Documentation
¶
Index ¶
- Constants
- Variables
- func CheckSELinuxFlags(ctx *cli.Context) error
- func EvacuateCgroup2() error
- func InitLogging() error
- func NewAgentCommand(action func(ctx *cli.Context) error) cli.Command
- func NewApp() *cli.App
- func NewCRICTL(action func(*cli.Context) error) cli.Command
- func NewCertCommand(subcommands []cli.Command) cli.Command
- func NewCertSubcommands(rotate func(ctx *cli.Context) error) []cli.Command
- func NewCheckConfigCommand(action func(*cli.Context) error) cli.Command
- func NewCtrCommand(action func(*cli.Context) error) cli.Command
- func NewEtcdSnapshotCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command
- func NewEtcdSnapshotSubcommands(delete, list, prune, save func(ctx *cli.Context) error) []cli.Command
- func NewKubectlCommand(action func(*cli.Context) error) cli.Command
- func NewSecretsEncryptCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command
- func NewSecretsEncryptSubcommands(...) []cli.Command
- func NewServerCommand(action func(*cli.Context) error) cli.Command
- type Agent
- type AgentShared
- type Log
- type Server
- type StartupHook
- type StartupHookArgs
Constants ¶
View Source
const ( DefaultPauseImage = "rancher/mirrored-pause:3.5" DefaultSnapshotter = "overlayfs" )
View Source
const CertCommand = "certificate"
View Source
const ( // coredns and servicelb run controllers that are turned off when their manifests are disabled. // The k3s CloudController also has a bundled manifest and can be disabled via the // --disable-cloud-controller flag or --disable=ccm, but the latter method is not documented. DisableItems = "coredns, servicelb, traefik, local-storage, metrics-server" )
View Source
const EtcdSnapshotCommand = "etcd-snapshot"
View Source
const SecretsEncryptCommand = "secrets-encrypt"
Variables ¶
View Source
var ( AgentConfig Agent AgentTokenFlag = cli.StringFlag{ Name: "token,t", Usage: "(cluster) Token to use for authentication", EnvVar: version.ProgramUpper + "_TOKEN", Destination: &AgentConfig.Token, } NodeIPFlag = cli.StringSliceFlag{ Name: "node-ip,i", Usage: "(agent/networking) IPv4/IPv6 addresses to advertise for node", Value: &AgentConfig.NodeIP, } NodeExternalIPFlag = cli.StringSliceFlag{ Name: "node-external-ip", Usage: "(agent/networking) IPv4/IPv6 external IP addresses to advertise for node", Value: &AgentConfig.NodeExternalIP, } NodeNameFlag = cli.StringFlag{ Name: "node-name", Usage: "(agent/node) Node name", EnvVar: version.ProgramUpper + "_NODE_NAME", Destination: &AgentConfig.NodeName, } WithNodeIDFlag = cli.BoolFlag{ Name: "with-node-id", Usage: "(agent/node) Append id to node name", Destination: &AgentConfig.WithNodeID, } DockerFlag = cli.BoolFlag{ Name: "docker", Usage: "(agent/runtime) Use docker instead of containerd", Destination: &AgentConfig.Docker, } CRIEndpointFlag = cli.StringFlag{ Name: "container-runtime-endpoint", Usage: "(agent/runtime) Disable embedded containerd and use alternative CRI implementation", Destination: &AgentConfig.ContainerRuntimeEndpoint, } PrivateRegistryFlag = cli.StringFlag{ Name: "private-registry", Usage: "(agent/runtime) Private registry configuration file", Destination: &AgentConfig.PrivateRegistry, Value: "/etc/rancher/" + version.Program + "/registries.yaml", } AirgapExtraRegistryFlag = cli.StringSliceFlag{ Name: "airgap-extra-registry", Usage: "(agent/runtime) Additional registry to tag airgap images as being sourced from", Value: &AgentConfig.AirgapExtraRegistry, Hidden: true, } PauseImageFlag = cli.StringFlag{ Name: "pause-image", Usage: "(agent/runtime) Customized pause image for containerd or docker sandbox", Destination: &AgentConfig.PauseImage, Value: DefaultPauseImage, } SnapshotterFlag = cli.StringFlag{ Name: "snapshotter", Usage: "(agent/runtime) Override default containerd snapshotter", Destination: &AgentConfig.Snapshotter, Value: DefaultSnapshotter, } FlannelFlag = cli.BoolFlag{ Name: "no-flannel", Usage: "(deprecated) use --flannel-backend=none", Destination: &AgentConfig.NoFlannel, } FlannelIfaceFlag = cli.StringFlag{ Name: "flannel-iface", Usage: "(agent/networking) Override default flannel interface", Destination: &AgentConfig.FlannelIface, } FlannelConfFlag = cli.StringFlag{ Name: "flannel-conf", Usage: "(agent/networking) Override default flannel config file", Destination: &AgentConfig.FlannelConf, } ResolvConfFlag = cli.StringFlag{ Name: "resolv-conf", Usage: "(agent/networking) Kubelet resolv.conf file", EnvVar: version.ProgramUpper + "_RESOLV_CONF", Destination: &AgentConfig.ResolvConf, } ExtraKubeletArgs = cli.StringSliceFlag{ Name: "kubelet-arg", Usage: "(agent/flags) Customized flag for kubelet process", Value: &AgentConfig.ExtraKubeletArgs, } ExtraKubeProxyArgs = cli.StringSliceFlag{ Name: "kube-proxy-arg", Usage: "(agent/flags) Customized flag for kube-proxy process", Value: &AgentConfig.ExtraKubeProxyArgs, } NodeTaints = cli.StringSliceFlag{ Name: "node-taint", Usage: "(agent/node) Registering kubelet with set of taints", Value: &AgentConfig.Taints, } NodeLabels = cli.StringSliceFlag{ Name: "node-label", Usage: "(agent/node) Registering and starting kubelet with set of labels", Value: &AgentConfig.Labels, } ImageCredProvBinDirFlag = cli.StringFlag{ Name: "image-credential-provider-bin-dir", Usage: "(agent/node) The path to the directory where credential provider plugin binaries are located", Destination: &AgentConfig.ImageCredProvBinDir, Value: "/var/lib/rancher/credentialprovider/bin", } ImageCredProvConfigFlag = cli.StringFlag{ Name: "image-credential-provider-config", Usage: "(agent/node) The path to the credential provider plugin config file", Destination: &AgentConfig.ImageCredProvConfig, Value: "/var/lib/rancher/credentialprovider/config.yaml", } DisableSELinuxFlag = cli.BoolTFlag{ Name: "disable-selinux", Usage: "(deprecated) Use --selinux to explicitly enable SELinux", Hidden: true, } ProtectKernelDefaultsFlag = cli.BoolFlag{ Name: "protect-kernel-defaults", Usage: "(agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.", Destination: &AgentConfig.ProtectKernelDefaults, } SELinuxFlag = cli.BoolFlag{ Name: "selinux", Usage: "(agent/node) Enable SELinux in containerd", Hidden: false, Destination: &AgentConfig.EnableSELinux, EnvVar: version.ProgramUpper + "_SELINUX", } LBServerPortFlag = cli.IntFlag{ Name: "lb-server-port", Usage: "(agent/node) Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer.", Hidden: false, Destination: &AgentConfig.LBServerPort, EnvVar: version.ProgramUpper + "_LB_SERVER_PORT", Value: 6444, } )
View Source
var ( ServicesList cli.StringSlice CertCommandFlags = []cli.Flag{ DebugFlag, ConfigFlag, LogFile, AlsoLogToStderr, cli.StringFlag{ Name: "data-dir,d", Usage: "(data) Folder to hold state default /var/lib/rancher/" + version.Program + " or ${HOME}/.rancher/" + version.Program + " if not root", Destination: &ServerConfig.DataDir, }, cli.StringSliceFlag{ Name: "service,s", Usage: "List of services to rotate certificates for. Options include (admin, api-server, controller-manager, scheduler, " + version.Program + "-controller, " + version.Program + "-server, cloud-controller, etcd, auth-proxy, kubelet, kube-proxy)", Value: &ServicesList, }, } )
View Source
var ( LogConfig Log VLevel = cli.IntFlag{ Name: "v", Usage: "(logging) Number for the log level verbosity", Destination: &LogConfig.VLevel, } VModule = cli.StringFlag{ Name: "vmodule", Usage: "(logging) Comma-separated list of pattern=N settings for file-filtered logging", Destination: &LogConfig.VModule, } LogFile = cli.StringFlag{ Name: "log,l", Usage: "(logging) Log to file", Destination: &LogConfig.LogFile, } AlsoLogToStderr = cli.BoolFlag{ Name: "alsologtostderr", Usage: "(logging) Log to standard error as well as file (if set)", Destination: &LogConfig.AlsoLogToStderr, } )
View Source
var ( Debug bool DebugFlag = cli.BoolFlag{ Name: "debug", Usage: "(logging) Turn on debug logs", Destination: &Debug, EnvVar: version.ProgramUpper + "_DEBUG", } )
View Source
var ( ServerConfig Server DataDirFlag = cli.StringFlag{ Name: "data-dir,d", Usage: "(data) Folder to hold state default /var/lib/rancher/" + version.Program + " or ${HOME}/.rancher/" + version.Program + " if not root", Destination: &ServerConfig.DataDir, } ServerToken = cli.StringFlag{ Name: "token,t", Usage: "(cluster) Shared secret used to join a server or agent to a cluster", Destination: &ServerConfig.Token, EnvVar: version.ProgramUpper + "_TOKEN", } ClusterCIDR = cli.StringSliceFlag{ Name: "cluster-cidr", Usage: "(networking) IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16)", Value: &ServerConfig.ClusterCIDR, } ServiceCIDR = cli.StringSliceFlag{ Name: "service-cidr", Usage: "(networking) IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16)", Value: &ServerConfig.ServiceCIDR, } ServiceNodePortRange = cli.StringFlag{ Name: "service-node-port-range", Usage: "(networking) Port range to reserve for services with NodePort visibility", Destination: &ServerConfig.ServiceNodePortRange, Value: "30000-32767", } ClusterDNS = cli.StringSliceFlag{ Name: "cluster-dns", Usage: "(networking) IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10)", Value: &ServerConfig.ClusterDNS, } ClusterDomain = cli.StringFlag{ Name: "cluster-domain", Usage: "(networking) Cluster Domain", Destination: &ServerConfig.ClusterDomain, Value: "cluster.local", } ExtraAPIArgs = cli.StringSliceFlag{ Name: "kube-apiserver-arg", Usage: "(flags) Customized flag for kube-apiserver process", Value: &ServerConfig.ExtraAPIArgs, } ExtraEtcdArgs = cli.StringSliceFlag{ Name: "etcd-arg", Usage: "(flags) Customized flag for etcd process", Value: &ServerConfig.ExtraEtcdArgs, } ExtraSchedulerArgs = cli.StringSliceFlag{ Name: "kube-scheduler-arg", Usage: "(flags) Customized flag for kube-scheduler process", Value: &ServerConfig.ExtraSchedulerArgs, } ExtraControllerArgs = cli.StringSliceFlag{ Name: "kube-controller-manager-arg", Usage: "(flags) Customized flag for kube-controller-manager process", Value: &ServerConfig.ExtraControllerArgs, } )
View Source
var ( // ConfigFlag is here to show to the user, but the actually processing is done by configfileargs before // call urfave ConfigFlag = cli.StringFlag{ Name: "config,c", Usage: "(config) Load configuration from `FILE`", EnvVar: version.ProgramUpper + "_CONFIG_FILE", Value: "/etc/rancher/" + version.Program + "/config.yaml", } )
View Source
var EncryptFlags = []cli.Flag{ DataDirFlag, ServerToken, }
View Source
var EtcdSnapshotFlags = []cli.Flag{ DebugFlag, ConfigFlag, LogFile, AlsoLogToStderr, cli.StringFlag{ Name: "node-name", Usage: "(agent/node) Node name", EnvVar: version.ProgramUpper + "_NODE_NAME", Destination: &AgentConfig.NodeName, }, DataDirFlag, &cli.StringFlag{ Name: "dir,etcd-snapshot-dir", Usage: "(db) Directory to save etcd on-demand snapshot. (default: ${data-dir}/db/snapshots)", Destination: &ServerConfig.EtcdSnapshotDir, }, &cli.StringFlag{ Name: "name", Usage: "(db) Set the base name of the etcd on-demand snapshot (appended with UNIX timestamp).", Destination: &ServerConfig.EtcdSnapshotName, Value: "on-demand", }, &cli.BoolFlag{ Name: "snapshot-compress,etcd-snapshot-compress", Usage: "(db) Compress etcd snapshot", Destination: &ServerConfig.EtcdSnapshotCompress, }, &cli.BoolFlag{ Name: "s3,etcd-s3", Usage: "(db) Enable backup to S3", Destination: &ServerConfig.EtcdS3, }, &cli.StringFlag{ Name: "s3-endpoint,etcd-s3-endpoint", Usage: "(db) S3 endpoint url", Destination: &ServerConfig.EtcdS3Endpoint, Value: "s3.amazonaws.com", }, &cli.StringFlag{ Name: "s3-endpoint-ca,etcd-s3-endpoint-ca", Usage: "(db) S3 custom CA cert to connect to S3 endpoint", Destination: &ServerConfig.EtcdS3EndpointCA, }, &cli.BoolFlag{ Name: "s3-skip-ssl-verify,etcd-s3-skip-ssl-verify", Usage: "(db) Disables S3 SSL certificate validation", Destination: &ServerConfig.EtcdS3SkipSSLVerify, }, &cli.StringFlag{ Name: "s3-access-key,etcd-s3-access-key", Usage: "(db) S3 access key", EnvVar: "AWS_ACCESS_KEY_ID", Destination: &ServerConfig.EtcdS3AccessKey, }, &cli.StringFlag{ Name: "s3-secret-key,etcd-s3-secret-key", Usage: "(db) S3 secret key", EnvVar: "AWS_SECRET_ACCESS_KEY", Destination: &ServerConfig.EtcdS3SecretKey, }, &cli.StringFlag{ Name: "s3-bucket,etcd-s3-bucket", Usage: "(db) S3 bucket name", Destination: &ServerConfig.EtcdS3BucketName, }, &cli.StringFlag{ Name: "s3-region,etcd-s3-region", Usage: "(db) S3 region / bucket location (optional)", Destination: &ServerConfig.EtcdS3Region, Value: "us-east-1", }, &cli.StringFlag{ Name: "s3-folder,etcd-s3-folder", Usage: "(db) S3 folder", Destination: &ServerConfig.EtcdS3Folder, }, &cli.BoolFlag{ Name: "s3-insecure,etcd-s3-insecure", Usage: "(db) Disables S3 over HTTPS", Destination: &ServerConfig.EtcdS3Insecure, }, &cli.DurationFlag{ Name: "s3-timeout,etcd-s3-timeout", Usage: "(db) S3 timeout", Destination: &ServerConfig.EtcdS3Timeout, Value: 30 * time.Second, }, }
View Source
var ServerFlags = []cli.Flag{ ConfigFlag, DebugFlag, VLevel, VModule, LogFile, AlsoLogToStderr, cli.StringFlag{ Name: "bind-address", Usage: "(listener) " + version.Program + " bind address (default: 0.0.0.0)", Destination: &ServerConfig.BindAddress, }, cli.IntFlag{ Name: "https-listen-port", Usage: "(listener) HTTPS listen port", Value: 6443, Destination: &ServerConfig.HTTPSPort, }, cli.StringFlag{ Name: "advertise-address", Usage: "(listener) IPv4 address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip)", Destination: &ServerConfig.AdvertiseIP, }, cli.IntFlag{ Name: "advertise-port", Usage: "(listener) Port that apiserver uses to advertise to members of the cluster (default: listen-port)", Destination: &ServerConfig.AdvertisePort, }, cli.StringSliceFlag{ Name: "tls-san", Usage: "(listener) Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert", Value: &ServerConfig.TLSSan, }, DataDirFlag, ClusterCIDR, ServiceCIDR, ServiceNodePortRange, ClusterDNS, ClusterDomain, cli.StringFlag{ Name: "flannel-backend", Usage: "(networking) One of 'none', 'vxlan', 'ipsec', 'host-gw', or 'wireguard'", Destination: &ServerConfig.FlannelBackend, Value: "vxlan", }, ServerToken, cli.StringFlag{ Name: "token-file", Usage: "(cluster) File containing the cluster-secret/token", Destination: &ServerConfig.TokenFile, EnvVar: version.ProgramUpper + "_TOKEN_FILE", }, cli.StringFlag{ Name: "write-kubeconfig,o", Usage: "(client) Write kubeconfig for admin client to this file", Destination: &ServerConfig.KubeConfigOutput, EnvVar: version.ProgramUpper + "_KUBECONFIG_OUTPUT", }, cli.StringFlag{ Name: "write-kubeconfig-mode", Usage: "(client) Write kubeconfig with this mode", Destination: &ServerConfig.KubeConfigMode, EnvVar: version.ProgramUpper + "_KUBECONFIG_MODE", }, ExtraAPIArgs, ExtraEtcdArgs, ExtraControllerArgs, ExtraSchedulerArgs, cli.StringSliceFlag{ Name: "kube-cloud-controller-manager-arg", Usage: "(flags) Customized flag for kube-cloud-controller-manager process", Value: &ServerConfig.ExtraCloudControllerArgs, }, cli.StringFlag{ Name: "datastore-endpoint", Usage: "(db) Specify etcd, Mysql, Postgres, or Sqlite (default) data source name", Destination: &ServerConfig.DatastoreEndpoint, EnvVar: version.ProgramUpper + "_DATASTORE_ENDPOINT", }, cli.StringFlag{ Name: "datastore-cafile", Usage: "(db) TLS Certificate Authority file used to secure datastore backend communication", Destination: &ServerConfig.DatastoreCAFile, EnvVar: version.ProgramUpper + "_DATASTORE_CAFILE", }, cli.StringFlag{ Name: "datastore-certfile", Usage: "(db) TLS certification file used to secure datastore backend communication", Destination: &ServerConfig.DatastoreCertFile, EnvVar: version.ProgramUpper + "_DATASTORE_CERTFILE", }, cli.StringFlag{ Name: "datastore-keyfile", Usage: "(db) TLS key file used to secure datastore backend communication", Destination: &ServerConfig.DatastoreKeyFile, EnvVar: version.ProgramUpper + "_DATASTORE_KEYFILE", }, &cli.BoolFlag{ Name: "etcd-expose-metrics", Usage: "(db) Expose etcd metrics to client interface. (Default false)", Destination: &ServerConfig.EtcdExposeMetrics, }, &cli.BoolFlag{ Name: "etcd-disable-snapshots", Usage: "(db) Disable automatic etcd snapshots", Destination: &ServerConfig.EtcdDisableSnapshots, }, &cli.StringFlag{ Name: "etcd-snapshot-name", Usage: "(db) Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp>", Destination: &ServerConfig.EtcdSnapshotName, Value: "etcd-snapshot", }, &cli.StringFlag{ Name: "etcd-snapshot-schedule-cron", Usage: "(db) Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *'", Destination: &ServerConfig.EtcdSnapshotCron, Value: "0 */12 * * *", }, &cli.IntFlag{ Name: "etcd-snapshot-retention", Usage: "(db) Number of snapshots to retain", Destination: &ServerConfig.EtcdSnapshotRetention, Value: defaultSnapshotRentention, }, &cli.StringFlag{ Name: "etcd-snapshot-dir", Usage: "(db) Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots)", Destination: &ServerConfig.EtcdSnapshotDir, }, &cli.BoolFlag{ Name: "etcd-snapshot-compress", Usage: "(db) Compress etcd snapshot", Destination: &ServerConfig.EtcdSnapshotCompress, }, &cli.BoolFlag{ Name: "etcd-s3", Usage: "(db) Enable backup to S3", Destination: &ServerConfig.EtcdS3, }, &cli.StringFlag{ Name: "etcd-s3-endpoint", Usage: "(db) S3 endpoint url", Destination: &ServerConfig.EtcdS3Endpoint, Value: "s3.amazonaws.com", }, &cli.StringFlag{ Name: "etcd-s3-endpoint-ca", Usage: "(db) S3 custom CA cert to connect to S3 endpoint", Destination: &ServerConfig.EtcdS3EndpointCA, }, &cli.BoolFlag{ Name: "etcd-s3-skip-ssl-verify", Usage: "(db) Disables S3 SSL certificate validation", Destination: &ServerConfig.EtcdS3SkipSSLVerify, }, &cli.StringFlag{ Name: "etcd-s3-access-key", Usage: "(db) S3 access key", EnvVar: "AWS_ACCESS_KEY_ID", Destination: &ServerConfig.EtcdS3AccessKey, }, &cli.StringFlag{ Name: "etcd-s3-secret-key", Usage: "(db) S3 secret key", EnvVar: "AWS_SECRET_ACCESS_KEY", Destination: &ServerConfig.EtcdS3SecretKey, }, &cli.StringFlag{ Name: "etcd-s3-bucket", Usage: "(db) S3 bucket name", Destination: &ServerConfig.EtcdS3BucketName, }, &cli.StringFlag{ Name: "etcd-s3-region", Usage: "(db) S3 region / bucket location (optional)", Destination: &ServerConfig.EtcdS3Region, Value: "us-east-1", }, &cli.StringFlag{ Name: "etcd-s3-folder", Usage: "(db) S3 folder", Destination: &ServerConfig.EtcdS3Folder, }, &cli.BoolFlag{ Name: "etcd-s3-insecure", Usage: "(db) Disables S3 over HTTPS", Destination: &ServerConfig.EtcdS3Insecure, }, &cli.DurationFlag{ Name: "etcd-s3-timeout", Usage: "(db) S3 timeout", Destination: &ServerConfig.EtcdS3Timeout, Value: 30 * time.Second, }, cli.StringFlag{ Name: "default-local-storage-path", Usage: "(storage) Default local storage path for local provisioner storage class", Destination: &ServerConfig.DefaultLocalStoragePath, }, cli.StringSliceFlag{ Name: "disable", Usage: "(components) Do not deploy packaged components and delete any deployed components (valid items: " + DisableItems + ")", }, cli.BoolFlag{ Name: "disable-scheduler", Usage: "(components) Disable Kubernetes default scheduler", Destination: &ServerConfig.DisableScheduler, }, cli.BoolFlag{ Name: "disable-cloud-controller", Usage: "(components) Disable " + version.Program + " default cloud controller manager", Destination: &ServerConfig.DisableCCM, }, cli.BoolFlag{ Name: "disable-kube-proxy", Usage: "(components) Disable running kube-proxy", Destination: &ServerConfig.DisableKubeProxy, }, cli.BoolFlag{ Name: "disable-network-policy", Usage: "(components) Disable " + version.Program + " default network policy controller", Destination: &ServerConfig.DisableNPC, }, cli.BoolFlag{ Name: "disable-helm-controller", Usage: "(components) Disable Helm controller", Destination: &ServerConfig.DisableHelmController, }, cli.BoolFlag{ Name: "disable-apiserver", Hidden: true, Usage: "(experimental/components) Disable running api server", Destination: &ServerConfig.DisableAPIServer, }, cli.BoolFlag{ Name: "disable-controller-manager", Hidden: true, Usage: "(experimental/components) Disable running kube-controller-manager", Destination: &ServerConfig.DisableControllerManager, }, cli.BoolFlag{ Name: "disable-etcd", Hidden: true, Usage: "(experimental/components) Disable running etcd", Destination: &ServerConfig.DisableETCD, }, NodeNameFlag, WithNodeIDFlag, NodeLabels, NodeTaints, ImageCredProvBinDirFlag, ImageCredProvConfigFlag, DockerFlag, CRIEndpointFlag, PauseImageFlag, SnapshotterFlag, PrivateRegistryFlag, AirgapExtraRegistryFlag, NodeIPFlag, NodeExternalIPFlag, ResolvConfFlag, FlannelIfaceFlag, FlannelConfFlag, ExtraKubeletArgs, ExtraKubeProxyArgs, ProtectKernelDefaultsFlag, cli.BoolFlag{ Name: "rootless", Usage: "(experimental) Run rootless", Destination: &ServerConfig.Rootless, }, cli.StringFlag{ Name: "agent-token", Usage: "(cluster) Shared secret used to join agents to the cluster, but not servers", Destination: &ServerConfig.AgentToken, EnvVar: version.ProgramUpper + "_AGENT_TOKEN", }, cli.StringFlag{ Name: "agent-token-file", Usage: "(cluster) File containing the agent secret", Destination: &ServerConfig.AgentTokenFile, EnvVar: version.ProgramUpper + "_AGENT_TOKEN_FILE", }, cli.StringFlag{ Name: "server,s", Usage: "(cluster) Server to connect to, used to join a cluster", EnvVar: version.ProgramUpper + "_URL", Destination: &ServerConfig.ServerURL, }, cli.BoolFlag{ Name: "cluster-init", Usage: "(cluster) Initialize a new cluster using embedded Etcd", EnvVar: version.ProgramUpper + "_CLUSTER_INIT", Destination: &ServerConfig.ClusterInit, }, cli.BoolFlag{ Name: "cluster-reset", Usage: "(cluster) Forget all peers and become sole member of a new cluster", EnvVar: version.ProgramUpper + "_CLUSTER_RESET", Destination: &ServerConfig.ClusterReset, }, &cli.StringFlag{ Name: "cluster-reset-restore-path", Usage: "(db) Path to snapshot file to be restored", Destination: &ServerConfig.ClusterResetRestorePath, }, cli.BoolFlag{ Name: "secrets-encryption", Usage: "(experimental) Enable Secret encryption at rest", Destination: &ServerConfig.EncryptSecrets, }, cli.StringFlag{ Name: "system-default-registry", Usage: "(image) Private registry to be used for all system images", EnvVar: version.ProgramUpper + "_SYSTEM_DEFAULT_REGISTRY", Destination: &ServerConfig.SystemDefaultRegistry, }, &SELinuxFlag, LBServerPortFlag, &DisableSELinuxFlag, FlannelFlag, cli.StringSliceFlag{ Name: "no-deploy", Usage: "(deprecated) Do not deploy packaged components (valid items: " + DisableItems + ")", }, cli.StringFlag{ Name: "cluster-secret", Usage: "(deprecated) use --token", Destination: &ServerConfig.ClusterSecret, EnvVar: version.ProgramUpper + "_CLUSTER_SECRET", }, cli.BoolFlag{ Name: "disable-agent", Usage: "Do not run a local agent and register a local kubelet", Hidden: true, Destination: &ServerConfig.DisableAgent, }, cli.StringSliceFlag{ Hidden: true, Name: "kube-controller-arg", Usage: "(flags) Customized flag for kube-controller-manager process", Value: &ServerConfig.ExtraControllerArgs, }, cli.StringSliceFlag{ Hidden: true, Name: "kube-cloud-controller-arg", Usage: "(flags) Customized flag for kube-cloud-controller-manager process", Value: &ServerConfig.ExtraCloudControllerArgs, }, }
Functions ¶
func CheckSELinuxFlags ¶ added in v1.21.9
func EvacuateCgroup2 ¶ added in v1.21.9
func EvacuateCgroup2() error
EvacuateCgroup2 will handle evacuating the root cgroup in order to enable subtree_control, if running as pid 1 without rootless support.
func InitLogging ¶ added in v0.8.1
func InitLogging() error
func NewCertSubcommands ¶ added in v1.21.9
func NewCheckConfigCommand ¶ added in v1.0.0
func NewEtcdSnapshotCommand ¶ added in v1.21.9
func NewEtcdSnapshotSubcommands ¶ added in v1.21.9
func NewSecretsEncryptCommand ¶ added in v1.21.9
func NewSecretsEncryptSubcommands ¶ added in v1.21.9
Types ¶
type Agent ¶
type Agent struct {
Token string
TokenFile string
ClusterSecret string
ServerURL string
APIAddressCh chan string
DisableLoadBalancer bool
DisableServiceLB bool
ETCDAgent bool
LBServerPort int
ResolvConf string
DataDir string
NodeIP cli.StringSlice
NodeExternalIP cli.StringSlice
NodeName string
PauseImage string
Snapshotter string
Docker bool
ContainerRuntimeEndpoint string
NoFlannel bool
FlannelIface string
FlannelConf string
Debug bool
Rootless bool
WithNodeID bool
EnableSELinux bool
ProtectKernelDefaults bool
ClusterReset bool
PrivateRegistry string
SystemDefaultRegistry string
AirgapExtraRegistry cli.StringSlice
ExtraKubeletArgs cli.StringSlice
ExtraKubeProxyArgs cli.StringSlice
Labels cli.StringSlice
Taints cli.StringSlice
ImageCredProvBinDir string
ImageCredProvConfig string
AgentReady chan<- struct{}
}
type AgentShared ¶
type AgentShared struct {
}
type Server ¶
type Server struct {
ClusterCIDR cli.StringSlice
AgentToken string
AgentTokenFile string
Token string
TokenFile string
ClusterSecret string
ServiceCIDR cli.StringSlice
ServiceNodePortRange string
ClusterDNS cli.StringSlice
ClusterDomain string
// The port which kubectl clients can access k8s
HTTPSPort int
// The port which custom k3s API runs on
SupervisorPort int
// The port which kube-apiserver runs on
APIServerPort int
APIServerBindAddress string
DataDir string
DisableAgent bool
KubeConfigOutput string
KubeConfigMode string
TLSSan cli.StringSlice
BindAddress string
ExtraAPIArgs cli.StringSlice
ExtraEtcdArgs cli.StringSlice
ExtraSchedulerArgs cli.StringSlice
ExtraControllerArgs cli.StringSlice
ExtraCloudControllerArgs cli.StringSlice
Rootless bool
DatastoreEndpoint string
DatastoreCAFile string
DatastoreCertFile string
DatastoreKeyFile string
AdvertiseIP string
AdvertisePort int
DisableScheduler bool
ServerURL string
FlannelBackend string
DefaultLocalStoragePath string
DisableCCM bool
DisableNPC bool
DisableHelmController bool
DisableKubeProxy bool
DisableAPIServer bool
DisableControllerManager bool
DisableETCD bool
ClusterInit bool
ClusterReset bool
ClusterResetRestorePath string
EncryptSecrets bool
EncryptForce bool
EncryptSkip bool
SystemDefaultRegistry string
StartupHooks []StartupHook
EtcdSnapshotName string
EtcdDisableSnapshots bool
EtcdExposeMetrics bool
EtcdSnapshotDir string
EtcdSnapshotCron string
EtcdSnapshotRetention int
EtcdSnapshotCompress bool
EtcdS3 bool
EtcdS3Endpoint string
EtcdS3EndpointCA string
EtcdS3SkipSSLVerify bool
EtcdS3AccessKey string
EtcdS3SecretKey string
EtcdS3BucketName string
EtcdS3Region string
EtcdS3Folder string
EtcdS3Timeout time.Duration
EtcdS3Insecure bool
}
type StartupHook ¶ added in v1.21.9
Source Files
Click to show internal directories.
Click to hide internal directories.