20 versions: 21 - additionalPrinterColumns: 22 - description: This denotes whether or not the control plane has the uploaded 23 kubeadm-config configmap 24 jsonPath: .status.initialized 25 name: Initialized 26 type: boolean 27 - description: KubeadmControlPlane API Server is ready to receive requests 28 jsonPath: .status.ready 29 name: API Server Available 30 type: boolean 31 - description: Kubernetes version associated with this control plane 32 jsonPath: .spec.version 33 name: Version 34 type: string 35 - description: Total number of non-terminated machines targeted by this control 36 plane 37 jsonPath: .status.replicas 38 name: Replicas 39 type: integer 40 - description: Total number of fully running and ready control plane machines 41 jsonPath: .status.readyReplicas 42 name: Ready 43 type: integer 44 - description: Total number of non-terminated machines targeted by this control 45 plane that have the desired template spec 46 jsonPath: .status.updatedReplicas 47 name: Updated 48 type: integer 49 - description: Total number of unavailable machines targeted by this control plane 50 jsonPath: .status.unavailableReplicas 51 name: Unavailable 52 type: integer 53 deprecated: true 54 name: v1alpha3 55 schema: 56 openAPIV3Schema: 57 description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane 58 API. \n Deprecated: This type will be removed in one of the next releases." 59 properties: 60 apiVersion: 61 description: 'APIVersion defines the versioned schema of this representation 62 of an object. Servers should convert recognized schemas to the latest 63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 64 type: string 65 kind: 66 description: 'Kind is a string value representing the REST resource this 67 object represents. Servers may infer this from the endpoint the client 68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 69 type: string 70 metadata: 71 type: object 72 spec: 73 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 74 properties: 75 infrastructureTemplate: 76 description: InfrastructureTemplate is a required reference to a custom 77 resource offered by an infrastructure provider. 78 properties: 79 apiVersion: 80 description: API version of the referent. 81 type: string 82 fieldPath: 83 description: 'If referring to a piece of an object instead of 84 an entire object, this string should contain a valid JSON/Go 85 field access statement, such as desiredState.manifest.containers[2]. 86 For example, if the object reference is to a container within 87 a pod, this would take on a value like: "spec.containers{name}" 88 (where "name" refers to the name of the container that triggered 89 the event) or if no container name is specified "spec.containers[2]" 90 (container with index 2 in this pod). This syntax is chosen 91 only to have some well-defined way of referencing a part of 92 an object. TODO: this design is not final and this field is 93 subject to change in the future.' 94 type: string 95 kind: 96 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 97 type: string 98 name: 99 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 100 type: string 101 namespace: 102 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 103 type: string 104 resourceVersion: 105 description: 'Specific resourceVersion to which this reference 106 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 107 type: string 108 uid: 109 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 110 type: string 111 type: object 112 x-kubernetes-map-type: atomic 113 kubeadmConfigSpec: 114 description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing 115 and joining machines to the control plane. 116 properties: 117 clusterConfiguration: 118 description: ClusterConfiguration along with InitConfiguration 119 are the configurations necessary for the init command 120 properties: 121 apiServer: 122 description: APIServer contains extra settings for the API 123 server control plane component 124 properties: 125 certSANs: 126 description: CertSANs sets extra Subject Alternative Names 127 for the API Server signing cert. 128 items: 129 type: string 130 type: array 131 extraArgs: 132 additionalProperties: 133 type: string 134 description: 'ExtraArgs is an extra set of flags to pass 135 to the control plane component. TODO: This is temporary 136 and ideally we would like to switch all components to 137 use ComponentConfig + ConfigMaps.' 138 type: object 139 extraVolumes: 140 description: ExtraVolumes is an extra set of host volumes, 141 mounted to the control plane component. 142 items: 143 description: HostPathMount contains elements describing 144 volumes that are mounted from the host. 145 properties: 146 hostPath: 147 description: HostPath is the path in the host that 148 will be mounted inside the pod. 149 type: string 150 mountPath: 151 description: MountPath is the path inside the pod 152 where hostPath will be mounted. 153 type: string 154 name: 155 description: Name of the volume inside the pod template. 156 type: string 157 pathType: 158 description: PathType is the type of the HostPath. 159 type: string 160 readOnly: 161 description: ReadOnly controls write access to the 162 volume 163 type: boolean 164 required: 165 - hostPath 166 - mountPath 167 - name 168 type: object 169 type: array 170 timeoutForControlPlane: 171 description: TimeoutForControlPlane controls the timeout 172 that we use for API server to appear 173 type: string 174 type: object 175 apiVersion: 176 description: 'APIVersion defines the versioned schema of this 177 representation of an object. Servers should convert recognized 178 schemas to the latest internal value, and may reject unrecognized 179 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 180 type: string 181 certificatesDir: 182 description: 'CertificatesDir specifies where to store or 183 look for all required certificates. NB: if not provided, 184 this will default to `/etc/kubernetes/pki`' 185 type: string 186 clusterName: 187 description: The cluster name 188 type: string 189 controlPlaneEndpoint: 190 description: 'ControlPlaneEndpoint sets a stable IP address 191 or DNS name for the control plane; it can be a valid IP 192 address or a RFC-1123 DNS subdomain, both with optional 193 TCP port. In case the ControlPlaneEndpoint is not specified, 194 the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint 195 is specified but without a TCP port, the BindPort is used. 196 Possible usages are: e.g. In a cluster with more than one 197 control plane instances, this field should be assigned the 198 address of the external load balancer in front of the control 199 plane instances. e.g. in environments with enforced node 200 recycling, the ControlPlaneEndpoint could be used for assigning 201 a stable DNS to the control plane. NB: This value defaults 202 to the first value in the Cluster object status.apiEndpoints 203 array.' 204 type: string 205 controllerManager: 206 description: ControllerManager contains extra settings for 207 the controller manager control plane component 208 properties: 209 extraArgs: 210 additionalProperties: 211 type: string 212 description: 'ExtraArgs is an extra set of flags to pass 213 to the control plane component. TODO: This is temporary 214 and ideally we would like to switch all components to 215 use ComponentConfig + ConfigMaps.' 216 type: object 217 extraVolumes: 218 description: ExtraVolumes is an extra set of host volumes, 219 mounted to the control plane component. 220 items: 221 description: HostPathMount contains elements describing 222 volumes that are mounted from the host. 223 properties: 224 hostPath: 225 description: HostPath is the path in the host that 226 will be mounted inside the pod. 227 type: string 228 mountPath: 229 description: MountPath is the path inside the pod 230 where hostPath will be mounted. 231 type: string 232 name: 233 description: Name of the volume inside the pod template. 234 type: string 235 pathType: 236 description: PathType is the type of the HostPath. 237 type: string 238 readOnly: 239 description: ReadOnly controls write access to the 240 volume 241 type: boolean 242 required: 243 - hostPath 244 - mountPath 245 - name 246 type: object 247 type: array 248 type: object 249 dns: 250 description: DNS defines the options for the DNS add-on installed 251 in the cluster. 252 properties: 253 imageRepository: 254 description: ImageRepository sets the container registry 255 to pull images from. if not set, the ImageRepository 256 defined in ClusterConfiguration will be used instead. 257 type: string 258 imageTag: 259 description: ImageTag allows to specify a tag for the 260 image. In case this value is set, kubeadm does not change 261 automatically the version of the above components during 262 upgrades. 263 type: string 264 type: 265 description: Type defines the DNS add-on to be used 266 type: string 267 type: object 268 etcd: 269 description: 'Etcd holds configuration for etcd. NB: This 270 value defaults to a Local (stacked) etcd' 271 properties: 272 external: 273 description: External describes how to connect to an external 274 etcd cluster Local and External are mutually exclusive 275 properties: 276 caFile: 277 description: CAFile is an SSL Certificate Authority 278 file used to secure etcd communication. Required 279 if using a TLS connection. 280 type: string 281 certFile: 282 description: CertFile is an SSL certification file 283 used to secure etcd communication. Required if using 284 a TLS connection. 285 type: string 286 endpoints: 287 description: Endpoints of etcd members. Required for 288 ExternalEtcd. 289 items: 290 type: string 291 type: array 292 keyFile: 293 description: KeyFile is an SSL key file used to secure 294 etcd communication. Required if using a TLS connection. 295 type: string 296 required: 297 - caFile 298 - certFile 299 - endpoints 300 - keyFile 301 type: object 302 local: 303 description: Local provides configuration knobs for configuring 304 the local etcd instance Local and External are mutually 305 exclusive 306 properties: 307 dataDir: 308 description: DataDir is the directory etcd will place 309 its data. Defaults to "/var/lib/etcd". 310 type: string 311 extraArgs: 312 additionalProperties: 313 type: string 314 description: ExtraArgs are extra arguments provided 315 to the etcd binary when run inside a static pod. 316 type: object 317 imageRepository: 318 description: ImageRepository sets the container registry 319 to pull images from. if not set, the ImageRepository 320 defined in ClusterConfiguration will be used instead. 321 type: string 322 imageTag: 323 description: ImageTag allows to specify a tag for 324 the image. In case this value is set, kubeadm does 325 not change automatically the version of the above 326 components during upgrades. 327 type: string 328 peerCertSANs: 329 description: PeerCertSANs sets extra Subject Alternative 330 Names for the etcd peer signing cert. 331 items: 332 type: string 333 type: array 334 serverCertSANs: 335 description: ServerCertSANs sets extra Subject Alternative 336 Names for the etcd server signing cert. 337 items: 338 type: string 339 type: array 340 type: object 341 type: object 342 featureGates: 343 additionalProperties: 344 type: boolean 345 description: FeatureGates enabled by the user. 346 type: object 347 imageRepository: 348 description: ImageRepository sets the container registry to 349 pull images from. If empty, `k8s.gcr.io` will be used by 350 default; in case of kubernetes version is a CI build (kubernetes 351 version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 352 will be used as a default for control plane components and 353 for kube-proxy, while `k8s.gcr.io` will be used for all 354 the other images. 355 type: string 356 kind: 357 description: 'Kind is a string value representing the REST 358 resource this object represents. Servers may infer this 359 from the endpoint the client submits requests to. Cannot 360 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 361 type: string 362 kubernetesVersion: 363 description: 'KubernetesVersion is the target version of the 364 control plane. NB: This value defaults to the Machine object 365 spec.version' 366 type: string 367 networking: 368 description: 'Networking holds configuration for the networking 369 topology of the cluster. NB: This value defaults to the 370 Cluster object spec.clusterNetwork.' 371 properties: 372 dnsDomain: 373 description: DNSDomain is the dns domain used by k8s services. 374 Defaults to "cluster.local". 375 type: string 376 podSubnet: 377 description: PodSubnet is the subnet used by pods. If 378 unset, the API server will not allocate CIDR ranges 379 for every node. Defaults to a comma-delimited string 380 of the Cluster object's spec.clusterNetwork.services.cidrBlocks 381 if that is set 382 type: string 383 serviceSubnet: 384 description: ServiceSubnet is the subnet used by k8s services. 385 Defaults to a comma-delimited string of the Cluster 386 object's spec.clusterNetwork.pods.cidrBlocks, or to 387 "10.96.0.0/12" if that's unset. 388 type: string 389 type: object 390 scheduler: 391 description: Scheduler contains extra settings for the scheduler 392 control plane component 393 properties: 394 extraArgs: 395 additionalProperties: 396 type: string 397 description: 'ExtraArgs is an extra set of flags to pass 398 to the control plane component. TODO: This is temporary 399 and ideally we would like to switch all components to 400 use ComponentConfig + ConfigMaps.' 401 type: object 402 extraVolumes: 403 description: ExtraVolumes is an extra set of host volumes, 404 mounted to the control plane component. 405 items: 406 description: HostPathMount contains elements describing 407 volumes that are mounted from the host. 408 properties: 409 hostPath: 410 description: HostPath is the path in the host that 411 will be mounted inside the pod. 412 type: string 413 mountPath: 414 description: MountPath is the path inside the pod 415 where hostPath will be mounted. 416 type: string 417 name: 418 description: Name of the volume inside the pod template. 419 type: string 420 pathType: 421 description: PathType is the type of the HostPath. 422 type: string 423 readOnly: 424 description: ReadOnly controls write access to the 425 volume 426 type: boolean 427 required: 428 - hostPath 429 - mountPath 430 - name 431 type: object 432 type: array 433 type: object 434 useHyperKubeImage: 435 description: UseHyperKubeImage controls if hyperkube should 436 be used for Kubernetes components instead of their respective 437 separate images 438 type: boolean 439 type: object 440 diskSetup: 441 description: DiskSetup specifies options for the creation of partition 442 tables and file systems on devices. 443 properties: 444 filesystems: 445 description: Filesystems specifies the list of file systems 446 to setup. 447 items: 448 description: Filesystem defines the file systems to be created. 449 properties: 450 device: 451 description: Device specifies the device name 452 type: string 453 extraOpts: 454 description: ExtraOpts defined extra options to add 455 to the command for creating the file system. 456 items: 457 type: string 458 type: array 459 filesystem: 460 description: Filesystem specifies the file system type. 461 type: string 462 label: 463 description: Label specifies the file system label to 464 be used. If set to None, no label is used. 465 type: string 466 overwrite: 467 description: Overwrite defines whether or not to overwrite 468 any existing filesystem. If true, any pre-existing 469 file system will be destroyed. Use with Caution. 470 type: boolean 471 partition: 472 description: 'Partition specifies the partition to use. 473 The valid options are: "auto|any", "auto", "any", 474 "none", and <NUM>, where NUM is the actual partition 475 number.' 476 type: string 477 replaceFS: 478 description: 'ReplaceFS is a special directive, used 479 for Microsoft Azure that instructs cloud-init to replace 480 a file system of <FS_TYPE>. NOTE: unless you define 481 a label, this requires the use of the ''any'' partition 482 directive.' 483 type: string 484 required: 485 - device 486 - filesystem 487 - label 488 type: object 489 type: array 490 partitions: 491 description: Partitions specifies the list of the partitions 492 to setup. 493 items: 494 description: Partition defines how to create and layout 495 a partition. 496 properties: 497 device: 498 description: Device is the name of the device. 499 type: string 500 layout: 501 description: Layout specifies the device layout. If 502 it is true, a single partition will be created for 503 the entire device. When layout is false, it means 504 don't partition or ignore existing partitioning. 505 type: boolean 506 overwrite: 507 description: Overwrite describes whether to skip checks 508 and create the partition if a partition or filesystem 509 is found on the device. Use with caution. Default 510 is 'false'. 511 type: boolean 512 tableType: 513 description: 'TableType specifies the tupe of partition 514 table. The following are supported: ''mbr'': default 515 and setups a MS-DOS partition table ''gpt'': setups 516 a GPT partition table' 517 type: string 518 required: 519 - device 520 - layout 521 type: object 522 type: array 523 type: object 524 files: 525 description: Files specifies extra files to be passed to user_data 526 upon creation. 