kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kops/k8s/crds/kops.k8s.io_instancegroups....

832 lines
40 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: instancegroups.kops.k8s.io
spec:
group: kops.k8s.io
names:
kind: InstanceGroup
listKind: InstanceGroupList
plural: instancegroups
shortNames:
- ig
singular: instancegroup
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Role
jsonPath: .spec.role
name: role
type: string
- description: Machine Type
jsonPath: .spec.machineType
name: machineType
type: string
- description: Min
jsonPath: .spec.minSize
name: min
type: integer
- description: Max
jsonPath: .spec.maxSize
name: max
type: integer
- description: Zones
jsonPath: .spec.zones
name: zones
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: InstanceGroup represents a group of instances (either nodes or
masters) with the same configuration
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: InstanceGroupSpec is the specification for an instanceGroup
properties:
additionalSecurityGroups:
description: AdditionalSecurityGroups attaches additional security
groups (e.g. i-123456)
items:
type: string
type: array
additionalUserData:
description: AdditionalUserData is any additional user-data to be
passed to the host
items:
description: UserData defines a user-data section
properties:
content:
description: Content is the user-data content
type: string
name:
description: Name is the name of the user-data
type: string
type:
description: Type is the type of user-data
type: string
type: object
type: array
associatePublicIp:
description: AssociatePublicIP is true if we want instances to have
a public IP
type: boolean
cloudLabels:
additionalProperties:
type: string
description: CloudLabels indicates the labels for instances in this
group, at the AWS level
type: object
detailedInstanceMonitoring:
description: DetailedInstanceMonitoring defines if detailed-monitoring
is enabled (AWS only)
type: boolean
externalLoadBalancers:
description: ExternalLoadBalancers define loadbalancers that should
be attached to the instancegroup
items:
description: LoadBalancer defines a load balancer
properties:
loadBalancerName:
description: LoadBalancerName to associate with this instance
group (AWS ELB)
type: string
targetGroupArn:
description: TargetGroupARN to associate with this instance
group (AWS ALB/NLB)
type: string
type: object
type: array
fileAssets:
description: FileAssets is a collection of file assets for this instance
group
items:
description: FileAssetSpec defines the structure for a file asset
properties:
content:
description: Content is the contents of the file
type: string
isBase64:
description: IsBase64 indicates the contents is base64 encoded
type: boolean
name:
description: Name is a shortened reference to the asset
type: string
path:
description: Path is the location this file should reside
type: string
roles:
description: Roles is a list of roles the file asset should
be applied, defaults to all
items:
description: InstanceGroupRole string describes the roles
of the nodes in this InstanceGroup (master or nodes)
type: string
type: array
type: object
type: array
hooks:
description: 'Hooks is a list of hooks for this instanceGroup, note:
these can override the cluster wide ones if required'
items:
description: HookSpec is a definition hook
properties:
before:
description: Before is a series of systemd units which this
hook must run before
items:
type: string
type: array
disabled:
description: Disabled indicates if you want the unit switched
off
type: boolean
execContainer:
description: ExecContainer is the image itself
properties:
command:
description: Command is the command supplied to the above
image
items:
type: string
type: array
environment:
additionalProperties:
type: string
description: Environment is a map of environment variables
added to the hook
type: object
image:
description: Image is the docker image
type: string
type: object
manifest:
description: Manifest is a raw systemd unit file
type: string
name:
description: Name is an optional name for the hook, otherwise
the name is kops-hook-<index>
type: string
requires:
description: Requires is a series of systemd units the action
requires
items:
type: string
type: array
roles:
description: Roles is an optional list of roles the hook should
be rolled out to, defaults to all
items:
description: InstanceGroupRole string describes the roles
of the nodes in this InstanceGroup (master or nodes)
type: string
type: array
useRawManifest:
description: UseRawManifest indicates that the contents of Manifest
should be used as the contents of the systemd unit, unmodified.
