kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #47566 from tengqm/configapi-1.31 

Update config API for v1.31
This commit is contained in:
Kubernetes Prow Robot 2024-08-20 02:13:36 -07:00 committed by GitHub
parent a0dd39bb14 f69f28fb6b
commit 5675366332
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
15 changed files with 463 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/en/docs/reference/config-api/apiserver-admission.v1.md
View File

@ -152,7 +152,7 @@ requested. e.g. a patch can result in either a CREATE or UPDATE Operation.</p>
</td>
</tr>
<tr><td><code>userInfo</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td>
<td>
<p>UserInfo is information about the requesting user</p>
@ -226,7 +226,7 @@ This must be copied over from the corresponding AdmissionRequest.</p>
</td>
</tr>
<tr><td><code>status</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#status-v1-meta"><code>meta/v1.Status</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#status-v1-meta"><code>meta/v1.Status</code></a>
</td>
<td>
<p>Result contains extra details into why an admission request was denied.

16
content/en/docs/reference/config-api/apiserver-audit.v1.md
View File

@ -71,14 +71,14 @@ For non-resource requests, this is the lower-cased HTTP method.</p>
</td>
</tr>
<tr><td><code>user</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td>
<td>
<p>Authenticated user information.</p>
</td>
</tr>
<tr><td><code>impersonatedUser</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
</td>
<td>
<p>Impersonated user information.</p>
@ -116,7 +116,7 @@ Does not apply for List-type requests, or non-resource requests.</p>
</td>
</tr>
<tr><td><code>responseStatus</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#status-v1-meta"><code>meta/v1.Status</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#status-v1-meta"><code>meta/v1.Status</code></a>
</td>
<td>
<p>The response status, populated even when the ResponseObject is not a Status type.
@ -144,14 +144,14 @@ at Response Level.</p>
</td>
</tr>
<tr><td><code>requestReceivedTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
</td>
<td>
<p>Time the request reached the apiserver.</p>
</td>
</tr>
<tr><td><code>stageTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
</td>
<td>
<p>Time the request reached current audit stage.</p>
@ -188,7 +188,7 @@ should be short. Annotations are included in the Metadata level.</p>
<tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
</td>
<td>
<span class="text-muted">No description provided.</span></td>
@ -223,7 +223,7 @@ categories are logged.</p>
<tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
</td>
<td>
<p>ObjectMeta is included for interoperability with API infrastructure.</p>
@ -278,7 +278,7 @@ in a rule will override the global default.</p>
<tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
</td>
<td>
<span class="text-muted">No description provided.</span></td>

77
content/en/docs/reference/config-api/apiserver-config.v1alpha1.md
View File

@ -119,10 +119,17 @@ JWT authenticator will attempt to cryptographically validate the token.</p>
&quot;iss&quot;: &quot;https://issuer.example.com&quot;,
&quot;aud&quot;: [&quot;audience&quot;],
&quot;exp&quot;: 1234567890,
&quot;&lt;username claim&gt;&quot;: &quot;username&quot;
&quot;<!-- raw HTML omitted -->&quot;: &quot;username&quot;
}</p>
</td>
</tr>
<tr><td><code>anonymous</code> <B>[Required]</B><br/>
<a href="#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig"><code>AnonymousAuthConfig</code></a>
</td>
<td>
<p>If present --anonymous-auth must not be set</p>
</td>
</tr>
</tbody>
</table>
@ -245,6 +252,66 @@ configuration. If present, it will be used instead of the path to the configurat
</tbody>
</table>
## `AnonymousAuthCondition` {#apiserver-k8s-io-v1alpha1-AnonymousAuthCondition}
**Appears in:**
- [AnonymousAuthConfig](#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig)
<p>AnonymousAuthCondition describes the condition under which anonymous auth
should be enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>path</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Path for which anonymous auth is enabled.</p>
</td>
</tr>
</tbody>
</table>
## `AnonymousAuthConfig` {#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig}
**Appears in:**
- [AuthenticationConfiguration](#apiserver-k8s-io-v1alpha1-AuthenticationConfiguration)
<p>AnonymousAuthConfig provides the configuration for the anonymous authenticator.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enabled</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<span class="text-muted">No description provided.</span></td>
</tr>
<tr><td><code>conditions</code> <B>[Required]</B><br/>
<a href="#apiserver-k8s-io-v1alpha1-AnonymousAuthCondition"><code>[]AnonymousAuthCondition</code></a>
</td>
<td>
<p>If set, anonymous auth is only allowed if the request meets one of the
conditions.</p>
</td>
</tr>
</tbody>
</table>
## `AudienceMatchPolicyType` {#apiserver-k8s-io-v1alpha1-AudienceMatchPolicyType}
(Alias of `string`)
@ -331,7 +398,7 @@ The claim's value must be a singular string.
Same as the --oidc-username-claim and --oidc-username-prefix flags.
If username.expression is set, the expression must produce a string value.
If username.expression uses 'claims.email', then 'claims.email_verified' must be used in
username.expression or extra[&ast;].valueExpression or claimValidationRules[&ast;].expression.
username.expression or extra[<em>].valueExpression or claimValidationRules[</em>].expression.
An example claim validation rule expression that matches the validation automatically
applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true)'.</p>
<p>In the flag based approach, the --oidc-username-claim and --oidc-username-prefix are optional. If --oidc-username-claim is not set,
@ -341,8 +408,8 @@ For prefix:
(1) --oidc-username-prefix=&quot;-&quot;, no prefix was added to the username. For the same behavior using authentication config,
set username.prefix=&quot;&quot;
(2) --oidc-username-prefix=&quot;&quot; and --oidc-username-claim != &quot;email&quot;, prefix was &quot;&lt;value of --oidc-issuer-url&gt;#&quot;. For the same
behavior using authentication config, set username.prefix=&quot;&lt;value of issuer.url&gt;#&quot;
(3) --oidc-username-prefix=&quot;&lt;value&gt;&quot;. For the same behavior using authentication config, set username.prefix=&quot;&lt;value&gt;&quot;</p>
behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->#&quot;
(3) --oidc-username-prefix=&quot;<!-- raw HTML omitted -->&quot;. For the same behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->&quot;</p>
</td>
</tr>
<tr><td><code>groups</code><br/>
@ -1202,4 +1269,4 @@ the contents would be converted to the v1 version before evaluating the CEL expr
</tr>
</tbody>
</table>