527 items: 528 description: File defines the input for generating write_files 529 in cloud-init. 530 properties: 531 content: 532 description: Content is the actual content of the file. 533 type: string 534 contentFrom: 535 description: ContentFrom is a referenced source of content 536 to populate the file. 537 properties: 538 secret: 539 description: Secret represents a secret that should 540 populate this file. 541 properties: 542 key: 543 description: Key is the key in the secret's data 544 map for this value. 545 type: string 546 name: 547 description: Name of the secret in the KubeadmBootstrapConfig's 548 namespace to use. 549 type: string 550 required: 551 - key 552 - name 553 type: object 554 required: 555 - secret 556 type: object 557 encoding: 558 description: Encoding specifies the encoding of the file 559 contents. 560 enum: 561 - base64 562 - gzip 563 - gzip+base64 564 type: string 565 owner: 566 description: Owner specifies the ownership of the file, 567 e.g. "root:root". 568 type: string 569 path: 570 description: Path specifies the full path on disk where 571 to store the file. 572 type: string 573 permissions: 574 description: Permissions specifies the permissions to assign 575 to the file, e.g. "0640". 576 type: string 577 required: 578 - path 579 type: object 580 type: array 581 format: 582 description: Format specifies the output format of the bootstrap 583 data 584 enum: 585 - cloud-config 586 type: string 587 initConfiguration: 588 description: InitConfiguration along with ClusterConfiguration 589 are the configurations necessary for the init command 590 properties: 591 apiVersion: 592 description: 'APIVersion defines the versioned schema of this 593 representation of an object. Servers should convert recognized 594 schemas to the latest internal value, and may reject unrecognized 595 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 596 type: string 597 bootstrapTokens: 598 description: BootstrapTokens is respected at `kubeadm init` 599 time and describes a set of Bootstrap Tokens to create. 600 This information IS NOT uploaded to the kubeadm cluster 601 configmap, partly because of its sensitive nature 602 items: 603 description: BootstrapToken describes one bootstrap token, 604 stored as a Secret in the cluster. 605 properties: 606 description: 607 description: Description sets a human-friendly message 608 why this token exists and what it's used for, so other 609 administrators can know its purpose. 610 type: string 611 expires: 612 description: Expires specifies the timestamp when this 613 token expires. Defaults to being set dynamically at 614 runtime based on the TTL. Expires and TTL are mutually 615 exclusive. 616 format: date-time 617 type: string 618 groups: 619 description: Groups specifies the extra groups that 620 this token will authenticate as when/if used for authentication 621 items: 622 type: string 623 type: array 624 token: 625 description: Token is used for establishing bidirectional 626 trust between nodes and control-planes. Used for joining 627 nodes in the cluster. 628 type: string 629 ttl: 630 description: TTL defines the time to live for this token. 631 Defaults to 24h. Expires and TTL are mutually exclusive. 632 type: string 633 usages: 634 description: Usages describes the ways in which this 635 token can be used. Can by default be used for establishing 636 bidirectional trust, but that can be changed here. 637 items: 638 type: string 639 type: array 640 required: 641 - token 642 type: object 643 type: array 644 kind: 645 description: 'Kind is a string value representing the REST 646 resource this object represents. Servers may infer this 647 from the endpoint the client submits requests to. Cannot 648 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 649 type: string 650 localAPIEndpoint: 651 description: LocalAPIEndpoint represents the endpoint of the 652 API server instance that's deployed on this control plane 653 node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 654 in the sense that ControlPlaneEndpoint is the global endpoint 655 for the cluster, which then loadbalances the requests to 656 each individual API server. This configuration object lets 657 you customize what IP/DNS name and port the local API server 658 advertises it's accessible on. By default, kubeadm tries 659 to auto-detect the IP of the default interface and use that, 660 but in case that process fails you may set the desired value 661 here. 662 properties: 663 advertiseAddress: 664 description: AdvertiseAddress sets the IP address for 665 the API server to advertise. 666 type: string 667 bindPort: 668 description: BindPort sets the secure port for the API 669 Server to bind to. Defaults to 6443. 670 format: int32 671 type: integer 672 required: 673 - advertiseAddress 674 - bindPort 675 type: object 676 nodeRegistration: 677 description: NodeRegistration holds fields that relate to 678 registering the new control-plane node to the cluster. When 679 used in the context of control plane nodes, NodeRegistration 680 should remain consistent across both InitConfiguration and 681 JoinConfiguration 682 properties: 683 criSocket: 684 description: CRISocket is used to retrieve container runtime 685 info. This information will be annotated to the Node 686 API object, for later re-use 687 type: string 688 kubeletExtraArgs: 689 additionalProperties: 690 type: string 691 description: KubeletExtraArgs passes through extra arguments 692 to the kubelet. The arguments here are passed to the 693 kubelet command line via the environment file kubeadm 694 writes at runtime for the kubelet to source. This overrides 695 the generic base-level configuration in the kubelet-config-1.X 696 ConfigMap Flags have higher priority when parsing. These 697 values are local and specific to the node kubeadm is 698 executing on. 699 type: object 700 name: 701 description: Name is the `.Metadata.Name` field of the 702 Node API object that will be created in this `kubeadm 703 init` or `kubeadm join` operation. This field is also 704 used in the CommonName field of the kubelet's client 705 certificate to the API server. Defaults to the hostname 706 of the node if not provided. 707 type: string 708 taints: 709 description: 'Taints specifies the taints the Node API 710 object should be registered with. If this field is unset, 711 i.e. nil, in the `kubeadm init` process it will be defaulted 712 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 713 If you don''t want to taint your control-plane node, 714 set this field to an empty slice, i.e. `taints: {}` 715 in the YAML file. This field is solely used for Node 716 registration.' 717 items: 718 description: The node this Taint is attached to has 719 the "effect" on any pod that does not tolerate the 720 Taint. 721 properties: 722 effect: 723 description: Required. The effect of the taint on 724 pods that do not tolerate the taint. Valid effects 725 are NoSchedule, PreferNoSchedule and NoExecute. 726 type: string 727 key: 728 description: Required. The taint key to be applied 729 to a node. 730 type: string 731 timeAdded: 732 description: TimeAdded represents the time at which 733 the taint was added. It is only written for NoExecute 734 taints. 735 format: date-time 736 type: string 737 value: 738 description: The taint value corresponding to the 739 taint key. 740 type: string 741 required: 742 - effect 743 - key 744 type: object 745 type: array 746 type: object 747 type: object 748 joinConfiguration: 749 description: JoinConfiguration is the kubeadm configuration for 750 the join command 751 properties: 752 apiVersion: 753 description: 'APIVersion defines the versioned schema of this 754 representation of an object. Servers should convert recognized 755 schemas to the latest internal value, and may reject unrecognized 756 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 757 type: string 758 caCertPath: 759 description: 'CACertPath is the path to the SSL certificate 760 authority used to secure comunications between node and 761 control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". 762 TODO: revisit when there is defaulting from k/k' 763 type: string 764 controlPlane: 765 description: ControlPlane defines the additional control plane 766 instance to be deployed on the joining node. If nil, no 767 additional control plane instance will be deployed. 768 properties: 769 localAPIEndpoint: 770 description: LocalAPIEndpoint represents the endpoint 771 of the API server instance to be deployed on this node. 772 properties: 773 advertiseAddress: 774 description: AdvertiseAddress sets the IP address 775 for the API server to advertise. 776 type: string 777 bindPort: 778 description: BindPort sets the secure port for the 779 API Server to bind to. Defaults to 6443. 780 format: int32 781 type: integer 782 required: 783 - advertiseAddress 784 - bindPort 785 type: object 786 type: object 787 discovery: 788 description: 'Discovery specifies the options for the kubelet 789 to use during the TLS Bootstrap process TODO: revisit when 790 there is defaulting from k/k' 791 properties: 792 bootstrapToken: 793 description: BootstrapToken is used to set the options 794 for bootstrap token based discovery BootstrapToken and 795 File are mutually exclusive 796 properties: 797 apiServerEndpoint: 798 description: APIServerEndpoint is an IP or domain 799 name to the API server from which info will be fetched. 800 type: string 801 caCertHashes: 802 description: 'CACertHashes specifies a set of public 803 key pins to verify when token-based discovery is 804 used. The root CA found during discovery must match 805 one of these values. Specifying an empty set disables 806 root CA pinning, which can be unsafe. Each hash 807 is specified as "<type>:<value>", where the only 808 currently supported type is "sha256". This is a 809 hex-encoded SHA-256 hash of the Subject Public Key 810 Info (SPKI) object in DER-encoded ASN.1. These hashes 811 can be calculated using, for example, OpenSSL: openssl 812 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 813 der 2>&/dev/null | openssl dgst -sha256 -hex' 814 items: 815 type: string 816 type: array 817 token: 818 description: Token is a token used to validate cluster 819 information fetched from the control-plane. 820 type: string 821 unsafeSkipCAVerification: 822 description: UnsafeSkipCAVerification allows token-based 823 discovery without CA verification via CACertHashes. 824 This can weaken the security of kubeadm since other 825 nodes can impersonate the control-plane. 826 type: boolean 827 required: 828 - token 829 - unsafeSkipCAVerification 830 type: object 831 file: 832 description: File is used to specify a file or URL to 833 a kubeconfig file from which to load cluster information 834 BootstrapToken and File are mutually exclusive 835 properties: 836 kubeConfigPath: 837 description: KubeConfigPath is used to specify the 838 actual file path or URL to the kubeconfig file from 839 which to load cluster information 840 type: string 841 required: 842 - kubeConfigPath 843 type: object 844 timeout: 845 description: Timeout modifies the discovery timeout 846 type: string 847 tlsBootstrapToken: 848 description: 'TLSBootstrapToken is a token used for TLS 849 bootstrapping. If .BootstrapToken is set, this field 850 is defaulted to .BootstrapToken.Token, but can be overridden. 851 If .File is set, this field **must be set** in case 852 the KubeConfigFile does not contain any other authentication 853 information TODO: revisit when there is defaulting from 854 k/k' 855 type: string 856 type: object 857 kind: 858 description: 'Kind is a string value representing the REST 859 resource this object represents. Servers may infer this 860 from the endpoint the client submits requests to. Cannot 861 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 862 type: string 863 nodeRegistration: 864 description: NodeRegistration holds fields that relate to 865 registering the new control-plane node to the cluster. When 866 used in the context of control plane nodes, NodeRegistration 867 should remain consistent across both InitConfiguration and 868 JoinConfiguration 869 properties: 870 criSocket: 871 description: CRISocket is used to retrieve container runtime 872 info. This information will be annotated to the Node 873 API object, for later re-use 874 type: string 875 kubeletExtraArgs: 876 additionalProperties: 877 type: string 878 description: KubeletExtraArgs passes through extra arguments 879 to the kubelet. The arguments here are passed to the 880 kubelet command line via the environment file kubeadm 881 writes at runtime for the kubelet to source. This overrides 882 the generic base-level configuration in the kubelet-config-1.X 883 ConfigMap Flags have higher priority when parsing. These 884 values are local and specific to the node kubeadm is 885 executing on. 886 type: object 887 name: 888 description: Name is the `.Metadata.Name` field of the 889 Node API object that will be created in this `kubeadm 890 init` or `kubeadm join` operation. This field is also 891 used in the CommonName field of the kubelet's client 892 certificate to the API server. Defaults to the hostname 893 of the node if not provided. 894 type: string 895 taints: 896 description: 'Taints specifies the taints the Node API 897 object should be registered with. If this field is unset, 898 i.e. nil, in the `kubeadm init` process it will be defaulted 899 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 900 If you don''t want to taint your control-plane node, 901 set this field to an empty slice, i.e. `taints: {}` 902 in the YAML file. This field is solely used for Node 903 registration.' 904 items: 905 description: The node this Taint is attached to has 906 the "effect" on any pod that does not tolerate the 907 Taint. 908 properties: 909 effect: 910 description: Required. The effect of the taint on 911 pods that do not tolerate the taint. Valid effects 912 are NoSchedule, PreferNoSchedule and NoExecute. 913 type: string 914 key: 915 description: Required. The taint key to be applied 916 to a node. 917 type: string 918 timeAdded: 919 description: TimeAdded represents the time at which 920 the taint was added. It is only written for NoExecute 921 taints. 922 format: date-time 923 type: string 924 value: 925 description: The taint value corresponding to the 926 taint key. 927 type: string 928 required: 929 - effect 930 - key 931 type: object 932 type: array 933 type: object 934 type: object 935 mounts: 936 description: Mounts specifies a list of mount points to be setup. 937 items: 938 description: MountPoints defines input for generated mounts 939 in cloud-init. 940 items: 941 type: string 942 type: array 943 type: array 944 ntp: 945 description: NTP specifies NTP configuration 946 properties: 947 enabled: 948 description: Enabled specifies whether NTP should be enabled 949 type: boolean 950 servers: 951 description: Servers specifies which NTP servers to use 952 items: 953 type: string 954 type: array 955 type: object 956 postKubeadmCommands: 957 description: PostKubeadmCommands specifies extra commands to run 958 after kubeadm runs 959 items: 960 type: string 961 type: array 962 preKubeadmCommands: 963 description: PreKubeadmCommands specifies extra commands to run 964 before kubeadm runs 965 items: 966 type: string 967 type: array 968 useExperimentalRetryJoin: 969 description: "UseExperimentalRetryJoin replaces a basic kubeadm 970 command with a shell script with retries for joins. \n This 971 is meant to be an experimental temporary workaround on some 972 environments where joins fail due to timing (and other issues). 973 The long term goal is to add retries to kubeadm proper and use 974 that functionality. \n This will add about 40KB to userdata 975 \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." 976 type: boolean 977 users: 978 description: Users specifies extra users to add 979 items: 980 description: User defines the input for a generated user in 981 cloud-init. 982 properties: 983 gecos: 984 description: Gecos specifies the gecos to use for the user 985 type: string 986 groups: 987 description: Groups specifies the additional groups for 988 the user 989 type: string 990 homeDir: 991 description: HomeDir specifies the home directory to use 992 for the user 993 type: string 994 inactive: 995 description: Inactive specifies whether to mark the user 996 as inactive 997 type: boolean 998 lockPassword: 999 description: LockPassword specifies if password login should 1000 be disabled 1001 type: boolean 1002 name: 1003 description: Name specifies the user name 1004 type: string 1005 passwd: 1006 description: Passwd specifies a hashed password for the 1007 user 1008 type: string 1009 primaryGroup: 1010 description: PrimaryGroup specifies the primary group for 1011 the user 1012 type: string 1013 shell: 1014 description: Shell specifies the user's shell 1015 type: string 1016 sshAuthorizedKeys: 1017 description: SSHAuthorizedKeys specifies a list of ssh authorized 1018 keys for the user 1019 items: 1020 type: string 1021 type: array 1022 sudo: 1023 description: Sudo specifies a sudo role for the user 1024 type: string 1025 required: 1026 - name 1027 type: object 1028 type: array 1029 verbosity: 1030 description: Verbosity is the number for the kubeadm log level 1031 verbosity. It overrides the `--v` flag in kubeadm commands. 