Before and Requires are ignored when used together with this
value (and validation shouldn't allow them to be set)
type: boolean
type: object
type: array
iam:
description: IAMProfileSpec defines the identity of the cloud group
IAM profile (AWS only).
properties:
profile:
description: Profile of the cloud group IAM profile. In aws this
is the arn for the iam instance profile
type: string
type: object
image:
description: Image is the instance (ami etc) we should use
type: string
instanceInterruptionBehavior:
description: InstanceInterruptionBehavior defines if a spot instance
should be terminated, hibernated, or stopped after interruption
type: string
instanceProtection:
description: InstanceProtection makes new instances in an autoscaling
group protected from scale in
type: boolean
kubelet:
description: Kubelet overrides kubelet config from the ClusterSpec
properties:
allowPrivileged:
description: AllowPrivileged enables containers to request privileged
mode (defaults to false)
type: boolean
allowedUnsafeSysctls:
description: AllowedUnsafeSysctls are passed to the kubelet config
to whitelist allowable sysctls
items:
type: string
type: array
anonymousAuth:
description: AnonymousAuth permits you to control auth to the
kubelet api
type: boolean
apiServers:
description: APIServers is not used for clusters version 1.6 and
later - flag removed
type: string
authenticationTokenWebhook:
description: AuthenticationTokenWebhook uses the TokenReview API
to determine authentication for bearer tokens.
type: boolean
authenticationTokenWebhookCacheTtl:
description: AuthenticationTokenWebhook sets the duration to cache
responses from the webhook token authenticator. Default is 2m.
(default 2m0s)
type: string
authorizationMode:
description: AuthorizationMode is the authorization mode the kubelet
is running in
type: string
babysitDaemons:
description: The node has babysitter process monitoring docker
and kubelet. Removed as of 1.7
type: boolean
bootstrapKubeconfig:
description: BootstrapKubeconfig is the path to a kubeconfig file
that will be used to get client certificate for kubelet
type: string
cgroupRoot:
description: cgroupRoot is the root cgroup to use for pods. This
is handled by the container runtime on a best effort basis.
type: string
clientCaFile:
description: ClientCAFile is the path to a CA certificate
type: string
cloudProvider:
description: CloudProvider is the provider for cloud services.
type: string
clusterDNS:
description: ClusterDNS is the IP address for a cluster DNS server
type: string
clusterDomain:
description: ClusterDomain is the DNS domain for this cluster
type: string
configureCbr0:
description: configureCBR0 enables the kubelet to configure cbr0
based on Node.Spec.PodCIDR.
type: boolean
cpuCFSQuota:
description: CPUCFSQuota enables CPU CFS quota enforcement for
containers that specify CPU limits
type: boolean
cpuCFSQuotaPeriod:
description: CPUCFSQuotaPeriod sets CPU CFS quota period value,
cpu.cfs_period_us, defaults to Linux Kernel default
type: string
cpuManagerPolicy:
description: CpuManagerPolicy allows for changing the default
policy of None to static
type: string
dockerDisableSharedPID:
description: DockerDisableSharedPID uses a shared PID namespace
for containers in a pod.
type: boolean
enableCustomMetrics:
description: Enable gathering custom metrics.
type: boolean
enableDebuggingHandlers:
description: EnableDebuggingHandlers enables server endpoints
for log collection and local running of containers and commands
type: boolean
enforceNodeAllocatable:
description: Enforce Allocatable across pods whenever the overall
usage across all pods exceeds Allocatable.
type: string
evictionHard:
description: Comma-delimited list of hard eviction expressions. For
example, 'memory.available<300Mi'.
type: string
evictionMaxPodGracePeriod:
description: Maximum allowed grace period (in seconds) to use
when terminating pods in response to a soft eviction threshold
being met.
format: int32
type: integer
evictionMinimumReclaim:
description: Comma-delimited list of minimum reclaims (e.g. imagefs.available=2Gi)
that describes the minimum amount of resource the kubelet will
reclaim when performing a pod eviction if that resource is under
pressure.
type: string
evictionPressureTransitionPeriod:
description: Duration for which the kubelet has to wait before
transitioning out of an eviction pressure condition.
type: string
evictionSoft:
description: Comma-delimited list of soft eviction expressions. For
example, 'memory.available<300Mi'.
type: string
evictionSoftGracePeriod:
description: Comma-delimited list of grace periods for each soft
eviction signal. For example, 'memory.available=30s'.
type: string
experimentalAllowedUnsafeSysctls:
description: ExperimentalAllowedUnsafeSysctls are passed to the
kubelet config to whitelist allowable sysctls Was promoted to
beta and renamed. https://github.com/kubernetes/kubernetes/pull/63717
items:
type: string
type: array
failSwapOn:
description: Tells the Kubelet to fail to start if swap is enabled
on the node.
type: boolean
featureGates:
additionalProperties:
type: string
description: FeatureGates is set of key=value pairs that describe
feature gates for alpha/experimental features.
