sigs.k8s.io/cluster-api@v1.6.3/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanetemplates.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.13.0 7 name: kubeadmcontrolplanetemplates.controlplane.cluster.x-k8s.io 8 spec: 9 group: controlplane.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: KubeadmControlPlaneTemplate 14 listKind: KubeadmControlPlaneTemplateList 15 plural: kubeadmcontrolplanetemplates 16 singular: kubeadmcontrolplanetemplate 17 scope: Namespaced 18 versions: 19 - additionalPrinterColumns: 20 - description: Time duration since creation of KubeadmControlPlaneTemplate 21 jsonPath: .metadata.creationTimestamp 22 name: Age 23 type: date 24 deprecated: true 25 name: v1alpha4 26 schema: 27 openAPIV3Schema: 28 description: "KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates 29 API. \n Deprecated: This type will be removed in one of the next releases." 30 properties: 31 apiVersion: 32 description: 'APIVersion defines the versioned schema of this representation 33 of an object. Servers should convert recognized schemas to the latest 34 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 35 type: string 36 kind: 37 description: 'Kind is a string value representing the REST resource this 38 object represents. Servers may infer this from the endpoint the client 39 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 40 type: string 41 metadata: 42 type: object 43 spec: 44 description: KubeadmControlPlaneTemplateSpec defines the desired state 45 of KubeadmControlPlaneTemplate. 46 properties: 47 template: 48 description: KubeadmControlPlaneTemplateResource describes the data 49 needed to create a KubeadmControlPlane from a template. 50 properties: 51 spec: 52 description: KubeadmControlPlaneSpec defines the desired state 53 of KubeadmControlPlane. 54 properties: 55 kubeadmConfigSpec: 56 description: KubeadmConfigSpec is a KubeadmConfigSpec to use 57 for initializing and joining machines to the control plane. 58 properties: 59 clusterConfiguration: 60 description: ClusterConfiguration along with InitConfiguration 61 are the configurations necessary for the init command 62 properties: 63 apiServer: 64 description: APIServer contains extra settings for 65 the API server control plane component 66 properties: 67 certSANs: 68 description: CertSANs sets extra Subject Alternative 69 Names for the API Server signing cert. 70 items: 71 type: string 72 type: array 73 extraArgs: 74 additionalProperties: 75 type: string 76 description: 'ExtraArgs is an extra set of flags 77 to pass to the control plane component. TODO: 78 This is temporary and ideally we would like 79 to switch all components to use ComponentConfig 80 + ConfigMaps.' 81 type: object 82 extraVolumes: 83 description: ExtraVolumes is an extra set of host 84 volumes, mounted to the control plane component. 85 items: 86 description: HostPathMount contains elements 87 describing volumes that are mounted from the 88 host. 89 properties: 90 hostPath: 91 description: HostPath is the path in the 92 host that will be mounted inside the pod. 93 type: string 94 mountPath: 95 description: MountPath is the path inside 96 the pod where hostPath will be mounted. 97 type: string 98 name: 99 description: Name of the volume inside the 100 pod template. 101 type: string 102 pathType: 103 description: PathType is the type of the 104 HostPath. 105 type: string 106 readOnly: 107 description: ReadOnly controls write access 108 to the volume 109 type: boolean 110 required: 111 - hostPath 112 - mountPath 113 - name 114 type: object 115 type: array 116 timeoutForControlPlane: 117 description: TimeoutForControlPlane controls the 118 timeout that we use for API server to appear 119 type: string 120 type: object 121 apiVersion: 122 description: 'APIVersion defines the versioned schema 123 of this representation of an object. Servers should 124 convert recognized schemas to the latest internal 125 value, and may reject unrecognized values. More 126 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 127 type: string 128 certificatesDir: 129 description: 'CertificatesDir specifies where to store 130 or look for all required certificates. NB: if not 131 provided, this will default to `/etc/kubernetes/pki`' 132 type: string 133 clusterName: 134 description: The cluster name 135 type: string 136 controlPlaneEndpoint: 137 description: 'ControlPlaneEndpoint sets a stable IP 138 address or DNS name for the control plane; it can 139 be a valid IP address or a RFC-1123 DNS subdomain, 140 both with optional TCP port. In case the ControlPlaneEndpoint 141 is not specified, the AdvertiseAddress + BindPort 142 are used; in case the ControlPlaneEndpoint is specified 143 but without a TCP port, the BindPort is used. Possible 144 usages are: e.g. In a cluster with more than one 145 control plane instances, this field should be assigned 146 the address of the external load balancer in front 147 of the control plane instances. e.g. in environments 148 with enforced node recycling, the ControlPlaneEndpoint 149 could be used for assigning a stable DNS to the 150 control plane. NB: This value defaults to the first 151 value in the Cluster object status.apiEndpoints 152 array.' 153 type: string 154 controllerManager: 155 description: ControllerManager contains extra settings 156 for the controller manager control plane component 157 properties: 158 extraArgs: 159 additionalProperties: 160 type: string 161 description: 'ExtraArgs is an extra set of flags 162 to pass to the control plane component. TODO: 163 This is temporary and ideally we would like 164 to switch all components to use ComponentConfig 165 + ConfigMaps.' 166 type: object 167 extraVolumes: 168 description: ExtraVolumes is an extra set of host 169 volumes, mounted to the control plane component. 170 items: 171 description: HostPathMount contains elements 172 describing volumes that are mounted from the 173 host. 174 properties: 175 hostPath: 176 description: HostPath is the path in the 177 host that will be mounted inside the pod. 178 type: string 179 mountPath: 180 description: MountPath is the path inside 181 the pod where hostPath will be mounted. 182 type: string 183 name: 184 description: Name of the volume inside the 185 pod template. 186 type: string 187 pathType: 188 description: PathType is the type of the 189 HostPath. 190 type: string 191 readOnly: 192 description: ReadOnly controls write access 193 to the volume 194 type: boolean 195 required: 196 - hostPath 197 - mountPath 198 - name 199 type: object 200 type: array 201 type: object 202 dns: 203 description: DNS defines the options for the DNS add-on 204 installed in the cluster. 205 properties: 206 imageRepository: 207 description: ImageRepository sets the container 208 registry to pull images from. if not set, the 209 ImageRepository defined in ClusterConfiguration 210 will be used instead. 211 type: string 212 imageTag: 213 description: ImageTag allows to specify a tag 214 for the image. In case this value is set, kubeadm 215 does not change automatically the version of 216 the above components during upgrades. 217 type: string 218 type: object 219 etcd: 220 description: 'Etcd holds configuration for etcd. NB: 221 This value defaults to a Local (stacked) etcd' 222 properties: 223 external: 224 description: External describes how to connect 225 to an external etcd cluster Local and External 226 are mutually exclusive 227 properties: 228 caFile: 229 description: CAFile is an SSL Certificate 230 Authority file used to secure etcd communication. 231 Required if using a TLS connection. 232 type: string 233 certFile: 234 description: CertFile is an SSL certification 235 file used to secure etcd communication. 236 Required if using a TLS connection. 237 type: string 238 endpoints: 239 description: Endpoints of etcd members. Required 240 for ExternalEtcd. 241 items: 242 type: string 243 type: array 244 keyFile: 245 description: KeyFile is an SSL key file used 246 to secure etcd communication. Required if 247 using a TLS connection. 248 type: string 249 required: 250 - caFile 251 - certFile 252 - endpoints 253 - keyFile 254 type: object 255 local: 256 description: Local provides configuration knobs 257 for configuring the local etcd instance Local 258 and External are mutually exclusive 259 properties: 260 dataDir: 261 description: DataDir is the directory etcd 262 will place its data. Defaults to "/var/lib/etcd". 263 type: string 264 extraArgs: 265 additionalProperties: 266 type: string 267 description: ExtraArgs are extra arguments 268 provided to the etcd binary when run inside 269 a static pod. 270 type: object 271 imageRepository: 272 description: ImageRepository sets the container 273 registry to pull images from. if not set, 274 the ImageRepository defined in ClusterConfiguration 275 will be used instead. 276 type: string 277 imageTag: 278 description: ImageTag allows to specify a 279 tag for the image. In case this value is 280 set, kubeadm does not change automatically 281 the version of the above components during 282 upgrades. 283 type: string 284 peerCertSANs: 285 description: PeerCertSANs sets extra Subject 286 Alternative Names for the etcd peer signing 287 cert. 288 items: 289 type: string 290 type: array 291 serverCertSANs: 292 description: ServerCertSANs sets extra Subject 293 Alternative Names for the etcd server signing 294 cert. 295 items: 296 type: string 297 type: array 298 type: object 299 type: object 300 featureGates: 301 additionalProperties: 302 type: boolean 303 description: FeatureGates enabled by the user. 304 type: object 305 imageRepository: 306 description: ImageRepository sets the container registry 307 to pull images from. If empty, `registry.k8s.io` 308 will be used by default; in case of kubernetes version 309 is a CI build (kubernetes version starts with `ci/` 310 or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will 311 be used as a default for control plane components 312 and for kube-proxy, while `registry.k8s.io` will 313 be used for all the other images. 314 type: string 315 kind: 316 description: 'Kind is a string value representing 317 the REST resource this object represents. Servers 318 may infer this from the endpoint the client submits 319 requests to. Cannot be updated. In CamelCase. More 320 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 321 type: string 322 kubernetesVersion: 323 description: 'KubernetesVersion is the target version 324 of the control plane. NB: This value defaults to 325 the Machine object spec.version' 326 type: string 327 networking: 328 description: 'Networking holds configuration for the 329 networking topology of the cluster. NB: This value 330 defaults to the Cluster object spec.clusterNetwork.' 