kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3078 from gambol99/component_options 

Automatic merge from submit-queue

Vetting / Formatting / Cleanup

- fixed any of the vettting / formatting issues that i'm came across on the update
- removed the commented out lines from the componentconfig as it make its increasingly difficult to find what is supported, what is not and the difference between them.
- added SerializeImagePulls, RegisterSchedulable to kubelet (by default they are ignored)
- added FeatureGates to the kube-proxy
- fixed the vetting issue with NodeUpConfig -> Config
- added the aws london regions for cloud provider lookup

Out of interest can someone point me to where these multi-versioned componentconfig are being used?
This commit is contained in:
Kubernetes Submit Queue 2017-08-03 08:03:06 -07:00 committed by GitHub
parent 0b3bf5f1aa b5066c967b
commit 26e0c781ea
22 changed files with 466 additions and 1421 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nodeup/pkg/model/context.go
View File

@ -18,6 +18,7 @@ package model
import ( import (
"fmt" "fmt"
"github.com/blang/semver" "github.com/blang/semver"
"k8s.io/kops/nodeup/pkg/distros" "k8s.io/kops/nodeup/pkg/distros"
"k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/apis/kops"
@ -28,7 +29,7 @@ import (
) )
type NodeupModelContext struct { type NodeupModelContext struct {
NodeupConfig *nodeup.NodeUpConfig NodeupConfig *nodeup.Config
Cluster *kops.Cluster Cluster *kops.Cluster
InstanceGroup *kops.InstanceGroup InstanceGroup *kops.InstanceGroup

10
nodeup/pkg/model/protokube.go
View File

@ -19,8 +19,9 @@ package model
import ( import (
"bytes" "bytes"
"fmt" "fmt"
"github.com/blang/semver" "os"
"github.com/golang/glog" "strings"
kopsbase "k8s.io/kops" kopsbase "k8s.io/kops"
"k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/pkg/apis/kops/util" "k8s.io/kops/pkg/apis/kops/util"
@ -29,8 +30,9 @@ import (
"k8s.io/kops/pkg/systemd" "k8s.io/kops/pkg/systemd"
"k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi"
"k8s.io/kops/upup/pkg/fi/nodeup/nodetasks" "k8s.io/kops/upup/pkg/fi/nodeup/nodetasks"
"os"
"strings" "github.com/blang/semver"
"github.com/golang/glog"
) )
// ProtokubeBuilder configures protokube // ProtokubeBuilder configures protokube

121
pkg/apis/kops/cluster.go
View File

@ -24,6 +24,7 @@ import (
// +genclient=true // +genclient=true
// Cluster is a specific cluster wrapper
type Cluster struct { type Cluster struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
@ -31,6 +32,7 @@ type Cluster struct {
Spec ClusterSpec `json:"spec,omitempty"` Spec ClusterSpec `json:"spec,omitempty"`
} }
// ClusterList is a list of clusters
type ClusterList struct { type ClusterList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
@ -38,48 +40,36 @@ type ClusterList struct {
Items []Cluster `json:"items"` Items []Cluster `json:"items"`
} }
// ClusterSpec defines the configuration for a cluster
type ClusterSpec struct { type ClusterSpec struct {
// The Channel we are following // The Channel we are following
Channel string `json:"channel,omitempty"` Channel string `json:"channel,omitempty"`
// ConfigBase is the path where we store configuration for the cluster // ConfigBase is the path where we store configuration for the cluster
// This might be different that the location when the cluster spec itself is stored, // This might be different that the location when the cluster spec itself is stored,
// both because this must be accessible to the cluster, // both because this must be accessible to the cluster,
// and because it might be on a different cloud or storage system (etcd vs S3) // and because it might be on a different cloud or storage system (etcd vs S3)
ConfigBase string `json:"configBase,omitempty"` ConfigBase string `json:"configBase,omitempty"`
// The CloudProvider to use (aws or gce) // The CloudProvider to use (aws or gce)
CloudProvider string `json:"cloudProvider,omitempty"` CloudProvider string `json:"cloudProvider,omitempty"`
// The version of kubernetes to install (optional, and can be a "spec" like stable) // The version of kubernetes to install (optional, and can be a "spec" like stable)
KubernetesVersion string `json:"kubernetesVersion,omitempty"` KubernetesVersion string `json:"kubernetesVersion,omitempty"`
//// The Node initializer technique to use: cloudinit or nodeup
//NodeInit string `json:",omitempty"`
// Configuration of subnets we are targeting // Configuration of subnets we are targeting
Subnets []ClusterSubnetSpec `json:"subnets,omitempty"` Subnets []ClusterSubnetSpec `json:"subnets,omitempty"`
// Project is the cloud project we should use, required on GCE // Project is the cloud project we should use, required on GCE
Project string `json:"project,omitempty"` Project string `json:"project,omitempty"`
// MasterPublicName is the external DNS name for the master nodes // MasterPublicName is the external DNS name for the master nodes
MasterPublicName string `json:"masterPublicName,omitempty"` MasterPublicName string `json:"masterPublicName,omitempty"`
// MasterInternalName is the internal DNS name for the master nodes // MasterInternalName is the internal DNS name for the master nodes
MasterInternalName string `json:"masterInternalName,omitempty"` MasterInternalName string `json:"masterInternalName,omitempty"`
// The CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s // The CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s
// This is a real CIDR, not the internal k8s network // This is a real CIDR, not the internal k8s network
NetworkCIDR string `json:"networkCIDR,omitempty"` NetworkCIDR string `json:"networkCIDR,omitempty"`
// NetworkID is an identifier of a network, if we want to reuse/share an existing network (e.g. an AWS VPC) // NetworkID is an identifier of a network, if we want to reuse/share an existing network (e.g. an AWS VPC)
NetworkID string `json:"networkID,omitempty"` NetworkID string `json:"networkID,omitempty"`
// Topology defines the type of network topology to use on the cluster - default public // Topology defines the type of network topology to use on the cluster - default public
// This is heavily weighted towards AWS for the time being, but should also be agnostic enough // This is heavily weighted towards AWS for the time being, but should also be agnostic enough
// to port out to GCE later if needed // to port out to GCE later if needed
Topology *TopologySpec `json:"topology,omitempty"` Topology *TopologySpec `json:"topology,omitempty"`
// SecretStore is the VFS path to where secrets are stored // SecretStore is the VFS path to where secrets are stored
SecretStore string `json:"secretStore,omitempty"` SecretStore string `json:"secretStore,omitempty"`
// KeyStore is the VFS path to where SSL keys and certificates are stored // KeyStore is the VFS path to where SSL keys and certificates are stored
@ -94,31 +84,17 @@ type ClusterSpec struct {
// Note that DNSZone can either by the host name of the zone (containing dots), // Note that DNSZone can either by the host name of the zone (containing dots),
// or can be an identifier for the zone. // or can be an identifier for the zone.
DNSZone string `json:"dnsZone,omitempty"` DNSZone string `json:"dnsZone,omitempty"`
// ClusterDNSDomain is the suffix we use for internal DNS names (normally cluster.local) // ClusterDNSDomain is the suffix we use for internal DNS names (normally cluster.local)
ClusterDNSDomain string `json:"clusterDNSDomain,omitempty"` ClusterDNSDomain string `json:"clusterDNSDomain,omitempty"`
//InstancePrefix string `json:",omitempty"`
// ClusterName is a unique identifier for the cluster, and currently must be a DNS name
//ClusterName string `json:",omitempty"`
//ClusterIPRange string `json:",omitempty"`
// ServiceClusterIPRange is the CIDR, from the internal network, where we allocate IPs for services // ServiceClusterIPRange is the CIDR, from the internal network, where we allocate IPs for services
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty"` ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty"`
//MasterIPRange string `json:",omitempty"`
// NonMasqueradeCIDR is the CIDR for the internal k8s network (on which pods & services live) // NonMasqueradeCIDR is the CIDR for the internal k8s network (on which pods & services live)
// It cannot overlap ServiceClusterIPRange // It cannot overlap ServiceClusterIPRange
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty"` NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty"`
// SSHAccess is a list of the CIDRs that can access SSH. // SSHAccess is a list of the CIDRs that can access SSH.
SSHAccess []string `json:"sshAccess,omitempty"` SSHAccess []string `json:"sshAccess,omitempty"`
// KubernetesAPIAccess is a list of the CIDRs that can access the Kubernetes API endpoint (master HTTPS) // KubernetesAPIAccess is a list of the CIDRs that can access the Kubernetes API endpoint (master HTTPS)
KubernetesAPIAccess []string `json:"kubernetesApiAccess,omitempty"` KubernetesAPIAccess []string `json:"kubernetesApiAccess,omitempty"`
// IsolatesMasters determines whether we should lock down masters so that they are not on the pod network. // IsolatesMasters determines whether we should lock down masters so that they are not on the pod network.
// true is the kube-up behaviour, but it is very surprising: it means that daemonsets only work on the master // true is the kube-up behaviour, but it is very surprising: it means that daemonsets only work on the master
// if they have hostNetwork=true. // if they have hostNetwork=true.
@ -127,100 +103,15 @@ type ClusterSpec struct {
// * run kube-proxy on the master // * run kube-proxy on the master
// * enable debugging handlers on the master, so kubectl logs works // * enable debugging handlers on the master, so kubectl logs works
IsolateMasters *bool `json:"isolateMasters,omitempty"` IsolateMasters *bool `json:"isolateMasters,omitempty"`
// UpdatePolicy determines the policy for applying upgrades automatically. // UpdatePolicy determines the policy for applying upgrades automatically.
// Valid values: // Valid values:
// 'external' do not apply updates automatically - they are applied manually or by an external system // 'external' do not apply updates automatically - they are applied manually or by an external system
// missing: default policy (currently OS security upgrades that do not require a reboot) // missing: default policy (currently OS security upgrades that do not require a reboot)
UpdatePolicy *string `json:"updatePolicy,omitempty"` UpdatePolicy *string `json:"updatePolicy,omitempty"`
// Additional policies to add for roles // Additional policies to add for roles
AdditionalPolicies *map[string]string `json:"additionalPolicies,omitempty"` AdditionalPolicies *map[string]string `json:"additionalPolicies,omitempty"`
//HairpinMode string `json:",omitempty"`
//
//OpencontrailTag string `json:",omitempty"`
//OpencontrailKubernetesTag string `json:",omitempty"`
//OpencontrailPublicSubnet string `json:",omitempty"`
//
//EnableClusterMonitoring string `json:",omitempty"`
//EnableL7LoadBalancing string `json:",omitempty"`
//EnableClusterUI *bool `json:",omitempty"`
//
//EnableClusterDNS *bool `json:",omitempty"`
//DNSReplicas int `json:",omitempty"`
//DNSServerIP string `json:",omitempty"`
//EnableClusterLogging *bool `json:",omitempty"`
//EnableNodeLogging *bool `json:",omitempty"`
//LoggingDestination string `json:",omitempty"`
//ElasticsearchLoggingReplicas int `json:",omitempty"`
//
//EnableClusterRegistry *bool `json:",omitempty"`
//ClusterRegistryDisk string `json:",omitempty"`
//ClusterRegistryDiskSize int `json:",omitempty"`
//
//EnableCustomMetrics *bool `json:",omitempty"`
//
//RegisterMasterKubelet *bool `json:",omitempty"`
//// Image is the default image spec to use for the cluster
//Image string `json:",omitempty"`
//KubeUser string `json:",omitempty"`
//
//// These are moved to CAStore / SecretStore
////KubePassword string
////KubeletToken string
////KubeProxyToken string
////BearerToken string
////CACert []byte
////CAKey []byte
////KubeletCert []byte
////KubeletKey []byte
////MasterCert []byte
////MasterKey []byte
////KubecfgCert []byte
////KubecfgKey []byte
//
//AdmissionControl string `json:",omitempty"`
//
//KubeImageTag string `json:",omitempty"`
//KubeDockerRegistry string `json:",omitempty"`
//KubeAddonRegistry string `json:",omitempty"`
//
//KubeletPort int `json:",omitempty"`
//
//KubeApiserverRequestTimeout int `json:",omitempty"`
//
//TerminatedPodGcThreshold string `json:",omitempty"`
//
//EnableManifestURL *bool `json:",omitempty"`
//ManifestURL string `json:",omitempty"`
//ManifestURLHeader string `json:",omitempty"`
//
//TestCluster string `json:",omitempty"`
//
//E2EStorageTestEnvironment string `json:",omitempty"`
//KubeletTestArgs string `json:",omitempty"`
//KubeletTestLogLevel string `json:",omitempty"`
//DockerTestArgs string `json:",omitempty"`
//DockerTestLogLevel string `json:",omitempty"`
//ApiserverTestArgs string `json:",omitempty"`
//ApiserverTestLogLevel string `json:",omitempty"`
//ControllerManagerTestArgs string `json:",omitempty"`
//ControllerManagerTestLogLevel string `json:",omitempty"`
//SchedulerTestArgs string `json:",omitempty"`
//SchedulerTestLogLevel string `json:",omitempty"`
//KubeProxyTestArgs string `json:",omitempty"`
//KubeProxyTestLogLevel string `json:",omitempty"`
//// Masters is the configuration for each master in the cluster
//Masters []*MasterConfig `json:",omitempty"`
// EtcdClusters stores the configuration for each cluster // EtcdClusters stores the configuration for each cluster
EtcdClusters []*EtcdClusterSpec `json:"etcdClusters,omitempty"` EtcdClusters []*EtcdClusterSpec `json:"etcdClusters,omitempty"`
// Component configurations // Component configurations
Docker *DockerConfig `json:"docker,omitempty"` Docker *DockerConfig `json:"docker,omitempty"`
KubeDNS *KubeDNSConfig `json:"kubeDNS,omitempty"` KubeDNS *KubeDNSConfig `json:"kubeDNS,omitempty"`
@ -237,19 +128,14 @@ type ClusterSpec struct {
// API field controls how the API is exposed outside the cluster // API field controls how the API is exposed outside the cluster
API *AccessSpec `json:"api,omitempty"` API *AccessSpec `json:"api,omitempty"`
// Authentication field controls how the cluster is configured for authentication // Authentication field controls how the cluster is configured for authentication
Authentication *AuthenticationSpec `json:"authentication,omitempty"` Authentication *AuthenticationSpec `json:"authentication,omitempty"`
// Authorization field controls how the cluster is configured for authorization // Authorization field controls how the cluster is configured for authorization
Authorization *AuthorizationSpec `json:"authorization,omitempty"` Authorization *AuthorizationSpec `json:"authorization,omitempty"`
// Tags for AWS instance groups // Tags for AWS instance groups
CloudLabels map[string]string `json:"cloudLabels,omitempty"` CloudLabels map[string]string `json:"cloudLabels,omitempty"`
// Hooks for custom actions e.g. on first installation // Hooks for custom actions e.g. on first installation
Hooks []HookSpec `json:"hooks,omitempty"` Hooks []HookSpec `json:"hooks,omitempty"`
// Alternative locations for files and containers // Alternative locations for files and containers
// This API component is under contruction, will remove this comment // This API component is under contruction, will remove this comment
// once this API is fully functional. // once this API is fully functional.
@ -335,7 +221,6 @@ type KubeDNSConfig struct {
type EtcdClusterSpec struct { type EtcdClusterSpec struct {
// Name is the name of the etcd cluster (main, events etc) // Name is the name of the etcd cluster (main, events etc)
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
// EtcdMember stores the configurations for each member of the cluster (including the data volume) // EtcdMember stores the configurations for each member of the cluster (including the data volume)
Members []*EtcdMemberSpec `json:"etcdMembers,omitempty"` Members []*EtcdMemberSpec `json:"etcdMembers,omitempty"`
} }