77
content/en/docs/reference/config-api/apiserver-config.v1beta1.md
View File

@ -95,10 +95,17 @@ JWT authenticator will attempt to cryptographically validate the token.</p>
&quot;iss&quot;: &quot;https://issuer.example.com&quot;,
&quot;aud&quot;: [&quot;audience&quot;],
&quot;exp&quot;: 1234567890,
&quot;&lt;username claim&gt;&quot;: &quot;username&quot;
&quot;<!-- raw HTML omitted -->&quot;: &quot;username&quot;
}</p>
</td>
</tr>
<tr><td><code>anonymous</code> <B>[Required]</B><br/>
<a href="#apiserver-k8s-io-v1beta1-AnonymousAuthConfig"><code>AnonymousAuthConfig</code></a>
</td>
<td>
<p>If present --anonymous-auth must not be set</p>
</td>
</tr>
</tbody>
</table>
@ -178,6 +185,66 @@ Must be at least one.</p>
</tbody>
</table>
## `AnonymousAuthCondition` {#apiserver-k8s-io-v1beta1-AnonymousAuthCondition}
**Appears in:**
- [AnonymousAuthConfig](#apiserver-k8s-io-v1beta1-AnonymousAuthConfig)
<p>AnonymousAuthCondition describes the condition under which anonymous auth
should be enabled.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>path</code> <B>[Required]</B><br/>
<code>string</code>
</td>
<td>
<p>Path for which anonymous auth is enabled.</p>
</td>
</tr>
</tbody>
</table>
## `AnonymousAuthConfig` {#apiserver-k8s-io-v1beta1-AnonymousAuthConfig}
**Appears in:**
- [AuthenticationConfiguration](#apiserver-k8s-io-v1beta1-AuthenticationConfiguration)
<p>AnonymousAuthConfig provides the configuration for the anonymous authenticator.</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>enabled</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<span class="text-muted">No description provided.</span></td>
</tr>
<tr><td><code>conditions</code> <B>[Required]</B><br/>
<a href="#apiserver-k8s-io-v1beta1-AnonymousAuthCondition"><code>[]AnonymousAuthCondition</code></a>
</td>
<td>
<p>If set, anonymous auth is only allowed if the request meets one of the
conditions.</p>
</td>
</tr>
</tbody>
</table>
## `AudienceMatchPolicyType` {#apiserver-k8s-io-v1beta1-AudienceMatchPolicyType}
(Alias of `string`)
@ -264,7 +331,7 @@ The claim's value must be a singular string.
Same as the --oidc-username-claim and --oidc-username-prefix flags.
If username.expression is set, the expression must produce a string value.
If username.expression uses 'claims.email', then 'claims.email_verified' must be used in
username.expression or extra[&ast;].valueExpression or claimValidationRules[&ast;].expression.
username.expression or extra[<em>].valueExpression or claimValidationRules[</em>].expression.
An example claim validation rule expression that matches the validation automatically
applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true)'.</p>
<p>In the flag based approach, the --oidc-username-claim and --oidc-username-prefix are optional. If --oidc-username-claim is not set,
@ -274,8 +341,8 @@ For prefix:
(1) --oidc-username-prefix=&quot;-&quot;, no prefix was added to the username. For the same behavior using authentication config,
set username.prefix=&quot;&quot;
(2) --oidc-username-prefix=&quot;&quot; and --oidc-username-claim != &quot;email&quot;, prefix was &quot;&lt;value of --oidc-issuer-url&gt;#&quot;. For the same
behavior using authentication config, set username.prefix=&quot;&lt;value of issuer.url&gt;#&quot;
(3) --oidc-username-prefix=&quot;&lt;value&gt;&quot;. For the same behavior using authentication config, set username.prefix=&quot;&lt;value&gt;&quot;</p>
behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->#&quot;
(3) --oidc-username-prefix=&quot;<!-- raw HTML omitted -->&quot;. For the same behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->&quot;</p>
</td>
</tr>
<tr><td><code>groups</code><br/>
@ -1135,4 +1202,4 @@ the contents would be converted to the v1 version before evaluating the CEL expr
</tr>
</tbody>
</table>

2
content/en/docs/reference/config-api/client-authentication.v1.md
View File

@ -205,7 +205,7 @@ itself should at least be protected via file permissions.</p>
<tr><td><code>expirationTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
</td>
<td>
<p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>

2
content/en/docs/reference/config-api/client-authentication.v1beta1.md
View File

@ -205,7 +205,7 @@ itself should at least be protected via file permissions.</p>
<tr><td><code>expirationTimestamp</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
</td>
<td>
<p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>

2
content/en/docs/reference/config-api/imagepolicy.v1alpha1.md
View File

@ -28,7 +28,7 @@ auto_generated: true
<tr><td><code>metadata</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
</td>
<td>
<p>Standard object's metadata.

30
content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md
View File

@ -1256,13 +1256,6 @@ Larger number = more responsive HPA processing, but more CPU (and network) load.
pods in horizontal pod autoscaler.</p>
</td>
</tr>
<tr><td><code>HorizontalPodAutoscalerUpscaleForbiddenWindow</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>HorizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed.</p>
</td>
</tr>
<tr><td><code>HorizontalPodAutoscalerDownscaleStabilizationWindow</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
@ -1271,13 +1264,6 @@ pods in horizontal pod autoscaler.</p>
backwards and not scale down below any recommendation it made during that period.</p>
</td>
</tr>
<tr><td><code>HorizontalPodAutoscalerDownscaleForbiddenWindow</code> <B>[Required]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p>HorizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed.</p>
</td>
</tr>
<tr><td><code>HorizontalPodAutoscalerTolerance</code> <B>[Required]</B><br/>
<code>float64</code>
</td>
@ -1556,22 +1542,6 @@ and persistent volume claims.</p>
<p>volumeConfiguration holds configuration for volume related features.</p>
</td>
</tr>
<tr><td><code>VolumeHostCIDRDenylist</code> <B>[Required]</B><br/>
<code>[]string</code>
</td>
<td>
<p>DEPRECATED: VolumeHostCIDRDenylist is a list of CIDRs that should not be reachable by the
controller from plugins.</p>
</td>
</tr>
<tr><td><code>VolumeHostAllowLocalLoopback</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>DEPRECATED: VolumeHostAllowLocalLoopback indicates if local loopback hosts (127.0.0.1, etc)
should be allowed from plugins.</p>
</td>
</tr>
</tbody>
</table>