1032 format: int32 1033 type: integer 1034 type: object 1035 nodeDrainTimeout: 1036 description: 'NodeDrainTimeout is the total amount of time that the 1037 controller will spend on draining a controlplane node The default 1038 value is 0, meaning that the node can be drained without any time 1039 limitations. NOTE: NodeDrainTimeout is different from `kubectl drain 1040 --timeout`' 1041 type: string 1042 replicas: 1043 description: Number of desired machines. Defaults to 1. When stacked 1044 etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 1045 This is a pointer to distinguish between explicit zero and not specified. 1046 format: int32 1047 type: integer 1048 rolloutStrategy: 1049 description: The RolloutStrategy to use to replace control plane machines 1050 with new ones. 1051 properties: 1052 rollingUpdate: 1053 description: Rolling update config params. Present only if RolloutStrategyType 1054 = RollingUpdate. 1055 properties: 1056 maxSurge: 1057 anyOf: 1058 - type: integer 1059 - type: string 1060 description: 'The maximum number of control planes that can 1061 be scheduled above or under the desired number of control 1062 planes. Value can be an absolute number 1 or 0. Defaults 1063 to 1. Example: when this is set to 1, the control plane 1064 can be scaled up immediately when the rolling update starts.' 1065 x-kubernetes-int-or-string: true 1066 type: object 1067 type: 1068 description: Type of rollout. Currently the only supported strategy 1069 is "RollingUpdate". Default is RollingUpdate. 1070 type: string 1071 type: object 1072 upgradeAfter: 1073 description: UpgradeAfter is a field to indicate an upgrade should 1074 be performed after the specified time even if no changes have been 1075 made to the KubeadmControlPlane 1076 format: date-time 1077 type: string 1078 version: 1079 description: Version defines the desired Kubernetes version. 1080 type: string 1081 required: 1082 - infrastructureTemplate 1083 - kubeadmConfigSpec 1084 - version 1085 type: object 1086 status: 1087 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 1088 properties: 1089 conditions: 1090 description: Conditions defines current service state of the KubeadmControlPlane. 1091 items: 1092 description: Condition defines an observation of a Cluster API resource 1093 operational state. 1094 properties: 1095 lastTransitionTime: 1096 description: Last time the condition transitioned from one status 1097 to another. This should be when the underlying condition changed. 1098 If that is not known, then using the time when the API field 1099 changed is acceptable. 1100 format: date-time 1101 type: string 1102 message: 1103 description: A human readable message indicating details about 1104 the transition. This field may be empty. 1105 type: string 1106 reason: 1107 description: The reason for the condition's last transition 1108 in CamelCase. The specific API may choose whether or not this 1109 field is considered a guaranteed API. This field may not be 1110 empty. 1111 type: string 1112 severity: 1113 description: Severity provides an explicit classification of 1114 Reason code, so the users or machines can immediately understand 1115 the current situation and act accordingly. The Severity field 1116 MUST be set only when Status=False. 1117 type: string 1118 status: 1119 description: Status of the condition, one of True, False, Unknown. 1120 type: string 1121 type: 1122 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 1123 Many .condition.type values are consistent across resources 1124 like Available, but because arbitrary conditions can be useful 1125 (see .node.status.conditions), the ability to deconflict is 1126 important. 1127 type: string 1128 required: 1129 - status 1130 - type 1131 type: object 1132 type: array 1133 failureMessage: 1134 description: ErrorMessage indicates that there is a terminal problem 1135 reconciling the state, and will be set to a descriptive error message. 1136 type: string 1137 failureReason: 1138 description: FailureReason indicates that there is a terminal problem 1139 reconciling the state, and will be set to a token value suitable 1140 for programmatic interpretation. 1141 type: string 1142 initialized: 1143 description: Initialized denotes whether or not the control plane 1144 has the uploaded kubeadm-config configmap. 1145 type: boolean 1146 observedGeneration: 1147 description: ObservedGeneration is the latest generation observed 1148 by the controller. 1149 format: int64 1150 type: integer 1151 ready: 1152 description: Ready denotes that the KubeadmControlPlane API Server 1153 is ready to receive requests. 1154 type: boolean 1155 readyReplicas: 1156 description: Total number of fully running and ready control plane 1157 machines. 1158 format: int32 1159 type: integer 1160 replicas: 1161 description: Total number of non-terminated machines targeted by this 1162 control plane (their labels match the selector). 1163 format: int32 1164 type: integer 1165 selector: 1166 description: 'Selector is the label selector in string format to avoid 1167 introspection by clients, and is used to provide the CRD-based integration 1168 for the scale subresource and additional integrations for things 1169 like kubectl describe.. The string will be in the same format as 1170 the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' 1171 type: string 1172 unavailableReplicas: 1173 description: Total number of unavailable machines targeted by this 1174 control plane. This is the total number of machines that are still 1175 required for the deployment to have 100% available capacity. They 1176 may either be machines that are running but not yet ready or machines 1177 that still have not been created. 1178 format: int32 1179 type: integer 1180 updatedReplicas: 1181 description: Total number of non-terminated machines targeted by this 1182 control plane that have the desired template spec. 1183 format: int32 1184 type: integer 1185 type: object 1186 type: object 1187 served: false 1188 storage: false 1189 subresources: 1190 scale: 1191 labelSelectorPath: .status.selector 1192 specReplicasPath: .spec.replicas 1193 statusReplicasPath: .status.replicas 1194 status: {} 1195 - additionalPrinterColumns: 1196 - description: Time duration since creation of KubeadmControlPlane 1197 jsonPath: .metadata.creationTimestamp 1198 name: Age 1199 type: date 1200 - description: This denotes whether or not the control plane has the uploaded 1201 kubeadm-config configmap 1202 jsonPath: .status.initialized 1203 name: Initialized 1204 type: boolean 1205 - description: KubeadmControlPlane API Server is ready to receive requests 1206 jsonPath: .status.ready 1207 name: API Server Available 1208 type: boolean 1209 - description: Kubernetes version associated with this control plane 1210 jsonPath: .spec.version 1211 name: Version 1212 type: string 1213 - description: Total number of non-terminated machines targeted by this control 1214 plane 1215 jsonPath: .status.replicas 1216 name: Replicas 1217 type: integer 1218 - description: Total number of fully running and ready control plane machines 1219 jsonPath: .status.readyReplicas 1220 name: Ready 1221 type: integer 1222 - description: Total number of non-terminated machines targeted by this control 1223 plane that have the desired template spec 1224 jsonPath: .status.updatedReplicas 1225 name: Updated 1226 type: integer 1227 - description: Total number of unavailable machines targeted by this control plane 1228 jsonPath: .status.unavailableReplicas 1229 name: Unavailable 1230 type: integer 1231 deprecated: true 1232 name: v1alpha4 1233 schema: 1234 openAPIV3Schema: 1235 description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane 1236 API. \n Deprecated: This type will be removed in one of the next releases." 1237 properties: 1238 apiVersion: 1239 description: 'APIVersion defines the versioned schema of this representation 1240 of an object. Servers should convert recognized schemas to the latest 1241 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1242 type: string 1243 kind: 1244 description: 'Kind is a string value representing the REST resource this 1245 object represents. Servers may infer this from the endpoint the client 1246 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1247 type: string 1248 metadata: 1249 type: object 1250 spec: 1251 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 1252 properties: 1253 kubeadmConfigSpec: 1254 description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing 1255 and joining machines to the control plane. 1256 properties: 1257 clusterConfiguration: 1258 description: ClusterConfiguration along with InitConfiguration 1259 are the configurations necessary for the init command 1260 properties: 1261 apiServer: 1262 description: APIServer contains extra settings for the API 1263 server control plane component 1264 properties: 1265 certSANs: 1266 description: CertSANs sets extra Subject Alternative Names 1267 for the API Server signing cert. 1268 items: 1269 type: string 1270 type: array 1271 extraArgs: 1272 additionalProperties: 1273 type: string 1274 description: 'ExtraArgs is an extra set of flags to pass 1275 to the control plane component. TODO: This is temporary 1276 and ideally we would like to switch all components to 1277 use ComponentConfig + ConfigMaps.' 1278 type: object 1279 extraVolumes: 1280 description: ExtraVolumes is an extra set of host volumes, 1281 mounted to the control plane component. 1282 items: 1283 description: HostPathMount contains elements describing 1284 volumes that are mounted from the host. 1285 properties: 1286 hostPath: 1287 description: HostPath is the path in the host that 1288 will be mounted inside the pod. 1289 type: string 1290 mountPath: 1291 description: MountPath is the path inside the pod 1292 where hostPath will be mounted. 1293 type: string 1294 name: 1295 description: Name of the volume inside the pod template. 1296 type: string 1297 pathType: 1298 description: PathType is the type of the HostPath. 1299 type: string 1300 readOnly: 1301 description: ReadOnly controls write access to the 1302 volume 1303 type: boolean 1304 required: 1305 - hostPath 1306 - mountPath 1307 - name 1308 type: object 1309 type: array 1310 timeoutForControlPlane: 1311 description: TimeoutForControlPlane controls the timeout 1312 that we use for API server to appear 1313 type: string 1314 type: object 1315 apiVersion: 1316 description: 'APIVersion defines the versioned schema of this 1317 representation of an object. Servers should convert recognized 1318 schemas to the latest internal value, and may reject unrecognized 1319 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1320 type: string 1321 certificatesDir: 1322 description: 'CertificatesDir specifies where to store or 1323 look for all required certificates. NB: if not provided, 1324 this will default to `/etc/kubernetes/pki`' 1325 type: string 1326 clusterName: 1327 description: The cluster name 1328 type: string 1329 controlPlaneEndpoint: 1330 description: 'ControlPlaneEndpoint sets a stable IP address 1331 or DNS name for the control plane; it can be a valid IP 1332 address or a RFC-1123 DNS subdomain, both with optional 1333 TCP port. In case the ControlPlaneEndpoint is not specified, 1334 the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint 1335 is specified but without a TCP port, the BindPort is used. 1336 Possible usages are: e.g. In a cluster with more than one 1337 control plane instances, this field should be assigned the 1338 address of the external load balancer in front of the control 1339 plane instances. e.g. in environments with enforced node 1340 recycling, the ControlPlaneEndpoint could be used for assigning 1341 a stable DNS to the control plane. NB: This value defaults 1342 to the first value in the Cluster object status.apiEndpoints 1343 array.' 1344 type: string 1345 controllerManager: 1346 description: ControllerManager contains extra settings for 1347 the controller manager control plane component 1348 properties: 1349 extraArgs: 1350 additionalProperties: 1351 type: string 1352 description: 'ExtraArgs is an extra set of flags to pass 1353 to the control plane component. TODO: This is temporary 1354 and ideally we would like to switch all components to 1355 use ComponentConfig + ConfigMaps.' 1356 type: object 1357 extraVolumes: 1358 description: ExtraVolumes is an extra set of host volumes, 1359 mounted to the control plane component. 1360 items: 1361 description: HostPathMount contains elements describing 1362 volumes that are mounted from the host. 1363 properties: 1364 hostPath: 1365 description: HostPath is the path in the host that 1366 will be mounted inside the pod. 1367 type: string 1368 mountPath: 1369 description: MountPath is the path inside the pod 1370 where hostPath will be mounted. 1371 type: string 1372 name: 1373 description: Name of the volume inside the pod template. 1374 type: string 1375 pathType: 1376 description: PathType is the type of the HostPath. 1377 type: string 1378 readOnly: 1379 description: ReadOnly controls write access to the 1380 volume 1381 type: boolean 1382 required: 1383 - hostPath 1384 - mountPath 1385 - name 1386 type: object 1387 type: array 1388 type: object 1389 dns: 1390 description: DNS defines the options for the DNS add-on installed 1391 in the cluster. 1392 properties: 1393 imageRepository: 1394 description: ImageRepository sets the container registry 1395 to pull images from. if not set, the ImageRepository 1396 defined in ClusterConfiguration will be used instead. 1397 type: string 1398 imageTag: 1399 description: ImageTag allows to specify a tag for the 1400 image. In case this value is set, kubeadm does not change 1401 automatically the version of the above components during 1402 upgrades. 1403 type: string 1404 type: object 1405 etcd: 1406 description: 'Etcd holds configuration for etcd. NB: This 1407 value defaults to a Local (stacked) etcd' 1408 properties: 1409 external: 1410 description: External describes how to connect to an external 1411 etcd cluster Local and External are mutually exclusive 1412 properties: 1413 caFile: 1414 description: CAFile is an SSL Certificate Authority 1415 file used to secure etcd communication. Required 1416 if using a TLS connection. 1417 type: string 1418 certFile: 1419 description: CertFile is an SSL certification file 1420 used to secure etcd communication. Required if using 1421 a TLS connection. 1422 type: string 1423 endpoints: 1424 description: Endpoints of etcd members. Required for 1425 ExternalEtcd. 1426 items: 1427 type: string 1428 type: array 1429 keyFile: 1430 description: KeyFile is an SSL key file used to secure 1431 etcd communication. Required if using a TLS connection. 1432 type: string 1433 required: 1434 - caFile 1435 - certFile 1436 - endpoints 1437 - keyFile 1438 type: object 1439 local: 1440 description: Local provides configuration knobs for configuring 1441 the local etcd instance Local and External are mutually 1442 exclusive 1443 properties: 1444 dataDir: 1445 description: DataDir is the directory etcd will place 1446 its data. Defaults to "/var/lib/etcd". 1447 type: string 1448 extraArgs: 1449 additionalProperties: 1450 type: string 1451 description: ExtraArgs are extra arguments provided 1452 to the etcd binary when run inside a static pod. 1453 type: object 1454 imageRepository: 1455 description: ImageRepository sets the container registry 1456 to pull images from. if not set, the ImageRepository 1457 defined in ClusterConfiguration will be used instead. 1458 type: string 1459 imageTag: 1460 description: ImageTag allows to specify a tag for 1461 the image. In case this value is set, kubeadm does 1462 not change automatically the version of the above 1463 components during upgrades. 1464 type: string 1465 peerCertSANs: 1466 description: PeerCertSANs sets extra Subject Alternative 1467 Names for the etcd peer signing cert. 1468 items: 1469 type: string 1470 type: array 1471 serverCertSANs: 1472 description: ServerCertSANs sets extra Subject Alternative 1473 Names for the etcd server signing cert. 1474 items: 1475 type: string 1476 type: array 1477 type: object 1478 type: object 1479 featureGates: 1480 additionalProperties: 1481 type: boolean 1482 description: FeatureGates enabled by the user. 1483 type: object 1484 imageRepository: 1485 description: ImageRepository sets the container registry to 1486 pull images from. If empty, `registry.k8s.io` will be used 1487 by default; in case of kubernetes version is a CI build 1488 (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 1489 will be used as a default for control plane components and 1490 for kube-proxy, while `registry.k8s.io` will be used for 1491 all the other images. 1492 type: string 1493 kind: 1494 description: 'Kind is a string value representing the REST 1495 resource this object represents. Servers may infer this 1496 from the endpoint the client submits requests to. Cannot 1497 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1498 type: string 1499 kubernetesVersion: 1500 description: 'KubernetesVersion is the target version of the 1501 control plane. NB: This value defaults to the Machine object 1502 spec.version' 1503 type: string 1504 networking: 1505 description: 'Networking holds configuration for the networking 1506 topology of the cluster. NB: This value defaults to the 1507 Cluster object spec.clusterNetwork.' 