620
pkg/apis/kops/componentconfig.go
View File

@ -18,166 +18,41 @@ package kops
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
// KubeletConfigSpec defines the kubelet configuration
type KubeletConfigSpec struct { type KubeletConfigSpec struct {
// not used for clusters version 1.6 and later - flag removed // APIServers is not used for clusters version 1.6 and later - flag removed
APIServers string `json:"apiServers,omitempty" flag:"api-servers"` APIServers string `json:"apiServers,omitempty" flag:"api-servers"`
// AnonymousAuth permits you to control auth to the kubelet api // AnonymousAuth permits you to control auth to the kubelet api
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// ClientCAFile is the path to a CA certificate // ClientCAFile is the path to a CA certificate
ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"` ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"`
// KubeconfigPath is the path of kubeconfig for the kubelet
// kubeconfigPath is the path to the kubeconfig file with authorization KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"`
// information and API server location // RequireKubeconfig indicates a kubeconfig is required
// kops will only use this for clusters version 1.6 and later RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"`
KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"` // LogLevel is the logging level of the kubelet
RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"`
LogLevel *int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"` LogLevel *int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
// config is the path to the config file or directory of files // config is the path to the config file or directory of files
PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"` PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"`
//// syncFrequency is the max period between synchronizing running // HostnameOverride is the hostname used to identify the kubelet instead of the actual hostname.
//// containers and config
//SyncFrequency unversioned.Duration `json:"syncFrequency"`
//// fileCheckFrequency is the duration between checking config files for
//// new data
//FileCheckFrequency unversioned.Duration `json:"fileCheckFrequency"`
//// httpCheckFrequency is the duration between checking http for new data
//HTTPCheckFrequency unversioned.Duration `json:"httpCheckFrequency"`
//// manifestURL is the URL for accessing the container manifest
//ManifestURL string `json:"manifestURL"`
//// manifestURLHeader is the HTTP header to use when accessing the manifest
//// URL, with the key separated from the value with a ':', as in 'key:value'
//ManifestURLHeader string `json:"manifestURLHeader"`
//// enableServer enables the Kubelet's server
//EnableServer bool `json:"enableServer"`
//// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
//// for all interfaces)
//Address string `json:"address"`
//// port is the port for the Kubelet to serve on.
//Port uint `json:"port"`
//// readOnlyPort is the read-only port for the Kubelet to serve on with
//// no authentication/authorization (set to 0 to disable)
//ReadOnlyPort uint `json:"readOnlyPort"`
//// tLSCertFile is the file containing x509 Certificate for HTTPS. (CA cert,
//// if any, concatenated after server cert). If tlsCertFile and
//// tlsPrivateKeyFile are not provided, a self-signed certificate
//// and key are generated for the public address and saved to the directory
//// passed to certDir.
//TLSCertFile string `json:"tlsCertFile"`
//// tLSPrivateKeyFile is the ile containing x509 private key matching
//// tlsCertFile.
//TLSPrivateKeyFile string `json:"tlsPrivateKeyFile"`
//// certDirectory is the directory where the TLS certs are located (by
//// default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile
//// are provided, this flag will be ignored.
//CertDirectory string `json:"certDirectory"`
// hostnameOverride is the hostname used to identify the kubelet instead
// of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// podInfraContainerImage is the image whose network/ipc namespaces // PodInfraContainerImage is the image whose network/ipc containers in each pod will use.
// containers in each pod will use.
PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"` PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"`
//// dockerEndpoint is the path to the docker endpoint to communicate with. // SeccompProfileRoot is the directory path for seccomp profiles.
//DockerEndpoint string `json:"dockerEndpoint"` SeccompProfileRoot *string `json:"seccompProfileRoot,omitempty" flag:"seccomp-profile-root"`
//// rootDirectory is the directory path to place kubelet files (volume // AllowPrivileged enables containers to request privileged mode (defaults to false)
//// mounts,etc).
//RootDirectory string `json:"rootDirectory"`
//// seccompProfileRoot is the directory path for seccomp profiles.
//SeccompProfileRoot string `json:"seccompProfileRoot"`
// allowPrivileged enables containers to request privileged mode.
// Defaults to false.
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
//// hostNetworkSources is a comma-separated list of sources from which the // EnableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands
//// Kubelet allows pods to use of host network. Defaults to "*".
//HostNetworkSources []string `json:"hostNetworkSources"`
//// hostPIDSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host pid namespace. Defaults to "*".
//HostPIDSources []string `json:"hostPIDSources"`
//// hostIPCSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
//HostIPCSources []string `json:"hostIPCSources"`
//// registryPullQPS is the limit of registry pulls per second. If 0,
//// unlimited. Set to 0 for no limit. Defaults to 5.0.
//RegistryPullQPS float64 `json:"registryPullQPS"`
//// registryBurst is the maximum size of a bursty pulls, temporarily allows
//// pulls to burst to this number, while still not exceeding registryQps.
//// Only used if registryQps > 0.
//RegistryBurst int32 `json:"registryBurst"`
//// eventRecordQPS is the maximum event creations per second. If 0, there
//// is no limit enforced.
//EventRecordQPS float32 `json:"eventRecordQPS"`
//// eventBurst is the maximum size of a bursty event records, temporarily
//// allows event records to burst to this number, while still not exceeding
//// event-qps. Only used if eventQps > 0
//EventBurst int32 `json:"eventBurst"`
// enableDebuggingHandlers enables server endpoints for log collection
// and local running of containers and commands
EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"` EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"`
//// minimumGCAge is the minimum age for a finished container before it is // RegisterNode enables automatic registration with the apiserver.
//// garbage collected. RegisterNode *bool `json:"registerNode,omitempty" flag:"register-node"`
//MinimumGCAge unversioned.Duration `json:"minimumGCAge"` // ClusterDomain is the DNS domain for this cluster
//// maxPerPodContainerCount is the maximum number of old instances to
//// retain per container. Each container takes up some disk space.
//MaxPerPodContainerCount int32 `json:"maxPerPodContainerCount"`
//// maxContainerCount is the maximum number of old instances of containers
//// to retain globally. Each container takes up some disk space.
//MaxContainerCount int32 `json:"maxContainerCount"`
//// cAdvisorPort is the port of the localhost cAdvisor endpoint
//CAdvisorPort uint `json:"cAdvisorPort"`
//// healthzPort is the port of the localhost healthz endpoint
//HealthzPort int32 `json:"healthzPort"`
//// healthzBindAddress is the IP address for the healthz server to serve
//// on.
//HealthzBindAddress string `json:"healthzBindAddress"`
//// oomScoreAdj is The oom-score-adj value for kubelet process. Values
//// must be within the range [-1000, 1000].
//OOMScoreAdj int32 `json:"oomScoreAdj"`
//// registerNode enables automatic registration with the apiserver.
//RegisterNode bool `json:"registerNode"`
// clusterDomain is the DNS domain for this cluster. If set, kubelet will
// configure all containers to search this domain in addition to the
// host's search domains.
ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"` ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"`
//// masterServiceNamespace is The namespace from which the kubernetes // ClusterDNS is the IP address for a cluster DNS server
//// master services should be injected into pods.
//MasterServiceNamespace string `json:"masterServiceNamespace"`
// clusterDNS is the IP address for a cluster DNS server. If set, kubelet
// will configure all containers to use this for DNS resolution in
// addition to the host's DNS servers
ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"` ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"`
//// streamingConnectionIdleTimeout is the maximum time a streaming connection // NetworkPluginName is the name of the network plugin to be invoked for various events in kubelet/pod lifecycle
//// can be idle before the connection is automatically closed.
//StreamingConnectionIdleTimeout unversioned.Duration `json:"streamingConnectionIdleTimeout"`
//// nodeStatusUpdateFrequency is the frequency that kubelet posts node
//// status to master. Note: be cautious when changing the constant, it
//// must work with nodeMonitorGracePeriod in nodecontroller.
//NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
//// minimumGCAge is the minimum age for a unused image before it is
//// garbage collected.
//ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
//// lowDiskSpaceThresholdMB is the absolute free disk space, in MB, to
//// maintain. When disk space falls below this threshold, new pods would
//// be rejected.
//LowDiskSpaceThresholdMB int32 `json:"lowDiskSpaceThresholdMB"`
//// How frequently to calculate and cache volume disk usage for all pods
//VolumeStatsAggPeriod unversioned.Duration `json:"volumeStatsAggPeriod"`
// networkPluginName is the name of the network plugin to be invoked for
// various events in kubelet/pod lifecycle
NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"` NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"`
//// networkPluginDir is the full path of the directory in which to search // CloudProvider is the provider for cloud services.
//// for network plugins
//NetworkPluginDir string `json:"networkPluginDir"`
//// volumePluginDir is the full path of the directory in which to search
//// for additional third party volume plugins
//VolumePluginDir string `json:"volumePluginDir"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in. // KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"` KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"`
@ -187,30 +62,9 @@ type KubeletConfigSpec struct {
// all non-kernel processes that are not already in a container. Empty // all non-kernel processes that are not already in a container. Empty
// for no container. Rolling back the flag requires a reboot. // for no container. Rolling back the flag requires a reboot.
SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"` SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"`
// cgroupRoot is the root cgroup to use for pods. This is handled by the // cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis.
// container runtime on a best effort basis.
CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"` CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"`
//// containerRuntime is the container runtime to use. // configureCBR0 enables the kublet to configure cbr0 based on Node.Spec.PodCIDR.
//ContainerRuntime string `json:"containerRuntime"`
//// rktPath is the path of rkt binary. Leave empty to use the first rkt in
//// $PATH.
//RktPath string `json:"rktPath,omitempty"`
//// rktApiEndpoint is the endpoint of the rkt API service to communicate with.
//RktAPIEndpoint string `json:"rktAPIEndpoint,omitempty"`
//// rktStage1Image is the image to use as stage1. Local paths and
//// http/https URLs are supported.
//RktStage1Image string `json:"rktStage1Image,omitempty"`
//// lockFilePath is the path that kubelet will use to as a lock file.
//// It uses this file as a lock to synchronize with other kubelet processes
//// that may be running.
//LockFilePath string `json:"lockFilePath"`
//// ExitOnLockContention is a flag that signifies to the kubelet that it is running
//// in "bootstrap" mode. This requires that 'LockFilePath' has been set.
//// This will cause the kubelet to listen to inotify events on the lock file,
//// releasing it and exiting when another process tries to open that file.
//ExitOnLockContention bool `json:"exitOnLockContention"`
// configureCBR0 enables the kublet to configure cbr0 based on
// Node.Spec.PodCIDR.
ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"` ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"`
// How should the kubelet configure the container bridge for hairpin packets. // How should the kubelet configure the container bridge for hairpin packets.
// Setting this flag allows endpoints in a Service to loadbalance back to // Setting this flag allows endpoints in a Service to loadbalance back to
@ -222,92 +76,44 @@ type KubeletConfigSpec struct {
// one must set --hairpin-mode=veth-flag, because bridge assumes the // one must set --hairpin-mode=veth-flag, because bridge assumes the
// existence of a container bridge named cbr0. // existence of a container bridge named cbr0.
HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"` HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"`
// The node has babysitter process monitoring docker and kubelet. Removed as of 1.7
// The node has babysitter process monitoring docker and kubelet.
// Removed as of 1.7
BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"` BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"`
// MaxPods is the number of pods that can run on this Kubelet.
// maxPods is the number of pods that can run on this Kubelet.
MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"` MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"`
// NvidiaGPUs is the number of NVIDIA GPU devices on this node.
// nvidiaGPUs is the number of NVIDIA GPU devices on this node.
NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus" flag-empty:"0"` NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus" flag-empty:"0"`
// PodCIDR is the CIDR to use for pod IP addresses, only used in standalone mode.
//// dockerExecHandlerName is the handler to use when executing a command
//// in a container. Valid values are 'native' and 'nsenter'. Defaults to
//// 'native'.
//DockerExecHandlerName string `json:"dockerExecHandlerName"`
// The CIDR to use for pod IP addresses, only used in standalone mode.
// In cluster mode, this is obtained from the master. // In cluster mode, this is obtained from the master.
PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"` PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"`
// ResolverConfig is the resolver configuration file used as the basis // ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration."), []
// for the container DNS resolution configuration."), []
ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"` ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"`
//// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that // ReconcileCIDR is Reconcile node CIDR with the CIDR specified by the
//// specify CPU limits
//CPUCFSQuota bool `json:"cpuCFSQuota"`
//// containerized should be set to true if kubelet is running in a container.
//Containerized bool `json:"containerized"`
//// maxOpenFiles is Number of files that can be opened by Kubelet process.
//MaxOpenFiles uint64 `json:"maxOpenFiles"`
// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
// API server. No-op if register-node or configure-cbr0 is false. // API server. No-op if register-node or configure-cbr0 is false.
ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"` ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"`
// registerSchedulable tells the kubelet to register the node as // registerSchedulable tells the kubelet to register the node as schedulable. No-op if register-node is false.
// schedulable. No-op if register-node is false.
RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"` RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"`
//// contentType is contentType of requests sent to apiserver. //// SerializeImagePulls when enabled, tells the Kubelet to pull images one
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to allow while talking with kubernetes
//// apiserver
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// serializeImagePulls when enabled, tells the Kubelet to pull images one
//// at a time. We recommend *not* changing the default value on nodes that //// at a time. We recommend *not* changing the default value on nodes that
//// run docker daemon with version < 1.9 or an Aufs storage backend. //// run docker daemon with version < 1.9 or an Aufs storage backend.
//// Issue #10959 has more details. //// Issue #10959 has more details.
//SerializeImagePulls bool `json:"serializeImagePulls"` SerializeImagePulls *bool `json:"serializeImagePulls,omitempty" flag:"serialize-image-pulls"`
//// experimentalFlannelOverlay enables experimental support for starting the // NodeLabels to add when registering the node in the cluster.
//// kubelet with the default overlay network (flannel). Assumes flanneld
//// is already running in client mode.
//ExperimentalFlannelOverlay bool `json:"experimentalFlannelOverlay"`
//// outOfDiskTransitionFrequency is duration for which the kubelet has to
//// wait before transitioning out of out-of-disk node condition status.
//OutOfDiskTransitionFrequency unversioned.Duration `json:"outOfDiskTransitionFrequency,omitempty"`
//// nodeIP is IP address of the node. If set, kubelet will use this IP
//// address for the node.
//NodeIP string `json:"nodeIP,omitempty"`
// nodeLabels to add when registering the node in the cluster.
NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"` NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"`
// NonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"` NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"`
// Enable gathering custom metrics.
// enable gathering custom metrics.
EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"` EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"`
// NetworkPluginMTU is the MTU to be passed to the network plugin,
//// Maximum number of pods per core. Cannot exceed MaxPods
//PodsPerCore int32 `json:"podsPerCore"`
//// enableControllerAttachDetach enables the Attach/Detach controller to
//// manage attachment/detachment of volumes scheduled to this node, and
//// disables kubelet from executing any attach/detach operations
//EnableControllerAttachDetach bool `json:"enableControllerAttachDetach"`
// networkPluginMTU is the MTU to be passed to the network plugin,
// and overrides the default MTU for cases where it cannot be automatically // and overrides the default MTU for cases where it cannot be automatically
// computed (such as IPSEC). // computed (such as IPSEC).
NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"` NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"`
// ImageGCHighThresholdPercent is the percent of disk usage after which
// imageGCHighThresholdPercent is the percent of disk usage after which
// image garbage collection is always run. // image garbage collection is always run.
ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"` ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"`
// imageGCLowThresholdPercent is the percent of disk usage before which // ImageGCLowThresholdPercent is the percent of disk usage before which
// image garbage collection is never run. Lowest disk usage to garbage // image garbage collection is never run. Lowest disk usage to garbage
// collect to. // collect to.
ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"` ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"`
// Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'.
EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"` EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"`
// Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'.
@ -320,18 +126,13 @@ type KubeletConfigSpec struct {
EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period" flag-empty:"0"` EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period" flag-empty:"0"`
// Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure. // Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.
EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"` EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"`
// The full path of the directory in which to search for additional third party volume plugins // The full path of the directory in which to search for additional third party volume plugins
VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"` VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"`
// Taints to add when registering a node in the cluster // Taints to add when registering a node in the cluster
Taints []string `json:"taints,omitempty" flag:"register-with-taints"` Taints []string `json:"taints,omitempty" flag:"register-with-taints"`
// FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features. // FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features.
FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"` FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"`
// Resource reservation for kubernetes system daemons like the kubelet, container runtime, node problem detector, etc.
// Resource reservation for kubernetes system daemons like the kubelet,
// container runtime, node problem detector, etc.
KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"` KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"`
// Control group for kube daemons. // Control group for kube daemons.
KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"` KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"`
@ -339,122 +140,75 @@ type KubeletConfigSpec struct {
SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"` SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"`
// Parent control group for OS system daemons. // Parent control group for OS system daemons.
SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"` SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"`
// Enforce Allocatable across pods whenever the overall usage across all pods // Enforce Allocatable across pods whenever the overall usage across all pods exceeds Allocatable.
// exceeds Allocatable.
EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"` EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"`
} }
// KubeProxyConfig defined the configuration for a proxy
type KubeProxyConfig struct { type KubeProxyConfig struct {
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// TODO: Better type ? // TODO: Better type ?
CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m" CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m"
// LogLevel is the logging level of the proxy
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// ClusterCIDR is the CIDR range of the pods in the cluster
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
//// for all interfaces)
//BindAddress string `json:"bindAddress"`
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
// bridge traffic coming from outside of the cluster. If not provided,
// no off-cluster bridging will be performed.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
// HostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
//// healthzBindAddress is the IP address for the health check server to serve on,
//// defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)
//HealthzBindAddress string `json:"healthzBindAddress"`
//// healthzPort is the port to bind the health check server. Use 0 to disable.
//HealthzPort int32 `json:"healthzPort"`
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// Master is the address of the Kubernetes API server (overrides any value in kubeconfig)
//// iptablesMasqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
//// the pure iptables proxy mode. Values must be within the range [0, 31].
//IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit"`
//// iptablesSyncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
//// '2h22m'). Must be greater than 0.
//IPTablesSyncPeriod unversioned.Duration `json:"iptablesSyncPeriodSeconds"`
//// kubeconfigPath is the path to the kubeconfig file with authorization information (the
//// master location is set by the master flag).
//KubeconfigPath string `json:"kubeconfigPath"`
//// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
//MasqueradeAll bool `json:"masqueradeAll"`
// master is the address of the Kubernetes API server (overrides any value in kubeconfig)
Master string `json:"master,omitempty" flag:"master"` Master string `json:"master,omitempty" flag:"master"`
//// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within // FeatureGates is a series of key pairs used to switch on features for the proxy
//// the range [-1000, 1000] FeatureGates []string `json:"feature-gates" flag:"feature-gates"`
//OOMScoreAdj *int32 `json:"oomScoreAdj"`
//// mode specifies which proxy mode to use.
//Mode ProxyMode `json:"mode"`
//// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
//// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
//PortRange string `json:"portRange"`
//// resourceContainer is the bsolute name of the resource-only container to create and run
//// the Kube-proxy in (Default: /kube-proxy).
//ResourceContainer string `json:"resourceContainer"`
//// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
//// Must be greater than 0. Only applicable for proxyMode=userspace.
//UDPIdleTimeout unversioned.Duration `json:"udpTimeoutMilliseconds"`
//// conntrackMax is the maximum number of NAT connections to track (0 to leave as-is)")
//ConntrackMax int32 `json:"conntrackMax"`
//// conntrackTCPEstablishedTimeout is how long an idle UDP connection will be kept open
//// (e.g. '250ms', '2s'). Must be greater than 0. Only applicable for proxyMode is Userspace
//ConntrackTCPEstablishedTimeout unversioned.Duration `json:"conntrackTCPEstablishedTimeout"`
} }
// KubeAPIServerConfig defines the configuration for the kube api
type KubeAPIServerConfig struct { type KubeAPIServerConfig struct {
// TODO: Remove PathSrvKubernetes - unused // Image is the docker container used
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
// TODO: Remove PathSrvSshProxy - unused
PathSrvSshproxy string `json:"pathSrvSshproxy,omitempty"`
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// LogLevel is the logging level of the api
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"` LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// CloudProvider is the name of the cloudProvider we are using, aws, gce etcd
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"` // SecurePort is the port the kube runs on
InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"` SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"`
Address string `json:"address,omitempty" flag:"address"` // InsecurePort is the port the insecure api runs
EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"` InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"`
EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"` // Address is the binding address for the kube api
AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"` Address string `json:"address,omitempty" flag:"address"`
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"` // AdmissionControl is a list of admission controllers to user
AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"`
// ServiceClusterIPRange is the service address range
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"`
// EtcdServers is a list of the etcd service to connect
EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"`
// EtcdServersOverrides is per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated
EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"`
// TODO: Remove unused BasicAuthFile // TODO: Remove unused BasicAuthFile
BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"` BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"`
// TODO: Remove unused ClientCAFile // TODO: Remove unused ClientCAFile
ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"` ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"`
// TODO: Remove unused TLSCertFile // TODO: Remove unused TLSCertFile
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"` TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"`
// TODO: Remove unused TLSPrivateKeyFile // TODO: Remove unused TLSPrivateKeyFile
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"` TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"`
KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"`
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"`
// TODO: Remove unused TokenAuthFile // TODO: Remove unused TokenAuthFile
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"` TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"`
// AllowPrivileged indicates if we can run privileged containers
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"` // APIServerCount is the number of api servers
// keys and values in RuntimeConfig are parsed into the `--runtime-config` parameter APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"`
// for KubeAPIServer, concatenated with commas. ex: `--runtime-config=key1=value1,key2=value2`. // RuntimeConfig is a series of keys/values are parsed into the `--runtime-config` parameters
// Use this to enable alpha resources on kube-apiserver
RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"` RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"`
// KubeletClientCertificate is the path of a certificate for secure communication between api and kubelet
KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"`
// KubeletClientKey is the path of a private to secure communication between api and kubelet
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"`
// AnonymousAuth indicates if anonymous authentication is permitted
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// KubeletPreferredAddressTypes is a list of the preferred NodeAddressTypes to use for kubelet connections
KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"` KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"`
// StorageBackend is the backend storage
StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"` StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"`
// The OpenID claim to use as the user name. // The OpenID claim to use as the user name.
// Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. // Note that claims other than the default ('sub') is not guaranteed to be unique and immutable.
OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"` OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"`
@ -467,9 +221,7 @@ type KubeAPIServerConfig struct {
// The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set. // The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"` OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"`
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
// If set, all requests coming to the apiserver will be logged to this file. // If set, all requests coming to the apiserver will be logged to this file.
AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"` AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"`
// The maximum number of days to retain old audit log files based on the timestamp encoded in their filename. // The maximum number of days to retain old audit log files based on the timestamp encoded in their filename.
@ -478,211 +230,61 @@ type KubeAPIServerConfig struct {
AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"` AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"`
// The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB. // The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB.
AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"` AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"`
// File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens. // File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens.
AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"` AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"`
// The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s) // The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s)
AuthenticationTokenWebhookCacheTtl *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"` AuthenticationTokenWebhookCacheTTL *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"`
// AuthorizationMode is the authorization mode the kubeapi is running in
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"` AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
// AuthorizationRBACSuperUser is the name of the superuser for default rbac
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"` AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
// KubeControllerManagerConfig is the configuration for the controller
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is the url for the kube api master
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the defined logLevel
// TODO: Remove as unused LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// ServiceAccountPrivateKeyFile the location for a certificate for service account signing
ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"` ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// CloudProvider is the provider for cloud services.
// TODO: Remove PathSrvKubernetes - unused
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// port is the port that the controller-manager's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on (set to 0.0.0.0 for all interfaces).
//Address string `json:"address"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
//// concurrentEndpointSyncs is the number of endpoint syncing operations // ClusterName is the instance prefix for the cluster.
//// that will be done concurrently. Larger number = faster endpoint updating,
//// but more CPU (and network) load.
//ConcurrentEndpointSyncs int32 `json:"concurrentEndpointSyncs"`
//// concurrentRSSyncs is the number of replica sets that are allowed to sync
//// concurrently. Larger number = more responsive replica management, but more
//// CPU (and network) load.
//ConcurrentRSSyncs int32 `json:"concurrentRSSyncs"`
//// concurrentRCSyncs is the number of replication controllers that are
//// allowed to sync concurrently. Larger number = more responsive replica
//// management, but more CPU (and network) load.
//ConcurrentRCSyncs int32 `json:"concurrentRCSyncs"`
//// concurrentResourceQuotaSyncs is the number of resource quotas that are
//// allowed to sync concurrently. Larger number = more responsive quota
//// management, but more CPU (and network) load.
//ConcurrentResourceQuotaSyncs int32 `json:"concurrentResourceQuotaSyncs"`
//// concurrentDeploymentSyncs is the number of deployment objects that are
//// allowed to sync concurrently. Larger number = more responsive deployments,
//// but more CPU (and network) load.
//ConcurrentDeploymentSyncs int32 `json:"concurrentDeploymentSyncs"`
//// concurrentDaemonSetSyncs is the number of daemonset objects that are
//// allowed to sync concurrently. Larger number = more responsive daemonset,
//// but more CPU (and network) load.
//ConcurrentDaemonSetSyncs int32 `json:"concurrentDaemonSetSyncs"`
//// concurrentJobSyncs is the number of job objects that are
//// allowed to sync concurrently. Larger number = more responsive jobs,
//// but more CPU (and network) load.
//ConcurrentJobSyncs int32 `json:"concurrentJobSyncs"`
//// concurrentNamespaceSyncs is the number of namespace objects that are
//// allowed to sync concurrently.
//ConcurrentNamespaceSyncs int32 `json:"concurrentNamespaceSyncs"`
//// lookupCacheSizeForRC is the size of lookup cache for replication controllers.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRC int32 `json:"lookupCacheSizeForRC"`
//// lookupCacheSizeForRS is the size of lookup cache for replicatsets.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRS int32 `json:"lookupCacheSizeForRS"`
//// lookupCacheSizeForDaemonSet is the size of lookup cache for daemonsets.
//// Larger number = more responsive daemonset, but more MEM load.
//LookupCacheSizeForDaemonSet int32 `json:"lookupCacheSizeForDaemonSet"`
//// serviceSyncPeriod is the period for syncing services with their external
//// load balancers.
//ServiceSyncPeriod unversioned.Duration `json:"serviceSyncPeriod"`
//// nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer
//// periods will result in fewer calls to cloud provider, but may delay addition
//// of new nodes to cluster.
//NodeSyncPeriod unversioned.Duration `json:"nodeSyncPeriod"`
//// resourceQuotaSyncPeriod is the period for syncing quota usage status
//// in the system.
//ResourceQuotaSyncPeriod unversioned.Duration `json:"resourceQuotaSyncPeriod"`
//// namespaceSyncPeriod is the period for syncing namespace life-cycle
//// updates.
//NamespaceSyncPeriod unversioned.Duration `json:"namespaceSyncPeriod"`
//// pvClaimBinderSyncPeriod is the period for syncing persistent volumes
//// and persistent volume claims.
//PVClaimBinderSyncPeriod unversioned.Duration `json:"pvClaimBinderSyncPeriod"`
//// minResyncPeriod is the resync period in reflectors; will be random between
//// minResyncPeriod and 2*minResyncPeriod.
//MinResyncPeriod unversioned.Duration `json:"minResyncPeriod"`
//// horizontalPodAutoscalerSyncPeriod is the period for syncing the number of
//// pods in horizontal pod autoscaler.
//HorizontalPodAutoscalerSyncPeriod unversioned.Duration `json:"horizontalPodAutoscalerSyncPeriod"`
//// deploymentControllerSyncPeriod is the period for syncing the deployments.
//DeploymentControllerSyncPeriod unversioned.Duration `json:"deploymentControllerSyncPeriod"`
//// podEvictionTimeout is the grace period for deleting pods on failed nodes.
//PodEvictionTimeout unversioned.Duration `json:"podEvictionTimeout"`
//// deletingPodsQps is the number of nodes per second on which pods are deleted in
//// case of node failure.
//DeletingPodsQps float32 `json:"deletingPodsQps"`
//// deletingPodsBurst is the number of nodes on which pods are bursty deleted in
//// case of node failure. For more details look into RateLimiter.
//DeletingPodsBurst int32 `json:"deletingPodsBurst"`
//// nodeMontiorGracePeriod is the amount of time which we allow a running node to be
//// unresponsive before marking it unhealthy. Must be N times more than kubelet's
//// nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet
//// to post node status.
//NodeMonitorGracePeriod unversioned.Duration `json:"nodeMonitorGracePeriod"`
//// registerRetryCount is the number of retries for initial node registration.
//// Retry interval equals node-sync-period.
//RegisterRetryCount int32 `json:"registerRetryCount"`
//// nodeStartupGracePeriod is the amount of time which we allow starting a node to
//// be unresponsive before marking it unhealthy.
//NodeStartupGracePeriod unversioned.Duration `json:"nodeStartupGracePeriod"`
//// nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.
//NodeMonitorPeriod unversioned.Duration `json:"nodeMonitorPeriod"`
//// serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key
//// used to sign service account tokens.
//ServiceAccountKeyFile string `json:"serviceAccountKeyFile"`
//// enableProfiling enables profiling via web interface host:port/debug/pprof/
//EnableProfiling bool `json:"enableProfiling"`
// clusterName is the instance prefix for the cluster.
ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"` ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"`
// clusterCIDR is CIDR Range for Pods in cluster. // ClusterCIDR is CIDR Range for Pods in cluster.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
//// serviceCIDR is CIDR Range for Services in cluster. // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
//ServiceCIDR string `json:"serviceCIDR"`
//// NodeCIDRMaskSize is the mask size for node cidr in cluster.
//NodeCIDRMaskSize int32 `json:"nodeCIDRMaskSize"`
// allocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
// ConfigureCloudRoutes is true, to be set on the cloud provider. // ConfigureCloudRoutes is true, to be set on the cloud provider.
AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"` AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"`
// configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider.
// to be configured on the cloud provider.
ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"`
// rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.
// TODO: Remove as unused
// rootCAFile is the root certificate authority will be included in service
// account's token secret. This must be a valid PEM-encoded CA bundle.
RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"` RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"`
// LeaderElection defines the configuration of leader election client.
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
//// volumeConfiguration holds configuration for volume related features.
//VolumeConfiguration VolumeConfiguration `json:"volumeConfiguration"`
//// How long to wait between starting controller managers
//ControllerStartInterval unversioned.Duration `json:"controllerStartInterval"`
//// enables the generic garbage collector. MUST be synced with the
//// corresponding flag of the kube-apiserver. WARNING: the generic garbage
//// collector is an alpha feature.
//EnableGarbageCollector bool `json:"enableGarbageCollector"`
// ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop
// wait between successive executions. Is set to 1 min by kops by default // wait between successive executions. Is set to 1 min by kops by default
AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"` AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"`
// TerminatedPodGCThreshold is the number of terminated pods that can exist
// terminatedPodGCThreshold is the number of terminated pods that can exist
// before the terminated pod garbage collector starts deleting terminated pods. // before the terminated pod garbage collector starts deleting terminated pods.
// If <= 0, the terminated pod garbage collector is disabled. // If <= 0, the terminated pod garbage collector is disabled.
TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"` TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"`
// UseServiceAccountCredentials controls whether we use individual service account credentials for each controller. // UseServiceAccountCredentials controls whether we use individual service account credentials for each controller.
UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"` UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"`
} }
// KubeSchedulerConfig is the configuration for the kube-scheduler
type KubeSchedulerConfig struct { type KubeSchedulerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is a url to the kube master
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the logging level
LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// LeaderElection defines the configuration of leader election client.
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// port is the port that the scheduler's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on.
//Address string `json:"address"`
//// algorithmProvider is the scheduling algorithm provider to use.
//AlgorithmProvider string `json:"algorithmProvider"`
//// policyConfigFile is the filepath to the scheduler policy configuration.
//PolicyConfigFile string `json:"policyConfigFile"`
//// enableProfiling enables profiling via web interface.
//EnableProfiling bool `json:"enableProfiling"`
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the QPS burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// schedulerName is name of the scheduler, used to select which pods
//// will be processed by this scheduler, based on pod's annotation with
//// key 'scheduler.alpha.kubernetes.io/name'.
//SchedulerName string `json:"schedulerName"`
//// RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule
//// corresponding to every RequiredDuringScheduling affinity rule.
//// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 0-100.
//HardPodAffinitySymmetricWeight int `json:"hardPodAffinitySymmetricWeight"`
//// Indicate the "all topologies" set for empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.
//FailureDomains string `json:"failureDomains"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
} }
@ -693,24 +295,9 @@ type LeaderElectionConfiguration struct {
// before executing the main loop. Enable this when running replicated // before executing the main loop. Enable this when running replicated
// components for high availability. // components for high availability.
LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"` LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"`
//// leaseDuration is the duration that non-leader candidates will wait
//// after observing a leadership renewal until attempting to acquire
//// leadership of a led but unrenewed leader slot. This is effectively the
//// maximum duration that a leader can be stopped before it is replaced
//// by another candidate. This is only applicable if leader election is
//// enabled.
//LeaseDuration unversioned.Duration `json:"leaseDuration"`
//// renewDeadline is the interval between attempts by the acting master to
//// renew a leadership slot before it stops leading. This must be less
//// than or equal to the lease duration. This is only applicable if leader
//// election is enabled.
//RenewDeadline unversioned.Duration `json:"renewDeadline"`
//// retryPeriod is the duration the clients should wait between attempting
//// acquisition and renewal of a leadership. This is only applicable if
//// leader election is enabled.
//RetryPeriod unversioned.Duration `json:"retryPeriod"`
} }
// CloudConfiguration is defines the cloud provider configuration
type CloudConfiguration struct { type CloudConfiguration struct {
// GCE cloud-config options // GCE cloud-config options
Multizone *bool `json:"multizone,omitempty"` Multizone *bool `json:"multizone,omitempty"`
@ -719,7 +306,6 @@ type CloudConfiguration struct {
// AWS cloud-config options // AWS cloud-config options
DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"` DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"`
ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"` ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"`
// vSphere cloud-config specs // vSphere cloud-config specs
VSphereUsername *string `json:"vSphereUsername,omitempty"` VSphereUsername *string `json:"vSphereUsername,omitempty"`
VSpherePassword *string `json:"vSpherePassword,omitempty"` VSpherePassword *string `json:"vSpherePassword,omitempty"`

