api

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 2, 2016 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source
const AnnotationNameManagement = "kops.kubernetes.io/management"

AnnotationNameManagement is the annotation that indicates that a cluster is under external or non-standard management

View Source
const AnnotationValueManagementImported = "imported"

AnnotationValueManagementImported is the annotation value that indicates a cluster was imported, typically as part of an upgrade

View Source
const DefaultChannel = "stable"
View Source
const DefaultChannelBase = "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
View Source
const PathCluster = "config"

Path for the user-specifed cluster spec

View Source
const PathClusterCompleted = "cluster.spec"

Path for completed cluster spec in the state store

View Source
const RoleLabelName = "kubernetes.io/role"
View Source
const RoleMasterLabelValue = "master"
View Source
const UpdatePolicyExternal = "external"

UpdatePolicyExternal is a value for ClusterSpec.UpdatePolicy indicating that upgrades are done externally, and we should disable automatic upgrades

Variables

This section is empty.

Functions

func CreateClusterConfig

func CreateClusterConfig(clusterRegistry *ClusterRegistry, cluster *Cluster, groups []*InstanceGroup) error

func DeepValidate

func DeepValidate(c *Cluster, groups []*InstanceGroup, strict bool) error

func FindLatestKubernetesVersion

func FindLatestKubernetesVersion() (string, error)

FindLatestKubernetesVersion returns the latest kubernetes version, as stored at https://storage.googleapis.com/kubernetes-release/release/stable.txt

func IsValidValue

func IsValidValue(fldPath *field.Path, v *string, validValues []string) field.ErrorList

func ParseKubernetesVersion

func ParseKubernetesVersion(version string) (*semver.Version, error)

func ParseYaml

func ParseYaml(data []byte, dest interface{}) error

func PerformAssignmentsInstanceGroups

func PerformAssignmentsInstanceGroups(groups []*InstanceGroup) error

PerformAssignmentsInstanceGroups populates InstanceGroups with default values

func ToYaml

func ToYaml(dest interface{}) ([]byte, error)

func ValidateDockerConfig

func ValidateDockerConfig(config *DockerConfig, fldPath *field.Path) field.ErrorList

Types

type Channel

type Channel struct {
	unversioned.TypeMeta `json:",inline"`
	k8sapi.ObjectMeta    `json:"metadata,omitempty"`

	Spec ChannelSpec `json:"spec,omitempty"`
}

func LoadChannel

func LoadChannel(location string) (*Channel, error)

LoadChannel loads a Channel object from the specified VFS location

func (*Channel) FindImage

func (c *Channel) FindImage(provider fi.CloudProviderID) *ChannelImageSpec

FindImage returns the image for the cloudprovider, or nil if none found

type ChannelImageSpec

type ChannelImageSpec struct {
	Labels map[string]string `json:"labels,omitempty"`

	ProviderID string `json:"providerID,omitempty"`

	Name string `json:"name,omitempty"`
}

type ChannelSpec

type ChannelSpec struct {
	Images []*ChannelImageSpec `json:"images,omitempty"`

	Cluster *ClusterSpec `json:"cluster,omitempty"`
}

type ClassicNetworkingSpec

type ClassicNetworkingSpec struct {
}

ClassicNetworkingSpec is the specification of classic networking mode, integrated into kubernetes

type Cluster

type Cluster struct {
	unversioned.TypeMeta `json:",inline"`
	k8sapi.ObjectMeta    `json:"metadata,omitempty"`

	Spec ClusterSpec `json:"spec,omitempty"`
}

func (*Cluster) FillDefaults

func (c *Cluster) FillDefaults() error

FillDefaults populates default values. This is different from PerformAssignments, because these values are changeable, and thus we don't need to store them (i.e. we don't need to 'lock them')

func (*Cluster) PerformAssignments

func (c *Cluster) PerformAssignments() error

PerformAssignments populates values that are required and immutable For example, it assigns stable Keys to NodeSets & Masters, and it assigns CIDRs to subnets We also assign KubernetesVersion, because we want it to be explicit

func (*Cluster) SharedVPC

func (c *Cluster) SharedVPC() bool

SharedVPC is a simple helper function which makes the templates for a shared VPC clearer

func (*Cluster) Validate

func (c *Cluster) Validate(strict bool) error

type ClusterRegistry

type ClusterRegistry struct {
	// contains filtered or unexported fields
}

ClusterRegistry is a store of the specs for a group of clusters

func NewClusterRegistry

func NewClusterRegistry(basePath vfs.Path) *ClusterRegistry

func (*ClusterRegistry) ClusterBase

func (r *ClusterRegistry) ClusterBase(clusterName string) (vfs.Path, error)

func (*ClusterRegistry) Create

func (r *ClusterRegistry) Create(g *Cluster) error

func (*ClusterRegistry) DeleteAllClusterState

func (r *ClusterRegistry) DeleteAllClusterState(clusterName string) error

func (*ClusterRegistry) Find

func (r *ClusterRegistry) Find(clusterName string) (*Cluster, error)

func (*ClusterRegistry) InstanceGroups

func (r *ClusterRegistry) InstanceGroups(clusterName string) (*InstanceGroupRegistry, error)

func (*ClusterRegistry) KeyStore

func (r *ClusterRegistry) KeyStore(clusterName string) fi.CAStore

func (*ClusterRegistry) List

func (r *ClusterRegistry) List() ([]string, error)

List returns a slice containing all the cluster names

func (*ClusterRegistry) ReadCompletedConfig

func (r *ClusterRegistry) ReadCompletedConfig(clusterName string) (*Cluster, error)

ReadCompletedConfig reads the "full" cluster spec for the given cluster

func (*ClusterRegistry) SecretStore

func (r *ClusterRegistry) SecretStore(clusterName string) fi.SecretStore

func (*ClusterRegistry) Update

func (r *ClusterRegistry) Update(g *Cluster) error

func (*ClusterRegistry) WriteCompletedConfig

func (r *ClusterRegistry) WriteCompletedConfig(config *Cluster, writeOptions ...fi.WriteOption) error

type ClusterSpec

type ClusterSpec struct {
	// The Channel we are following
	Channel string `json:"channel,omitempty"`