1508 properties: 1509 dnsDomain: 1510 description: DNSDomain is the dns domain used by k8s services. 1511 Defaults to "cluster.local". 1512 type: string 1513 podSubnet: 1514 description: PodSubnet is the subnet used by pods. If 1515 unset, the API server will not allocate CIDR ranges 1516 for every node. Defaults to a comma-delimited string 1517 of the Cluster object's spec.clusterNetwork.services.cidrBlocks 1518 if that is set 1519 type: string 1520 serviceSubnet: 1521 description: ServiceSubnet is the subnet used by k8s services. 1522 Defaults to a comma-delimited string of the Cluster 1523 object's spec.clusterNetwork.pods.cidrBlocks, or to 1524 "10.96.0.0/12" if that's unset. 1525 type: string 1526 type: object 1527 scheduler: 1528 description: Scheduler contains extra settings for the scheduler 1529 control plane component 1530 properties: 1531 extraArgs: 1532 additionalProperties: 1533 type: string 1534 description: 'ExtraArgs is an extra set of flags to pass 1535 to the control plane component. TODO: This is temporary 1536 and ideally we would like to switch all components to 1537 use ComponentConfig + ConfigMaps.' 1538 type: object 1539 extraVolumes: 1540 description: ExtraVolumes is an extra set of host volumes, 1541 mounted to the control plane component. 1542 items: 1543 description: HostPathMount contains elements describing 1544 volumes that are mounted from the host. 1545 properties: 1546 hostPath: 1547 description: HostPath is the path in the host that 1548 will be mounted inside the pod. 1549 type: string 1550 mountPath: 1551 description: MountPath is the path inside the pod 1552 where hostPath will be mounted. 1553 type: string 1554 name: 1555 description: Name of the volume inside the pod template. 1556 type: string 1557 pathType: 1558 description: PathType is the type of the HostPath. 1559 type: string 1560 readOnly: 1561 description: ReadOnly controls write access to the 1562 volume 1563 type: boolean 1564 required: 1565 - hostPath 1566 - mountPath 1567 - name 1568 type: object 1569 type: array 1570 type: object 1571 type: object 1572 diskSetup: 1573 description: DiskSetup specifies options for the creation of partition 1574 tables and file systems on devices. 1575 properties: 1576 filesystems: 1577 description: Filesystems specifies the list of file systems 1578 to setup. 1579 items: 1580 description: Filesystem defines the file systems to be created. 1581 properties: 1582 device: 1583 description: Device specifies the device name 1584 type: string 1585 extraOpts: 1586 description: ExtraOpts defined extra options to add 1587 to the command for creating the file system. 1588 items: 1589 type: string 1590 type: array 1591 filesystem: 1592 description: Filesystem specifies the file system type. 1593 type: string 1594 label: 1595 description: Label specifies the file system label to 1596 be used. If set to None, no label is used. 1597 type: string 1598 overwrite: 1599 description: Overwrite defines whether or not to overwrite 1600 any existing filesystem. If true, any pre-existing 1601 file system will be destroyed. Use with Caution. 1602 type: boolean 1603 partition: 1604 description: 'Partition specifies the partition to use. 1605 The valid options are: "auto|any", "auto", "any", 1606 "none", and <NUM>, where NUM is the actual partition 1607 number.' 1608 type: string 1609 replaceFS: 1610 description: 'ReplaceFS is a special directive, used 1611 for Microsoft Azure that instructs cloud-init to replace 1612 a file system of <FS_TYPE>. NOTE: unless you define 1613 a label, this requires the use of the ''any'' partition 1614 directive.' 1615 type: string 1616 required: 1617 - device 1618 - filesystem 1619 - label 1620 type: object 1621 type: array 1622 partitions: 1623 description: Partitions specifies the list of the partitions 1624 to setup. 1625 items: 1626 description: Partition defines how to create and layout 1627 a partition. 1628 properties: 1629 device: 1630 description: Device is the name of the device. 1631 type: string 1632 layout: 1633 description: Layout specifies the device layout. If 1634 it is true, a single partition will be created for 1635 the entire device. When layout is false, it means 1636 don't partition or ignore existing partitioning. 1637 type: boolean 1638 overwrite: 1639 description: Overwrite describes whether to skip checks 1640 and create the partition if a partition or filesystem 1641 is found on the device. Use with caution. Default 1642 is 'false'. 1643 type: boolean 1644 tableType: 1645 description: 'TableType specifies the tupe of partition 1646 table. The following are supported: ''mbr'': default 1647 and setups a MS-DOS partition table ''gpt'': setups 1648 a GPT partition table' 1649 type: string 1650 required: 1651 - device 1652 - layout 1653 type: object 1654 type: array 1655 type: object 1656 files: 1657 description: Files specifies extra files to be passed to user_data 1658 upon creation. 1659 items: 1660 description: File defines the input for generating write_files 1661 in cloud-init. 1662 properties: 1663 content: 1664 description: Content is the actual content of the file. 1665 type: string 1666 contentFrom: 1667 description: ContentFrom is a referenced source of content 1668 to populate the file. 1669 properties: 1670 secret: 1671 description: Secret represents a secret that should 1672 populate this file. 1673 properties: 1674 key: 1675 description: Key is the key in the secret's data 1676 map for this value. 1677 type: string 1678 name: 1679 description: Name of the secret in the KubeadmBootstrapConfig's 1680 namespace to use. 1681 type: string 1682 required: 1683 - key 1684 - name 1685 type: object 1686 required: 1687 - secret 1688 type: object 1689 encoding: 1690 description: Encoding specifies the encoding of the file 1691 contents. 1692 enum: 1693 - base64 1694 - gzip 1695 - gzip+base64 1696 type: string 1697 owner: 1698 description: Owner specifies the ownership of the file, 1699 e.g. "root:root". 1700 type: string 1701 path: 1702 description: Path specifies the full path on disk where 1703 to store the file. 1704 type: string 1705 permissions: 1706 description: Permissions specifies the permissions to assign 1707 to the file, e.g. "0640". 1708 type: string 1709 required: 1710 - path 1711 type: object 1712 type: array 1713 format: 1714 description: Format specifies the output format of the bootstrap 1715 data 1716 enum: 1717 - cloud-config 1718 type: string 1719 initConfiguration: 1720 description: InitConfiguration along with ClusterConfiguration 1721 are the configurations necessary for the init command 1722 properties: 1723 apiVersion: 1724 description: 'APIVersion defines the versioned schema of this 1725 representation of an object. Servers should convert recognized 1726 schemas to the latest internal value, and may reject unrecognized 1727 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1728 type: string 1729 bootstrapTokens: 1730 description: BootstrapTokens is respected at `kubeadm init` 1731 time and describes a set of Bootstrap Tokens to create. 1732 This information IS NOT uploaded to the kubeadm cluster 1733 configmap, partly because of its sensitive nature 1734 items: 1735 description: BootstrapToken describes one bootstrap token, 1736 stored as a Secret in the cluster. 1737 properties: 1738 description: 1739 description: Description sets a human-friendly message 1740 why this token exists and what it's used for, so other 1741 administrators can know its purpose. 1742 type: string 1743 expires: 1744 description: Expires specifies the timestamp when this 1745 token expires. Defaults to being set dynamically at 1746 runtime based on the TTL. Expires and TTL are mutually 1747 exclusive. 1748 format: date-time 1749 type: string 1750 groups: 1751 description: Groups specifies the extra groups that 1752 this token will authenticate as when/if used for authentication 1753 items: 1754 type: string 1755 type: array 1756 token: 1757 description: Token is used for establishing bidirectional 1758 trust between nodes and control-planes. Used for joining 1759 nodes in the cluster. 1760 type: string 1761 ttl: 1762 description: TTL defines the time to live for this token. 1763 Defaults to 24h. Expires and TTL are mutually exclusive. 1764 type: string 1765 usages: 1766 description: Usages describes the ways in which this 1767 token can be used. Can by default be used for establishing 1768 bidirectional trust, but that can be changed here. 1769 items: 1770 type: string 1771 type: array 1772 required: 1773 - token 1774 type: object 1775 type: array 1776 kind: 1777 description: 'Kind is a string value representing the REST 1778 resource this object represents. Servers may infer this 1779 from the endpoint the client submits requests to. Cannot 1780 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1781 type: string 1782 localAPIEndpoint: 1783 description: LocalAPIEndpoint represents the endpoint of the 1784 API server instance that's deployed on this control plane 1785 node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 1786 in the sense that ControlPlaneEndpoint is the global endpoint 1787 for the cluster, which then loadbalances the requests to 1788 each individual API server. This configuration object lets 1789 you customize what IP/DNS name and port the local API server 1790 advertises it's accessible on. By default, kubeadm tries 1791 to auto-detect the IP of the default interface and use that, 1792 but in case that process fails you may set the desired value 1793 here. 1794 properties: 1795 advertiseAddress: 1796 description: AdvertiseAddress sets the IP address for 1797 the API server to advertise. 1798 type: string 1799 bindPort: 1800 description: BindPort sets the secure port for the API 1801 Server to bind to. Defaults to 6443. 1802 format: int32 1803 type: integer 1804 type: object 1805 nodeRegistration: 1806 description: NodeRegistration holds fields that relate to 1807 registering the new control-plane node to the cluster. When 1808 used in the context of control plane nodes, NodeRegistration 1809 should remain consistent across both InitConfiguration and 1810 JoinConfiguration 1811 properties: 1812 criSocket: 1813 description: CRISocket is used to retrieve container runtime 1814 info. This information will be annotated to the Node 1815 API object, for later re-use 1816 type: string 1817 ignorePreflightErrors: 1818 description: IgnorePreflightErrors provides a slice of 1819 pre-flight errors to be ignored when the current node 1820 is registered. 1821 items: 1822 type: string 1823 type: array 1824 kubeletExtraArgs: 1825 additionalProperties: 1826 type: string 1827 description: KubeletExtraArgs passes through extra arguments 1828 to the kubelet. The arguments here are passed to the 1829 kubelet command line via the environment file kubeadm 1830 writes at runtime for the kubelet to source. This overrides 1831 the generic base-level configuration in the kubelet-config-1.X 1832 ConfigMap Flags have higher priority when parsing. These 1833 values are local and specific to the node kubeadm is 1834 executing on. 1835 type: object 1836 name: 1837 description: Name is the `.Metadata.Name` field of the 1838 Node API object that will be created in this `kubeadm 1839 init` or `kubeadm join` operation. This field is also 1840 used in the CommonName field of the kubelet's client 1841 certificate to the API server. Defaults to the hostname 1842 of the node if not provided. 1843 type: string 1844 taints: 1845 description: 'Taints specifies the taints the Node API 1846 object should be registered with. If this field is unset, 1847 i.e. nil, in the `kubeadm init` process it will be defaulted 1848 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 1849 If you don''t want to taint your control-plane node, 1850 set this field to an empty slice, i.e. `taints: {}` 1851 in the YAML file. This field is solely used for Node 1852 registration.' 1853 items: 1854 description: The node this Taint is attached to has 1855 the "effect" on any pod that does not tolerate the 1856 Taint. 1857 properties: 1858 effect: 1859 description: Required. The effect of the taint on 1860 pods that do not tolerate the taint. Valid effects 1861 are NoSchedule, PreferNoSchedule and NoExecute. 1862 type: string 1863 key: 1864 description: Required. The taint key to be applied 1865 to a node. 1866 type: string 1867 timeAdded: 1868 description: TimeAdded represents the time at which 1869 the taint was added. It is only written for NoExecute 1870 taints. 1871 format: date-time 1872 type: string 1873 value: 1874 description: The taint value corresponding to the 1875 taint key. 1876 type: string 1877 required: 1878 - effect 1879 - key 1880 type: object 1881 type: array 1882 type: object 1883 type: object 1884 joinConfiguration: 1885 description: JoinConfiguration is the kubeadm configuration for 1886 the join command 1887 properties: 1888 apiVersion: 1889 description: 'APIVersion defines the versioned schema of this 1890 representation of an object. Servers should convert recognized 1891 schemas to the latest internal value, and may reject unrecognized 1892 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1893 type: string 1894 caCertPath: 1895 description: 'CACertPath is the path to the SSL certificate 1896 authority used to secure comunications between node and 1897 control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". 1898 TODO: revisit when there is defaulting from k/k' 1899 type: string 1900 controlPlane: 1901 description: ControlPlane defines the additional control plane 1902 instance to be deployed on the joining node. If nil, no 1903 additional control plane instance will be deployed. 1904 properties: 1905 localAPIEndpoint: 1906 description: LocalAPIEndpoint represents the endpoint 1907 of the API server instance to be deployed on this node. 1908 properties: 1909 advertiseAddress: 1910 description: AdvertiseAddress sets the IP address 1911 for the API server to advertise. 1912 type: string 1913 bindPort: 1914 description: BindPort sets the secure port for the 1915 API Server to bind to. Defaults to 6443. 1916 format: int32 1917 type: integer 1918 type: object 1919 type: object 1920 discovery: 1921 description: 'Discovery specifies the options for the kubelet 1922 to use during the TLS Bootstrap process TODO: revisit when 1923 there is defaulting from k/k' 1924 properties: 1925 bootstrapToken: 1926 description: BootstrapToken is used to set the options 1927 for bootstrap token based discovery BootstrapToken and 1928 File are mutually exclusive 1929 properties: 1930 apiServerEndpoint: 1931 description: APIServerEndpoint is an IP or domain 1932 name to the API server from which info will be fetched. 1933 type: string 1934 caCertHashes: 1935 description: 'CACertHashes specifies a set of public 1936 key pins to verify when token-based discovery is 1937 used. The root CA found during discovery must match 1938 one of these values. Specifying an empty set disables 1939 root CA pinning, which can be unsafe. Each hash 1940 is specified as "<type>:<value>", where the only 1941 currently supported type is "sha256". This is a 1942 hex-encoded SHA-256 hash of the Subject Public Key 1943 Info (SPKI) object in DER-encoded ASN.1. These hashes 1944 can be calculated using, for example, OpenSSL: openssl 1945 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 1946 der 2>&/dev/null | openssl dgst -sha256 -hex' 1947 items: 1948 type: string 1949 type: array 1950 token: 1951 description: Token is a token used to validate cluster 1952 information fetched from the control-plane. 1953 type: string 1954 unsafeSkipCAVerification: 1955 description: UnsafeSkipCAVerification allows token-based 1956 discovery without CA verification via CACertHashes. 1957 This can weaken the security of kubeadm since other 1958 nodes can impersonate the control-plane. 1959 type: boolean 1960 required: 1961 - token 1962 type: object 1963 file: 1964 description: File is used to specify a file or URL to 1965 a kubeconfig file from which to load cluster information 1966 BootstrapToken and File are mutually exclusive 1967 properties: 1968 kubeConfigPath: 1969 description: KubeConfigPath is used to specify the 1970 actual file path or URL to the kubeconfig file from 1971 which to load cluster information 1972 type: string 1973 required: 1974 - kubeConfigPath 1975 type: object 1976 timeout: 1977 description: Timeout modifies the discovery timeout 1978 type: string 1979 tlsBootstrapToken: 1980 description: TLSBootstrapToken is a token used for TLS 1981 bootstrapping. If .BootstrapToken is set, this field 1982 is defaulted to .BootstrapToken.Token, but can be overridden. 