1
pkg/apis/kops/dockerconfig.go
View File

@ -16,6 +16,7 @@ limitations under the License.
package kops package kops
// DockerConfig is the configuration for docker
type DockerConfig struct { type DockerConfig struct {
Bridge *string `json:"bridge,omitempty" flag:"bridge"` Bridge *string `json:"bridge,omitempty" flag:"bridge"`
LogLevel *string `json:"logLevel,omitempty" flag:"log-level"` LogLevel *string `json:"logLevel,omitempty" flag:"log-level"`

637
pkg/apis/kops/v1alpha1/componentconfig.go
View File

@ -18,165 +18,41 @@ package v1alpha1
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
// KubeletConfigSpec defines the kubelet configuration
type KubeletConfigSpec struct { type KubeletConfigSpec struct {
// not used for clusters version 1.6 and later // APIServers is not used for clusters version 1.6 and later - flag removed
APIServers string `json:"apiServers,omitempty" flag:"api-servers"` APIServers string `json:"apiServers,omitempty" flag:"api-servers"`
// AnonymousAuth permits you to control auth to the kubelet api
// AnonymousAuth chooses if you want anonymous auth on the kubelet api
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// ClientCAFile is the path to a file container the CA certificate // ClientCAFile is the path to a CA certificate
ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"` ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"`
// KubeconfigPath is the path of kubeconfig for the kubelet
// kubeconfigPath is the path to the kubeconfig file with authorization KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"`
// information and API server location // RequireKubeconfig indicates a kubeconfig is required
// kops will only use this for clusters version 1.6 and later RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"`
KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"` // LogLevel is the logging level of the kubelet
RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"` LogLevel *int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
LogLevel *int32 `json:"logLevel,omitempty" flag:"v"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
// config is the path to the config file or directory of files // config is the path to the config file or directory of files
PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"` PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"`
//// syncFrequency is the max period between synchronizing running // HostnameOverride is the hostname used to identify the kubelet instead of the actual hostname.
//// containers and config
//SyncFrequency unversioned.Duration `json:"syncFrequency"`
//// fileCheckFrequency is the duration between checking config files for
//// new data
//FileCheckFrequency unversioned.Duration `json:"fileCheckFrequency"`
//// httpCheckFrequency is the duration between checking http for new data
//HTTPCheckFrequency unversioned.Duration `json:"httpCheckFrequency"`
//// manifestURL is the URL for accessing the container manifest
//ManifestURL string `json:"manifestURL"`
//// manifestURLHeader is the HTTP header to use when accessing the manifest
//// URL, with the key separated from the value with a ':', as in 'key:value'
//ManifestURLHeader string `json:"manifestURLHeader"`
//// enableServer enables the Kubelet's server
//EnableServer bool `json:"enableServer"`
//// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
//// for all interfaces)
//Address string `json:"address"`
//// port is the port for the Kubelet to serve on.
//Port uint `json:"port"`
//// readOnlyPort is the read-only port for the Kubelet to serve on with
//// no authentication/authorization (set to 0 to disable)
//ReadOnlyPort uint `json:"readOnlyPort"`
//// tLSCertFile is the file containing x509 Certificate for HTTPS. (CA cert,
//// if any, concatenated after server cert). If tlsCertFile and
//// tlsPrivateKeyFile are not provided, a self-signed certificate
//// and key are generated for the public address and saved to the directory
//// passed to certDir.
//TLSCertFile string `json:"tlsCertFile"`
//// tLSPrivateKeyFile is the ile containing x509 private key matching
//// tlsCertFile.
//TLSPrivateKeyFile string `json:"tlsPrivateKeyFile"`
//// certDirectory is the directory where the TLS certs are located (by
//// default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile
//// are provided, this flag will be ignored.
//CertDirectory string `json:"certDirectory"`
// hostnameOverride is the hostname used to identify the kubelet instead
// of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// podInfraContainerImage is the image whose network/ipc namespaces // PodInfraContainerImage is the image whose network/ipc containers in each pod will use.
// containers in each pod will use.
PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"` PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"`
//// dockerEndpoint is the path to the docker endpoint to communicate with. // SeccompProfileRoot is the directory path for seccomp profiles.
//DockerEndpoint string `json:"dockerEndpoint"` SeccompProfileRoot *string `json:"seccompProfileRoot,omitempty" flag:"seccomp-profile-root"`
//// rootDirectory is the directory path to place kubelet files (volume // AllowPrivileged enables containers to request privileged mode (defaults to false)
//// mounts,etc).
//RootDirectory string `json:"rootDirectory"`
//// seccompProfileRoot is the directory path for seccomp profiles.
//SeccompProfileRoot string `json:"seccompProfileRoot"`
// allowPrivileged enables containers to request privileged mode.
// Defaults to false.
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
//// hostNetworkSources is a comma-separated list of sources from which the // EnableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands
//// Kubelet allows pods to use of host network. Defaults to "*".
//HostNetworkSources []string `json:"hostNetworkSources"`
//// hostPIDSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host pid namespace. Defaults to "*".
//HostPIDSources []string `json:"hostPIDSources"`
//// hostIPCSources is a comma-separated list of sources from which the
//// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
//HostIPCSources []string `json:"hostIPCSources"`
//// registryPullQPS is the limit of registry pulls per second. If 0,
//// unlimited. Set to 0 for no limit. Defaults to 5.0.
//RegistryPullQPS float64 `json:"registryPullQPS"`
//// registryBurst is the maximum size of a bursty pulls, temporarily allows
//// pulls to burst to this number, while still not exceeding registryQps.
//// Only used if registryQps > 0.
//RegistryBurst int32 `json:"registryBurst"`
//// eventRecordQPS is the maximum event creations per second. If 0, there
//// is no limit enforced.
//EventRecordQPS float32 `json:"eventRecordQPS"`
//// eventBurst is the maximum size of a bursty event records, temporarily
//// allows event records to burst to this number, while still not exceeding
//// event-qps. Only used if eventQps > 0
//EventBurst int32 `json:"eventBurst"`
// enableDebuggingHandlers enables server endpoints for log collection
// and local running of containers and commands
EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"` EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"`
//// minimumGCAge is the minimum age for a finished container before it is // RegisterNode enables automatic registration with the apiserver.
//// garbage collected. RegisterNode *bool `json:"registerNode,omitempty" flag:"register-node"`
//MinimumGCAge unversioned.Duration `json:"minimumGCAge"` // ClusterDomain is the DNS domain for this cluster
//// maxPerPodContainerCount is the maximum number of old instances to
//// retain per container. Each container takes up some disk space.
//MaxPerPodContainerCount int32 `json:"maxPerPodContainerCount"`
//// maxContainerCount is the maximum number of old instances of containers
//// to retain globally. Each container takes up some disk space.
//MaxContainerCount int32 `json:"maxContainerCount"`
//// cAdvisorPort is the port of the localhost cAdvisor endpoint
//CAdvisorPort uint `json:"cAdvisorPort"`
//// healthzPort is the port of the localhost healthz endpoint
//HealthzPort int32 `json:"healthzPort"`
//// healthzBindAddress is the IP address for the healthz server to serve
//// on.
//HealthzBindAddress string `json:"healthzBindAddress"`
//// oomScoreAdj is The oom-score-adj value for kubelet process. Values
//// must be within the range [-1000, 1000].
//OOMScoreAdj int32 `json:"oomScoreAdj"`
//// registerNode enables automatic registration with the apiserver.
//RegisterNode bool `json:"registerNode"`
// clusterDomain is the DNS domain for this cluster. If set, kubelet will
// configure all containers to search this domain in addition to the
// host's search domains.
ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"` ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"`
//// masterServiceNamespace is The namespace from which the kubernetes // ClusterDNS is the IP address for a cluster DNS server
//// master services should be injected into pods.
//MasterServiceNamespace string `json:"masterServiceNamespace"`
// clusterDNS is the IP address for a cluster DNS server. If set, kubelet
// will configure all containers to use this for DNS resolution in
// addition to the host's DNS servers
ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"` ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"`
//// streamingConnectionIdleTimeout is the maximum time a streaming connection // NetworkPluginName is the name of the network plugin to be invoked for various events in kubelet/pod lifecycle
//// can be idle before the connection is automatically closed.
//StreamingConnectionIdleTimeout unversioned.Duration `json:"streamingConnectionIdleTimeout"`
//// nodeStatusUpdateFrequency is the frequency that kubelet posts node
//// status to master. Note: be cautious when changing the constant, it
//// must work with nodeMonitorGracePeriod in nodecontroller.
//NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
//// minimumGCAge is the minimum age for a unused image before it is
//// garbage collected.
//ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
//// lowDiskSpaceThresholdMB is the absolute free disk space, in MB, to
//// maintain. When disk space falls below this threshold, new pods would
//// be rejected.
//LowDiskSpaceThresholdMB int32 `json:"lowDiskSpaceThresholdMB"`
//// How frequently to calculate and cache volume disk usage for all pods
//VolumeStatsAggPeriod unversioned.Duration `json:"volumeStatsAggPeriod"`
// networkPluginName is the name of the network plugin to be invoked for
// various events in kubelet/pod lifecycle
NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"` NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"`
//// networkPluginDir is the full path of the directory in which to search // CloudProvider is the provider for cloud services.
//// for network plugins
//NetworkPluginDir string `json:"networkPluginDir"`
//// volumePluginDir is the full path of the directory in which to search
//// for additional third party volume plugins
//VolumePluginDir string `json:"volumePluginDir"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in. // KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"` KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"`
@ -186,30 +62,9 @@ type KubeletConfigSpec struct {
// all non-kernel processes that are not already in a container. Empty // all non-kernel processes that are not already in a container. Empty
// for no container. Rolling back the flag requires a reboot. // for no container. Rolling back the flag requires a reboot.
SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"` SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"`
// cgroupRoot is the root cgroup to use for pods. This is handled by the // cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis.
// container runtime on a best effort basis.
CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"` CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"`
//// containerRuntime is the container runtime to use. // configureCBR0 enables the kublet to configure cbr0 based on Node.Spec.PodCIDR.
//ContainerRuntime string `json:"containerRuntime"`
//// rktPath is the path of rkt binary. Leave empty to use the first rkt in
//// $PATH.
//RktPath string `json:"rktPath,omitempty"`
//// rktApiEndpoint is the endpoint of the rkt API service to communicate with.
//RktAPIEndpoint string `json:"rktAPIEndpoint,omitempty"`
//// rktStage1Image is the image to use as stage1. Local paths and
//// http/https URLs are supported.
//RktStage1Image string `json:"rktStage1Image,omitempty"`
//// lockFilePath is the path that kubelet will use to as a lock file.
//// It uses this file as a lock to synchronize with other kubelet processes
//// that may be running.
//LockFilePath string `json:"lockFilePath"`
//// ExitOnLockContention is a flag that signifies to the kubelet that it is running
//// in "bootstrap" mode. This requires that 'LockFilePath' has been set.
//// This will cause the kubelet to listen to inotify events on the lock file,
//// releasing it and exiting when another process tries to open that file.
//ExitOnLockContention bool `json:"exitOnLockContention"`
// configureCBR0 enables the kublet to configure cbr0 based on
// Node.Spec.PodCIDR.
ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"` ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"`
// How should the kubelet configure the container bridge for hairpin packets. // How should the kubelet configure the container bridge for hairpin packets.
// Setting this flag allows endpoints in a Service to loadbalance back to // Setting this flag allows endpoints in a Service to loadbalance back to
@ -221,92 +76,44 @@ type KubeletConfigSpec struct {
// one must set --hairpin-mode=veth-flag, because bridge assumes the // one must set --hairpin-mode=veth-flag, because bridge assumes the
// existence of a container bridge named cbr0. // existence of a container bridge named cbr0.
HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"` HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"`
// The node has babysitter process monitoring docker and kubelet. Removed as of 1.7
// The node has babysitter process monitoring docker and kubelet.
// Removed as of 1.7
BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"` BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"`
// MaxPods is the number of pods that can run on this Kubelet.
// maxPods is the number of pods that can run on this Kubelet.
MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"` MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"`
// NvidiaGPUs is the number of NVIDIA GPU devices on this node.
// nvidiaGPUs is the number of NVIDIA GPU devices on this node. NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus" flag-empty:"0"`
NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus"` // PodCIDR is the CIDR to use for pod IP addresses, only used in standalone mode.
//// dockerExecHandlerName is the handler to use when executing a command
//// in a container. Valid values are 'native' and 'nsenter'. Defaults to
//// 'native'.
//DockerExecHandlerName string `json:"dockerExecHandlerName"`
// The CIDR to use for pod IP addresses, only used in standalone mode.
// In cluster mode, this is obtained from the master. // In cluster mode, this is obtained from the master.
PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"` PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"`
// ResolverConfig is the resolver configuration file used as the basis // ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration."), []
// for the container DNS resolution configuration."), []
ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"` ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"`
//// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that // ReconcileCIDR is Reconcile node CIDR with the CIDR specified by the
//// specify CPU limits
//CPUCFSQuota bool `json:"cpuCFSQuota"`
//// containerized should be set to true if kubelet is running in a container.
//Containerized bool `json:"containerized"`
//// maxOpenFiles is Number of files that can be opened by Kubelet process.
//MaxOpenFiles uint64 `json:"maxOpenFiles"`
// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
// API server. No-op if register-node or configure-cbr0 is false. // API server. No-op if register-node or configure-cbr0 is false.
ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"` ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"`
// registerSchedulable tells the kubelet to register the node as // registerSchedulable tells the kubelet to register the node as schedulable. No-op if register-node is false.
// schedulable. No-op if register-node is false.
RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"` RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"`
//// contentType is contentType of requests sent to apiserver. //// SerializeImagePulls when enabled, tells the Kubelet to pull images one
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to allow while talking with kubernetes
//// apiserver
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// serializeImagePulls when enabled, tells the Kubelet to pull images one
//// at a time. We recommend *not* changing the default value on nodes that //// at a time. We recommend *not* changing the default value on nodes that
//// run docker daemon with version < 1.9 or an Aufs storage backend. //// run docker daemon with version < 1.9 or an Aufs storage backend.
//// Issue #10959 has more details. //// Issue #10959 has more details.
//SerializeImagePulls bool `json:"serializeImagePulls"` SerializeImagePulls *bool `json:"serializeImagePulls,omitempty" flag:"serialize-image-pulls"`
//// experimentalFlannelOverlay enables experimental support for starting the // NodeLabels to add when registering the node in the cluster.
//// kubelet with the default overlay network (flannel). Assumes flanneld
//// is already running in client mode.
//ExperimentalFlannelOverlay bool `json:"experimentalFlannelOverlay"`
//// outOfDiskTransitionFrequency is duration for which the kubelet has to
//// wait before transitioning out of out-of-disk node condition status.
//OutOfDiskTransitionFrequency unversioned.Duration `json:"outOfDiskTransitionFrequency,omitempty"`
//// nodeIP is IP address of the node. If set, kubelet will use this IP
//// address for the node.
//NodeIP string `json:"nodeIP,omitempty"`
// nodeLabels to add when registering the node in the cluster.
NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"` NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"`
// NonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"` NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"`
// Enable gathering custom metrics.
// enable gathering custom metrics.
EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"` EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"`
// NetworkPluginMTU is the MTU to be passed to the network plugin,
//// Maximum number of pods per core. Cannot exceed MaxPods
//PodsPerCore int32 `json:"podsPerCore"`
//// enableControllerAttachDetach enables the Attach/Detach controller to
//// manage attachment/detachment of volumes scheduled to this node, and
//// disables kubelet from executing any attach/detach operations
//EnableControllerAttachDetach bool `json:"enableControllerAttachDetach"`
// networkPluginMTU is the MTU to be passed to the network plugin,
// and overrides the default MTU for cases where it cannot be automatically // and overrides the default MTU for cases where it cannot be automatically
// computed (such as IPSEC). // computed (such as IPSEC).
NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"` NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"`
// ImageGCHighThresholdPercent is the percent of disk usage after which
// imageGCHighThresholdPercent is the percent of disk usage after which
// image garbage collection is always run. // image garbage collection is always run.
ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"` ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"`
// imageGCLowThresholdPercent is the percent of disk usage before which // ImageGCLowThresholdPercent is the percent of disk usage before which
// image garbage collection is never run. Lowest disk usage to garbage // image garbage collection is never run. Lowest disk usage to garbage
// collect to. // collect to.
ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"` ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"`
// Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'.
EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"` EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"`
// Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'.
@ -314,23 +121,18 @@ type KubeletConfigSpec struct {
// Comma-delimited list of grace periods for each soft eviction signal. For example, 'memory.available=30s'. // Comma-delimited list of grace periods for each soft eviction signal. For example, 'memory.available=30s'.
EvictionSoftGracePeriod string `json:"evictionSoftGracePeriod,omitempty" flag:"eviction-soft-grace-period"` EvictionSoftGracePeriod string `json:"evictionSoftGracePeriod,omitempty" flag:"eviction-soft-grace-period"`
// Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. // Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.
EvictionPressureTransitionPeriod *metav1.Duration `json:"evictionPressureTransitionPeriod,omitempty" flag:"eviction-pressure-transition-period"` EvictionPressureTransitionPeriod *metav1.Duration `json:"evictionPressureTransitionPeriod,omitempty" flag:"eviction-pressure-transition-period" flag-empty:"0s"`
// Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. // Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met.
EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period"` EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period" flag-empty:"0"`
// Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure. // Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.
EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"` EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"`
// The full path of the directory in which to search for additional third party volume plugins // The full path of the directory in which to search for additional third party volume plugins
VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"` VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"`
// Taints to add when registering a node in the cluster // Taints to add when registering a node in the cluster
Taints []string `json:"taints,omitempty" flag:"register-with-taints"` Taints []string `json:"taints,omitempty" flag:"register-with-taints"`
// FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features. // FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features.
FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"` FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"`
// Resource reservation for kubernetes system daemons like the kubelet, container runtime, node problem detector, etc.
// Resource reservation for kubernetes system daemons like the kubelet,
// container runtime, node problem detector, etc.
KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"` KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"`
// Control group for kube daemons. // Control group for kube daemons.
KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"` KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"`
@ -338,107 +140,75 @@ type KubeletConfigSpec struct {
SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"` SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"`
// Parent control group for OS system daemons. // Parent control group for OS system daemons.
SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"` SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"`
// Enforce Allocatable across pods whenever the overall usage across all pods // Enforce Allocatable across pods whenever the overall usage across all pods exceeds Allocatable.
// exceeds Allocatable.
EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"` EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"`
} }
// KubeProxyConfig defined the configuration for a proxy
type KubeProxyConfig struct { type KubeProxyConfig struct {
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// TODO: Better type ? // TODO: Better type ?
CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m" CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m"
// LogLevel is the logging level of the proxy
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// ClusterCIDR is the CIDR range of the pods in the cluster
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
//// for all interfaces)
//BindAddress string `json:"bindAddress"`
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
// bridge traffic coming from outside of the cluster. If not provided,
// no off-cluster bridging will be performed.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
// HostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
//// healthzBindAddress is the IP address for the health check server to serve on,
//// defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)
//HealthzBindAddress string `json:"healthzBindAddress"`
//// healthzPort is the port to bind the health check server. Use 0 to disable.
//HealthzPort int32 `json:"healthzPort"`
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// Master is the address of the Kubernetes API server (overrides any value in kubeconfig)
//// iptablesMasqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
//// the pure iptables proxy mode. Values must be within the range [0, 31].
//IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit"`
//// iptablesSyncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
//// '2h22m'). Must be greater than 0.
//IPTablesSyncPeriod unversioned.Duration `json:"iptablesSyncPeriodSeconds"`
//// kubeconfigPath is the path to the kubeconfig file with authorization information (the
//// master location is set by the master flag).
//KubeconfigPath string `json:"kubeconfigPath"`
//// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
//MasqueradeAll bool `json:"masqueradeAll"`
// master is the address of the Kubernetes API server (overrides any value in kubeconfig)
Master string `json:"master,omitempty" flag:"master"` Master string `json:"master,omitempty" flag:"master"`
//// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within // FeatureGates is a series of key pairs used to switch on features for the proxy
//// the range [-1000, 1000] FeatureGates []string `json:"feature-gates" flag:"feature-gates"`
//OOMScoreAdj *int32 `json:"oomScoreAdj"`
//// mode specifies which proxy mode to use.
//Mode ProxyMode `json:"mode"`
//// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
//// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
//PortRange string `json:"portRange"`
//// resourceContainer is the bsolute name of the resource-only container to create and run
//// the Kube-proxy in (Default: /kube-proxy).
//ResourceContainer string `json:"resourceContainer"`
//// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
//// Must be greater than 0. Only applicable for proxyMode=userspace.
//UDPIdleTimeout unversioned.Duration `json:"udpTimeoutMilliseconds"`
//// conntrackMax is the maximum number of NAT connections to track (0 to leave as-is)")
//ConntrackMax int32 `json:"conntrackMax"`
//// conntrackTCPEstablishedTimeout is how long an idle UDP connection will be kept open
//// (e.g. '250ms', '2s'). Must be greater than 0. Only applicable for proxyMode is Userspace
//ConntrackTCPEstablishedTimeout unversioned.Duration `json:"conntrackTCPEstablishedTimeout"`
} }
// KubeAPIServerConfig defines the configuration for the kube api
type KubeAPIServerConfig struct { type KubeAPIServerConfig struct {
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"` // Image is the docker container used
PathSrvSshproxy string `json:"pathSrvSshproxy,omitempty"` Image string `json:"image,omitempty"`
Image string `json:"image,omitempty"` // LogLevel is the logging level of the api
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` // CloudProvider is the name of the cloudProvider we are using, aws, gce etcd
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` // SecurePort is the port the kube runs on
SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"` SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"`
InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"` // InsecurePort is the port the insecure api runs
Address string `json:"address,omitempty" flag:"address"` InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"`
EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"` // Address is the binding address for the kube api
EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"` Address string `json:"address,omitempty" flag:"address"`
AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"` // AdmissionControl is a list of admission controllers to user
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"` AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"`
ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"` // ServiceClusterIPRange is the service address range
BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"` ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"`
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"` // EtcdServers is a list of the etcd service to connect
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"` EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"`
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"` // EtcdServersOverrides is per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"`
APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"` // TODO: Remove unused BasicAuthFile
RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"` BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"`
// TODO: Remove unused ClientCAFile
ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"`
// TODO: Remove unused TLSCertFile
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"`
// TODO: Remove unused TLSPrivateKeyFile
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"`
// TODO: Remove unused TokenAuthFile
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"`
// AllowPrivileged indicates if we can run privileged containers
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
// APIServerCount is the number of api servers
APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"`
// RuntimeConfig is a series of keys/values are parsed into the `--runtime-config` parameters
RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"`
// KubeletClientCertificate is the path of a certificate for secure communication between api and kubelet
KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"` KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"`
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"` // KubeletClientKey is the path of a private to secure communication between api and kubelet
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"`
// AnonymousAuth indicates if anonymous authentication is permitted
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// KubeletPreferredAddressTypes is a list of the preferred NodeAddressTypes to use for kubelet connections
KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"` KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"`
// StorageBackend is the backend storage
StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"` StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"`
// The OpenID claim to use as the user name. // The OpenID claim to use as the user name.
// Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. // Note that claims other than the default ('sub') is not guaranteed to be unique and immutable.
OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"` OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"`
@ -451,9 +221,7 @@ type KubeAPIServerConfig struct {
// The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set. // The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"` OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"`
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
// If set, all requests coming to the apiserver will be logged to this file. // If set, all requests coming to the apiserver will be logged to this file.
AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"` AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"`
// The maximum number of days to retain old audit log files based on the timestamp encoded in their filename. // The maximum number of days to retain old audit log files based on the timestamp encoded in their filename.
@ -462,206 +230,61 @@ type KubeAPIServerConfig struct {
AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"` AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"`
// The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB. // The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB.
AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"` AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"`
// File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens. // File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens.
AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"` AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"`
// The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s) // The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s)
AuthenticationTokenWebhookCacheTtl *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"` AuthenticationTokenWebhookCacheTTL *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"`
// AuthorizationMode is the authorization mode the kubeapi is running in
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"` AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
// AuthorizationRBACSuperUser is the name of the superuser for default rbac
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"` AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
// KubeControllerManagerConfig is the configuration for the controller
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is the url for the kube api master
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the defined logLevel
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// ServiceAccountPrivateKeyFile the location for a certificate for service account signing
ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"` ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// CloudProvider is the provider for cloud services.
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// port is the port that the controller-manager's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on (set to 0.0.0.0 for all interfaces).
//Address string `json:"address"`
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
//// concurrentEndpointSyncs is the number of endpoint syncing operations // ClusterName is the instance prefix for the cluster.
//// that will be done concurrently. Larger number = faster endpoint updating,
//// but more CPU (and network) load.
//ConcurrentEndpointSyncs int32 `json:"concurrentEndpointSyncs"`
//// concurrentRSSyncs is the number of replica sets that are allowed to sync
//// concurrently. Larger number = more responsive replica management, but more
//// CPU (and network) load.
//ConcurrentRSSyncs int32 `json:"concurrentRSSyncs"`
//// concurrentRCSyncs is the number of replication controllers that are
//// allowed to sync concurrently. Larger number = more responsive replica
//// management, but more CPU (and network) load.
//ConcurrentRCSyncs int32 `json:"concurrentRCSyncs"`
//// concurrentResourceQuotaSyncs is the number of resource quotas that are
//// allowed to sync concurrently. Larger number = more responsive quota
//// management, but more CPU (and network) load.
//ConcurrentResourceQuotaSyncs int32 `json:"concurrentResourceQuotaSyncs"`
//// concurrentDeploymentSyncs is the number of deployment objects that are
//// allowed to sync concurrently. Larger number = more responsive deployments,
//// but more CPU (and network) load.
//ConcurrentDeploymentSyncs int32 `json:"concurrentDeploymentSyncs"`
//// concurrentDaemonSetSyncs is the number of daemonset objects that are
//// allowed to sync concurrently. Larger number = more responsive daemonset,
//// but more CPU (and network) load.
//ConcurrentDaemonSetSyncs int32 `json:"concurrentDaemonSetSyncs"`
//// concurrentJobSyncs is the number of job objects that are
//// allowed to sync concurrently. Larger number = more responsive jobs,
//// but more CPU (and network) load.
//ConcurrentJobSyncs int32 `json:"concurrentJobSyncs"`
//// concurrentNamespaceSyncs is the number of namespace objects that are
//// allowed to sync concurrently.
//ConcurrentNamespaceSyncs int32 `json:"concurrentNamespaceSyncs"`
//// lookupCacheSizeForRC is the size of lookup cache for replication controllers.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRC int32 `json:"lookupCacheSizeForRC"`
//// lookupCacheSizeForRS is the size of lookup cache for replicatsets.
//// Larger number = more responsive replica management, but more MEM load.
//LookupCacheSizeForRS int32 `json:"lookupCacheSizeForRS"`
//// lookupCacheSizeForDaemonSet is the size of lookup cache for daemonsets.
//// Larger number = more responsive daemonset, but more MEM load.
//LookupCacheSizeForDaemonSet int32 `json:"lookupCacheSizeForDaemonSet"`
//// serviceSyncPeriod is the period for syncing services with their external
//// load balancers.
//ServiceSyncPeriod unversioned.Duration `json:"serviceSyncPeriod"`
//// nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer
//// periods will result in fewer calls to cloud provider, but may delay addition
//// of new nodes to cluster.
//NodeSyncPeriod unversioned.Duration `json:"nodeSyncPeriod"`
//// resourceQuotaSyncPeriod is the period for syncing quota usage status
//// in the system.
//ResourceQuotaSyncPeriod unversioned.Duration `json:"resourceQuotaSyncPeriod"`
//// namespaceSyncPeriod is the period for syncing namespace life-cycle
//// updates.
//NamespaceSyncPeriod unversioned.Duration `json:"namespaceSyncPeriod"`
//// pvClaimBinderSyncPeriod is the period for syncing persistent volumes
//// and persistent volume claims.
//PVClaimBinderSyncPeriod unversioned.Duration `json:"pvClaimBinderSyncPeriod"`
//// minResyncPeriod is the resync period in reflectors; will be random between
//// minResyncPeriod and 2*minResyncPeriod.
//MinResyncPeriod unversioned.Duration `json:"minResyncPeriod"`
//// horizontalPodAutoscalerSyncPeriod is the period for syncing the number of
//// pods in horizontal pod autoscaler.
//HorizontalPodAutoscalerSyncPeriod unversioned.Duration `json:"horizontalPodAutoscalerSyncPeriod"`
//// deploymentControllerSyncPeriod is the period for syncing the deployments.
//DeploymentControllerSyncPeriod unversioned.Duration `json:"deploymentControllerSyncPeriod"`
//// podEvictionTimeout is the grace period for deleting pods on failed nodes.
//PodEvictionTimeout unversioned.Duration `json:"podEvictionTimeout"`
//// deletingPodsQps is the number of nodes per second on which pods are deleted in
//// case of node failure.
//DeletingPodsQps float32 `json:"deletingPodsQps"`
//// deletingPodsBurst is the number of nodes on which pods are bursty deleted in
//// case of node failure. For more details look into RateLimiter.
//DeletingPodsBurst int32 `json:"deletingPodsBurst"`
//// nodeMontiorGracePeriod is the amount of time which we allow a running node to be
//// unresponsive before marking it unhealthy. Must be N times more than kubelet's
//// nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet
//// to post node status.
//NodeMonitorGracePeriod unversioned.Duration `json:"nodeMonitorGracePeriod"`
//// registerRetryCount is the number of retries for initial node registration.
//// Retry interval equals node-sync-period.
//RegisterRetryCount int32 `json:"registerRetryCount"`
//// nodeStartupGracePeriod is the amount of time which we allow starting a node to
//// be unresponsive before marking it unhealthy.
//NodeStartupGracePeriod unversioned.Duration `json:"nodeStartupGracePeriod"`
//// nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.
//NodeMonitorPeriod unversioned.Duration `json:"nodeMonitorPeriod"`
//// serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key
//// used to sign service account tokens.
//ServiceAccountKeyFile string `json:"serviceAccountKeyFile"`
//// enableProfiling enables profiling via web interface host:port/debug/pprof/
//EnableProfiling bool `json:"enableProfiling"`
// clusterName is the instance prefix for the cluster.
ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"` ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"`
// clusterCIDR is CIDR Range for Pods in cluster. // ClusterCIDR is CIDR Range for Pods in cluster.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
//// serviceCIDR is CIDR Range for Services in cluster. // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
//ServiceCIDR string `json:"serviceCIDR"`
//// NodeCIDRMaskSize is the mask size for node cidr in cluster.
//NodeCIDRMaskSize int32 `json:"nodeCIDRMaskSize"`
// allocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
// ConfigureCloudRoutes is true, to be set on the cloud provider. // ConfigureCloudRoutes is true, to be set on the cloud provider.
AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"` AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"`
// configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider.
// to be configured on the cloud provider.
ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"`
// rootCAFile is the root certificate authority will be included in service // rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.
// account's token secret. This must be a valid PEM-encoded CA bundle.
RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"` RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"`
//// contentType is contentType of requests sent to apiserver. // LeaderElection defines the configuration of leader election client.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
//// volumeConfiguration holds configuration for volume related features.
//VolumeConfiguration VolumeConfiguration `json:"volumeConfiguration"`
//// How long to wait between starting controller managers
//ControllerStartInterval unversioned.Duration `json:"controllerStartInterval"`
//// enables the generic garbage collector. MUST be synced with the
//// corresponding flag of the kube-apiserver. WARNING: the generic garbage
//// collector is an alpha feature.
//EnableGarbageCollector bool `json:"enableGarbageCollector"`
// ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop
// wait between successive executions. Is set to 1 min by kops by default // wait between successive executions. Is set to 1 min by kops by default
AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"` AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"`
// TerminatedPodGCThreshold is the number of terminated pods that can exist
// terminatedPodGCThreshold is the number of terminated pods that can exist
// before the terminated pod garbage collector starts deleting terminated pods. // before the terminated pod garbage collector starts deleting terminated pods.
// If <= 0, the terminated pod garbage collector is disabled. // If <= 0, the terminated pod garbage collector is disabled.
TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"` TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"`
// UseServiceAccountCredentials controls whether we use individual service account credentials for each controller. // UseServiceAccountCredentials controls whether we use individual service account credentials for each controller.
UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"` UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"`
} }
// KubeSchedulerConfig is the configuration for the kube-scheduler
type KubeSchedulerConfig struct { type KubeSchedulerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is a url to the kube master
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the logging level
LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// LeaderElection defines the configuration of leader election client.
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
//// port is the port that the scheduler's http service runs on.
//Port int32 `json:"port"`
//// address is the IP address to serve on.
//Address string `json:"address"`
//// algorithmProvider is the scheduling algorithm provider to use.
//AlgorithmProvider string `json:"algorithmProvider"`
//// policyConfigFile is the filepath to the scheduler policy configuration.
//PolicyConfigFile string `json:"policyConfigFile"`
//// enableProfiling enables profiling via web interface.
//EnableProfiling bool `json:"enableProfiling"`
//// contentType is contentType of requests sent to apiserver.
//ContentType string `json:"contentType"`
//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
//KubeAPIQPS float32 `json:"kubeAPIQPS"`
//// kubeAPIBurst is the QPS burst to use while talking with kubernetes apiserver.
//KubeAPIBurst int32 `json:"kubeAPIBurst"`
//// schedulerName is name of the scheduler, used to select which pods
//// will be processed by this scheduler, based on pod's annotation with
//// key 'scheduler.alpha.kubernetes.io/name'.
//SchedulerName string `json:"schedulerName"`
//// RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule
//// corresponding to every RequiredDuringScheduling affinity rule.
//// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 0-100.
//HardPodAffinitySymmetricWeight int `json:"hardPodAffinitySymmetricWeight"`
//// Indicate the "all topologies" set for empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.
//FailureDomains string `json:"failureDomains"`
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
} }
@ -672,24 +295,9 @@ type LeaderElectionConfiguration struct {
// before executing the main loop. Enable this when running replicated // before executing the main loop. Enable this when running replicated
// components for high availability. // components for high availability.
LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"` LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"`
//// leaseDuration is the duration that non-leader candidates will wait
//// after observing a leadership renewal until attempting to acquire
//// leadership of a led but unrenewed leader slot. This is effectively the
//// maximum duration that a leader can be stopped before it is replaced
//// by another candidate. This is only applicable if leader election is
//// enabled.
//LeaseDuration unversioned.Duration `json:"leaseDuration"`
//// renewDeadline is the interval between attempts by the acting master to
//// renew a leadership slot before it stops leading. This must be less
//// than or equal to the lease duration. This is only applicable if leader
//// election is enabled.
//RenewDeadline unversioned.Duration `json:"renewDeadline"`
//// retryPeriod is the duration the clients should wait between attempting
//// acquisition and renewal of a leadership. This is only applicable if
//// leader election is enabled.
//RetryPeriod unversioned.Duration `json:"retryPeriod"`
} }
// CloudConfiguration is defines the cloud provider configuration
type CloudConfiguration struct { type CloudConfiguration struct {
// GCE cloud-config options // GCE cloud-config options
Multizone *bool `json:"multizone,omitempty"` Multizone *bool `json:"multizone,omitempty"`
@ -698,13 +306,12 @@ type CloudConfiguration struct {
// AWS cloud-config options // AWS cloud-config options
DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"` DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"`
ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"` ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"`
// vSphere cloud-config specs // vSphere cloud-config specs
VSphereUsername *string `json:"vSphereUsername,omitempty"` VSphereUsername *string `json:"vSphereUsername,omitempty"`
VSpherePassword *string `json:"vSpherePassword,omitempty"` VSpherePassword *string `json:"vSpherePassword,omitempty"`
VSphereServer *string `json:"vSphereServer,omitempty"` VSphereServer *string `json:"vSphereServer,omitempty"`
VSphereDatacenter *string `json:"vSphereDatacenter,omitempty"` VSphereDatacenter *string `json:"vSphereDatacenter,omitempty"`
VSphereDatastore *string `json:"vSphereDatastore,omitempty"`
VSphereResourcePool *string `json:"vSphereResourcePool,omitempty"` VSphereResourcePool *string `json:"vSphereResourcePool,omitempty"`
VSphereDatastore *string `json:"vSphereDatastore,omitempty"`
VSphereCoreDNSServer *string `json:"vSphereCoreDNSServer,omitempty"` VSphereCoreDNSServer *string `json:"vSphereCoreDNSServer,omitempty"`
} }