331 properties: 332 dnsDomain: 333 description: DNSDomain is the dns domain used 334 by k8s services. Defaults to "cluster.local". 335 type: string 336 podSubnet: 337 description: PodSubnet is the subnet used by pods. 338 If unset, the API server will not allocate CIDR 339 ranges for every node. Defaults to a comma-delimited 340 string of the Cluster object's spec.clusterNetwork.services.cidrBlocks 341 if that is set 342 type: string 343 serviceSubnet: 344 description: ServiceSubnet is the subnet used 345 by k8s services. Defaults to a comma-delimited 346 string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, 347 or to "10.96.0.0/12" if that's unset. 348 type: string 349 type: object 350 scheduler: 351 description: Scheduler contains extra settings for 352 the scheduler control plane component 353 properties: 354 extraArgs: 355 additionalProperties: 356 type: string 357 description: 'ExtraArgs is an extra set of flags 358 to pass to the control plane component. TODO: 359 This is temporary and ideally we would like 360 to switch all components to use ComponentConfig 361 + ConfigMaps.' 362 type: object 363 extraVolumes: 364 description: ExtraVolumes is an extra set of host 365 volumes, mounted to the control plane component. 366 items: 367 description: HostPathMount contains elements 368 describing volumes that are mounted from the 369 host. 370 properties: 371 hostPath: 372 description: HostPath is the path in the 373 host that will be mounted inside the pod. 374 type: string 375 mountPath: 376 description: MountPath is the path inside 377 the pod where hostPath will be mounted. 378 type: string 379 name: 380 description: Name of the volume inside the 381 pod template. 382 type: string 383 pathType: 384 description: PathType is the type of the 385 HostPath. 386 type: string 387 readOnly: 388 description: ReadOnly controls write access 389 to the volume 390 type: boolean 391 required: 392 - hostPath 393 - mountPath 394 - name 395 type: object 396 type: array 397 type: object 398 type: object 399 diskSetup: 400 description: DiskSetup specifies options for the creation 401 of partition tables and file systems on devices. 402 properties: 403 filesystems: 404 description: Filesystems specifies the list of file 405 systems to setup. 406 items: 407 description: Filesystem defines the file systems 408 to be created. 409 properties: 410 device: 411 description: Device specifies the device name 412 type: string 413 extraOpts: 414 description: ExtraOpts defined extra options 415 to add to the command for creating the file 416 system. 417 items: 418 type: string 419 type: array 420 filesystem: 421 description: Filesystem specifies the file system 422 type. 423 type: string 424 label: 425 description: Label specifies the file system 426 label to be used. If set to None, no label 427 is used. 428 type: string 429 overwrite: 430 description: Overwrite defines whether or not 431 to overwrite any existing filesystem. If true, 432 any pre-existing file system will be destroyed. 433 Use with Caution. 434 type: boolean 435 partition: 436 description: 'Partition specifies the partition 437 to use. The valid options are: "auto|any", 438 "auto", "any", "none", and <NUM>, where NUM 439 is the actual partition number.' 440 type: string 441 replaceFS: 442 description: 'ReplaceFS is a special directive, 443 used for Microsoft Azure that instructs cloud-init 444 to replace a file system of <FS_TYPE>. NOTE: 445 unless you define a label, this requires the 446 use of the ''any'' partition directive.' 447 type: string 448 required: 449 - device 450 - filesystem 451 - label 452 type: object 453 type: array 454 partitions: 455 description: Partitions specifies the list of the 456 partitions to setup. 457 items: 458 description: Partition defines how to create and 459 layout a partition. 460 properties: 461 device: 462 description: Device is the name of the device. 463 type: string 464 layout: 465 description: Layout specifies the device layout. 466 If it is true, a single partition will be 467 created for the entire device. When layout 468 is false, it means don't partition or ignore 469 existing partitioning. 470 type: boolean 471 overwrite: 472 description: Overwrite describes whether to 473 skip checks and create the partition if a 474 partition or filesystem is found on the device. 475 Use with caution. Default is 'false'. 476 type: boolean 477 tableType: 478 description: 'TableType specifies the tupe of 479 partition table. The following are supported: 480 ''mbr'': default and setups a MS-DOS partition 481 table ''gpt'': setups a GPT partition table' 482 type: string 483 required: 484 - device 485 - layout 486 type: object 487 type: array 488 type: object 489 files: 490 description: Files specifies extra files to be passed 491 to user_data upon creation. 492 items: 493 description: File defines the input for generating write_files 494 in cloud-init. 495 properties: 496 content: 497 description: Content is the actual content of the 498 file. 499 type: string 500 contentFrom: 501 description: ContentFrom is a referenced source 502 of content to populate the file. 503 properties: 504 secret: 505 description: Secret represents a secret that 506 should populate this file. 507 properties: 508 key: 509 description: Key is the key in the secret's 510 data map for this value. 511 type: string 512 name: 513 description: Name of the secret in the KubeadmBootstrapConfig's 514 namespace to use. 515 type: string 516 required: 517 - key 518 - name 519 type: object 520 required: 521 - secret 522 type: object 523 encoding: 524 description: Encoding specifies the encoding of 525 the file contents. 526 enum: 527 - base64 528 - gzip 529 - gzip+base64 530 type: string 531 owner: 532 description: Owner specifies the ownership of the 533 file, e.g. "root:root". 534 type: string 535 path: 536 description: Path specifies the full path on disk 537 where to store the file. 538 type: string 539 permissions: 540 description: Permissions specifies the permissions 541 to assign to the file, e.g. "0640". 542 type: string 543 required: 544 - path 545 type: object 546 type: array 547 format: 548 description: Format specifies the output format of the 549 bootstrap data 550 enum: 551 - cloud-config 552 type: string 553 initConfiguration: 554 description: InitConfiguration along with ClusterConfiguration 555 are the configurations necessary for the init command 556 properties: 557 apiVersion: 558 description: 'APIVersion defines the versioned schema 559 of this representation of an object. Servers should 560 convert recognized schemas to the latest internal 561 value, and may reject unrecognized values. More 562 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 563 type: string 564 bootstrapTokens: 565 description: BootstrapTokens is respected at `kubeadm 566 init` time and describes a set of Bootstrap Tokens 567 to create. This information IS NOT uploaded to the 568 kubeadm cluster configmap, partly because of its 569 sensitive nature 570 items: 571 description: BootstrapToken describes one bootstrap 572 token, stored as a Secret in the cluster. 573 properties: 574 description: 575 description: Description sets a human-friendly 576 message why this token exists and what it's 577 used for, so other administrators can know 578 its purpose. 579 type: string 580 expires: 581 description: Expires specifies the timestamp 582 when this token expires. Defaults to being 583 set dynamically at runtime based on the TTL. 584 Expires and TTL are mutually exclusive. 585 format: date-time 586 type: string 587 groups: 588 description: Groups specifies the extra groups 589 that this token will authenticate as when/if 590 used for authentication 591 items: 592 type: string 593 type: array 594 token: 595 description: Token is used for establishing 596 bidirectional trust between nodes and control-planes. 597 Used for joining nodes in the cluster. 598 type: string 599 ttl: 600 description: TTL defines the time to live for 601 this token. Defaults to 24h. Expires and TTL 602 are mutually exclusive. 603 type: string 604 usages: 605 description: Usages describes the ways in which 606 this token can be used. Can by default be 607 used for establishing bidirectional trust, 608 but that can be changed here. 609 items: 610 type: string 611 type: array 612 required: 613 - token 614 type: object 615 type: array 616 kind: 617 description: 'Kind is a string value representing 618 the REST resource this object represents. Servers 619 may infer this from the endpoint the client submits 620 requests to. Cannot be updated. In CamelCase. More 621 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 622 type: string 623 localAPIEndpoint: 624 description: LocalAPIEndpoint represents the endpoint 625 of the API server instance that's deployed on this 626 control plane node In HA setups, this differs from 627 ClusterConfiguration.ControlPlaneEndpoint in the 628 sense that ControlPlaneEndpoint is the global endpoint 629 for the cluster, which then loadbalances the requests 630 to each individual API server. This configuration 631 object lets you customize what IP/DNS name and port 632 the local API server advertises it's accessible 633 on. By default, kubeadm tries to auto-detect the 634 IP of the default interface and use that, but in 635 case that process fails you may set the desired 636 value here. 637 properties: 638 advertiseAddress: 639 description: AdvertiseAddress sets the IP address 640 for the API server to advertise. 641 type: string 642 bindPort: 643 description: BindPort sets the secure port for 644 the API Server to bind to. Defaults to 6443. 645 format: int32 646 type: integer 647 type: object 648 nodeRegistration: 649 description: NodeRegistration holds fields that relate 650 to registering the new control-plane node to the 651 cluster. When used in the context of control plane 652 nodes, NodeRegistration should remain consistent 653 across both InitConfiguration and JoinConfiguration 654 properties: 655 criSocket: 656 description: CRISocket is used to retrieve container 657 runtime info. This information will be annotated 658 to the Node API object, for later re-use 659 type: string 660 ignorePreflightErrors: 661 description: IgnorePreflightErrors provides a 662 slice of pre-flight errors to be ignored when 663 the current node is registered. 664 items: 665 type: string 666 type: array 667 kubeletExtraArgs: 668 additionalProperties: 669 type: string 670 description: KubeletExtraArgs passes through extra 671 arguments to the kubelet. The arguments here 672 are passed to the kubelet command line via the 673 environment file kubeadm writes at runtime for 674 the kubelet to source. This overrides the generic 675 base-level configuration in the kubelet-config-1.X 676 ConfigMap Flags have higher priority when parsing. 