1983 If .File is set, this field **must be set** in case 1984 the KubeConfigFile does not contain any other authentication 1985 information 1986 type: string 1987 type: object 1988 kind: 1989 description: 'Kind is a string value representing the REST 1990 resource this object represents. Servers may infer this 1991 from the endpoint the client submits requests to. Cannot 1992 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1993 type: string 1994 nodeRegistration: 1995 description: NodeRegistration holds fields that relate to 1996 registering the new control-plane node to the cluster. When 1997 used in the context of control plane nodes, NodeRegistration 1998 should remain consistent across both InitConfiguration and 1999 JoinConfiguration 2000 properties: 2001 criSocket: 2002 description: CRISocket is used to retrieve container runtime 2003 info. This information will be annotated to the Node 2004 API object, for later re-use 2005 type: string 2006 ignorePreflightErrors: 2007 description: IgnorePreflightErrors provides a slice of 2008 pre-flight errors to be ignored when the current node 2009 is registered. 2010 items: 2011 type: string 2012 type: array 2013 kubeletExtraArgs: 2014 additionalProperties: 2015 type: string 2016 description: KubeletExtraArgs passes through extra arguments 2017 to the kubelet. The arguments here are passed to the 2018 kubelet command line via the environment file kubeadm 2019 writes at runtime for the kubelet to source. This overrides 2020 the generic base-level configuration in the kubelet-config-1.X 2021 ConfigMap Flags have higher priority when parsing. These 2022 values are local and specific to the node kubeadm is 2023 executing on. 2024 type: object 2025 name: 2026 description: Name is the `.Metadata.Name` field of the 2027 Node API object that will be created in this `kubeadm 2028 init` or `kubeadm join` operation. This field is also 2029 used in the CommonName field of the kubelet's client 2030 certificate to the API server. Defaults to the hostname 2031 of the node if not provided. 2032 type: string 2033 taints: 2034 description: 'Taints specifies the taints the Node API 2035 object should be registered with. If this field is unset, 2036 i.e. nil, in the `kubeadm init` process it will be defaulted 2037 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 2038 If you don''t want to taint your control-plane node, 2039 set this field to an empty slice, i.e. `taints: {}` 2040 in the YAML file. This field is solely used for Node 2041 registration.' 2042 items: 2043 description: The node this Taint is attached to has 2044 the "effect" on any pod that does not tolerate the 2045 Taint. 2046 properties: 2047 effect: 2048 description: Required. The effect of the taint on 2049 pods that do not tolerate the taint. Valid effects 2050 are NoSchedule, PreferNoSchedule and NoExecute. 2051 type: string 2052 key: 2053 description: Required. The taint key to be applied 2054 to a node. 2055 type: string 2056 timeAdded: 2057 description: TimeAdded represents the time at which 2058 the taint was added. It is only written for NoExecute 2059 taints. 2060 format: date-time 2061 type: string 2062 value: 2063 description: The taint value corresponding to the 2064 taint key. 2065 type: string 2066 required: 2067 - effect 2068 - key 2069 type: object 2070 type: array 2071 type: object 2072 type: object 2073 mounts: 2074 description: Mounts specifies a list of mount points to be setup. 2075 items: 2076 description: MountPoints defines input for generated mounts 2077 in cloud-init. 2078 items: 2079 type: string 2080 type: array 2081 type: array 2082 ntp: 2083 description: NTP specifies NTP configuration 2084 properties: 2085 enabled: 2086 description: Enabled specifies whether NTP should be enabled 2087 type: boolean 2088 servers: 2089 description: Servers specifies which NTP servers to use 2090 items: 2091 type: string 2092 type: array 2093 type: object 2094 postKubeadmCommands: 2095 description: PostKubeadmCommands specifies extra commands to run 2096 after kubeadm runs 2097 items: 2098 type: string 2099 type: array 2100 preKubeadmCommands: 2101 description: PreKubeadmCommands specifies extra commands to run 2102 before kubeadm runs 2103 items: 2104 type: string 2105 type: array 2106 useExperimentalRetryJoin: 2107 description: "UseExperimentalRetryJoin replaces a basic kubeadm 2108 command with a shell script with retries for joins. \n This 2109 is meant to be an experimental temporary workaround on some 2110 environments where joins fail due to timing (and other issues). 2111 The long term goal is to add retries to kubeadm proper and use 2112 that functionality. \n This will add about 40KB to userdata 2113 \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." 2114 type: boolean 2115 users: 2116 description: Users specifies extra users to add 2117 items: 2118 description: User defines the input for a generated user in 2119 cloud-init. 2120 properties: 2121 gecos: 2122 description: Gecos specifies the gecos to use for the user 2123 type: string 2124 groups: 2125 description: Groups specifies the additional groups for 2126 the user 2127 type: string 2128 homeDir: 2129 description: HomeDir specifies the home directory to use 2130 for the user 2131 type: string 2132 inactive: 2133 description: Inactive specifies whether to mark the user 2134 as inactive 2135 type: boolean 2136 lockPassword: 2137 description: LockPassword specifies if password login should 2138 be disabled 2139 type: boolean 2140 name: 2141 description: Name specifies the user name 2142 type: string 2143 passwd: 2144 description: Passwd specifies a hashed password for the 2145 user 2146 type: string 2147 primaryGroup: 2148 description: PrimaryGroup specifies the primary group for 2149 the user 2150 type: string 2151 shell: 2152 description: Shell specifies the user's shell 2153 type: string 2154 sshAuthorizedKeys: 2155 description: SSHAuthorizedKeys specifies a list of ssh authorized 2156 keys for the user 2157 items: 2158 type: string 2159 type: array 2160 sudo: 2161 description: Sudo specifies a sudo role for the user 2162 type: string 2163 required: 2164 - name 2165 type: object 2166 type: array 2167 verbosity: 2168 description: Verbosity is the number for the kubeadm log level 2169 verbosity. It overrides the `--v` flag in kubeadm commands. 2170 format: int32 2171 type: integer 2172 type: object 2173 machineTemplate: 2174 description: MachineTemplate contains information about how machines 2175 should be shaped when creating or updating a control plane. 2176 properties: 2177 infrastructureRef: 2178 description: InfrastructureRef is a required reference to a custom 2179 resource offered by an infrastructure provider. 2180 properties: 2181 apiVersion: 2182 description: API version of the referent. 2183 type: string 2184 fieldPath: 2185 description: 'If referring to a piece of an object instead 2186 of an entire object, this string should contain a valid 2187 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 2188 For example, if the object reference is to a container within 2189 a pod, this would take on a value like: "spec.containers{name}" 2190 (where "name" refers to the name of the container that triggered 2191 the event) or if no container name is specified "spec.containers[2]" 2192 (container with index 2 in this pod). This syntax is chosen 2193 only to have some well-defined way of referencing a part 2194 of an object. TODO: this design is not final and this field 2195 is subject to change in the future.' 2196 type: string 2197 kind: 2198 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2199 type: string 2200 name: 2201 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 2202 type: string 2203 namespace: 2204 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 2205 type: string 2206 resourceVersion: 2207 description: 'Specific resourceVersion to which this reference 2208 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 2209 type: string 2210 uid: 2211 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 2212 type: string 2213 type: object 2214 x-kubernetes-map-type: atomic 2215 metadata: 2216 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 2217 properties: 2218 annotations: 2219 additionalProperties: 2220 type: string 2221 description: 'Annotations is an unstructured key value map 2222 stored with a resource that may be set by external tools 2223 to store and retrieve arbitrary metadata. They are not queryable 2224 and should be preserved when modifying objects. More info: 2225 http://kubernetes.io/docs/user-guide/annotations' 2226 type: object 2227 labels: 2228 additionalProperties: 2229 type: string 2230 description: 'Map of string keys and values that can be used 2231 to organize and categorize (scope and select) objects. May 2232 match selectors of replication controllers and services. 2233 More info: http://kubernetes.io/docs/user-guide/labels' 2234 type: object 2235 type: object 2236 nodeDrainTimeout: 2237 description: 'NodeDrainTimeout is the total amount of time that 2238 the controller will spend on draining a controlplane node The 2239 default value is 0, meaning that the node can be drained without 2240 any time limitations. NOTE: NodeDrainTimeout is different from 2241 `kubectl drain --timeout`' 2242 type: string 2243 required: 2244 - infrastructureRef 2245 type: object 2246 replicas: 2247 description: Number of desired machines. Defaults to 1. When stacked 2248 etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 2249 This is a pointer to distinguish between explicit zero and not specified. 2250 format: int32 2251 type: integer 2252 rolloutAfter: 2253 description: RolloutAfter is a field to indicate a rollout should 2254 be performed after the specified time even if no changes have been 2255 made to the KubeadmControlPlane. 2256 format: date-time 2257 type: string 2258 rolloutStrategy: 2259 default: 2260 rollingUpdate: 2261 maxSurge: 1 2262 type: RollingUpdate 2263 description: The RolloutStrategy to use to replace control plane machines 2264 with new ones. 2265 properties: 2266 rollingUpdate: 2267 description: Rolling update config params. Present only if RolloutStrategyType 2268 = RollingUpdate. 2269 properties: 2270 maxSurge: 2271 anyOf: 2272 - type: integer 2273 - type: string 2274 description: 'The maximum number of control planes that can 2275 be scheduled above or under the desired number of control 2276 planes. Value can be an absolute number 1 or 0. Defaults 2277 to 1. Example: when this is set to 1, the control plane 2278 can be scaled up immediately when the rolling update starts.' 2279 x-kubernetes-int-or-string: true 2280 type: object 2281 type: 2282 description: Type of rollout. Currently the only supported strategy 2283 is "RollingUpdate". Default is RollingUpdate. 2284 type: string 2285 type: object 2286 version: 2287 description: Version defines the desired Kubernetes version. 2288 type: string 2289 required: 2290 - kubeadmConfigSpec 2291 - machineTemplate 2292 - version 2293 type: object 2294 status: 2295 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 2296 properties: 2297 conditions: 2298 description: Conditions defines current service state of the KubeadmControlPlane. 2299 items: 2300 description: Condition defines an observation of a Cluster API resource 2301 operational state. 2302 properties: 2303 lastTransitionTime: 2304 description: Last time the condition transitioned from one status 2305 to another. This should be when the underlying condition changed. 2306 If that is not known, then using the time when the API field 2307 changed is acceptable. 2308 format: date-time 2309 type: string 2310 message: 2311 description: A human readable message indicating details about 2312 the transition. This field may be empty. 2313 type: string 2314 reason: 2315 description: The reason for the condition's last transition 2316 in CamelCase. The specific API may choose whether or not this 2317 field is considered a guaranteed API. This field may not be 2318 empty. 2319 type: string 2320 severity: 2321 description: Severity provides an explicit classification of 2322 Reason code, so the users or machines can immediately understand 2323 the current situation and act accordingly. The Severity field 2324 MUST be set only when Status=False. 2325 type: string 2326 status: 2327 description: Status of the condition, one of True, False, Unknown. 2328 type: string 2329 type: 2330 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 2331 Many .condition.type values are consistent across resources 2332 like Available, but because arbitrary conditions can be useful 2333 (see .node.status.conditions), the ability to deconflict is 2334 important. 2335 type: string 2336 required: 2337 - status 2338 - type 2339 type: object 2340 type: array 2341 failureMessage: 2342 description: ErrorMessage indicates that there is a terminal problem 2343 reconciling the state, and will be set to a descriptive error message. 2344 type: string 2345 failureReason: 2346 description: FailureReason indicates that there is a terminal problem 2347 reconciling the state, and will be set to a token value suitable 2348 for programmatic interpretation. 2349 type: string 2350 initialized: 2351 description: Initialized denotes whether or not the control plane 2352 has the uploaded kubeadm-config configmap. 2353 type: boolean 2354 observedGeneration: 2355 description: ObservedGeneration is the latest generation observed 2356 by the controller. 2357 format: int64 2358 type: integer 2359 ready: 2360 description: Ready denotes that the KubeadmControlPlane API Server 2361 is ready to receive requests. 2362 type: boolean 2363 readyReplicas: 2364 description: Total number of fully running and ready control plane 2365 machines. 2366 format: int32 2367 type: integer 2368 replicas: 2369 description: Total number of non-terminated machines targeted by this 2370 control plane (their labels match the selector). 2371 format: int32 2372 type: integer 2373 selector: 2374 description: 'Selector is the label selector in string format to avoid 2375 introspection by clients, and is used to provide the CRD-based integration 2376 for the scale subresource and additional integrations for things 2377 like kubectl describe.. The string will be in the same format as 2378 the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' 2379 type: string 2380 unavailableReplicas: 2381 description: Total number of unavailable machines targeted by this 2382 control plane. This is the total number of machines that are still 2383 required for the deployment to have 100% available capacity. They 2384 may either be machines that are running but not yet ready or machines 2385 that still have not been created. 2386 format: int32 2387 type: integer 2388 updatedReplicas: 2389 description: Total number of non-terminated machines targeted by this 2390 control plane that have the desired template spec. 2391 format: int32 2392 type: integer 2393 version: 2394 description: Version represents the minimum Kubernetes version for 2395 the control plane machines in the cluster. 2396 type: string 2397 type: object 2398 type: object 2399 served: false 2400 storage: false 2401 subresources: 2402 scale: 2403 labelSelectorPath: .status.selector 2404 specReplicasPath: .spec.replicas 2405 statusReplicasPath: .status.replicas 2406 status: {} 2407 - additionalPrinterColumns: 2408 - description: Cluster 2409 jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] 2410 name: Cluster 2411 type: string 2412 - description: This denotes whether or not the control plane has the uploaded 2413 kubeadm-config configmap 2414 jsonPath: .status.initialized 2415 name: Initialized 2416 type: boolean 2417 - description: KubeadmControlPlane API Server is ready to receive requests 2418 jsonPath: .status.ready 2419 name: API Server Available 2420 type: boolean 2421 - description: Total number of machines desired by this control plane 2422 jsonPath: .spec.replicas 2423 name: Desired 2424 priority: 10 2425 type: integer 2426 - description: Total number of non-terminated machines targeted by this control 2427 plane 2428 jsonPath: .status.replicas 2429 name: Replicas 2430 type: integer 2431 - description: Total number of fully running and ready control plane machines 2432 jsonPath: .status.readyReplicas 2433 name: Ready 2434 type: integer 2435 - description: Total number of non-terminated machines targeted by this control 2436 plane that have the desired template spec 2437 jsonPath: .status.updatedReplicas 2438 name: Updated 2439 type: integer 2440 - description: Total number of unavailable machines targeted by this control plane 2441 jsonPath: .status.unavailableReplicas 2442 name: Unavailable 2443 type: integer 2444 - description: Time duration since creation of KubeadmControlPlane 2445 jsonPath: .metadata.creationTimestamp 2446 name: Age 2447 type: date 2448 - description: Kubernetes version associated with this control plane 2449 jsonPath: .spec.version 2450 name: Version 2451 type: string 2452 name: v1beta1 2453 schema: 2454 openAPIV3Schema: 2455 description: KubeadmControlPlane is the Schema for the KubeadmControlPlane 2456 API. 2457 properties: 2458 apiVersion: 2459 description: 'APIVersion defines the versioned schema of this representation 2460 of an object. Servers should convert recognized schemas to the latest 2461 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2462 type: string 2463 kind: 2464 description: 'Kind is a string value representing the REST resource this 2465 object represents. Servers may infer this from the endpoint the client 2466 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2467 type: string 2468 metadata: 2469 type: object 2470 spec: 2471 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 2472 properties: 2473 kubeadmConfigSpec: 2474 description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing 2475 and joining machines to the control plane. 