diff --git a/pkg/apis/componentconfig/types.go b/pkg/apis/componentconfig/types.go index 7e3cf8a8f86..8dfc0660209 100644 --- a/pkg/apis/componentconfig/types.go +++ b/pkg/apis/componentconfig/types.go @@ -22,80 +22,6 @@ import ( apiserverconfig "k8s.io/apiserver/pkg/apis/config" ) -type GroupResource struct { - // group is the group portion of the GroupResource. - Group string - // resource is the resource portion of the GroupResource. - Resource string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type KubeControllerManagerConfiguration struct { - metav1.TypeMeta - - // Generic holds configuration for a generic controller-manager - Generic GenericControllerManagerConfiguration - // KubeCloudSharedConfiguration holds configuration for shared related features - // both in cloud controller manager and kube-controller manager. - KubeCloudShared KubeCloudSharedConfiguration - - // AttachDetachControllerConfiguration holds configuration for - // AttachDetachController related features. - AttachDetachController AttachDetachControllerConfiguration - // CSRSigningControllerConfiguration holds configuration for - // CSRSigningController related features. - CSRSigningController CSRSigningControllerConfiguration - // DaemonSetControllerConfiguration holds configuration for DaemonSetController - // related features. - DaemonSetController DaemonSetControllerConfiguration - // DeploymentControllerConfiguration holds configuration for - // DeploymentController related features. - DeploymentController DeploymentControllerConfiguration - // DeprecatedControllerConfiguration holds configuration for some deprecated - // features. - DeprecatedController DeprecatedControllerConfiguration - // EndpointControllerConfiguration holds configuration for EndpointController - // related features. - EndpointController EndpointControllerConfiguration - // GarbageCollectorControllerConfiguration holds configuration for - // GarbageCollectorController related features. - GarbageCollectorController GarbageCollectorControllerConfiguration - // HPAControllerConfiguration holds configuration for HPAController related features. - HPAController HPAControllerConfiguration - // JobControllerConfiguration holds configuration for JobController related features. - JobController JobControllerConfiguration - // NamespaceControllerConfiguration holds configuration for NamespaceController - // related features. - NamespaceController NamespaceControllerConfiguration - // NodeIPAMControllerConfiguration holds configuration for NodeIPAMController - // related features. - NodeIPAMController NodeIPAMControllerConfiguration - // NodeLifecycleControllerConfiguration holds configuration for - // NodeLifecycleController related features. - NodeLifecycleController NodeLifecycleControllerConfiguration - // PersistentVolumeBinderControllerConfiguration holds configuration for - // PersistentVolumeBinderController related features. - PersistentVolumeBinderController PersistentVolumeBinderControllerConfiguration - // PodGCControllerConfiguration holds configuration for PodGCController - // related features. - PodGCController PodGCControllerConfiguration - // ReplicaSetControllerConfiguration holds configuration for ReplicaSet related features. - ReplicaSetController ReplicaSetControllerConfiguration - // ReplicationControllerConfiguration holds configuration for - // ReplicationController related features. - ReplicationController ReplicationControllerConfiguration - // ResourceQuotaControllerConfiguration holds configuration for - // ResourceQuotaController related features. - ResourceQuotaController ResourceQuotaControllerConfiguration - // SAControllerConfiguration holds configuration for ServiceAccountController - // related features. - SAController SAControllerConfiguration - // ServiceControllerConfiguration holds configuration for ServiceController - // related features. - ServiceController ServiceControllerConfiguration -} - // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type CloudControllerManagerConfiguration struct { @@ -113,319 +39,3 @@ type CloudControllerManagerConfiguration struct { // NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status NodeStatusUpdateFrequency metav1.Duration } - -type GenericControllerManagerConfiguration struct { - // port is the port that the controller-manager's http service runs on. - Port int32 - // address is the IP address to serve on (set to 0.0.0.0 for all interfaces). - Address string - // minResyncPeriod is the resync period in reflectors; will be random between - // minResyncPeriod and 2*minResyncPeriod. - MinResyncPeriod metav1.Duration - // ClientConnection specifies the kubeconfig file and client connection - // settings for the proxy server to use when communicating with the apiserver. - ClientConnection apimachineryconfig.ClientConnectionConfiguration - // How long to wait between starting controller managers - ControllerStartInterval metav1.Duration - // leaderElection defines the configuration of leader election client. - LeaderElection apiserverconfig.LeaderElectionConfiguration - // Controllers is the list of controllers to enable or disable - // '*' means "all enabled by default controllers" - // 'foo' means "enable 'foo'" - // '-foo' means "disable 'foo'" - // first item for a particular name wins - Controllers []string - // DebuggingConfiguration holds configuration for Debugging related features. - Debugging apiserverconfig.DebuggingConfiguration -} - -type KubeCloudSharedConfiguration struct { - // CloudProviderConfiguration holds configuration for CloudProvider related features. - CloudProvider CloudProviderConfiguration - // externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". - // It is currently used by the in repo cloud providers to handle node and volume control in the KCM. - ExternalCloudVolumePlugin string - // useServiceAccountCredentials indicates whether controllers should be run with - // individual service account credentials. - UseServiceAccountCredentials bool - // run with untagged cloud instances - AllowUntaggedCloud bool - // routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider.. - RouteReconciliationPeriod