677 These values are local and specific to the node 678 kubeadm is executing on. 679 type: object 680 name: 681 description: Name is the `.Metadata.Name` field 682 of the Node API object that will be created 683 in this `kubeadm init` or `kubeadm join` operation. 684 This field is also used in the CommonName field 685 of the kubelet's client certificate to the API 686 server. Defaults to the hostname of the node 687 if not provided. 688 type: string 689 taints: 690 description: 'Taints specifies the taints the 691 Node API object should be registered with. If 692 this field is unset, i.e. nil, in the `kubeadm 693 init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. 694 If you don''t want to taint your control-plane 695 node, set this field to an empty slice, i.e. 696 `taints: {}` in the YAML file. This field is 697 solely used for Node registration.' 698 items: 699 description: The node this Taint is attached 700 to has the "effect" on any pod that does not 701 tolerate the Taint. 702 properties: 703 effect: 704 description: Required. The effect of the 705 taint on pods that do not tolerate the 706 taint. Valid effects are NoSchedule, PreferNoSchedule 707 and NoExecute. 708 type: string 709 key: 710 description: Required. The taint key to 711 be applied to a node. 712 type: string 713 timeAdded: 714 description: TimeAdded represents the time 715 at which the taint was added. It is only 716 written for NoExecute taints. 717 format: date-time 718 type: string 719 value: 720 description: The taint value corresponding 721 to the taint key. 722 type: string 723 required: 724 - effect 725 - key 726 type: object 727 type: array 728 type: object 729 type: object 730 joinConfiguration: 731 description: JoinConfiguration is the kubeadm configuration 732 for the join command 733 properties: 734 apiVersion: 735 description: 'APIVersion defines the versioned schema 736 of this representation of an object. Servers should 737 convert recognized schemas to the latest internal 738 value, and may reject unrecognized values. More 739 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 740 type: string 741 caCertPath: 742 description: 'CACertPath is the path to the SSL certificate 743 authority used to secure comunications between node 744 and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". 745 TODO: revisit when there is defaulting from k/k' 746 type: string 747 controlPlane: 748 description: ControlPlane defines the additional control 749 plane instance to be deployed on the joining node. 750 If nil, no additional control plane instance will 751 be deployed. 752 properties: 753 localAPIEndpoint: 754 description: LocalAPIEndpoint represents the endpoint 755 of the API server instance to be deployed on 756 this node. 757 properties: 758 advertiseAddress: 759 description: AdvertiseAddress sets the IP 760 address for the API server to advertise. 761 type: string 762 bindPort: 763 description: BindPort sets the secure port 764 for the API Server to bind to. Defaults 765 to 6443. 766 format: int32 767 type: integer 768 type: object 769 type: object 770 discovery: 771 description: 'Discovery specifies the options for 772 the kubelet to use during the TLS Bootstrap process 773 TODO: revisit when there is defaulting from k/k' 774 properties: 775 bootstrapToken: 776 description: BootstrapToken is used to set the 777 options for bootstrap token based discovery 778 BootstrapToken and File are mutually exclusive 779 properties: 780 apiServerEndpoint: 781 description: APIServerEndpoint is an IP or 782 domain name to the API server from which 783 info will be fetched. 784 type: string 785 caCertHashes: 786 description: 'CACertHashes specifies a set 787 of public key pins to verify when token-based 788 discovery is used. The root CA found during 789 discovery must match one of these values. 790 Specifying an empty set disables root CA 791 pinning, which can be unsafe. Each hash 792 is specified as "<type>:<value>", where 793 the only currently supported type is "sha256". 794 This is a hex-encoded SHA-256 hash of the 795 Subject Public Key Info (SPKI) object in 796 DER-encoded ASN.1. These hashes can be calculated 797 using, for example, OpenSSL: openssl x509 798 -pubkey -in ca.crt openssl rsa -pubin -outform 799 der 2>&/dev/null | openssl dgst -sha256 800 -hex' 801 items: 802 type: string 803 type: array 804 token: 805 description: Token is a token used to validate 806 cluster information fetched from the control-plane. 807 type: string 808 unsafeSkipCAVerification: 809 description: UnsafeSkipCAVerification allows 810 token-based discovery without CA verification 811 via CACertHashes. This can weaken the security 812 of kubeadm since other nodes can impersonate 813 the control-plane. 814 type: boolean 815 required: 816 - token 817 type: object 818 file: 819 description: File is used to specify a file or 820 URL to a kubeconfig file from which to load 821 cluster information BootstrapToken and File 822 are mutually exclusive 823 properties: 824 kubeConfigPath: 825 description: KubeConfigPath is used to specify 826 the actual file path or URL to the kubeconfig 827 file from which to load cluster information 828 type: string 829 required: 830 - kubeConfigPath 831 type: object 832 timeout: 833 description: Timeout modifies the discovery timeout 834 type: string 835 tlsBootstrapToken: 836 description: TLSBootstrapToken is a token used 837 for TLS bootstrapping. If .BootstrapToken is 838 set, this field is defaulted to .BootstrapToken.Token, 839 but can be overridden. If .File is set, this 840 field **must be set** in case the KubeConfigFile 841 does not contain any other authentication information 842 type: string 843 type: object 844 kind: 845 description: 'Kind is a string value representing 846 the REST resource this object represents. Servers 847 may infer this from the endpoint the client submits 848 requests to. Cannot be updated. In CamelCase. More 849 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 850 type: string 851 nodeRegistration: 852 description: NodeRegistration holds fields that relate 853 to registering the new control-plane node to the 854 cluster. When used in the context of control plane 855 nodes, NodeRegistration should remain consistent 856 across both InitConfiguration and JoinConfiguration 857 properties: 858 criSocket: 859 description: CRISocket is used to retrieve container 860 runtime info. This information will be annotated 861 to the Node API object, for later re-use 862 type: string 863 ignorePreflightErrors: 864 description: IgnorePreflightErrors provides a 865 slice of pre-flight errors to be ignored when 866 the current node is registered. 867 items: 868 type: string 869 type: array 870 kubeletExtraArgs: 871 additionalProperties: 872 type: string 873 description: KubeletExtraArgs passes through extra 874 arguments to the kubelet. The arguments here 875 are passed to the kubelet command line via the 876 environment file kubeadm writes at runtime for 877 the kubelet to source. This overrides the generic 878 base-level configuration in the kubelet-config-1.X 879 ConfigMap Flags have higher priority when parsing. 880 These values are local and specific to the node 881 kubeadm is executing on. 882 type: object 883 name: 884 description: Name is the `.Metadata.Name` field 885 of the Node API object that will be created 886 in this `kubeadm init` or `kubeadm join` operation. 887 This field is also used in the CommonName field 888 of the kubelet's client certificate to the API 889 server. Defaults to the hostname of the node 890 if not provided. 891 type: string 892 taints: 893 description: 'Taints specifies the taints the 894 Node API object should be registered with. If 895 this field is unset, i.e. nil, in the `kubeadm 896 init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. 897 If you don''t want to taint your control-plane 898 node, set this field to an empty slice, i.e. 899 `taints: {}` in the YAML file. This field is 900 solely used for Node registration.' 901 items: 902 description: The node this Taint is attached 903 to has the "effect" on any pod that does not 904 tolerate the Taint. 905 properties: 906 effect: 907 description: Required. The effect of the 908 taint on pods that do not tolerate the 909 taint. Valid effects are NoSchedule, PreferNoSchedule 910 and NoExecute. 911 type: string 912 key: 913 description: Required. The taint key to 914 be applied to a node. 915 type: string 916 timeAdded: 917 description: TimeAdded represents the time 918 at which the taint was added. It is only 919 written for NoExecute taints. 920 format: date-time 921 type: string 922 value: 923 description: The taint value corresponding 924 to the taint key. 925 type: string 926 required: 927 - effect 928 - key 929 type: object 930 type: array 931 type: object 932 type: object 933 mounts: 934 description: Mounts specifies a list of mount points to 935 be setup. 936 items: 937 description: MountPoints defines input for generated 938 mounts in cloud-init. 939 items: 940 type: string 941 type: array 942 type: array 943 ntp: 944 description: NTP specifies NTP configuration 945 properties: 946 enabled: 947 description: Enabled specifies whether NTP should 948 be enabled 949 type: boolean 950 servers: 951 description: Servers specifies which NTP servers to 952 use 953 items: 954 type: string 955 type: array 956 type: object 957 postKubeadmCommands: 958 description: PostKubeadmCommands specifies extra commands 959 to run after kubeadm runs 960 items: 961 type: string 962 type: array 963 preKubeadmCommands: 964 description: PreKubeadmCommands specifies extra commands 965 to run before kubeadm runs 966 items: 967 type: string 968 type: array 969 useExperimentalRetryJoin: 970 description: "UseExperimentalRetryJoin replaces a basic 971 kubeadm command with a shell script with retries for 972 joins. \n This is meant to be an experimental temporary 973 workaround on some environments where joins fail due 974 to timing (and other issues). The long term goal is 975 to add retries to kubeadm proper and use that functionality. 976 \n This will add about 40KB to userdata \n For more 977 information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." 