19
content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md
View File

@ -336,7 +336,7 @@ Profiling handlers will be handled by metrics server.</p>
<a href="#kubeproxy-config-k8s-io-v1alpha1-LocalMode"><code>LocalMode</code></a>
</td>
<td>
<p>detectLocalMode determines mode to use for detecting local traffic, defaults to LocalModeClusterCIDR</p>
<p>detectLocalMode determines mode to use for detecting local traffic, defaults to ClusterCIDR</p>
</td>
</tr>
<tr><td><code>detectLocal</code> <B>[Required]</B><br/>
@ -352,7 +352,7 @@ Profiling handlers will be handled by metrics server.</p>
<td>
<p>clusterCIDR is the CIDR range of the pods in the cluster. (For dual-stack
clusters, this can be a comma-separated dual-stack pair of CIDR ranges.). When
DetectLocalMode is set to LocalModeClusterCIDR, kube-proxy will consider
DetectLocalMode is set to ClusterCIDR, kube-proxy will consider
traffic to be local if its source IP is in this range. (Otherwise it is not
used.)</p>
</td>
@ -361,10 +361,12 @@ used.)</p>
<code>[]string</code>
</td>
<td>
<p>nodePortAddresses is a list of CIDR ranges that contain valid node IPs. If set,
<p>nodePortAddresses is a list of CIDR ranges that contain valid node IPs, or
alternatively, the single string 'primary'. If set to a list of CIDRs,
connections to NodePort services will only be accepted on node IPs in one of
the indicated ranges. If unset, NodePort connections will be accepted on all
local IPs.</p>
the indicated ranges. If set to 'primary', NodePort services will only be
accepted on the node's primary IPv4 and/or IPv6 address according to the Node
object. If unset, NodePort connections will be accepted on all local IPs.</p>
</td>
</tr>
<tr><td><code>oomScoreAdj</code> <B>[Required]</B><br/>
@ -397,6 +399,13 @@ than 0.</p>
<p>portRange was previously used to configure the userspace proxy, but is now unused.</p>
</td>
</tr>
<tr><td><code>windowsRunAsService</code> <B>[Required]</B><br/>
<code>bool</code>
</td>
<td>
<p>windowsRunAsService, if true, enables Windows service control manager API integration.</p>
</td>
</tr>
</tbody>
</table>

6
content/en/docs/reference/config-api/kube-scheduler-config.v1.md
View File

@ -328,7 +328,7 @@ at least &quot;minFeasibleNodesToFind&quot; feasible nodes no matter what the va
Example: if the cluster size is 500 nodes and the value of this flag is 30,
then scheduler stops finding further feasible nodes once it finds 150 feasible ones.
When the value is 0, default percentage (5%--50% based on the size of the cluster) of the
nodes will be scored. It is overridden by profile level PercentageofNodesToScore.</p>
nodes will be scored. It is overridden by profile level PercentageOfNodesToScore.</p>
</td>
</tr>
<tr><td><code>podInitialBackoffSeconds</code> <B>[Required]</B><br/>
@ -396,7 +396,7 @@ Defaults to false.</p>
<tr><td><code>addedAffinity</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeaffinity-v1-core"><code>core/v1.NodeAffinity</code></a>
</td>
<td>
<p>AddedAffinity is applied to all Pods additionally to the NodeAffinity
@ -495,7 +495,7 @@ The default strategy is LeastAllocated with an equal &quot;cpu&quot; and &quot;m
<tr><td><code>defaultConstraints</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#topologyspreadconstraint-v1-core"><code>[]core/v1.TopologySpreadConstraint</code></a>
</td>
<td>
<p>DefaultConstraints defines topology spread constraints to be applied to

16
content/en/docs/reference/config-api/kubeadm-config.v1beta3.md
View File

@ -11,17 +11,17 @@ This version improves on the v1beta2 format by fixing some minor issues and addi
<ul>
<li>The deprecated &quot;ClusterConfiguration.useHyperKubeImage&quot; field has been removed.
Kubeadm no longer supports the hyperkube image.</li>
<li>The &quot;ClusterConfiguration.DNS.Type&quot; field has been removed since CoreDNS is the only supported
<li>The &quot;ClusterConfiguration.dns.type&quot; field has been removed since CoreDNS is the only supported
DNS server type by kubeadm.</li>
<li>Include &quot;datapolicy&quot; tags on the fields that hold secrets.
This would result in the field values to be omitted when API structures are printed with klog.</li>
<li>Add &quot;InitConfiguration.SkipPhases&quot;, &quot;JoinConfiguration.SkipPhases&quot; to allow skipping
<li>Add &quot;InitConfiguration.skipPhases&quot;, &quot;JoinConfiguration.skipPhases&quot; to allow skipping
a list of phases during kubeadm init/join command execution.</li>
<li>Add &quot;InitConfiguration.NodeRegistration.ImagePullPolicy&quot; and &quot;JoinConfiguration.NodeRegistration.ImagePullPolicy&quot;
<li>Add &quot;InitConfiguration.nodeRegistration.imagePullPolicy&quot; and &quot;JoinConfiguration.nodeRegistration.imagePullPolicy&quot;
to allow specifying the images pull policy during kubeadm &quot;init&quot; and &quot;join&quot;.
The value must be one of &quot;Always&quot;, &quot;Never&quot; or &quot;IfNotPresent&quot;.
&quot;IfNotPresent&quot; is the default, which has been the existing behavior prior to this addition.</li>
<li>Add &quot;InitConfiguration.Patches.Directory&quot;, &quot;JoinConfiguration.Patches.Directory&quot; to allow
<li>Add &quot;InitConfiguration.patches.directory&quot;, &quot;JoinConfiguration.patches.directory&quot; to allow
the user to configure a directory from which to take patches for components deployed by kubeadm.</li>
<li>Move the BootstrapToken* API and related utilities out of the &quot;kubeadm&quot; API group to a new group
&quot;bootstraptoken&quot;. The kubeadm API version v1beta3 no longer contains the BootstrapToken* structures.</li>
@ -307,7 +307,7 @@ for, so other administrators can know its purpose.</p>
</td>
</tr>
<tr><td><code>expires</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
</td>
<td>
<p><code>expires</code> specifies the timestamp when this token expires. Defaults to being set
@ -1038,7 +1038,7 @@ file from which to load cluster information.</p>
</td>
</tr>
<tr><td><code>pathType</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a>
</td>
<td>
<p><code>pathType</code> is the type of the <code>hostPath</code>.</p>
@ -1262,7 +1262,7 @@ This information will be annotated to the Node API object, for later re-use.</p>
</td>
</tr>
<tr><td><code>taints</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#taint-v1-core"><code>[]core/v1.Taint</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#taint-v1-core"><code>[]core/v1.Taint</code></a>
</td>
<td>
<p><code>taints</code> specifies the taints the Node API object should be registered with.
@ -1294,7 +1294,7 @@ Value <code>all</code> ignores errors from all checks.</p>
</td>
</tr>
<tr><td><code>imagePullPolicy</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
</td>
<td>
<p><code>imagePullPolicy</code> specifies the policy for image pulling during kubeadm &quot;init&quot; and