metav1.Duration - // nodeMonitorPeriod is the period for syncing NodeStatus in NodeController. - NodeMonitorPeriod metav1.Duration - // clusterName is the instance prefix for the cluster. - ClusterName string - // clusterCIDR is CIDR Range for Pods in cluster. - ClusterCIDR string - // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if - // ConfigureCloudRoutes is true, to be set on the cloud provider. - AllocateNodeCIDRs bool - // CIDRAllocatorType determines what kind of pod CIDR allocator will be used. - CIDRAllocatorType string - // configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs - // to be configured on the cloud provider. - ConfigureCloudRoutes bool - // nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer - // periods will result in fewer calls to cloud provider, but may delay addition - // of new nodes to cluster. - NodeSyncPeriod metav1.Duration -} - -type AttachDetachControllerConfiguration struct { - // Reconciler runs a periodic loop to reconcile the desired state of the with - // the actual state of the world by triggering attach detach operations. - // This flag enables or disables reconcile. Is false by default, and thus enabled. - DisableAttachDetachReconcilerSync bool - // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop - // wait between successive executions. Is set to 5 sec by default. - ReconcilerSyncLoopPeriod metav1.Duration -} - -type CloudProviderConfiguration struct { - // Name is the provider for cloud services. - Name string - // cloudConfigFile is the path to the cloud provider configuration file. - CloudConfigFile string -} - -type CSRSigningControllerConfiguration struct { - // clusterSigningCertFile is the filename containing a PEM-encoded - // X509 CA certificate used to issue cluster-scoped certificates - ClusterSigningCertFile string - // clusterSigningCertFile is the filename containing a PEM-encoded - // RSA or ECDSA private key used to issue cluster-scoped certificates - ClusterSigningKeyFile string - // clusterSigningDuration is the length of duration signed certificates - // will be given. - ClusterSigningDuration metav1.Duration -} - -type DaemonSetControllerConfiguration struct { - // concurrentDaemonSetSyncs is the number of daemonset objects that are - // allowed to sync concurrently. Larger number = more responsive daemonset, - // but more CPU (and network) load. - ConcurrentDaemonSetSyncs int32 -} - -type DeploymentControllerConfiguration struct { - // concurrentDeploymentSyncs is the number of deployment objects that are - // allowed to sync concurrently. Larger number = more responsive deployments, - // but more CPU (and network) load. - ConcurrentDeploymentSyncs int32 - // deploymentControllerSyncPeriod is the period for syncing the deployments. - DeploymentControllerSyncPeriod metav1.Duration -} - -type DeprecatedControllerConfiguration struct { - // DEPRECATED: deletingPodsQps is the number of nodes per second on which pods are deleted in - // case of node failure. - DeletingPodsQps float32 - // DEPRECATED: deletingPodsBurst is the number of nodes on which pods are bursty deleted in - // case of node failure. For more details look into RateLimiter. - DeletingPodsBurst int32 - // registerRetryCount is the number of retries for initial node registration. - // Retry interval equals node-sync-period. - RegisterRetryCount int32 -} - -type EndpointControllerConfiguration struct { - // concurrentEndpointSyncs is the number of endpoint syncing operations - // that will be done concurrently. Larger number = faster endpoint updating, - // but more CPU (and network) load. - ConcurrentEndpointSyncs int32 -} - -type GarbageCollectorControllerConfiguration struct { - // enables the generic garbage collector. MUST be synced with the - // corresponding flag of the kube-apiserver. WARNING: the generic garbage - // collector is an alpha feature. - EnableGarbageCollector bool - // concurrentGCSyncs is the number of garbage collector workers that are - // allowed to sync concurrently. - ConcurrentGCSyncs int32 - // gcIgnoredResources is the list of GroupResources that garbage collection should ignore. - GCIgnoredResources []GroupResource -} - -type HPAControllerConfiguration struct { - // horizontalPodAutoscalerSyncPeriod is the period for syncing the number of - // pods in horizontal pod autoscaler. - HorizontalPodAutoscalerSyncPeriod metav1.Duration - // horizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed. - HorizontalPodAutoscalerUpscaleForbiddenWindow metav1.Duration - // horizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed. - HorizontalPodAutoscalerDownscaleForbiddenWindow metav1.Duration - // HorizontalPodAutoscalerDowncaleStabilizationWindow is a period for which autoscaler will look - // backwards and not scale down below any recommendation it made during that period. - HorizontalPodAutoscalerDownscaleStabilizationWindow metav1.Duration - // horizontalPodAutoscalerTolerance is the tolerance for when - // resource usage suggests upscaling/downscaling - HorizontalPodAutoscalerTolerance float64 - // HorizontalPodAutoscalerUseRESTClients causes the HPA controller to use REST clients - // through the kube-aggregator when enabled, instead of using the legacy metrics client - // through the API server proxy. - HorizontalPodAutoscalerUseRESTClients bool - // HorizontalPodAutoscalerCPUInitializationPeriod is the period after pod start when CPU samples - // might be skipped. - HorizontalPodAutoscalerCPUInitializationPeriod metav1.Duration - // HorizontalPodAutoscalerInitialReadinessDelay is period after pod start during which readiness - // changes are treated as readiness being set for the first time. The only effect of this is that - // HPA will disregard CPU samples from unready pods that had last readiness change during that - // period. - HorizontalPodAutoscalerInitialReadinessDelay metav1.Duration -} - -type JobControllerConfiguration struct { - // concurrentJobSyncs is the number of job objects that are - // allowed to sync concurrently. Larger number = more responsive jobs, - // but more CPU (and network) load. - ConcurrentJobSyncs int32 -} - -type NamespaceControllerConfiguration