978 type: boolean 979 users: 980 description: Users specifies extra users to add 981 items: 982 description: User defines the input for a generated 983 user in cloud-init. 984 properties: 985 gecos: 986 description: Gecos specifies the gecos to use for 987 the user 988 type: string 989 groups: 990 description: Groups specifies the additional groups 991 for the user 992 type: string 993 homeDir: 994 description: HomeDir specifies the home directory 995 to use for the user 996 type: string 997 inactive: 998 description: Inactive specifies whether to mark 999 the user as inactive 1000 type: boolean 1001 lockPassword: 1002 description: LockPassword specifies if password 1003 login should be disabled 1004 type: boolean 1005 name: 1006 description: Name specifies the user name 1007 type: string 1008 passwd: 1009 description: Passwd specifies a hashed password 1010 for the user 1011 type: string 1012 primaryGroup: 1013 description: PrimaryGroup specifies the primary 1014 group for the user 1015 type: string 1016 shell: 1017 description: Shell specifies the user's shell 1018 type: string 1019 sshAuthorizedKeys: 1020 description: SSHAuthorizedKeys specifies a list 1021 of ssh authorized keys for the user 1022 items: 1023 type: string 1024 type: array 1025 sudo: 1026 description: Sudo specifies a sudo role for the 1027 user 1028 type: string 1029 required: 1030 - name 1031 type: object 1032 type: array 1033 verbosity: 1034 description: Verbosity is the number for the kubeadm log 1035 level verbosity. It overrides the `--v` flag in kubeadm 1036 commands. 1037 format: int32 1038 type: integer 1039 type: object 1040 machineTemplate: 1041 description: MachineTemplate contains information about how 1042 machines should be shaped when creating or updating a control 1043 plane. 1044 properties: 1045 infrastructureRef: 1046 description: InfrastructureRef is a required reference 1047 to a custom resource offered by an infrastructure provider. 1048 properties: 1049 apiVersion: 1050 description: API version of the referent. 1051 type: string 1052 fieldPath: 1053 description: 'If referring to a piece of an object 1054 instead of an entire object, this string should 1055 contain a valid JSON/Go field access statement, 1056 such as desiredState.manifest.containers[2]. For 1057 example, if the object reference is to a container 1058 within a pod, this would take on a value like: "spec.containers{name}" 1059 (where "name" refers to the name of the container 1060 that triggered the event) or if no container name 1061 is specified "spec.containers[2]" (container with 1062 index 2 in this pod). This syntax is chosen only 1063 to have some well-defined way of referencing a part 1064 of an object. TODO: this design is not final and 1065 this field is subject to change in the future.' 1066 type: string 1067 kind: 1068 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1069 type: string 1070 name: 1071 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1072 type: string 1073 namespace: 1074 description: 'Namespace of the referent. More info: 1075 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 1076 type: string 1077 resourceVersion: 1078 description: 'Specific resourceVersion to which this 1079 reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 1080 type: string 1081 uid: 1082 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 1083 type: string 1084 type: object 1085 x-kubernetes-map-type: atomic 1086 metadata: 1087 description: 'Standard object''s metadata. More info: 1088 https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 1089 properties: 1090 annotations: 1091 additionalProperties: 1092 type: string 1093 description: 'Annotations is an unstructured key value 1094 map stored with a resource that may be set by external 1095 tools to store and retrieve arbitrary metadata. 1096 They are not queryable and should be preserved when 1097 modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 1098 type: object 1099 labels: 1100 additionalProperties: 1101 type: string 1102 description: 'Map of string keys and values that can 1103 be used to organize and categorize (scope and select) 1104 objects. May match selectors of replication controllers 1105 and services. More info: http://kubernetes.io/docs/user-guide/labels' 1106 type: object 1107 type: object 1108 nodeDrainTimeout: 1109 description: 'NodeDrainTimeout is the total amount of 1110 time that the controller will spend on draining a controlplane 1111 node The default value is 0, meaning that the node can 1112 be drained without any time limitations. NOTE: NodeDrainTimeout 1113 is different from `kubectl drain --timeout`' 1114 type: string 1115 required: 1116 - infrastructureRef 1117 type: object 1118 replicas: 1119 description: Number of desired machines. Defaults to 1. When 1120 stacked etcd is used only odd numbers are permitted, as 1121 per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 1122 This is a pointer to distinguish between explicit zero and 1123 not specified. 1124 format: int32 1125 type: integer 1126 rolloutAfter: 1127 description: RolloutAfter is a field to indicate a rollout 1128 should be performed after the specified time even if no 1129 changes have been made to the KubeadmControlPlane. 1130 format: date-time 1131 type: string 1132 rolloutStrategy: 1133 default: 1134 rollingUpdate: 1135 maxSurge: 1 1136 type: RollingUpdate 1137 description: The RolloutStrategy to use to replace control 1138 plane machines with new ones. 1139 properties: 1140 rollingUpdate: 1141 description: Rolling update config params. Present only 1142 if RolloutStrategyType = RollingUpdate. 1143 properties: 1144 maxSurge: 1145 anyOf: 1146 - type: integer 1147 - type: string 1148 description: 'The maximum number of control planes 1149 that can be scheduled above or under the desired 1150 number of control planes. Value can be an absolute 1151 number 1 or 0. Defaults to 1. Example: when this 1152 is set to 1, the control plane can be scaled up 1153 immediately when the rolling update starts.' 1154 x-kubernetes-int-or-string: true 1155 type: object 1156 type: 1157 description: Type of rollout. Currently the only supported 1158 strategy is "RollingUpdate". Default is RollingUpdate. 1159 type: string 1160 type: object 1161 version: 1162 description: Version defines the desired Kubernetes version. 1163 type: string 1164 required: 1165 - kubeadmConfigSpec 1166 - machineTemplate 1167 - version 1168 type: object 1169 required: 1170 - spec 1171 type: object 1172 required: 1173 - template 1174 type: object 1175 type: object 1176 served: false 1177 storage: false 1178 subresources: {} 1179 - additionalPrinterColumns: 1180 - description: Time duration since creation of KubeadmControlPlaneTemplate 1181 jsonPath: .metadata.creationTimestamp 1182 name: Age 1183 type: date 1184 name: v1beta1 1185 schema: 1186 openAPIV3Schema: 1187 description: KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates 1188 API. 1189 properties: 1190 apiVersion: 1191 description: 'APIVersion defines the versioned schema of this representation 1192 of an object. Servers should convert recognized schemas to the latest 1193 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1194 type: string 1195 kind: 1196 description: 'Kind is a string value representing the REST resource this 1197 object represents. Servers may infer this from the endpoint the client 1198 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1199 type: string 1200 metadata: 1201 type: object 1202 spec: 1203 description: KubeadmControlPlaneTemplateSpec defines the desired state 1204 of KubeadmControlPlaneTemplate. 1205 properties: 1206 template: 1207 description: KubeadmControlPlaneTemplateResource describes the data 1208 needed to create a KubeadmControlPlane from a template. 1209 properties: 1210 metadata: 1211 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 1212 properties: 1213 annotations: 1214 additionalProperties: 1215 type: string 1216 description: 'Annotations is an unstructured key value map 1217 stored with a resource that may be set by external tools 1218 to store and retrieve arbitrary metadata. They are not queryable 1219 and should be preserved when modifying objects. More info: 1220 http://kubernetes.io/docs/user-guide/annotations' 1221 type: object 1222 labels: 1223 additionalProperties: 1224 type: string 1225 description: 'Map of string keys and values that can be used 1226 to organize and categorize (scope and select) objects. May 1227 match selectors of replication controllers and services. 1228 More info: http://kubernetes.io/docs/user-guide/labels' 1229 type: object 1230 type: object 1231 spec: 1232 description: 'KubeadmControlPlaneTemplateResourceSpec defines 1233 the desired state of KubeadmControlPlane. NOTE: KubeadmControlPlaneTemplateResourceSpec 1234 is similar to KubeadmControlPlaneSpec but omits Replicas and 1235 Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate, 1236 because they are calculated by the Cluster topology reconciler 1237 during reconciliation and thus cannot be configured on the KubeadmControlPlaneTemplate.' 1238 properties: 1239 kubeadmConfigSpec: 1240 description: KubeadmConfigSpec is a KubeadmConfigSpec to use 1241 for initializing and joining machines to the control plane. 1242 properties: 1243 clusterConfiguration: 1244 description: ClusterConfiguration along with InitConfiguration 1245 are the configurations necessary for the init command 1246 properties: 1247 apiServer: 1248 description: APIServer contains extra settings for 1249 the API server control plane component 1250 properties: 1251 certSANs: 1252 description: CertSANs sets extra Subject Alternative 1253 Names for the API Server signing cert. 1254 items: 1255 type: string 1256 type: array 1257 extraArgs: 1258 additionalProperties: 1259 type: string 1260 description: 'ExtraArgs is an extra set of flags 1261 to pass to the control plane component. TODO: 1262 This is temporary and ideally we would like 1263 to switch all components to use ComponentConfig 1264 + ConfigMaps.' 1265 type: object 1266 extraVolumes: 1267 description: ExtraVolumes is an extra set of host 1268 volumes, mounted to the control plane component. 1269 items: 1270 description: HostPathMount contains elements 1271 describing volumes that are mounted from the 1272 host. 1273 properties: 1274 hostPath: 1275 description: HostPath is the path in the 1276 host that will be mounted inside the pod. 1277 type: string 1278 mountPath: 1279 description: MountPath is the path inside 1280 the pod where hostPath will be mounted. 1281 type: string 1282 name: 1283 description: Name of the volume inside the 1284 pod template. 1285 type: string 1286 pathType: 1287 description: PathType is the type of the 1288 HostPath. 