2476 properties: 2477 clusterConfiguration: 2478 description: ClusterConfiguration along with InitConfiguration 2479 are the configurations necessary for the init command 2480 properties: 2481 apiServer: 2482 description: APIServer contains extra settings for the API 2483 server control plane component 2484 properties: 2485 certSANs: 2486 description: CertSANs sets extra Subject Alternative Names 2487 for the API Server signing cert. 2488 items: 2489 type: string 2490 type: array 2491 extraArgs: 2492 additionalProperties: 2493 type: string 2494 description: 'ExtraArgs is an extra set of flags to pass 2495 to the control plane component. TODO: This is temporary 2496 and ideally we would like to switch all components to 2497 use ComponentConfig + ConfigMaps.' 2498 type: object 2499 extraVolumes: 2500 description: ExtraVolumes is an extra set of host volumes, 2501 mounted to the control plane component. 2502 items: 2503 description: HostPathMount contains elements describing 2504 volumes that are mounted from the host. 2505 properties: 2506 hostPath: 2507 description: HostPath is the path in the host that 2508 will be mounted inside the pod. 2509 type: string 2510 mountPath: 2511 description: MountPath is the path inside the pod 2512 where hostPath will be mounted. 2513 type: string 2514 name: 2515 description: Name of the volume inside the pod template. 2516 type: string 2517 pathType: 2518 description: PathType is the type of the HostPath. 2519 type: string 2520 readOnly: 2521 description: ReadOnly controls write access to the 2522 volume 2523 type: boolean 2524 required: 2525 - hostPath 2526 - mountPath 2527 - name 2528 type: object 2529 type: array 2530 timeoutForControlPlane: 2531 description: TimeoutForControlPlane controls the timeout 2532 that we use for API server to appear 2533 type: string 2534 type: object 2535 apiVersion: 2536 description: 'APIVersion defines the versioned schema of this 2537 representation of an object. Servers should convert recognized 2538 schemas to the latest internal value, and may reject unrecognized 2539 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2540 type: string 2541 certificatesDir: 2542 description: 'CertificatesDir specifies where to store or 2543 look for all required certificates. NB: if not provided, 2544 this will default to `/etc/kubernetes/pki`' 2545 type: string 2546 clusterName: 2547 description: The cluster name 2548 type: string 2549 controlPlaneEndpoint: 2550 description: 'ControlPlaneEndpoint sets a stable IP address 2551 or DNS name for the control plane; it can be a valid IP 2552 address or a RFC-1123 DNS subdomain, both with optional 2553 TCP port. In case the ControlPlaneEndpoint is not specified, 2554 the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint 2555 is specified but without a TCP port, the BindPort is used. 2556 Possible usages are: e.g. In a cluster with more than one 2557 control plane instances, this field should be assigned the 2558 address of the external load balancer in front of the control 2559 plane instances. e.g. in environments with enforced node 2560 recycling, the ControlPlaneEndpoint could be used for assigning 2561 a stable DNS to the control plane. NB: This value defaults 2562 to the first value in the Cluster object status.apiEndpoints 2563 array.' 2564 type: string 2565 controllerManager: 2566 description: ControllerManager contains extra settings for 2567 the controller manager control plane component 2568 properties: 2569 extraArgs: 2570 additionalProperties: 2571 type: string 2572 description: 'ExtraArgs is an extra set of flags to pass 2573 to the control plane component. TODO: This is temporary 2574 and ideally we would like to switch all components to 2575 use ComponentConfig + ConfigMaps.' 2576 type: object 2577 extraVolumes: 2578 description: ExtraVolumes is an extra set of host volumes, 2579 mounted to the control plane component. 2580 items: 2581 description: HostPathMount contains elements describing 2582 volumes that are mounted from the host. 2583 properties: 2584 hostPath: 2585 description: HostPath is the path in the host that 2586 will be mounted inside the pod. 2587 type: string 2588 mountPath: 2589 description: MountPath is the path inside the pod 2590 where hostPath will be mounted. 2591 type: string 2592 name: 2593 description: Name of the volume inside the pod template. 2594 type: string 2595 pathType: 2596 description: PathType is the type of the HostPath. 2597 type: string 2598 readOnly: 2599 description: ReadOnly controls write access to the 2600 volume 2601 type: boolean 2602 required: 2603 - hostPath 2604 - mountPath 2605 - name 2606 type: object 2607 type: array 2608 type: object 2609 dns: 2610 description: DNS defines the options for the DNS add-on installed 2611 in the cluster. 2612 properties: 2613 imageRepository: 2614 description: ImageRepository sets the container registry 2615 to pull images from. if not set, the ImageRepository 2616 defined in ClusterConfiguration will be used instead. 2617 type: string 2618 imageTag: 2619 description: ImageTag allows to specify a tag for the 2620 image. In case this value is set, kubeadm does not change 2621 automatically the version of the above components during 2622 upgrades. 2623 type: string 2624 type: object 2625 etcd: 2626 description: 'Etcd holds configuration for etcd. NB: This 2627 value defaults to a Local (stacked) etcd' 2628 properties: 2629 external: 2630 description: External describes how to connect to an external 2631 etcd cluster Local and External are mutually exclusive 2632 properties: 2633 caFile: 2634 description: CAFile is an SSL Certificate Authority 2635 file used to secure etcd communication. Required 2636 if using a TLS connection. 2637 type: string 2638 certFile: 2639 description: CertFile is an SSL certification file 2640 used to secure etcd communication. Required if using 2641 a TLS connection. 2642 type: string 2643 endpoints: 2644 description: Endpoints of etcd members. Required for 2645 ExternalEtcd. 2646 items: 2647 type: string 2648 type: array 2649 keyFile: 2650 description: KeyFile is an SSL key file used to secure 2651 etcd communication. Required if using a TLS connection. 2652 type: string 2653 required: 2654 - caFile 2655 - certFile 2656 - endpoints 2657 - keyFile 2658 type: object 2659 local: 2660 description: Local provides configuration knobs for configuring 2661 the local etcd instance Local and External are mutually 2662 exclusive 2663 properties: 2664 dataDir: 2665 description: DataDir is the directory etcd will place 2666 its data. Defaults to "/var/lib/etcd". 2667 type: string 2668 extraArgs: 2669 additionalProperties: 2670 type: string 2671 description: ExtraArgs are extra arguments provided 2672 to the etcd binary when run inside a static pod. 2673 type: object 2674 imageRepository: 2675 description: ImageRepository sets the container registry 2676 to pull images from. if not set, the ImageRepository 2677 defined in ClusterConfiguration will be used instead. 2678 type: string 2679 imageTag: 2680 description: ImageTag allows to specify a tag for 2681 the image. In case this value is set, kubeadm does 2682 not change automatically the version of the above 2683 components during upgrades. 2684 type: string 2685 peerCertSANs: 2686 description: PeerCertSANs sets extra Subject Alternative 2687 Names for the etcd peer signing cert. 2688 items: 2689 type: string 2690 type: array 2691 serverCertSANs: 2692 description: ServerCertSANs sets extra Subject Alternative 2693 Names for the etcd server signing cert. 2694 items: 2695 type: string 2696 type: array 2697 type: object 2698 type: object 2699 featureGates: 2700 additionalProperties: 2701 type: boolean 2702 description: FeatureGates enabled by the user. 2703 type: object 2704 imageRepository: 2705 description: 'ImageRepository sets the container registry 2706 to pull images from. * If not set, the default registry 2707 of kubeadm will be used, i.e. * registry.k8s.io (new registry): 2708 >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io 2709 (old registry): all older versions Please note that when 2710 imageRepository is not set we don''t allow upgrades to versions 2711 >= v1.22.0 which use the old registry (k8s.gcr.io). Please 2712 use a newer patch version with the new registry instead 2713 (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). 2714 * If the version is a CI build (kubernetes version starts 2715 with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 2716 will be used as a default for control plane components and 2717 for kube-proxy, while `registry.k8s.io` will be used for 2718 all the other images.' 2719 type: string 2720 kind: 2721 description: 'Kind is a string value representing the REST 2722 resource this object represents. Servers may infer this 2723 from the endpoint the client submits requests to. Cannot 2724 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2725 type: string 2726 kubernetesVersion: 2727 description: 'KubernetesVersion is the target version of the 2728 control plane. NB: This value defaults to the Machine object 2729 spec.version' 2730 type: string 2731 networking: 2732 description: 'Networking holds configuration for the networking 2733 topology of the cluster. NB: This value defaults to the 2734 Cluster object spec.clusterNetwork.' 2735 properties: 2736 dnsDomain: 2737 description: DNSDomain is the dns domain used by k8s services. 2738 Defaults to "cluster.local". 2739 type: string 2740 podSubnet: 2741 description: PodSubnet is the subnet used by pods. If 2742 unset, the API server will not allocate CIDR ranges 2743 for every node. Defaults to a comma-delimited string 2744 of the Cluster object's spec.clusterNetwork.services.cidrBlocks 2745 if that is set 2746 type: string 2747 serviceSubnet: 2748 description: ServiceSubnet is the subnet used by k8s services. 2749 Defaults to a comma-delimited string of the Cluster 2750 object's spec.clusterNetwork.pods.cidrBlocks, or to 2751 "10.96.0.0/12" if that's unset. 2752 type: string 2753 type: object 2754 scheduler: 2755 description: Scheduler contains extra settings for the scheduler 2756 control plane component 2757 properties: 2758 extraArgs: 2759 additionalProperties: 2760 type: string 2761 description: 'ExtraArgs is an extra set of flags to pass 2762 to the control plane component. TODO: This is temporary 2763 and ideally we would like to switch all components to 2764 use ComponentConfig + ConfigMaps.' 2765 type: object 2766 extraVolumes: 2767 description: ExtraVolumes is an extra set of host volumes, 2768 mounted to the control plane component. 2769 items: 2770 description: HostPathMount contains elements describing 2771 volumes that are mounted from the host. 2772 properties: 2773 hostPath: 2774 description: HostPath is the path in the host that 2775 will be mounted inside the pod. 2776 type: string 2777 mountPath: 2778 description: MountPath is the path inside the pod 2779 where hostPath will be mounted. 2780 type: string 2781 name: 2782 description: Name of the volume inside the pod template. 2783 type: string 2784 pathType: 2785 description: PathType is the type of the HostPath. 2786 type: string 2787 readOnly: 2788 description: ReadOnly controls write access to the 2789 volume 2790 type: boolean 2791 required: 2792 - hostPath 2793 - mountPath 2794 - name 2795 type: object 2796 type: array 2797 type: object 2798 type: object 2799 diskSetup: 2800 description: DiskSetup specifies options for the creation of partition 2801 tables and file systems on devices. 2802 properties: 2803 filesystems: 2804 description: Filesystems specifies the list of file systems 2805 to setup. 2806 items: 2807 description: Filesystem defines the file systems to be created. 2808 properties: 2809 device: 2810 description: Device specifies the device name 2811 type: string 2812 extraOpts: 2813 description: ExtraOpts defined extra options to add 2814 to the command for creating the file system. 2815 items: 2816 type: string 2817 type: array 2818 filesystem: 2819 description: Filesystem specifies the file system type. 2820 type: string 2821 label: 2822 description: Label specifies the file system label to 2823 be used. If set to None, no label is used. 2824 type: string 2825 overwrite: 2826 description: Overwrite defines whether or not to overwrite 2827 any existing filesystem. If true, any pre-existing 2828 file system will be destroyed. Use with Caution. 2829 type: boolean 2830 partition: 2831 description: 'Partition specifies the partition to use. 2832 The valid options are: "auto|any", "auto", "any", 2833 "none", and <NUM>, where NUM is the actual partition 2834 number.' 2835 type: string 2836 replaceFS: 2837 description: 'ReplaceFS is a special directive, used 2838 for Microsoft Azure that instructs cloud-init to replace 2839 a file system of <FS_TYPE>. NOTE: unless you define 2840 a label, this requires the use of the ''any'' partition 2841 directive.' 2842 type: string 2843 required: 2844 - device 2845 - filesystem 2846 - label 2847 type: object 2848 type: array 2849 partitions: 2850 description: Partitions specifies the list of the partitions 2851 to setup. 2852 items: 2853 description: Partition defines how to create and layout 2854 a partition. 2855 properties: 2856 device: 2857 description: Device is the name of the device. 2858 type: string 2859 layout: 2860 description: Layout specifies the device layout. If 2861 it is true, a single partition will be created for 2862 the entire device. When layout is false, it means 2863 don't partition or ignore existing partitioning. 2864 type: boolean 2865 overwrite: 2866 description: Overwrite describes whether to skip checks 2867 and create the partition if a partition or filesystem 2868 is found on the device. Use with caution. Default 2869 is 'false'. 2870 type: boolean 2871 tableType: 2872 description: 'TableType specifies the tupe of partition 2873 table. The following are supported: ''mbr'': default 2874 and setups a MS-DOS partition table ''gpt'': setups 2875 a GPT partition table' 2876 type: string 2877 required: 2878 - device 2879 - layout 2880 type: object 2881 type: array 2882 type: object 2883 files: 2884 description: Files specifies extra files to be passed to user_data 2885 upon creation. 2886 items: 2887 description: File defines the input for generating write_files 2888 in cloud-init. 2889 properties: 2890 append: 2891 description: Append specifies whether to append Content 2892 to existing file if Path exists. 2893 type: boolean 2894 content: 2895 description: Content is the actual content of the file. 2896 type: string 2897 contentFrom: 2898 description: ContentFrom is a referenced source of content 2899 to populate the file. 2900 properties: 2901 secret: 2902 description: Secret represents a secret that should 2903 populate this file. 2904 properties: 2905 key: 2906 description: Key is the key in the secret's data 2907 map for this value. 2908 type: string 2909 name: 2910 description: Name of the secret in the KubeadmBootstrapConfig's 2911 namespace to use. 2912 type: string 2913 required: 2914 - key 2915 - name 2916 type: object 2917 required: 2918 - secret 2919 type: object 2920 encoding: 2921 description: Encoding specifies the encoding of the file 2922 contents. 2923 enum: 2924 - base64 2925 - gzip 2926 - gzip+base64 2927 type: string 2928 owner: 2929 description: Owner specifies the ownership of the file, 2930 e.g. "root:root". 2931 type: string 2932 path: 2933 description: Path specifies the full path on disk where 2934 to store the file. 2935 type: string 2936 permissions: 2937 description: Permissions specifies the permissions to assign 2938 to the file, e.g. "0640". 2939 type: string 2940 required: 2941 - path 2942 type: object 2943 type: array 2944 format: 2945 description: Format specifies the output format of the bootstrap 2946 data 2947 enum: 2948 - cloud-config 2949 - ignition 2950 type: string 2951 ignition: 2952 description: Ignition contains Ignition specific configuration. 2953 properties: 2954 containerLinuxConfig: 2955 description: ContainerLinuxConfig contains CLC specific configuration. 2956 properties: 2957 additionalConfig: 2958 description: "AdditionalConfig contains additional configuration 2959 to be merged with the Ignition configuration generated 2960 by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging 2961 \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" 2962 type: string 2963 strict: 2964 description: Strict controls if AdditionalConfig should 2965 be strictly parsed. If so, warnings are treated as errors. 2966 type: boolean 2967 type: object 2968 type: object 2969 initConfiguration: 2970 description: InitConfiguration along with ClusterConfiguration 2971 are the configurations necessary for the init command 2972 properties: 2973 apiVersion: 2974 description: 'APIVersion defines the versioned schema of this 2975 representation of an object. Servers should convert recognized 2976 schemas to the latest internal value, and may reject unrecognized 2977 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2978 type: string 2979 bootstrapTokens: 2980 description: BootstrapTokens is respected at `kubeadm init` 2981 time and describes a set of Bootstrap Tokens to create. 