	// The CloudProvider to use (aws or gce)
	CloudProvider string `json:"cloudProvider,omitempty"`

	// The version of kubernetes to install (optional, and can be a "spec" like stable)
	KubernetesVersion string `json:"kubernetesVersion,omitempty"`

	// Configuration of zones we are targeting
	Zones []*ClusterZoneSpec `json:"zones,omitempty"`

	// Project is the cloud project we should use, required on GCE
	Project string `json:"project,omitempty"`

	// MasterPublicName is the external DNS name for the master nodes
	MasterPublicName string `json:"masterPublicName,omitempty"`
	// MasterInternalName is the internal DNS name for the master nodes
	MasterInternalName string `json:"masterInternalName,omitempty"`

	// The CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s
	// This is a real CIDR, not the internal k8s network
	NetworkCIDR string `json:"networkCIDR,omitempty"`

	// NetworkID is an identifier of a network, if we want to reuse/share an existing network (e.g. an AWS VPC)
	NetworkID string `json:"networkID,omitempty"`

	// SecretStore is the VFS path to where secrets are stored
	SecretStore string `json:"secretStore,omitempty"`
	// KeyStore is the VFS path to where SSL keys and certificates are stored
	KeyStore string `json:"keyStore,omitempty"`
	// ConfigStore is the VFS path to where the configuration (CloudConfig, NodeSetConfig etc) is stored
	ConfigStore string `json:"configStore,omitempty"`

	// DNSZone is the DNS zone we should use when configuring DNS
	// This is because some clouds let us define a managed zone foo.bar, and then have
	// kubernetes.dev.foo.bar, without needing to define dev.foo.bar as a hosted zone.
	// DNSZone will probably be a suffix of the MasterPublicName and MasterInternalName
	// Note that DNSZone can either by the host name of the zone (containing dots),
	// or can be an identifier for the zone.
	DNSZone string `json:"dnsZone,omitempty"`

	// ClusterDNSDomain is the suffix we use for internal DNS names (normally cluster.local)
	ClusterDNSDomain string `json:"clusterDNSDomain,omitempty"`

	Multizone *bool `json:"multizone,omitempty"`

	// ServiceClusterIPRange is the CIDR, from the internal network, where we allocate IPs for services
	ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty"`

	// NonMasqueradeCIDR is the CIDR for the internal k8s network (on which pods & services live)
	// It cannot overlap ServiceClusterIPRange
	NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty"`

	// AdminAccess determines the permitted access to the admin endpoints (SSH & master HTTPS)
	// Currently only a single CIDR is supported (though a richer grammar could be added in future)
	AdminAccess []string `json:"adminAccess,omitempty"`

	// IsolatesMasters determines whether we should lock down masters so that they are not on the pod network.
	// true is the kube-up behaviour, but it is very surprising: it means that daemonsets only work on the master
	// if they have hostNetwork=true.
	// false is now the default, and it will:
	//  * give the master a normal PodCIDR
	//  * run kube-proxy on the master
	//  * enable debugging handlers on the master, so kubectl logs works
	IsolateMasters *bool `json:"isolateMasters,omitempty"`

	// UpdatePolicy determines the policy for applying upgrades automatically.
	// Valid values:
	//   'external' do not apply updates automatically - they are applied manually or by an external system
	//   missing: default policy (currently OS security upgrades that do not require a reboot)
	UpdatePolicy *string `json:"updatePolicy,omitempty"`

	// EtcdClusters stores the configuration for each cluster
	EtcdClusters []*EtcdClusterSpec `json:"etcdClusters,omitempty"`

	// Component configurations
	Docker                *DockerConfig                `json:"docker,omitempty"`
	KubeDNS               *KubeDNSConfig               `json:"kubeDNS,omitempty"`
	KubeAPIServer         *KubeAPIServerConfig         `json:"kubeAPIServer,omitempty"`
	KubeControllerManager *KubeControllerManagerConfig `json:"kubeControllerManager,omitempty"`
	KubeScheduler         *KubeSchedulerConfig         `json:"kubeScheduler,omitempty"`
	KubeProxy             *KubeProxyConfig             `json:"kubeProxy,omitempty"`
	Kubelet               *KubeletConfigSpec           `json:"kubelet,omitempty"`
	MasterKubelet         *KubeletConfigSpec           `json:"masterKubelet,omitempty"`

	// Networking configuration
	Networking *NetworkingSpec `json:"networking,omitempty"`
}

type ClusterZoneSpec

type ClusterZoneSpec struct {
	Name string `json:"name,omitempty"`
	CIDR string `json:"cidr,omitempty"`

	// ProviderID is the cloud provider id for the objects associated with the zone (the subnet on AWS)
	ProviderID string `json:"id,omitempty"`
}

type DockerConfig

type DockerConfig struct {
	Bridge   *string `json:"bridge,omitempty" flag:"bridge"`
	LogLevel *string `json:"logLevel,omitempty" flag:"log-level"`
	IPTables *bool   `json:"ipTables,omitempty" flag:"iptables"`
	IPMasq   *bool   `json:"ipMasq,omitempty" flag:"ip-masq"`

	// Storage maps to the docker storage flag
	// But nodeup will also process a comma-separate list, selecting the first supported option
	Storage *string `json:"storage,omitempty" flag:"storage-driver"`

	InsecureRegistry *string `json:"insecureRegistry,omitempty" flag:"insecure-registry"`
	MTU              *int    `json:"mtu,omitempty" flag:"mtu"`
}

type EtcdClusterSpec

type EtcdClusterSpec struct {
	// Name is the name of the etcd cluster (main, events etc)
	Name string `json:"name,omitempty"`

	// EtcdMember stores the configurations for each member of the cluster (including the data volume)
	Members []*EtcdMemberSpec `json:"etcdMembers,omitempty"`
}

type EtcdMemberSpec

type EtcdMemberSpec struct {
	// Name is the name of the member within the etcd cluster
	Name string  `json:"name,omitempty"`
	Zone *string `json:"zone,omitempty"`

	VolumeType      *string `json:"volumeType,omitempty"`
	VolumeSize      *int    `json:"volumeSize,omitempty"`
	KmsKeyId        *string `json:"kmsKeyId,omitempty"`
	EncryptedVolume *bool   `json:"encryptedVolume,omitempty"`
}

type ExternalNetworkingSpec

type ExternalNetworkingSpec struct {
}

ExternalNetworkingSpec is the specification for networking that is implemented by a Daemonset Networking is not managed by kops - we can create options here that directly configure e.g. weave but this is useful for arbitrary network modes or for modes that don't need additional configuration.

type InstanceGroup

type InstanceGroup struct {
	unversioned.TypeMeta `json:",inline"`
	k8sapi.ObjectMeta    `json:"metadata,omitempty"`

	Spec InstanceGroupSpec `json:"spec,omitempty"`
}

InstanceGroup represents a group of instances (either nodes or masters) with the same configuration

func (*InstanceGroup) CrossValidate

func (g *InstanceGroup) CrossValidate(cluster *Cluster, strict bool) error

CrossValidate performs validation of the instance group, including that it is consistent with the Cluster It calls Validate, so all that validation is included.

func (*InstanceGroup) IsMaster

func (g *InstanceGroup) IsMaster() bool

func (*InstanceGroup) Validate

func (g *InstanceGroup) Validate(strict bool) error

type InstanceGroupRegistry

type InstanceGroupRegistry struct {
	// contains filtered or unexported fields
}

func (*InstanceGroupRegistry) Create

func (*InstanceGroupRegistry) Delete

func (r *InstanceGroupRegistry) Delete(name string) (bool, error)

func (*InstanceGroupRegistry) Find

func (r *InstanceGroupRegistry) Find(name string) (*InstanceGroup, error)

func (*InstanceGroupRegistry) InstanceGroupPath

func (r *InstanceGroupRegistry) InstanceGroupPath(name string) (vfs.Path, error)

func (*InstanceGroupRegistry) List

func (r *InstanceGroupRegistry) List() ([]string, error)

func (*InstanceGroupRegistry) ReadAll

func (r *InstanceGroupRegistry) ReadAll() ([]*InstanceGroup, error)

func (*InstanceGroupRegistry) Update

type InstanceGroupRole

type InstanceGroupRole string

InstanceGroupRole string describes the roles of the nodes in this InstanceGroup (master or nodes)

const (
	InstanceGroupRoleMaster InstanceGroupRole = "Master"
	InstanceGroupRoleNode   InstanceGroupRole = "Node"
)

type InstanceGroupSpec

type InstanceGroupSpec struct {
	// Type determines the role of instances in this group: masters or nodes
	Role InstanceGroupRole `json:"role,omitempty"`

	Image   string `json:"image,omitempty"`
	MinSize *int   `json:"minSize,omitempty"`
	MaxSize *int   `json:"maxSize,omitempty"`
	//NodeInstancePrefix string `json:",omitempty"`
	//NodeLabels         string `json:",omitempty"`
	MachineType string `json:"machineType,omitempty"`

	// RootVolumeSize is the size of the EBS root volume to use, in GB
	RootVolumeSize *int `json:"rootVolumeSize,omitempty"`
	// RootVolumeType is the type of the EBS root volume to use (e.g. gp2)
	RootVolumeType *string `json:"rootVolumeType,omitempty"`

	Zones []string `json:"zones,omitempty"`

	// MaxPrice indicates this is a spot-pricing group, with the specified value as our max-price bid
	MaxPrice *string `json:"maxPrice,omitempty"`

	// AssociatePublicIP is true if we want instances to have a public IP
	AssociatePublicIP *bool `json:"associatePublicIp,omitempty"`

	// CloudLabels indicates the labels for instances in this group, at the AWS level
	CloudLabels map[string]string `json:"cloudLabels,omitempty"`

	// NodeLabels indicates the kubernetes labels for nodes in this group
	NodeLabels map[string]string `json:"nodeLabels,omitempty"`
}

type KubeAPIServerConfig

type KubeAPIServerConfig struct {
	PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`
	PathSrvSshproxy   string `json:"pathSrvSshproxy,omitempty"`
	Image             string `json:"image,omitempty"`

	LogLevel int `json:"logLevel,omitempty" flag:"v"`

	CloudProvider         string            `json:"cloudProvider,omitempty" flag:"cloud-provider"`
	SecurePort            int               `json:"securePort,omitempty" flag:"secure-port"`
	Address               string            `json:"address,omitempty" flag:"address"`
	EtcdServers           []string          `json:"etcdServers,omitempty" flag:"etcd-servers"`
	EtcdServersOverrides  []string          `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"`
	AdmissionControl      []string          `json:"admissionControl,omitempty" flag:"admission-control"`
	ServiceClusterIPRange string            `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"`
	ClientCAFile          string            `json:"clientCAFile,omitempty" flag:"client-ca-file"`
	BasicAuthFile         string            `json:"basicAuthFile,omitempty" flag:"basic-auth-file"`
	TLSCertFile           string            `json:"tlsCertFile,omitempty" flag:"tls-cert-file"`
	TLSPrivateKeyFile     string            `json:"tlsPrivateKeyFile,omitempty" flag:"tls-private-key-file"`
	TokenAuthFile         string            `json:"tokenAuthFile,omitempty" flag:"token-auth-file"`
	AllowPrivileged       *bool             `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
	APIServerCount        *int              `json:"apiServerCount,omitempty" flag:"apiserver-count"`
	RuntimeConfig         map[string]string `json:"runtimeConfig,omitempty" flag:"runtime-config"`
}

type KubeControllerManagerConfig

type KubeControllerManagerConfig struct {
	Master   string `json:"master,omitempty" flag:"master"`
	LogLevel int    `json:"logLevel,omitempty" flag:"v"`

	ServiceAccountPrivateKeyFile string `json:"serviceAccountPrivateKeyFile,omitempty" flag:"service-account-private-key-file"`

	Image string `json:"image,omitempty"`

	PathSrvKubernetes string `json:"pathSrvKubernetes,omitempty"`

	//// port is the port that the controller-manager's http service runs on.
	//Port int32 `json:"port"`
	//// address is the IP address to serve on (set to 0.0.0.0 for all interfaces).
	//Address string `json:"address"`
	// cloudProvider is the provider for cloud services.
	CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
	//// cloudConfigFile is the path to the cloud provider configuration file.
	//CloudConfigFile string `json:"cloudConfigFile"`
	//// concurrentEndpointSyncs is the number of endpoint syncing operations
	//// that will be done concurrently. Larger number = faster endpoint updating,
	//// but more CPU (and network) load.
	//ConcurrentEndpointSyncs int32 `json:"concurrentEndpointSyncs"`
	//// concurrentRSSyncs is the number of replica sets that are  allowed to sync
	//// concurrently. Larger number = more responsive replica  management, but more
	//// CPU (and network) load.
	//ConcurrentRSSyncs int32 `json:"concurrentRSSyncs"`
	//// concurrentRCSyncs is the number of replication controllers that are
	//// allowed to sync concurrently. Larger number = more responsive replica
	//// management, but more CPU (and network) load.
	//ConcurrentRCSyncs int32 `json:"concurrentRCSyncs"`
	//// concurrentResourceQuotaSyncs is the number of resource quotas that are
	//// allowed to sync concurrently. Larger number = more responsive quota
	//// management, but more CPU (and network) load.
	//ConcurrentResourceQuotaSyncs int32 `json:"concurrentResourceQuotaSyncs"`
	//// concurrentDeploymentSyncs is the number of deployment objects that are
	//// allowed to sync concurrently. Larger number = more responsive deployments,
	//// but more CPU (and network) load.
	//ConcurrentDeploymentSyncs int32 `json:"concurrentDeploymentSyncs"`
	//// concurrentDaemonSetSyncs is the number of daemonset objects that are
	//// allowed to sync concurrently. Larger number = more responsive daemonset,
	//// but more CPU (and network) load.
	//ConcurrentDaemonSetSyncs int32 `json:"concurrentDaemonSetSyncs"`
	//// concurrentJobSyncs is the number of job objects that are
	//// allowed to sync concurrently. Larger number = more responsive jobs,
	//// but more CPU (and network) load.
	//ConcurrentJobSyncs int32 `json:"concurrentJobSyncs"`
	//// concurrentNamespaceSyncs is the number of namespace objects that are
	//// allowed to sync concurrently.
	//ConcurrentNamespaceSyncs int32 `json:"concurrentNamespaceSyncs"`
	//// lookupCacheSizeForRC is the size of lookup cache for replication controllers.
	//// Larger number = more responsive replica management, but more MEM load.
	//LookupCacheSizeForRC int32 `json:"lookupCacheSizeForRC"`
	//// lookupCacheSizeForRS is the size of lookup cache for replicatsets.
	//// Larger number = more responsive replica management, but more MEM load.
	//LookupCacheSizeForRS int32 `json:"lookupCacheSizeForRS"`
	//// lookupCacheSizeForDaemonSet is the size of lookup cache for daemonsets.
	//// Larger number = more responsive daemonset, but more MEM load.
	//LookupCacheSizeForDaemonSet int32 `json:"lookupCacheSizeForDaemonSet"`
	//// serviceSyncPeriod is the period for syncing services with their external
	//// load balancers.
	//ServiceSyncPeriod unversioned.Duration `json:"serviceSyncPeriod"`
	//// nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer
	//// periods will result in fewer calls to cloud provider, but may delay addition
	//// of new nodes to cluster.
	//NodeSyncPeriod unversioned.Duration `json:"nodeSyncPeriod"`
	//// resourceQuotaSyncPeriod is the period for syncing quota usage status
	//// in the system.
	//ResourceQuotaSyncPeriod unversioned.Duration `json:"resourceQuotaSyncPeriod"`
	//// namespaceSyncPeriod is the period for syncing namespace life-cycle
	//// updates.
	//NamespaceSyncPeriod unversioned.Duration `json:"namespaceSyncPeriod"`
	//// pvClaimBinderSyncPeriod is the period for syncing persistent volumes
	//// and persistent volume claims.
	//PVClaimBinderSyncPeriod unversioned.Duration `json:"pvClaimBinderSyncPeriod"`
	//// minResyncPeriod is the resync period in reflectors; will be random between
	//// minResyncPeriod and 2*minResyncPeriod.
	//MinResyncPeriod unversioned.Duration `json:"minResyncPeriod"`
	//// terminatedPodGCThreshold is the number of terminated pods that can exist
	//// before the terminated pod garbage collector starts deleting terminated pods.
	//// If <= 0, the terminated pod garbage collector is disabled.
	//TerminatedPodGCThreshold int32 `json:"terminatedPodGCThreshold"`
	//// horizontalPodAutoscalerSyncPeriod is the period for syncing the number of
	//// pods in horizontal pod autoscaler.
	//HorizontalPodAutoscalerSyncPeriod unversioned.Duration `json:"horizontalPodAutoscalerSyncPeriod"`
	//// deploymentControllerSyncPeriod is the period for syncing the deployments.
	//DeploymentControllerSyncPeriod unversioned.Duration `json:"deploymentControllerSyncPeriod"`
	//// podEvictionTimeout is the grace period for deleting pods on failed nodes.
	//PodEvictionTimeout unversioned.Duration `json:"podEvictionTimeout"`
	//// deletingPodsQps is the number of nodes per second on which pods are deleted in
	//// case of node failure.
	//DeletingPodsQps float32 `json:"deletingPodsQps"`
	//// deletingPodsBurst is the number of nodes on which pods are bursty deleted in
	//// case of node failure. For more details look into RateLimiter.
	//DeletingPodsBurst int32 `json:"deletingPodsBurst"`
	//// nodeMontiorGracePeriod is the amount of time which we allow a running node to be
	//// unresponsive before marking it unhealty. Must be N times more than kubelet's
	//// nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet
	//// to post node status.
	//NodeMonitorGracePeriod unversioned.Duration `json:"nodeMonitorGracePeriod"`
	//// registerRetryCount is the number of retries for initial node registration.
	//// Retry interval equals node-sync-period.
	//RegisterRetryCount int32 `json:"registerRetryCount"`
	//// nodeStartupGracePeriod is the amount of time which we allow starting a node to
	//// be unresponsive before marking it unhealty.
	//NodeStartupGracePeriod unversioned.Duration `json:"nodeStartupGracePeriod"`
	//// nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.
	//NodeMonitorPeriod unversioned.Duration `json:"nodeMonitorPeriod"`
	//// serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key
	//// used to sign service account tokens.
	//ServiceAccountKeyFile string `json:"serviceAccountKeyFile"`
	//// enableProfiling enables profiling via web interface host:port/debug/pprof/
	//EnableProfiling bool `json:"enableProfiling"`
	// clusterName is the instance prefix for the cluster.
	ClusterName string `json:"clusterName,omitempty" flag:"cluster-name"`
	// clusterCIDR is CIDR Range for Pods in cluster.
	ClusterCIDR string `json:"clusterCIDR,omitempty" flag:"cluster-cidr"`
	//// serviceCIDR is CIDR Range for Services in cluster.
	//ServiceCIDR string `json:"serviceCIDR"`
	//// NodeCIDRMaskSize is the mask size for node cidr in cluster.
	//NodeCIDRMaskSize int32 `json:"nodeCIDRMaskSize"`
	// allocateNodeCIDRs enables CIDRs for Pods to be allocated and, if
	// ConfigureCloudRoutes is true, to be set on the cloud provider.
	AllocateNodeCIDRs *bool `json:"allocateNodeCIDRs,omitempty" flag:"allocate-node-cidrs"`
	// configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs
	// to be configured on the cloud provider.
	ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"`
	// rootCAFile is the root certificate authority will be included in service
	// account's token secret. This must be a valid PEM-encoded CA bundle.
	RootCAFile string `json:"rootCAFile,omitempty" flag:"root-ca-file"`
	//// contentType is contentType of requests sent to apiserver.
	//ContentType string `json:"contentType"`
	//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
	//KubeAPIQPS float32 `json:"kubeAPIQPS"`
	//// kubeAPIBurst is the burst to use while talking with kubernetes apiserver.
	//KubeAPIBurst int32 `json:"kubeAPIBurst"`
	// leaderElection defines the configuration of leader election client.
	LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}

type KubeDNSConfig

type KubeDNSConfig struct {
	// Image is the name of the docker image to run
	Image string `json:"image,omitempty"`

	Replicas int    `json:"replicas,omitempty"`
	Domain   string `json:"domain,omitempty"`
	ServerIP string `json:"serverIP,omitempty"`
}

type KubeProxyConfig

type KubeProxyConfig struct {
	Image string `json:"image,omitempty"`
	// TODO: Better type ?
	CPURequest string `json:"cpuRequest,omitempty"` // e.g. "20m"

	LogLevel int `json:"logLevel,omitempty" flag:"v"`

	//// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
	//// for all interfaces)
	//BindAddress string `json:"bindAddress"`
	//// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
	//// bridge traffic coming from outside of the cluster. If not provided,
	//// no off-cluster bridging will be performed.
	//ClusterCIDR string `json:"clusterCIDR"`
	//// healthzBindAddress is the IP address for the health check server to serve on,
	//// defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)
	//HealthzBindAddress string `json:"healthzBindAddress"`
	//// healthzPort is the port to bind the health check server. Use 0 to disable.
	//HealthzPort int32 `json:"healthzPort"`
	//// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
	//HostnameOverride string `json:"hostnameOverride"`
	//// iptablesMasqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
	//// the pure iptables proxy mode. Values must be within the range [0, 31].
	//IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit"`
	//// iptablesSyncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
	//// '2h22m').  Must be greater than 0.
	//IPTablesSyncPeriod unversioned.Duration `json:"iptablesSyncPeriodSeconds"`
	//// kubeconfigPath is the path to the kubeconfig file with authorization information (the
	//// master location is set by the master flag).
	//KubeconfigPath string `json:"kubeconfigPath"`
	//// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
	//MasqueradeAll bool `json:"masqueradeAll"`
	// master is the address of the Kubernetes API server (overrides any value in kubeconfig)
	Master string `json:"master,omitempty" flag:"master"`
}

type KubeSchedulerConfig

type KubeSchedulerConfig struct {
	Master   string `json:"master,omitempty" flag:"master"`
	LogLevel int    `json:"logLevel,omitempty" flag:"v"`

	Image string `json:"image,omitempty"`

	//// port is the port that the scheduler's http service runs on.
	//Port int32 `json:"port"`
	//// address is the IP address to serve on.
	//Address string `json:"address"`
	//// algorithmProvider is the scheduling algorithm provider to use.
	//AlgorithmProvider string `json:"algorithmProvider"`
	//// policyConfigFile is the filepath to the scheduler policy configuration.
	//PolicyConfigFile string `json:"policyConfigFile"`
	//// enableProfiling enables profiling via web interface.
	//EnableProfiling bool `json:"enableProfiling"`
	//// contentType is contentType of requests sent to apiserver.
	//ContentType string `json:"contentType"`
	//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver.
	//KubeAPIQPS float32 `json:"kubeAPIQPS"`
	//// kubeAPIBurst is the QPS burst to use while talking with kubernetes apiserver.
	//KubeAPIBurst int32 `json:"kubeAPIBurst"`
	//// schedulerName is name of the scheduler, used to select which pods
	//// will be processed by this scheduler, based on pod's annotation with
	//// key 'scheduler.alpha.kubernetes.io/name'.
	//SchedulerName string `json:"schedulerName"`
	//// RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule
	//// corresponding to every RequiredDuringScheduling affinity rule.
	//// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 0-100.
	//HardPodAffinitySymmetricWeight int `json:"hardPodAffinitySymmetricWeight"`
	//// Indicate the "all topologies" set for empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.
	//FailureDomains string `json:"failureDomains"`
	// leaderElection defines the configuration of leader election client.
	LeaderElection *LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}

type KubeletConfig

type KubeletConfig struct {
	unversioned.TypeMeta `json:",inline"`
	k8sapi.ObjectMeta    `json:"metadata,omitempty"`

	Spec ClusterSpec `json:"spec,omitempty"`
}

type KubeletConfigSpec

type KubeletConfigSpec struct {
	APIServers string `json:"apiServers,omitempty" flag:"api-servers"`

