Skip to content

Instantly share code, notes, and snippets.

@neolit123

neolit123/_go-types-to-swagger.md

Last active November 15, 2020 21:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save neolit123/6ffe06798e3583c9535afab6f909e75f to your computer and use it in GitHub Desktop.
Save neolit123/6ffe06798e3583c9535afab6f909e75f to your computer and use it in GitHub Desktop.
Download ZIP
go-types-to-swagger
Raw
_go-types-to-swagger.md

convert Go type files to swagger.js

usage:

go run main.go --input=k8s.io/kubelet/config/v1beta1/types.go \
  --version=v1beta1 --title=kubelet.config.k8s.io > swagger.json

flags:

  -input string
        comma separated list of files to parse
  -openapi-version int
        OpenAPI version - can be 2 or 3 (default 2)
  -title string
        title to be placed in the OpenAPI info
  -version string
        version to be placed in the OpenAPI info
Raw
main.go
/*
Copyright 2020 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"bytes"
"encoding/json"
"flag"
"fmt"
"go/ast"
"go/parser"
"go/printer"
"go/token"
"io/ioutil"
"os"
"strings"
)
type field struct {
Comment string
Name string
Type string
Tag string
}
type object struct {
Name string
Comment string
Type string
Fields []field
}
type objects []object
type openAPILicense struct {
Name string `json:"name,omitempty"`
URL string `json:"url,omitempty"`
}
type openAPIItemType struct {
Type string `json:"type,omitempty"`
Ref string `json:"$ref,omitempty"`
}
type openAPIComponents struct {
Schemas openAPISchemas `json:"schemas"`
}
type openAPIProperty struct {
Description string `json:"description,omitempty"`
Type string `json:"type,omitempty"`
Format string `json:"format,omitempty"`
Ref string `json:"$ref,omitempty"`
Items *openAPIItemType `json:"items,omitempty"`
}
type openAPISchema struct {
Description string `json:"description,omitempty"`
Type string `json:"type,omitempty"`
Format string `json:"format,omitempty"`
Ref string `json:"$ref,omitempty"`
Items *openAPIItemType `json:"items,omitempty"`
Properties map[string]openAPIProperty `json:"properties,omitempty"`
}
type openAPISchemas map[string]openAPISchema
type openAPIInfo struct {
Title string `json:"title"`
Version string `json:"version"`
License openAPILicense `json:"license"`
}
type openAPIDoc struct {
OpenAPI string `json:"openapi,omitempty"`
Swagger string `json:"swagger,omitempty"`
Paths map[string]string `json:"paths"`
Info openAPIInfo `json:"info"`
Components *openAPIComponents `json:"components,omitempty"`
Definitions *openAPISchemas `json:"definitions,omitempty"`
}
func nameFromTag(in string) string {
var out string
if strings.HasPrefix(in, "`json") {
out = strings.TrimPrefix(in, "`json:\"")
} else if strings.HasPrefix(in, "`yaml") {
out = strings.TrimPrefix(in, "`yaml:\"")
}
out = strings.Split(out, ",")[0]
out = strings.Split(out, "\"")[0]
return out
}
func getRefLink(in string, obj *objects, imports map[string]string, openAPIVersion int) (string, bool) {
refPrefix := "#/definitions/"
if openAPIVersion == 3 {
refPrefix = "#/components/schemas/"
}
var localRef bool
for _, o := range *obj {
if o.Name == in {
localRef = true
}
}
if localRef {
return refPrefix + in, true
}
split := strings.Split(in, ".")
if len(split) >= 1 {
importName := split[0]
path, ok := imports[importName]
if ok {
path := strings.Replace(path, `"`, "", -1)
kind := split[1]
url := "[" + in + "](https://godoc.org/" + path + "#" + kind + ")"
return url, false
}
}
return "", false
}
var knownJSTypes = []string{"array", "boolean", "integer", "number", "object", "string"}
func isKnownJSType(t string) bool {
for _, known := range knownJSTypes {
if t == known {
return true
}
}
return false
}
func fieldToProp(in *objects, f field, imports map[string]string, openAPIVersion int) *openAPIProperty {
prop := &openAPIProperty{}
prop.Description = f.Comment
f.Type = strings.TrimPrefix(f.Type, "*") // trim asterisk for pointers
prop.Format = f.Type
prop.Type = "array"
prop.Items = &openAPIItemType{}
if strings.HasPrefix(prop.Format, "[]") || strings.HasPrefix(prop.Format, "map") {
prop.Type = "array"
if strings.HasPrefix(prop.Format, "[]") {
sliceType := strings.TrimPrefix(prop.Format, "[]")
url, _ := getRefLink(sliceType, in, imports, openAPIVersion)
if len(url) != 0 {
prop.Items.Ref = url
}
}
} else if strings.HasPrefix(prop.Format, "int") {
prop.Type = "integer"
prop.Items = nil
} else if strings.HasPrefix(prop.Format, "bool") {
prop.Type = "boolean"
prop.Format = ""
prop.Items = nil
} else if strings.HasPrefix(prop.Format, "float") {
prop.Type = "number"
prop.Items = nil
} else if prop.Format == "string" {
prop.Type = "string"
prop.Format = ""
prop.Items = nil
} else {
url, local := getRefLink(prop.Format, in, imports, openAPIVersion)
if len(url) != 0 {
if local {
prop.Ref = url
prop.Description = ""
prop.Format = ""
prop.Type = ""
} else {
prop.Description = url + "\n" + prop.Description
}
}
prop.Type = ""
prop.Items = nil
}
return prop
}
func objectsToSchemas(in *objects, imports map[string]string, openAPIVersion int) *openAPISchemas {
def := openAPISchemas{}
for _, o := range *in {
schema := openAPISchema{
Type: o.Type,
Description: o.Comment,
Properties: map[string]openAPIProperty{},
}
if o.Type != "object" {
t := o.Type
schema.Format = t
if strings.Contains(t, "[]") {
schema.Type = "array"
}
t = strings.TrimPrefix(t, "[]")
t = strings.TrimPrefix(t, "*")
url, local := getRefLink(t, in, imports, openAPIVersion)
if len(url) != 0 {
if local && schema.Type != "array" {
schema.Ref = url
schema.Description = ""
schema.Type = ""
schema.Format = ""
} else {
schema.Items = &openAPIItemType{Ref: url}
}
} else {
if !isKnownJSType(schema.Type) {
schema.Type = "object"
}
}
}
def[o.Name] = schema
for _, f := range o.Fields {
prop := fieldToProp(in, f, imports, openAPIVersion)
name := f.Name
if len(f.Tag) != 0 {
name = nameFromTag(f.Tag)
if name == "-" {
name = f.Name
}
}
if len(name) == 0 {
name = prop.Format
}
if len(name) == 0 {
name = prop.Format
}
def[o.Name].Properties[name] = *prop
}
}
return &def
}
func main() {
var input, version, title string
var openAPIVersion int
flag.IntVar(&openAPIVersion, "openapi-version", 2, "OpenAPI version - can be 2 or 3")
flag.StringVar(&input, "input", "", "comma separated list of files to parse")
flag.StringVar(&version, "version", "", "version to be placed in the OpenAPI info")
flag.StringVar(&title, "title", "", "title to be placed in the OpenAPI info")
flag.Parse()
files := strings.Split(input, ",")
if len(files) == 0 || len(files[0]) == 0 {
fmt.Fprintln(os.Stderr, "input must contain at least one file")
os.Exit(1)
}
if openAPIVersion != 2 && openAPIVersion != 3 {
fmt.Fprintf(os.Stderr, "unsupported OpenAPI version: %d\n", openAPIVersion)
os.Exit(1)
}
objlist := objects{}
imports := map[string]string{}
for _, file := range files {
data, err := ioutil.ReadFile(file)
if err != nil {
fmt.Fprintf(os.Stderr, "cannot read file %s: %v\n", file, err)
os.Exit(1)
}
fset := token.NewFileSet()
f, err := parser.ParseFile(fset, "", string(data), parser.ParseComments)
if err != nil {
fmt.Fprintf(os.Stderr, "error parsing file %s: %v\n", file, err)
os.Exit(1)
}
var lastObj object
var typeNameBuf bytes.Buffer
ast.Inspect(f, func(n ast.Node) bool {
switch t := n.(type) {
case *ast.ImportSpec:
var name string
if t.Name == nil {
names := strings.Split(t.Path.Value, "/")
if len(names) == 0 {
fmt.Fprintf(os.Stderr, "unexpected import path: %s", t.Path.Value)
os.Exit(1)
}
name = names[len(names)-1]
} else {
name = t.Name.Name
}
imports[name] = t.Path.Value
case *ast.GenDecl:
lastObj = object{}
lastObj.Comment = t.Doc.Text()
case *ast.TypeSpec:
if t.Name != nil {
lastObj.Name = t.Name.Name
}
lastObj.Type = "object"
typeNameBuf.Reset()
printer.Fprint(&typeNameBuf, fset, t.Type)
if !strings.HasPrefix(typeNameBuf.String(), "struct") {
lastObj.Type = typeNameBuf.String()
objlist = append(objlist, lastObj)
}
case *ast.StructType:
for _, fld := range t.Fields.List {
f := field{}
if len(fld.Names) > 0 {
f.Name = fld.Names[0].Name
}
f.Comment = fld.Doc.Text()
if fld.Tag != nil {
f.Tag = fld.Tag.Value
}
typeNameBuf.Reset()
printer.Fprint(&typeNameBuf, fset, fld.Type)
f.Type = typeNameBuf.String()
lastObj.Fields = append(lastObj.Fields, f)
}
objlist = append(objlist, lastObj)
}
return true
})
}
schemas := objectsToSchemas(&objlist, imports, openAPIVersion)
doc := openAPIDoc{
Info: openAPIInfo{
Title: title,
Version: version,
License: openAPILicense{
Name: "Apache 2.0",
URL: "http://www.apache.org/licenses/LICENSE-2.0.html",
},
},
Paths: map[string]string{},
}
if openAPIVersion > 2 {
doc.OpenAPI = "3.0.0"
doc.Components = &openAPIComponents{
Schemas: *schemas,
}
} else {
doc.Swagger = "2.0"
doc.Definitions = schemas
}
data, err := json.MarshalIndent(doc, "", "\t")
if err != nil {
fmt.Fprintf(os.Stderr, "error marshaling OpenAPI doc: %v\n", err)
os.Exit(1)
}
fmt.Fprintf(os.Stdout, "%s\n", data)
}
Raw
swagger-kubelet.js
{
"swagger": "2.0",
"paths": {},
"info": {
"title": "kubelet.config.k8s.io",
"version": "v1",
"license": {
"name": "Apache 2.0",
"url": "http://www.apache.org/licenses/LICENSE-2.0.html"
}
},
"definitions": {
"HairpinMode": {
"type": "object",
"description": "HairpinMode denotes how the kubelet should configure networking to handle\nhairpin packets.\n"
},
"KubeletAnonymousAuthentication": {
"type": "object",
"properties": {
"enabled": {
"description": "enabled allows anonymous requests to the kubelet server.\nRequests that are not rejected by another authentication method are treated as anonymous requests.\nAnonymous requests have a username of system:anonymous, and a group name of system:unauthenticated.\n+optional\n",
"type": "boolean"
}
}
},
"KubeletAuthentication": {
"type": "object",
"properties": {
"anonymous": {
"$ref": "#/definitions/KubeletAnonymousAuthentication"
},
"webhook": {
"$ref": "#/definitions/KubeletWebhookAuthentication"
},
"x509": {
"$ref": "#/definitions/KubeletX509Authentication"
}
}
},
"KubeletAuthorization": {
"type": "object",
"properties": {
"mode": {
"$ref": "#/definitions/KubeletAuthorizationMode"
},
"webhook": {
"$ref": "#/definitions/KubeletWebhookAuthorization"
}
}
},
"KubeletAuthorizationMode": {
"type": "object"
},
"KubeletConfiguration": {
"type": "object",
"description": "KubeletConfiguration contains the configuration for the Kubelet\n",
"properties": {
"address": {
"description": "address is the IP address for the Kubelet to serve on (set to 0.0.0.0\nfor all interfaces).\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: \"0.0.0.0\"\n+optional\n",
"type": "string"
},
"allowedUnsafeSysctls": {
"description": "A comma separated whitelist of unsafe sysctls or sysctl patterns (ending in *).\nUnsafe sysctl groups are kernel.shm*, kernel.msg*, kernel.sem, fs.mqueue.*, and net.*.\nThese sysctls are namespaced but not allowed by default. For example: \"kernel.msg*,net.ipv4.route.min_pmtu\"\nDefault: []\n+optional\n",
"type": "array",
"format": "[]string",
"items": {}
},
"authentication": {
"$ref": "#/definitions/KubeletAuthentication"
},
"authorization": {
"$ref": "#/definitions/KubeletAuthorization"
},
"cgroupDriver": {
"description": "driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd)\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"cgroupfs\"\n+optional\n",
"type": "string"
},
"cgroupRoot": {
"description": "cgroupRoot is the root cgroup to use for pods. This is handled by the\ncontainer runtime on a best effort basis.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"cgroupsPerQOS": {
"description": "Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes\nAnd all Burstable and BestEffort pods are brought up under their\nspecific top level QoS cgroup.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: true\n+optional\n",
"type": "boolean"
},
"clusterDNS": {
"description": "clusterDNS is a list of IP addresses for the cluster DNS server. If set,\nkubelet will configure all containers to use this for DNS resolution\ninstead of the host's DNS servers.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nchanges will only take effect on Pods created after the update. Draining\nthe node is recommended before changing this field.\nDefault: nil\n+optional\n",
"type": "array",
"format": "[]string",
"items": {}
},
"clusterDomain": {
"description": "clusterDomain is the DNS domain for this cluster. If set, kubelet will\nconfigure all containers to search this domain in addition to the\nhost's search domains.\nDynamic Kubelet Config (beta): Dynamically updating this field is not recommended,\nas it should be kept in sync with the rest of the cluster.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"configMapAndSecretChangeDetectionStrategy": {
"$ref": "#/definitions/ResourceChangeDetectionStrategy"
},
"containerLogMaxFiles": {
"description": "Maximum number of container log files that can be present for a container.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nlowering it may cause log files to be deleted.\nDefault: 5\n+optional\n",
"type": "integer",
"format": "int32"
},
"containerLogMaxSize": {
"description": "A quantity defines the maximum size of the container log file before it is rotated.\nFor example: \"5Mi\" or \"256Ki\".\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger log rotation.\nDefault: \"10Mi\"\n+optional\n",
"type": "string"
},
"contentType": {
"description": "contentType is contentType of requests sent to apiserver.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the ability for the Kubelet to communicate with the API server.\nIf the Kubelet loses contact with the API server due to a change to this field,\nthe change cannot be reverted via dynamic Kubelet config.\nDefault: \"application/vnd.kubernetes.protobuf\"\n+optional\n",
"type": "string"
},
"cpuCFSQuota": {
"description": "cpuCFSQuota enables CPU CFS quota enforcement for containers that\nspecify CPU limits.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndisabling it may reduce node stability.\nDefault: true\n+optional\n",
"type": "boolean"
},
"cpuCFSQuotaPeriod": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nCPUCFSQuotaPeriod is the CPU CFS quota period value, cpu.cfs_period_us.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nlimits set for containers will result in different cpu.cfs_quota settings. This\nwill trigger container restarts on the node being reconfigured.\nDefault: \"100ms\"\n+optional\n",
"format": "metav1.Duration"
},
"cpuManagerPolicy": {
"description": "CPUManagerPolicy is the name of the policy to use.\nRequires the CPUManager feature gate to be enabled.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"none\"\n+optional\n",
"type": "string"
},
"cpuManagerReconcilePeriod": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nCPU Manager reconciliation period.\nRequires the CPUManager feature gate to be enabled.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nshortening the period may carry a performance impact.\nDefault: \"10s\"\n+optional\n",
"format": "metav1.Duration"
},
"enableContentionProfiling": {
"description": "enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nenabling it may carry a performance impact.\nDefault: false\n+optional\n",
"type": "boolean"
},
"enableControllerAttachDetach": {
"description": "enableControllerAttachDetach enables the Attach/Detach controller to\nmanage attachment/detachment of volumes scheduled to this node, and\ndisables kubelet from executing any attach/detach operations\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nchanging which component is responsible for volume management on a live node\nmay result in volumes refusing to detach if the node is not drained prior to\nthe update, and if Pods are scheduled to the node before the\nvolumes.kubernetes.io/controller-managed-attach-detach annotation is updated by the\nKubelet. In general, it is safest to leave this value set the same as local config.\nDefault: true\n+optional\n",
"type": "boolean"
},
"enableDebuggingHandlers": {
"description": "enableDebuggingHandlers enables server endpoints for log access\nand local running of containers and commands, including the exec,\nattach, logs, and portforward features.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndisabling it may disrupt components that interact with the Kubelet server.\nDefault: true\n+optional\n",
"type": "boolean"
},
"enableServer": {
"description": "enableServer enables Kubelet's secured server.\nNote: Kubelet's insecure port is controlled by the readOnlyPort option.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: true\n",
"type": "boolean"
},
"enableSystemLogHandler": {
"description": "enableSystemLogHandler enables system logs via web interface host:port/logs/\nDefault: true\n+optional\n",
"type": "boolean"
},
"enforceNodeAllocatable": {
"description": "This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform.\nThis flag accepts a list of options. Acceptable options are `none`, `pods`, `system-reserved` \u0026 `kube-reserved`.\nIf `none` is specified, no other options may be specified.\nRefer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nremoving enforcements may reduce the stability of the node. Alternatively, adding\nenforcements may reduce the stability of components which were using more than\nthe reserved amount of resources; for example, enforcing kube-reserved may cause\nKubelets to OOM if it uses more than the reserved resources, and enforcing system-reserved\nmay cause system daemons to OOM if they use more than the reserved resources.\nDefault: [\"pods\"]\n+optional\n",
"type": "array",
"format": "[]string",
"items": {}
},
"eventBurst": {
"description": "eventBurst is the maximum size of a burst of event creations, temporarily\nallows event creations to burst to this number, while still not exceeding\neventRecordQPS. Only used if eventRecordQPS \u003e 0.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic produced by\nevent creations.\nDefault: 10\n+optional\n",
"type": "integer",
"format": "int32"
},
"eventRecordQPS": {
"description": "eventRecordQPS is the maximum event creations per second. If 0, there\nis no limit enforced.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic produced by\nevent creations.\nDefault: 5\n+optional\n",
"type": "integer",
"format": "int32"
},
"evictionHard": {
"description": "Map of signal names to quantities that defines hard eviction thresholds. For example: {\"memory.available\": \"300Mi\"}.\nTo explicitly disable, pass a 0% or 100% threshold on an arbitrary resource.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay Pod evictions.\nDefault:\n memory.available: \"100Mi\"\n nodefs.available: \"10%\"\n nodefs.inodesFree: \"5%\"\n imagefs.available: \"15%\"\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"evictionMaxPodGracePeriod": {
"description": "Maximum allowed grace period (in seconds) to use when terminating pods in\nresponse to a soft eviction threshold being met. This value effectively caps\nthe Pod's TerminationGracePeriodSeconds value during soft evictions.\nNote: Due to issue #64530, the behavior has a bug where this value currently just\noverrides the grace period during soft eviction, which can increase the grace\nperiod from what is set on the Pod. This bug will be fixed in a future release.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nlowering it decreases the amount of time Pods will have to gracefully clean\nup before being killed during a soft eviction.\nDefault: 0\n+optional\n",
"type": "integer",
"format": "int32"
},
"evictionMinimumReclaim": {
"description": "Map of signal names to quantities that defines minimum reclaims, which describe the minimum\namount of a given resource the kubelet will reclaim when performing a pod eviction while\nthat resource is under pressure. For example: {\"imagefs.available\": \"2Gi\"}\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may change how well eviction can manage resource pressure.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"evictionPressureTransitionPeriod": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nDuration for which the kubelet has to wait before transitioning out of an eviction pressure condition.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nlowering it may decrease the stability of the node when the node is overcommitted.\nDefault: \"5m\"\n+optional\n",
"format": "metav1.Duration"
},
"evictionSoft": {
"description": "Map of signal names to quantities that defines soft eviction thresholds.\nFor example: {\"memory.available\": \"300Mi\"}.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay Pod evictions, and may change the allocatable reported\nby the node.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"evictionSoftGracePeriod": {
"description": "Map of signal names to quantities that defines grace periods for each soft eviction signal.\nFor example: {\"memory.available\": \"30s\"}.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay Pod evictions.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"failSwapOn": {
"description": "failSwapOn tells the Kubelet to fail to start if swap is enabled on the node.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nsetting it to true will cause the Kubelet to crash-loop if swap is enabled.\nDefault: true\n+optional\n",
"type": "boolean"
},
"featureGates": {
"description": "featureGates is a map of feature names to bools that enable or disable alpha/experimental\nfeatures. This field modifies piecemeal the built-in default values from\n\"k8s.io/kubernetes/pkg/features/kube_features.go\".\nDynamic Kubelet Config (beta): If dynamically updating this field, consider the\ndocumentation for the features you are enabling or disabling. While we\nencourage feature developers to make it possible to dynamically enable\nand disable features, some changes may require node reboots, and some\nfeatures may require careful coordination to retroactively disable.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]bool",
"items": {}
},
"fileCheckFrequency": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nfileCheckFrequency is the duration between checking config files for\nnew data\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nshortening the duration will cause the Kubelet to reload local Static Pod\nconfigurations more frequently, which may have a negative performance impact.\nDefault: \"20s\"\n+optional\n",
"format": "metav1.Duration"
},
"hairpinMode": {