2982 This information IS NOT uploaded to the kubeadm cluster 2983 configmap, partly because of its sensitive nature 2984 items: 2985 description: BootstrapToken describes one bootstrap token, 2986 stored as a Secret in the cluster. 2987 properties: 2988 description: 2989 description: Description sets a human-friendly message 2990 why this token exists and what it's used for, so other 2991 administrators can know its purpose. 2992 type: string 2993 expires: 2994 description: Expires specifies the timestamp when this 2995 token expires. Defaults to being set dynamically at 2996 runtime based on the TTL. Expires and TTL are mutually 2997 exclusive. 2998 format: date-time 2999 type: string 3000 groups: 3001 description: Groups specifies the extra groups that 3002 this token will authenticate as when/if used for authentication 3003 items: 3004 type: string 3005 type: array 3006 token: 3007 description: Token is used for establishing bidirectional 3008 trust between nodes and control-planes. Used for joining 3009 nodes in the cluster. 3010 type: string 3011 ttl: 3012 description: TTL defines the time to live for this token. 3013 Defaults to 24h. Expires and TTL are mutually exclusive. 3014 type: string 3015 usages: 3016 description: Usages describes the ways in which this 3017 token can be used. Can by default be used for establishing 3018 bidirectional trust, but that can be changed here. 3019 items: 3020 type: string 3021 type: array 3022 required: 3023 - token 3024 type: object 3025 type: array 3026 kind: 3027 description: 'Kind is a string value representing the REST 3028 resource this object represents. Servers may infer this 3029 from the endpoint the client submits requests to. Cannot 3030 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3031 type: string 3032 localAPIEndpoint: 3033 description: LocalAPIEndpoint represents the endpoint of the 3034 API server instance that's deployed on this control plane 3035 node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint 3036 in the sense that ControlPlaneEndpoint is the global endpoint 3037 for the cluster, which then loadbalances the requests to 3038 each individual API server. This configuration object lets 3039 you customize what IP/DNS name and port the local API server 3040 advertises it's accessible on. By default, kubeadm tries 3041 to auto-detect the IP of the default interface and use that, 3042 but in case that process fails you may set the desired value 3043 here. 3044 properties: 3045 advertiseAddress: 3046 description: AdvertiseAddress sets the IP address for 3047 the API server to advertise. 3048 type: string 3049 bindPort: 3050 description: BindPort sets the secure port for the API 3051 Server to bind to. Defaults to 6443. 3052 format: int32 3053 type: integer 3054 type: object 3055 nodeRegistration: 3056 description: NodeRegistration holds fields that relate to 3057 registering the new control-plane node to the cluster. When 3058 used in the context of control plane nodes, NodeRegistration 3059 should remain consistent across both InitConfiguration and 3060 JoinConfiguration 3061 properties: 3062 criSocket: 3063 description: CRISocket is used to retrieve container runtime 3064 info. This information will be annotated to the Node 3065 API object, for later re-use 3066 type: string 3067 ignorePreflightErrors: 3068 description: IgnorePreflightErrors provides a slice of 3069 pre-flight errors to be ignored when the current node 3070 is registered. 3071 items: 3072 type: string 3073 type: array 3074 imagePullPolicy: 3075 description: ImagePullPolicy specifies the policy for 3076 image pulling during kubeadm "init" and "join" operations. 3077 The value of this field must be one of "Always", "IfNotPresent" 3078 or "Never". Defaults to "IfNotPresent". This can be 3079 used only with Kubernetes version equal to 1.22 and 3080 later. 3081 enum: 3082 - Always 3083 - IfNotPresent 3084 - Never 3085 type: string 3086 kubeletExtraArgs: 3087 additionalProperties: 3088 type: string 3089 description: KubeletExtraArgs passes through extra arguments 3090 to the kubelet. The arguments here are passed to the 3091 kubelet command line via the environment file kubeadm 3092 writes at runtime for the kubelet to source. This overrides 3093 the generic base-level configuration in the kubelet-config-1.X 3094 ConfigMap Flags have higher priority when parsing. These 3095 values are local and specific to the node kubeadm is 3096 executing on. 3097 type: object 3098 name: 3099 description: Name is the `.Metadata.Name` field of the 3100 Node API object that will be created in this `kubeadm 3101 init` or `kubeadm join` operation. This field is also 3102 used in the CommonName field of the kubelet's client 3103 certificate to the API server. Defaults to the hostname 3104 of the node if not provided. 3105 type: string 3106 taints: 3107 description: 'Taints specifies the taints the Node API 3108 object should be registered with. If this field is unset, 3109 i.e. nil, in the `kubeadm init` process it will be defaulted 3110 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 3111 If you don''t want to taint your control-plane node, 3112 set this field to an empty slice, i.e. `taints: []` 3113 in the YAML file. This field is solely used for Node 3114 registration.' 3115 items: 3116 description: The node this Taint is attached to has 3117 the "effect" on any pod that does not tolerate the 3118 Taint. 3119 properties: 3120 effect: 3121 description: Required. The effect of the taint on 3122 pods that do not tolerate the taint. Valid effects 3123 are NoSchedule, PreferNoSchedule and NoExecute. 3124 type: string 3125 key: 3126 description: Required. The taint key to be applied 3127 to a node. 3128 type: string 3129 timeAdded: 3130 description: TimeAdded represents the time at which 3131 the taint was added. It is only written for NoExecute 3132 taints. 3133 format: date-time 3134 type: string 3135 value: 3136 description: The taint value corresponding to the 3137 taint key. 3138 type: string 3139 required: 3140 - effect 3141 - key 3142 type: object 3143 type: array 3144 type: object 3145 patches: 3146 description: Patches contains options related to applying 3147 patches to components deployed by kubeadm during "kubeadm 3148 init". The minimum kubernetes version needed to support 3149 Patches is v1.22 3150 properties: 3151 directory: 3152 description: Directory is a path to a directory that contains 3153 files named "target[suffix][+patchtype].extension". 3154 For example, "kube-apiserver0+merge.yaml" or just "etcd.json". 3155 "target" can be one of "kube-apiserver", "kube-controller-manager", 3156 "kube-scheduler", "etcd". "patchtype" can be one of 3157 "strategic" "merge" or "json" and they match the patch 3158 formats supported by kubectl. The default "patchtype" 3159 is "strategic". "extension" must be either "json" or 3160 "yaml". "suffix" is an optional string that can be used 3161 to determine which patches are applied first alpha-numerically. 3162 These files can be written into the target directory 3163 via KubeadmConfig.Files which specifies additional files 3164 to be created on the machine, either with content inline 3165 or by referencing a secret. 3166 type: string 3167 type: object 3168 skipPhases: 3169 description: SkipPhases is a list of phases to skip during 3170 command execution. The list of phases can be obtained with 3171 the "kubeadm init --help" command. This option takes effect 3172 only on Kubernetes >=1.22.0. 3173 items: 3174 type: string 3175 type: array 3176 type: object 3177 joinConfiguration: 3178 description: JoinConfiguration is the kubeadm configuration for 3179 the join command 3180 properties: 3181 apiVersion: 3182 description: 'APIVersion defines the versioned schema of this 3183 representation of an object. Servers should convert recognized 3184 schemas to the latest internal value, and may reject unrecognized 3185 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 3186 type: string 3187 caCertPath: 3188 description: 'CACertPath is the path to the SSL certificate 3189 authority used to secure comunications between node and 3190 control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". 3191 TODO: revisit when there is defaulting from k/k' 3192 type: string 3193 controlPlane: 3194 description: ControlPlane defines the additional control plane 3195 instance to be deployed on the joining node. If nil, no 3196 additional control plane instance will be deployed. 3197 properties: 3198 localAPIEndpoint: 3199 description: LocalAPIEndpoint represents the endpoint 3200 of the API server instance to be deployed on this node. 3201 properties: 3202 advertiseAddress: 3203 description: AdvertiseAddress sets the IP address 3204 for the API server to advertise. 3205 type: string 3206 bindPort: 3207 description: BindPort sets the secure port for the 3208 API Server to bind to. Defaults to 6443. 3209 format: int32 3210 type: integer 3211 type: object 3212 type: object 3213 discovery: 3214 description: 'Discovery specifies the options for the kubelet 3215 to use during the TLS Bootstrap process TODO: revisit when 3216 there is defaulting from k/k' 3217 properties: 3218 bootstrapToken: 3219 description: BootstrapToken is used to set the options 3220 for bootstrap token based discovery BootstrapToken and 3221 File are mutually exclusive 3222 properties: 3223 apiServerEndpoint: 3224 description: APIServerEndpoint is an IP or domain 3225 name to the API server from which info will be fetched. 3226 type: string 3227 caCertHashes: 3228 description: 'CACertHashes specifies a set of public 3229 key pins to verify when token-based discovery is 3230 used. The root CA found during discovery must match 3231 one of these values. Specifying an empty set disables 3232 root CA pinning, which can be unsafe. Each hash 3233 is specified as "<type>:<value>", where the only 3234 currently supported type is "sha256". This is a 3235 hex-encoded SHA-256 hash of the Subject Public Key 3236 Info (SPKI) object in DER-encoded ASN.1. These hashes 3237 can be calculated using, for example, OpenSSL: openssl 3238 x509 -pubkey -in ca.crt openssl rsa -pubin -outform 3239 der 2>&/dev/null | openssl dgst -sha256 -hex' 3240 items: 3241 type: string 3242 type: array 3243 token: 3244 description: Token is a token used to validate cluster 3245 information fetched from the control-plane. 3246 type: string 3247 unsafeSkipCAVerification: 3248 description: UnsafeSkipCAVerification allows token-based 3249 discovery without CA verification via CACertHashes. 3250 This can weaken the security of kubeadm since other 3251 nodes can impersonate the control-plane. 3252 type: boolean 3253 required: 3254 - token 3255 type: object 3256 file: 3257 description: File is used to specify a file or URL to 3258 a kubeconfig file from which to load cluster information 3259 BootstrapToken and File are mutually exclusive 3260 properties: 3261 kubeConfigPath: 3262 description: KubeConfigPath is used to specify the 3263 actual file path or URL to the kubeconfig file from 3264 which to load cluster information 3265 type: string 3266 required: 3267 - kubeConfigPath 3268 type: object 3269 timeout: 3270 description: Timeout modifies the discovery timeout 3271 type: string 3272 tlsBootstrapToken: 3273 description: TLSBootstrapToken is a token used for TLS 3274 bootstrapping. If .BootstrapToken is set, this field 3275 is defaulted to .BootstrapToken.Token, but can be overridden. 3276 If .File is set, this field **must be set** in case 3277 the KubeConfigFile does not contain any other authentication 3278 information 3279 type: string 3280 type: object 3281 kind: 3282 description: 'Kind is a string value representing the REST 3283 resource this object represents. Servers may infer this 3284 from the endpoint the client submits requests to. Cannot 3285 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3286 type: string 3287 nodeRegistration: 3288 description: NodeRegistration holds fields that relate to 3289 registering the new control-plane node to the cluster. When 3290 used in the context of control plane nodes, NodeRegistration 3291 should remain consistent across both InitConfiguration and 3292 JoinConfiguration 3293 properties: 3294 criSocket: 3295 description: CRISocket is used to retrieve container runtime 3296 info. This information will be annotated to the Node 3297 API object, for later re-use 3298 type: string 3299 ignorePreflightErrors: 3300 description: IgnorePreflightErrors provides a slice of 3301 pre-flight errors to be ignored when the current node 3302 is registered. 3303 items: 3304 type: string 3305 type: array 3306 imagePullPolicy: 3307 description: ImagePullPolicy specifies the policy for 3308 image pulling during kubeadm "init" and "join" operations. 3309 The value of this field must be one of "Always", "IfNotPresent" 3310 or "Never". Defaults to "IfNotPresent". This can be 3311 used only with Kubernetes version equal to 1.22 and 3312 later. 3313 enum: 3314 - Always 3315 - IfNotPresent 3316 - Never 3317 type: string 3318 kubeletExtraArgs: 3319 additionalProperties: 3320 type: string 3321 description: KubeletExtraArgs passes through extra arguments 3322 to the kubelet. The arguments here are passed to the 3323 kubelet command line via the environment file kubeadm 3324 writes at runtime for the kubelet to source. This overrides 3325 the generic base-level configuration in the kubelet-config-1.X 3326 ConfigMap Flags have higher priority when parsing. These 3327 values are local and specific to the node kubeadm is 3328 executing on. 3329 type: object 3330 name: 3331 description: Name is the `.Metadata.Name` field of the 3332 Node API object that will be created in this `kubeadm 3333 init` or `kubeadm join` operation. This field is also 3334 used in the CommonName field of the kubelet's client 3335 certificate to the API server. Defaults to the hostname 3336 of the node if not provided. 3337 type: string 3338 taints: 3339 description: 'Taints specifies the taints the Node API 3340 object should be registered with. If this field is unset, 3341 i.e. nil, in the `kubeadm init` process it will be defaulted 3342 to []v1.Taint{''node-role.kubernetes.io/master=""''}. 3343 If you don''t want to taint your control-plane node, 3344 set this field to an empty slice, i.e. `taints: []` 3345 in the YAML file. This field is solely used for Node 3346 registration.' 3347 items: 3348 description: The node this Taint is attached to has 3349 the "effect" on any pod that does not tolerate the 3350 Taint. 3351 properties: 3352 effect: 3353 description: Required. The effect of the taint on 3354 pods that do not tolerate the taint. Valid effects 3355 are NoSchedule, PreferNoSchedule and NoExecute. 3356 type: string 3357 key: 3358 description: Required. The taint key to be applied 3359 to a node. 3360 type: string 3361 timeAdded: 3362 description: TimeAdded represents the time at which 3363 the taint was added. It is only written for NoExecute 3364 taints. 3365 format: date-time 3366 type: string 3367 value: 3368 description: The taint value corresponding to the 3369 taint key. 3370 type: string 3371 required: 3372 - effect 3373 - key 3374 type: object 3375 type: array 3376 type: object 3377 patches: 3378 description: Patches contains options related to applying 3379 patches to components deployed by kubeadm during "kubeadm 3380 join". The minimum kubernetes version needed to support 3381 Patches is v1.22 3382 properties: 3383 directory: 3384 description: Directory is a path to a directory that contains 3385 files named "target[suffix][+patchtype].extension". 3386 For example, "kube-apiserver0+merge.yaml" or just "etcd.json". 3387 "target" can be one of "kube-apiserver", "kube-controller-manager", 3388 "kube-scheduler", "etcd". "patchtype" can be one of 3389 "strategic" "merge" or "json" and they match the patch 3390 formats supported by kubectl. The default "patchtype" 3391 is "strategic". "extension" must be either "json" or 3392 "yaml". "suffix" is an optional string that can be used 3393 to determine which patches are applied first alpha-numerically. 3394 These files can be written into the target directory 3395 via KubeadmConfig.Files which specifies additional files 3396 to be created on the machine, either with content inline 3397 or by referencing a secret. 3398 type: string 3399 type: object 3400 skipPhases: 3401 description: SkipPhases is a list of phases to skip during 3402 command execution. The list of phases can be obtained with 3403 the "kubeadm init --help" command. This option takes effect 3404 only on Kubernetes >=1.22.0. 3405 items: 3406 type: string 3407 type: array 3408 type: object 3409 mounts: 3410 description: Mounts specifies a list of mount points to be setup. 