	LogLevel *int `json:"logLevel,omitempty" flag:"v"`

	// config is the path to the config file or directory of files
	Config string `json:"config,omitempty" flag:"config"`
	//// syncFrequency is the max period between synchronizing running
	//// containers and config
	//SyncFrequency unversioned.Duration `json:"syncFrequency"`
	//// fileCheckFrequency is the duration between checking config files for
	//// new data
	//FileCheckFrequency unversioned.Duration `json:"fileCheckFrequency"`
	//// httpCheckFrequency is the duration between checking http for new data
	//HTTPCheckFrequency unversioned.Duration `json:"httpCheckFrequency"`
	//// manifestURL is the URL for accessing the container manifest
	//ManifestURL string `json:"manifestURL"`
	//// manifestURLHeader is the HTTP header to use when accessing the manifest
	//// URL, with the key separated from the value with a ':', as in 'key:value'
	//ManifestURLHeader string `json:"manifestURLHeader"`
	//// enableServer enables the Kubelet's server
	//EnableServer bool `json:"enableServer"`
	//// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
	//// for all interfaces)
	//Address string `json:"address"`
	//// port is the port for the Kubelet to serve on.
	//Port uint `json:"port"`
	//// readOnlyPort is the read-only port for the Kubelet to serve on with
	//// no authentication/authorization (set to 0 to disable)
	//ReadOnlyPort uint `json:"readOnlyPort"`
	//// tLSCertFile is the file containing x509 Certificate for HTTPS.  (CA cert,
	//// if any, concatenated after server cert). If tlsCertFile and
	//// tlsPrivateKeyFile are not provided, a self-signed certificate
	//// and key are generated for the public address and saved to the directory
	//// passed to certDir.
	//TLSCertFile string `json:"tlsCertFile"`
	//// tLSPrivateKeyFile is the ile containing x509 private key matching
	//// tlsCertFile.
	//TLSPrivateKeyFile string `json:"tlsPrivateKeyFile"`
	//// certDirectory is the directory where the TLS certs are located (by
	//// default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile
	//// are provided, this flag will be ignored.
	//CertDirectory string `json:"certDirectory"`
	// hostnameOverride is the hostname used to identify the kubelet instead
	// of the actual hostname.
	// Note: We recognize some additional values:
	//  @aws uses the hostname from the AWS metadata service
	HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"`
	//// podInfraContainerImage is the image whose network/ipc namespaces
	//// containers in each pod will use.
	//PodInfraContainerImage string `json:"podInfraContainerImage"`
	//// dockerEndpoint is the path to the docker endpoint to communicate with.
	//DockerEndpoint string `json:"dockerEndpoint"`
	//// rootDirectory is the directory path to place kubelet files (volume
	//// mounts,etc).
	//RootDirectory string `json:"rootDirectory"`
	//// seccompProfileRoot is the directory path for seccomp profiles.
	//SeccompProfileRoot string `json:"seccompProfileRoot"`
	// allowPrivileged enables containers to request privileged mode.
	// Defaults to false.
	AllowPrivileged *bool `json:"allowPrivileged,omitempty" flag:"allow-privileged"`
	//// hostNetworkSources is a comma-separated list of sources from which the
	//// Kubelet allows pods to use of host network. Defaults to "*".
	//HostNetworkSources []string `json:"hostNetworkSources"`
	//// hostPIDSources is a comma-separated list of sources from which the
	//// Kubelet allows pods to use the host pid namespace. Defaults to "*".
	//HostPIDSources []string `json:"hostPIDSources"`
	//// hostIPCSources is a comma-separated list of sources from which the
	//// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
	//HostIPCSources []string `json:"hostIPCSources"`
	//// registryPullQPS is the limit of registry pulls per second. If 0,
	//// unlimited. Set to 0 for no limit. Defaults to 5.0.
	//RegistryPullQPS float64 `json:"registryPullQPS"`
	//// registryBurst is the maximum size of a bursty pulls, temporarily allows
	//// pulls to burst to this number, while still not exceeding registryQps.
	//// Only used if registryQps > 0.
	//RegistryBurst int32 `json:"registryBurst"`
	//// eventRecordQPS is the maximum event creations per second. If 0, there
	//// is no limit enforced.
	//EventRecordQPS float32 `json:"eventRecordQPS"`
	//// eventBurst is the maximum size of a bursty event records, temporarily
	//// allows event records to burst to this number, while still not exceeding
	//// event-qps. Only used if eventQps > 0
	//EventBurst int32 `json:"eventBurst"`
	// enableDebuggingHandlers enables server endpoints for log collection
	// and local running of containers and commands
	EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty" flag:"enable-debugging-handlers"`
	//// minimumGCAge is the minimum age for a finished container before it is
	//// garbage collected.
	//MinimumGCAge unversioned.Duration `json:"minimumGCAge"`
	//// maxPerPodContainerCount is the maximum number of old instances to
	//// retain per container. Each container takes up some disk space.
	//MaxPerPodContainerCount int32 `json:"maxPerPodContainerCount"`
	//// maxContainerCount is the maximum number of old instances of containers
	//// to retain globally. Each container takes up some disk space.
	//MaxContainerCount int32 `json:"maxContainerCount"`
	//// cAdvisorPort is the port of the localhost cAdvisor endpoint
	//CAdvisorPort uint `json:"cAdvisorPort"`
	//// healthzPort is the port of the localhost healthz endpoint
	//HealthzPort int32 `json:"healthzPort"`
	//// healthzBindAddress is the IP address for the healthz server to serve
	//// on.
	//HealthzBindAddress string `json:"healthzBindAddress"`
	//// oomScoreAdj is The oom-score-adj value for kubelet process. Values
	//// must be within the range [-1000, 1000].
	//OOMScoreAdj int32 `json:"oomScoreAdj"`
	//// registerNode enables automatic registration with the apiserver.
	//RegisterNode bool `json:"registerNode"`
	// clusterDomain is the DNS domain for this cluster. If set, kubelet will
	// configure all containers to search this domain in addition to the
	// host's search domains.
	ClusterDomain string `json:"clusterDomain,omitempty" flag:"cluster-domain"`
	//// masterServiceNamespace is The namespace from which the kubernetes
	//// master services should be injected into pods.
	//MasterServiceNamespace string `json:"masterServiceNamespace"`
	// clusterDNS is the IP address for a cluster DNS server.  If set, kubelet
	// will configure all containers to use this for DNS resolution in
	// addition to the host's DNS servers
	ClusterDNS string `json:"clusterDNS,omitempty" flag:"cluster-dns"`
	//// streamingConnectionIdleTimeout is the maximum time a streaming connection
	//// can be idle before the connection is automatically closed.
	//StreamingConnectionIdleTimeout unversioned.Duration `json:"streamingConnectionIdleTimeout"`
	//// nodeStatusUpdateFrequency is the frequency that kubelet posts node
	//// status to master. Note: be cautious when changing the constant, it
	//// must work with nodeMonitorGracePeriod in nodecontroller.
	//NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
	//// minimumGCAge is the minimum age for a unused image before it is
	//// garbage collected.
	//ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
	//// imageGCHighThresholdPercent is the percent of disk usage after which
	//// image garbage collection is always run.
	//ImageGCHighThresholdPercent int32 `json:"imageGCHighThresholdPercent"`
	//// imageGCLowThresholdPercent is the percent of disk usage before which
	//// image garbage collection is never run. Lowest disk usage to garbage
	//// collect to.
	//ImageGCLowThresholdPercent int32 `json:"imageGCLowThresholdPercent"`
	//// lowDiskSpaceThresholdMB is the absolute free disk space, in MB, to
	//// maintain. When disk space falls below this threshold, new pods would
	//// be rejected.
	//LowDiskSpaceThresholdMB int32 `json:"lowDiskSpaceThresholdMB"`
	//// How frequently to calculate and cache volume disk usage for all pods
	//VolumeStatsAggPeriod unversioned.Duration `json:"volumeStatsAggPeriod"`
	// networkPluginName is the name of the network plugin to be invoked for
	// various events in kubelet/pod lifecycle
	NetworkPluginName string `json:"networkPluginName,omitempty" flag:"network-plugin"`
	//// networkPluginDir is the full path of the directory in which to search
	//// for network plugins
	//NetworkPluginDir string `json:"networkPluginDir"`
	//// volumePluginDir is the full path of the directory in which to search
	//// for additional third party volume plugins
	//VolumePluginDir string `json:"volumePluginDir"`
	// cloudProvider is the provider for cloud services.
	CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"`
	//// cloudConfigFile is the path to the cloud provider configuration file.
	//CloudConfigFile string `json:"cloudConfigFile,omitempty"`
	// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
	KubeletCgroups string `json:"kubeletCgroups,omitempty" flag:"kubelet-cgroups"`
	// Cgroups that container runtime is expected to be isolated in.
	RuntimeCgroups string `json:"runtimeCgroups,omitempty" flag:"runtime-cgroups"`
	// SystemCgroups is absolute name of cgroups in which to place
	// all non-kernel processes that are not already in a container. Empty
	// for no container. Rolling back the flag requires a reboot.
	SystemCgroups string `json:"systemCgroups,omitempty" flag:"system-cgroups"`
	// cgroupRoot is the root cgroup to use for pods. This is handled by the
	// container runtime on a best effort basis.
	CgroupRoot string `json:"cgroupRoot,omitempty" flag:"cgroup-root"`
	//// containerRuntime is the container runtime to use.
	//ContainerRuntime string `json:"containerRuntime"`
	//// rktPath is the path of rkt binary. Leave empty to use the first rkt in
	//// $PATH.
	//RktPath string `json:"rktPath,omitempty"`
	//// rktApiEndpoint is the endpoint of the rkt API service to communicate with.
	//RktAPIEndpoint string `json:"rktAPIEndpoint,omitempty"`
	//// rktStage1Image is the image to use as stage1. Local paths and
	//// http/https URLs are supported.
	//RktStage1Image string `json:"rktStage1Image,omitempty"`
	//// lockFilePath is the path that kubelet will use to as a lock file.
	//// It uses this file as a lock to synchronize with other kubelet processes
	//// that may be running.
	//LockFilePath string `json:"lockFilePath"`
	//// ExitOnLockContention is a flag that signifies to the kubelet that it is running
	//// in "bootstrap" mode. This requires that 'LockFilePath' has been set.
	//// This will cause the kubelet to listen to inotify events on the lock file,
	//// releasing it and exiting when another process tries to open that file.
	//ExitOnLockContention bool `json:"exitOnLockContention"`
	// configureCBR0 enables the kublet to configure cbr0 based on
	// Node.Spec.PodCIDR.
	ConfigureCBR0 *bool `json:"configureCbr0,omitempty" flag:"configure-cbr0"`
	// How should the kubelet configure the container bridge for hairpin packets.
	// Setting this flag allows endpoints in a Service to loadbalance back to
	// themselves if they should try to access their own Service. Values:
	//   "promiscuous-bridge": make the container bridge promiscuous.
	//   "hairpin-veth":       set the hairpin flag on container veth interfaces.
	//   "none":               do nothing.
	// Setting --configure-cbr0 to false implies that to achieve hairpin NAT
	// one must set --hairpin-mode=veth-flag, because bridge assumes the
	// existence of a container bridge named cbr0.
	HairpinMode string `json:"hairpinMode,omitempty" flag:"hairpin-mode"`
	// The node has babysitter process monitoring docker and kubelet.
	BabysitDaemons *bool `json:"babysitDaemons,omitempty" flag:"babysit-daemons"`
	//// maxPods is the number of pods that can run on this Kubelet.
	//MaxPods int32 `json:"maxPods"`
	//// nvidiaGPUs is the number of NVIDIA GPU devices on this node.
	//NvidiaGPUs int32 `json:"nvidiaGPUs"`
	//// dockerExecHandlerName is the handler to use when executing a command
	//// in a container. Valid values are 'native' and 'nsenter'. Defaults to
	//// 'native'.
	//DockerExecHandlerName string `json:"dockerExecHandlerName"`
	// The CIDR to use for pod IP addresses, only used in standalone mode.
	// In cluster mode, this is obtained from the master.
	PodCIDR string `json:"podCIDR,omitempty" flag:"pod-cidr"`
	//// ResolverConfig is the resolver configuration file used as the basis
	//// for the container DNS resolution configuration."), []
	//ResolverConfig string `json:"resolvConf"`
	//// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that
	//// specify CPU limits
	//CPUCFSQuota bool `json:"cpuCFSQuota"`
	//// containerized should be set to true if kubelet is running in a container.
	//Containerized bool `json:"containerized"`
	//// maxOpenFiles is Number of files that can be opened by Kubelet process.
	//MaxOpenFiles uint64 `json:"maxOpenFiles"`
	// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
	// API server. No-op if register-node or configure-cbr0 is false.
	ReconcileCIDR *bool `json:"reconcileCIDR,omitempty" flag:"reconcile-cidr"`
	// registerSchedulable tells the kubelet to register the node as
	// schedulable. No-op if register-node is false.
	RegisterSchedulable *bool `json:"registerSchedulable,omitempty" flag:"register-schedulable"`
	//// contentType is contentType of requests sent to apiserver.
	//ContentType string `json:"contentType"`
	//// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
	//KubeAPIQPS float32 `json:"kubeAPIQPS"`
	//// kubeAPIBurst is the burst to allow while talking with kubernetes
	//// apiserver
	//KubeAPIBurst int32 `json:"kubeAPIBurst"`
	//// serializeImagePulls when enabled, tells the Kubelet to pull images one
	//// at a time. We recommend *not* changing the default value on nodes that
	//// run docker daemon with version  < 1.9 or an Aufs storage backend.
	//// Issue #10959 has more details.
	//SerializeImagePulls bool `json:"serializeImagePulls"`
	//// experimentalFlannelOverlay enables experimental support for starting the
	//// kubelet with the default overlay network (flannel). Assumes flanneld
	//// is already running in client mode.
	//ExperimentalFlannelOverlay bool `json:"experimentalFlannelOverlay"`
	//// outOfDiskTransitionFrequency is duration for which the kubelet has to
	//// wait before transitioning out of out-of-disk node condition status.
	//OutOfDiskTransitionFrequency unversioned.Duration `json:"outOfDiskTransitionFrequency,omitempty"`
	//// nodeIP is IP address of the node. If set, kubelet will use this IP
	//// address for the node.
	//NodeIP string `json:"nodeIP,omitempty"`
	// nodeLabels to add when registering the node in the cluster.
	NodeLabels map[string]string `json:"nodeLabels,omitempty" flag:"node-labels"`
	// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
	NonMasqueradeCIDR string `json:"nonMasqueradeCIDR,omitempty" flag:"non-masquerade-cidr"`

	// networkPluginMTU is the MTU to be passed to the network plugin,
	// and overrides the default MTU for cases where it cannot be automatically
	// computed (such as IPSEC).
	NetworkPluginMTU *int32 `json:"networkPluginMTU,omitEmpty" flag:"network-plugin-mtu"`
}

func BuildKubeletConfigSpec

func BuildKubeletConfigSpec(cluster *Cluster, instanceGroup *InstanceGroup) (*KubeletConfigSpec, error)

BuildKubeletConfigSpec returns the kubeletconfig for the specified instanceGroup

type KubenetNetworkingSpec

type KubenetNetworkingSpec struct {
}

KubenetNetworkingSpec is the specification for kubenet networking, largely integrated but intended to replace classic

type LeaderElectionConfiguration

type LeaderElectionConfiguration struct {
	// leaderElect enables a leader election client to gain leadership
	// before executing the main loop. Enable this when running replicated
	// components for high availability.
	LeaderElect *bool `json:"leaderElect,omitempty" flag:"leader-elect"`
}

LeaderElectionConfiguration defines the configuration of leader election clients for components that can run with leader election enabled.

type NetworkingSpec

type NetworkingSpec struct {
	Classic  *ClassicNetworkingSpec  `json:"classic,omitempty"`
	Kubenet  *KubenetNetworkingSpec  `json:"kubenet,omitempty"`
	External *ExternalNetworkingSpec `json:"external,omitempty"`
}

NetworkingSpec allows selection and configuration of a networking plugin

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL