@@ -97,87 +97,155 @@ still considered alpha and may change in future versions.
9797
9898It's possible to configure ` kubeadm init ` with a configuration file instead of command
9999line flags, and some more advanced features may only be available as
100- configuration file options. This file is passed in the ` --config ` option.
100+ configuration file options. This file is passed in the ` --config ` option.
101+
102+ In Kubernetes 1.11 and later, the default configuration can be printed out using the
103+ [ kubeadm config print-default] ( /docs/reference/setup-tools/kubeadm/kubeadm-config/ ) command.
104+
105+ For more details on each field in the configuration you can navigate to our
106+ [ API reference pages.] (https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm#MasterConfiguration )
107+
108+ Example of the kubeadm MasterConfiguration version ` v1alpha2 ` :
101109
102110``` yaml
103- apiVersion : kubeadm.k8s.io/v1alpha1
104- kind : MasterConfiguration
105111api :
106- advertiseAddress : <address|string>
107- controlPlaneEndpoint : <string>
108- bindPort : <int>
112+ advertiseAddress : 192.168.0.102
113+ bindPort : 6443
114+ controlPlaneEndpoint : " "
115+ apiVersion : kubeadm.k8s.io/v1alpha2
116+ auditPolicy :
117+ logDir : /var/log/kubernetes/audit
118+ logMaxAge : 2
119+ path : " "
120+ certificatesDir : /etc/kubernetes/pki
121+ clusterName : kubernetes
122+ criSocket : /var/run/dockershim.sock
109123etcd :
110- endpoints :
111- - <endpoint1|string>
112- - <endpoint2|string>
113- caFile : <path|string>
114- certFile : <path|string>
115- keyFile : <path|string>
116- dataDir : <path|string>
117- extraArgs :
118- <argument> : <value|string>
119- <argument> : <value|string>
120- image : <string>
121- serverCertSANs :
122- - <name1|string>
123- - <name2|string>
124- peerCertSANs :
125- - <name1|string>
126- - <name2|string>
124+ local :
125+ dataDir : /var/lib/etcd
126+ image : " "
127+ imageRepository : k8s.gcr.io
128+ kind : MasterConfiguration
127129kubeProxy :
128130 config :
129- mode : <value|string>
130- bindAddress : <address|string>
131- clusterCIDR : <cidr>
131+ bindAddress : 0.0.0.0
132+ clientConnection :
133+ acceptContentTypes : " "
134+ burst : 10
135+ contentType : application/vnd.kubernetes.protobuf
136+ kubeconfig : /var/lib/kube-proxy/kubeconfig.conf
137+ qps : 5
138+ clusterCIDR : " "
139+ configSyncPeriod : 15m0s
140+ conntrack :
141+ max : null
142+ maxPerCore : 32768
143+ min : 131072
144+ tcpCloseWaitTimeout : 1h0m0s
145+ tcpEstablishedTimeout : 24h0m0s
146+ enableProfiling : false
147+ healthzBindAddress : 0.0.0.0:10256
148+ hostnameOverride : " "
149+ iptables :
150+ masqueradeAll : false
151+ masqueradeBit : 14
152+ minSyncPeriod : 0s
153+ syncPeriod : 30s
154+ ipvs :
155+ ExcludeCIDRs : null
156+ minSyncPeriod : 0s
157+ scheduler : " "
158+ syncPeriod : 30s
159+ metricsBindAddress : 127.0.0.1:10249
160+ mode : " "
161+ nodePortAddresses : null
162+ oomScoreAdj : -999
163+ portRange : " "
164+ resourceContainer : /kube-proxy
165+ udpIdleTimeout : 250ms
166+ kubeletConfiguration :
167+ baseConfig :
168+ address : 0.0.0.0
169+ authentication :
170+ anonymous :
171+ enabled : false
172+ webhook :
173+ cacheTTL : 2m0s
174+ enabled : true
175+ x509 :
176+ clientCAFile : /etc/kubernetes/pki/ca.crt
177+ authorization :
178+ mode : Webhook
179+ webhook :
180+ cacheAuthorizedTTL : 5m0s
181+ cacheUnauthorizedTTL : 30s
182+ cgroupDriver : cgroupfs
183+ cgroupsPerQOS : true
184+ clusterDNS :
185+ - 10.96.0.10
186+ clusterDomain : cluster.local
187+ containerLogMaxFiles : 5
188+ containerLogMaxSize : 10Mi
189+ contentType : application/vnd.kubernetes.protobuf
190+ cpuCFSQuota : true
191+ cpuManagerPolicy : none
192+ cpuManagerReconcilePeriod : 10s
193+ enableControllerAttachDetach : true
194+ enableDebuggingHandlers : true
195+ enforceNodeAllocatable :
196+ - pods
197+ eventBurst : 10
198+ eventRecordQPS : 5
199+ evictionHard :
200+ imagefs.available : 15%
201+ memory.available : 100Mi
202+ nodefs.available : 10%
203+ nodefs.inodesFree : 5%
204+ evictionPressureTransitionPeriod : 5m0s
205+ failSwapOn : true
206+ fileCheckFrequency : 20s
207+ hairpinMode : promiscuous-bridge
208+ healthzBindAddress : 127.0.0.1
209+ healthzPort : 10248
210+ httpCheckFrequency : 20s
211+ imageGCHighThresholdPercent : 85
212+ imageGCLowThresholdPercent : 80
213+ imageMinimumGCAge : 2m0s
214+ iptablesDropBit : 15
215+ iptablesMasqueradeBit : 14
216+ kubeAPIBurst : 10
217+ kubeAPIQPS : 5
218+ makeIPTablesUtilChains : true
219+ maxOpenFiles : 1000000
220+ maxPods : 110
221+ nodeStatusUpdateFrequency : 10s
222+ oomScoreAdj : -999
223+ podPidsLimit : -1
224+ port : 10250
225+ registryBurst : 10
226+ registryPullQPS : 5
227+ resolvConf : /etc/resolv.conf
228+ rotateCertificates : true
229+ runtimeRequestTimeout : 2m0s
230+ serializeImagePulls : true
231+ staticPodPath : /etc/kubernetes/manifests
232+ streamingConnectionIdleTimeout : 4h0m0s
233+ syncFrequency : 1m0s
234+ volumeStatsAggPeriod : 1m0s
235+ kubernetesVersion : v1.10.4
132236networking :
133- dnsDomain : <string>
134- serviceSubnet : <cidr>
135- podSubnet : <cidr>
136- kubernetesVersion : <string>
137- cloudProvider : <string>
138- nodeName : <string>
139- authorizationModes :
140- - <authorizationMode1|string>
141- - <authorizationMode2|string>
142- token : <string>
143- tokenTTL : <time duration>
144- selfHosted : <bool>
145- apiServerExtraArgs :
146- <argument> : <value|string>
147- <argument> : <value|string>
148- controllerManagerExtraArgs :
149- <argument> : <value|string>
150- <argument> : <value|string>
151- schedulerExtraArgs :
152- <argument> : <value|string>
153- <argument> : <value|string>
154- apiServerExtraVolumes :
155- - name : <value|string>
156- hostPath : <value|string>
157- mountPath : <value|string>
158- writable : <value|bool>
159- pathType : <value|string>
160- controllerManagerExtraVolumes :
161- - name : <value|string>
162- hostPath : <value|string>
163- mountPath : <value|string>
164- writable : <value|bool>
165- pathType : <value|string>
166- schedulerExtraVolumes :
167- - name : <value|string>
168- hostPath : <value|string>
169- mountPath : <value|string>
170- writable : <value|bool>
171- pathType : <value|string>
172- apiServerCertSANs :
173- - <name1|string>
174- - <name2|string>
175- certificatesDir : <string>
176- imageRepository : <string>
177- unifiedControlPlaneImage : <string>
178- featureGates :
179- <feature> : <bool>
180- <feature> : <bool>
237+ dnsDomain : cluster.local
238+ podSubnet : " "
239+ serviceSubnet : 10.96.0.0/12
240+ nodeName : somehostname
241+ token : abcdef.0123456789abcdef
242+ tokenGroups :
243+ - system:bootstrappers:kubeadm:default-node-token
244+ tokenTTL : 24h0m0s
245+ tokenUsages :
246+ - signing
247+ - authentication
248+ unifiedControlPlaneImage : " "
181249` ` `
182250
183251### Adding kube-proxy parameters {#kube-proxy}
@@ -195,7 +263,7 @@ For example, to add additional feature-gate arguments to the API server, your [c
195263will need to look like this:
196264
197265` ` `
198- apiVersion : kubeadm.k8s.io/v1alpha1
266+ apiVersion : kubeadm.k8s.io/v1alpha2
199267kind : MasterConfiguration
200268apiServerExtraArgs :
201269 feature-gates : APIResponseCompression=true
0 commit comments