type: object
hairpinMode:
description: 'How should the kubelet configure the container bridge
for hairpin packets. Setting this flag allows endpoints in a
Service to loadbalance back to themselves if they should try
to access their own Service. Values: "promiscuous-bridge":
make the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
nothing. Setting --configure-cbr0 to false implies that to achieve
hairpin NAT one must set --hairpin-mode=veth-flag, because bridge
assumes the existence of a container bridge named cbr0.'
type: string
hostnameOverride:
description: HostnameOverride is the hostname used to identify
the kubelet instead of the actual hostname.
type: string
imageGCHighThresholdPercent:
description: ImageGCHighThresholdPercent is the percent of disk
usage after which image garbage collection is always run.
format: int32
type: integer
imageGCLowThresholdPercent:
description: ImageGCLowThresholdPercent is the percent of disk
usage before which image garbage collection is never run. Lowest
disk usage to garbage collect to.
format: int32
type: integer
imagePullProgressDeadline:
description: ImagePullProgressDeadline is the timeout for image
pulls If no pulling progress is made before this deadline, the
image pulling will be cancelled. (default 1m0s)
type: string
kubeReserved:
additionalProperties:
type: string
description: Resource reservation for kubernetes system daemons
like the kubelet, container runtime, node problem detector,
etc.
type: object
kubeReservedCgroup:
description: Control group for kube daemons.
type: string
kubeconfigPath:
description: KubeconfigPath is the path of kubeconfig for the
kubelet
type: string
kubeletCgroups:
description: KubeletCgroups is the absolute name of cgroups to
isolate the kubelet in.
type: string
logLevel:
description: LogLevel is the logging level of the kubelet
format: int32
type: integer
maxPods:
description: MaxPods is the number of pods that can run on this
Kubelet.
format: int32
type: integer
networkPluginMTU:
description: NetworkPluginMTU is the MTU to be passed to the network
plugin, and overrides the default MTU for cases where it cannot
be automatically computed (such as IPSEC).
format: int32
type: integer
networkPluginName:
description: NetworkPluginName is the name of the network plugin
to be invoked for various events in kubelet/pod lifecycle
type: string
nodeLabels:
additionalProperties:
type: string
description: NodeLabels to add when registering the node in the
cluster.
type: object
nodeStatusUpdateFrequency:
description: NodeStatusUpdateFrequency Specifies how often kubelet
posts node status to master (default 10s) must work with nodeMonitorGracePeriod
in KubeControllerManagerConfig.
type: string
nonMasqueradeCIDR:
description: 'NonMasqueradeCIDR configures masquerading: traffic
to IPs outside this range will use IP masquerade.'
type: string
nvidiaGPUs:
description: NvidiaGPUs is the number of NVIDIA GPU devices on
this node.
format: int32
type: integer
podCIDR:
description: PodCIDR is the CIDR to use for pod IP addresses,
only used in standalone mode. In cluster mode, this is obtained
from the master.
type: string
podInfraContainerImage:
description: PodInfraContainerImage is the image whose network/ipc
containers in each pod will use.
type: string
podManifestPath:
description: config is the path to the config file or directory
of files
type: string
protectKernelDefaults:
description: 'Default kubelet behaviour for kernel tuning. If
set, kubelet errors if any of kernel tunables is different than
kubelet defaults. (DEPRECATED: This parameter should be set
via the config file specified by the Kubelet''s --config flag.'
type: boolean
readOnlyPort:
description: ReadOnlyPort is the port used by the kubelet api
for read-only access (default 10255)
format: int32
type: integer
reconcileCIDR:
description: ReconcileCIDR is Reconcile node CIDR with the CIDR
specified by the API server. No-op if register-node or configure-cbr0
is false.
type: boolean
registerNode:
description: RegisterNode enables automatic registration with
the apiserver.
type: boolean
registerSchedulable:
description: registerSchedulable tells the kubelet to register
the node as schedulable. No-op if register-node is false.
type: boolean
registryBurst:
description: RegistryBurst Maximum size of a bursty pulls, temporarily
allows pulls to burst to this number, while still not exceeding
registry-qps. Only used if --registry-qps > 0 (default 10)
format: int32
type: integer
registryPullQPS:
description: RegistryPullQPS if > 0, limit registry pull QPS to
this value. If 0, unlimited. (default 5)
format: int32
type: integer
requireKubeconfig:
description: RequireKubeconfig indicates a kubeconfig is required
type: boolean
resolvConf:
description: ResolverConfig is the resolver configuration file
used as the basis for the container DNS resolution configuration."),
[]
type: string
rootDir:
description: RootDir is the directory path for managing kubelet
files (volume mounts,etc)
type: string
rotateCertificates:
description: rotateCertificates enables client certificate rotation.