3411 items: 3412 description: MountPoints defines input for generated mounts 3413 in cloud-init. 3414 items: 3415 type: string 3416 type: array 3417 type: array 3418 ntp: 3419 description: NTP specifies NTP configuration 3420 properties: 3421 enabled: 3422 description: Enabled specifies whether NTP should be enabled 3423 type: boolean 3424 servers: 3425 description: Servers specifies which NTP servers to use 3426 items: 3427 type: string 3428 type: array 3429 type: object 3430 postKubeadmCommands: 3431 description: PostKubeadmCommands specifies extra commands to run 3432 after kubeadm runs 3433 items: 3434 type: string 3435 type: array 3436 preKubeadmCommands: 3437 description: PreKubeadmCommands specifies extra commands to run 3438 before kubeadm runs 3439 items: 3440 type: string 3441 type: array 3442 useExperimentalRetryJoin: 3443 description: "UseExperimentalRetryJoin replaces a basic kubeadm 3444 command with a shell script with retries for joins. \n This 3445 is meant to be an experimental temporary workaround on some 3446 environments where joins fail due to timing (and other issues). 3447 The long term goal is to add retries to kubeadm proper and use 3448 that functionality. \n This will add about 40KB to userdata 3449 \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 3450 \n Deprecated: This experimental fix is no longer needed and 3451 this field will be removed in a future release. When removing 3452 also remove from staticcheck exclude-rules for SA1019 in golangci.yml" 3453 type: boolean 3454 users: 3455 description: Users specifies extra users to add 3456 items: 3457 description: User defines the input for a generated user in 3458 cloud-init. 3459 properties: 3460 gecos: 3461 description: Gecos specifies the gecos to use for the user 3462 type: string 3463 groups: 3464 description: Groups specifies the additional groups for 3465 the user 3466 type: string 3467 homeDir: 3468 description: HomeDir specifies the home directory to use 3469 for the user 3470 type: string 3471 inactive: 3472 description: Inactive specifies whether to mark the user 3473 as inactive 3474 type: boolean 3475 lockPassword: 3476 description: LockPassword specifies if password login should 3477 be disabled 3478 type: boolean 3479 name: 3480 description: Name specifies the user name 3481 type: string 3482 passwd: 3483 description: Passwd specifies a hashed password for the 3484 user 3485 type: string 3486 passwdFrom: 3487 description: PasswdFrom is a referenced source of passwd 3488 to populate the passwd. 3489 properties: 3490 secret: 3491 description: Secret represents a secret that should 3492 populate this password. 3493 properties: 3494 key: 3495 description: Key is the key in the secret's data 3496 map for this value. 3497 type: string 3498 name: 3499 description: Name of the secret in the KubeadmBootstrapConfig's 3500 namespace to use. 3501 type: string 3502 required: 3503 - key 3504 - name 3505 type: object 3506 required: 3507 - secret 3508 type: object 3509 primaryGroup: 3510 description: PrimaryGroup specifies the primary group for 3511 the user 3512 type: string 3513 shell: 3514 description: Shell specifies the user's shell 3515 type: string 3516 sshAuthorizedKeys: 3517 description: SSHAuthorizedKeys specifies a list of ssh authorized 3518 keys for the user 3519 items: 3520 type: string 3521 type: array 3522 sudo: 3523 description: Sudo specifies a sudo role for the user 3524 type: string 3525 required: 3526 - name 3527 type: object 3528 type: array 3529 verbosity: 3530 description: Verbosity is the number for the kubeadm log level 3531 verbosity. It overrides the `--v` flag in kubeadm commands. 3532 format: int32 3533 type: integer 3534 type: object 3535 machineTemplate: 3536 description: MachineTemplate contains information about how machines 3537 should be shaped when creating or updating a control plane. 3538 properties: 3539 infrastructureRef: 3540 description: InfrastructureRef is a required reference to a custom 3541 resource offered by an infrastructure provider. 3542 properties: 3543 apiVersion: 3544 description: API version of the referent. 3545 type: string 3546 fieldPath: 3547 description: 'If referring to a piece of an object instead 3548 of an entire object, this string should contain a valid 3549 JSON/Go field access statement, such as desiredState.manifest.containers[2]. 3550 For example, if the object reference is to a container within 3551 a pod, this would take on a value like: "spec.containers{name}" 3552 (where "name" refers to the name of the container that triggered 3553 the event) or if no container name is specified "spec.containers[2]" 3554 (container with index 2 in this pod). This syntax is chosen 3555 only to have some well-defined way of referencing a part 3556 of an object. TODO: this design is not final and this field 3557 is subject to change in the future.' 3558 type: string 3559 kind: 3560 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3561 type: string 3562 name: 3563 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3564 type: string 3565 namespace: 3566 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 3567 type: string 3568 resourceVersion: 3569 description: 'Specific resourceVersion to which this reference 3570 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 3571 type: string 3572 uid: 3573 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 3574 type: string 3575 type: object 3576 x-kubernetes-map-type: atomic 3577 metadata: 3578 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 3579 properties: 3580 annotations: 3581 additionalProperties: 3582 type: string 3583 description: 'Annotations is an unstructured key value map 3584 stored with a resource that may be set by external tools 3585 to store and retrieve arbitrary metadata. They are not queryable 3586 and should be preserved when modifying objects. More info: 3587 http://kubernetes.io/docs/user-guide/annotations' 3588 type: object 3589 labels: 3590 additionalProperties: 3591 type: string 3592 description: 'Map of string keys and values that can be used 3593 to organize and categorize (scope and select) objects. May 3594 match selectors of replication controllers and services. 3595 More info: http://kubernetes.io/docs/user-guide/labels' 3596 type: object 3597 type: object 3598 nodeDeletionTimeout: 3599 description: NodeDeletionTimeout defines how long the machine 3600 controller will attempt to delete the Node that the Machine 3601 hosts after the Machine is marked for deletion. A duration of 3602 0 will retry deletion indefinitely. If no value is provided, 3603 the default value for this property of the Machine resource 3604 will be used. 3605 type: string 3606 nodeDrainTimeout: 3607 description: 'NodeDrainTimeout is the total amount of time that 3608 the controller will spend on draining a controlplane node The 3609 default value is 0, meaning that the node can be drained without 3610 any time limitations. NOTE: NodeDrainTimeout is different from 3611 `kubectl drain --timeout`' 3612 type: string 3613 nodeVolumeDetachTimeout: 3614 description: NodeVolumeDetachTimeout is the total amount of time 3615 that the controller will spend on waiting for all volumes to 3616 be detached. The default value is 0, meaning that the volumes 3617 can be detached without any time limitations. 3618 type: string 3619 required: 3620 - infrastructureRef 3621 type: object 3622 remediationStrategy: 3623 description: The RemediationStrategy that controls how control plane 3624 machine remediation happens. 3625 properties: 3626 maxRetry: 3627 description: "MaxRetry is the Max number of retries while attempting 3628 to remediate an unhealthy machine. A retry happens when a machine 3629 that was created as a replacement for an unhealthy machine also 3630 fails. For example, given a control plane with three machines 3631 M1, M2, M3: \n M1 become unhealthy; remediation happens, and 3632 M1-1 is created as a replacement. If M1-1 (replacement of M1) 3633 has problems while bootstrapping it will become unhealthy, and 3634 then be remediated; such operation is considered a retry, remediation-retry 3635 #1. If M1-2 (replacement of M1-1) becomes unhealthy, remediation-retry 3636 #2 will happen, etc. \n A retry could happen only after RetryPeriod 3637 from the previous retry. If a machine is marked as unhealthy 3638 after MinHealthyPeriod from the previous remediation expired, 3639 this is not considered a retry anymore because the new issue 3640 is assumed unrelated from the previous one. \n If not set, the 3641 remedation will be retried infinitely." 3642 format: int32 3643 type: integer 3644 minHealthyPeriod: 3645 description: "MinHealthyPeriod defines the duration after which 3646 KCP will consider any failure to a machine unrelated from the 3647 previous one. In this case the remediation is not considered 3648 a retry anymore, and thus the retry counter restarts from 0. 3649 For example, assuming MinHealthyPeriod is set to 1h (default) 3650 \n M1 become unhealthy; remediation happens, and M1-1 is created 3651 as a replacement. If M1-1 (replacement of M1) has problems within 3652 the 1hr after the creation, also this machine will be remediated 3653 and this operation is considered a retry - a problem related 3654 to the original issue happened to M1 -. \n If instead the problem 3655 on M1-1 is happening after MinHealthyPeriod expired, e.g. four 3656 days after m1-1 has been created as a remediation of M1, the 3657 problem on M1-1 is considered unrelated to the original issue 3658 happened to M1. \n If not set, this value is defaulted to 1h." 3659 type: string 3660 retryPeriod: 3661 description: "RetryPeriod is the duration that KCP should wait 3662 before remediating a machine being created as a replacement 3663 for an unhealthy machine (a retry). \n If not set, a retry will 3664 happen immediately." 3665 type: string 3666 type: object 3667 replicas: 3668 description: Number of desired machines. Defaults to 1. When stacked 3669 etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 3670 This is a pointer to distinguish between explicit zero and not specified. 3671 format: int32 3672 type: integer 3673 rolloutAfter: 3674 description: 'RolloutAfter is a field to indicate a rollout should 3675 be performed after the specified time even if no changes have been 3676 made to the KubeadmControlPlane. Example: In the YAML the time can 3677 be specified in the RFC3339 format. To specify the rolloutAfter 3678 target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' 3679 format: date-time 3680 type: string 3681 rolloutBefore: 3682 description: RolloutBefore is a field to indicate a rollout should 3683 be performed if the specified criteria is met. 3684 properties: 3685 certificatesExpiryDays: 3686 description: CertificatesExpiryDays indicates a rollout needs 3687 to be performed if the certificates of the machine will expire 3688 within the specified days. 3689 format: int32 3690 type: integer 3691 type: object 3692 rolloutStrategy: 3693 default: 3694 rollingUpdate: 3695 maxSurge: 1 3696 type: RollingUpdate 3697 description: The RolloutStrategy to use to replace control plane machines 3698 with new ones. 3699 properties: 3700 rollingUpdate: 3701 description: Rolling update config params. Present only if RolloutStrategyType 3702 = RollingUpdate. 3703 properties: 3704 maxSurge: 3705 anyOf: 3706 - type: integer 3707 - type: string 3708 description: 'The maximum number of control planes that can 3709 be scheduled above or under the desired number of control 3710 planes. Value can be an absolute number 1 or 0. Defaults 3711 to 1. Example: when this is set to 1, the control plane 3712 can be scaled up immediately when the rolling update starts.' 3713 x-kubernetes-int-or-string: true 3714 type: object 3715 type: 3716 description: Type of rollout. Currently the only supported strategy 3717 is "RollingUpdate". Default is RollingUpdate. 3718 type: string 3719 type: object 3720 version: 3721 description: 'Version defines the desired Kubernetes version. Please 3722 note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository 3723 is not set we don''t allow upgrades to versions >= v1.22.0 for which 3724 kubeadm uses the old registry (k8s.gcr.io). Please use a newer patch 3725 version with the new registry instead. The default registries of 3726 kubeadm are: * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, 3727 >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions' 3728 type: string 3729 required: 3730 - kubeadmConfigSpec 3731 - machineTemplate 3732 - version 3733 type: object 3734 status: 3735 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 3736 properties: 3737 conditions: 3738 description: Conditions defines current service state of the KubeadmControlPlane. 3739 items: 3740 description: Condition defines an observation of a Cluster API resource 3741 operational state. 3742 properties: 3743 lastTransitionTime: 3744 description: Last time the condition transitioned from one status 3745 to another. This should be when the underlying condition changed. 3746 If that is not known, then using the time when the API field 3747 changed is acceptable. 3748 format: date-time 3749 type: string 3750 message: 3751 description: A human readable message indicating details about 3752 the transition. This field may be empty. 3753 type: string 3754 reason: 3755 description: The reason for the condition's last transition 3756 in CamelCase. The specific API may choose whether or not this 3757 field is considered a guaranteed API. This field may not be 3758 empty. 3759 type: string 3760 severity: 3761 description: Severity provides an explicit classification of 3762 Reason code, so the users or machines can immediately understand 3763 the current situation and act accordingly. The Severity field 3764 MUST be set only when Status=False. 3765 type: string 3766 status: 3767 description: Status of the condition, one of True, False, Unknown. 3768 type: string 3769 type: 3770 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 3771 Many .condition.type values are consistent across resources 3772 like Available, but because arbitrary conditions can be useful 3773 (see .node.status.conditions), the ability to deconflict is 3774 important. 3775 type: string 3776 required: 3777 - lastTransitionTime 3778 - status 3779 - type 3780 type: object 3781 type: array 3782 failureMessage: 3783 description: ErrorMessage indicates that there is a terminal problem 3784 reconciling the state, and will be set to a descriptive error message. 3785 type: string 3786 failureReason: 3787 description: FailureReason indicates that there is a terminal problem 3788 reconciling the state, and will be set to a token value suitable 3789 for programmatic interpretation. 3790 type: string 3791 initialized: 3792 description: Initialized denotes whether or not the control plane 3793 has the uploaded kubeadm-config configmap. 3794 type: boolean 3795 lastRemediation: 3796 description: LastRemediation stores info about last remediation performed. 3797 properties: 3798 machine: 3799 description: Machine is the machine name of the latest machine 3800 being remediated. 3801 type: string 3802 retryCount: 3803 description: RetryCount used to keep track of remediation retry 3804 for the last remediated machine. A retry happens when a machine 3805 that was created as a replacement for an unhealthy machine also 3806 fails. 3807 format: int32 3808 type: integer 3809 timestamp: 3810 description: Timestamp is when last remediation happened. It is 3811 represented in RFC3339 form and is in UTC. 3812 format: date-time 3813 type: string 3814 required: 3815 - machine 3816 - retryCount 3817 - timestamp 3818 type: object 3819 observedGeneration: 3820 description: ObservedGeneration is the latest generation observed 3821 by the controller. 3822 format: int64 3823 type: integer 3824 ready: 3825 description: Ready denotes that the KubeadmControlPlane API Server 3826 is ready to receive requests. 3827 type: boolean 3828 readyReplicas: 3829 description: Total number of fully running and ready control plane 3830 machines. 3831 format: int32 3832 type: integer 3833 replicas: 3834 description: Total number of non-terminated machines targeted by this 3835 control plane (their labels match the selector). 3836 format: int32 3837 type: integer 3838 selector: 3839 description: 'Selector is the label selector in string format to avoid 3840 introspection by clients, and is used to provide the CRD-based integration 3841 for the scale subresource and additional integrations for things 3842 like kubectl describe.. The string will be in the same format as 3843 the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' 3844 type: string 3845 unavailableReplicas: 3846 description: Total number of unavailable machines targeted by this 3847 control plane. This is the total number of machines that are still 3848 required for the deployment to have 100% available capacity. They 3849 may either be machines that are running but not yet ready or machines 3850 that still have not been created. 3851 format: int32 3852 type: integer 3853 updatedReplicas: 3854 description: Total number of non-terminated machines targeted by this 3855 control plane that have the desired template spec. 3856 format: int32 3857 type: integer 3858 version: 3859 description: Version represents the minimum Kubernetes version for 3860 the control plane machines in the cluster. 3861 type: string 3862 type: object 3863 type: object 3864 served: true 3865 storage: true 3866 subresources: 3867 scale: 3868 labelSelectorPath: .status.selector 3869 specReplicasPath: .spec.replicas 3870 statusReplicasPath: .status.replicas 3871 status: {}