344
content/en/docs/reference/config-api/kubeadm-config.v1beta4.md
View File

@ -11,29 +11,34 @@ This version improves on the v1beta3 format by fixing some minor issues and addi
<ul>
<li>TODO https://github.com/kubernetes/kubeadm/issues/2890</li>
<li>Support custom environment variables in control plane components under <code>ClusterConfiguration</code>.
Use <code>APIServer.ExtraEnvs</code>, <code>ControllerManager.ExtraEnvs</code>, <code>Scheduler.ExtraEnvs</code>,
<code>Etcd.Local.ExtraEnvs</code>.</li>
Use <code>apiServer.extraEnvs</code>, <code>controllerManager.extraEnvs</code>, <code>scheduler.extraEnvs</code>,
<code>etcd.local.extraEnvs</code>.</li>
<li>The <code>ResetConfiguration</code> API type is now supported in v1beta4.
Users are able to reset a node by passing a <code>--config</code> file to <code>kubeadm reset</code>.</li>
<li><code>dry-run</code> mode is now configureable in InitConfiguration and JoinConfiguration config files.</li>
<li>Dry run mode is now configureable in InitConfiguration and JoinConfiguration.</li>
<li>Replace the existing string/string extra argument maps with structured extra arguments
that support duplicates. The change applies to <code>ClusterConfiguration</code> - <code>APIServer.ExtraArgs</code>,
<code>ControllerManager.ExtraArgs</code>, <code>Scheduler.ExtraArgs</code>. Also to <code>NodeRegistrationOptions.KubeletExtraArgs</code>.</li>
<li>Add <code>ClusterConfiguration.EncryptionAlgorithm</code> that can be used to set the asymmetric
that support duplicates. The change applies to <code>ClusterConfiguration</code> - <code>apiServer.extraArgs</code>,
<code>controllerManager.extraArgs</code>, <code>scheduler.extraArgs</code>, <code>etcd.local.extraArgs</code>.
Also to <code>nodeRegistration.kubeletExtraArgs</code>.</li>
<li>Add <code>ClusterConfiguration.encryptionAlgorithm</code> that can be used to set the asymmetric
encryption algorithm used for this cluster's keys and certificates. Can be one of
<code>&quot;RSA-2048&quot;</code> (default), <code>&quot;RSA-3072&quot;</code>, <code>&quot;RSA-4096&quot;</code> or <code>&quot;ECDSA-P256&quot;</code>.</li>
<li>Add <code>ClusterConfiguration.DNS.Disabled</code> and <code>ClusterConfiguration.Proxy.Disabled</code>
<li>Add <code>ClusterConfiguration.dns.disabled</code> and <code>ClusterConfiguration.proxy.disabled</code>
that can be used to disable the CoreDNS and kube-proxy addons during cluster
initialization. Skipping the related addons phases, during cluster creation will
set the same fields to <code>false</code>.</li>
<li>Add the <code>NodeRegistration.ImagePullSerial</code> field in 'InitConfiguration<code>and</code>JoinConfiguration`, which
<li>Add the <code>nodeRegistration.imagePullSerial</code> field in <code>InitConfiguration</code> and <code>JoinConfiguration</code>, which
can be used to control if kubeadm pulls images serially or in parallel.</li>
<li>The UpgradeConfiguration kubeadm API is now supported in v1beta4 when passing
<li>The <code>UpgradeConfiguration</code> kubeadm API is now supported in v1beta4 when passing
<code>--config</code> to <code>kubeadm upgrade</code> subcommands. Usage of component configuration for <code>kubelet</code> and <code>kube-proxy</code>,
InitConfiguration and ClusterConfiguration is deprecated and will be ignored when passing <code>--config</code> to
<code>InitConfiguration</code> and <code>ClusterConfiguration</code> is deprecated and will be ignored when passing <code>--config</code> to
<code>upgrade</code> subcommands.</li>
<li>Add a <code>Timeouts</code> structure to <code>InitConfiguration</code>, <code>JoinConfiguration</code>, <code>ResetConfiguration</code> and <code>UpgradeConfiguration</code>
that can be used to configure various timeouts.</li>
<li>Add a <code>certificateValidityPeriod</code> and <code>caCertificateValidityPeriod</code> fields to <code>ClusterConfiguration</code>. These fields
can be used to control the validity period of certificates generated by kubeadm during sub-commands such as <code>init</code>,
<code>join</code>, <code>upgrade</code> and <code>certs</code>. Default values continue to be 1 year for non-CA certificates and 10 years for CA
certificates. Only non-CA certificates continue to be renewable by <code>kubeadm certs renew</code>.</li>
</ul>
<h1>Migration from old kubeadm config versions</h1>
<ul>
@ -64,10 +69,18 @@ kind: KubeProxyConfiguration
apiVersion: kubeadm.k8s.io/v1beta4
kind: JoinConfiguration
apiVersion: kubeadm.k8s.io/v1beta4
kind: ResetConfiguration
apiVersion: kubeadm.k8s.io/v1beta4
kind: UpgradeConfiguration
</code></pre>
<p>To print the defaults for &quot;init&quot; and &quot;join&quot; actions use the following commands:</p>
<pre style="background-color:#fff">kubeadm config print init-defaults
kubeadm config print join-defaults
kubeadm config print reset-defaults
kubeadm config print upgrade-defaults
</pre><p>The list of configuration types that must be included in a configuration file depends by the action you are
performing (<code>init or </code>join`) and by the configuration options you are going to use (defaults or advanced customization).</p>
<p>If some configuration types are not provided, or provided only partially, kubeadm will use default values; defaults
@ -177,17 +190,19 @@ configuration types to be used during a <code>kubeadm init</code> run.</p>
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">nodeRegistration</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;ec2-10-100-0-1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">criSocket</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;unix:///var/run/containerd/containerd.sock&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">taints</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">key</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;kubeadmNode&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;someValue&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">effect</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;NoSchedule&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">kubeletExtraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">v</span>:<span style="color:#bbb"> </span><span style="color:#099">4</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">ignorePreflightErrors</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- IsPrivilegedUser<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imagePullPolicy</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;IfNotPresent&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;ec2-10-100-0-1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">criSocket</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;unix:///var/run/containerd/containerd.sock&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">taints</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">key</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;kubeadmNode&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;someValue&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">effect</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;NoSchedule&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">kubeletExtraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>v<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;5&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">ignorePreflightErrors</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- IsPrivilegedUser<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imagePullPolicy</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;IfNotPresent&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imagePullSerial</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">true</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">localAPIEndpoint</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
@ -196,31 +211,40 @@ configuration types to be used during a <code>kubeadm init</code> run.</p>
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">certificateKey</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;e6a2eb8581237ab72a4f494f30285ec12a9694d750b9785706a83bfcbbbd2204&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">skipPhases</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- addon/kube-proxy<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- preflight<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">timeouts</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">controlPlaneComponentHealthCheck</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;60s&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">kubenetesAPICall</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;40s&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span>---<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>kubeadm.k8s.io/v1beta4<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterConfiguration<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">etcd</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># one of local or external</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">local</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imageRepository</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;registry.k8s.io&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imageTag</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;3.2.24&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">dataDir</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/var/lib/etcd&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">listen-client-urls</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;http://10.100.0.1:2379&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">serverCertSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#bbb"> </span><span style="color:#d14">&#34;ec2-10-100-0-1.compute-1.amazonaws.com&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">peerCertSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;10.100.0.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># external:</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># endpoints:</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># - &#34;10.100.0.1:2379&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># - &#34;10.100.0.2:2379&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># caFile: &#34;/etcd/kubernetes/pki/etcd/etcd-ca.crt&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># certFile: &#34;/etcd/kubernetes/pki/etcd/etcd.crt&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># keyFile: &#34;/etcd/kubernetes/pki/etcd/etcd.key&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># one of local or external</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">local</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imageRepository</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;registry.k8s.io&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">imageTag</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;3.2.24&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">dataDir</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/var/lib/etcd&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>listen-client-urls<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span>http://<span style="color:#099">10.100.0.1</span>:<span style="color:#099">2379</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraEnvs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>SOME_VAR<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span>SOME_VALUE<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">serverCertSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#bbb"> </span><span style="color:#d14">&#34;ec2-10-100-0-1.compute-1.amazonaws.com&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">peerCertSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;10.100.0.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># external:</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># endpoints:</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># - &#34;10.100.0.1:2379&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># - &#34;10.100.0.2:2379&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># caFile: &#34;/etcd/kubernetes/pki/etcd/etcd-ca.crt&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># certFile: &#34;/etcd/kubernetes/pki/etcd/etcd.crt&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># keyFile: &#34;/etcd/kubernetes/pki/etcd/etcd.key&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">networking</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
@ -232,44 +256,58 @@ configuration types to be used during a <code>kubeadm init</code> run.</p>
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">controlPlaneEndpoint</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;10.100.0.1:6443&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">apiServer</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">authorization-mode</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;Node,RBAC&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">certSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;10.100.1.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;ec2-10-100-0-1.compute-1.amazonaws.com&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">timeoutForControlPlane</span>:<span style="color:#bbb"> </span>4m0s<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>authorization-mode<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;Node,RBAC&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraEnvs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>SOME_VAR<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span>SOME_VALUE<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">certSANs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;10.100.1.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#d14">&#34;ec2-10-100-0-1.compute-1.amazonaws.com&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">controllerManager</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">&#34;node-cidr-mask-size&#34;: </span><span style="color:#d14">&#34;20&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>node-cidr-mask-size<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;20&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">scheduler</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">address</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;10.100.0.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraArgs</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>address<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">value</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;10.100.0.1&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">extraVolumes</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span>- <span style="color:#000;font-weight:bold">name</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;some-volume&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">hostPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">mountPath</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/some-pod-path&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">readOnly</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">false</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">pathType</span>:<span style="color:#bbb"> </span>File<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">certificatesDir</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;/etc/kubernetes/pki&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">imageRepository</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;registry.k8s.io&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">clusterName</span>:<span style="color:#bbb"> </span><span style="color:#d14">&#34;example-cluster&#34;</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">encryptionAlgorithm</span>:<span style="color:#bbb"> </span>ECDSA-P256<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">dns</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">disabled</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">true</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># disable CoreDNS</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">proxy</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">diabled</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">true</span><span style="color:#bbb"> </span><span style="color:#998;font-style:italic"># disable kube-proxy</span><span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span>---<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>kubelet.config.k8s.io/v1beta1<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>KubeletConfiguration<span style="color:#bbb">
@ -282,8 +320,13 @@ configuration types to be used during a <code>kubeadm init</code> run.</p>
<p>When executing kubeadm join with the --config option, the JoinConfiguration type should be provided.</p>
<pre style="background-color:#fff"><span style="color:#000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>kubeadm.k8s.io/v1beta4<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>JoinConfiguration<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">discovery</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>...<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">bootstrapToken</span>:<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">apiServerEndpoint</span>:<span style="color:#bbb"> </span>some-address:<span style="color:#099">6443</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">token</span>:<span style="color:#bbb"> </span>abcdef.0123456789abcdef<span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">unsafeSkipCAVerification</span>:<span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">true</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span><span style="color:#000;font-weight:bold">tlsBootstrapToken</span>:<span style="color:#bbb"> </span>abcdef.0123456789abcdef<span style="color:#bbb">
</span><span style="color:#bbb">
</span></pre><p>The JoinConfiguration type should be used to configure runtime settings, that in case of kubeadm join
are the discovery method used for accessing the cluster info and all the setting which are specific
@ -295,9 +338,37 @@ use it to customize the node name, the CRI socket to use or any other settings t
node only (e.g. the node ip).</p>
</li>
<li>
<p>`apiEndpoint“, that represents the endpoint of the instance of the API server to be eventually deployed on this node.</p>
<p><code>apiEndpoint</code>, that represents the endpoint of the instance of the API server to be eventually deployed on this node.</p>
</li>
</ul>
<h2>Kubeadm reset configuration types</h2>
<p>When executing <code>kubeadm reset</code> with the <code>--config</code> option, the <code>ResetConfiguration</code> type should be provided.</p>
<pre style="background-color:#fff"><span style="color:#000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>kubeadm.k8s.io/v1beta4<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ResetConfiguration<span style="color:#bbb">
</span><span style="color:#bbb"></span>...<span style="color:#bbb">
</span></pre><h2>Kubeadm upgrade configuration types</h2>
<p>When executing <code>kubeadm upgrade</code> with the <code>--config</code> option, the <code>UpgradeConfiguration</code> type should be provided.</p>
<pre style="background-color:#fff"><span style="color:#000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>kubeadm.k8s.io/v1beta4<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>UpgradeConfiguration<span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">apply</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>...<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">diff</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>...<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">node</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>...<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"></span><span style="color:#000;font-weight:bold">plan</span>:<span style="color:#bbb">
</span><span style="color:#bbb">
</span><span style="color:#bbb"> </span>...<span style="color:#bbb">
</span><span style="color:#bbb">
</span></pre><p>The <code>UpgradeConfiguration</code> structure includes a few substructures that only apply to different subcommands of
<code>kubeadm upgrade</code>. For example, the <code>apply</code> substructure will be used with the <code>kubeadm upgrade apply</code> subcommand
and all other substructures will be ignored in such a case.</p>
## Resource Types
@ -355,7 +426,7 @@ for, so other administrators can know its purpose.</p>
</td>
</tr>
<tr><td><code>expires</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
</td>
<td>
<p><code>expires</code> specifies the timestamp when this token expires. Defaults to being set
@ -547,6 +618,22 @@ certificates. Can be <code>&quot;RSA&quot;</code> (default algorithm, key size i
P-256 elliptic curve).</p>
</td>
</tr>
<tr><td><code>certificateValidityPeriod</code><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p><code>certificateValidityPeriod</code> specifies the validity period for a non-CA certificate generated by kubeadm.
Default value: `8760h`` (365 days * 24 hours = 1 year)</p>
</td>
</tr>
<tr><td><code>caCertificateValidityPeriod</code><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p><code>caCertificateValidityPeriod</code> specifies the validity period for a CA certificate generated by kubeadm.
Default value: <code>87600h</code> (365 days * 24 hours * 10 = 10 years)</p>
</td>
</tr>
</tbody>
</table>
@ -632,6 +719,13 @@ The flag <code>--skip-phases</code> takes precedence over this field.</p>
<code>kubeadm init</code>.</p>
</td>
</tr>
<tr><td><code>timeouts</code><br/>
<a href="#kubeadm-k8s-io-v1beta4-Timeouts"><code>Timeouts</code></a>
</td>
<td>
<p><code>timeouts</code> holds various timeouts that apply to kubeadm commands.</p>
</td>
</tr>
</tbody>
</table>
@ -707,6 +801,13 @@ The flag <code>--skip-phases</code> takes precedence over this field.</p>
by kubeadm during <code>kubeadm join</code>.</p>
</td>
</tr>
<tr><td><code>timeouts</code><br/>
<a href="#kubeadm-k8s-io-v1beta4-Timeouts"><code>Timeouts</code></a>
</td>
<td>
<p><code>timeouts</code> holds various timeouts that apply to kubeadm commands.</p>
</td>
</tr>
</tbody>
</table>
@ -784,6 +885,22 @@ Value <code>all</code> ignores errors from all checks.</p>
The list of phases can be obtained with the <code>kubeadm reset phase --help</code> command.</p>
</td>
</tr>
<tr><td><code>unmountFlags</code><br/>
<code>[]string</code>
</td>
<td>
<p><code>unmountFlags</code> is a list of <code>unmount2()</code> syscall flags that kubeadm can use when unmounting
directories during &quot;reset&quot;. This flag can be one of: <code>&quot;MNT_FORCE&quot;</code>, <code>&quot;MNT_DETACH&quot;</code>,
<code>&quot;MNT_EXPIRE&quot;</code>, <code>&quot;UMOUNT_NOFOLLOW&quot;</code>. By default this list is empty.</p>
</td>
</tr>
<tr><td><code>timeouts</code><br/>
<a href="#kubeadm-k8s-io-v1beta4-Timeouts"><code>Timeouts</code></a>
</td>
<td>
<p>Timeouts holds various timeouts that apply to kubeadm commands.</p>
</td>
</tr>
</tbody>
</table>
@ -906,13 +1023,6 @@ Defaults to 6443.</p>
certificate.</p>
</td>
</tr>
<tr><td><code>timeoutForControlPlane</code><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p><code>timeoutForControlPlane</code> controls the timeout that we use for API server to appear.</p>
</td>
</tr>
</tbody>
</table>
@ -1131,13 +1241,6 @@ can be overridden. If <code>file</code> is set, this field <strong>must be set</
does not contain any other authentication information.</p>
</td>
</tr>
<tr><td><code>timeout</code><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p><code>timeout</code> modifies the discovery timeout.</p>
</td>
</tr>
</tbody>
</table>
@ -1174,7 +1277,7 @@ does not contain any other authentication information.</p>
<tr><td><code>EnvVar</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#envvar-v1-core"><code>core/v1.EnvVar</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#envvar-v1-core"><code>core/v1.EnvVar</code></a>
</td>
<td>(Members of <code>EnvVar</code> are embedded into this type.)
<span class="text-muted">No description provided.</span></td>
@ -1341,7 +1444,7 @@ file from which to load cluster information.</p>
</td>
</tr>
<tr><td><code>pathType</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#hostpathtype-v1-core"><code>core/v1.HostPathType</code></a>
</td>
<td>
<p><code>pathType</code> is the type of the <code>hostPath</code>.</p>
@ -1576,7 +1679,7 @@ This information will be annotated to the Node API object, for later re-use.</p>
</td>
</tr>
<tr><td><code>taints</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#taint-v1-core"><code>[]core/v1.Taint</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#taint-v1-core"><code>[]core/v1.Taint</code></a>
</td>
<td>
<p><code>taints</code> specifies the taints the Node API object should be registered with.
@ -1609,7 +1712,7 @@ Value 'all' ignores errors from all checks.</p>
</td>
</tr>
<tr><td><code>imagePullPolicy</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
</td>
<td>
<p><code>imagePullPolicy</code> specifies the policy for image pulling during kubeadm <code>init</code> and
@ -1619,6 +1722,14 @@ If this field is unset kubeadm will default it to &quot;IfNotPresent&quot;, or p
images if not present on the host.</p>
</td>
</tr>
<tr><td><code>imagePullSerial</code><br/>
<code>bool</code>
</td>
<td>
<p><code>imagePullSerial</code> specifies if image pulling performed by kubeadm must be done serially or in parallel.
Default: true</p>
</td>
</tr>
</tbody>
</table>
@ -1651,7 +1762,8 @@ images if not present on the host.</p>
<p><code>directory</code> is a path to a directory that contains files named
&quot;target[suffix][+patchtype].extension&quot;.
For example, &quot;kube-apiserver0+merge.yaml&quot; or just &quot;etcd.json&quot;. &quot;target&quot; can be one of
&quot;kube-apiserver&quot;, &quot;kube-controller-manager&quot;, &quot;kube-scheduler&quot;, &quot;etcd&quot;, &quot;kubeletconfiguration&quot;.
&quot;kube-apiserver&quot;, &quot;kube-controller-manager&quot;, &quot;kube-scheduler&quot;, &quot;etcd&quot;, &quot;kubeletconfiguration&quot;,
&quot;corednsdeployment&quot;.
&quot;patchtype&quot; can be one of &quot;strategic&quot;, &quot;merge&quot; or &quot;json&quot; and they match the patch formats
supported by kubectl.
The default &quot;patchtype&quot; is &quot;strategic&quot;. &quot;extension&quot; must be either &quot;json&quot; or &quot;yaml&quot;.
@ -1693,6 +1805,12 @@ first alpha-numerically.</p>
**Appears in:**
- [InitConfiguration](#kubeadm-k8s-io-v1beta4-InitConfiguration)
- [JoinConfiguration](#kubeadm-k8s-io-v1beta4-JoinConfiguration)
- [ResetConfiguration](#kubeadm-k8s-io-v1beta4-ResetConfiguration)
- [UpgradeConfiguration](#kubeadm-k8s-io-v1beta4-UpgradeConfiguration)
@ -1762,7 +1880,7 @@ Default: 5m</p>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<p><code>upgradeManifests</code> is the timeout for upgradring static Pod manifests
<p><code>upgradeManifests</code> is the timeout for upgrading static Pod manifests
Default: 5m</p>
</td>
</tr>
@ -1845,14 +1963,14 @@ Defaults to true.</p>
</td>
<td>
<p><code>ignorePreflightErrors</code> provides a slice of pre-flight errors to be ignored during the upgrade process,
e.g. 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks.</p>
e.g. <code>IsPrivilegedUser,Swap</code>. Value <code>all</code> ignores errors from all checks.</p>
</td>
</tr>
<tr><td><code>patches</code><br/>
<a href="#kubeadm-k8s-io-v1beta4-Patches"><code>Patches</code></a>
</td>
<td>
<p><code>patches</code> contains options related to applying patches to components deployed by kubeadm during &quot;kubeadm upgrade&quot;.</p>
<p><code>patches</code> contains options related to applying patches to components deployed by kubeadm during <code>kubeadm upgrade</code>.</p>
</td>
</tr>
<tr><td><code>printConfig</code><br/>
@ -1862,12 +1980,29 @@ e.g. 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks.</p>
<p><code>printConfig</code> specifies whether the configuration file that will be used in the upgrade should be printed or not.</p>
</td>
</tr>
<tr><td><code>SkipPhases</code> <B>[Required]</B><br/>
<tr><td><code>skipPhases</code> <B>[Required]</B><br/>
<code>[]string</code>
</td>
<td>
<p><code>skipPhases</code> is a list of phases to skip during command execution.
NOTE: This field is currently ignored for &quot;kubeadm upgrade apply&quot;, but in the future it will be supported.</p>
NOTE: This field is currently ignored for <code>kubeadm upgrade apply</code>, but in the future it will be supported.</p>
</td>
</tr>
<tr><td><code>imagePullPolicy</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
</td>
<td>
<p><code>imagePullPolicy</code> specifies the policy for image pulling during <code>kubeadm upgrade apply</code> operations.
The value of this field must be one of &quot;Always&quot;, &quot;IfNotPresent&quot; or &quot;Never&quot;.
If this field is unset kubeadm will default it to &quot;IfNotPresent&quot;, or pull the required images if not present on the host.</p>
</td>
</tr>
<tr><td><code>imagePullSerial</code><br/>
<code>bool</code>
</td>
<td>
<p><code>imagePullSerial</code> specifies if image pulling performed by kubeadm must be done serially or in parallel.
Default: true</p>
</td>
</tr>
</tbody>
@ -1881,7 +2016,7 @@ NOTE: This field is currently ignored for &quot;kubeadm upgrade apply&quot;, but
- [UpgradeConfiguration](#kubeadm-k8s-io-v1beta4-UpgradeConfiguration)
<p>UpgradeDiffConfiguration contains a list of configurable options which are specific to the &quot;kubeadm upgrade diff&quot; command.</p>
<p>UpgradeDiffConfiguration contains a list of configurable options which are specific to the <code>kubeadm upgrade diff</code> command.</p>
<table class="table">
@ -1968,6 +2103,23 @@ The list of phases can be obtained with the <code>kubeadm upgrade node phase --h
<p><code>patches</code> contains options related to applying patches to components deployed by kubeadm during <code>kubeadm upgrade</code>.</p>
</td>
</tr>
<tr><td><code>imagePullPolicy</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#pullpolicy-v1-core"><code>core/v1.PullPolicy</code></a>
</td>
<td>
<p><code>imagePullPolicy</code> specifies the policy for image pulling during <code>kubeadm upgrade node</code> operations.
The value of this field must be one of &quot;Always&quot;, &quot;IfNotPresent&quot; or &quot;Never&quot;.
If this field is unset kubeadm will default it to &quot;IfNotPresent&quot;, or pull the required images if not present on the host.</p>
</td>
</tr>
<tr><td><code>imagePullSerial</code><br/>
<code>bool</code>
</td>
<td>
<p><code>imagePullSerial</code> specifies if image pulling performed by kubeadm must be done serially or in parallel.
Default: true</p>
</td>
</tr>
</tbody>
</table>

12
content/en/docs/reference/config-api/kubelet-config.v1.md
View File

@ -80,9 +80,9 @@ to provide credentials. Images are expected to contain the registry domain
and URL path.</p>
<p>Each entry in matchImages is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like '&ast;.k8s.io' or 'k8s.&ast;.io', and top-level-domains such as 'k8s.&ast;'.
Matching partial subdomains like 'app&ast;.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so '&ast;.io' does not match '&ast;.k8s.io'.</p>
as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>A match exists between an image and a matchImage when all of the below are true:</p>
<ul>
<li>Both contain the same number of domain parts and each part matches.</li>
@ -92,9 +92,9 @@ a single subdomain segment, so '&ast;.io' does not match '&ast;.k8s.io'.</p>
<p>Example values of matchImages:</p>
<ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li>
<li>*.azurecr.io</li>
<li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li>
<li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li>
</ul>
</td>
@ -168,4 +168,4 @@ credential plugin.</p>
</tr>
</tbody>
</table>

31
content/en/docs/reference/config-api/kubelet-config.v1beta1.md
View File

@ -1507,7 +1507,7 @@ Also, avoid specifying:</p>
<li>Duplicates, the same NUMA node, and memory type, but with a different value.</li>
<li>zero limits for any memory type.</li>
<li>NUMAs nodes IDs that do not exist under the machine.</li>
<li>memory types except for memory and hugepages-&lt;size&gt;</li>
<li>memory types except for memory and hugepages-<!-- raw HTML omitted --></li>
</ol>
<p>Default: nil</p>
</td>
@ -1549,7 +1549,7 @@ Default: 0.9</p>
</td>
</tr>
<tr><td><code>registerWithTaints</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#taint-v1-core"><code>[]core/v1.Taint</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#taint-v1-core"><code>[]core/v1.Taint</code></a>
</td>
<td>
<p>registerWithTaints are an array of taints to add to a node object when
@ -1608,6 +1608,17 @@ Examples:'unix:///path/to/runtime.sock', 'npipe:////./pipe/runtime'.
If not specified, the value in containerRuntimeEndpoint is used.</p>
</td>
</tr>
<tr><td><code>failCgroupV1</code><br/>
<code>bool</code>
</td>
<td>
<p>FailCgroupV1 prevents the kubelet from starting on hosts
that use cgroup v1. By default, this is set to 'false', meaning
the kubelet is allowed to start on cgroup v1 hosts unless this
option is explicitly enabled.
Default: false</p>
</td>
</tr>
</tbody>
</table>
@ -1629,7 +1640,7 @@ It exists in the kubeletconfig API group because it is classified as a versioned
<tr><td><code>source</code><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#nodeconfigsource-v1-core"><code>core/v1.NodeConfigSource</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeconfigsource-v1-core"><code>core/v1.NodeConfigSource</code></a>
</td>
<td>
<p>source is the source that we are serializing.</p>
@ -1675,9 +1686,9 @@ to provide credentials. Images are expected to contain the registry domain
and URL path.</p>
<p>Each entry in matchImages is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like '&ast;.k8s.io' or 'k8s.&ast;.io', and top-level-domains such as 'k8s.&ast;'.
Matching partial subdomains like 'app&ast;.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so '&ast;.io' does not match '&ast;.k8s.io'.</p>
as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>A match exists between an image and a matchImage when all of the below are true:</p>
<ul>
<li>Both contain the same number of domain parts and each part matches.</li>
@ -1687,9 +1698,9 @@ a single subdomain segment, so '&ast;.io' does not match '&ast;.k8s.io'.</p>
<p>Example values of matchImages:</p>
<ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li>
<li>*.azurecr.io</li>
<li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li>
<li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li>
</ul>
</td>
@ -1990,7 +2001,7 @@ and groups corresponding to the Organization in the client certificate.</p>
<span class="text-muted">No description provided.</span></td>
</tr>
<tr><td><code>limits</code> <B>[Required]</B><br/>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcelist-v1-core"><code>core/v1.ResourceList</code></a>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#resourcelist-v1-core"><code>core/v1.ResourceList</code></a>
</td>
<td>
<span class="text-muted">No description provided.</span></td>
@ -2071,4 +2082,4 @@ managers (secret, configmap) are discovering object changes.</p>
</tr>
</tbody>
</table>

12
content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md
View File

@ -88,9 +88,9 @@ should be valid for all images that match against this key. A plugin should set
this field to null if no valid credentials can be returned for the requested image.</p>
<p>Each key in the map is a pattern which can optionally contain a port and a path.
Globs can be used in the domain, but not in the port or the path. Globs are supported
as subdomains like '&ast;.k8s.io' or 'k8s.&ast;.io', and top-level-domains such as 'k8s.&ast;'.
Matching partial subdomains like 'app&ast;.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so '&ast;.io' does not match '&ast;.k8s.io'.</p>
as subdomains like '<em>.k8s.io' or 'k8s.</em>.io', and top-level-domains such as 'k8s.<em>'.
Matching partial subdomains like 'app</em>.k8s.io' is also supported. Each glob can only match
a single subdomain segment, so *.io does not match *.k8s.io.</p>
<p>The kubelet will match images against the key when all of the below are true:</p>
<ul>
<li>Both contain the same number of domain parts and each part matches.</li>
@ -107,9 +107,9 @@ stopping after the first successfully authenticated pull.</p>
<p>Example keys:</p>
<ul>
<li>123456789.dkr.ecr.us-east-1.amazonaws.com</li>
<li>&ast;.azurecr.io</li>
<li>*.azurecr.io</li>
<li>gcr.io</li>
<li>&ast;.&ast;.registry.io</li>
<li><em>.</em>.registry.io</li>
<li>registry.io:8080/path</li>
</ul>
</td>
@ -165,4 +165,4 @@ An empty password is valid.</p>