type: boolean
runtimeCgroups:
description: Cgroups that container runtime is expected to be
isolated in.
type: string
runtimeRequestTimeout:
description: RuntimeRequestTimeout is timeout for runtime requests
on - pull, logs, exec and attach
type: string
seccompProfileRoot:
description: SeccompProfileRoot is the directory path for seccomp
profiles.
type: string
serializeImagePulls:
description: '// SerializeImagePulls when enabled, tells the Kubelet
to pull images one // at a time. We recommend *not* changing
the default value on nodes that // run docker daemon with version <
1.9 or an Aufs storage backend. // Issue #10959 has more details.'
type: boolean
streamingConnectionIdleTimeout:
description: StreamingConnectionIdleTimeout is the maximum time
a streaming connection can be idle before the connection is
automatically closed
type: string
systemCgroups:
description: SystemCgroups is absolute name of cgroups in which
to place all non-kernel processes that are not already in a
container. Empty for no container. Rolling back the flag requires
a reboot.
type: string
systemReserved:
additionalProperties:
type: string
description: Capture resource reservation for OS system daemons
like sshd, udev, etc.
type: object
systemReservedCgroup:
description: Parent control group for OS system daemons.
type: string
taints:
description: Taints to add when registering a node in the cluster
items:
type: string
type: array
tlsCertFile:
description: 'TODO: Remove unused TLSCertFile'
type: string
tlsCipherSuites:
description: TLSCipherSuites indicates the allowed TLS cipher
suite
items:
type: string
type: array
tlsMinVersion:
description: TLSMinVersion indicates the minimum TLS version allowed
type: string
tlsPrivateKeyFile:
description: 'TODO: Remove unused TLSPrivateKeyFile'
type: string
topologyManagerPolicy:
description: TopologyManagerPolicy determines the allocation policy
for the topology manager.
type: string
volumePluginDirectory:
description: The full path of the directory in which to search
for additional third party volume plugins (this path must be
writeable, dependent on your choice of OS)
type: string
volumeStatsAggPeriod:
description: VolumeStatsAggPeriod is the interval for kubelet
to calculate and cache the volume disk usage for all pods and
volumes
type: string
type: object
machineType:
description: MachineType is the instance class
type: string
maxPrice:
description: MaxPrice indicates this is a spot-pricing group, with
the specified value as our max-price bid
type: string
maxSize:
description: MaxSize is the maximum size of the pool
format: int32
type: integer
minSize:
description: MinSize is the minimum size of the pool
format: int32
type: integer
mixedInstancesPolicy:
description: MixedInstancesPolicy defined a optional backing of an
AWS ASG by a EC2 Fleet (AWS Only)
properties:
instances:
description: Instances is a list of instance types which we are
willing to run in the EC2 fleet
items:
type: string
type: array
onDemandAboveBase:
description: OnDemandAboveBase controls the percentages of On-Demand
Instances and Spot Instances for your additional capacity beyond
OnDemandBase. The range is 0100. The default value is 100.
If you leave this parameter set to 100, the percentages are
100% for On-Demand Instances and 0% for Spot Instances.
format: int64
type: integer
onDemandAllocationStrategy:
description: OnDemandAllocationStrategy indicates how to allocate
instance types to fulfill On-Demand capacity
type: string
onDemandBase:
description: OnDemandBase is the minimum amount of the Auto Scaling
group's capacity that must be fulfilled by On-Demand Instances.
This base portion is provisioned first as your group scales.
format: int64
type: integer
spotAllocationStrategy:
description: SpotAllocationStrategy diversifies your Spot capacity
across multiple instance types to find the best pricing. Higher
Spot availability may result from a larger number of instance
types to choose from.
type: string
spotInstancePools:
description: SpotInstancePools is the number of Spot pools to
use to allocate your Spot capacity (defaults to 2) pools are
determined from the different instance types in the Overrides
array of LaunchTemplate
format: int64
type: integer
type: object
nodeLabels:
additionalProperties:
type: string
description: NodeLabels indicates the kubernetes labels for nodes
in this group
type: object
role:
description: 'Type determines the role of instances in this group:
masters or nodes'
type: string
rollingUpdate:
description: RollingUpdate defines the rolling-update behavior
properties:
maxSurge:
anyOf:
- type: integer
- type: string
description: 'MaxSurge is the maximum number of extra nodes that
can be created during the update. The value can be an absolute
number (for example 5) or a percentage of desired machines (for
example 10%). The absolute number is calculated from a percentage
by rounding up. A value of 0 for both this and MaxUnavailable
disables rolling updates. Has no effect on instance groups with
role "Master". Defaults to 1 on AWS, 0 otherwise. Example: when
this is set to 30%, the InstanceGroup can be scaled up immediately
when the rolling update starts, such that the total number of
old and new nodes do not exceed 130% of desired nodes.'
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: 'MaxUnavailable is the maximum number of nodes that
can be unavailable during the update. The value can be an absolute
number (for example 5) or a percentage of desired nodes (for
example 10%). The absolute number is calculated from a percentage
by rounding down. A value of 0 for both this and MaxSurge disables
rolling updates. Defaults to 1 if MaxSurge is 0, otherwise defaults
to 0. Example: when this is set to 30%, the InstanceGroup can
be scaled down to 70% of desired nodes immediately when the
rolling update starts. Once new nodes are ready, more old nodes
can be drained, ensuring that the total number of nodes available
at all times during the update is at least 70% of desired nodes.'
x-kubernetes-int-or-string: true
type: object
rootVolumeDeleteOnTermination:
description: 'RootVolumeDeleteOnTermination configures root volume
retention policy upon instance termination. The root volume is deleted
by default. Cluster deletion does not remove retained root volumes.
NOTE: This setting applies only to the Launch Configuration and
does not affect Launch Templates.'
type: boolean
rootVolumeIops:
description: If volume type is io1, then we need to specify the number
of Iops.
format: int32
type: integer
rootVolumeOptimization:
description: RootVolumeOptimization enables EBS optimization for an
instance
type: boolean
rootVolumeSize:
description: RootVolumeSize is the size of the EBS root volume to
use, in GB
format: int32
type: integer
rootVolumeType:
description: RootVolumeType is the type of the EBS root volume to
use (e.g. gp2)
type: string
securityGroupOverride:
description: SecurityGroupOverride overrides the default security
group created by Kops for this IG (AWS only).
type: string
spotDurationInMinutes:
description: SpotDurationInMinutes indicates this is a spot-block
group, with the specified value as the spot reservation time
format: int64
type: integer
subnets:
description: Subnets is the names of the Subnets (as specified in
the Cluster) where machines in this instance group should be placed
items:
type: string
type: array
suspendProcesses:
description: SuspendProcesses disables the listed Scaling Policies
items:
type: string
type: array
sysctlParameters:
description: SysctlParameters will configure kernel parameters using
sysctl(8). When specified, each parameter must follow the form variable=value,
the way it would appear in sysctl.conf.
items:
type: string
type: array
taints:
description: Taints indicates the kubernetes taints for nodes in this
group
items:
type: string
type: array
tenancy:
description: Describes the tenancy of the instance group. Can be either
default or dedicated. Currently only applies to AWS.
type: string
volumeMounts:
description: VolumeMounts a collection of volume mounts
items:
description: VolumeMountSpec defines the specification for mounting
a device
properties:
device:
description: Device is the device name to provision and mount
type: string
filesystem:
description: Filesystem is the filesystem to mount
type: string
formatOptions:
description: FormatOptions is a collection of options passed
when formatting the device
items:
type: string
type: array
mountOptions:
description: MountOptions is a collection of mount options
items:
type: string
type: array
path:
description: Path is the location to mount the device
type: string
type: object
type: array
volumes:
description: Volumes is a collection of additional volumes to create
for instances within this InstanceGroup
items:
description: VolumeSpec defined the spec for an additional volume
attached to the instance group
properties:
deleteOnTermination:
description: 'DeleteOnTermination configures volume retention
policy upon instance termination. The volume is deleted by
default. Cluster deletion does not remove retained volumes.
NOTE: This setting applies only to the Launch Configuration
and does not affect Launch Templates.'
type: boolean
device:
description: Device is an optional device name of the block
device
type: string
encrypted:
description: Encrypted indicates you want to encrypt the volume
type: boolean
iops:
description: Iops is the provision iops for this iops (think
io1 in aws)
format: int64
type: integer
size:
description: Size is the size of the volume in GB
format: int64
type: integer
type:
description: Type is the type of volume to create and is cloud
specific
type: string
type: object
type: array
zones:
description: Zones is the names of the Zones where machines in this
instance group should be placed This is needed for regional subnets
(e.g. GCE), to restrict placement to particular zones
items:
type: string
type: array
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Reference in New Issue View Git Blame Copy Permalink