1289 type: string 1290 readOnly: 1291 description: ReadOnly controls write access 1292 to the volume 1293 type: boolean 1294 required: 1295 - hostPath 1296 - mountPath 1297 - name 1298 type: object 1299 type: array 1300 timeoutForControlPlane: 1301 description: TimeoutForControlPlane controls the 1302 timeout that we use for API server to appear 1303 type: string 1304 type: object 1305 apiVersion: 1306 description: 'APIVersion defines the versioned schema 1307 of this representation of an object. Servers should 1308 convert recognized schemas to the latest internal 1309 value, and may reject unrecognized values. More 1310 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1311 type: string 1312 certificatesDir: 1313 description: 'CertificatesDir specifies where to store 1314 or look for all required certificates. NB: if not 1315 provided, this will default to `/etc/kubernetes/pki`' 1316 type: string 1317 clusterName: 1318 description: The cluster name 1319 type: string 1320 controlPlaneEndpoint: 1321 description: 'ControlPlaneEndpoint sets a stable IP 1322 address or DNS name for the control plane; it can 1323 be a valid IP address or a RFC-1123 DNS subdomain, 1324 both with optional TCP port. In case the ControlPlaneEndpoint 1325 is not specified, the AdvertiseAddress + BindPort 1326 are used; in case the ControlPlaneEndpoint is specified 1327 but without a TCP port, the BindPort is used. Possible 1328 usages are: e.g. In a cluster with more than one 1329 control plane instances, this field should be assigned 1330 the address of the external load balancer in front 1331 of the control plane instances. e.g. in environments 1332 with enforced node recycling, the ControlPlaneEndpoint 1333 could be used for assigning a stable DNS to the 1334 control plane. NB: This value defaults to the first 1335 value in the Cluster object status.apiEndpoints 1336 array.' 1337 type: string 1338 controllerManager: 1339 description: ControllerManager contains extra settings 1340 for the controller manager control plane component 1341 properties: 1342 extraArgs: 1343 additionalProperties: 1344 type: string 1345 description: 'ExtraArgs is an extra set of flags 1346 to pass to the control plane component. TODO: 1347 This is temporary and ideally we would like 1348 to switch all components to use ComponentConfig 1349 + ConfigMaps.' 1350 type: object 1351 extraVolumes: 1352 description: ExtraVolumes is an extra set of host 1353 volumes, mounted to the control plane component. 1354 items: 1355 description: HostPathMount contains elements 1356 describing volumes that are mounted from the 1357 host. 1358 properties: 1359 hostPath: 1360 description: HostPath is the path in the 1361 host that will be mounted inside the pod. 1362 type: string 1363 mountPath: 1364 description: MountPath is the path inside 1365 the pod where hostPath will be mounted. 1366 type: string 1367 name: 1368 description: Name of the volume inside the 1369 pod template. 1370 type: string 1371 pathType: 1372 description: PathType is the type of the 1373 HostPath. 1374 type: string 1375 readOnly: 1376 description: ReadOnly controls write access 1377 to the volume 1378 type: boolean 1379 required: 1380 - hostPath 1381 - mountPath 1382 - name 1383 type: object 1384 type: array 1385 type: object 1386 dns: 1387 description: DNS defines the options for the DNS add-on 1388 installed in the cluster. 1389 properties: 1390 imageRepository: 1391 description: ImageRepository sets the container 1392 registry to pull images from. if not set, the 1393 ImageRepository defined in ClusterConfiguration 1394 will be used instead. 1395 type: string 1396 imageTag: 1397 description: ImageTag allows to specify a tag 1398 for the image. In case this value is set, kubeadm 1399 does not change automatically the version of 1400 the above components during upgrades. 1401 type: string 1402 type: object 1403 etcd: 1404 description: 'Etcd holds configuration for etcd. NB: 1405 This value defaults to a Local (stacked) etcd' 1406 properties: 1407 external: 1408 description: External describes how to connect 1409 to an external etcd cluster Local and External 1410 are mutually exclusive 1411 properties: 1412 caFile: 1413 description: CAFile is an SSL Certificate 1414 Authority file used to secure etcd communication. 1415 Required if using a TLS connection. 1416 type: string 1417 certFile: 1418 description: CertFile is an SSL certification 1419 file used to secure etcd communication. 1420 Required if using a TLS connection. 1421 type: string 1422 endpoints: 1423 description: Endpoints of etcd members. Required 1424 for ExternalEtcd. 1425 items: 1426 type: string 1427 type: array 1428 keyFile: 1429 description: KeyFile is an SSL key file used 1430 to secure etcd communication. Required if 1431 using a TLS connection. 1432 type: string 1433 required: 1434 - caFile 1435 - certFile 1436 - endpoints 1437 - keyFile 1438 type: object 1439 local: 1440 description: Local provides configuration knobs 1441 for configuring the local etcd instance Local 1442 and External are mutually exclusive 1443 properties: 1444 dataDir: 1445 description: DataDir is the directory etcd 1446 will place its data. Defaults to "/var/lib/etcd". 1447 type: string 1448 extraArgs: 1449 additionalProperties: 1450 type: string 1451 description: ExtraArgs are extra arguments 1452 provided to the etcd binary when run inside 1453 a static pod. 1454 type: object 1455 imageRepository: 1456 description: ImageRepository sets the container 1457 registry to pull images from. if not set, 1458 the ImageRepository defined in ClusterConfiguration 1459 will be used instead. 1460 type: string 1461 imageTag: 1462 description: ImageTag allows to specify a 1463 tag for the image. In case this value is 1464 set, kubeadm does not change automatically 1465 the version of the above components during 1466 upgrades. 1467 type: string 1468 peerCertSANs: 1469 description: PeerCertSANs sets extra Subject 1470 Alternative Names for the etcd peer signing 1471 cert. 1472 items: 1473 type: string 1474 type: array 1475 serverCertSANs: 1476 description: ServerCertSANs sets extra Subject 1477 Alternative Names for the etcd server signing 1478 cert. 1479 items: 1480 type: string 1481 type: array 1482 type: object 1483 type: object 1484 featureGates: 1485 additionalProperties: 1486 type: boolean 1487 description: FeatureGates enabled by the user. 1488 type: object 1489 imageRepository: 1490 description: 'ImageRepository sets the container registry 1491 to pull images from. * If not set, the default registry 1492 of kubeadm will be used, i.e. * registry.k8s.io 1493 (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, 1494 >= v1.25.0 * k8s.gcr.io (old registry): all older 1495 versions Please note that when imageRepository is 1496 not set we don''t allow upgrades to versions >= 1497 v1.22.0 which use the old registry (k8s.gcr.io). 1498 Please use a newer patch version with the new registry 1499 instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, 1500 >= v1.25.0). * If the version is a CI build (kubernetes 1501 version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` 1502 will be used as a default for control plane components 1503 and for kube-proxy, while `registry.k8s.io` will 1504 be used for all the other images.' 1505 type: string 1506 kind: 1507 description: 'Kind is a string value representing 1508 the REST resource this object represents. Servers 1509 may infer this from the endpoint the client submits 1510 requests to. Cannot be updated. In CamelCase. More 1511 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1512 type: string 1513 kubernetesVersion: 1514 description: 'KubernetesVersion is the target version 1515 of the control plane. NB: This value defaults to 1516 the Machine object spec.version' 1517 type: string 1518 networking: 1519 description: 'Networking holds configuration for the 1520 networking topology of the cluster. NB: This value 1521 defaults to the Cluster object spec.clusterNetwork.' 1522 properties: 1523 dnsDomain: 1524 description: DNSDomain is the dns domain used 1525 by k8s services. Defaults to "cluster.local". 1526 type: string 1527 podSubnet: 1528 description: PodSubnet is the subnet used by pods. 1529 If unset, the API server will not allocate CIDR 1530 ranges for every node. Defaults to a comma-delimited 1531 string of the Cluster object's spec.clusterNetwork.services.cidrBlocks 1532 if that is set 1533 type: string 1534 serviceSubnet: 1535 description: ServiceSubnet is the subnet used 1536 by k8s services. Defaults to a comma-delimited 1537 string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, 1538 or to "10.96.0.0/12" if that's unset. 1539 type: string 1540 type: object 1541 scheduler: 1542 description: Scheduler contains extra settings for 1543 the scheduler control plane component 1544 properties: 1545 extraArgs: 1546 additionalProperties: 1547 type: string 1548 description: 'ExtraArgs is an extra set of flags 1549 to pass to the control plane component. TODO: 1550 This is temporary and ideally we would like 1551 to switch all components to use ComponentConfig 1552 + ConfigMaps.' 1553 type: object 1554 extraVolumes: 1555 description: ExtraVolumes is an extra set of host 1556 volumes, mounted to the control plane component. 1557 items: 1558 description: HostPathMount contains elements 1559 describing volumes that are mounted from the 1560 host. 1561 properties: 1562 hostPath: 1563 description: HostPath is the path in the 1564 host that will be mounted inside the pod. 1565 type: string 1566 mountPath: 1567 description: MountPath is the path inside 1568 the pod where hostPath will be mounted. 1569 type: string 1570 name: 1571 description: Name of the volume inside the 1572 pod template. 1573 type: string 1574 pathType: 1575 description: PathType is the type of the 1576 HostPath. 1577 type: string 1578 readOnly: 1579 description: ReadOnly controls write access 1580 to the volume 1581 type: boolean 1582 required: 1583 - hostPath 1584 - mountPath 1585 - name 1586 type: object 1587 type: array 1588 type: object 1589 type: object 1590 diskSetup: 1591 description: DiskSetup specifies options for the creation 1592 of partition tables and file systems on devices. 1593 properties: 1594 filesystems: 1595 description: Filesystems specifies the list of file 1596 systems to setup. 1597 items: 1598 description: Filesystem defines the file systems 1599 to be created. 1600 properties: 1601 device: 1602 description: Device specifies the device name 1603 type: string 1604 extraOpts: 1605 description: ExtraOpts defined extra options 1606 to add to the command for creating the file 1607 system. 1608 items: 1609 type: string 1610 type: array 1611 filesystem: 1612 description: Filesystem specifies the file system 1613 type. 1614 type: string 1615 label: 1616 description: Label specifies the file system 1617 label to be used. If set to None, no label 1618 is used. 1619 type: string 1620 overwrite: 1621 description: Overwrite defines whether or not 1622 to overwrite any existing filesystem. If true, 1623 any pre-existing file system will be destroyed. 1624 Use with Caution. 1625 type: boolean 1626 partition: 1627 description: 'Partition specifies the partition 1628 to use. The valid options are: "auto|any", 1629 "auto", "any", "none", and <NUM>, where NUM 1630 is the actual partition number.' 1631 type: string 1632 replaceFS: 1633 description: 'ReplaceFS is a special directive, 1634 used for Microsoft Azure that instructs cloud-init 1635 to replace a file system of <FS_TYPE>. NOTE: 1636 unless you define a label, this requires the 1637 use of the ''any'' partition directive.' 1638 type: string 1639 required: 1640 - device 1641 - filesystem 1642 - label 1643 type: object 1644 type: array 1645 partitions: 1646 description: Partitions specifies the list of the 1647 partitions to setup. 1648 items: 1649 description: Partition defines how to create and 1650 layout a partition. 1651 properties: 1652 device: 1653 description: Device is the name of the device. 1654 type: string 1655 layout: 1656 description: Layout specifies the device layout. 1657 If it is true, a single partition will be 1658 created for the entire device. When layout 1659 is false, it means don't partition or ignore 1660 existing partitioning. 1661 type: boolean 1662 overwrite: 1663 description: Overwrite describes whether to 1664 skip checks and create the partition if a 1665 partition or filesystem is found on the device. 1666 Use with caution. Default is 'false'. 1667 type: boolean 1668 tableType: 1669 description: 'TableType specifies the tupe of 1670 partition table. The following are supported: 1671 ''mbr'': default and setups a MS-DOS partition 1672 table ''gpt'': setups a GPT partition table' 1673 type: string 1674 required: 1675 - device 1676 - layout 1677 type: object 1678 type: array 1679 type: object 1680 files: 1681 description: Files specifies extra files to be passed 1682 to user_data upon creation. 1683 items: 1684 description: File defines the input for generating write_files 1685 in cloud-init. 1686 properties: 1687 append: 1688 description: Append specifies whether to append 1689 Content to existing file if Path exists. 1690 type: boolean 1691 content: 1692 description: Content is the actual content of the 1693 file. 1694 type: string 1695 contentFrom: 1696 description: ContentFrom is a referenced source 1697 of content to populate the file. 1698 properties: 1699 secret: 1700 description: Secret represents a secret that 1701 should populate this file. 1702 properties: 1703 key: 1704 description: Key is the key in the secret's 1705 data map for this value. 1706 type: string 1707 name: 1708 description: Name of the secret in the KubeadmBootstrapConfig's 1709 namespace to use. 1710 type: string 1711 required: 1712 - key 1713 - name 1714 type: object 1715 required: 1716 - secret 1717 type: object 1718 encoding: 1719 description: Encoding specifies the encoding of 1720 the file contents. 1721 enum: 1722 - base64 1723 - gzip 1724 - gzip+base64 1725 type: string 1726 owner: 1727 description: Owner specifies the ownership of the 1728 file, e.g. "root:root". 1729 type: string 1730 path: 1731 description: Path specifies the full path on disk 1732 where to store the file. 1733 type: string 1734 permissions: 1735 description: Permissions specifies the permissions 1736 to assign to the file, e.g. "0640". 1737 type: string 1738 required: 1739 - path 1740 type: object 1741 type: array 1742 format: 1743 description: Format specifies the output format of the 1744 bootstrap data 1745 enum: 1746 - cloud-config 1747 - ignition 1748 type: string 1749 ignition: 1750 description: Ignition contains Ignition specific configuration. 1751 properties: 1752 containerLinuxConfig: 1753 description: ContainerLinuxConfig contains CLC specific 1754 configuration. 1755 properties: 1756 additionalConfig: 1757 description: "AdditionalConfig contains additional 1758 configuration to be merged with the Ignition 1759 configuration generated by the bootstrapper 1760 controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging 1761 \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" 1762 type: string 1763 strict: 1764 description: Strict controls if AdditionalConfig 1765 should be strictly parsed. If so, warnings are 1766 treated as errors. 1767 type: boolean 1768 type: object 1769 type: object 1770 initConfiguration: 1771 description: InitConfiguration along with ClusterConfiguration 1772 are the configurations necessary for the init command 1773 properties: 1774 apiVersion: 1775 description: 'APIVersion defines the versioned schema 1776 of this representation of an object. Servers should 1777 convert recognized schemas to the latest internal 1778 value, and may reject unrecognized values. More 1779 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1780 type: string 1781 bootstrapTokens: 1782 description: BootstrapTokens is respected at `kubeadm 1783 init` time and describes a set of Bootstrap Tokens 1784 to create. This information IS NOT uploaded to the 1785 kubeadm cluster configmap, partly because of its 1786 sensitive nature 1787 items: 1788 description: BootstrapToken describes one bootstrap 1789 token, stored as a Secret in the cluster. 1790 properties: 1791 description: 1792 description: Description sets a human-friendly 1793 message why this token exists and what it's 1794 used for, so other administrators can know 1795 its purpose. 1796 type: string 1797 expires: 1798 description: Expires specifies the timestamp 1799 when this token expires. Defaults to being 1800 set dynamically at runtime based on the TTL. 1801 Expires and TTL are mutually exclusive. 1802 format: date-time 1803 type: string 1804 groups: 1805 description: Groups specifies the extra groups 1806 that this token will authenticate as when/if 1807 used for authentication 1808 items: 1809 type: string 1810 type: array 1811 token: 1812 description: Token is used for establishing 1813 bidirectional trust between nodes and control-planes. 1814 Used for joining nodes in the cluster. 1815 type: string 1816 ttl: 1817 description: TTL defines the time to live for 1818 this token. Defaults to 24h. Expires and TTL 1819 are mutually exclusive. 1820 type: string 1821 usages: 1822 description: Usages describes the ways in which 1823 this token can be used. Can by default be 1824 used for establishing bidirectional trust, 1825 but that can be changed here. 1826 items: 1827 type: string 1828 type: array 1829 required: 1830 - token 1831 type: object 1832 type: array 1833 kind: 1834 description: 'Kind is a string value representing 1835 the REST resource this object represents. Servers 1836 may infer this from the endpoint the client submits 1837 requests to. Cannot be updated. In CamelCase. More 1838 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1839 type: string 1840 localAPIEndpoint: 1841 description: LocalAPIEndpoint represents the endpoint 1842 of the API server instance that's deployed on this 1843 control plane node In HA setups, this differs from 1844 ClusterConfiguration.ControlPlaneEndpoint in the 1845 sense that ControlPlaneEndpoint is the global endpoint 1846 for the cluster, which then loadbalances the requests 1847 to each individual API server. This configuration 1848 object lets you customize what IP/DNS name and port 1849 the local API server advertises it's accessible 1850 on. By default, kubeadm tries to auto-detect the 1851 IP of the default interface and use that, but in 1852 case that process fails you may set the desired 1853 value here. 1854 properties: 1855 advertiseAddress: 1856 description: AdvertiseAddress sets the IP address 1857 for the API server to advertise. 1858 type: string 1859 bindPort: 1860 description: BindPort sets the secure port for 1861 the API Server to bind to. Defaults to 6443. 1862 format: int32 1863 type: integer 1864 type: object 1865 nodeRegistration: 1866 description: NodeRegistration holds fields that relate 1867 to registering the new control-plane node to the 1868 cluster. When used in the context of control plane 1869 nodes, NodeRegistration should remain consistent 1870 across both InitConfiguration and JoinConfiguration 1871 properties: 1872 criSocket: 1873 description: CRISocket is used to retrieve container 1874 runtime info. This information will be annotated 1875 to the Node API object, for later re-use 1876 type: string 1877 ignorePreflightErrors: 1878 description: IgnorePreflightErrors provides a 1879 slice of pre-flight errors to be ignored when 1880 the current node is registered. 1881 items: 1882 type: string 1883 type: array 1884 imagePullPolicy: 1885 description: ImagePullPolicy specifies the policy 1886 for image pulling during kubeadm "init" and 1887 "join" operations. The value of this field must 1888 be one of "Always", "IfNotPresent" or "Never". 1889 Defaults to "IfNotPresent". This can be used 1890 only with Kubernetes version equal to 1.22 and 1891 later. 1892 enum: 1893 - Always 1894 - IfNotPresent 1895 - Never 1896 type: string 1897 kubeletExtraArgs: 1898 additionalProperties: 1899 type: string 1900 description: KubeletExtraArgs passes through extra 1901 arguments to the kubelet. The arguments here 1902 are passed to the kubelet command line via the 1903 environment file kubeadm writes at runtime for 1904 the kubelet to source. This overrides the generic 1905 base-level configuration in the kubelet-config-1.X 1906 ConfigMap Flags have higher priority when parsing. 1907 These values are local and specific to the node 1908 kubeadm is executing on. 1909 type: object 1910 name: 1911 description: Name is the `.Metadata.Name` field 1912 of the Node API object that will be created 1913 in this `kubeadm init` or `kubeadm join` operation. 1914 This field is also used in the CommonName field 1915 of the kubelet's client certificate to the API 1916 server. Defaults to the hostname of the node 1917 if not provided. 1918 type: string 1919 taints: 1920 description: 'Taints specifies the taints the 1921 Node API object should be registered with. If 1922 this field is unset, i.e. nil, in the `kubeadm 1923 init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. 1924 If you don''t want to taint your control-plane 1925 node, set this field to an empty slice, i.e. 1926 `taints: []` in the YAML file. This field is 1927 solely used for Node registration.' 1928 items: 1929 description: The node this Taint is attached 1930 to has the "effect" on any pod that does not 1931 tolerate the Taint. 1932 properties: 1933 effect: 1934 description: Required. The effect of the 1935 taint on pods that do not tolerate the 1936 taint. Valid effects are NoSchedule, PreferNoSchedule 1937 and NoExecute. 1938 type: string 1939 key: 1940 description: Required. The taint key to 1941 be applied to a node. 1942 type: string 1943 timeAdded: 1944 description: TimeAdded represents the time 1945 at which the taint was added. It is only 1946 written for NoExecute taints. 1947 format: date-time 1948 type: string 1949 value: 1950 description: The taint value corresponding 1951 to the taint key. 1952 type: string 1953 required: 1954 - effect 1955 - key 1956 type: object 1957 type: array 1958 type: object 1959 patches: 1960 description: Patches contains options related to applying 1961 patches to components deployed by kubeadm during 1962 "kubeadm init". The minimum kubernetes version needed 1963 to support Patches is v1.22 1964 properties: 1965 directory: 1966 description: Directory is a path to a directory 1967 that contains files named "target[suffix][+patchtype].extension". 1968 For example, "kube-apiserver0+merge.yaml" or 1969 just "etcd.json". "target" can be one of "kube-apiserver", 1970 "kube-controller-manager", "kube-scheduler", 1971 "etcd". "patchtype" can be one of "strategic" 1972 "merge" or "json" and they match the patch formats 1973 supported by kubectl. The default "patchtype" 1974 is "strategic". "extension" must be either "json" 1975 or "yaml". "suffix" is an optional string that 1976 can be used to determine which patches are applied 1977 first alpha-numerically. These files can be 1978 written into the target directory via KubeadmConfig.Files 1979 which specifies additional files to be created 1980 on the machine, either with content inline or 1981 by referencing a secret. 1982 type: string 1983 type: object 1984 skipPhases: 1985 description: SkipPhases is a list of phases to skip 1986 during command execution. The list of phases can 1987 be obtained with the "kubeadm init --help" command. 1988 This option takes effect only on Kubernetes >=1.22.0. 1989 items: 1990 type: string 1991 type: array 1992 type: object 1993 joinConfiguration: 1994 description: JoinConfiguration is the kubeadm configuration 1995 for the join command 1996 properties: 1997 apiVersion: 1998 description: 'APIVersion defines the versioned schema 1999 of this representation of an object. Servers should 2000 convert recognized schemas to the latest internal 2001 value, and may reject unrecognized values. More 2002 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2003 type: string 2004 caCertPath: 2005 description: 'CACertPath is the path to the SSL certificate 2006 authority used to secure comunications between node 2007 and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". 2008 TODO: revisit when there is defaulting from k/k' 2009 type: string 2010 controlPlane: 2011 description: ControlPlane defines the additional control 2012 plane instance to be deployed on the joining node. 2013 If nil, no additional control plane instance will 2014 be deployed. 2015 properties: 2016 localAPIEndpoint: 2017 description: LocalAPIEndpoint represents the endpoint 2018 of the API server instance to be deployed on 2019 this node. 2020 properties: 2021 advertiseAddress: 2022 description: AdvertiseAddress sets the IP 2023 address for the API server to advertise. 2024 type: string 2025 bindPort: 2026 description: BindPort sets the secure port 2027 for the API Server to bind to. Defaults 2028 to 6443. 2029 format: int32 2030 type: integer 2031 type: object 2032 type: object 2033 discovery: 2034 description: 'Discovery specifies the options for 2035 the kubelet to use during the TLS Bootstrap process 2036 TODO: revisit when there is defaulting from k/k' 2037 properties: 2038 bootstrapToken: 2039 description: BootstrapToken is used to set the 2040 options for bootstrap token based discovery 2041 BootstrapToken and File are mutually exclusive 2042 properties: 2043 apiServerEndpoint: 2044 description: APIServerEndpoint is an IP or 2045 domain name to the API server from which 2046 info will be fetched. 2047 type: string 2048 caCertHashes: 2049 description: 'CACertHashes specifies a set 2050 of public key pins to verify when token-based 2051 discovery is used. The root CA found during 2052 discovery must match one of these values. 2053 Specifying an empty set disables root CA 2054 pinning, which can be unsafe. Each hash 2055 is specified as "<type>:<value>", where 2056 the only currently supported type is "sha256". 2057 This is a hex-encoded SHA-256 hash of the 2058 Subject Public Key Info (SPKI) object in 2059 DER-encoded ASN.1. These hashes can be calculated 2060 using, for example, OpenSSL: openssl x509 2061 -pubkey -in ca.crt openssl rsa -pubin -outform 2062 der 2>&/dev/null | openssl dgst -sha256 2063 -hex' 2064 items: 2065 type: string 2066 type: array 2067 token: 2068 description: Token is a token used to validate 2069 cluster information fetched from the control-plane. 2070 type: string 2071 unsafeSkipCAVerification: 2072 description: UnsafeSkipCAVerification allows 2073 token-based discovery without CA verification 2074 via CACertHashes. This can weaken the security 2075 of kubeadm since other nodes can impersonate 2076 the control-plane. 2077 type: boolean 2078 required: 2079 - token 2080 type: object 2081 file: 2082 description: File is used to specify a file or 2083 URL to a kubeconfig file from which to load 2084 cluster information BootstrapToken and File 2085 are mutually exclusive 2086 properties: 2087 kubeConfigPath: 2088 description: KubeConfigPath is used to specify 2089 the actual file path or URL to the kubeconfig 2090 file from which to load cluster information 2091 type: string 2092 required: 2093 - kubeConfigPath 2094 type: object 2095 timeout: 2096 description: Timeout modifies the discovery timeout 2097 type: string 2098 tlsBootstrapToken: 2099 description: TLSBootstrapToken is a token used 2100 for TLS bootstrapping. If .BootstrapToken is 2101 set, this field is defaulted to .BootstrapToken.Token, 2102 but can be overridden. If .File is set, this 2103 field **must be set** in case the KubeConfigFile 2104 does not contain any other authentication information 2105 type: string 2106 type: object 2107 kind: 2108 description: 'Kind is a string value representing 2109 the REST resource this object represents. Servers 2110 may infer this from the endpoint the client submits 2111 requests to. Cannot be updated. In CamelCase. More 2112 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2113 type: string 2114 nodeRegistration: 2115 description: NodeRegistration holds fields that relate 2116 to registering the new control-plane node to the 2117 cluster. When used in the context of control plane 2118 nodes, NodeRegistration should remain consistent 2119 across both InitConfiguration and JoinConfiguration 2120 properties: 2121 criSocket: 2122 description: CRISocket is used to retrieve container 2123 runtime info. This information will be annotated 2124 to the Node API object, for later re-use 2125 type: string 2126 ignorePreflightErrors: 2127 description: IgnorePreflightErrors provides a 2128 slice of pre-flight errors to be ignored when 2129 the current node is registered. 2130 items: 2131 type: string 2132 type: array 2133 imagePullPolicy: 2134 description: ImagePullPolicy specifies the policy 2135 for image pulling during kubeadm "init" and 2136 "join" operations. The value of this field must 2137 be one of "Always", "IfNotPresent" or "Never". 2138 Defaults to "IfNotPresent". This can be used 2139 only with Kubernetes version equal to 1.22 and 2140 later. 2141 enum: 2142 - Always 2143 - IfNotPresent 2144 - Never 2145 type: string 2146 kubeletExtraArgs: 2147 additionalProperties: 2148 type: string 2149 description: KubeletExtraArgs passes through extra 2150 arguments to the kubelet. The arguments here 2151 are passed to the kubelet command line via the 2152 environment file kubeadm writes at runtime for 2153 the kubelet to source. This overrides the generic 2154 base-level configuration in the kubelet-config-1.X 2155 ConfigMap Flags have higher priority when parsing. 2156 These values are local and specific to the node 2157 kubeadm is executing on. 2158 type: object 2159 name: 2160 description: Name is the `.Metadata.Name` field 2161 of the Node API object that will be created 2162 in this `kubeadm init` or `kubeadm join` operation. 2163 This field is also used in the CommonName field 2164 of the kubelet's client certificate to the API 2165 server. Defaults to the hostname of the node 2166 if not provided. 2167 type: string 2168 taints: 2169 description: 'Taints specifies the taints the 2170 Node API object should be registered with. If 2171 this field is unset, i.e. nil, in the `kubeadm 2172 init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. 2173 If you don''t want to taint your control-plane 2174 node, set this field to an empty slice, i.e. 2175 `taints: []` in the YAML file. This field is 2176 solely used for Node registration.' 2177 items: 2178 description: The node this Taint is attached 2179 to has the "effect" on any pod that does not 2180 tolerate the Taint. 2181 properties: 2182 effect: 2183 description: Required. The effect of the 2184 taint on pods that do not tolerate the 2185 taint. Valid effects are NoSchedule, PreferNoSchedule 2186 and NoExecute. 2187 type: string 2188 key: 2189 description: Required. The taint key to 2190 be applied to a node. 2191 type: string 2192 timeAdded: 2193 description: TimeAdded represents the time 2194 at which the taint was added. It is only 2195 written for NoExecute taints. 2196 format: date-time 2197 type: string 2198 value: 2199 description: The taint value corresponding 2200 to the taint key. 2201 type: string 2202 required: 2203 - effect 2204 - key 2205 type: object 2206 type: array 2207 type: object 2208 patches: 2209 description: Patches contains options related to applying 2210 patches to components deployed by kubeadm during 2211 "kubeadm join". The minimum kubernetes version needed 2212 to support Patches is v1.22 2213 properties: 2214 directory: 2215 description: Directory is a path to a directory 2216 that contains files named "target[suffix][+patchtype].extension". 2217 For example, "kube-apiserver0+merge.yaml" or 2218 just "etcd.json". "target" can be one of "kube-apiserver", 2219 "kube-controller-manager", "kube-scheduler", 2220 "etcd". "patchtype" can be one of "strategic" 2221 "merge" or "json" and they match the patch formats 2222 supported by kubectl. The default "patchtype" 2223 is "strategic". "extension" must be either "json" 2224 or "yaml". "suffix" is an optional string that 2225 can be used to determine which patches are applied 2226 first alpha-numerically. These files can be 2227 written into the target directory via KubeadmConfig.Files 2228 which specifies additional files to be created 2229 on the machine, either with content inline or 2230 by referencing a secret. 2231 type: string 2232 type: object 2233 skipPhases: 2234 description: SkipPhases is a list of phases to skip 2235 during command execution. The list of phases can 2236 be obtained with the "kubeadm init --help" command. 2237 This option takes effect only on Kubernetes >=1.22.0. 2238 items: 2239 type: string 2240 type: array 2241 type: object 2242 mounts: 2243 description: Mounts specifies a list of mount points to 2244 be setup. 2245 items: 2246 description: MountPoints defines input for generated 2247 mounts in cloud-init. 2248 items: 2249 type: string 2250 type: array 2251 type: array 2252 ntp: 2253 description: NTP specifies NTP configuration 2254 properties: 2255 enabled: 2256 description: Enabled specifies whether NTP should 2257 be enabled 2258 type: boolean 2259 servers: 2260 description: Servers specifies which NTP servers to 2261 use 2262 items: 2263 type: string 2264 type: array 2265 type: object 2266 postKubeadmCommands: 2267 description: PostKubeadmCommands specifies extra commands 2268 to run after kubeadm runs 2269 items: 2270 type: string 2271 type: array 2272 preKubeadmCommands: 2273 description: PreKubeadmCommands specifies extra commands 2274 to run before kubeadm runs 2275 items: 2276 type: string 2277 type: array 2278 useExperimentalRetryJoin: 2279 description: "UseExperimentalRetryJoin replaces a basic 2280 kubeadm command with a shell script with retries for 2281 joins. \n This is meant to be an experimental temporary 2282 workaround on some environments where joins fail due 2283 to timing (and other issues). The long term goal is 2284 to add retries to kubeadm proper and use that functionality. 2285 \n This will add about 40KB to userdata \n For more 2286 information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 2287 \n Deprecated: This experimental fix is no longer needed 2288 and this field will be removed in a future release. 2289 When removing also remove from staticcheck exclude-rules 2290 for SA1019 in golangci.yml" 2291 type: boolean 2292 users: 2293 description: Users specifies extra users to add 2294 items: 2295 description: User defines the input for a generated 2296 user in cloud-init. 2297 properties: 2298 gecos: 2299 description: Gecos specifies the gecos to use for 2300 the user 2301 type: string 2302 groups: 2303 description: Groups specifies the additional groups 2304 for the user 2305 type: string 2306 homeDir: 2307 description: HomeDir specifies the home directory 2308 to use for the user 2309 type: string 2310 inactive: 2311 description: Inactive specifies whether to mark 2312 the user as inactive 2313 type: boolean 2314 lockPassword: 2315 description: LockPassword specifies if password 2316 login should be disabled 2317 type: boolean 2318 name: 2319 description: Name specifies the user name 2320 type: string 2321 passwd: 2322 description: Passwd specifies a hashed password 2323 for the user 2324 type: string 2325 passwdFrom: 2326 description: PasswdFrom is a referenced source of 2327 passwd to populate the passwd. 2328 properties: 2329 secret: 2330 description: Secret represents a secret that 2331 should populate this password. 2332 properties: 2333 key: 2334 description: Key is the key in the secret's 2335 data map for this value. 2336 type: string 2337 name: 2338 description: Name of the secret in the KubeadmBootstrapConfig's 2339 namespace to use. 2340 type: string 2341 required: 2342 - key 2343 - name 2344 type: object 2345 required: 2346 - secret 2347 type: object 2348 primaryGroup: 2349 description: PrimaryGroup specifies the primary 2350 group for the user 2351 type: string 2352 shell: 2353 description: Shell specifies the user's shell 2354 type: string 2355 sshAuthorizedKeys: 2356 description: SSHAuthorizedKeys specifies a list 2357 of ssh authorized keys for the user 2358 items: 2359 type: string 2360 type: array 2361 sudo: 2362 description: Sudo specifies a sudo role for the 2363 user 2364 type: string 2365 required: 2366 - name 2367 type: object 2368 type: array 2369 verbosity: 2370 description: Verbosity is the number for the kubeadm log 2371 level verbosity. It overrides the `--v` flag in kubeadm 2372 commands. 2373 format: int32 2374 type: integer 2375 type: object 2376 machineTemplate: 2377 description: MachineTemplate contains information about how 2378 machines should be shaped when creating or updating a control 2379 plane. 2380 properties: 2381 metadata: 2382 description: 'Standard object''s metadata. More info: 2383 https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 2384 properties: 2385 annotations: 2386 additionalProperties: 2387 type: string 2388 description: 'Annotations is an unstructured key value 2389 map stored with a resource that may be set by external 2390 tools to store and retrieve arbitrary metadata. 2391 They are not queryable and should be preserved when 2392 modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 2393 type: object 2394 labels: 2395 additionalProperties: 2396 type: string 2397 description: 'Map of string keys and values that can 2398 be used to organize and categorize (scope and select) 2399 objects. May match selectors of replication controllers 2400 and services. More info: http://kubernetes.io/docs/user-guide/labels' 2401 type: object 2402 type: object 2403 nodeDeletionTimeout: 2404 description: NodeDeletionTimeout defines how long the 2405 machine controller will attempt to delete the Node that 2406 the Machine hosts after the Machine is marked for deletion. 2407 A duration of 0 will retry deletion indefinitely. If 2408 no value is provided, the default value for this property 2409 of the Machine resource will be used. 2410 type: string 2411 nodeDrainTimeout: 2412 description: 'NodeDrainTimeout is the total amount of 2413 time that the controller will spend on draining a controlplane 2414 node The default value is 0, meaning that the node can 2415 be drained without any time limitations. NOTE: NodeDrainTimeout 2416 is different from `kubectl drain --timeout`' 2417 type: string 2418 nodeVolumeDetachTimeout: 2419 description: NodeVolumeDetachTimeout is the total amount 2420 of time that the controller will spend on waiting for 2421 all volumes to be detached. The default value is 0, 2422 meaning that the volumes can be detached without any 2423 time limitations. 2424 type: string 2425 type: object 2426 remediationStrategy: 2427 description: The RemediationStrategy that controls how control 2428 plane machine remediation happens. 2429 properties: 2430 maxRetry: 2431 description: "MaxRetry is the Max number of retries while 2432 attempting to remediate an unhealthy machine. A retry 2433 happens when a machine that was created as a replacement 2434 for an unhealthy machine also fails. For example, given 2435 a control plane with three machines M1, M2, M3: \n M1 2436 become unhealthy; remediation happens, and M1-1 is created 2437 as a replacement. If M1-1 (replacement of M1) has problems 2438 while bootstrapping it will become unhealthy, and then 2439 be remediated; such operation is considered a retry, 2440 remediation-retry #1. If M1-2 (replacement of M1-1) 2441 becomes unhealthy, remediation-retry #2 will happen, 2442 etc. \n A retry could happen only after RetryPeriod 2443 from the previous retry. If a machine is marked as unhealthy 2444 after MinHealthyPeriod from the previous remediation 2445 expired, this is not considered a retry anymore because 2446 the new issue is assumed unrelated from the previous 2447 one. \n If not set, the remedation will be retried infinitely." 2448 format: int32 2449 type: integer 2450 minHealthyPeriod: 2451 description: "MinHealthyPeriod defines the duration after 2452 which KCP will consider any failure to a machine unrelated 2453 from the previous one. In this case the remediation 2454 is not considered a retry anymore, and thus the retry 2455 counter restarts from 0. For example, assuming MinHealthyPeriod 2456 is set to 1h (default) \n M1 become unhealthy; remediation 2457 happens, and M1-1 is created as a replacement. If M1-1 2458 (replacement of M1) has problems within the 1hr after 2459 the creation, also this machine will be remediated and 2460 this operation is considered a retry - a problem related 2461 to the original issue happened to M1 -. \n If instead 2462 the problem on M1-1 is happening after MinHealthyPeriod 2463 expired, e.g. four days after m1-1 has been created 2464 as a remediation of M1, the problem on M1-1 is considered 2465 unrelated to the original issue happened to M1. \n If 2466 not set, this value is defaulted to 1h." 2467 type: string 2468 retryPeriod: 2469 description: "RetryPeriod is the duration that KCP should 2470 wait before remediating a machine being created as a 2471 replacement for an unhealthy machine (a retry). \n If 2472 not set, a retry will happen immediately." 2473 type: string 2474 type: object 2475 rolloutAfter: 2476 description: RolloutAfter is a field to indicate a rollout 2477 should be performed after the specified time even if no 2478 changes have been made to the KubeadmControlPlane. 2479 format: date-time 2480 type: string 2481 rolloutBefore: 2482 description: RolloutBefore is a field to indicate a rollout 2483 should be performed if the specified criteria is met. 2484 properties: 2485 certificatesExpiryDays: 2486 description: CertificatesExpiryDays indicates a rollout 2487 needs to be performed if the certificates of the machine 2488 will expire within the specified days. 2489 format: int32 2490 type: integer 2491 type: object 2492 rolloutStrategy: 2493 default: 2494 rollingUpdate: 2495 maxSurge: 1 2496 type: RollingUpdate 2497 description: The RolloutStrategy to use to replace control 2498 plane machines with new ones. 2499 properties: 2500 rollingUpdate: 2501 description: Rolling update config params. Present only 2502 if RolloutStrategyType = RollingUpdate. 2503 properties: 2504 maxSurge: 2505 anyOf: 2506 - type: integer 2507 - type: string 2508 description: 'The maximum number of control planes 2509 that can be scheduled above or under the desired 2510 number of control planes. Value can be an absolute 2511 number 1 or 0. Defaults to 1. Example: when this 2512 is set to 1, the control plane can be scaled up 2513 immediately when the rolling update starts.' 2514 x-kubernetes-int-or-string: true 2515 type: object 2516 type: 2517 description: Type of rollout. Currently the only supported 2518 strategy is "RollingUpdate". Default is RollingUpdate. 2519 type: string 2520 type: object 2521 required: 2522 - kubeadmConfigSpec 2523 type: object 2524 required: 2525 - spec 2526 type: object 2527 required: 2528 - template 2529 type: object 2530 type: object 2531 served: true 2532 storage: true 2533 subresources: {}