"description": "hairpinMode specifies how the Kubelet should configure the container\nbridge for hairpin packets.\nSetting this flag allows endpoints in a Service to loadbalance back to\nthemselves if they should try to access their own Service. Values:\n \"promiscuous-bridge\": make the container bridge promiscuous.\n \"hairpin-veth\": set the hairpin flag on container veth interfaces.\n \"none\": do nothing.\nGenerally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT,\nbecause promiscuous-bridge assumes the existence of a container bridge named cbr0.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may require a node reboot, depending on the network plugin.\nDefault: \"promiscuous-bridge\"\n+optional\n",
"type": "string"
},
"healthzBindAddress": {
"description": "healthzBindAddress is the IP address for the healthz server to serve on\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that monitor Kubelet health.\nDefault: \"127.0.0.1\"\n+optional\n",
"type": "string"
},
"healthzPort": {
"description": "healthzPort is the port of the localhost healthz endpoint (set to 0 to disable)\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that monitor Kubelet health.\nDefault: 10248\n+optional\n",
"type": "integer",
"format": "int32"
},
"httpCheckFrequency": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nhttpCheckFrequency is the duration between checking http for new data\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nshortening the duration will cause the Kubelet to poll staticPodURL more\nfrequently, which may have a negative performance impact.\nDefault: \"20s\"\n+optional\n",
"format": "metav1.Duration"
},
"imageGCHighThresholdPercent": {
"description": "imageGCHighThresholdPercent is the percent of disk usage after which\nimage garbage collection is always run. The percent is calculated as\nthis field value out of 100.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay garbage collection, and may change the image overhead\non the node.\nDefault: 85\n+optional\n",
"type": "integer",
"format": "int32"
},
"imageGCLowThresholdPercent": {
"description": "imageGCLowThresholdPercent is the percent of disk usage before which\nimage garbage collection is never run. Lowest disk usage to garbage\ncollect to. The percent is calculated as this field value out of 100.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay garbage collection, and may change the image overhead\non the node.\nDefault: 80\n+optional\n",
"type": "integer",
"format": "int32"
},
"imageMinimumGCAge": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nimageMinimumGCAge is the minimum age for an unused image before it is\ngarbage collected.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may trigger or delay garbage collection, and may change the image overhead\non the node.\nDefault: \"2m\"\n+optional\n",
"format": "metav1.Duration"
},
"iptablesDropBit": {
"description": "iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets.\nValues must be within the range [0, 31]. Must be different from other mark bits.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit needs to be coordinated with other components, like kube-proxy, and the update\nwill only be effective if MakeIPTablesUtilChains is enabled.\nDefault: 15\n+optional\n",
"type": "integer",
"format": "int32"
},
"iptablesMasqueradeBit": {
"description": "iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT\nValues must be within the range [0, 31]. Must be different from other mark bits.\nWarning: Please match the value of the corresponding parameter in kube-proxy.\nTODO: clean up IPTablesMasqueradeBit in kube-proxy\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit needs to be coordinated with other components, like kube-proxy, and the update\nwill only be effective if MakeIPTablesUtilChains is enabled.\nDefault: 14\n+optional\n",
"type": "integer",
"format": "int32"
},
"kernelMemcgNotification": {
"description": "kernelMemcgNotification, if set, the kubelet will integrate with the kernel memcg notification\nto determine if memory eviction thresholds are crossed rather than polling.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the way Kubelet interacts with the kernel.\nDefault: false\n+optional\n",
"type": "boolean"
},
"kubeAPIBurst": {
"description": "kubeAPIBurst is the burst to allow while talking with kubernetes apiserver\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic the Kubelet\nsends to the API server.\nDefault: 10\n+optional\n",
"type": "integer",
"format": "int32"
},
"kubeAPIQPS": {
"description": "kubeAPIQPS is the QPS to use while talking with kubernetes apiserver\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic the Kubelet\nsends to the API server.\nDefault: 5\n+optional\n",
"type": "integer",
"format": "int32"
},
"kubeReserved": {
"description": "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs\nthat describe resources reserved for kubernetes system components.\nCurrently cpu, memory and local storage for root file system are supported.\nSee http://kubernetes.io/docs/user-guide/compute-resources for more detail.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may not be possible to increase the reserved resources, because this\nrequires resizing cgroups. Always look for a NodeAllocatableEnforced event\nafter updating this field to ensure that the update was successful.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"kubeReservedCgroup": {
"description": "This flag helps kubelet identify absolute name of top level cgroup used to enforce `KubeReserved` compute resource reservation for Kubernetes node system daemons.\nRefer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"kubeletCgroups": {
"description": "kubeletCgroups is the absolute name of cgroups to isolate the kubelet in\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"logging": {
"description": "[componentbaseconfigv1alpha1.LoggingConfiguration](https://godoc.org/k8s.io/component-base/config/v1alpha1#LoggingConfiguration)\nLogging specifies the options of logging.\nRefer [Logs Options](https://github.com/kubernetes/component-base/blob/master/logs/options.go) for more information.\nDefaults:\n Format: text\n+ optional\n",
"format": "componentbaseconfigv1alpha1.LoggingConfiguration"
},
"makeIPTablesUtilChains": {
"description": "If true, Kubelet ensures a set of iptables rules are present on host.\nThese rules will serve as utility rules for various components, e.g. KubeProxy.\nThe rules will be created based on IPTablesMasqueradeBit and IPTablesDropBit.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndisabling it will prevent the Kubelet from healing locally misconfigured iptables rules.\nDefault: true\n+optional\n",
"type": "boolean"
},
"maxOpenFiles": {
"description": "maxOpenFiles is Number of files that can be opened by Kubelet process.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the ability of the Kubelet to interact with the node's filesystem.\nDefault: 1000000\n+optional\n",
"type": "integer",
"format": "int64"
},
"maxPods": {
"description": "maxPods is the number of pods that can run on this Kubelet.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nchanges may cause Pods to fail admission on Kubelet restart, and may change\nthe value reported in Node.Status.Capacity[v1.ResourcePods], thus affecting\nfuture scheduling decisions. Increasing this value may also decrease performance,\nas more Pods can be packed into a single node.\nDefault: 110\n+optional\n",
"type": "integer",
"format": "int32"
},
"metav1.TypeMeta": {
"description": "[metav1.TypeMeta](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#TypeMeta)\n",
"format": "metav1.TypeMeta"
},
"nodeLeaseDurationSeconds": {
"description": "nodeLeaseDurationSeconds is the duration the Kubelet will set on its corresponding Lease,\nwhen the NodeLease feature is enabled. This feature provides an indicator of node\nhealth by having the Kubelet create and periodically renew a lease, named after the node,\nin the kube-node-lease namespace. If the lease expires, the node can be considered unhealthy.\nThe lease is currently renewed every 10s, per KEP-0009. In the future, the lease renewal interval\nmay be set based on the lease duration.\nRequires the NodeLease feature gate to be enabled.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndecreasing the duration may reduce tolerance for issues that temporarily prevent\nthe Kubelet from renewing the lease (e.g. a short-lived network issue).\nDefault: 40\n+optional\n",
"type": "integer",
"format": "int32"
},
"nodeStatusMaxImages": {
"description": "nodeStatusMaxImages caps the number of images reported in Node.Status.Images.\nNote: If -1 is specified, no cap will be applied. If 0 is specified, no image is returned.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndifferent values can be reported on node status.\nDefault: 50\n+optional\n",
"type": "integer",
"format": "int32"
},
"nodeStatusReportFrequency": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nnodeStatusReportFrequency is the frequency that kubelet posts node\nstatus to master if node status does not change. Kubelet will ignore this\nfrequency and post node status immediately if any change is detected. It is\nonly used when node lease feature is enabled. nodeStatusReportFrequency's\ndefault value is 1m. But if nodeStatusUpdateFrequency is set explicitly,\nnodeStatusReportFrequency's default value will be set to\nnodeStatusUpdateFrequency for backward compatibility.\nDefault: \"1m\"\n+optional\n",
"format": "metav1.Duration"
},
"nodeStatusUpdateFrequency": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nnodeStatusUpdateFrequency is the frequency that kubelet computes node\nstatus. If node lease feature is not enabled, it is also the frequency that\nkubelet posts node status to master.\nNote: When node lease feature is not enabled, be cautious when changing the\nconstant, it must work with nodeMonitorGracePeriod in nodecontroller.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact node scalability, and also that the node controller's\nnodeMonitorGracePeriod must be set to N*NodeStatusUpdateFrequency,\nwhere N is the number of retries before the node controller marks\nthe node unhealthy.\nDefault: \"10s\"\n+optional\n",
"format": "metav1.Duration"
},
"oomScoreAdj": {
"description": "oomScoreAdj is The oom-score-adj value for kubelet process. Values\nmust be within the range [-1000, 1000].\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the stability of nodes under memory pressure.\nDefault: -999\n+optional\n",
"type": "integer",
"format": "int32"
},
"podCIDR": {
"description": "The CIDR to use for pod IP addresses, only used in standalone mode.\nIn cluster mode, this is obtained from the master.\nDynamic Kubelet Config (beta): This field should always be set to the empty default.\nIt should only set for standalone Kubelets, which cannot use Dynamic Kubelet Config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"podPidsLimit": {
"description": "PodPidsLimit is the maximum number of pids in any pod.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nlowering it may prevent container processes from forking after the change.\nDefault: -1\n+optional\n",
"type": "integer",
"format": "int64"
},
"podsPerCore": {
"description": "podsPerCore is the maximum number of pods per core. Cannot exceed MaxPods.\nIf 0, this field is ignored.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nchanges may cause Pods to fail admission on Kubelet restart, and may change\nthe value reported in Node.Status.Capacity[v1.ResourcePods], thus affecting\nfuture scheduling decisions. Increasing this value may also decrease performance,\nas more Pods can be packed into a single node.\nDefault: 0\n+optional\n",
"type": "integer",
"format": "int32"
},
"port": {
"description": "port is the port for the Kubelet to serve on.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: 10250\n+optional\n",
"type": "integer",
"format": "int32"
},
"protectKernelDefaults": {
"description": "protectKernelDefaults, if true, causes the Kubelet to error if kernel\nflags are not as it expects. Otherwise the Kubelet will attempt to modify\nkernel flags to match its expectation.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nenabling it may cause the Kubelet to crash-loop if the Kernel is not configured as\nKubelet expects.\nDefault: false\n+optional\n",
"type": "boolean"
},
"providerID": {
"description": "providerID, if set, sets the unique id of the instance that an external provider (i.e. cloudprovider)\ncan use to identify a specific node.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the ability of the Kubelet to interact with cloud providers.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"qosReserved": {
"description": "qosReserved is a set of resource name to percentage pairs that specify\nthe minimum percentage of a resource reserved for exclusive use by the\nguaranteed QoS tier.\nCurrently supported resources: \"memory\"\nRequires the QOSReserved feature gate to be enabled.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"readOnlyPort": {
"description": "readOnlyPort is the read-only port for the Kubelet to serve on with\nno authentication/authorization.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: 0 (disabled)\n+optional\n",
"type": "integer",
"format": "int32"
},
"registryBurst": {
"description": "registryBurst is the maximum size of bursty pulls, temporarily allows\npulls to burst to this number, while still not exceeding registryPullQPS.\nOnly used if registryPullQPS \u003e 0.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic produced\nby image pulls.\nDefault: 10\n+optional\n",
"type": "integer",
"format": "int32"
},
"registryPullQPS": {
"description": "registryPullQPS is the limit of registry pulls per second.\nSet to 0 for no limit.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact scalability by changing the amount of traffic produced\nby image pulls.\nDefault: 5\n+optional\n",
"type": "integer",
"format": "int32"
},
"reservedSystemCPUs": {
"description": "This ReservedSystemCPUs option specifies the cpu list reserved for the host level system threads and kubernetes related threads.\nThis provide a \"static\" CPU list rather than the \"dynamic\" list by system-reserved and kube-reserved.\nThis option overwrites CPUs provided by system-reserved and kube-reserved.\n",
"type": "string"
},
"resolvConf": {
"description": "ResolverConfig is the resolver configuration file used as the basis\nfor the container DNS resolution configuration.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nchanges will only take effect on Pods created after the update. Draining\nthe node is recommended before changing this field.\nDefault: \"/etc/resolv.conf\"\n+optional\n",
"type": "string"
},
"rotateCertificates": {
"description": "rotateCertificates enables client certificate rotation. The Kubelet will request a\nnew certificate from the certificates.k8s.io API. This requires an approver to approve the\ncertificate signing requests.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndisabling it may disrupt the Kubelet's ability to authenticate with the API server\nafter the current certificate expires.\nDefault: false\n+optional\n",
"type": "boolean"
},
"runOnce": {
"description": "RunOnce causes the Kubelet to check the API server once for pods,\nrun those in addition to the pods specified by static pod files, and exit.\nDefault: false\n+optional\n",
"type": "boolean"
},
"runtimeRequestTimeout": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nruntimeRequestTimeout is the timeout for all runtime requests except long running\nrequests - pull, logs, exec and attach.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: \"2m\"\n+optional\n",
"format": "metav1.Duration"
},
"serializeImagePulls": {
"description": "serializeImagePulls when enabled, tells the Kubelet to pull images one\nat a time. We recommend *not* changing the default value on nodes that\nrun docker daemon with version \u003c 1.9 or an Aufs storage backend.\nIssue #10959 has more details.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact the performance of image pulls.\nDefault: true\n+optional\n",
"type": "boolean"
},
"serverTLSBootstrap": {
"description": "serverTLSBootstrap enables server certificate bootstrap. Instead of self\nsigning a serving certificate, the Kubelet will request a certificate from\nthe certificates.k8s.io API. This requires an approver to approve the\ncertificate signing requests. The RotateKubeletServerCertificate feature\nmust be enabled.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\ndisabling it will stop the renewal of Kubelet server certificates, which can\ndisrupt components that interact with the Kubelet server in the long term,\ndue to certificate expiration.\nDefault: false\n+optional\n",
"type": "boolean"
},
"showHiddenMetricsForVersion": {
"description": "The previous version for which you want to show hidden metrics.\nOnly the previous minor version is meaningful, other values will not be allowed.\nThe format is \u003cmajor\u003e.\u003cminor\u003e, e.g.: '1.16'.\nThe purpose of this format is make sure you have the opportunity to notice if the next release hides additional metrics,\nrather than being surprised when they are permanently removed in the release after that.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"shutdownGracePeriod": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown.\nDefault: \"30s\"\n+optional\n",
"format": "metav1.Duration"
},
"shutdownGracePeriodCriticalPods": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. This should be less than ShutdownGracePeriod.\nFor example, if ShutdownGracePeriod=30s, and ShutdownGracePeriodCriticalPods=10s, during a node shutdown the first 20 seconds would be reserved for gracefully terminating normal pods, and the last 10 seconds would be reserved for terminating critical pods.\nDefault: \"10s\"\n+optional\n",
"format": "metav1.Duration"
},
"staticPodPath": {
"description": "staticPodPath is the path to the directory containing local (static) pods to\nrun, or the path to a single static pod file.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nthe set of static pods specified at the new path may be different than the\nones the Kubelet initially started with, and this may disrupt your node.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"staticPodURL": {
"description": "staticPodURL is the URL for accessing static pods to run\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nthe set of static pods specified at the new URL may be different than the\nones the Kubelet initially started with, and this may disrupt your node.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"staticPodURLHeader": {
"description": "staticPodURLHeader is a map of slices with HTTP headers to use when accessing the podURL\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt the ability to read the latest set of static pods from StaticPodURL.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string][]string",
"items": {}
},
"streamingConnectionIdleTimeout": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nstreamingConnectionIdleTimeout is the maximum time a streaming connection\ncan be idle before the connection is automatically closed.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may impact components that rely on infrequent updates over streaming\nconnections to the Kubelet server.\nDefault: \"4h\"\n+optional\n",
"format": "metav1.Duration"
},
"syncFrequency": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nsyncFrequency is the max period between synchronizing running\ncontainers and config.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nshortening this duration may have a negative performance impact, especially\nas the number of Pods on the node increases. Alternatively, increasing this\nduration will result in longer refresh times for ConfigMaps and Secrets.\nDefault: \"1m\"\n+optional\n",
"format": "metav1.Duration"
},
"systemCgroups": {
"description": "systemCgroups is absolute name of cgroups in which to place\nall non-kernel processes that are not already in a container. Empty\nfor no container. Rolling back the flag requires a reboot.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"systemReserved": {
"description": "systemReserved is a set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G)\npairs that describe resources reserved for non-kubernetes components.\nCurrently only cpu and memory are supported.\nSee http://kubernetes.io/docs/user-guide/compute-resources for more detail.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may not be possible to increase the reserved resources, because this\nrequires resizing cgroups. Always look for a NodeAllocatableEnforced event\nafter updating this field to ensure that the update was successful.\nDefault: nil\n+optional\n",
"type": "array",
"format": "map[string]string",
"items": {}
},
"systemReservedCgroup": {
"description": "This flag helps kubelet identify absolute name of top level cgroup used to enforce `SystemReserved` compute resource reservation for OS system daemons.\nRefer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"tlsCertFile": {
"description": "tlsCertFile is the file containing x509 Certificate for HTTPS. (CA cert,\nif any, concatenated after server cert). If tlsCertFile and\ntlsPrivateKeyFile are not provided, a self-signed certificate\nand key are generated for the public address and saved to the directory\npassed to the Kubelet's --cert-dir flag.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"tlsCipherSuites": {
"description": "TLSCipherSuites is the list of allowed cipher suites for the server.\nValues are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: nil\n+optional\n",
"type": "array",
"format": "[]string",
"items": {}
},
"tlsMinVersion": {
"description": "TLSMinVersion is the minimum TLS version supported.\nValues are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"tlsPrivateKeyFile": {
"description": "tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nit may disrupt components that interact with the Kubelet server.\nDefault: \"\"\n+optional\n",
"type": "string"
},
"topologyManagerPolicy": {
"description": "TopologyManagerPolicy is the name of the policy to use.\nPolicies other than \"none\" require the TopologyManager feature gate to be enabled.\nDynamic Kubelet Config (beta): This field should not be updated without a full node\nreboot. It is safest to keep this value the same as the local config.\nDefault: \"none\"\n+optional\n",
"type": "string"
},
"topologyManagerScope": {
"description": "TopologyManagerScope represents the scope of topology hint generation\nthat topology manager requests and hint providers generate.\n\"pod\" scope requires the TopologyManager feature gate to be enabled.\nDefault: \"container\"\n+optional\n",
"type": "string"
},
"volumePluginDir": {
"description": "volumePluginDir is the full path of the directory in which to search\nfor additional third party volume plugins.\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that changing\nthe volumePluginDir may disrupt workloads relying on third party volume plugins.\nDefault: \"/usr/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n+optional\n",
"type": "string"
},
"volumeStatsAggPeriod": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\nHow frequently to calculate and cache volume disk usage for all pods\nDynamic Kubelet Config (beta): If dynamically updating this field, consider that\nshortening the period may carry a performance impact.\nDefault: \"1m\"\n+optional\n",
"format": "metav1.Duration"
}
}
},
"KubeletWebhookAuthentication": {
"type": "object",
"properties": {
"cacheTTL": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\ncacheTTL enables caching of authentication results\n+optional\n",
"format": "metav1.Duration"
},
"enabled": {
"description": "enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API\n+optional\n",
"type": "boolean"
}
}
},
"KubeletWebhookAuthorization": {
"type": "object",
"properties": {
"cacheAuthorizedTTL": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\ncacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer.\n+optional\n",
"format": "metav1.Duration"
},
"cacheUnauthorizedTTL": {
"description": "[metav1.Duration](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#Duration)\ncacheUnauthorizedTTL is the duration to cache 'unauthorized' responses from the webhook authorizer.\n+optional\n",
"format": "metav1.Duration"
}
}
},
"KubeletX509Authentication": {
"type": "object",
"properties": {
"clientCAFile": {
"description": "clientCAFile is the path to a PEM-encoded certificate bundle. If set, any request presenting a client certificate\nsigned by one of the authorities in the bundle is authenticated with a username corresponding to the CommonName,\nand groups corresponding to the Organization in the client certificate.\n+optional\n",
"type": "string"
}
}
},
"ResourceChangeDetectionStrategy": {
"type": "object",
"description": "ResourceChangeDetectionStrategy denotes a mode in which internal\nmanagers (secret, configmap) are discovering object changes.\n"
},
"SerializedNodeConfigSource": {
"type": "object",
"description": "SerializedNodeConfigSource allows us to serialize v1.NodeConfigSource.\nThis type is used internally by the Kubelet for tracking checkpointed dynamic configs.\nIt exists in the kubeletconfig API group because it is classified as a versioned input to the Kubelet.\n",
"properties": {
"metav1.TypeMeta": {
"description": "[metav1.TypeMeta](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#TypeMeta)\n",
"format": "metav1.TypeMeta"
},
"source": {
"description": "[v1.NodeConfigSource](https://godoc.org/k8s.io/api/core/v1#NodeConfigSource)\nSource is the source that we are serializing\n+optional\n",
"format": "v1.NodeConfigSource"
}
}
}
}
}
Raw
swagger-scheduler.json
{
"swagger": "2.0",
"paths": {},
"info": {
"title": "",
"version": "",
"license": {
"name": "Apache 2.0",
"url": "http://www.apache.org/licenses/LICENSE-2.0.html"
}
},
"definitions": {
"ExtenderManagedResource": {
"description": "ExtenderManagedResource describes the arguments of extended resources\nmanaged by an extender.\n",
"type": "object",
"properties": {
"ignoredByScheduler": {
"description": "IgnoredByScheduler indicates whether kube-scheduler should ignore this\nresource when applying predicates.\n",
"type": "boolean"
},
"name": {
"description": "Name is the extended resource name.\n",
"type": "string"
}
}
},
"ExtenderTLSConfig": {
"description": "ExtenderTLSConfig contains settings to enable TLS with extender\n",
"type": "object",
"properties": {
"caData": {
"description": "CAData holds PEM-encoded bytes (typically read from a root certificates bundle).\nCAData takes precedence over CAFile\n",
"type": "array",
"format": "[]byte",
"items": {}
},
"caFile": {
"description": "Trusted root certificates for server\n",
"type": "string"
},
"certData": {
"description": "CertData holds PEM-encoded bytes (typically read from a client certificate file).\nCertData takes precedence over CertFile\n",
"type": "array",
"format": "[]byte",
"items": {}
},
"certFile": {
"description": "Server requires TLS client certificate authentication\n",
"type": "string"
},
"insecure": {
"description": "Server should be accessed without verifying the TLS certificate. For testing only.\n",
"type": "boolean"
},
"keyData": {
"description": "KeyData holds PEM-encoded bytes (typically read from a client certificate key file).\nKeyData takes precedence over KeyFile\n",
"type": "array",
"format": "[]byte",
"items": {}
},
"keyFile": {
"description": "Server requires TLS client certificate authentication\n",
"type": "string"
},
"serverName": {
"description": "ServerName is passed to the server for SNI and is used in the client to check server\ncertificates against. If ServerName is empty, the hostname used to contact the\nserver is used.\n",
"type": "string"
}
}
},
"LabelPreference": {
"description": "LabelPreference holds the parameters that are used to configure the corresponding priority function\n",
"type": "object",
"properties": {
"label": {
"description": "Used to identify node \"groups\"\n",
"type": "string"
},
"presence": {
"description": "This is a boolean flag\nIf true, higher priority is given to nodes that have the label\nIf false, higher priority is given to nodes that do not have the label\n",
"type": "boolean"
}
}
},
"LabelsPresence": {
"description": "LabelsPresence holds the parameters that are used to configure the corresponding predicate in scheduler policy configuration.\n",
"type": "object",
"properties": {
"labels": {
"description": "The list of labels that identify node \"groups\"\nAll of the labels should be either present (or absent) for the node to be considered a fit for hosting the pod\n",
"type": "array",
"format": "[]string",
"items": {}
},
"presence": {
"description": "The boolean flag that indicates whether the labels should be present or absent from the node\n",
"type": "boolean"
}
}
},
"LegacyExtender": {
"description": "LegacyExtender holds the parameters used to communicate with the extender. If a verb is unspecified/empty,\nit is assumed that the extender chose not to provide that extension.\n",
"type": "object",
"properties": {
"bindVerb": {
"description": "Verb for the bind call, empty if not supported. This verb is appended to the URLPrefix when issuing the bind call to extender.\nIf this method is implemented by the extender, it is the extender's responsibility to bind the pod to apiserver. Only one extender\ncan implement this function.\n",
"type": "string"
},
"enableHttps": {
"description": "EnableHTTPS specifies whether https should be used to communicate with the extender\n",
"type": "boolean"
},
"filterVerb": {
"description": "Verb for the filter call, empty if not supported. This verb is appended to the URLPrefix when issuing the filter call to extender.\n",
"type": "string"
},
"httpTimeout": {
"description": "HTTPTimeout specifies the timeout duration for a call to the extender. Filter timeout fails the scheduling of the pod. Prioritize\ntimeout is ignored, k8s/other extenders priorities are used to select the node.\n",
"format": "time.Duration"
},
"ignorable": {
"description": "Ignorable specifies if the extender is ignorable, i.e. scheduling should not\nfail when the extender returns an error or is not reachable.\n",
"type": "boolean"
},
"managedResources": {
"description": "ManagedResources is a list of extended resources that are managed by\nthis extender.\n- A pod will be sent to the extender on the Filter, Prioritize and Bind\n (if the extender is the binder) phases iff the pod requests at least\n one of the extended resources in this list. If empty or unspecified,\n all pods will be sent to this extender.\n- If IgnoredByScheduler is set to true for a resource, kube-scheduler\n will skip checking the resource in predicates.\n+optional\n",
"type": "array",
"format": "[]ExtenderManagedResource",
"items": {
"$ref": "#/definitions/ExtenderManagedResource"
}
},
"nodeCacheCapable": {
"description": "NodeCacheCapable specifies that the extender is capable of caching node information,\nso the scheduler should only send minimal information about the eligible nodes\nassuming that the extender already cached full details of all nodes in the cluster\n",
"type": "boolean"
},
"preemptVerb": {
"description": "Verb for the preempt call, empty if not supported. This verb is appended to the URLPrefix when issuing the preempt call to extender.\n",
"type": "string"
},
"prioritizeVerb": {
"description": "Verb for the prioritize call, empty if not supported. This verb is appended to the URLPrefix when issuing the prioritize call to extender.\n",
"type": "string"
},
"tlsConfig": {
"$ref": "#/definitions/ExtenderTLSConfig"
},
"urlPrefix": {
"description": "URLPrefix at which the extender is available\n",
"type": "string"
},
"weight": {
"description": "The numeric multiplier for the node scores that the prioritize call generates.\nThe weight should be a positive integer\n",
"type": "integer",
"format": "int64"
}
}
},
"Policy": {
"description": "Policy describes a struct for a policy resource used in api.\n",
"type": "object",
"properties": {
"alwaysCheckAllPredicates": {
"description": "When AlwaysCheckAllPredicates is set to true, scheduler checks all\nthe configured predicates even after one or more of them fails.\nWhen the flag is set to false, scheduler skips checking the rest\nof the predicates after it finds one predicate that failed.\n",
"type": "boolean"
},
"extenders": {
"description": "Holds the information to communicate with the extender(s)\n",
"type": "array",
"format": "[]LegacyExtender",
"items": {
"$ref": "#/definitions/LegacyExtender"
}
},
"hardPodAffinitySymmetricWeight": {
"description": "RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule\ncorresponding to every RequiredDuringScheduling affinity rule.\nHardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 1-100.\n",
"type": "integer",
"format": "int32"
},
"metav1.TypeMeta": {
"description": "[metav1.TypeMeta](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#TypeMeta)\n",
"format": "metav1.TypeMeta"
},
"predicates": {
"description": "Holds the information to configure the fit predicate functions\n",
"type": "array",
"format": "[]PredicatePolicy",
"items": {
"$ref": "#/definitions/PredicatePolicy"
}
},
"priorities": {
"description": "Holds the information to configure the priority functions\n",
"type": "array",
"format": "[]PriorityPolicy",
"items": {
"$ref": "#/definitions/PriorityPolicy"
}
}
}
},
"PredicateArgument": {
"description": "PredicateArgument represents the arguments to configure predicate functions in scheduler policy configuration.\nOnly one of its members may be specified\n",
"type": "object",
"properties": {
"labelsPresence": {
"$ref": "#/definitions/LabelsPresence"
},
"serviceAffinity": {
"$ref": "#/definitions/ServiceAffinity"
}
}
},
"PredicatePolicy": {
"description": "PredicatePolicy describes a struct of a predicate policy.\n",
"type": "object",
"properties": {
"argument": {
"$ref": "#/definitions/PredicateArgument"
},
"name": {
"description": "Identifier of the predicate policy\nFor a custom predicate, the name can be user-defined\nFor the Kubernetes provided predicates, the name is the identifier of the pre-defined predicate\n",
"type": "string"
}
}
},
"PriorityArgument": {
"description": "PriorityArgument represents the arguments to configure priority functions in scheduler policy configuration.\nOnly one of its members may be specified\n",
"type": "object",
"properties": {
"labelPreference": {
"$ref": "#/definitions/LabelPreference"
},
"requestedToCapacityRatioArguments": {
"$ref": "#/definitions/RequestedToCapacityRatioArguments"
},
"serviceAntiAffinity": {
"$ref": "#/definitions/ServiceAntiAffinity"
}
}
},
"PriorityPolicy": {
"description": "PriorityPolicy describes a struct of a priority policy.\n",
"type": "object",
"properties": {
"argument": {
"$ref": "#/definitions/PriorityArgument"
},
"name": {
"description": "Identifier of the priority policy\nFor a custom priority, the name can be user-defined\nFor the Kubernetes provided priority functions, the name is the identifier of the pre-defined priority function\n",
"type": "string"
},
"weight": {
"description": "The numeric multiplier for the node scores that the priority function generates\nThe weight should be non-zero and can be a positive or a negative integer\n",
"type": "integer",
"format": "int64"
}
}
},
"RequestedToCapacityRatioArguments": {
"description": "RequestedToCapacityRatioArguments holds arguments specific to RequestedToCapacityRatio priority function.\n",
"type": "object",
"properties": {
"resources": {
"type": "array",
"format": "[]ResourceSpec",
"items": {
"$ref": "#/definitions/ResourceSpec"
}
},
"shape": {
"description": "Array of point defining priority function shape.\n",
"type": "array",
"format": "[]UtilizationShapePoint",
"items": {
"$ref": "#/definitions/UtilizationShapePoint"
}
}
}
},
"ResourceSpec": {
"description": "ResourceSpec represents single resource and weight for bin packing of priority RequestedToCapacityRatioArguments.\n",
"type": "object",
"properties": {
"name": {
"description": "Name of the resource to be managed by RequestedToCapacityRatio function.\n",
"type": "string"
},
"weight": {
"description": "Weight of the resource.\n",
"type": "integer",
"format": "int64"
}
}
},
"ServiceAffinity": {
"description": "ServiceAffinity holds the parameters that are used to configure the corresponding predicate in scheduler policy configuration.\n",
"type": "object",
"properties": {
"labels": {
"description": "The list of labels that identify node \"groups\"\nAll of the labels should match for the node to be considered a fit for hosting the pod\n",
"type": "array",
"format": "[]string",
"items": {}
}
}
},
"ServiceAntiAffinity": {
"description": "ServiceAntiAffinity holds the parameters that are used to configure the corresponding priority function\n",
"type": "object",
"properties": {
"label": {
"description": "Used to identify node \"groups\"\n",
"type": "string"
}
}
},
"UtilizationShapePoint": {
"description": "UtilizationShapePoint represents single point of priority function shape.\n",
"type": "object",
"properties": {
"score": {
"description": "Score assigned to given utilization (y axis). Valid values are 0 to 10.\n",
"type": "integer",
"format": "int32"
},
"utilization": {
"description": "Utilization (x axis). Valid values are 0 to 100. Fully utilized node maps to 100.\n",
"type": "integer",
"format": "int32"
}
}
},
"caseInsensitiveExtender": {
"$ref": "#/definitions/LegacyExtender"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment