sigs.k8s.io/cluster-api@v1.7.1/controlplane/kubeadm/config/crd/bases/controlplane.cluster.x-k8s.io_kubeadmcontrolplanes.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.14.0 7 name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io 8 spec: 9 group: controlplane.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: KubeadmControlPlane 14 listKind: KubeadmControlPlaneList 15 plural: kubeadmcontrolplanes 16 shortNames: 17 - kcp 18 singular: kubeadmcontrolplane 19 scope: Namespaced 20 versions: 21 - additionalPrinterColumns: 22 - description: This denotes whether or not the control plane has the uploaded 23 kubeadm-config configmap 24 jsonPath: .status.initialized 25 name: Initialized 26 type: boolean 27 - description: KubeadmControlPlane API Server is ready to receive requests 28 jsonPath: .status.ready 29 name: API Server Available 30 type: boolean 31 - description: Kubernetes version associated with this control plane 32 jsonPath: .spec.version 33 name: Version 34 type: string 35 - description: Total number of non-terminated machines targeted by this control 36 plane 37 jsonPath: .status.replicas 38 name: Replicas 39 type: integer 40 - description: Total number of fully running and ready control plane machines 41 jsonPath: .status.readyReplicas 42 name: Ready 43 type: integer 44 - description: Total number of non-terminated machines targeted by this control 45 plane that have the desired template spec 46 jsonPath: .status.updatedReplicas 47 name: Updated 48 type: integer 49 - description: Total number of unavailable machines targeted by this control plane 50 jsonPath: .status.unavailableReplicas 51 name: Unavailable 52 type: integer 53 deprecated: true 54 name: v1alpha3 55 schema: 56 openAPIV3Schema: 57 description: |- 58 KubeadmControlPlane is the Schema for the KubeadmControlPlane API. 59 60 61 Deprecated: This type will be removed in one of the next releases. 62 properties: 63 apiVersion: 64 description: |- 65 APIVersion defines the versioned schema of this representation of an object. 66 Servers should convert recognized schemas to the latest internal value, and 67 may reject unrecognized values. 68 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 69 type: string 70 kind: 71 description: |- 72 Kind is a string value representing the REST resource this object represents. 73 Servers may infer this from the endpoint the client submits requests to. 74 Cannot be updated. 75 In CamelCase. 76 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 77 type: string 78 metadata: 79 type: object 80 spec: 81 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 82 properties: 83 infrastructureTemplate: 84 description: |- 85 InfrastructureTemplate is a required reference to a custom resource 86 offered by an infrastructure provider. 87 properties: 88 apiVersion: 89 description: API version of the referent. 90 type: string 91 fieldPath: 92 description: |- 93 If referring to a piece of an object instead of an entire object, this string 94 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 95 For example, if the object reference is to a container within a pod, this would take on a value like: 96 "spec.containers{name}" (where "name" refers to the name of the container that triggered 97 the event) or if no container name is specified "spec.containers[2]" (container with 98 index 2 in this pod). This syntax is chosen only to have some well-defined way of 99 referencing a part of an object. 100 TODO: this design is not final and this field is subject to change in the future. 101 type: string 102 kind: 103 description: |- 104 Kind of the referent. 105 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 106 type: string 107 name: 108 description: |- 109 Name of the referent. 110 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 111 type: string 112 namespace: 113 description: |- 114 Namespace of the referent. 115 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 116 type: string 117 resourceVersion: 118 description: |- 119 Specific resourceVersion to which this reference is made, if any. 120 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 121 type: string 122 uid: 123 description: |- 124 UID of the referent. 125 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 126 type: string 127 type: object 128 x-kubernetes-map-type: atomic 129 kubeadmConfigSpec: 130 description: |- 131 KubeadmConfigSpec is a KubeadmConfigSpec 132 to use for initializing and joining machines to the control plane. 133 properties: 134 clusterConfiguration: 135 description: ClusterConfiguration along with InitConfiguration 136 are the configurations necessary for the init command 137 properties: 138 apiServer: 139 description: APIServer contains extra settings for the API 140 server control plane component 141 properties: 142 certSANs: 143 description: CertSANs sets extra Subject Alternative Names 144 for the API Server signing cert. 145 items: 146 type: string 147 type: array 148 extraArgs: 149 additionalProperties: 150 type: string 151 description: |- 152 ExtraArgs is an extra set of flags to pass to the control plane component. 153 TODO: This is temporary and ideally we would like to switch all components to 154 use ComponentConfig + ConfigMaps. 155 type: object 156 extraVolumes: 157 description: ExtraVolumes is an extra set of host volumes, 158 mounted to the control plane component. 159 items: 160 description: |- 161 HostPathMount contains elements describing volumes that are mounted from the 162 host. 163 properties: 164 hostPath: 165 description: |- 166 HostPath is the path in the host that will be mounted inside 167 the pod. 168 type: string 169 mountPath: 170 description: MountPath is the path inside the pod 171 where hostPath will be mounted. 172 type: string 173 name: 174 description: Name of the volume inside the pod template. 175 type: string 176 pathType: 177 description: PathType is the type of the HostPath. 178 type: string 179 readOnly: 180 description: ReadOnly controls write access to the 181 volume 182 type: boolean 183 required: 184 - hostPath 185 - mountPath 186 - name 187 type: object 188 type: array 189 timeoutForControlPlane: 190 description: TimeoutForControlPlane controls the timeout 191 that we use for API server to appear 192 type: string 193 type: object 194 apiVersion: 195 description: |- 196 APIVersion defines the versioned schema of this representation of an object. 197 Servers should convert recognized schemas to the latest internal value, and 198 may reject unrecognized values. 199 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 200 type: string 201 certificatesDir: 202 description: |- 203 CertificatesDir specifies where to store or look for all required certificates. 204 NB: if not provided, this will default to `/etc/kubernetes/pki` 205 type: string 206 clusterName: 207 description: The cluster name 208 type: string 209 controlPlaneEndpoint: 210 description: |- 211 ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it 212 can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. 213 In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort 214 are used; in case the ControlPlaneEndpoint is specified but without a TCP port, 215 the BindPort is used. 216 Possible usages are: 217 e.g. In a cluster with more than one control plane instances, this field should be 218 assigned the address of the external load balancer in front of the 219 control plane instances. 220 e.g. in environments with enforced node recycling, the ControlPlaneEndpoint 221 could be used for assigning a stable DNS to the control plane. 222 NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. 223 type: string 224 controllerManager: 225 description: ControllerManager contains extra settings for 226 the controller manager control plane component 227 properties: 228 extraArgs: 229 additionalProperties: 230 type: string 231 description: |- 232 ExtraArgs is an extra set of flags to pass to the control plane component. 233 TODO: This is temporary and ideally we would like to switch all components to 234 use ComponentConfig + ConfigMaps. 235 type: object 236 extraVolumes: 237 description: ExtraVolumes is an extra set of host volumes, 238 mounted to the control plane component. 239 items: 240 description: |- 241 HostPathMount contains elements describing volumes that are mounted from the 242 host. 243 properties: 244 hostPath: 245 description: |- 246 HostPath is the path in the host that will be mounted inside 247 the pod. 248 type: string 249 mountPath: 250 description: MountPath is the path inside the pod 251 where hostPath will be mounted. 252 type: string 253 name: 254 description: Name of the volume inside the pod template. 255 type: string 256 pathType: 257 description: PathType is the type of the HostPath. 258 type: string 259 readOnly: 260 description: ReadOnly controls write access to the 261 volume 262 type: boolean 263 required: 264 - hostPath 265 - mountPath 266 - name 267 type: object 268 type: array 269 type: object 270 dns: 271 description: DNS defines the options for the DNS add-on installed 272 in the cluster. 273 properties: 274 imageRepository: 275 description: |- 276 ImageRepository sets the container registry to pull images from. 277 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 278 type: string 279 imageTag: 280 description: |- 281 ImageTag allows to specify a tag for the image. 282 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 283 type: string 284 type: 285 description: Type defines the DNS add-on to be used 286 type: string 287 type: object 288 etcd: 289 description: |- 290 Etcd holds configuration for etcd. 291 NB: This value defaults to a Local (stacked) etcd 292 properties: 293 external: 294 description: |- 295 External describes how to connect to an external etcd cluster 296 Local and External are mutually exclusive 297 properties: 298 caFile: 299 description: |- 300 CAFile is an SSL Certificate Authority file used to secure etcd communication. 301 Required if using a TLS connection. 302 type: string 303 certFile: 304 description: |- 305 CertFile is an SSL certification file used to secure etcd communication. 306 Required if using a TLS connection. 307 type: string 308 endpoints: 309 description: Endpoints of etcd members. Required for 310 ExternalEtcd. 311 items: 312 type: string 313 type: array 314 keyFile: 315 description: |- 316 KeyFile is an SSL key file used to secure etcd communication. 317 Required if using a TLS connection. 318 type: string 319 required: 320 - caFile 321 - certFile 322 - endpoints 323 - keyFile 324 type: object 325 local: 326 description: |- 327 Local provides configuration knobs for configuring the local etcd instance 328 Local and External are mutually exclusive 329 properties: 330 dataDir: 331 description: |- 332 DataDir is the directory etcd will place its data. 333 Defaults to "/var/lib/etcd". 334 type: string 335 extraArgs: 336 additionalProperties: 337 type: string 338 description: |- 339 ExtraArgs are extra arguments provided to the etcd binary 340 when run inside a static pod. 341 type: object 342 imageRepository: 343 description: |- 344 ImageRepository sets the container registry to pull images from. 345 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 346 type: string 347 imageTag: 348 description: |- 349 ImageTag allows to specify a tag for the image. 350 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 351 type: string 352 peerCertSANs: 353 description: PeerCertSANs sets extra Subject Alternative 354 Names for the etcd peer signing cert. 355 items: 356 type: string 357 type: array 358 serverCertSANs: 359 description: ServerCertSANs sets extra Subject Alternative 360 Names for the etcd server signing cert. 361 items: 362 type: string 363 type: array 364 type: object 365 type: object 366 featureGates: 367 additionalProperties: 368 type: boolean 369 description: FeatureGates enabled by the user. 370 type: object 371 imageRepository: 372 description: |- 373 ImageRepository sets the container registry to pull images from. 374 If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) 375 `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` 376 will be used for all the other images. 377 type: string 378 kind: 379 description: |- 380 Kind is a string value representing the REST resource this object represents. 381 Servers may infer this from the endpoint the client submits requests to. 382 Cannot be updated. 383 In CamelCase. 384 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 385 type: string 386 kubernetesVersion: 387 description: |- 388 KubernetesVersion is the target version of the control plane. 389 NB: This value defaults to the Machine object spec.version 390 type: string 391 networking: 392 description: |- 393 Networking holds configuration for the networking topology of the cluster. 394 NB: This value defaults to the Cluster object spec.clusterNetwork. 395 properties: 396 dnsDomain: 397 description: DNSDomain is the dns domain used by k8s services. 398 Defaults to "cluster.local". 399 type: string 400 podSubnet: 401 description: |- 402 PodSubnet is the subnet used by pods. 403 If unset, the API server will not allocate CIDR ranges for every node. 404 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set 405 type: string 406 serviceSubnet: 407 description: |- 408 ServiceSubnet is the subnet used by k8s services. 409 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or 410 to "10.96.0.0/12" if that's unset. 411 type: string 412 type: object 413 scheduler: 414 description: Scheduler contains extra settings for the scheduler 415 control plane component 416 properties: 417 extraArgs: 418 additionalProperties: 419 type: string 420 description: |- 421 ExtraArgs is an extra set of flags to pass to the control plane component. 422 TODO: This is temporary and ideally we would like to switch all components to 423 use ComponentConfig + ConfigMaps. 424 type: object 425 extraVolumes: 426 description: ExtraVolumes is an extra set of host volumes, 427 mounted to the control plane component. 428 items: 429 description: |- 430 HostPathMount contains elements describing volumes that are mounted from the 431 host. 432 properties: 433 hostPath: 434 description: |- 435 HostPath is the path in the host that will be mounted inside 436 the pod. 437 type: string 438 mountPath: 439 description: MountPath is the path inside the pod 440 where hostPath will be mounted. 441 type: string 442 name: 443 description: Name of the volume inside the pod template. 444 type: string 445 pathType: 446 description: PathType is the type of the HostPath. 447 type: string 448 readOnly: 449 description: ReadOnly controls write access to the 450 volume 451 type: boolean 452 required: 453 - hostPath 454 - mountPath 455 - name 456 type: object 457 type: array 458 type: object 459 useHyperKubeImage: 460 description: UseHyperKubeImage controls if hyperkube should 461 be used for Kubernetes components instead of their respective 462 separate images 463 type: boolean 464 type: object 465 diskSetup: 466 description: DiskSetup specifies options for the creation of partition 467 tables and file systems on devices. 468 properties: 469 filesystems: 470 description: Filesystems specifies the list of file systems 471 to setup. 472 items: 473 description: Filesystem defines the file systems to be created. 474 properties: 475 device: 476 description: Device specifies the device name 477 type: string 478 extraOpts: 479 description: ExtraOpts defined extra options to add 480 to the command for creating the file system. 481 items: 482 type: string 483 type: array 484 filesystem: 485 description: Filesystem specifies the file system type. 486 type: string 487 label: 488 description: Label specifies the file system label to 489 be used. If set to None, no label is used. 490 type: string 491 overwrite: 492 description: |- 493 Overwrite defines whether or not to overwrite any existing filesystem. 494 If true, any pre-existing file system will be destroyed. Use with Caution. 495 type: boolean 496 partition: 497 description: 'Partition specifies the partition to use. 498 The valid options are: "auto|any", "auto", "any", 499 "none", and <NUM>, where NUM is the actual partition 500 number.' 501 type: string 502 replaceFS: 503 description: |- 504 ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of <FS_TYPE>. 505 NOTE: unless you define a label, this requires the use of the 'any' partition directive. 506 type: string 507 required: 508 - device 509 - filesystem 510 - label 511 type: object 512 type: array 513 partitions: 514 description: Partitions specifies the list of the partitions 515 to setup. 516 items: 517 description: Partition defines how to create and layout 518 a partition. 519 properties: 520 device: 521 description: Device is the name of the device. 522 type: string 523 layout: 524 description: |- 525 Layout specifies the device layout. 526 If it is true, a single partition will be created for the entire device. 527 When layout is false, it means don't partition or ignore existing partitioning. 528 type: boolean 529 overwrite: 530 description: |- 531 Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. 532 Use with caution. Default is 'false'. 533 type: boolean 534 tableType: 535 description: |- 536 TableType specifies the tupe of partition table. The following are supported: 537 'mbr': default and setups a MS-DOS partition table 538 'gpt': setups a GPT partition table 539 type: string 540 required: 541 - device 542 - layout 543 type: object 544 type: array 545 type: object 546 files: 547 description: Files specifies extra files to be passed to user_data 548 upon creation. 549 items: 550 description: File defines the input for generating write_files 551 in cloud-init. 552 properties: 553 content: 554 description: Content is the actual content of the file. 555 type: string 556 contentFrom: 557 description: ContentFrom is a referenced source of content 558 to populate the file. 559 properties: 560 secret: 561 description: Secret represents a secret that should 562 populate this file. 563 properties: 564 key: 565 description: Key is the key in the secret's data 566 map for this value. 567 type: string 568 name: 569 description: Name of the secret in the KubeadmBootstrapConfig's 570 namespace to use. 571 type: string 572 required: 573 - key 574 - name 575 type: object 576 required: 577 - secret 578 type: object 579 encoding: 580 description: Encoding specifies the encoding of the file 581 contents. 582 enum: 583 - base64 584 - gzip 585 - gzip+base64 586 type: string 587 owner: 588 description: Owner specifies the ownership of the file, 589 e.g. "root:root". 590 type: string 591 path: 592 description: Path specifies the full path on disk where 593 to store the file. 594 type: string 595 permissions: 596 description: Permissions specifies the permissions to assign 597 to the file, e.g. "0640". 598 type: string 599 required: 600 - path 601 type: object 602 type: array 603 format: 604 description: Format specifies the output format of the bootstrap 605 data 606 enum: 607 - cloud-config 608 type: string 609 initConfiguration: 610 description: InitConfiguration along with ClusterConfiguration 611 are the configurations necessary for the init command 612 properties: 613 apiVersion: 614 description: |- 615 APIVersion defines the versioned schema of this representation of an object. 616 Servers should convert recognized schemas to the latest internal value, and 617 may reject unrecognized values. 618 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 619 type: string 620 bootstrapTokens: 621 description: |- 622 BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. 623 This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature 624 items: 625 description: BootstrapToken describes one bootstrap token, 626 stored as a Secret in the cluster. 627 properties: 628 description: 629 description: |- 630 Description sets a human-friendly message why this token exists and what it's used 631 for, so other administrators can know its purpose. 632 type: string 633 expires: 634 description: |- 635 Expires specifies the timestamp when this token expires. Defaults to being set 636 dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. 637 format: date-time 638 type: string 639 groups: 640 description: |- 641 Groups specifies the extra groups that this token will authenticate as when/if 642 used for authentication 643 items: 644 type: string 645 type: array 646 token: 647 description: |- 648 Token is used for establishing bidirectional trust between nodes and control-planes. 649 Used for joining nodes in the cluster. 650 type: string 651 ttl: 652 description: |- 653 TTL defines the time to live for this token. Defaults to 24h. 654 Expires and TTL are mutually exclusive. 655 type: string 656 usages: 657 description: |- 658 Usages describes the ways in which this token can be used. Can by default be used 659 for establishing bidirectional trust, but that can be changed here. 660 items: 661 type: string 662 type: array 663 required: 664 - token 665 type: object 666 type: array 667 kind: 668 description: |- 669 Kind is a string value representing the REST resource this object represents. 670 Servers may infer this from the endpoint the client submits requests to. 671 Cannot be updated. 672 In CamelCase. 673 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 674 type: string 675 localAPIEndpoint: 676 description: |- 677 LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node 678 In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint 679 is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This 680 configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible 681 on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process 682 fails you may set the desired value here. 683 properties: 684 advertiseAddress: 685 description: AdvertiseAddress sets the IP address for 686 the API server to advertise. 687 type: string 688 bindPort: 689 description: |- 690 BindPort sets the secure port for the API Server to bind to. 691 Defaults to 6443. 692 format: int32 693 type: integer 694 required: 695 - advertiseAddress 696 - bindPort 697 type: object 698 nodeRegistration: 699 description: |- 700 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 701 When used in the context of control plane nodes, NodeRegistration should remain consistent 702 across both InitConfiguration and JoinConfiguration 703 properties: 704 criSocket: 705 description: CRISocket is used to retrieve container runtime 706 info. This information will be annotated to the Node 707 API object, for later re-use 708 type: string 709 kubeletExtraArgs: 710 additionalProperties: 711 type: string 712 description: |- 713 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 714 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 715 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 716 type: object 717 name: 718 description: |- 719 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 720 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 721 Defaults to the hostname of the node if not provided. 722 type: string 723 taints: 724 description: |- 725 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 726 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 727 empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. 728 items: 729 description: |- 730 The node this Taint is attached to has the "effect" on 731 any pod that does not tolerate the Taint. 732 properties: 733 effect: 734 description: |- 735 Required. The effect of the taint on pods 736 that do not tolerate the taint. 737 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 738 type: string 739 key: 740 description: Required. The taint key to be applied 741 to a node. 742 type: string 743 timeAdded: 744 description: |- 745 TimeAdded represents the time at which the taint was added. 746 It is only written for NoExecute taints. 747 format: date-time 748 type: string 749 value: 750 description: The taint value corresponding to the 751 taint key. 752 type: string 753 required: 754 - effect 755 - key 756 type: object 757 type: array 758 type: object 759 type: object 760 joinConfiguration: 761 description: JoinConfiguration is the kubeadm configuration for 762 the join command 763 properties: 764 apiVersion: 765 description: |- 766 APIVersion defines the versioned schema of this representation of an object. 767 Servers should convert recognized schemas to the latest internal value, and 768 may reject unrecognized values. 769 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 770 type: string 771 caCertPath: 772 description: |- 773 CACertPath is the path to the SSL certificate authority used to 774 secure comunications between node and control-plane. 775 Defaults to "/etc/kubernetes/pki/ca.crt". 776 TODO: revisit when there is defaulting from k/k 777 type: string 778 controlPlane: 779 description: |- 780 ControlPlane defines the additional control plane instance to be deployed on the joining node. 781 If nil, no additional control plane instance will be deployed. 782 properties: 783 localAPIEndpoint: 784 description: LocalAPIEndpoint represents the endpoint 785 of the API server instance to be deployed on this node. 786 properties: 787 advertiseAddress: 788 description: AdvertiseAddress sets the IP address 789 for the API server to advertise. 790 type: string 791 bindPort: 792 description: |- 793 BindPort sets the secure port for the API Server to bind to. 794 Defaults to 6443. 795 format: int32 796 type: integer 797 required: 798 - advertiseAddress 799 - bindPort 800 type: object 801 type: object 802 discovery: 803 description: |- 804 Discovery specifies the options for the kubelet to use during the TLS Bootstrap process 805 TODO: revisit when there is defaulting from k/k 806 properties: 807 bootstrapToken: 808 description: |- 809 BootstrapToken is used to set the options for bootstrap token based discovery 810 BootstrapToken and File are mutually exclusive 811 properties: 812 apiServerEndpoint: 813 description: APIServerEndpoint is an IP or domain 814 name to the API server from which info will be fetched. 815 type: string 816 caCertHashes: 817 description: |- 818 CACertHashes specifies a set of public key pins to verify 819 when token-based discovery is used. The root CA found during discovery 820 must match one of these values. Specifying an empty set disables root CA 821 pinning, which can be unsafe. Each hash is specified as "<type>:<value>", 822 where the only currently supported type is "sha256". This is a hex-encoded 823 SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded 824 ASN.1. These hashes can be calculated using, for example, OpenSSL: 825 openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex 826 items: 827 type: string 828 type: array 829 token: 830 description: |- 831 Token is a token used to validate cluster information 832 fetched from the control-plane. 833 type: string 834 unsafeSkipCAVerification: 835 description: |- 836 UnsafeSkipCAVerification allows token-based discovery 837 without CA verification via CACertHashes. This can weaken 838 the security of kubeadm since other nodes can impersonate the control-plane. 839 type: boolean 840 required: 841 - token 842 - unsafeSkipCAVerification 843 type: object 844 file: 845 description: |- 846 File is used to specify a file or URL to a kubeconfig file from which to load cluster information 847 BootstrapToken and File are mutually exclusive 848 properties: 849 kubeConfigPath: 850 description: KubeConfigPath is used to specify the 851 actual file path or URL to the kubeconfig file from 852 which to load cluster information 853 type: string 854 required: 855 - kubeConfigPath 856 type: object 857 timeout: 858 description: Timeout modifies the discovery timeout 859 type: string 860 tlsBootstrapToken: 861 description: |- 862 TLSBootstrapToken is a token used for TLS bootstrapping. 863 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. 864 If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information 865 TODO: revisit when there is defaulting from k/k 866 type: string 867 type: object 868 kind: 869 description: |- 870 Kind is a string value representing the REST resource this object represents. 871 Servers may infer this from the endpoint the client submits requests to. 872 Cannot be updated. 873 In CamelCase. 874 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 875 type: string 876 nodeRegistration: 877 description: |- 878 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 879 When used in the context of control plane nodes, NodeRegistration should remain consistent 880 across both InitConfiguration and JoinConfiguration 881 properties: 882 criSocket: 883 description: CRISocket is used to retrieve container runtime 884 info. This information will be annotated to the Node 885 API object, for later re-use 886 type: string 887 kubeletExtraArgs: 888 additionalProperties: 889 type: string 890 description: |- 891 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 892 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 893 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 894 type: object 895 name: 896 description: |- 897 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 898 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 899 Defaults to the hostname of the node if not provided. 900 type: string 901 taints: 902 description: |- 903 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 904 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 905 empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. 906 items: 907 description: |- 908 The node this Taint is attached to has the "effect" on 909 any pod that does not tolerate the Taint. 910 properties: 911 effect: 912 description: |- 913 Required. The effect of the taint on pods 914 that do not tolerate the taint. 915 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 916 type: string 917 key: 918 description: Required. The taint key to be applied 919 to a node. 920 type: string 921 timeAdded: 922 description: |- 923 TimeAdded represents the time at which the taint was added. 924 It is only written for NoExecute taints. 925 format: date-time 926 type: string 927 value: 928 description: The taint value corresponding to the 929 taint key. 930 type: string 931 required: 932 - effect 933 - key 934 type: object 935 type: array 936 type: object 937 type: object 938 mounts: 939 description: Mounts specifies a list of mount points to be setup. 940 items: 941 description: MountPoints defines input for generated mounts 942 in cloud-init. 943 items: 944 type: string 945 type: array 946 type: array 947 ntp: 948 description: NTP specifies NTP configuration 949 properties: 950 enabled: 951 description: Enabled specifies whether NTP should be enabled 952 type: boolean 953 servers: 954 description: Servers specifies which NTP servers to use 955 items: 956 type: string 957 type: array 958 type: object 959 postKubeadmCommands: 960 description: PostKubeadmCommands specifies extra commands to run 961 after kubeadm runs 962 items: 963 type: string 964 type: array 965 preKubeadmCommands: 966 description: PreKubeadmCommands specifies extra commands to run 967 before kubeadm runs 968 items: 969 type: string 970 type: array 971 useExperimentalRetryJoin: 972 description: |- 973 UseExperimentalRetryJoin replaces a basic kubeadm command with a shell 974 script with retries for joins. 975 976 977 This is meant to be an experimental temporary workaround on some environments 978 where joins fail due to timing (and other issues). The long term goal is to add retries to 979 kubeadm proper and use that functionality. 980 981 982 This will add about 40KB to userdata 983 984 985 For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 986 type: boolean 987 users: 988 description: Users specifies extra users to add 989 items: 990 description: User defines the input for a generated user in 991 cloud-init. 992 properties: 993 gecos: 994 description: Gecos specifies the gecos to use for the user 995 type: string 996 groups: 997 description: Groups specifies the additional groups for 998 the user 999 type: string 1000 homeDir: 1001 description: HomeDir specifies the home directory to use 1002 for the user 1003 type: string 1004 inactive: 1005 description: Inactive specifies whether to mark the user 1006 as inactive 1007 type: boolean 1008 lockPassword: 1009 description: LockPassword specifies if password login should 1010 be disabled 1011 type: boolean 1012 name: 1013 description: Name specifies the user name 1014 type: string 1015 passwd: 1016 description: Passwd specifies a hashed password for the 1017 user 1018 type: string 1019 primaryGroup: 1020 description: PrimaryGroup specifies the primary group for 1021 the user 1022 type: string 1023 shell: 1024 description: Shell specifies the user's shell 1025 type: string 1026 sshAuthorizedKeys: 1027 description: SSHAuthorizedKeys specifies a list of ssh authorized 1028 keys for the user 1029 items: 1030 type: string 1031 type: array 1032 sudo: 1033 description: Sudo specifies a sudo role for the user 1034 type: string 1035 required: 1036 - name 1037 type: object 1038 type: array 1039 verbosity: 1040 description: |- 1041 Verbosity is the number for the kubeadm log level verbosity. 1042 It overrides the `--v` flag in kubeadm commands. 1043 format: int32 1044 type: integer 1045 type: object 1046 nodeDrainTimeout: 1047 description: |- 1048 NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node 1049 The default value is 0, meaning that the node can be drained without any time limitations. 1050 NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` 1051 type: string 1052 replicas: 1053 description: |- 1054 Number of desired machines. Defaults to 1. When stacked etcd is used only 1055 odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 1056 This is a pointer to distinguish between explicit zero and not specified. 1057 format: int32 1058 type: integer 1059 rolloutStrategy: 1060 description: |- 1061 The RolloutStrategy to use to replace control plane machines with 1062 new ones. 1063 properties: 1064 rollingUpdate: 1065 description: |- 1066 Rolling update config params. Present only if 1067 RolloutStrategyType = RollingUpdate. 1068 properties: 1069 maxSurge: 1070 anyOf: 1071 - type: integer 1072 - type: string 1073 description: |- 1074 The maximum number of control planes that can be scheduled above or under the 1075 desired number of control planes. 1076 Value can be an absolute number 1 or 0. 1077 Defaults to 1. 1078 Example: when this is set to 1, the control plane can be scaled 1079 up immediately when the rolling update starts. 1080 x-kubernetes-int-or-string: true 1081 type: object 1082 type: 1083 description: |- 1084 Type of rollout. Currently the only supported strategy is 1085 "RollingUpdate". 1086 Default is RollingUpdate. 1087 type: string 1088 type: object 1089 upgradeAfter: 1090 description: |- 1091 UpgradeAfter is a field to indicate an upgrade should be performed 1092 after the specified time even if no changes have been made to the 1093 KubeadmControlPlane 1094 format: date-time 1095 type: string 1096 version: 1097 description: Version defines the desired Kubernetes version. 1098 type: string 1099 required: 1100 - infrastructureTemplate 1101 - kubeadmConfigSpec 1102 - version 1103 type: object 1104 status: 1105 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 1106 properties: 1107 conditions: 1108 description: Conditions defines current service state of the KubeadmControlPlane. 1109 items: 1110 description: Condition defines an observation of a Cluster API resource 1111 operational state. 1112 properties: 1113 lastTransitionTime: 1114 description: |- 1115 Last time the condition transitioned from one status to another. 1116 This should be when the underlying condition changed. If that is not known, then using the time when 1117 the API field changed is acceptable. 1118 format: date-time 1119 type: string 1120 message: 1121 description: |- 1122 A human readable message indicating details about the transition. 1123 This field may be empty. 1124 type: string 1125 reason: 1126 description: |- 1127 The reason for the condition's last transition in CamelCase. 1128 The specific API may choose whether or not this field is considered a guaranteed API. 1129 This field may not be empty. 1130 type: string 1131 severity: 1132 description: |- 1133 Severity provides an explicit classification of Reason code, so the users or machines can immediately 1134 understand the current situation and act accordingly. 1135 The Severity field MUST be set only when Status=False. 1136 type: string 1137 status: 1138 description: Status of the condition, one of True, False, Unknown. 1139 type: string 1140 type: 1141 description: |- 1142 Type of condition in CamelCase or in foo.example.com/CamelCase. 1143 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 1144 can be useful (see .node.status.conditions), the ability to deconflict is important. 1145 type: string 1146 required: 1147 - status 1148 - type 1149 type: object 1150 type: array 1151 failureMessage: 1152 description: |- 1153 ErrorMessage indicates that there is a terminal problem reconciling the 1154 state, and will be set to a descriptive error message. 1155 type: string 1156 failureReason: 1157 description: |- 1158 FailureReason indicates that there is a terminal problem reconciling the 1159 state, and will be set to a token value suitable for 1160 programmatic interpretation. 1161 type: string 1162 initialized: 1163 description: |- 1164 Initialized denotes whether or not the control plane has the 1165 uploaded kubeadm-config configmap. 1166 type: boolean 1167 observedGeneration: 1168 description: ObservedGeneration is the latest generation observed 1169 by the controller. 1170 format: int64 1171 type: integer 1172 ready: 1173 description: |- 1174 Ready denotes that the KubeadmControlPlane API Server is ready to 1175 receive requests. 1176 type: boolean 1177 readyReplicas: 1178 description: Total number of fully running and ready control plane 1179 machines. 1180 format: int32 1181 type: integer 1182 replicas: 1183 description: |- 1184 Total number of non-terminated machines targeted by this control plane 1185 (their labels match the selector). 1186 format: int32 1187 type: integer 1188 selector: 1189 description: |- 1190 Selector is the label selector in string format to avoid introspection 1191 by clients, and is used to provide the CRD-based integration for the 1192 scale subresource and additional integrations for things like kubectl 1193 describe.. The string will be in the same format as the query-param syntax. 1194 More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors 1195 type: string 1196 unavailableReplicas: 1197 description: |- 1198 Total number of unavailable machines targeted by this control plane. 1199 This is the total number of machines that are still required for 1200 the deployment to have 100% available capacity. They may either 1201 be machines that are running but not yet ready or machines 1202 that still have not been created. 1203 format: int32 1204 type: integer 1205 updatedReplicas: 1206 description: |- 1207 Total number of non-terminated machines targeted by this control plane 1208 that have the desired template spec. 1209 format: int32 1210 type: integer 1211 type: object 1212 type: object 1213 served: false 1214 storage: false 1215 subresources: 1216 scale: 1217 labelSelectorPath: .status.selector 1218 specReplicasPath: .spec.replicas 1219 statusReplicasPath: .status.replicas 1220 status: {} 1221 - additionalPrinterColumns: 1222 - description: Time duration since creation of KubeadmControlPlane 1223 jsonPath: .metadata.creationTimestamp 1224 name: Age 1225 type: date 1226 - description: This denotes whether or not the control plane has the uploaded 1227 kubeadm-config configmap 1228 jsonPath: .status.initialized 1229 name: Initialized 1230 type: boolean 1231 - description: KubeadmControlPlane API Server is ready to receive requests 1232 jsonPath: .status.ready 1233 name: API Server Available 1234 type: boolean 1235 - description: Kubernetes version associated with this control plane 1236 jsonPath: .spec.version 1237 name: Version 1238 type: string 1239 - description: Total number of non-terminated machines targeted by this control 1240 plane 1241 jsonPath: .status.replicas 1242 name: Replicas 1243 type: integer 1244 - description: Total number of fully running and ready control plane machines 1245 jsonPath: .status.readyReplicas 1246 name: Ready 1247 type: integer 1248 - description: Total number of non-terminated machines targeted by this control 1249 plane that have the desired template spec 1250 jsonPath: .status.updatedReplicas 1251 name: Updated 1252 type: integer 1253 - description: Total number of unavailable machines targeted by this control plane 1254 jsonPath: .status.unavailableReplicas 1255 name: Unavailable 1256 type: integer 1257 deprecated: true 1258 name: v1alpha4 1259 schema: 1260 openAPIV3Schema: 1261 description: |- 1262 KubeadmControlPlane is the Schema for the KubeadmControlPlane API. 1263 1264 1265 Deprecated: This type will be removed in one of the next releases. 1266 properties: 1267 apiVersion: 1268 description: |- 1269 APIVersion defines the versioned schema of this representation of an object. 1270 Servers should convert recognized schemas to the latest internal value, and 1271 may reject unrecognized values. 1272 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1273 type: string 1274 kind: 1275 description: |- 1276 Kind is a string value representing the REST resource this object represents. 1277 Servers may infer this from the endpoint the client submits requests to. 1278 Cannot be updated. 1279 In CamelCase. 1280 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1281 type: string 1282 metadata: 1283 type: object 1284 spec: 1285 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 1286 properties: 1287 kubeadmConfigSpec: 1288 description: |- 1289 KubeadmConfigSpec is a KubeadmConfigSpec 1290 to use for initializing and joining machines to the control plane. 1291 properties: 1292 clusterConfiguration: 1293 description: ClusterConfiguration along with InitConfiguration 1294 are the configurations necessary for the init command 1295 properties: 1296 apiServer: 1297 description: APIServer contains extra settings for the API 1298 server control plane component 1299 properties: 1300 certSANs: 1301 description: CertSANs sets extra Subject Alternative Names 1302 for the API Server signing cert. 1303 items: 1304 type: string 1305 type: array 1306 extraArgs: 1307 additionalProperties: 1308 type: string 1309 description: |- 1310 ExtraArgs is an extra set of flags to pass to the control plane component. 1311 TODO: This is temporary and ideally we would like to switch all components to 1312 use ComponentConfig + ConfigMaps. 1313 type: object 1314 extraVolumes: 1315 description: ExtraVolumes is an extra set of host volumes, 1316 mounted to the control plane component. 1317 items: 1318 description: |- 1319 HostPathMount contains elements describing volumes that are mounted from the 1320 host. 1321 properties: 1322 hostPath: 1323 description: |- 1324 HostPath is the path in the host that will be mounted inside 1325 the pod. 1326 type: string 1327 mountPath: 1328 description: MountPath is the path inside the pod 1329 where hostPath will be mounted. 1330 type: string 1331 name: 1332 description: Name of the volume inside the pod template. 1333 type: string 1334 pathType: 1335 description: PathType is the type of the HostPath. 1336 type: string 1337 readOnly: 1338 description: ReadOnly controls write access to the 1339 volume 1340 type: boolean 1341 required: 1342 - hostPath 1343 - mountPath 1344 - name 1345 type: object 1346 type: array 1347 timeoutForControlPlane: 1348 description: TimeoutForControlPlane controls the timeout 1349 that we use for API server to appear 1350 type: string 1351 type: object 1352 apiVersion: 1353 description: |- 1354 APIVersion defines the versioned schema of this representation of an object. 1355 Servers should convert recognized schemas to the latest internal value, and 1356 may reject unrecognized values. 1357 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1358 type: string 1359 certificatesDir: 1360 description: |- 1361 CertificatesDir specifies where to store or look for all required certificates. 1362 NB: if not provided, this will default to `/etc/kubernetes/pki` 1363 type: string 1364 clusterName: 1365 description: The cluster name 1366 type: string 1367 controlPlaneEndpoint: 1368 description: |- 1369 ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it 1370 can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. 1371 In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort 1372 are used; in case the ControlPlaneEndpoint is specified but without a TCP port, 1373 the BindPort is used. 1374 Possible usages are: 1375 e.g. In a cluster with more than one control plane instances, this field should be 1376 assigned the address of the external load balancer in front of the 1377 control plane instances. 1378 e.g. in environments with enforced node recycling, the ControlPlaneEndpoint 1379 could be used for assigning a stable DNS to the control plane. 1380 NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. 1381 type: string 1382 controllerManager: 1383 description: ControllerManager contains extra settings for 1384 the controller manager control plane component 1385 properties: 1386 extraArgs: 1387 additionalProperties: 1388 type: string 1389 description: |- 1390 ExtraArgs is an extra set of flags to pass to the control plane component. 1391 TODO: This is temporary and ideally we would like to switch all components to 1392 use ComponentConfig + ConfigMaps. 1393 type: object 1394 extraVolumes: 1395 description: ExtraVolumes is an extra set of host volumes, 1396 mounted to the control plane component. 1397 items: 1398 description: |- 1399 HostPathMount contains elements describing volumes that are mounted from the 1400 host. 1401 properties: 1402 hostPath: 1403 description: |- 1404 HostPath is the path in the host that will be mounted inside 1405 the pod. 1406 type: string 1407 mountPath: 1408 description: MountPath is the path inside the pod 1409 where hostPath will be mounted. 1410 type: string 1411 name: 1412 description: Name of the volume inside the pod template. 1413 type: string 1414 pathType: 1415 description: PathType is the type of the HostPath. 1416 type: string 1417 readOnly: 1418 description: ReadOnly controls write access to the 1419 volume 1420 type: boolean 1421 required: 1422 - hostPath 1423 - mountPath 1424 - name 1425 type: object 1426 type: array 1427 type: object 1428 dns: 1429 description: DNS defines the options for the DNS add-on installed 1430 in the cluster. 1431 properties: 1432 imageRepository: 1433 description: |- 1434 ImageRepository sets the container registry to pull images from. 1435 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 1436 type: string 1437 imageTag: 1438 description: |- 1439 ImageTag allows to specify a tag for the image. 1440 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 1441 type: string 1442 type: object 1443 etcd: 1444 description: |- 1445 Etcd holds configuration for etcd. 1446 NB: This value defaults to a Local (stacked) etcd 1447 properties: 1448 external: 1449 description: |- 1450 External describes how to connect to an external etcd cluster 1451 Local and External are mutually exclusive 1452 properties: 1453 caFile: 1454 description: |- 1455 CAFile is an SSL Certificate Authority file used to secure etcd communication. 1456 Required if using a TLS connection. 1457 type: string 1458 certFile: 1459 description: |- 1460 CertFile is an SSL certification file used to secure etcd communication. 1461 Required if using a TLS connection. 1462 type: string 1463 endpoints: 1464 description: Endpoints of etcd members. Required for 1465 ExternalEtcd. 1466 items: 1467 type: string 1468 type: array 1469 keyFile: 1470 description: |- 1471 KeyFile is an SSL key file used to secure etcd communication. 1472 Required if using a TLS connection. 1473 type: string 1474 required: 1475 - caFile 1476 - certFile 1477 - endpoints 1478 - keyFile 1479 type: object 1480 local: 1481 description: |- 1482 Local provides configuration knobs for configuring the local etcd instance 1483 Local and External are mutually exclusive 1484 properties: 1485 dataDir: 1486 description: |- 1487 DataDir is the directory etcd will place its data. 1488 Defaults to "/var/lib/etcd". 1489 type: string 1490 extraArgs: 1491 additionalProperties: 1492 type: string 1493 description: |- 1494 ExtraArgs are extra arguments provided to the etcd binary 1495 when run inside a static pod. 1496 type: object 1497 imageRepository: 1498 description: |- 1499 ImageRepository sets the container registry to pull images from. 1500 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 1501 type: string 1502 imageTag: 1503 description: |- 1504 ImageTag allows to specify a tag for the image. 1505 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 1506 type: string 1507 peerCertSANs: 1508 description: PeerCertSANs sets extra Subject Alternative 1509 Names for the etcd peer signing cert. 1510 items: 1511 type: string 1512 type: array 1513 serverCertSANs: 1514 description: ServerCertSANs sets extra Subject Alternative 1515 Names for the etcd server signing cert. 1516 items: 1517 type: string 1518 type: array 1519 type: object 1520 type: object 1521 featureGates: 1522 additionalProperties: 1523 type: boolean 1524 description: FeatureGates enabled by the user. 1525 type: object 1526 imageRepository: 1527 description: |- 1528 ImageRepository sets the container registry to pull images from. 1529 If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) 1530 `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` 1531 will be used for all the other images. 1532 type: string 1533 kind: 1534 description: |- 1535 Kind is a string value representing the REST resource this object represents. 1536 Servers may infer this from the endpoint the client submits requests to. 1537 Cannot be updated. 1538 In CamelCase. 1539 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1540 type: string 1541 kubernetesVersion: 1542 description: |- 1543 KubernetesVersion is the target version of the control plane. 1544 NB: This value defaults to the Machine object spec.version 1545 type: string 1546 networking: 1547 description: |- 1548 Networking holds configuration for the networking topology of the cluster. 1549 NB: This value defaults to the Cluster object spec.clusterNetwork. 1550 properties: 1551 dnsDomain: 1552 description: DNSDomain is the dns domain used by k8s services. 1553 Defaults to "cluster.local". 1554 type: string 1555 podSubnet: 1556 description: |- 1557 PodSubnet is the subnet used by pods. 1558 If unset, the API server will not allocate CIDR ranges for every node. 1559 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set 1560 type: string 1561 serviceSubnet: 1562 description: |- 1563 ServiceSubnet is the subnet used by k8s services. 1564 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or 1565 to "10.96.0.0/12" if that's unset. 1566 type: string 1567 type: object 1568 scheduler: 1569 description: Scheduler contains extra settings for the scheduler 1570 control plane component 1571 properties: 1572 extraArgs: 1573 additionalProperties: 1574 type: string 1575 description: |- 1576 ExtraArgs is an extra set of flags to pass to the control plane component. 1577 TODO: This is temporary and ideally we would like to switch all components to 1578 use ComponentConfig + ConfigMaps. 1579 type: object 1580 extraVolumes: 1581 description: ExtraVolumes is an extra set of host volumes, 1582 mounted to the control plane component. 1583 items: 1584 description: |- 1585 HostPathMount contains elements describing volumes that are mounted from the 1586 host. 1587 properties: 1588 hostPath: 1589 description: |- 1590 HostPath is the path in the host that will be mounted inside 1591 the pod. 1592 type: string 1593 mountPath: 1594 description: MountPath is the path inside the pod 1595 where hostPath will be mounted. 1596 type: string 1597 name: 1598 description: Name of the volume inside the pod template. 1599 type: string 1600 pathType: 1601 description: PathType is the type of the HostPath. 1602 type: string 1603 readOnly: 1604 description: ReadOnly controls write access to the 1605 volume 1606 type: boolean 1607 required: 1608 - hostPath 1609 - mountPath 1610 - name 1611 type: object 1612 type: array 1613 type: object 1614 type: object 1615 diskSetup: 1616 description: DiskSetup specifies options for the creation of partition 1617 tables and file systems on devices. 1618 properties: 1619 filesystems: 1620 description: Filesystems specifies the list of file systems 1621 to setup. 1622 items: 1623 description: Filesystem defines the file systems to be created. 1624 properties: 1625 device: 1626 description: Device specifies the device name 1627 type: string 1628 extraOpts: 1629 description: ExtraOpts defined extra options to add 1630 to the command for creating the file system. 1631 items: 1632 type: string 1633 type: array 1634 filesystem: 1635 description: Filesystem specifies the file system type. 1636 type: string 1637 label: 1638 description: Label specifies the file system label to 1639 be used. If set to None, no label is used. 1640 type: string 1641 overwrite: 1642 description: |- 1643 Overwrite defines whether or not to overwrite any existing filesystem. 1644 If true, any pre-existing file system will be destroyed. Use with Caution. 1645 type: boolean 1646 partition: 1647 description: 'Partition specifies the partition to use. 1648 The valid options are: "auto|any", "auto", "any", 1649 "none", and <NUM>, where NUM is the actual partition 1650 number.' 1651 type: string 1652 replaceFS: 1653 description: |- 1654 ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of <FS_TYPE>. 1655 NOTE: unless you define a label, this requires the use of the 'any' partition directive. 1656 type: string 1657 required: 1658 - device 1659 - filesystem 1660 - label 1661 type: object 1662 type: array 1663 partitions: 1664 description: Partitions specifies the list of the partitions 1665 to setup. 1666 items: 1667 description: Partition defines how to create and layout 1668 a partition. 1669 properties: 1670 device: 1671 description: Device is the name of the device. 1672 type: string 1673 layout: 1674 description: |- 1675 Layout specifies the device layout. 1676 If it is true, a single partition will be created for the entire device. 1677 When layout is false, it means don't partition or ignore existing partitioning. 1678 type: boolean 1679 overwrite: 1680 description: |- 1681 Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. 1682 Use with caution. Default is 'false'. 1683 type: boolean 1684 tableType: 1685 description: |- 1686 TableType specifies the tupe of partition table. The following are supported: 1687 'mbr': default and setups a MS-DOS partition table 1688 'gpt': setups a GPT partition table 1689 type: string 1690 required: 1691 - device 1692 - layout 1693 type: object 1694 type: array 1695 type: object 1696 files: 1697 description: Files specifies extra files to be passed to user_data 1698 upon creation. 1699 items: 1700 description: File defines the input for generating write_files 1701 in cloud-init. 1702 properties: 1703 content: 1704 description: Content is the actual content of the file. 1705 type: string 1706 contentFrom: 1707 description: ContentFrom is a referenced source of content 1708 to populate the file. 1709 properties: 1710 secret: 1711 description: Secret represents a secret that should 1712 populate this file. 1713 properties: 1714 key: 1715 description: Key is the key in the secret's data 1716 map for this value. 1717 type: string 1718 name: 1719 description: Name of the secret in the KubeadmBootstrapConfig's 1720 namespace to use. 1721 type: string 1722 required: 1723 - key 1724 - name 1725 type: object 1726 required: 1727 - secret 1728 type: object 1729 encoding: 1730 description: Encoding specifies the encoding of the file 1731 contents. 1732 enum: 1733 - base64 1734 - gzip 1735 - gzip+base64 1736 type: string 1737 owner: 1738 description: Owner specifies the ownership of the file, 1739 e.g. "root:root". 1740 type: string 1741 path: 1742 description: Path specifies the full path on disk where 1743 to store the file. 1744 type: string 1745 permissions: 1746 description: Permissions specifies the permissions to assign 1747 to the file, e.g. "0640". 1748 type: string 1749 required: 1750 - path 1751 type: object 1752 type: array 1753 format: 1754 description: Format specifies the output format of the bootstrap 1755 data 1756 enum: 1757 - cloud-config 1758 type: string 1759 initConfiguration: 1760 description: InitConfiguration along with ClusterConfiguration 1761 are the configurations necessary for the init command 1762 properties: 1763 apiVersion: 1764 description: |- 1765 APIVersion defines the versioned schema of this representation of an object. 1766 Servers should convert recognized schemas to the latest internal value, and 1767 may reject unrecognized values. 1768 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1769 type: string 1770 bootstrapTokens: 1771 description: |- 1772 BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. 1773 This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature 1774 items: 1775 description: BootstrapToken describes one bootstrap token, 1776 stored as a Secret in the cluster. 1777 properties: 1778 description: 1779 description: |- 1780 Description sets a human-friendly message why this token exists and what it's used 1781 for, so other administrators can know its purpose. 1782 type: string 1783 expires: 1784 description: |- 1785 Expires specifies the timestamp when this token expires. Defaults to being set 1786 dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. 1787 format: date-time 1788 type: string 1789 groups: 1790 description: |- 1791 Groups specifies the extra groups that this token will authenticate as when/if 1792 used for authentication 1793 items: 1794 type: string 1795 type: array 1796 token: 1797 description: |- 1798 Token is used for establishing bidirectional trust between nodes and control-planes. 1799 Used for joining nodes in the cluster. 1800 type: string 1801 ttl: 1802 description: |- 1803 TTL defines the time to live for this token. Defaults to 24h. 1804 Expires and TTL are mutually exclusive. 1805 type: string 1806 usages: 1807 description: |- 1808 Usages describes the ways in which this token can be used. Can by default be used 1809 for establishing bidirectional trust, but that can be changed here. 1810 items: 1811 type: string 1812 type: array 1813 required: 1814 - token 1815 type: object 1816 type: array 1817 kind: 1818 description: |- 1819 Kind is a string value representing the REST resource this object represents. 1820 Servers may infer this from the endpoint the client submits requests to. 1821 Cannot be updated. 1822 In CamelCase. 1823 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1824 type: string 1825 localAPIEndpoint: 1826 description: |- 1827 LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node 1828 In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint 1829 is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This 1830 configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible 1831 on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process 1832 fails you may set the desired value here. 1833 properties: 1834 advertiseAddress: 1835 description: AdvertiseAddress sets the IP address for 1836 the API server to advertise. 1837 type: string 1838 bindPort: 1839 description: |- 1840 BindPort sets the secure port for the API Server to bind to. 1841 Defaults to 6443. 1842 format: int32 1843 type: integer 1844 type: object 1845 nodeRegistration: 1846 description: |- 1847 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 1848 When used in the context of control plane nodes, NodeRegistration should remain consistent 1849 across both InitConfiguration and JoinConfiguration 1850 properties: 1851 criSocket: 1852 description: CRISocket is used to retrieve container runtime 1853 info. This information will be annotated to the Node 1854 API object, for later re-use 1855 type: string 1856 ignorePreflightErrors: 1857 description: IgnorePreflightErrors provides a slice of 1858 pre-flight errors to be ignored when the current node 1859 is registered. 1860 items: 1861 type: string 1862 type: array 1863 kubeletExtraArgs: 1864 additionalProperties: 1865 type: string 1866 description: |- 1867 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 1868 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 1869 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 1870 type: object 1871 name: 1872 description: |- 1873 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 1874 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 1875 Defaults to the hostname of the node if not provided. 1876 type: string 1877 taints: 1878 description: |- 1879 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 1880 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 1881 empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. 1882 items: 1883 description: |- 1884 The node this Taint is attached to has the "effect" on 1885 any pod that does not tolerate the Taint. 1886 properties: 1887 effect: 1888 description: |- 1889 Required. The effect of the taint on pods 1890 that do not tolerate the taint. 1891 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 1892 type: string 1893 key: 1894 description: Required. The taint key to be applied 1895 to a node. 1896 type: string 1897 timeAdded: 1898 description: |- 1899 TimeAdded represents the time at which the taint was added. 1900 It is only written for NoExecute taints. 1901 format: date-time 1902 type: string 1903 value: 1904 description: The taint value corresponding to the 1905 taint key. 1906 type: string 1907 required: 1908 - effect 1909 - key 1910 type: object 1911 type: array 1912 type: object 1913 type: object 1914 joinConfiguration: 1915 description: JoinConfiguration is the kubeadm configuration for 1916 the join command 1917 properties: 1918 apiVersion: 1919 description: |- 1920 APIVersion defines the versioned schema of this representation of an object. 1921 Servers should convert recognized schemas to the latest internal value, and 1922 may reject unrecognized values. 1923 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1924 type: string 1925 caCertPath: 1926 description: |- 1927 CACertPath is the path to the SSL certificate authority used to 1928 secure comunications between node and control-plane. 1929 Defaults to "/etc/kubernetes/pki/ca.crt". 1930 TODO: revisit when there is defaulting from k/k 1931 type: string 1932 controlPlane: 1933 description: |- 1934 ControlPlane defines the additional control plane instance to be deployed on the joining node. 1935 If nil, no additional control plane instance will be deployed. 1936 properties: 1937 localAPIEndpoint: 1938 description: LocalAPIEndpoint represents the endpoint 1939 of the API server instance to be deployed on this node. 1940 properties: 1941 advertiseAddress: 1942 description: AdvertiseAddress sets the IP address 1943 for the API server to advertise. 1944 type: string 1945 bindPort: 1946 description: |- 1947 BindPort sets the secure port for the API Server to bind to. 1948 Defaults to 6443. 1949 format: int32 1950 type: integer 1951 type: object 1952 type: object 1953 discovery: 1954 description: |- 1955 Discovery specifies the options for the kubelet to use during the TLS Bootstrap process 1956 TODO: revisit when there is defaulting from k/k 1957 properties: 1958 bootstrapToken: 1959 description: |- 1960 BootstrapToken is used to set the options for bootstrap token based discovery 1961 BootstrapToken and File are mutually exclusive 1962 properties: 1963 apiServerEndpoint: 1964 description: APIServerEndpoint is an IP or domain 1965 name to the API server from which info will be fetched. 1966 type: string 1967 caCertHashes: 1968 description: |- 1969 CACertHashes specifies a set of public key pins to verify 1970 when token-based discovery is used. The root CA found during discovery 1971 must match one of these values. Specifying an empty set disables root CA 1972 pinning, which can be unsafe. Each hash is specified as "<type>:<value>", 1973 where the only currently supported type is "sha256". This is a hex-encoded 1974 SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded 1975 ASN.1. These hashes can be calculated using, for example, OpenSSL: 1976 openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex 1977 items: 1978 type: string 1979 type: array 1980 token: 1981 description: |- 1982 Token is a token used to validate cluster information 1983 fetched from the control-plane. 1984 type: string 1985 unsafeSkipCAVerification: 1986 description: |- 1987 UnsafeSkipCAVerification allows token-based discovery 1988 without CA verification via CACertHashes. This can weaken 1989 the security of kubeadm since other nodes can impersonate the control-plane. 1990 type: boolean 1991 required: 1992 - token 1993 type: object 1994 file: 1995 description: |- 1996 File is used to specify a file or URL to a kubeconfig file from which to load cluster information 1997 BootstrapToken and File are mutually exclusive 1998 properties: 1999 kubeConfigPath: 2000 description: KubeConfigPath is used to specify the 2001 actual file path or URL to the kubeconfig file from 2002 which to load cluster information 2003 type: string 2004 required: 2005 - kubeConfigPath 2006 type: object 2007 timeout: 2008 description: Timeout modifies the discovery timeout 2009 type: string 2010 tlsBootstrapToken: 2011 description: |- 2012 TLSBootstrapToken is a token used for TLS bootstrapping. 2013 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. 2014 If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information 2015 type: string 2016 type: object 2017 kind: 2018 description: |- 2019 Kind is a string value representing the REST resource this object represents. 2020 Servers may infer this from the endpoint the client submits requests to. 2021 Cannot be updated. 2022 In CamelCase. 2023 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2024 type: string 2025 nodeRegistration: 2026 description: |- 2027 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 2028 When used in the context of control plane nodes, NodeRegistration should remain consistent 2029 across both InitConfiguration and JoinConfiguration 2030 properties: 2031 criSocket: 2032 description: CRISocket is used to retrieve container runtime 2033 info. This information will be annotated to the Node 2034 API object, for later re-use 2035 type: string 2036 ignorePreflightErrors: 2037 description: IgnorePreflightErrors provides a slice of 2038 pre-flight errors to be ignored when the current node 2039 is registered. 2040 items: 2041 type: string 2042 type: array 2043 kubeletExtraArgs: 2044 additionalProperties: 2045 type: string 2046 description: |- 2047 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 2048 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 2049 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 2050 type: object 2051 name: 2052 description: |- 2053 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 2054 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 2055 Defaults to the hostname of the node if not provided. 2056 type: string 2057 taints: 2058 description: |- 2059 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 2060 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 2061 empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. 2062 items: 2063 description: |- 2064 The node this Taint is attached to has the "effect" on 2065 any pod that does not tolerate the Taint. 2066 properties: 2067 effect: 2068 description: |- 2069 Required. The effect of the taint on pods 2070 that do not tolerate the taint. 2071 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 2072 type: string 2073 key: 2074 description: Required. The taint key to be applied 2075 to a node. 2076 type: string 2077 timeAdded: 2078 description: |- 2079 TimeAdded represents the time at which the taint was added. 2080 It is only written for NoExecute taints. 2081 format: date-time 2082 type: string 2083 value: 2084 description: The taint value corresponding to the 2085 taint key. 2086 type: string 2087 required: 2088 - effect 2089 - key 2090 type: object 2091 type: array 2092 type: object 2093 type: object 2094 mounts: 2095 description: Mounts specifies a list of mount points to be setup. 2096 items: 2097 description: MountPoints defines input for generated mounts 2098 in cloud-init. 2099 items: 2100 type: string 2101 type: array 2102 type: array 2103 ntp: 2104 description: NTP specifies NTP configuration 2105 properties: 2106 enabled: 2107 description: Enabled specifies whether NTP should be enabled 2108 type: boolean 2109 servers: 2110 description: Servers specifies which NTP servers to use 2111 items: 2112 type: string 2113 type: array 2114 type: object 2115 postKubeadmCommands: 2116 description: PostKubeadmCommands specifies extra commands to run 2117 after kubeadm runs 2118 items: 2119 type: string 2120 type: array 2121 preKubeadmCommands: 2122 description: PreKubeadmCommands specifies extra commands to run 2123 before kubeadm runs 2124 items: 2125 type: string 2126 type: array 2127 useExperimentalRetryJoin: 2128 description: |- 2129 UseExperimentalRetryJoin replaces a basic kubeadm command with a shell 2130 script with retries for joins. 2131 2132 2133 This is meant to be an experimental temporary workaround on some environments 2134 where joins fail due to timing (and other issues). The long term goal is to add retries to 2135 kubeadm proper and use that functionality. 2136 2137 2138 This will add about 40KB to userdata 2139 2140 2141 For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 2142 type: boolean 2143 users: 2144 description: Users specifies extra users to add 2145 items: 2146 description: User defines the input for a generated user in 2147 cloud-init. 2148 properties: 2149 gecos: 2150 description: Gecos specifies the gecos to use for the user 2151 type: string 2152 groups: 2153 description: Groups specifies the additional groups for 2154 the user 2155 type: string 2156 homeDir: 2157 description: HomeDir specifies the home directory to use 2158 for the user 2159 type: string 2160 inactive: 2161 description: Inactive specifies whether to mark the user 2162 as inactive 2163 type: boolean 2164 lockPassword: 2165 description: LockPassword specifies if password login should 2166 be disabled 2167 type: boolean 2168 name: 2169 description: Name specifies the user name 2170 type: string 2171 passwd: 2172 description: Passwd specifies a hashed password for the 2173 user 2174 type: string 2175 primaryGroup: 2176 description: PrimaryGroup specifies the primary group for 2177 the user 2178 type: string 2179 shell: 2180 description: Shell specifies the user's shell 2181 type: string 2182 sshAuthorizedKeys: 2183 description: SSHAuthorizedKeys specifies a list of ssh authorized 2184 keys for the user 2185 items: 2186 type: string 2187 type: array 2188 sudo: 2189 description: Sudo specifies a sudo role for the user 2190 type: string 2191 required: 2192 - name 2193 type: object 2194 type: array 2195 verbosity: 2196 description: |- 2197 Verbosity is the number for the kubeadm log level verbosity. 2198 It overrides the `--v` flag in kubeadm commands. 2199 format: int32 2200 type: integer 2201 type: object 2202 machineTemplate: 2203 description: |- 2204 MachineTemplate contains information about how machines 2205 should be shaped when creating or updating a control plane. 2206 properties: 2207 infrastructureRef: 2208 description: |- 2209 InfrastructureRef is a required reference to a custom resource 2210 offered by an infrastructure provider. 2211 properties: 2212 apiVersion: 2213 description: API version of the referent. 2214 type: string 2215 fieldPath: 2216 description: |- 2217 If referring to a piece of an object instead of an entire object, this string 2218 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 2219 For example, if the object reference is to a container within a pod, this would take on a value like: 2220 "spec.containers{name}" (where "name" refers to the name of the container that triggered 2221 the event) or if no container name is specified "spec.containers[2]" (container with 2222 index 2 in this pod). This syntax is chosen only to have some well-defined way of 2223 referencing a part of an object. 2224 TODO: this design is not final and this field is subject to change in the future. 2225 type: string 2226 kind: 2227 description: |- 2228 Kind of the referent. 2229 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2230 type: string 2231 name: 2232 description: |- 2233 Name of the referent. 2234 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2235 type: string 2236 namespace: 2237 description: |- 2238 Namespace of the referent. 2239 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 2240 type: string 2241 resourceVersion: 2242 description: |- 2243 Specific resourceVersion to which this reference is made, if any. 2244 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 2245 type: string 2246 uid: 2247 description: |- 2248 UID of the referent. 2249 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 2250 type: string 2251 type: object 2252 x-kubernetes-map-type: atomic 2253 metadata: 2254 description: |- 2255 Standard object's metadata. 2256 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 2257 properties: 2258 annotations: 2259 additionalProperties: 2260 type: string 2261 description: |- 2262 Annotations is an unstructured key value map stored with a resource that may be 2263 set by external tools to store and retrieve arbitrary metadata. They are not 2264 queryable and should be preserved when modifying objects. 2265 More info: http://kubernetes.io/docs/user-guide/annotations 2266 type: object 2267 labels: 2268 additionalProperties: 2269 type: string 2270 description: |- 2271 Map of string keys and values that can be used to organize and categorize 2272 (scope and select) objects. May match selectors of replication controllers 2273 and services. 2274 More info: http://kubernetes.io/docs/user-guide/labels 2275 type: object 2276 type: object 2277 nodeDrainTimeout: 2278 description: |- 2279 NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node 2280 The default value is 0, meaning that the node can be drained without any time limitations. 2281 NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` 2282 type: string 2283 required: 2284 - infrastructureRef 2285 type: object 2286 replicas: 2287 description: |- 2288 Number of desired machines. Defaults to 1. When stacked etcd is used only 2289 odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 2290 This is a pointer to distinguish between explicit zero and not specified. 2291 format: int32 2292 type: integer 2293 rolloutAfter: 2294 description: |- 2295 RolloutAfter is a field to indicate a rollout should be performed 2296 after the specified time even if no changes have been made to the 2297 KubeadmControlPlane. 2298 format: date-time 2299 type: string 2300 rolloutStrategy: 2301 default: 2302 rollingUpdate: 2303 maxSurge: 1 2304 type: RollingUpdate 2305 description: |- 2306 The RolloutStrategy to use to replace control plane machines with 2307 new ones. 2308 properties: 2309 rollingUpdate: 2310 description: |- 2311 Rolling update config params. Present only if 2312 RolloutStrategyType = RollingUpdate. 2313 properties: 2314 maxSurge: 2315 anyOf: 2316 - type: integer 2317 - type: string 2318 description: |- 2319 The maximum number of control planes that can be scheduled above or under the 2320 desired number of control planes. 2321 Value can be an absolute number 1 or 0. 2322 Defaults to 1. 2323 Example: when this is set to 1, the control plane can be scaled 2324 up immediately when the rolling update starts. 2325 x-kubernetes-int-or-string: true 2326 type: object 2327 type: 2328 description: |- 2329 Type of rollout. Currently the only supported strategy is 2330 "RollingUpdate". 2331 Default is RollingUpdate. 2332 type: string 2333 type: object 2334 version: 2335 description: Version defines the desired Kubernetes version. 2336 type: string 2337 required: 2338 - kubeadmConfigSpec 2339 - machineTemplate 2340 - version 2341 type: object 2342 status: 2343 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 2344 properties: 2345 conditions: 2346 description: Conditions defines current service state of the KubeadmControlPlane. 2347 items: 2348 description: Condition defines an observation of a Cluster API resource 2349 operational state. 2350 properties: 2351 lastTransitionTime: 2352 description: |- 2353 Last time the condition transitioned from one status to another. 2354 This should be when the underlying condition changed. If that is not known, then using the time when 2355 the API field changed is acceptable. 2356 format: date-time 2357 type: string 2358 message: 2359 description: |- 2360 A human readable message indicating details about the transition. 2361 This field may be empty. 2362 type: string 2363 reason: 2364 description: |- 2365 The reason for the condition's last transition in CamelCase. 2366 The specific API may choose whether or not this field is considered a guaranteed API. 2367 This field may not be empty. 2368 type: string 2369 severity: 2370 description: |- 2371 Severity provides an explicit classification of Reason code, so the users or machines can immediately 2372 understand the current situation and act accordingly. 2373 The Severity field MUST be set only when Status=False. 2374 type: string 2375 status: 2376 description: Status of the condition, one of True, False, Unknown. 2377 type: string 2378 type: 2379 description: |- 2380 Type of condition in CamelCase or in foo.example.com/CamelCase. 2381 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 2382 can be useful (see .node.status.conditions), the ability to deconflict is important. 2383 type: string 2384 required: 2385 - status 2386 - type 2387 type: object 2388 type: array 2389 failureMessage: 2390 description: |- 2391 ErrorMessage indicates that there is a terminal problem reconciling the 2392 state, and will be set to a descriptive error message. 2393 type: string 2394 failureReason: 2395 description: |- 2396 FailureReason indicates that there is a terminal problem reconciling the 2397 state, and will be set to a token value suitable for 2398 programmatic interpretation. 2399 type: string 2400 initialized: 2401 description: |- 2402 Initialized denotes whether or not the control plane has the 2403 uploaded kubeadm-config configmap. 2404 type: boolean 2405 observedGeneration: 2406 description: ObservedGeneration is the latest generation observed 2407 by the controller. 2408 format: int64 2409 type: integer 2410 ready: 2411 description: |- 2412 Ready denotes that the KubeadmControlPlane API Server is ready to 2413 receive requests. 2414 type: boolean 2415 readyReplicas: 2416 description: Total number of fully running and ready control plane 2417 machines. 2418 format: int32 2419 type: integer 2420 replicas: 2421 description: |- 2422 Total number of non-terminated machines targeted by this control plane 2423 (their labels match the selector). 2424 format: int32 2425 type: integer 2426 selector: 2427 description: |- 2428 Selector is the label selector in string format to avoid introspection 2429 by clients, and is used to provide the CRD-based integration for the 2430 scale subresource and additional integrations for things like kubectl 2431 describe.. The string will be in the same format as the query-param syntax. 2432 More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors 2433 type: string 2434 unavailableReplicas: 2435 description: |- 2436 Total number of unavailable machines targeted by this control plane. 2437 This is the total number of machines that are still required for 2438 the deployment to have 100% available capacity. They may either 2439 be machines that are running but not yet ready or machines 2440 that still have not been created. 2441 format: int32 2442 type: integer 2443 updatedReplicas: 2444 description: |- 2445 Total number of non-terminated machines targeted by this control plane 2446 that have the desired template spec. 2447 format: int32 2448 type: integer 2449 version: 2450 description: |- 2451 Version represents the minimum Kubernetes version for the control plane machines 2452 in the cluster. 2453 type: string 2454 type: object 2455 type: object 2456 served: false 2457 storage: false 2458 subresources: 2459 scale: 2460 labelSelectorPath: .status.selector 2461 specReplicasPath: .spec.replicas 2462 statusReplicasPath: .status.replicas 2463 status: {} 2464 - additionalPrinterColumns: 2465 - description: Cluster 2466 jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] 2467 name: Cluster 2468 type: string 2469 - description: This denotes whether or not the control plane has the uploaded 2470 kubeadm-config configmap 2471 jsonPath: .status.initialized 2472 name: Initialized 2473 type: boolean 2474 - description: KubeadmControlPlane API Server is ready to receive requests 2475 jsonPath: .status.ready 2476 name: API Server Available 2477 type: boolean 2478 - description: Total number of machines desired by this control plane 2479 jsonPath: .spec.replicas 2480 name: Desired 2481 priority: 10 2482 type: integer 2483 - description: Total number of non-terminated machines targeted by this control 2484 plane 2485 jsonPath: .status.replicas 2486 name: Replicas 2487 type: integer 2488 - description: Total number of fully running and ready control plane machines 2489 jsonPath: .status.readyReplicas 2490 name: Ready 2491 type: integer 2492 - description: Total number of non-terminated machines targeted by this control 2493 plane that have the desired template spec 2494 jsonPath: .status.updatedReplicas 2495 name: Updated 2496 type: integer 2497 - description: Total number of unavailable machines targeted by this control plane 2498 jsonPath: .status.unavailableReplicas 2499 name: Unavailable 2500 type: integer 2501 - description: Time duration since creation of KubeadmControlPlane 2502 jsonPath: .metadata.creationTimestamp 2503 name: Age 2504 type: date 2505 - description: Kubernetes version associated with this control plane 2506 jsonPath: .spec.version 2507 name: Version 2508 type: string 2509 name: v1beta1 2510 schema: 2511 openAPIV3Schema: 2512 description: KubeadmControlPlane is the Schema for the KubeadmControlPlane 2513 API. 2514 properties: 2515 apiVersion: 2516 description: |- 2517 APIVersion defines the versioned schema of this representation of an object. 2518 Servers should convert recognized schemas to the latest internal value, and 2519 may reject unrecognized values. 2520 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 2521 type: string 2522 kind: 2523 description: |- 2524 Kind is a string value representing the REST resource this object represents. 2525 Servers may infer this from the endpoint the client submits requests to. 2526 Cannot be updated. 2527 In CamelCase. 2528 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2529 type: string 2530 metadata: 2531 type: object 2532 spec: 2533 description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. 2534 properties: 2535 kubeadmConfigSpec: 2536 description: |- 2537 KubeadmConfigSpec is a KubeadmConfigSpec 2538 to use for initializing and joining machines to the control plane. 2539 properties: 2540 clusterConfiguration: 2541 description: ClusterConfiguration along with InitConfiguration 2542 are the configurations necessary for the init command 2543 properties: 2544 apiServer: 2545 description: APIServer contains extra settings for the API 2546 server control plane component 2547 properties: 2548 certSANs: 2549 description: CertSANs sets extra Subject Alternative Names 2550 for the API Server signing cert. 2551 items: 2552 type: string 2553 type: array 2554 extraArgs: 2555 additionalProperties: 2556 type: string 2557 description: |- 2558 ExtraArgs is an extra set of flags to pass to the control plane component. 2559 TODO: This is temporary and ideally we would like to switch all components to 2560 use ComponentConfig + ConfigMaps. 2561 type: object 2562 extraVolumes: 2563 description: ExtraVolumes is an extra set of host volumes, 2564 mounted to the control plane component. 2565 items: 2566 description: |- 2567 HostPathMount contains elements describing volumes that are mounted from the 2568 host. 2569 properties: 2570 hostPath: 2571 description: |- 2572 HostPath is the path in the host that will be mounted inside 2573 the pod. 2574 type: string 2575 mountPath: 2576 description: MountPath is the path inside the pod 2577 where hostPath will be mounted. 2578 type: string 2579 name: 2580 description: Name of the volume inside the pod template. 2581 type: string 2582 pathType: 2583 description: PathType is the type of the HostPath. 2584 type: string 2585 readOnly: 2586 description: ReadOnly controls write access to the 2587 volume 2588 type: boolean 2589 required: 2590 - hostPath 2591 - mountPath 2592 - name 2593 type: object 2594 type: array 2595 timeoutForControlPlane: 2596 description: TimeoutForControlPlane controls the timeout 2597 that we use for API server to appear 2598 type: string 2599 type: object 2600 apiVersion: 2601 description: |- 2602 APIVersion defines the versioned schema of this representation of an object. 2603 Servers should convert recognized schemas to the latest internal value, and 2604 may reject unrecognized values. 2605 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 2606 type: string 2607 certificatesDir: 2608 description: |- 2609 CertificatesDir specifies where to store or look for all required certificates. 2610 NB: if not provided, this will default to `/etc/kubernetes/pki` 2611 type: string 2612 clusterName: 2613 description: The cluster name 2614 type: string 2615 controlPlaneEndpoint: 2616 description: |- 2617 ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it 2618 can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. 2619 In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort 2620 are used; in case the ControlPlaneEndpoint is specified but without a TCP port, 2621 the BindPort is used. 2622 Possible usages are: 2623 e.g. In a cluster with more than one control plane instances, this field should be 2624 assigned the address of the external load balancer in front of the 2625 control plane instances. 2626 e.g. in environments with enforced node recycling, the ControlPlaneEndpoint 2627 could be used for assigning a stable DNS to the control plane. 2628 NB: This value defaults to the first value in the Cluster object status.apiEndpoints array. 2629 type: string 2630 controllerManager: 2631 description: ControllerManager contains extra settings for 2632 the controller manager control plane component 2633 properties: 2634 extraArgs: 2635 additionalProperties: 2636 type: string 2637 description: |- 2638 ExtraArgs is an extra set of flags to pass to the control plane component. 2639 TODO: This is temporary and ideally we would like to switch all components to 2640 use ComponentConfig + ConfigMaps. 2641 type: object 2642 extraVolumes: 2643 description: ExtraVolumes is an extra set of host volumes, 2644 mounted to the control plane component. 2645 items: 2646 description: |- 2647 HostPathMount contains elements describing volumes that are mounted from the 2648 host. 2649 properties: 2650 hostPath: 2651 description: |- 2652 HostPath is the path in the host that will be mounted inside 2653 the pod. 2654 type: string 2655 mountPath: 2656 description: MountPath is the path inside the pod 2657 where hostPath will be mounted. 2658 type: string 2659 name: 2660 description: Name of the volume inside the pod template. 2661 type: string 2662 pathType: 2663 description: PathType is the type of the HostPath. 2664 type: string 2665 readOnly: 2666 description: ReadOnly controls write access to the 2667 volume 2668 type: boolean 2669 required: 2670 - hostPath 2671 - mountPath 2672 - name 2673 type: object 2674 type: array 2675 type: object 2676 dns: 2677 description: DNS defines the options for the DNS add-on installed 2678 in the cluster. 2679 properties: 2680 imageRepository: 2681 description: |- 2682 ImageRepository sets the container registry to pull images from. 2683 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 2684 type: string 2685 imageTag: 2686 description: |- 2687 ImageTag allows to specify a tag for the image. 2688 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 2689 type: string 2690 type: object 2691 etcd: 2692 description: |- 2693 Etcd holds configuration for etcd. 2694 NB: This value defaults to a Local (stacked) etcd 2695 properties: 2696 external: 2697 description: |- 2698 External describes how to connect to an external etcd cluster 2699 Local and External are mutually exclusive 2700 properties: 2701 caFile: 2702 description: |- 2703 CAFile is an SSL Certificate Authority file used to secure etcd communication. 2704 Required if using a TLS connection. 2705 type: string 2706 certFile: 2707 description: |- 2708 CertFile is an SSL certification file used to secure etcd communication. 2709 Required if using a TLS connection. 2710 type: string 2711 endpoints: 2712 description: Endpoints of etcd members. Required for 2713 ExternalEtcd. 2714 items: 2715 type: string 2716 type: array 2717 keyFile: 2718 description: |- 2719 KeyFile is an SSL key file used to secure etcd communication. 2720 Required if using a TLS connection. 2721 type: string 2722 required: 2723 - caFile 2724 - certFile 2725 - endpoints 2726 - keyFile 2727 type: object 2728 local: 2729 description: |- 2730 Local provides configuration knobs for configuring the local etcd instance 2731 Local and External are mutually exclusive 2732 properties: 2733 dataDir: 2734 description: |- 2735 DataDir is the directory etcd will place its data. 2736 Defaults to "/var/lib/etcd". 2737 type: string 2738 extraArgs: 2739 additionalProperties: 2740 type: string 2741 description: |- 2742 ExtraArgs are extra arguments provided to the etcd binary 2743 when run inside a static pod. 2744 type: object 2745 imageRepository: 2746 description: |- 2747 ImageRepository sets the container registry to pull images from. 2748 if not set, the ImageRepository defined in ClusterConfiguration will be used instead. 2749 type: string 2750 imageTag: 2751 description: |- 2752 ImageTag allows to specify a tag for the image. 2753 In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. 2754 type: string 2755 peerCertSANs: 2756 description: PeerCertSANs sets extra Subject Alternative 2757 Names for the etcd peer signing cert. 2758 items: 2759 type: string 2760 type: array 2761 serverCertSANs: 2762 description: ServerCertSANs sets extra Subject Alternative 2763 Names for the etcd server signing cert. 2764 items: 2765 type: string 2766 type: array 2767 type: object 2768 type: object 2769 featureGates: 2770 additionalProperties: 2771 type: boolean 2772 description: FeatureGates enabled by the user. 2773 type: object 2774 imageRepository: 2775 description: |- 2776 ImageRepository sets the container registry to pull images from. 2777 * If not set, the default registry of kubeadm will be used, i.e. 2778 * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 2779 * k8s.gcr.io (old registry): all older versions 2780 Please note that when imageRepository is not set we don't allow upgrades to 2781 versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use 2782 a newer patch version with the new registry instead (i.e. >= v1.22.17, 2783 >= v1.23.15, >= v1.24.9, >= v1.25.0). 2784 * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) 2785 `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components 2786 and for kube-proxy, while `registry.k8s.io` will be used for all the other images. 2787 type: string 2788 kind: 2789 description: |- 2790 Kind is a string value representing the REST resource this object represents. 2791 Servers may infer this from the endpoint the client submits requests to. 2792 Cannot be updated. 2793 In CamelCase. 2794 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2795 type: string 2796 kubernetesVersion: 2797 description: |- 2798 KubernetesVersion is the target version of the control plane. 2799 NB: This value defaults to the Machine object spec.version 2800 type: string 2801 networking: 2802 description: |- 2803 Networking holds configuration for the networking topology of the cluster. 2804 NB: This value defaults to the Cluster object spec.clusterNetwork. 2805 properties: 2806 dnsDomain: 2807 description: DNSDomain is the dns domain used by k8s services. 2808 Defaults to "cluster.local". 2809 type: string 2810 podSubnet: 2811 description: |- 2812 PodSubnet is the subnet used by pods. 2813 If unset, the API server will not allocate CIDR ranges for every node. 2814 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set 2815 type: string 2816 serviceSubnet: 2817 description: |- 2818 ServiceSubnet is the subnet used by k8s services. 2819 Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or 2820 to "10.96.0.0/12" if that's unset. 2821 type: string 2822 type: object 2823 scheduler: 2824 description: Scheduler contains extra settings for the scheduler 2825 control plane component 2826 properties: 2827 extraArgs: 2828 additionalProperties: 2829 type: string 2830 description: |- 2831 ExtraArgs is an extra set of flags to pass to the control plane component. 2832 TODO: This is temporary and ideally we would like to switch all components to 2833 use ComponentConfig + ConfigMaps. 2834 type: object 2835 extraVolumes: 2836 description: ExtraVolumes is an extra set of host volumes, 2837 mounted to the control plane component. 2838 items: 2839 description: |- 2840 HostPathMount contains elements describing volumes that are mounted from the 2841 host. 2842 properties: 2843 hostPath: 2844 description: |- 2845 HostPath is the path in the host that will be mounted inside 2846 the pod. 2847 type: string 2848 mountPath: 2849 description: MountPath is the path inside the pod 2850 where hostPath will be mounted. 2851 type: string 2852 name: 2853 description: Name of the volume inside the pod template. 2854 type: string 2855 pathType: 2856 description: PathType is the type of the HostPath. 2857 type: string 2858 readOnly: 2859 description: ReadOnly controls write access to the 2860 volume 2861 type: boolean 2862 required: 2863 - hostPath 2864 - mountPath 2865 - name 2866 type: object 2867 type: array 2868 type: object 2869 type: object 2870 diskSetup: 2871 description: DiskSetup specifies options for the creation of partition 2872 tables and file systems on devices. 2873 properties: 2874 filesystems: 2875 description: Filesystems specifies the list of file systems 2876 to setup. 2877 items: 2878 description: Filesystem defines the file systems to be created. 2879 properties: 2880 device: 2881 description: Device specifies the device name 2882 type: string 2883 extraOpts: 2884 description: ExtraOpts defined extra options to add 2885 to the command for creating the file system. 2886 items: 2887 type: string 2888 type: array 2889 filesystem: 2890 description: Filesystem specifies the file system type. 2891 type: string 2892 label: 2893 description: Label specifies the file system label to 2894 be used. If set to None, no label is used. 2895 type: string 2896 overwrite: 2897 description: |- 2898 Overwrite defines whether or not to overwrite any existing filesystem. 2899 If true, any pre-existing file system will be destroyed. Use with Caution. 2900 type: boolean 2901 partition: 2902 description: 'Partition specifies the partition to use. 2903 The valid options are: "auto|any", "auto", "any", 2904 "none", and <NUM>, where NUM is the actual partition 2905 number.' 2906 type: string 2907 replaceFS: 2908 description: |- 2909 ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of <FS_TYPE>. 2910 NOTE: unless you define a label, this requires the use of the 'any' partition directive. 2911 type: string 2912 required: 2913 - device 2914 - filesystem 2915 - label 2916 type: object 2917 type: array 2918 partitions: 2919 description: Partitions specifies the list of the partitions 2920 to setup. 2921 items: 2922 description: Partition defines how to create and layout 2923 a partition. 2924 properties: 2925 device: 2926 description: Device is the name of the device. 2927 type: string 2928 layout: 2929 description: |- 2930 Layout specifies the device layout. 2931 If it is true, a single partition will be created for the entire device. 2932 When layout is false, it means don't partition or ignore existing partitioning. 2933 type: boolean 2934 overwrite: 2935 description: |- 2936 Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. 2937 Use with caution. Default is 'false'. 2938 type: boolean 2939 tableType: 2940 description: |- 2941 TableType specifies the tupe of partition table. The following are supported: 2942 'mbr': default and setups a MS-DOS partition table 2943 'gpt': setups a GPT partition table 2944 type: string 2945 required: 2946 - device 2947 - layout 2948 type: object 2949 type: array 2950 type: object 2951 files: 2952 description: Files specifies extra files to be passed to user_data 2953 upon creation. 2954 items: 2955 description: File defines the input for generating write_files 2956 in cloud-init. 2957 properties: 2958 append: 2959 description: Append specifies whether to append Content 2960 to existing file if Path exists. 2961 type: boolean 2962 content: 2963 description: Content is the actual content of the file. 2964 type: string 2965 contentFrom: 2966 description: ContentFrom is a referenced source of content 2967 to populate the file. 2968 properties: 2969 secret: 2970 description: Secret represents a secret that should 2971 populate this file. 2972 properties: 2973 key: 2974 description: Key is the key in the secret's data 2975 map for this value. 2976 type: string 2977 name: 2978 description: Name of the secret in the KubeadmBootstrapConfig's 2979 namespace to use. 2980 type: string 2981 required: 2982 - key 2983 - name 2984 type: object 2985 required: 2986 - secret 2987 type: object 2988 encoding: 2989 description: Encoding specifies the encoding of the file 2990 contents. 2991 enum: 2992 - base64 2993 - gzip 2994 - gzip+base64 2995 type: string 2996 owner: 2997 description: Owner specifies the ownership of the file, 2998 e.g. "root:root". 2999 type: string 3000 path: 3001 description: Path specifies the full path on disk where 3002 to store the file. 3003 type: string 3004 permissions: 3005 description: Permissions specifies the permissions to assign 3006 to the file, e.g. "0640". 3007 type: string 3008 required: 3009 - path 3010 type: object 3011 type: array 3012 format: 3013 description: Format specifies the output format of the bootstrap 3014 data 3015 enum: 3016 - cloud-config 3017 - ignition 3018 type: string 3019 ignition: 3020 description: Ignition contains Ignition specific configuration. 3021 properties: 3022 containerLinuxConfig: 3023 description: ContainerLinuxConfig contains CLC specific configuration. 3024 properties: 3025 additionalConfig: 3026 description: |- 3027 AdditionalConfig contains additional configuration to be merged with the Ignition 3028 configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging 3029 3030 3031 The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/ 3032 type: string 3033 strict: 3034 description: Strict controls if AdditionalConfig should 3035 be strictly parsed. If so, warnings are treated as errors. 3036 type: boolean 3037 type: object 3038 type: object 3039 initConfiguration: 3040 description: InitConfiguration along with ClusterConfiguration 3041 are the configurations necessary for the init command 3042 properties: 3043 apiVersion: 3044 description: |- 3045 APIVersion defines the versioned schema of this representation of an object. 3046 Servers should convert recognized schemas to the latest internal value, and 3047 may reject unrecognized values. 3048 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 3049 type: string 3050 bootstrapTokens: 3051 description: |- 3052 BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. 3053 This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature 3054 items: 3055 description: BootstrapToken describes one bootstrap token, 3056 stored as a Secret in the cluster. 3057 properties: 3058 description: 3059 description: |- 3060 Description sets a human-friendly message why this token exists and what it's used 3061 for, so other administrators can know its purpose. 3062 type: string 3063 expires: 3064 description: |- 3065 Expires specifies the timestamp when this token expires. Defaults to being set 3066 dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. 3067 format: date-time 3068 type: string 3069 groups: 3070 description: |- 3071 Groups specifies the extra groups that this token will authenticate as when/if 3072 used for authentication 3073 items: 3074 type: string 3075 type: array 3076 token: 3077 description: |- 3078 Token is used for establishing bidirectional trust between nodes and control-planes. 3079 Used for joining nodes in the cluster. 3080 type: string 3081 ttl: 3082 description: |- 3083 TTL defines the time to live for this token. Defaults to 24h. 3084 Expires and TTL are mutually exclusive. 3085 type: string 3086 usages: 3087 description: |- 3088 Usages describes the ways in which this token can be used. Can by default be used 3089 for establishing bidirectional trust, but that can be changed here. 3090 items: 3091 type: string 3092 type: array 3093 required: 3094 - token 3095 type: object 3096 type: array 3097 kind: 3098 description: |- 3099 Kind is a string value representing the REST resource this object represents. 3100 Servers may infer this from the endpoint the client submits requests to. 3101 Cannot be updated. 3102 In CamelCase. 3103 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3104 type: string 3105 localAPIEndpoint: 3106 description: |- 3107 LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node 3108 In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint 3109 is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This 3110 configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible 3111 on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process 3112 fails you may set the desired value here. 3113 properties: 3114 advertiseAddress: 3115 description: AdvertiseAddress sets the IP address for 3116 the API server to advertise. 3117 type: string 3118 bindPort: 3119 description: |- 3120 BindPort sets the secure port for the API Server to bind to. 3121 Defaults to 6443. 3122 format: int32 3123 type: integer 3124 type: object 3125 nodeRegistration: 3126 description: |- 3127 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 3128 When used in the context of control plane nodes, NodeRegistration should remain consistent 3129 across both InitConfiguration and JoinConfiguration 3130 properties: 3131 criSocket: 3132 description: CRISocket is used to retrieve container runtime 3133 info. This information will be annotated to the Node 3134 API object, for later re-use 3135 type: string 3136 ignorePreflightErrors: 3137 description: IgnorePreflightErrors provides a slice of 3138 pre-flight errors to be ignored when the current node 3139 is registered. 3140 items: 3141 type: string 3142 type: array 3143 imagePullPolicy: 3144 description: |- 3145 ImagePullPolicy specifies the policy for image pulling 3146 during kubeadm "init" and "join" operations. The value of 3147 this field must be one of "Always", "IfNotPresent" or 3148 "Never". Defaults to "IfNotPresent". This can be used only 3149 with Kubernetes version equal to 1.22 and later. 3150 enum: 3151 - Always 3152 - IfNotPresent 3153 - Never 3154 type: string 3155 kubeletExtraArgs: 3156 additionalProperties: 3157 type: string 3158 description: |- 3159 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 3160 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 3161 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 3162 type: object 3163 name: 3164 description: |- 3165 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 3166 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 3167 Defaults to the hostname of the node if not provided. 3168 type: string 3169 taints: 3170 description: |- 3171 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 3172 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 3173 empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. 3174 items: 3175 description: |- 3176 The node this Taint is attached to has the "effect" on 3177 any pod that does not tolerate the Taint. 3178 properties: 3179 effect: 3180 description: |- 3181 Required. The effect of the taint on pods 3182 that do not tolerate the taint. 3183 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 3184 type: string 3185 key: 3186 description: Required. The taint key to be applied 3187 to a node. 3188 type: string 3189 timeAdded: 3190 description: |- 3191 TimeAdded represents the time at which the taint was added. 3192 It is only written for NoExecute taints. 3193 format: date-time 3194 type: string 3195 value: 3196 description: The taint value corresponding to the 3197 taint key. 3198 type: string 3199 required: 3200 - effect 3201 - key 3202 type: object 3203 type: array 3204 type: object 3205 patches: 3206 description: |- 3207 Patches contains options related to applying patches to components deployed by kubeadm during 3208 "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 3209 properties: 3210 directory: 3211 description: |- 3212 Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". 3213 For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of 3214 "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one 3215 of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. 3216 The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". 3217 "suffix" is an optional string that can be used to determine which patches are applied 3218 first alpha-numerically. 3219 These files can be written into the target directory via KubeadmConfig.Files which 3220 specifies additional files to be created on the machine, either with content inline or 3221 by referencing a secret. 3222 type: string 3223 type: object 3224 skipPhases: 3225 description: |- 3226 SkipPhases is a list of phases to skip during command execution. 3227 The list of phases can be obtained with the "kubeadm init --help" command. 3228 This option takes effect only on Kubernetes >=1.22.0. 3229 items: 3230 type: string 3231 type: array 3232 type: object 3233 joinConfiguration: 3234 description: JoinConfiguration is the kubeadm configuration for 3235 the join command 3236 properties: 3237 apiVersion: 3238 description: |- 3239 APIVersion defines the versioned schema of this representation of an object. 3240 Servers should convert recognized schemas to the latest internal value, and 3241 may reject unrecognized values. 3242 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 3243 type: string 3244 caCertPath: 3245 description: |- 3246 CACertPath is the path to the SSL certificate authority used to 3247 secure comunications between node and control-plane. 3248 Defaults to "/etc/kubernetes/pki/ca.crt". 3249 TODO: revisit when there is defaulting from k/k 3250 type: string 3251 controlPlane: 3252 description: |- 3253 ControlPlane defines the additional control plane instance to be deployed on the joining node. 3254 If nil, no additional control plane instance will be deployed. 3255 properties: 3256 localAPIEndpoint: 3257 description: LocalAPIEndpoint represents the endpoint 3258 of the API server instance to be deployed on this node. 3259 properties: 3260 advertiseAddress: 3261 description: AdvertiseAddress sets the IP address 3262 for the API server to advertise. 3263 type: string 3264 bindPort: 3265 description: |- 3266 BindPort sets the secure port for the API Server to bind to. 3267 Defaults to 6443. 3268 format: int32 3269 type: integer 3270 type: object 3271 type: object 3272 discovery: 3273 description: |- 3274 Discovery specifies the options for the kubelet to use during the TLS Bootstrap process 3275 TODO: revisit when there is defaulting from k/k 3276 properties: 3277 bootstrapToken: 3278 description: |- 3279 BootstrapToken is used to set the options for bootstrap token based discovery 3280 BootstrapToken and File are mutually exclusive 3281 properties: 3282 apiServerEndpoint: 3283 description: APIServerEndpoint is an IP or domain 3284 name to the API server from which info will be fetched. 3285 type: string 3286 caCertHashes: 3287 description: |- 3288 CACertHashes specifies a set of public key pins to verify 3289 when token-based discovery is used. The root CA found during discovery 3290 must match one of these values. Specifying an empty set disables root CA 3291 pinning, which can be unsafe. Each hash is specified as "<type>:<value>", 3292 where the only currently supported type is "sha256". This is a hex-encoded 3293 SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded 3294 ASN.1. These hashes can be calculated using, for example, OpenSSL: 3295 openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex 3296 items: 3297 type: string 3298 type: array 3299 token: 3300 description: |- 3301 Token is a token used to validate cluster information 3302 fetched from the control-plane. 3303 type: string 3304 unsafeSkipCAVerification: 3305 description: |- 3306 UnsafeSkipCAVerification allows token-based discovery 3307 without CA verification via CACertHashes. This can weaken 3308 the security of kubeadm since other nodes can impersonate the control-plane. 3309 type: boolean 3310 required: 3311 - token 3312 type: object 3313 file: 3314 description: |- 3315 File is used to specify a file or URL to a kubeconfig file from which to load cluster information 3316 BootstrapToken and File are mutually exclusive 3317 properties: 3318 kubeConfigPath: 3319 description: KubeConfigPath is used to specify the 3320 actual file path or URL to the kubeconfig file from 3321 which to load cluster information 3322 type: string 3323 required: 3324 - kubeConfigPath 3325 type: object 3326 timeout: 3327 description: Timeout modifies the discovery timeout 3328 type: string 3329 tlsBootstrapToken: 3330 description: |- 3331 TLSBootstrapToken is a token used for TLS bootstrapping. 3332 If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. 3333 If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information 3334 type: string 3335 type: object 3336 kind: 3337 description: |- 3338 Kind is a string value representing the REST resource this object represents. 3339 Servers may infer this from the endpoint the client submits requests to. 3340 Cannot be updated. 3341 In CamelCase. 3342 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3343 type: string 3344 nodeRegistration: 3345 description: |- 3346 NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. 3347 When used in the context of control plane nodes, NodeRegistration should remain consistent 3348 across both InitConfiguration and JoinConfiguration 3349 properties: 3350 criSocket: 3351 description: CRISocket is used to retrieve container runtime 3352 info. This information will be annotated to the Node 3353 API object, for later re-use 3354 type: string 3355 ignorePreflightErrors: 3356 description: IgnorePreflightErrors provides a slice of 3357 pre-flight errors to be ignored when the current node 3358 is registered. 3359 items: 3360 type: string 3361 type: array 3362 imagePullPolicy: 3363 description: |- 3364 ImagePullPolicy specifies the policy for image pulling 3365 during kubeadm "init" and "join" operations. The value of 3366 this field must be one of "Always", "IfNotPresent" or 3367 "Never". Defaults to "IfNotPresent". This can be used only 3368 with Kubernetes version equal to 1.22 and later. 3369 enum: 3370 - Always 3371 - IfNotPresent 3372 - Never 3373 type: string 3374 kubeletExtraArgs: 3375 additionalProperties: 3376 type: string 3377 description: |- 3378 KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file 3379 kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap 3380 Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. 3381 type: object 3382 name: 3383 description: |- 3384 Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. 3385 This field is also used in the CommonName field of the kubelet's client certificate to the API server. 3386 Defaults to the hostname of the node if not provided. 3387 type: string 3388 taints: 3389 description: |- 3390 Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process 3391 it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an 3392 empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration. 3393 items: 3394 description: |- 3395 The node this Taint is attached to has the "effect" on 3396 any pod that does not tolerate the Taint. 3397 properties: 3398 effect: 3399 description: |- 3400 Required. The effect of the taint on pods 3401 that do not tolerate the taint. 3402 Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 3403 type: string 3404 key: 3405 description: Required. The taint key to be applied 3406 to a node. 3407 type: string 3408 timeAdded: 3409 description: |- 3410 TimeAdded represents the time at which the taint was added. 3411 It is only written for NoExecute taints. 3412 format: date-time 3413 type: string 3414 value: 3415 description: The taint value corresponding to the 3416 taint key. 3417 type: string 3418 required: 3419 - effect 3420 - key 3421 type: object 3422 type: array 3423 type: object 3424 patches: 3425 description: |- 3426 Patches contains options related to applying patches to components deployed by kubeadm during 3427 "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 3428 properties: 3429 directory: 3430 description: |- 3431 Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". 3432 For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of 3433 "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one 3434 of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. 3435 The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". 3436 "suffix" is an optional string that can be used to determine which patches are applied 3437 first alpha-numerically. 3438 These files can be written into the target directory via KubeadmConfig.Files which 3439 specifies additional files to be created on the machine, either with content inline or 3440 by referencing a secret. 3441 type: string 3442 type: object 3443 skipPhases: 3444 description: |- 3445 SkipPhases is a list of phases to skip during command execution. 3446 The list of phases can be obtained with the "kubeadm init --help" command. 3447 This option takes effect only on Kubernetes >=1.22.0. 3448 items: 3449 type: string 3450 type: array 3451 type: object 3452 mounts: 3453 description: Mounts specifies a list of mount points to be setup. 3454 items: 3455 description: MountPoints defines input for generated mounts 3456 in cloud-init. 3457 items: 3458 type: string 3459 type: array 3460 type: array 3461 ntp: 3462 description: NTP specifies NTP configuration 3463 properties: 3464 enabled: 3465 description: Enabled specifies whether NTP should be enabled 3466 type: boolean 3467 servers: 3468 description: Servers specifies which NTP servers to use 3469 items: 3470 type: string 3471 type: array 3472 type: object 3473 postKubeadmCommands: 3474 description: PostKubeadmCommands specifies extra commands to run 3475 after kubeadm runs 3476 items: 3477 type: string 3478 type: array 3479 preKubeadmCommands: 3480 description: PreKubeadmCommands specifies extra commands to run 3481 before kubeadm runs 3482 items: 3483 type: string 3484 type: array 3485 useExperimentalRetryJoin: 3486 description: |- 3487 UseExperimentalRetryJoin replaces a basic kubeadm command with a shell 3488 script with retries for joins. 3489 3490 3491 This is meant to be an experimental temporary workaround on some environments 3492 where joins fail due to timing (and other issues). The long term goal is to add retries to 3493 kubeadm proper and use that functionality. 3494 3495 3496 This will add about 40KB to userdata 3497 3498 3499 For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. 3500 3501 3502 Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. 3503 When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml 3504 type: boolean 3505 users: 3506 description: Users specifies extra users to add 3507 items: 3508 description: User defines the input for a generated user in 3509 cloud-init. 3510 properties: 3511 gecos: 3512 description: Gecos specifies the gecos to use for the user 3513 type: string 3514 groups: 3515 description: Groups specifies the additional groups for 3516 the user 3517 type: string 3518 homeDir: 3519 description: HomeDir specifies the home directory to use 3520 for the user 3521 type: string 3522 inactive: 3523 description: Inactive specifies whether to mark the user 3524 as inactive 3525 type: boolean 3526 lockPassword: 3527 description: LockPassword specifies if password login should 3528 be disabled 3529 type: boolean 3530 name: 3531 description: Name specifies the user name 3532 type: string 3533 passwd: 3534 description: Passwd specifies a hashed password for the 3535 user 3536 type: string 3537 passwdFrom: 3538 description: PasswdFrom is a referenced source of passwd 3539 to populate the passwd. 3540 properties: 3541 secret: 3542 description: Secret represents a secret that should 3543 populate this password. 3544 properties: 3545 key: 3546 description: Key is the key in the secret's data 3547 map for this value. 3548 type: string 3549 name: 3550 description: Name of the secret in the KubeadmBootstrapConfig's 3551 namespace to use. 3552 type: string 3553 required: 3554 - key 3555 - name 3556 type: object 3557 required: 3558 - secret 3559 type: object 3560 primaryGroup: 3561 description: PrimaryGroup specifies the primary group for 3562 the user 3563 type: string 3564 shell: 3565 description: Shell specifies the user's shell 3566 type: string 3567 sshAuthorizedKeys: 3568 description: SSHAuthorizedKeys specifies a list of ssh authorized 3569 keys for the user 3570 items: 3571 type: string 3572 type: array 3573 sudo: 3574 description: Sudo specifies a sudo role for the user 3575 type: string 3576 required: 3577 - name 3578 type: object 3579 type: array 3580 verbosity: 3581 description: |- 3582 Verbosity is the number for the kubeadm log level verbosity. 3583 It overrides the `--v` flag in kubeadm commands. 3584 format: int32 3585 type: integer 3586 type: object 3587 machineTemplate: 3588 description: |- 3589 MachineTemplate contains information about how machines 3590 should be shaped when creating or updating a control plane. 3591 properties: 3592 infrastructureRef: 3593 description: |- 3594 InfrastructureRef is a required reference to a custom resource 3595 offered by an infrastructure provider. 3596 properties: 3597 apiVersion: 3598 description: API version of the referent. 3599 type: string 3600 fieldPath: 3601 description: |- 3602 If referring to a piece of an object instead of an entire object, this string 3603 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 3604 For example, if the object reference is to a container within a pod, this would take on a value like: 3605 "spec.containers{name}" (where "name" refers to the name of the container that triggered 3606 the event) or if no container name is specified "spec.containers[2]" (container with 3607 index 2 in this pod). This syntax is chosen only to have some well-defined way of 3608 referencing a part of an object. 3609 TODO: this design is not final and this field is subject to change in the future. 3610 type: string 3611 kind: 3612 description: |- 3613 Kind of the referent. 3614 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3615 type: string 3616 name: 3617 description: |- 3618 Name of the referent. 3619 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3620 type: string 3621 namespace: 3622 description: |- 3623 Namespace of the referent. 3624 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 3625 type: string 3626 resourceVersion: 3627 description: |- 3628 Specific resourceVersion to which this reference is made, if any. 3629 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 3630 type: string 3631 uid: 3632 description: |- 3633 UID of the referent. 3634 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 3635 type: string 3636 type: object 3637 x-kubernetes-map-type: atomic 3638 metadata: 3639 description: |- 3640 Standard object's metadata. 3641 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3642 properties: 3643 annotations: 3644 additionalProperties: 3645 type: string 3646 description: |- 3647 Annotations is an unstructured key value map stored with a resource that may be 3648 set by external tools to store and retrieve arbitrary metadata. They are not 3649 queryable and should be preserved when modifying objects. 3650 More info: http://kubernetes.io/docs/user-guide/annotations 3651 type: object 3652 labels: 3653 additionalProperties: 3654 type: string 3655 description: |- 3656 Map of string keys and values that can be used to organize and categorize 3657 (scope and select) objects. May match selectors of replication controllers 3658 and services. 3659 More info: http://kubernetes.io/docs/user-guide/labels 3660 type: object 3661 type: object 3662 nodeDeletionTimeout: 3663 description: |- 3664 NodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine 3665 hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. 3666 If no value is provided, the default value for this property of the Machine resource will be used. 3667 type: string 3668 nodeDrainTimeout: 3669 description: |- 3670 NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node 3671 The default value is 0, meaning that the node can be drained without any time limitations. 3672 NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` 3673 type: string 3674 nodeVolumeDetachTimeout: 3675 description: |- 3676 NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes 3677 to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. 3678 type: string 3679 required: 3680 - infrastructureRef 3681 type: object 3682 remediationStrategy: 3683 description: The RemediationStrategy that controls how control plane 3684 machine remediation happens. 3685 properties: 3686 maxRetry: 3687 description: "MaxRetry is the Max number of retries while attempting 3688 to remediate an unhealthy machine.\nA retry happens when a machine 3689 that was created as a replacement for an unhealthy machine also 3690 fails.\nFor example, given a control plane with three machines 3691 M1, M2, M3:\n\n\n\tM1 become unhealthy; remediation happens, 3692 and M1-1 is created as a replacement.\n\tIf M1-1 (replacement 3693 of M1) has problems while bootstrapping it will become unhealthy, 3694 and then be\n\tremediated; such operation is considered a retry, 3695 remediation-retry #1.\n\tIf M1-2 (replacement of M1-1) becomes 3696 unhealthy, remediation-retry #2 will happen, etc.\n\n\nA retry 3697 could happen only after RetryPeriod from the previous retry.\nIf 3698 a machine is marked as unhealthy after MinHealthyPeriod from 3699 the previous remediation expired,\nthis is not considered a 3700 retry anymore because the new issue is assumed unrelated from 3701 the previous one.\n\n\nIf not set, the remedation will be retried 3702 infinitely." 3703 format: int32 3704 type: integer 3705 minHealthyPeriod: 3706 description: "MinHealthyPeriod defines the duration after which 3707 KCP will consider any failure to a machine unrelated\nfrom the 3708 previous one. In this case the remediation is not considered 3709 a retry anymore, and thus the retry\ncounter restarts from 0. 3710 For example, assuming MinHealthyPeriod is set to 1h (default)\n\n\n\tM1 3711 become unhealthy; remediation happens, and M1-1 is created as 3712 a replacement.\n\tIf M1-1 (replacement of M1) has problems within 3713 the 1hr after the creation, also\n\tthis machine will be remediated 3714 and this operation is considered a retry - a problem related\n\tto 3715 the original issue happened to M1 -.\n\n\n\tIf instead the problem 3716 on M1-1 is happening after MinHealthyPeriod expired, e.g. four 3717 days after\n\tm1-1 has been created as a remediation of M1, 3718 the problem on M1-1 is considered unrelated to\n\tthe original 3719 issue happened to M1.\n\n\nIf not set, this value is defaulted 3720 to 1h." 3721 type: string 3722 retryPeriod: 3723 description: |- 3724 RetryPeriod is the duration that KCP should wait before remediating a machine being created as a replacement 3725 for an unhealthy machine (a retry). 3726 3727 3728 If not set, a retry will happen immediately. 3729 type: string 3730 type: object 3731 replicas: 3732 description: |- 3733 Number of desired machines. Defaults to 1. When stacked etcd is used only 3734 odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). 3735 This is a pointer to distinguish between explicit zero and not specified. 3736 format: int32 3737 type: integer 3738 rolloutAfter: 3739 description: |- 3740 RolloutAfter is a field to indicate a rollout should be performed 3741 after the specified time even if no changes have been made to the 3742 KubeadmControlPlane. 3743 Example: In the YAML the time can be specified in the RFC3339 format. 3744 To specify the rolloutAfter target as March 9, 2023, at 9 am UTC 3745 use "2023-03-09T09:00:00Z". 3746 format: date-time 3747 type: string 3748 rolloutBefore: 3749 description: |- 3750 RolloutBefore is a field to indicate a rollout should be performed 3751 if the specified criteria is met. 3752 properties: 3753 certificatesExpiryDays: 3754 description: |- 3755 CertificatesExpiryDays indicates a rollout needs to be performed if the 3756 certificates of the machine will expire within the specified days. 3757 format: int32 3758 type: integer 3759 type: object 3760 rolloutStrategy: 3761 default: 3762 rollingUpdate: 3763 maxSurge: 1 3764 type: RollingUpdate 3765 description: |- 3766 The RolloutStrategy to use to replace control plane machines with 3767 new ones. 3768 properties: 3769 rollingUpdate: 3770 description: |- 3771 Rolling update config params. Present only if 3772 RolloutStrategyType = RollingUpdate. 3773 properties: 3774 maxSurge: 3775 anyOf: 3776 - type: integer 3777 - type: string 3778 description: |- 3779 The maximum number of control planes that can be scheduled above or under the 3780 desired number of control planes. 3781 Value can be an absolute number 1 or 0. 3782 Defaults to 1. 3783 Example: when this is set to 1, the control plane can be scaled 3784 up immediately when the rolling update starts. 3785 x-kubernetes-int-or-string: true 3786 type: object 3787 type: 3788 description: |- 3789 Type of rollout. Currently the only supported strategy is 3790 "RollingUpdate". 3791 Default is RollingUpdate. 3792 type: string 3793 type: object 3794 version: 3795 description: |- 3796 Version defines the desired Kubernetes version. 3797 Please note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository is not set 3798 we don't allow upgrades to versions >= v1.22.0 for which kubeadm uses the old registry (k8s.gcr.io). 3799 Please use a newer patch version with the new registry instead. The default registries of kubeadm are: 3800 * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 3801 * k8s.gcr.io (old registry): all older versions 3802 type: string 3803 required: 3804 - kubeadmConfigSpec 3805 - machineTemplate 3806 - version 3807 type: object 3808 status: 3809 description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. 3810 properties: 3811 conditions: 3812 description: Conditions defines current service state of the KubeadmControlPlane. 3813 items: 3814 description: Condition defines an observation of a Cluster API resource 3815 operational state. 3816 properties: 3817 lastTransitionTime: 3818 description: |- 3819 Last time the condition transitioned from one status to another. 3820 This should be when the underlying condition changed. If that is not known, then using the time when 3821 the API field changed is acceptable. 3822 format: date-time 3823 type: string 3824 message: 3825 description: |- 3826 A human readable message indicating details about the transition. 3827 This field may be empty. 3828 type: string 3829 reason: 3830 description: |- 3831 The reason for the condition's last transition in CamelCase. 3832 The specific API may choose whether or not this field is considered a guaranteed API. 3833 This field may not be empty. 3834 type: string 3835 severity: 3836 description: |- 3837 Severity provides an explicit classification of Reason code, so the users or machines can immediately 3838 understand the current situation and act accordingly. 3839 The Severity field MUST be set only when Status=False. 3840 type: string 3841 status: 3842 description: Status of the condition, one of True, False, Unknown. 3843 type: string 3844 type: 3845 description: |- 3846 Type of condition in CamelCase or in foo.example.com/CamelCase. 3847 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 3848 can be useful (see .node.status.conditions), the ability to deconflict is important. 3849 type: string 3850 required: 3851 - lastTransitionTime 3852 - status 3853 - type 3854 type: object 3855 type: array 3856 failureMessage: 3857 description: |- 3858 ErrorMessage indicates that there is a terminal problem reconciling the 3859 state, and will be set to a descriptive error message. 3860 type: string 3861 failureReason: 3862 description: |- 3863 FailureReason indicates that there is a terminal problem reconciling the 3864 state, and will be set to a token value suitable for 3865 programmatic interpretation. 3866 type: string 3867 initialized: 3868 description: |- 3869 Initialized denotes whether or not the control plane has the 3870 uploaded kubeadm-config configmap. 3871 type: boolean 3872 lastRemediation: 3873 description: LastRemediation stores info about last remediation performed. 3874 properties: 3875 machine: 3876 description: Machine is the machine name of the latest machine 3877 being remediated. 3878 type: string 3879 retryCount: 3880 description: |- 3881 RetryCount used to keep track of remediation retry for the last remediated machine. 3882 A retry happens when a machine that was created as a replacement for an unhealthy machine also fails. 3883 format: int32 3884 type: integer 3885 timestamp: 3886 description: Timestamp is when last remediation happened. It is 3887 represented in RFC3339 form and is in UTC. 3888 format: date-time 3889 type: string 3890 required: 3891 - machine 3892 - retryCount 3893 - timestamp 3894 type: object 3895 observedGeneration: 3896 description: ObservedGeneration is the latest generation observed 3897 by the controller. 3898 format: int64 3899 type: integer 3900 ready: 3901 description: |- 3902 Ready denotes that the KubeadmControlPlane API Server is ready to 3903 receive requests. 3904 type: boolean 3905 readyReplicas: 3906 description: Total number of fully running and ready control plane 3907 machines. 3908 format: int32 3909 type: integer 3910 replicas: 3911 description: |- 3912 Total number of non-terminated machines targeted by this control plane 3913 (their labels match the selector). 3914 format: int32 3915 type: integer 3916 selector: 3917 description: |- 3918 Selector is the label selector in string format to avoid introspection 3919 by clients, and is used to provide the CRD-based integration for the 3920 scale subresource and additional integrations for things like kubectl 3921 describe.. The string will be in the same format as the query-param syntax. 3922 More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors 3923 type: string 3924 unavailableReplicas: 3925 description: |- 3926 Total number of unavailable machines targeted by this control plane. 3927 This is the total number of machines that are still required for 3928 the deployment to have 100% available capacity. They may either 3929 be machines that are running but not yet ready or machines 3930 that still have not been created. 3931 format: int32 3932 type: integer 3933 updatedReplicas: 3934 description: |- 3935 Total number of non-terminated machines targeted by this control plane 3936 that have the desired template spec. 3937 format: int32 3938 type: integer 3939 version: 3940 description: |- 3941 Version represents the minimum Kubernetes version for the control plane machines 3942 in the cluster. 3943 type: string 3944 type: object 3945 type: object 3946 served: true 3947 storage: true 3948 subresources: 3949 scale: 3950 labelSelectorPath: .status.selector 3951 specReplicasPath: .spec.replicas 3952 statusReplicasPath: .status.replicas 3953 status: {}