1
pkg/apis/kops/v1alpha1/dockerconfig.go
View File

@ -16,6 +16,7 @@ limitations under the License.
package v1alpha1 package v1alpha1
// DockerConfig is the configuration for docker
type DockerConfig struct { type DockerConfig struct {
Bridge *string `json:"bridge,omitempty" flag:"bridge"` Bridge *string `json:"bridge,omitempty" flag:"bridge"`
LogLevel *string `json:"logLevel,omitempty" flag:"log-level"` LogLevel *string `json:"logLevel,omitempty" flag:"log-level"`

34
pkg/apis/kops/v1alpha1/zz_generated.conversion.go
View File

@ -392,8 +392,8 @@ func autoConvert_v1alpha1_CloudConfiguration_To_kops_CloudConfiguration(in *Clou
out.VSpherePassword = in.VSpherePassword out.VSpherePassword = in.VSpherePassword
out.VSphereServer = in.VSphereServer out.VSphereServer = in.VSphereServer
out.VSphereDatacenter = in.VSphereDatacenter out.VSphereDatacenter = in.VSphereDatacenter
out.VSphereDatastore = in.VSphereDatastore
out.VSphereResourcePool = in.VSphereResourcePool out.VSphereResourcePool = in.VSphereResourcePool
out.VSphereDatastore = in.VSphereDatastore
out.VSphereCoreDNSServer = in.VSphereCoreDNSServer out.VSphereCoreDNSServer = in.VSphereCoreDNSServer
return nil return nil
} }
@ -1361,20 +1361,18 @@ func Convert_kops_KopeioNetworkingSpec_To_v1alpha1_KopeioNetworkingSpec(in *kops
} }
func autoConvert_v1alpha1_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAPIServerConfig, out *kops.KubeAPIServerConfig, s conversion.Scope) error { func autoConvert_v1alpha1_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAPIServerConfig, out *kops.KubeAPIServerConfig, s conversion.Scope) error {
out.PathSrvKubernetes = in.PathSrvKubernetes
out.PathSrvSshproxy = in.PathSrvSshproxy
out.Image = in.Image out.Image = in.Image
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.SecurePort = in.SecurePort out.SecurePort = in.SecurePort
out.InsecurePort = in.InsecurePort out.InsecurePort = in.InsecurePort
out.Address = in.Address out.Address = in.Address
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.AdmissionControl = in.AdmissionControl out.AdmissionControl = in.AdmissionControl
out.ServiceClusterIPRange = in.ServiceClusterIPRange out.ServiceClusterIPRange = in.ServiceClusterIPRange
out.ClientCAFile = in.ClientCAFile out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.BasicAuthFile = in.BasicAuthFile out.BasicAuthFile = in.BasicAuthFile
out.ClientCAFile = in.ClientCAFile
out.TLSCertFile = in.TLSCertFile out.TLSCertFile = in.TLSCertFile
out.TLSPrivateKeyFile = in.TLSPrivateKeyFile out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
out.TokenAuthFile = in.TokenAuthFile out.TokenAuthFile = in.TokenAuthFile
@ -1396,7 +1394,7 @@ func autoConvert_v1alpha1_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *Ku
out.AuditLogMaxBackups = in.AuditLogMaxBackups out.AuditLogMaxBackups = in.AuditLogMaxBackups
out.AuditLogMaxSize = in.AuditLogMaxSize out.AuditLogMaxSize = in.AuditLogMaxSize
out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile
out.AuthenticationTokenWebhookCacheTtl = in.AuthenticationTokenWebhookCacheTtl out.AuthenticationTokenWebhookCacheTTL = in.AuthenticationTokenWebhookCacheTTL
out.AuthorizationMode = in.AuthorizationMode out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
@ -1408,28 +1406,26 @@ func Convert_v1alpha1_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAP
} }
func autoConvert_kops_KubeAPIServerConfig_To_v1alpha1_KubeAPIServerConfig(in *kops.KubeAPIServerConfig, out *KubeAPIServerConfig, s conversion.Scope) error { func autoConvert_kops_KubeAPIServerConfig_To_v1alpha1_KubeAPIServerConfig(in *kops.KubeAPIServerConfig, out *KubeAPIServerConfig, s conversion.Scope) error {
out.PathSrvKubernetes = in.PathSrvKubernetes
out.PathSrvSshproxy = in.PathSrvSshproxy
out.Image = in.Image out.Image = in.Image
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.SecurePort = in.SecurePort out.SecurePort = in.SecurePort
out.InsecurePort = in.InsecurePort out.InsecurePort = in.InsecurePort
out.Address = in.Address out.Address = in.Address
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.AdmissionControl = in.AdmissionControl out.AdmissionControl = in.AdmissionControl
out.ServiceClusterIPRange = in.ServiceClusterIPRange out.ServiceClusterIPRange = in.ServiceClusterIPRange
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.BasicAuthFile = in.BasicAuthFile out.BasicAuthFile = in.BasicAuthFile
out.ClientCAFile = in.ClientCAFile out.ClientCAFile = in.ClientCAFile
out.TLSCertFile = in.TLSCertFile out.TLSCertFile = in.TLSCertFile
out.TLSPrivateKeyFile = in.TLSPrivateKeyFile out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
out.KubeletClientCertificate = in.KubeletClientCertificate
out.KubeletClientKey = in.KubeletClientKey
out.TokenAuthFile = in.TokenAuthFile out.TokenAuthFile = in.TokenAuthFile
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.APIServerCount = in.APIServerCount out.APIServerCount = in.APIServerCount
out.RuntimeConfig = in.RuntimeConfig out.RuntimeConfig = in.RuntimeConfig
out.KubeletClientCertificate = in.KubeletClientCertificate
out.KubeletClientKey = in.KubeletClientKey
out.AnonymousAuth = in.AnonymousAuth out.AnonymousAuth = in.AnonymousAuth
out.KubeletPreferredAddressTypes = in.KubeletPreferredAddressTypes out.KubeletPreferredAddressTypes = in.KubeletPreferredAddressTypes
out.StorageBackend = in.StorageBackend out.StorageBackend = in.StorageBackend
@ -1443,7 +1439,7 @@ func autoConvert_kops_KubeAPIServerConfig_To_v1alpha1_KubeAPIServerConfig(in *ko
out.AuditLogMaxBackups = in.AuditLogMaxBackups out.AuditLogMaxBackups = in.AuditLogMaxBackups
out.AuditLogMaxSize = in.AuditLogMaxSize out.AuditLogMaxSize = in.AuditLogMaxSize
out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile
out.AuthenticationTokenWebhookCacheTtl = in.AuthenticationTokenWebhookCacheTtl out.AuthenticationTokenWebhookCacheTTL = in.AuthenticationTokenWebhookCacheTTL
out.AuthorizationMode = in.AuthorizationMode out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
@ -1459,7 +1455,6 @@ func autoConvert_v1alpha1_KubeControllerManagerConfig_To_kops_KubeControllerMana
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile
out.Image = in.Image out.Image = in.Image
out.PathSrvKubernetes = in.PathSrvKubernetes
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.ClusterName = in.ClusterName out.ClusterName = in.ClusterName
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
@ -1491,7 +1486,6 @@ func autoConvert_kops_KubeControllerManagerConfig_To_v1alpha1_KubeControllerMana
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile
out.Image = in.Image out.Image = in.Image
out.PathSrvKubernetes = in.PathSrvKubernetes
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.ClusterName = in.ClusterName out.ClusterName = in.ClusterName
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
@ -1551,6 +1545,7 @@ func autoConvert_v1alpha1_KubeProxyConfig_To_kops_KubeProxyConfig(in *KubeProxyC
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.Master = in.Master out.Master = in.Master
out.FeatureGates = in.FeatureGates
return nil return nil
} }
@ -1566,6 +1561,7 @@ func autoConvert_kops_KubeProxyConfig_To_v1alpha1_KubeProxyConfig(in *kops.KubeP
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.Master = in.Master out.Master = in.Master
out.FeatureGates = in.FeatureGates
return nil return nil
} }
@ -1626,8 +1622,10 @@ func autoConvert_v1alpha1_KubeletConfigSpec_To_kops_KubeletConfigSpec(in *Kubele
out.PodManifestPath = in.PodManifestPath out.PodManifestPath = in.PodManifestPath
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.PodInfraContainerImage = in.PodInfraContainerImage out.PodInfraContainerImage = in.PodInfraContainerImage
out.SeccompProfileRoot = in.SeccompProfileRoot
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.EnableDebuggingHandlers = in.EnableDebuggingHandlers out.EnableDebuggingHandlers = in.EnableDebuggingHandlers
out.RegisterNode = in.RegisterNode
out.ClusterDomain = in.ClusterDomain out.ClusterDomain = in.ClusterDomain
out.ClusterDNS = in.ClusterDNS out.ClusterDNS = in.ClusterDNS
out.NetworkPluginName = in.NetworkPluginName out.NetworkPluginName = in.NetworkPluginName
@ -1645,6 +1643,7 @@ func autoConvert_v1alpha1_KubeletConfigSpec_To_kops_KubeletConfigSpec(in *Kubele
out.ResolverConfig = in.ResolverConfig out.ResolverConfig = in.ResolverConfig
out.ReconcileCIDR = in.ReconcileCIDR out.ReconcileCIDR = in.ReconcileCIDR
out.RegisterSchedulable = in.RegisterSchedulable out.RegisterSchedulable = in.RegisterSchedulable
out.SerializeImagePulls = in.SerializeImagePulls
out.NodeLabels = in.NodeLabels out.NodeLabels = in.NodeLabels
out.NonMasqueradeCIDR = in.NonMasqueradeCIDR out.NonMasqueradeCIDR = in.NonMasqueradeCIDR
out.EnableCustomMetrics = in.EnableCustomMetrics out.EnableCustomMetrics = in.EnableCustomMetrics
@ -1683,8 +1682,10 @@ func autoConvert_kops_KubeletConfigSpec_To_v1alpha1_KubeletConfigSpec(in *kops.K
out.PodManifestPath = in.PodManifestPath out.PodManifestPath = in.PodManifestPath
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.PodInfraContainerImage = in.PodInfraContainerImage out.PodInfraContainerImage = in.PodInfraContainerImage
out.SeccompProfileRoot = in.SeccompProfileRoot
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.EnableDebuggingHandlers = in.EnableDebuggingHandlers out.EnableDebuggingHandlers = in.EnableDebuggingHandlers
out.RegisterNode = in.RegisterNode
out.ClusterDomain = in.ClusterDomain out.ClusterDomain = in.ClusterDomain
out.ClusterDNS = in.ClusterDNS out.ClusterDNS = in.ClusterDNS
out.NetworkPluginName = in.NetworkPluginName out.NetworkPluginName = in.NetworkPluginName
@ -1702,6 +1703,7 @@ func autoConvert_kops_KubeletConfigSpec_To_v1alpha1_KubeletConfigSpec(in *kops.K
out.ResolverConfig = in.ResolverConfig out.ResolverConfig = in.ResolverConfig
out.ReconcileCIDR = in.ReconcileCIDR out.ReconcileCIDR = in.ReconcileCIDR
out.RegisterSchedulable = in.RegisterSchedulable out.RegisterSchedulable = in.RegisterSchedulable
out.SerializeImagePulls = in.SerializeImagePulls
out.NodeLabels = in.NodeLabels out.NodeLabels = in.NodeLabels
out.NonMasqueradeCIDR = in.NonMasqueradeCIDR out.NonMasqueradeCIDR = in.NonMasqueradeCIDR
out.EnableCustomMetrics = in.EnableCustomMetrics out.EnableCustomMetrics = in.EnableCustomMetrics

286
pkg/apis/kops/v1alpha2/componentconfig.go
View File

@ -18,52 +18,41 @@ package v1alpha2
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
// KubeletConfigSpec defines the kubelet configuration
type KubeletConfigSpec struct { type KubeletConfigSpec struct {
// not used for clusters version 1.6 and later // APIServers is not used for clusters version 1.6 and later - flag removed
APIServers string `json:"apiServers,omitempty" flag:"api-servers"` APIServers string `json:"apiServers,omitempty" flag:"api-servers"`
// AnonymousAuth permits you to control auth to the kubelet api
// AnonymousAuth chooses if you want anonymous auth on the kubelet api
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// The client CA which the requestes for the above must be signed by // ClientCAFile is the path to a CA certificate
ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"` ClientCAFile string `json:"clientCaFile,omitempty" flag:"client-ca-file"`
// KubeconfigPath is the path of kubeconfig for the kubelet
// kubeconfigPath is the path to the kubeconfig file with authorization KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"`
// information and API server location // RequireKubeconfig indicates a kubeconfig is required
// kops will only use this for clusters version 1.6 and later RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"`
KubeconfigPath string `json:"kubeconfigPath,omitempty" flag:"kubeconfig"` // LogLevel is the logging level of the kubelet
RequireKubeconfig *bool `json:"requireKubeconfig,omitempty" flag:"require-kubeconfig"` LogLevel *int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// config is the path to the config file or directory of files
LogLevel *int32 `json:"logLevel,omitempty" flag:"v"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"` PodManifestPath string `json:"podManifestPath,omitempty" flag:"pod-manifest-path"`
// hostnameOverride is the hostname used to identify the kubelet instead // HostnameOverride is the hostname used to identify the kubelet instead of the actual hostname.
// of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// podInfraContainerImage is the image whose network/ipc namespaces // PodInfraContainerImage is the image whose network/ipc containers in each pod will use.
// containers in each pod will use.
PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"` PodInfraContainerImage string `json:"podInfraContainerImage,omitempty" flag:"pod-infra-container-image"`
// allowPrivileged enables containers to request privileged mode. // SeccompProfileRoot is the directory path for seccomp profiles.
// Defaults to false. SeccompProfileRoot *string `json:"seccompProfileRoot,omitempty" flag:"seccomp-profile-root"`
// AllowPrivileged enables containers to request privileged mode (defaults to false)
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
// enableDebuggingHandlers enables server endpoints for log collection // EnableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands
// and local running of containers and commands
EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"` EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"`
// clusterDomain is the DNS domain for this cluster. If set, kubelet will // RegisterNode enables automatic registration with the apiserver.
// configure all containers to search this domain in addition to the RegisterNode *bool `json:"registerNode,omitempty" flag:"register-node"`
// host's search domains. // ClusterDomain is the DNS domain for this cluster
ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"` ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"`
// clusterDNS is the IP address for a cluster DNS server. If set, kubelet // ClusterDNS is the IP address for a cluster DNS server
// will configure all containers to use this for DNS resolution in
// addition to the host's DNS servers
ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"` ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"`
// networkPluginName is the name of the network plugin to be invoked for // NetworkPluginName is the name of the network plugin to be invoked for various events in kubelet/pod lifecycle
// various events in kubelet/pod lifecycle
NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"` NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"`
// cloudProvider is the provider for cloud services. // CloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in. // KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"` KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"`
@ -73,11 +62,9 @@ type KubeletConfigSpec struct {
// all non-kernel processes that are not already in a container. Empty // all non-kernel processes that are not already in a container. Empty
// for no container. Rolling back the flag requires a reboot. // for no container. Rolling back the flag requires a reboot.
SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"` SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"`
// cgroupRoot is the root cgroup to use for pods. This is handled by the // cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis.
// container runtime on a best effort basis.
CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"` CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"`
// configureCBR0 enables the kublet to configure cbr0 based on // configureCBR0 enables the kublet to configure cbr0 based on Node.Spec.PodCIDR.
// Node.Spec.PodCIDR.
ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"` ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"`
// How should the kubelet configure the container bridge for hairpin packets. // How should the kubelet configure the container bridge for hairpin packets.
// Setting this flag allows endpoints in a Service to loadbalance back to // Setting this flag allows endpoints in a Service to loadbalance back to
@ -89,53 +76,44 @@ type KubeletConfigSpec struct {
// one must set --hairpin-mode=veth-flag, because bridge assumes the // one must set --hairpin-mode=veth-flag, because bridge assumes the
// existence of a container bridge named cbr0. // existence of a container bridge named cbr0.
HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"` HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"`
// The node has babysitter process monitoring docker and kubelet. Removed as of 1.7
// The node has babysitter process monitoring docker and kubelet.
// Removed as of 1.7
BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"` BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"`
// MaxPods is the number of pods that can run on this Kubelet.
// maxPods is the number of pods that can run on this Kubelet.
MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"` MaxPods *int32 `json:"maxPods,omitempty" flag:"max-pods"`
// NvidiaGPUs is the number of NVIDIA GPU devices on this node.
// nvidiaGPUs is the number of NVIDIA GPU devices on this node. NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus" flag-empty:"0"`
NvidiaGPUs int32 `json:"nvidiaGPUs,omitempty" flag:"experimental-nvidia-gpus"` // PodCIDR is the CIDR to use for pod IP addresses, only used in standalone mode.
// The CIDR to use for pod IP addresses, only used in standalone mode.
// In cluster mode, this is obtained from the master. // In cluster mode, this is obtained from the master.
PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"` PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"`
// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the // ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration."), []
ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"`
// ReconcileCIDR is Reconcile node CIDR with the CIDR specified by the
// API server. No-op if register-node or configure-cbr0 is false. // API server. No-op if register-node or configure-cbr0 is false.
ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"` ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"`
// registerSchedulable tells the kubelet to register the node as // registerSchedulable tells the kubelet to register the node as schedulable. No-op if register-node is false.
// schedulable. No-op if register-node is false.
RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"` RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"`
//// SerializeImagePulls when enabled, tells the Kubelet to pull images one
// ResolverConfig is the resolver configuration file used as the basis //// at a time. We recommend *not* changing the default value on nodes that
// for the container DNS resolution configuration."), [] //// run docker daemon with version < 1.9 or an Aufs storage backend.
ResolverConfig *string `json:"resolvConf,omitempty" flag:"resolv-conf" flag-include-empty:"true"` //// Issue #10959 has more details.
SerializeImagePulls *bool `json:"serializeImagePulls,omitempty" flag:"serialize-image-pulls"`
// nodeLabels to add when registering the node in the cluster. // NodeLabels to add when registering the node in the cluster.
NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"` NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"`
// NonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"` NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"`
// Enable gathering custom metrics.
// enable gathering custom metrics.
EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"` EnableCustomMetrics *bool `json:"enableCustomMetrics,omitempty" flag:"enable-custom-metrics"`
// NetworkPluginMTU is the MTU to be passed to the network plugin,
// networkPluginMTU is the MTU to be passed to the network plugin,
// and overrides the default MTU for cases where it cannot be automatically // and overrides the default MTU for cases where it cannot be automatically
// computed (such as IPSEC). // computed (such as IPSEC).
NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"` NetworkPluginMTU *int32 `json:"networkPluginMTU,omitempty" flag:"network-plugin-mtu"`
// ImageGCHighThresholdPercent is the percent of disk usage after which
// imageGCHighThresholdPercent is the percent of disk usage after which
// image garbage collection is always run. // image garbage collection is always run.
ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"` ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty" flag:"image-gc-high-threshold"`
// imageGCLowThresholdPercent is the percent of disk usage before which // ImageGCLowThresholdPercent is the percent of disk usage before which
// image garbage collection is never run. Lowest disk usage to garbage // image garbage collection is never run. Lowest disk usage to garbage
// collect to. // collect to.
ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"` ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty" flag:"image-gc-low-threshold"`
// Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of hard eviction expressions. For example, 'memory.available<300Mi'.
EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"` EvictionHard *string `json:"evictionHard,omitempty" flag:"eviction-hard"`
// Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'. // Comma-delimited list of soft eviction expressions. For example, 'memory.available<300Mi'.
@ -143,23 +121,18 @@ type KubeletConfigSpec struct {
// Comma-delimited list of grace periods for each soft eviction signal. For example, 'memory.available=30s'. // Comma-delimited list of grace periods for each soft eviction signal. For example, 'memory.available=30s'.
EvictionSoftGracePeriod string `json:"evictionSoftGracePeriod,omitempty" flag:"eviction-soft-grace-period"` EvictionSoftGracePeriod string `json:"evictionSoftGracePeriod,omitempty" flag:"eviction-soft-grace-period"`
// Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. // Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.
EvictionPressureTransitionPeriod *metav1.Duration `json:"evictionPressureTransitionPeriod,omitempty" flag:"eviction-pressure-transition-period"` EvictionPressureTransitionPeriod *metav1.Duration `json:"evictionPressureTransitionPeriod,omitempty" flag:"eviction-pressure-transition-period" flag-empty:"0s"`
// Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. // Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met.
EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period"` EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty" flag:"eviction-max-pod-grace-period" flag-empty:"0"`
// Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure. // Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.
EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"` EvictionMinimumReclaim string `json:"evictionMinimumReclaim,omitempty" flag:"eviction-minimum-reclaim"`
// The full path of the directory in which to search for additional third party volume plugins // The full path of the directory in which to search for additional third party volume plugins
VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"` VolumePluginDirectory string `json:"volumePluginDirectory,omitempty" flag:"volume-plugin-dir"`
// Taints to add when registering a node in the cluster // Taints to add when registering a node in the cluster
Taints []string `json:"taints,omitempty" flag:"register-with-taints"` Taints []string `json:"taints,omitempty" flag:"register-with-taints"`
// FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features. // FeatureGates is set of key=value pairs that describe feature gates for alpha/experimental features.
FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"` FeatureGates map[string]string `json:"featureGates,omitempty" flag:"feature-gates"`
// Resource reservation for kubernetes system daemons like the kubelet, container runtime, node problem detector, etc.
// Resource reservation for kubernetes system daemons like the kubelet,
// container runtime, node problem detector, etc.
KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"` KubeReserved map[string]string `json:"kubeReserved,omitempty" flag:"kube-reserved"`
// Control group for kube daemons. // Control group for kube daemons.
KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"` KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty" flag:"kube-reserved-cgroup"`
@ -167,70 +140,75 @@ type KubeletConfigSpec struct {
SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"` SystemReserved map[string]string `json:"systemReserved,omitempty" flag:"system-reserved"`
// Parent control group for OS system daemons. // Parent control group for OS system daemons.
SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"` SystemReservedCgroup string `json:"systemReservedCgroup,omitempty" flag:"system-reserved-cgroup"`
// Enforce Allocatable across pods whenever the overall usage across all pods // Enforce Allocatable across pods whenever the overall usage across all pods exceeds Allocatable.
// exceeds Allocatable.
EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"` EnforceNodeAllocatable string `json:"enforceNodeAllocatable,omitempty" flag:"enforce-node-allocatable"`
} }
// KubeProxyConfig defined the configuration for a proxy
type KubeProxyConfig struct { type KubeProxyConfig struct {
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// TODO: Better type ? // TODO: Better type ?
CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m" CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m"
// LogLevel is the logging level of the proxy
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// ClusterCIDR is the CIDR range of the pods in the cluster
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
// Note: We recognize some additional values:
// @aws uses the hostname from the AWS metadata service
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// master is the address of the Kubernetes API server (overrides any value in kubeconfig)
Master string `json:"master,omitempty" flag:"master"`
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
// bridge traffic coming from outside of the cluster. If not provided,
// no off-cluster bridging will be performed.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
// HostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
// Master is the address of the Kubernetes API server (overrides any value in kubeconfig)
Master string `json:"master,omitempty" flag:"master"`
// FeatureGates is a series of key pairs used to switch on features for the proxy
FeatureGates []string `json:"feature-gates" flag:"feature-gates"`
} }
// KubeAPIServerConfig defines the configuration for the kube api
type KubeAPIServerConfig struct { type KubeAPIServerConfig struct {
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"` // Image is the docker container used
PathSrvSshproxy string `json:"pathSrvSshproxy,omitempty"` Image string `json:"image,omitempty"`
Image string `json:"image,omitempty"` // LogLevel is the logging level of the api
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` // CloudProvider is the name of the cloudProvider we are using, aws, gce etcd
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` // SecurePort is the port the kube runs on
SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"` SecurePort int32 `json:"securePort,omitempty" flag:"secure-port"`
InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"` // InsecurePort is the port the insecure api runs
Address string `json:"address,omitempty" flag:"address"` InsecurePort int32 `json:"insecurePort,omitempty" flag:"insecure-port"`
EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"` // Address is the binding address for the kube api
EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"` Address string `json:"address,omitempty" flag:"address"`
AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"` // AdmissionControl is a list of admission controllers to user
ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"` AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"`
ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"` // ServiceClusterIPRange is the service address range
BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"` ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"`
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"` // EtcdServers is a list of the etcd service to connect
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"` EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"`
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"` // EtcdServersOverrides is per-resource etcd servers overrides, comma separated. The individual override format: group/resource#servers, where servers are http://ip:port, semicolon separated
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"` EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"`
APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"` // TODO: Remove unused BasicAuthFile
// keys and values in RuntimeConfig are parsed into the `--runtime-config` parameter BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"`
// for KubeAPIServer, concatenated with commas. ex: `--runtime-config=key1=value1,key2=value2`. // TODO: Remove unused ClientCAFile
// Use this to enable alpha resources on kube-apiserver ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"`
// TODO: Remove unused TLSCertFile
TLSCertFile string `json:"tlsCertFile,omitempty" flag:"tls-cert-file"`
// TODO: Remove unused TLSPrivateKeyFile
TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"`
// TODO: Remove unused TokenAuthFile
TokenAuthFile string `json:"tokenAuthFile,omitempty" flag:"token-auth-file"`
// AllowPrivileged indicates if we can run privileged containers
AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
// APIServerCount is the number of api servers
APIServerCount *int32 `json:"apiServerCount,omitempty" flag:"apiserver-count"`
// RuntimeConfig is a series of keys/values are parsed into the `--runtime-config` parameters
RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"` RuntimeConfig map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"`
// KubeletClientCertificate is the path of a certificate for secure communication between api and kubelet
KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"` KubeletClientCertificate string `json:"kubeletClientCertificate,omitempty" flag:"kubelet-client-certificate"`
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"` // KubeletClientKey is the path of a private to secure communication between api and kubelet
KubeletClientKey string `json:"kubeletClientKey,omitempty" flag:"kubelet-client-key"`
// AnonymousAuth indicates if anonymous authentication is permitted
AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"` AnonymousAuth *bool `json:"anonymousAuth,omitempty" flag:"anonymous-auth"`
// KubeletPreferredAddressTypes is a list of the preferred NodeAddressTypes to use for kubelet connections
KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"` KubeletPreferredAddressTypes []string `json:"kubeletPreferredAddressTypes,omitempty" flag:"kubelet-preferred-address-types"`
// StorageBackend is the backend storage
StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"` StorageBackend *string `json:"storageBackend,omitempty" flag:"storage-backend"`
// The OpenID claim to use as the user name. // The OpenID claim to use as the user name.
// Note that claims other than the default ('sub') is not guaranteed to be unique and immutable. // Note that claims other than the default ('sub') is not guaranteed to be unique and immutable.
OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"` OIDCUsernameClaim *string `json:"oidcUsernameClaim,omitempty" flag:"oidc-username-claim"`
@ -243,9 +221,7 @@ type KubeAPIServerConfig struct {
// The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set. // The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"` OIDCClientID *string `json:"oidcClientID,omitempty" flag:"oidc-client-id"`
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
// If set, all requests coming to the apiserver will be logged to this file. // If set, all requests coming to the apiserver will be logged to this file.
AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"` AuditLogPath *string `json:"auditLogPath,omitempty" flag:"audit-log-path"`
// The maximum number of days to retain old audit log files based on the timestamp encoded in their filename. // The maximum number of days to retain old audit log files based on the timestamp encoded in their filename.
@ -254,67 +230,61 @@ type KubeAPIServerConfig struct {
AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"` AuditLogMaxBackups *int32 `json:"auditLogMaxBackups,omitempty" flag:"audit-log-maxbackup"`
// The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB. // The maximum size in megabytes of the audit log file before it gets rotated. Defaults to 100MB.
AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"` AuditLogMaxSize *int32 `json:"auditLogMaxSize,omitempty" flag:"audit-log-maxsize"`
// File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens. // File with webhook configuration for token authentication in kubeconfig format. The API server will query the remote service to determine authentication for bearer tokens.
AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"` AuthenticationTokenWebhookConfigFile *string `json:"authenticationTokenWebhookConfigFile,omitempty" flag:"authentication-token-webhook-config-file"`
// The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s) // The duration to cache responses from the webhook token authenticator. Default is 2m. (default 2m0s)
AuthenticationTokenWebhookCacheTtl *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"` AuthenticationTokenWebhookCacheTTL *metav1.Duration `json:"authenticationTokenWebhookCacheTtl,omitempty" flag:"authentication-token-webhook-cache-ttl"`
// AuthorizationMode is the authorization mode the kubeapi is running in
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"` AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
// AuthorizationRBACSuperUser is the name of the superuser for default rbac
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"` AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
// KubeControllerManagerConfig is the configuration for the controller
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is the url for the kube api master
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the defined logLevel
LogLevel int32 `json:"logLevel,omitempty" flag:"v" flag-empty:"0"`
// ServiceAccountPrivateKeyFile the location for a certificate for service account signing
ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"` ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// CloudProvider is the provider for cloud services.
PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
// cloudProvider is the provider for cloud services.
CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
// clusterName is the instance prefix for the cluster. // ClusterName is the instance prefix for the cluster.
ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"` ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"`
// clusterCIDR is CIDR Range for Pods in cluster. // ClusterCIDR is CIDR Range for Pods in cluster.
ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"` ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
// allocateNodeCIDRs enables CIDRs for Pods to be allocated and, if // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
// ConfigureCloudRoutes is true, to be set on the cloud provider. // ConfigureCloudRoutes is true, to be set on the cloud provider.
AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"` AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"`
// configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider.
// to be configured on the cloud provider.
ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"`
// rootCAFile is the root certificate authority will be included in service // rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.
// account's token secret. This must be a valid PEM-encoded CA bundle.
RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"` RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"`
// leaderElection defines the configuration of leader election client. // LeaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
// ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop
// wait between successive executions. Is set to 1 min by kops by default // wait between successive executions. Is set to 1 min by kops by default
AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"` AttachDetachReconcileSyncPeriod *metav1.Duration `json:"attachDetachReconcileSyncPeriod,omitempty" flag:"attach-detach-reconcile-sync-period"`
// TerminatedPodGCThreshold is the number of terminated pods that can exist
// terminatedPodGCThreshold is the number of terminated pods that can exist
// before the terminated pod garbage collector starts deleting terminated pods. // before the terminated pod garbage collector starts deleting terminated pods.
// If <= 0, the terminated pod garbage collector is disabled. // If <= 0, the terminated pod garbage collector is disabled.
TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"` TerminatedPodGCThreshold *int32 `json:"terminatedPodGCThreshold,omitempty" flag:"terminated-pod-gc-threshold"`
// UseServiceAccountCredentials controls whether we use individual service account credentials for each controller. // UseServiceAccountCredentials controls whether we use individual service account credentials for each controller.
UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"` UseServiceAccountCredentials *bool `json:"useServiceAccountCredentials,omitempty" flag:"use-service-account-credentials"`
} }
// KubeSchedulerConfig is the configuration for the kube-scheduler
type KubeSchedulerConfig struct { type KubeSchedulerConfig struct {
Master string `json:"master,omitempty" flag:"master"` // Master is a url to the kube master
LogLevel int32 `json:"logLevel,omitempty" flag:"v"` Master string `json:"master,omitempty" flag:"master"`
// LogLevel is the logging level
LogLevel int32 `json:"logLevel,omitempty" flag:"v"`
// Image is the docker image to use
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// LeaderElection defines the configuration of leader election client.
// Configuration flags - a subset of https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/componentconfig/types.go
// leaderElection defines the configuration of leader election client.
LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"` LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
} }
@ -327,6 +297,7 @@ type LeaderElectionConfiguration struct {
LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"` LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"`
} }
// CloudConfiguration is defines the cloud provider configuration
type CloudConfiguration struct { type CloudConfiguration struct {
// GCE cloud-config options // GCE cloud-config options
Multizone *bool `json:"multizone,omitempty"` Multizone *bool `json:"multizone,omitempty"`
@ -335,13 +306,12 @@ type CloudConfiguration struct {
// AWS cloud-config options // AWS cloud-config options
DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"` DisableSecurityGroupIngress *bool `json:"disableSecurityGroupIngress,omitempty"`
ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"` ElbSecurityGroup *string `json:"elbSecurityGroup,omitempty"`
// vSphere cloud-config specs // vSphere cloud-config specs
VSphereUsername *string `json:"vSphereUsername,omitempty"` VSphereUsername *string `json:"vSphereUsername,omitempty"`
VSpherePassword *string `json:"vSpherePassword,omitempty"` VSpherePassword *string `json:"vSpherePassword,omitempty"`
VSphereServer *string `json:"vSphereServer,omitempty"` VSphereServer *string `json:"vSphereServer,omitempty"`
VSphereDatacenter *string `json:"vSphereDatacenter,omitempty"` VSphereDatacenter *string `json:"vSphereDatacenter,omitempty"`
VSphereDatastore *string `json:"vSphereDatastore,omitempty"`
VSphereResourcePool *string `json:"vSphereResourcePool,omitempty"` VSphereResourcePool *string `json:"vSphereResourcePool,omitempty"`
VSphereDatastore *string `json:"vSphereDatastore,omitempty"`
VSphereCoreDNSServer *string `json:"vSphereCoreDNSServer,omitempty"` VSphereCoreDNSServer *string `json:"vSphereCoreDNSServer,omitempty"`
} }

1
pkg/apis/kops/v1alpha2/dockerconfig.go
View File

@ -16,6 +16,7 @@ limitations under the License.
package v1alpha2 package v1alpha2
// DockerConfig is the configuration for docker
type DockerConfig struct { type DockerConfig struct {
Bridge *string `json:"bridge,omitempty" flag:"bridge"` Bridge *string `json:"bridge,omitempty" flag:"bridge"`
LogLevel *string `json:"logLevel,omitempty" flag:"log-level"` LogLevel *string `json:"logLevel,omitempty" flag:"log-level"`

38
pkg/apis/kops/v1alpha2/zz_generated.conversion.go
View File

@ -420,8 +420,8 @@ func autoConvert_v1alpha2_CloudConfiguration_To_kops_CloudConfiguration(in *Clou
out.VSpherePassword = in.VSpherePassword out.VSpherePassword = in.VSpherePassword
out.VSphereServer = in.VSphereServer out.VSphereServer = in.VSphereServer
out.VSphereDatacenter = in.VSphereDatacenter out.VSphereDatacenter = in.VSphereDatacenter
out.VSphereDatastore = in.VSphereDatastore
out.VSphereResourcePool = in.VSphereResourcePool out.VSphereResourcePool = in.VSphereResourcePool
out.VSphereDatastore = in.VSphereDatastore
out.VSphereCoreDNSServer = in.VSphereCoreDNSServer out.VSphereCoreDNSServer = in.VSphereCoreDNSServer
return nil return nil
} }
@ -1469,20 +1469,18 @@ func Convert_kops_KopeioNetworkingSpec_To_v1alpha2_KopeioNetworkingSpec(in *kops
} }
func autoConvert_v1alpha2_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAPIServerConfig, out *kops.KubeAPIServerConfig, s conversion.Scope) error { func autoConvert_v1alpha2_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAPIServerConfig, out *kops.KubeAPIServerConfig, s conversion.Scope) error {
out.PathSrvKubernetes = in.PathSrvKubernetes
out.PathSrvSshproxy = in.PathSrvSshproxy
out.Image = in.Image out.Image = in.Image
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.SecurePort = in.SecurePort out.SecurePort = in.SecurePort
out.InsecurePort = in.InsecurePort out.InsecurePort = in.InsecurePort
out.Address = in.Address out.Address = in.Address
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.AdmissionControl = in.AdmissionControl out.AdmissionControl = in.AdmissionControl
out.ServiceClusterIPRange = in.ServiceClusterIPRange out.ServiceClusterIPRange = in.ServiceClusterIPRange
out.ClientCAFile = in.ClientCAFile out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.BasicAuthFile = in.BasicAuthFile out.BasicAuthFile = in.BasicAuthFile
out.ClientCAFile = in.ClientCAFile
out.TLSCertFile = in.TLSCertFile out.TLSCertFile = in.TLSCertFile
out.TLSPrivateKeyFile = in.TLSPrivateKeyFile out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
out.TokenAuthFile = in.TokenAuthFile out.TokenAuthFile = in.TokenAuthFile
@ -1504,7 +1502,7 @@ func autoConvert_v1alpha2_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *Ku
out.AuditLogMaxBackups = in.AuditLogMaxBackups out.AuditLogMaxBackups = in.AuditLogMaxBackups
out.AuditLogMaxSize = in.AuditLogMaxSize out.AuditLogMaxSize = in.AuditLogMaxSize
out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile
out.AuthenticationTokenWebhookCacheTtl = in.AuthenticationTokenWebhookCacheTtl out.AuthenticationTokenWebhookCacheTTL = in.AuthenticationTokenWebhookCacheTTL
out.AuthorizationMode = in.AuthorizationMode out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
@ -1516,28 +1514,26 @@ func Convert_v1alpha2_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *KubeAP
} }
func autoConvert_kops_KubeAPIServerConfig_To_v1alpha2_KubeAPIServerConfig(in *kops.KubeAPIServerConfig, out *KubeAPIServerConfig, s conversion.Scope) error { func autoConvert_kops_KubeAPIServerConfig_To_v1alpha2_KubeAPIServerConfig(in *kops.KubeAPIServerConfig, out *KubeAPIServerConfig, s conversion.Scope) error {
out.PathSrvKubernetes = in.PathSrvKubernetes
out.PathSrvSshproxy = in.PathSrvSshproxy
out.Image = in.Image out.Image = in.Image
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.SecurePort = in.SecurePort out.SecurePort = in.SecurePort
out.InsecurePort = in.InsecurePort out.InsecurePort = in.InsecurePort
out.Address = in.Address out.Address = in.Address
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.AdmissionControl = in.AdmissionControl out.AdmissionControl = in.AdmissionControl
out.ServiceClusterIPRange = in.ServiceClusterIPRange out.ServiceClusterIPRange = in.ServiceClusterIPRange
out.EtcdServers = in.EtcdServers
out.EtcdServersOverrides = in.EtcdServersOverrides
out.BasicAuthFile = in.BasicAuthFile out.BasicAuthFile = in.BasicAuthFile
out.ClientCAFile = in.ClientCAFile out.ClientCAFile = in.ClientCAFile
out.TLSCertFile = in.TLSCertFile out.TLSCertFile = in.TLSCertFile
out.TLSPrivateKeyFile = in.TLSPrivateKeyFile out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
out.KubeletClientCertificate = in.KubeletClientCertificate
out.KubeletClientKey = in.KubeletClientKey
out.TokenAuthFile = in.TokenAuthFile out.TokenAuthFile = in.TokenAuthFile
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.APIServerCount = in.APIServerCount out.APIServerCount = in.APIServerCount
out.RuntimeConfig = in.RuntimeConfig out.RuntimeConfig = in.RuntimeConfig
out.KubeletClientCertificate = in.KubeletClientCertificate
out.KubeletClientKey = in.KubeletClientKey
out.AnonymousAuth = in.AnonymousAuth out.AnonymousAuth = in.AnonymousAuth
out.KubeletPreferredAddressTypes = in.KubeletPreferredAddressTypes out.KubeletPreferredAddressTypes = in.KubeletPreferredAddressTypes
out.StorageBackend = in.StorageBackend out.StorageBackend = in.StorageBackend
@ -1551,7 +1547,7 @@ func autoConvert_kops_KubeAPIServerConfig_To_v1alpha2_KubeAPIServerConfig(in *ko
out.AuditLogMaxBackups = in.AuditLogMaxBackups out.AuditLogMaxBackups = in.AuditLogMaxBackups
out.AuditLogMaxSize = in.AuditLogMaxSize out.AuditLogMaxSize = in.AuditLogMaxSize
out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile out.AuthenticationTokenWebhookConfigFile = in.AuthenticationTokenWebhookConfigFile
out.AuthenticationTokenWebhookCacheTtl = in.AuthenticationTokenWebhookCacheTtl out.AuthenticationTokenWebhookCacheTTL = in.AuthenticationTokenWebhookCacheTTL
out.AuthorizationMode = in.AuthorizationMode out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
@ -1567,7 +1563,6 @@ func autoConvert_v1alpha2_KubeControllerManagerConfig_To_kops_KubeControllerMana
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile
out.Image = in.Image out.Image = in.Image
out.PathSrvKubernetes = in.PathSrvKubernetes
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.ClusterName = in.ClusterName out.ClusterName = in.ClusterName
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
@ -1599,7 +1594,6 @@ func autoConvert_kops_KubeControllerManagerConfig_To_v1alpha2_KubeControllerMana
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile out.ServiceAccountPrivateKeyFile = in.ServiceAccountPrivateKeyFile
out.Image = in.Image out.Image = in.Image
out.PathSrvKubernetes = in.PathSrvKubernetes
out.CloudProvider = in.CloudProvider out.CloudProvider = in.CloudProvider
out.ClusterName = in.ClusterName out.ClusterName = in.ClusterName
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
@ -1656,9 +1650,10 @@ func autoConvert_v1alpha2_KubeProxyConfig_To_kops_KubeProxyConfig(in *KubeProxyC
out.Image = in.Image out.Image = in.Image
out.CPURequest = in.CPURequest out.CPURequest = in.CPURequest
out.LogLevel = in.LogLevel out.LogLevel = in.LogLevel
out.ClusterCIDR = in.ClusterCIDR
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.Master = in.Master out.Master = in.Master
out.ClusterCIDR = in.ClusterCIDR out.FeatureGates = in.FeatureGates
return nil return nil
} }
@ -1674,6 +1669,7 @@ func autoConvert_kops_KubeProxyConfig_To_v1alpha2_KubeProxyConfig(in *kops.KubeP
out.ClusterCIDR = in.ClusterCIDR out.ClusterCIDR = in.ClusterCIDR
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.Master = in.Master out.Master = in.Master
out.FeatureGates = in.FeatureGates
return nil return nil
} }
@ -1734,8 +1730,10 @@ func autoConvert_v1alpha2_KubeletConfigSpec_To_kops_KubeletConfigSpec(in *Kubele
out.PodManifestPath = in.PodManifestPath out.PodManifestPath = in.PodManifestPath
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.PodInfraContainerImage = in.PodInfraContainerImage out.PodInfraContainerImage = in.PodInfraContainerImage
out.SeccompProfileRoot = in.SeccompProfileRoot
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.EnableDebuggingHandlers = in.EnableDebuggingHandlers out.EnableDebuggingHandlers = in.EnableDebuggingHandlers
out.RegisterNode = in.RegisterNode
out.ClusterDomain = in.ClusterDomain out.ClusterDomain = in.ClusterDomain
out.ClusterDNS = in.ClusterDNS out.ClusterDNS = in.ClusterDNS
out.NetworkPluginName = in.NetworkPluginName out.NetworkPluginName = in.NetworkPluginName
@ -1750,9 +1748,10 @@ func autoConvert_v1alpha2_KubeletConfigSpec_To_kops_KubeletConfigSpec(in *Kubele
out.MaxPods = in.MaxPods out.MaxPods = in.MaxPods
out.NvidiaGPUs = in.NvidiaGPUs out.NvidiaGPUs = in.NvidiaGPUs
out.PodCIDR = in.PodCIDR out.PodCIDR = in.PodCIDR
out.ResolverConfig = in.ResolverConfig
out.ReconcileCIDR = in.ReconcileCIDR out.ReconcileCIDR = in.ReconcileCIDR
out.RegisterSchedulable = in.RegisterSchedulable out.RegisterSchedulable = in.RegisterSchedulable
out.ResolverConfig = in.ResolverConfig out.SerializeImagePulls = in.SerializeImagePulls
out.NodeLabels = in.NodeLabels out.NodeLabels = in.NodeLabels
out.NonMasqueradeCIDR = in.NonMasqueradeCIDR out.NonMasqueradeCIDR = in.NonMasqueradeCIDR
out.EnableCustomMetrics = in.EnableCustomMetrics out.EnableCustomMetrics = in.EnableCustomMetrics
@ -1791,8 +1790,10 @@ func autoConvert_kops_KubeletConfigSpec_To_v1alpha2_KubeletConfigSpec(in *kops.K
out.PodManifestPath = in.PodManifestPath out.PodManifestPath = in.PodManifestPath
out.HostnameOverride = in.HostnameOverride out.HostnameOverride = in.HostnameOverride
out.PodInfraContainerImage = in.PodInfraContainerImage out.PodInfraContainerImage = in.PodInfraContainerImage
out.SeccompProfileRoot = in.SeccompProfileRoot
out.AllowPrivileged = in.AllowPrivileged out.AllowPrivileged = in.AllowPrivileged
out.EnableDebuggingHandlers = in.EnableDebuggingHandlers out.EnableDebuggingHandlers = in.EnableDebuggingHandlers
out.RegisterNode = in.RegisterNode
out.ClusterDomain = in.ClusterDomain out.ClusterDomain = in.ClusterDomain
out.ClusterDNS = in.ClusterDNS out.ClusterDNS = in.ClusterDNS
out.NetworkPluginName = in.NetworkPluginName out.NetworkPluginName = in.NetworkPluginName
@ -1810,6 +1811,7 @@ func autoConvert_kops_KubeletConfigSpec_To_v1alpha2_KubeletConfigSpec(in *kops.K
out.ResolverConfig = in.ResolverConfig out.ResolverConfig = in.ResolverConfig
out.ReconcileCIDR = in.ReconcileCIDR out.ReconcileCIDR = in.ReconcileCIDR
out.RegisterSchedulable = in.RegisterSchedulable out.RegisterSchedulable = in.RegisterSchedulable
out.SerializeImagePulls = in.SerializeImagePulls
out.NodeLabels = in.NodeLabels out.NodeLabels = in.NodeLabels
out.NonMasqueradeCIDR = in.NonMasqueradeCIDR out.NonMasqueradeCIDR = in.NonMasqueradeCIDR
out.EnableCustomMetrics = in.EnableCustomMetrics out.EnableCustomMetrics = in.EnableCustomMetrics

25
pkg/apis/nodeup/config.go
View File

@ -16,52 +16,35 @@ limitations under the License.
package nodeup package nodeup
import ( // Config is the configuration for the nodeup binary
//"k8s.io/kops/upup/pkg/fi" type Config struct {
)
type NodeUpConfig struct {
// Tags enable/disable chunks of the model // Tags enable/disable chunks of the model
Tags []string `json:",omitempty"` Tags []string `json:",omitempty"`
// Assets are locations where we can find files to be installed // Assets are locations where we can find files to be installed
// TODO: Remove once everything is in containers? // TODO: Remove once everything is in containers?
Assets []string `json:",omitempty"` Assets []string `json:",omitempty"`
// Images are a list of images we should preload // Images are a list of images we should preload
Images []*Image `json:"images,omitempty"` Images []*Image `json:"images,omitempty"`
// ConfigBase is the base VFS path for config objects // ConfigBase is the base VFS path for config objects
ConfigBase *string `json:",omitempty"` ConfigBase *string `json:",omitempty"`
// ClusterLocation is the VFS path to the cluster spec (deprecated: prefer ConfigBase)
// ClusterLocation is the VFS path to the cluster spec
// Deprecated: prefer ConfigBase
ClusterLocation *string `json:",omitempty"` ClusterLocation *string `json:",omitempty"`
// InstanceGroupName is the name of the instance group // InstanceGroupName is the name of the instance group
InstanceGroupName string `json:",omitempty"` InstanceGroupName string `json:",omitempty"`
// ClusterName is the name of the cluster // ClusterName is the name of the cluster
// Technically this is redundant - it is in ClusterLocation, but this can serve as a cross-check,
// and it allows us to more easily identify the cluster, for example when we are deleting resources.
ClusterName string `json:",omitempty"` ClusterName string `json:",omitempty"`
// ProtokubeImage is the docker image to load for protokube (bootstrapping) // ProtokubeImage is the docker image to load for protokube (bootstrapping)
ProtokubeImage *Image `json:"protokubeImage,omitempty"` ProtokubeImage *Image `json:"protokubeImage,omitempty"`
// Channels is a list of channels that we should apply // Channels is a list of channels that we should apply
Channels []string `json:"channels,omitempty"` Channels []string `json:"channels,omitempty"`
} }
// Image is a docker image we should pre-load // Image is a docker image we should pre-load
type Image struct { type Image struct {
// Name is the name of the tagged image // This is the name we would pass to "docker run", whereas source could be a URL from which we would download an image.
// This is the name we would pass to "docker run", whereas source could be a URL from which
// we would download an image.
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
// Source is the URL from which we should download the image // Source is the URL from which we should download the image
Source string `json:"source,omitempty"` Source string `json:"source,omitempty"`
// Hash is the hash of the file, to verify image integrity (even over http) // Hash is the hash of the file, to verify image integrity (even over http)
Hash string `json:"hash,omitempty"` Hash string `json:"hash,omitempty"`
} }

13
pkg/flagbuilder/build_flags.go
View File

@ -20,12 +20,13 @@ import (
"fmt" "fmt"
"reflect" "reflect"
"sort" "sort"
"strconv"
"strings" "strings"
"github.com/golang/glog"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/kops/upup/pkg/fi/utils" "k8s.io/kops/upup/pkg/fi/utils"
"strconv"
"github.com/golang/glog"
) )
// BuildFlags builds flag arguments based on "flag" tags on the structure // BuildFlags builds flag arguments based on "flag" tags on the structure
@ -98,9 +99,9 @@ func BuildFlags(options interface{}) (string, error) {
flags = append(flags, flag) flags = append(flags, flag)
} }
return utils.SkipReflection return utils.SkipReflection
} else {
return fmt.Errorf("BuildFlags of value type not handled: %T %s=%v", val.Interface(), path, val.Interface())
} }
return fmt.Errorf("BuildFlags of value type not handled: %T %s=%v", val.Interface(), path, val.Interface())
} }
if val.Kind() == reflect.Slice { if val.Kind() == reflect.Slice {
@ -121,9 +122,9 @@ func BuildFlags(options interface{}) (string, error) {
} }
} }
return utils.SkipReflection return utils.SkipReflection
} else {
return fmt.Errorf("BuildFlags of value type not handled: %T %s=%v", val.Interface(), path, val.Interface())
} }
return fmt.Errorf("BuildFlags of value type not handled: %T %s=%v", val.Interface(), path, val.Interface())
} }
var flag string var flag string

7
pkg/model/bootstrapscript.go
View File

@ -18,19 +18,20 @@ package model
import ( import (
"fmt" "fmt"
"os"
"text/template"
"k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/pkg/apis/nodeup" "k8s.io/kops/pkg/apis/nodeup"
"k8s.io/kops/pkg/model/resources" "k8s.io/kops/pkg/model/resources"
"k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi"
"os"
"text/template"
) )
// BootstrapScript creates the bootstrap script // BootstrapScript creates the bootstrap script
type BootstrapScript struct { type BootstrapScript struct {
NodeUpSource string NodeUpSource string
NodeUpSourceHash string NodeUpSourceHash string
NodeUpConfigBuilder func(ig *kops.InstanceGroup) (*nodeup.NodeUpConfig, error) NodeUpConfigBuilder func(ig *kops.InstanceGroup) (*nodeup.Config, error)
} }
func (b *BootstrapScript) ResourceNodeUp(ig *kops.InstanceGroup) (*fi.ResourceHolder, error) { func (b *BootstrapScript) ResourceNodeUp(ig *kops.InstanceGroup) (*fi.ResourceHolder, error) {

8
upup/pkg/fi/assetstore.go
View File

@ -18,16 +18,18 @@ package fi
import ( import (
"fmt" "fmt"
"github.com/golang/glog"
"io" "io"
"k8s.io/kops/upup/pkg/fi/utils"
"k8s.io/kops/util/pkg/hashing"
"net/http" "net/http"
"os" "os"
"os/exec" "os/exec"
"path" "path"
"path/filepath" "path/filepath"
"strings" "strings"
"k8s.io/kops/upup/pkg/fi/utils"
"k8s.io/kops/util/pkg/hashing"
"github.com/golang/glog"
) )
type asset struct { type asset struct {

2
upup/pkg/fi/cloud.go
View File

@ -79,6 +79,8 @@ var zonesToCloud = map[string]kops.CloudProviderID{
"eu-west-1c": kops.CloudProviderAWS, "eu-west-1c": kops.CloudProviderAWS,
"eu-west-1d": kops.CloudProviderAWS, "eu-west-1d": kops.CloudProviderAWS,
"eu-west-1e": kops.CloudProviderAWS, "eu-west-1e": kops.CloudProviderAWS,
"eu-west-2a": kops.CloudProviderAWS,
"eu-west-2b": kops.CloudProviderAWS,
"eu-central-1a": kops.CloudProviderAWS, "eu-central-1a": kops.CloudProviderAWS,
"eu-central-1b": kops.CloudProviderAWS, "eu-central-1b": kops.CloudProviderAWS,

47
upup/pkg/fi/cloudup/apply_cluster.go
View File

@ -22,8 +22,6 @@ import (
"strings" "strings"
"time" "time"
"github.com/blang/semver"
"github.com/golang/glog"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
kopsbase "k8s.io/kops" kopsbase "k8s.io/kops"
"k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/apis/kops"
@ -54,22 +52,26 @@ import (
"k8s.io/kops/upup/pkg/fi/fitasks" "k8s.io/kops/upup/pkg/fi/fitasks"
"k8s.io/kops/util/pkg/hashing" "k8s.io/kops/util/pkg/hashing"
"k8s.io/kops/util/pkg/vfs" "k8s.io/kops/util/pkg/vfs"
"github.com/blang/semver"
"github.com/golang/glog"
) )
const DefaultMaxTaskDuration = 10 * time.Minute const (
DefaultMaxTaskDuration = 10 * time.Minute
starline = "*********************************************************************************\n"
)
const starline = "*********************************************************************************\n" var (
// AlphaAllowDO is a feature flag that gates DigitalOcean support while it is alpha
// AlphaAllowDO is a feature flag that gates DigitalOcean support while it is alpha AlphaAllowDO = featureflag.New("AlphaAllowDO", featureflag.Bool(false))
var AlphaAllowDO = featureflag.New("AlphaAllowDO", featureflag.Bool(false)) // AlphaAllowGCE is a feature flag that gates GCE support while it is alpha
AlphaAllowGCE = featureflag.New("AlphaAllowGCE", featureflag.Bool(false))
// AlphaAllowGCE is a feature flag that gates GCE support while it is alpha // AlphaAllowVsphere is a feature flag that gates vsphere support while it is alpha
var AlphaAllowGCE = featureflag.New("AlphaAllowGCE", featureflag.Bool(false)) AlphaAllowVsphere = featureflag.New("AlphaAllowVsphere", featureflag.Bool(false))
// CloudupModels a list of supported models
// AlphaAllowVsphere is a feature flag that gates vsphere support while it is alpha CloudupModels = []string{"config", "proto", "cloudup"}
var AlphaAllowVsphere = featureflag.New("AlphaAllowVsphere", featureflag.Bool(false)) )
var CloudupModels = []string{"config", "proto", "cloudup"}
type ApplyClusterCmd struct { type ApplyClusterCmd struct {
Cluster *kops.Cluster Cluster *kops.Cluster
@ -275,9 +277,6 @@ func (c *ApplyClusterCmd) Run() error {
"keypair": &fitasks.Keypair{}, "keypair": &fitasks.Keypair{},
"secret": &fitasks.Secret{}, "secret": &fitasks.Secret{},
"managedFile": &fitasks.ManagedFile{}, "managedFile": &fitasks.ManagedFile{},
// DNS
//"dnsZone": &dnstasks.DNSZone{},
}) })
cloud, err := BuildCloud(cluster) cloud, err := BuildCloud(cluster)
@ -376,10 +375,6 @@ func (c *ApplyClusterCmd) Run() error {
// Autoscaling // Autoscaling
"autoscalingGroup": &awstasks.AutoscalingGroup{}, "autoscalingGroup": &awstasks.AutoscalingGroup{},
"launchConfiguration": &awstasks.LaunchConfiguration{}, "launchConfiguration": &awstasks.LaunchConfiguration{},
//// Route53
//"dnsName": &awstasks.DNSName{},
//"dnsZone": &awstasks.DNSZone{},
}) })
if len(sshPublicKeys) == 0 { if len(sshPublicKeys) == 0 {
@ -554,7 +549,8 @@ func (c *ApplyClusterCmd) Run() error {
} }
// RenderNodeUpConfig returns the NodeUp config, in YAML format // RenderNodeUpConfig returns the NodeUp config, in YAML format
renderNodeUpConfig := func(ig *kops.InstanceGroup) (*nodeup.NodeUpConfig, error) { // @@NOTE
renderNodeUpConfig := func(ig *kops.InstanceGroup) (*nodeup.Config, error) {
if ig == nil { if ig == nil {
return nil, fmt.Errorf("instanceGroup cannot be nil") return nil, fmt.Errorf("instanceGroup cannot be nil")
} }
@ -569,17 +565,14 @@ func (c *ApplyClusterCmd) Run() error {
return nil, err return nil, err
} }
config := &nodeup.NodeUpConfig{} config := &nodeup.Config{}
for _, tag := range nodeUpTags.List() { for _, tag := range nodeUpTags.List() {
config.Tags = append(config.Tags, tag) config.Tags = append(config.Tags, tag)
} }
config.Assets = c.Assets config.Assets = c.Assets
config.ClusterName = cluster.ObjectMeta.Name config.ClusterName = cluster.ObjectMeta.Name
config.ConfigBase = fi.String(configBase.Path()) config.ConfigBase = fi.String(configBase.Path())
config.InstanceGroupName = ig.ObjectMeta.Name config.InstanceGroupName = ig.ObjectMeta.Name
var images []*nodeup.Image var images []*nodeup.Image

12
upup/pkg/fi/cloudup/loader.go
View File

@ -20,8 +20,12 @@ import (
"bytes" "bytes"
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/golang/glog"
"io" "io"
"os"
"reflect"
"strings"
"text/template"
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
api "k8s.io/kops/pkg/apis/kops" api "k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/pkg/assets" "k8s.io/kops/pkg/assets"
@ -30,10 +34,8 @@ import (
"k8s.io/kops/upup/pkg/fi/loader" "k8s.io/kops/upup/pkg/fi/loader"
"k8s.io/kops/upup/pkg/fi/utils" "k8s.io/kops/upup/pkg/fi/utils"
"k8s.io/kops/util/pkg/vfs" "k8s.io/kops/util/pkg/vfs"
"os"
"reflect" "github.com/golang/glog"
"strings"
"text/template"
) )
const ( const (

3
upup/pkg/fi/fitasks/cert_utils.go
View File

@ -21,8 +21,9 @@ import (
"crypto/x509" "crypto/x509"
"crypto/x509/pkix" "crypto/x509/pkix"
"fmt" "fmt"
"github.com/golang/glog"
"strings" "strings"
"github.com/golang/glog"
) )
func pkixNameToString(name *pkix.Name) string { func pkixNameToString(name *pkix.Name) string {

2
upup/pkg/fi/nodeup/command.go
View File

@ -46,7 +46,7 @@ import (
const MaxTaskDuration = 365 * 24 * time.Hour const MaxTaskDuration = 365 * 24 * time.Hour
type NodeUpCommand struct { type NodeUpCommand struct {
config *nodeup.NodeUpConfig config *nodeup.Config
cluster *api.Cluster cluster *api.Cluster
instanceGroup *api.InstanceGroup instanceGroup *api.InstanceGroup
ConfigLocation string ConfigLocation string

12
upup/pkg/fi/nodeup/loader.go
View File

@ -20,7 +20,9 @@ import (
"bytes" "bytes"
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/golang/glog" "strings"
"text/template"
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
api "k8s.io/kops/pkg/apis/kops" api "k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/pkg/apis/nodeup" "k8s.io/kops/pkg/apis/nodeup"
@ -28,15 +30,15 @@ import (
"k8s.io/kops/upup/pkg/fi/loader" "k8s.io/kops/upup/pkg/fi/loader"
"k8s.io/kops/upup/pkg/fi/nodeup/nodetasks" "k8s.io/kops/upup/pkg/fi/nodeup/nodetasks"
"k8s.io/kops/util/pkg/vfs" "k8s.io/kops/util/pkg/vfs"
"strings"
"text/template" "github.com/golang/glog"
) )
type Loader struct { type Loader struct {
Builders []fi.ModelBuilder Builders []fi.ModelBuilder
templates []*template.Template templates []*template.Template
config *nodeup.NodeUpConfig config *nodeup.Config
cluster *api.Cluster cluster *api.Cluster
assets *fi.AssetStore assets *fi.AssetStore
@ -46,7 +48,7 @@ type Loader struct {
TemplateFunctions template.FuncMap TemplateFunctions template.FuncMap
} }
func NewLoader(config *nodeup.NodeUpConfig, cluster *api.Cluster, assets *fi.AssetStore, tags sets.String) *Loader { func NewLoader(config *nodeup.Config, cluster *api.Cluster, assets *fi.AssetStore, tags sets.String) *Loader {
l := &Loader{} l := &Loader{}
l.assets = assets l.assets = assets
l.tasks = make(map[string]fi.Task) l.tasks = make(map[string]fi.Task)

4
upup/pkg/fi/nodeup/template_functions.go
View File

@ -36,7 +36,7 @@ const TagMaster = "_kubernetes_master"
// templateFunctions is a simple helper-class for the functions accessible to templates // templateFunctions is a simple helper-class for the functions accessible to templates
type templateFunctions struct { type templateFunctions struct {
nodeupConfig *nodeup.NodeUpConfig nodeupConfig *nodeup.Config
// cluster is populated with the current cluster // cluster is populated with the current cluster
cluster *api.Cluster cluster *api.Cluster
@ -52,7 +52,7 @@ type templateFunctions struct {
} }
// newTemplateFunctions is the constructor for templateFunctions // newTemplateFunctions is the constructor for templateFunctions
func newTemplateFunctions(nodeupConfig *nodeup.NodeUpConfig, cluster *api.Cluster, instanceGroup *api.InstanceGroup, tags sets.String) (*templateFunctions, error) { func newTemplateFunctions(nodeupConfig *nodeup.Config, cluster *api.Cluster, instanceGroup *api.InstanceGroup, tags sets.String) (*templateFunctions, error) {
t := &templateFunctions{ t := &templateFunctions{
nodeupConfig: nodeupConfig, nodeupConfig: nodeupConfig,
cluster: cluster, cluster: cluster,