struct { - // namespaceSyncPeriod is the period for syncing namespace life-cycle - // updates. - NamespaceSyncPeriod metav1.Duration - // concurrentNamespaceSyncs is the number of namespace objects that are - // allowed to sync concurrently. - ConcurrentNamespaceSyncs int32 -} - -type NodeIPAMControllerConfiguration struct { - // serviceCIDR is CIDR Range for Services in cluster. - ServiceCIDR string - // NodeCIDRMaskSize is the mask size for node cidr in cluster. - NodeCIDRMaskSize int32 -} - -type NodeLifecycleControllerConfiguration struct { - // If set to true enables NoExecute Taints and will evict all not-tolerating - // Pod running on Nodes tainted with this kind of Taints. - EnableTaintManager bool - // nodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is healthy - NodeEvictionRate float32 - // secondaryNodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy - SecondaryNodeEvictionRate float32 - // nodeStartupGracePeriod is the amount of time which we allow starting a node to - // be unresponsive before marking it unhealthy. - NodeStartupGracePeriod metav1.Duration - // nodeMontiorGracePeriod is the amount of time which we allow a running node to be - // unresponsive before marking it unhealthy. Must be N times more than kubelet's - // nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet - // to post node status. - NodeMonitorGracePeriod metav1.Duration - // podEvictionTimeout is the grace period for deleting pods on failed nodes. - PodEvictionTimeout metav1.Duration - // secondaryNodeEvictionRate is implicitly overridden to 0 for clusters smaller than or equal to largeClusterSizeThreshold - LargeClusterSizeThreshold int32 - // Zone is treated as unhealthy in nodeEvictionRate and secondaryNodeEvictionRate when at least - // unhealthyZoneThreshold (no less than 3) of Nodes in the zone are NotReady - UnhealthyZoneThreshold float32 -} - -type PersistentVolumeBinderControllerConfiguration struct { - // pvClaimBinderSyncPeriod is the period for syncing persistent volumes - // and persistent volume claims. - PVClaimBinderSyncPeriod metav1.Duration - // volumeConfiguration holds configuration for volume related features. - VolumeConfiguration VolumeConfiguration -} - -type PodGCControllerConfiguration struct { - // terminatedPodGCThreshold is the number of terminated pods that can exist - // before the terminated pod garbage collector starts deleting terminated pods. - // If <= 0, the terminated pod garbage collector is disabled. - TerminatedPodGCThreshold int32 -} - -type ReplicaSetControllerConfiguration struct { - // concurrentRSSyncs is the number of replica sets that are allowed to sync - // concurrently. Larger number = more responsive replica management, but more - // CPU (and network) load. - ConcurrentRSSyncs int32 -} - -type ReplicationControllerConfiguration struct { - // concurrentRCSyncs is the number of replication controllers that are - // allowed to sync concurrently. Larger number = more responsive replica - // management, but more CPU (and network) load. - ConcurrentRCSyncs int32 -} - -type ResourceQuotaControllerConfiguration struct { - // resourceQuotaSyncPeriod is the period for syncing quota usage status - // in the system. - ResourceQuotaSyncPeriod metav1.Duration - // concurrentResourceQuotaSyncs is the number of resource quotas that are - // allowed to sync concurrently. Larger number = more responsive quota - // management, but more CPU (and network) load. - ConcurrentResourceQuotaSyncs int32 -} - -type SAControllerConfiguration struct { - // serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key - // used to sign service account tokens. - ServiceAccountKeyFile string - // concurrentSATokenSyncs is the number of service account token syncing operations - // that will be done concurrently. - ConcurrentSATokenSyncs int32 - // rootCAFile is the root certificate authority will be included in service - // account's token secret. This must be a valid PEM-encoded CA bundle. - RootCAFile string -} - -type ServiceControllerConfiguration struct { - // concurrentServiceSyncs is the number of services that are - // allowed to sync concurrently. Larger number = more responsive service - // management, but more CPU (and network) load. - ConcurrentServiceSyncs int32 -} - -// VolumeConfiguration contains *all* enumerated flags meant to configure all volume -// plugins. From this config, the controller-manager binary will create many instances of -// volume.VolumeConfig, each containing only the configuration needed for that plugin which -// are then passed to the appropriate plugin. The ControllerManager binary is the only part -// of the code which knows what plugins are supported and which flags correspond to each plugin. -type VolumeConfiguration struct { - // enableHostPathProvisioning enables HostPath PV provisioning when running without a - // cloud provider. This allows testing and development of provisioning features. HostPath - // provisioning is not supported in any way, won't work in a multi-node cluster, and - // should not be used for anything other than testing or development. - EnableHostPathProvisioning bool - // enableDynamicProvisioning enables the provisioning of volumes when running within an environment - // that supports dynamic provisioning. Defaults to true. - EnableDynamicProvisioning bool - // persistentVolumeRecyclerConfiguration holds configuration for persistent volume plugins. - PersistentVolumeRecyclerConfiguration PersistentVolumeRecyclerConfiguration - // volumePluginDir is the full path of the directory in which the flex - // volume plugin should search for additional third party volume plugins - FlexVolumePluginDir string -} - -type PersistentVolumeRecyclerConfiguration struct { - // maximumRetry is number of retries the PV recycler will execute on failure to recycle - // PV. - MaximumRetry int32 - // minimumTimeoutNFS is the minimum ActiveDeadlineSeconds to use for an NFS Recycler - // pod. - MinimumTimeoutNFS int32 - // podTemplateFilePathNFS is the file path to a pod definition used as a template for - // NFS persistent volume recycling - PodTemplateFilePathNFS string - // incrementTimeoutNFS is the increment of time added per Gi to ActiveDeadlineSeconds - // for an NFS scrubber pod. - IncrementTimeoutNFS int32 - // podTemplateFilePathHostPath is the file path to a pod definition used as a template for - // HostPath persistent volume recycling. This is for development and testing only and - // will not work in a multi-node cluster. - PodTemplateFilePathHostPath string - // minimumTimeoutHostPath is the minimum ActiveDeadlineSeconds to use for a HostPath - // Recycler pod. This is for development and testing only and will not work in a multi-node - // cluster. - MinimumTimeoutHostPath int32 - // incrementTimeoutHostPath is the increment of time added per Gi to ActiveDeadlineSeconds - // for a HostPath scrubber pod. This is for development and testing only and will not work - // in a multi-node cluster. - IncrementTimeoutHostPath int32 -} diff --git a/pkg/apis/componentconfig/v1alpha1/defaults.go b/pkg/apis/componentconfig/v1alpha1/defaults.go index d43432797a1..15476457044 100644 --- a/pkg/apis/componentconfig/v1alpha1/defaults.go +++ b/pkg/apis/componentconfig/v1alpha1/defaults.go @@ -30,125 +30,6 @@ func addDefaultingFuncs(scheme *kruntime.Scheme) error { return RegisterDefaults(scheme) } -func SetDefaults_KubeControllerManagerConfiguration(obj *KubeControllerManagerConfiguration) { - zero := metav1.Duration{} - if obj.EndpointController.ConcurrentEndpointSyncs == 0 { - obj.EndpointController.ConcurrentEndpointSyncs = 5 - } - if obj.ServiceController.ConcurrentServiceSyncs == 0 { - obj.ServiceController.ConcurrentServiceSyncs = 1 - } - if obj.ReplicationController.ConcurrentRCSyncs == 0 { - obj.ReplicationController.ConcurrentRCSyncs = 5 - } - if obj.ReplicaSetController.ConcurrentRSSyncs == 0 { - obj.ReplicaSetController.ConcurrentRSSyncs = 5 - } - if obj.DaemonSetController.ConcurrentDaemonSetSyncs == 0 { - obj.DaemonSetController.ConcurrentDaemonSetSyncs = 2 - } - if obj.JobController.ConcurrentJobSyncs == 0 { - obj.JobController.ConcurrentJobSyncs = 5 - } - if obj.ResourceQuotaController.ConcurrentResourceQuotaSyncs == 0 { - obj.ResourceQuotaController.ConcurrentResourceQuotaSyncs = 5 - } - if obj.DeploymentController.ConcurrentDeploymentSyncs == 0 { - obj.DeploymentController.ConcurrentDeploymentSyncs = 5 - } - if obj.NamespaceController.ConcurrentNamespaceSyncs == 0 { - obj.NamespaceController.ConcurrentNamespaceSyncs = 10 - } - if obj.SAController.ConcurrentSATokenSyncs == 0 { - obj.SAController.ConcurrentSATokenSyncs = 5 - } - if obj.ResourceQuotaController.ResourceQuotaSyncPeriod == zero { - obj.ResourceQuotaController.ResourceQuotaSyncPeriod = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.NamespaceController.NamespaceSyncPeriod == zero { - obj.NamespaceController.NamespaceSyncPeriod = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.PersistentVolumeBinderController.PVClaimBinderSyncPeriod == zero { - obj.PersistentVolumeBinderController.PVClaimBinderSyncPeriod = metav1.Duration{Duration: 15 * time.Second} - } - if obj.HPAController.HorizontalPodAutoscalerSyncPeriod == zero { - obj.HPAController.HorizontalPodAutoscalerSyncPeriod = metav1.Duration{Duration: 15 * time.Second} - } - if obj.HPAController.HorizontalPodAutoscalerUpscaleForbiddenWindow == zero { - obj.HPAController.HorizontalPodAutoscalerUpscaleForbiddenWindow = metav1.Duration{Duration: 3 * time.Minute} - } - if obj.HPAController.HorizontalPodAutoscalerDownscaleStabilizationWindow == zero { - obj.HPAController.HorizontalPodAutoscalerDownscaleStabilizationWindow = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.HPAController.HorizontalPodAutoscalerCPUInitializationPeriod == zero { - obj.HPAController.HorizontalPodAutoscalerCPUInitializationPeriod = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.HPAController.HorizontalPodAutoscalerInitialReadinessDelay == zero { - obj.HPAController.HorizontalPodAutoscalerInitialReadinessDelay = metav1.Duration{Duration: 30 * time.Second} - } - if obj.HPAController.HorizontalPodAutoscalerDownscaleForbiddenWindow == zero { - obj.HPAController.HorizontalPodAutoscalerDownscaleForbiddenWindow = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.HPAController.HorizontalPodAutoscalerTolerance == 0 { - obj.HPAController.HorizontalPodAutoscalerTolerance = 0.1 - } - if obj.DeploymentController.DeploymentControllerSyncPeriod == zero { - obj.DeploymentController.DeploymentControllerSyncPeriod = metav1.Duration{Duration: 30 * time.Second} - } - if obj.DeprecatedController.RegisterRetryCount == 0 { - obj.DeprecatedController.RegisterRetryCount = 10 - } - if obj.NodeLifecycleController.PodEvictionTimeout == zero { - obj.NodeLifecycleController.PodEvictionTimeout = metav1.Duration{Duration: 5 * time.Minute} - } - if obj.NodeLifecycleController.NodeMonitorGracePeriod == zero { - obj.NodeLifecycleController.NodeMonitorGracePeriod = metav1.Duration{Duration: 40 * time.Second} - } - if obj.NodeLifecycleController.NodeStartupGracePeriod == zero { - obj.NodeLifecycleController.NodeStartupGracePeriod = metav1.Duration{Duration: 60 * time.Second} - } - if obj.NodeIPAMController.NodeCIDRMaskSize == 0 { - obj.NodeIPAMController.NodeCIDRMaskSize = 24 - } - if obj.PodGCController.TerminatedPodGCThreshold == 0 { - obj.PodGCController.TerminatedPodGCThreshold = 12500 - } - if obj.GarbageCollectorController.EnableGarbageCollector == nil { - obj.GarbageCollectorController.EnableGarbageCollector = utilpointer.BoolPtr(true) - } - if obj.GarbageCollectorController.ConcurrentGCSyncs == 0 { - obj.GarbageCollectorController.ConcurrentGCSyncs = 20 - } - if obj.CSRSigningController.ClusterSigningCertFile == "" { - obj.CSRSigningController.ClusterSigningCertFile = "/etc/kubernetes/ca/ca.pem" - } - if obj.CSRSigningController.ClusterSigningKeyFile == "" { - obj.CSRSigningController.ClusterSigningKeyFile = "/etc/kubernetes/ca/ca.key" - } - if obj.CSRSigningController.ClusterSigningDuration == zero { - obj.CSRSigningController.ClusterSigningDuration = metav1.Duration{Duration: 365 * 24 * time.Hour} - } - if obj.AttachDetachController.ReconcilerSyncLoopPeriod == zero { - obj.AttachDetachController.ReconcilerSyncLoopPeriod = metav1.Duration{Duration: 60 * time.Second} - } - if obj.NodeLifecycleController.EnableTaintManager == nil { - obj.NodeLifecycleController.EnableTaintManager = utilpointer.BoolPtr(true) - } - if obj.HPAController.HorizontalPodAutoscalerUseRESTClients == nil { - obj.HPAController.HorizontalPodAutoscalerUseRESTClients = utilpointer.BoolPtr(true) - } - - // These defaults override the recommended defaults from the apimachineryconfigv1alpha1 package that are applied automatically - // These client-connection defaults are specific to the kube-controller-manager - if obj.Generic.ClientConnection.QPS == 0.0 { - obj.Generic.ClientConnection.QPS = 50.0 - } - - if obj.Generic.ClientConnection.Burst == 0 { - obj.Generic.ClientConnection.Burst = 100 - } -} - func SetDefaults_CloudControllerManagerConfiguration(obj *CloudControllerManagerConfiguration) { zero := metav1.Duration{} if obj.ServiceController.ConcurrentServiceSyncs == 0 { @@ -166,69 +47,3 @@ func SetDefaults_CloudControllerManagerConfiguration(obj *CloudControllerManager obj.Generic.ClientConnection.Burst = 30 } } - -func SetDefaults_GenericControllerManagerConfiguration(obj *GenericControllerManagerConfiguration) { - zero := metav1.Duration{} - if obj.Address == "" { - obj.Address = "0.0.0.0" - } - if obj.MinResyncPeriod == zero { - obj.MinResyncPeriod = metav1.Duration{Duration: 12 * time.Hour} - } - if obj.ControllerStartInterval == zero { - obj.ControllerStartInterval = metav1.Duration{Duration: 0 * time.Second} - } - if len(obj.Controllers) == 0 { - obj.Controllers = []string{"*"} - } - - // Use the default ClientConnectionConfiguration and LeaderElectionConfiguration options - apimachineryconfigv1alpha1.RecommendedDefaultClientConnectionConfiguration(&obj.ClientConnection) - apiserverconfigv1alpha1.RecommendedDefaultLeaderElectionConfiguration(&obj.LeaderElection) -} - -func SetDefaults_KubeCloudSharedConfiguration(obj *KubeCloudSharedConfiguration) { - zero := metav1.Duration{} - if obj.NodeMonitorPeriod == zero { - obj.NodeMonitorPeriod = metav1.Duration{Duration: 5 * time.Second} - } - if obj.ClusterName == "" { - obj.ClusterName = "kubernetes" - } - if obj.ConfigureCloudRoutes == nil { - obj.ConfigureCloudRoutes = utilpointer.BoolPtr(true) - } - if obj.RouteReconciliationPeriod == zero { - obj.RouteReconciliationPeriod = metav1.Duration{Duration: 10 * time.Second} - } -} - -func SetDefaults_PersistentVolumeRecyclerConfiguration(obj *PersistentVolumeRecyclerConfiguration) { - if obj.MaximumRetry == 0 { - obj.MaximumRetry = 3 - } - if obj.MinimumTimeoutNFS == 0 { - obj.MinimumTimeoutNFS = 300 - } - if obj.IncrementTimeoutNFS == 0 { - obj.IncrementTimeoutNFS = 30 - } - if obj.MinimumTimeoutHostPath == 0 { - obj.MinimumTimeoutHostPath = 60 - } - if obj.IncrementTimeoutHostPath == 0 { - obj.IncrementTimeoutHostPath = 30 - } -} - -func SetDefaults_VolumeConfiguration(obj *VolumeConfiguration) { - if obj.EnableHostPathProvisioning == nil { - obj.EnableHostPathProvisioning = utilpointer.BoolPtr(false) - } - if obj.EnableDynamicProvisioning == nil { - obj.EnableDynamicProvisioning = utilpointer.BoolPtr(true) - } - if obj.FlexVolumePluginDir == "" { - obj.FlexVolumePluginDir = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" - } -} diff --git a/pkg/apis/componentconfig/v1alpha1/types.go b/pkg/apis/componentconfig/v1alpha1/types.go index f9aa952c8fe..34ca2839153 100644 --- a/pkg/apis/componentconfig/v1alpha1/types.go +++ b/pkg/apis/componentconfig/v1alpha1/types.go @@ -22,128 +22,6 @@ import ( apiserverconfigv1alpha1 "k8s.io/apiserver/pkg/apis/config/v1alpha1" ) -type PersistentVolumeRecyclerConfiguration struct { - // maximumRetry is number of retries the PV recycler will execute on failure to recycle - // PV. - MaximumRetry int32 - // minimumTimeoutNFS is the minimum ActiveDeadlineSeconds to use for an NFS Recycler - // pod. - MinimumTimeoutNFS int32 - // podTemplateFilePathNFS is the file path to a pod definition used as a template for - // NFS persistent volume recycling - PodTemplateFilePathNFS string - // incrementTimeoutNFS is the increment of time added per Gi to ActiveDeadlineSeconds - // for an NFS scrubber pod. - IncrementTimeoutNFS int32 - // podTemplateFilePathHostPath is the file path to a pod definition used as a template for - // HostPath persistent volume recycling. This is for development and testing only and - // will not work in a multi-node cluster. - PodTemplateFilePathHostPath string - // minimumTimeoutHostPath is the minimum ActiveDeadlineSeconds to use for a HostPath - // Recycler pod. This is for development and testing only and will not work in a multi-node - // cluster. - MinimumTimeoutHostPath int32 - // incrementTimeoutHostPath is the increment of time added per Gi to ActiveDeadlineSeconds - // for a HostPath scrubber pod. This is for development and testing only and will not work - // in a multi-node cluster. - IncrementTimeoutHostPath int32 -} - -// VolumeConfiguration contains *all* enumerated flags meant to configure all volume -// plugins. From this config, the controller-manager binary will create many instances of -// volume.VolumeConfig, each containing only the configuration needed for that plugin which -// are then passed to the appropriate plugin. The ControllerManager binary is the only part -// of the code which knows what plugins are supported and which flags correspond to each plugin. -type VolumeConfiguration struct { - // enableHostPathProvisioning enables HostPath PV provisioning when running without a - // cloud provider. This allows testing and development of provisioning features. HostPath - // provisioning is not supported in any way, won't work in a multi-node cluster, and - // should not be used for anything other than testing or development. - EnableHostPathProvisioning *bool - // enableDynamicProvisioning enables the provisioning of volumes when running within an environment - // that supports dynamic provisioning. Defaults to true. - EnableDynamicProvisioning *bool - // persistentVolumeRecyclerConfiguration holds configuration for persistent volume plugins. - PersistentVolumeRecyclerConfiguration PersistentVolumeRecyclerConfiguration - // volumePluginDir is the full path of the directory in which the flex - // volume plugin should search for additional third party volume plugins - FlexVolumePluginDir string -} - -type GroupResource struct { - // group is the group portion of the GroupResource. - Group string - // resource is the resource portion of the GroupResource. - Resource string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type KubeControllerManagerConfiguration struct { - metav1.TypeMeta `json:",inline"` - - // Generic holds configuration for a generic controller-manager - Generic GenericControllerManagerConfiguration - // KubeCloudSharedConfiguration holds configuration for shared related features - // both in cloud controller manager and kube-controller manager. - KubeCloudShared KubeCloudSharedConfiguration - - // AttachDetachControllerConfiguration holds configuration for - // AttachDetachController related features. - AttachDetachController AttachDetachControllerConfiguration - // CSRSigningControllerConfiguration holds configuration for - // CSRSigningController related features. - CSRSigningController CSRSigningControllerConfiguration - // DaemonSetControllerConfiguration holds configuration for DaemonSetController - // related features. - DaemonSetController DaemonSetControllerConfiguration - // DeploymentControllerConfiguration holds configuration for - // DeploymentController related features. - DeploymentController DeploymentControllerConfiguration - // DeprecatedControllerConfiguration holds configuration for some deprecated - // features. - DeprecatedController DeprecatedControllerConfiguration - // EndpointControllerConfiguration holds configuration for EndpointController - // related features. - EndpointController EndpointControllerConfiguration - // GarbageCollectorControllerConfiguration holds configuration for - // GarbageCollectorController related features. - GarbageCollectorController GarbageCollectorControllerConfiguration - // HPAControllerConfiguration holds configuration for HPAController related features. - HPAController HPAControllerConfiguration - // JobControllerConfiguration holds configuration for JobController related features. - JobController JobControllerConfiguration - // NamespaceControllerConfiguration holds configuration for NamespaceController - // related features. - NamespaceController NamespaceControllerConfiguration - // NodeIPAMControllerConfiguration holds configuration for NodeIPAMController - // related features. - NodeIPAMController NodeIPAMControllerConfiguration - // NodeLifecycleControllerConfiguration holds configuration for - // NodeLifecycleController related features. - NodeLifecycleController NodeLifecycleControllerConfiguration - // PersistentVolumeBinderControllerConfiguration holds configuration for - // PersistentVolumeBinderController related features. - PersistentVolumeBinderController PersistentVolumeBinderControllerConfiguration - // PodGCControllerConfiguration holds configuration for PodGCController - // related features. - PodGCController PodGCControllerConfiguration - // ReplicaSetControllerConfiguration holds configuration for ReplicaSet related features. - ReplicaSetController ReplicaSetControllerConfiguration - // ReplicationControllerConfiguration holds configuration for - // ReplicationController related features. - ReplicationController ReplicationControllerConfiguration - // ResourceQuotaControllerConfiguration holds configuration for - // ResourceQuotaController related features. - ResourceQuotaController ResourceQuotaControllerConfiguration - // SAControllerConfiguration holds configuration for ServiceAccountController - // related features. - SAController SAControllerConfiguration - // ServiceControllerConfiguration holds configuration for ServiceController - // related features. - ServiceController ServiceControllerConfiguration -} - // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type CloudControllerManagerConfiguration struct { @@ -160,271 +38,3 @@ type CloudControllerManagerConfiguration struct { // NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status NodeStatusUpdateFrequency metav1.Duration } - -type GenericControllerManagerConfiguration struct { - // port is the port that the controller-manager's http service runs on. - Port int32 - // address is the IP address to serve on (set to 0.0.0.0 for all interfaces). - Address string - // minResyncPeriod is the resync period in reflectors; will be random between - // minResyncPeriod and 2*minResyncPeriod. - MinResyncPeriod metav1.Duration - // ClientConnection specifies the kubeconfig file and client connection - // settings for the proxy server to use when communicating with the apiserver. - ClientConnection apimachineryconfigv1alpha1.ClientConnectionConfiguration - // How long to wait between starting controller managers - ControllerStartInterval metav1.Duration - // leaderElection defines the configuration of leader election client. - LeaderElection apiserverconfigv1alpha1.LeaderElectionConfiguration - // Controllers is the list of controllers to enable or disable - // '*' means "all enabled by default controllers" - // 'foo' means "enable 'foo'" - // '-foo' means "disable 'foo'" - // first item for a particular name wins - Controllers []string - // DebuggingConfiguration holds configuration for Debugging related features. - Debugging apiserverconfigv1alpha1.DebuggingConfiguration -} - -type KubeCloudSharedConfiguration struct { - // CloudProviderConfiguration holds configuration for CloudProvider related features. - CloudProvider CloudProviderConfiguration - // externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". - // It is currently used by the in repo cloud providers to handle node and volume control in the KCM. - ExternalCloudVolumePlugin string - // useServiceAccountCredentials indicates whether controllers should be run with - // individual service account credentials. - UseServiceAccountCredentials bool - // run with untagged cloud instances - AllowUntaggedCloud bool - // routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider.. - RouteReconciliationPeriod metav1.Duration - // nodeMonitorPeriod is the period for syncing NodeStatus in NodeController. - NodeMonitorPeriod metav1.Duration - // clusterName is the instance prefix for the cluster. - ClusterName string - // clusterCIDR is CIDR Range for Pods in cluster. - ClusterCIDR string - // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if - // ConfigureCloudRoutes is true, to be set on the cloud provider. - AllocateNodeCIDRs bool - // CIDRAllocatorType determines what kind of pod CIDR allocator will be used. - CIDRAllocatorType string - // configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs - // to be configured on the cloud provider. - ConfigureCloudRoutes *bool - // nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer - // periods will result in fewer calls to cloud provider, but may delay addition - // of new nodes to cluster. - NodeSyncPeriod metav1.Duration -} - -type AttachDetachControllerConfiguration struct { - // Reconciler runs a periodic loop to reconcile the desired state of the with - // the actual state of the world by triggering attach detach operations. - // This flag enables or disables reconcile. Is false by default, and thus enabled. - DisableAttachDetachReconcilerSync bool - // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop - // wait between successive executions. Is set to 5 sec by default. - ReconcilerSyncLoopPeriod metav1.Duration -} - -type CloudProviderConfiguration struct { - // Name is the provider for cloud services. - Name string - // cloudConfigFile is the path to the cloud provider configuration file. - CloudConfigFile string -} - -type CSRSigningControllerConfiguration struct { - // clusterSigningCertFile is the filename containing a PEM-encoded - // X509 CA certificate used to issue cluster-scoped certificates - ClusterSigningCertFile string - // clusterSigningCertFile is the filename containing a PEM-encoded - // RSA or ECDSA private key used to issue cluster-scoped certificates - ClusterSigningKeyFile string - // clusterSigningDuration is the length of duration signed certificates - // will be given. - ClusterSigningDuration metav1.Duration -} - -type DaemonSetControllerConfiguration struct { - // concurrentDaemonSetSyncs is the number of daemonset objects that are - // allowed to sync concurrently. Larger number = more responsive daemonset, - // but more CPU (and network) load. - ConcurrentDaemonSetSyncs int32 -} - -type DeploymentControllerConfiguration struct { - // concurrentDeploymentSyncs is the number of deployment objects that are - // allowed to sync concurrently. Larger number = more responsive deployments, - // but more CPU (and network) load. - ConcurrentDeploymentSyncs int32 - // deploymentControllerSyncPeriod is the period for syncing the deployments. - DeploymentControllerSyncPeriod metav1.Duration -} - -type DeprecatedControllerConfiguration struct { - // DEPRECATED: deletingPodsQps is the number of nodes per second on which pods are deleted in - // case of node failure. - DeletingPodsQps float32 - // DEPRECATED: deletingPodsBurst is the number of nodes on which pods are bursty deleted in - // case of node failure. For more details look into RateLimiter. - DeletingPodsBurst int32 - // registerRetryCount is the number of retries for initial node registration. - // Retry interval equals node-sync-period. - RegisterRetryCount int32 -} - -type EndpointControllerConfiguration struct { - // concurrentEndpointSyncs is the number of endpoint syncing operations - // that will be done concurrently. Larger number = faster endpoint updating, - // but more CPU (and network) load. - ConcurrentEndpointSyncs int32 -} - -type GarbageCollectorControllerConfiguration struct { - // enables the generic garbage collector. MUST be synced with the - // corresponding flag of the kube-apiserver. WARNING: the generic garbage - // collector is an alpha feature. - EnableGarbageCollector *bool - // concurrentGCSyncs is the number of garbage collector workers that are - // allowed to sync concurrently. - ConcurrentGCSyncs int32 - // gcIgnoredResources is the list of GroupResources that garbage collection should ignore. - GCIgnoredResources []GroupResource -} - -type HPAControllerConfiguration struct { - // HorizontalPodAutoscalerSyncPeriod is the period for syncing the number of - // pods in horizontal pod autoscaler. - HorizontalPodAutoscalerSyncPeriod metav1.Duration - // HorizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed. - HorizontalPodAutoscalerUpscaleForbiddenWindow metav1.Duration - // HorizontalPodAutoscalerDowncaleStabilizationWindow is a period for which autoscaler will look - // backwards and not scale down below any recommendation it made during that period. - HorizontalPodAutoscalerDownscaleStabilizationWindow metav1.Duration - // HorizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed. - HorizontalPodAutoscalerDownscaleForbiddenWindow metav1.Duration - // HorizontalPodAutoscalerTolerance is the tolerance for when - // resource usage suggests upscaling/downscaling - HorizontalPodAutoscalerTolerance float64 - // HorizontalPodAutoscalerUseRESTClients causes the HPA controller to use REST clients - // through the kube-aggregator when enabled, instead of using the legacy metrics client - // through the API server proxy. - HorizontalPodAutoscalerUseRESTClients *bool - // HorizontalPodAutoscalerCPUInitializationPeriod is the period after pod start when CPU samples - // might be skipped. - HorizontalPodAutoscalerCPUInitializationPeriod metav1.Duration - // HorizontalPodAutoscalerInitialReadinessDelay is period after pod start during which readiness - // changes are treated as readiness being set for the first time. The only effect of this is that - // HPA will disregard CPU samples from unready pods that had last readiness change during that - // period. - HorizontalPodAutoscalerInitialReadinessDelay metav1.Duration -} - -type JobControllerConfiguration struct { - // concurrentJobSyncs is the number of job objects that are - // allowed to sync concurrently. Larger number = more responsive jobs, - // but more CPU (and network) load. - ConcurrentJobSyncs int32 -} - -type NamespaceControllerConfiguration struct { - // namespaceSyncPeriod is the period for syncing namespace life-cycle - // updates. - NamespaceSyncPeriod metav1.Duration - // concurrentNamespaceSyncs is the number of namespace objects that are - // allowed to sync concurrently. - ConcurrentNamespaceSyncs int32 -} - -type NodeIPAMControllerConfiguration struct { - // serviceCIDR is CIDR Range for Services in cluster. - ServiceCIDR string - // NodeCIDRMaskSize is the mask size for node cidr in cluster. - NodeCIDRMaskSize int32 -} - -type NodeLifecycleControllerConfiguration struct { - // If set to true enables NoExecute Taints and will evict all not-tolerating - // Pod running on Nodes tainted with this kind of Taints. - EnableTaintManager *bool - // nodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is healthy - NodeEvictionRate float32 - // secondaryNodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy - SecondaryNodeEvictionRate float32 - // nodeStartupGracePeriod is the amount of time which we allow starting a node to - // be unresponsive before marking it unhealthy. - NodeStartupGracePeriod metav1.Duration - // nodeMontiorGracePeriod is the amount of time which we allow a running node to be - // unresponsive before marking it unhealthy. Must be N times more than kubelet's - // nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet - // to post node status. - NodeMonitorGracePeriod metav1.Duration - // podEvictionTimeout is the grace period for deleting pods on failed nodes. - PodEvictionTimeout metav1.Duration - // secondaryNodeEvictionRate is implicitly overridden to 0 for clusters smaller than or equal to largeClusterSizeThreshold - LargeClusterSizeThreshold int32 - // Zone is treated as unhealthy in nodeEvictionRate and secondaryNodeEvictionRate when at least - // unhealthyZoneThreshold (no less than 3) of Nodes in the zone are NotReady - UnhealthyZoneThreshold float32 -} - -type PersistentVolumeBinderControllerConfiguration struct { - // pvClaimBinderSyncPeriod is the period for syncing persistent volumes - // and persistent volume claims. - PVClaimBinderSyncPeriod metav1.Duration - // volumeConfiguration holds configuration for volume related features. - VolumeConfiguration VolumeConfiguration -} - -type PodGCControllerConfiguration struct { - // terminatedPodGCThreshold is the number of terminated pods that can exist - // before the terminated pod garbage collector starts deleting terminated pods. - // If <= 0, the terminated pod garbage collector is disabled. - TerminatedPodGCThreshold int32 -} - -type ReplicaSetControllerConfiguration struct { - // concurrentRSSyncs is the number of replica sets that are allowed to sync - // concurrently. Larger number = more responsive replica management, but more - // CPU (and network) load. - ConcurrentRSSyncs int32 -} - -type ReplicationControllerConfiguration struct { - // concurrentRCSyncs is the number of replication controllers that are - // allowed to sync concurrently. Larger number = more responsive replica - // management, but more CPU (and network) load. - ConcurrentRCSyncs int32 -} - -type ResourceQuotaControllerConfiguration struct { - // resourceQuotaSyncPeriod is the period for syncing quota usage status - // in the system. - ResourceQuotaSyncPeriod metav1.Duration - // concurrentResourceQuotaSyncs is the number of resource quotas that are - // allowed to sync concurrently. Larger number = more responsive quota - // management, but more CPU (and network) load. - ConcurrentResourceQuotaSyncs int32 -} - -type SAControllerConfiguration struct { - // serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key - // used to sign service account tokens. - ServiceAccountKeyFile string - // concurrentSATokenSyncs is the number of service account token syncing operations - // that will be done concurrently. - ConcurrentSATokenSyncs int32 - // rootCAFile is the root certificate authority will be included in service - // account's token secret. This must be a valid PEM-encoded CA bundle. - RootCAFile string -} - -type ServiceControllerConfiguration struct { - // concurrentServiceSyncs is the number of services that are - // allowed to sync concurrently. Larger number = more responsive service - // management, but more CPU (and network) load. - ConcurrentServiceSyncs int32 -} diff --git a/pkg/controller/apis/config/types.go b/pkg/controller/apis/config/types.go new file mode 100644 index 00000000000..8421a00bb40 --- /dev/null +++ b/pkg/controller/apis/config/types.go @@ -0,0 +1,409 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + apimachineryconfig "k8s.io/apimachinery/pkg/apis/config" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + apiserverconfig "k8s.io/apiserver/pkg/apis/config" +) + +type GroupResource struct { + // group is the group portion of the GroupResource. + Group string + // resource is the resource portion of the GroupResource. + Resource string +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubeControllerManagerConfiguration struct { + metav1.TypeMeta + // Generic holds configuration for a generic controller-manager + Generic GenericControllerManagerConfiguration + // KubeCloudSharedConfiguration holds configuration for shared related features + // both in cloud controller manager and kube-controller manager. + KubeCloudShared KubeCloudSharedConfiguration + // AttachDetachControllerConfiguration holds configuration for + // AttachDetachController related features. + AttachDetachController AttachDetachControllerConfiguration + // CSRSigningControllerConfiguration holds configuration for + // CSRSigningController related features. + CSRSigningController CSRSigningControllerConfiguration + // DaemonSetControllerConfiguration holds configuration for DaemonSetController + // related features. + DaemonSetController DaemonSetControllerConfiguration + // DeploymentControllerConfiguration holds configuration for + // DeploymentController related features. + DeploymentController DeploymentControllerConfiguration + // DeprecatedControllerConfiguration holds configuration for some deprecated + // features. + DeprecatedController DeprecatedControllerConfiguration + // EndpointControllerConfiguration holds configuration for EndpointController + // related features. + EndpointController EndpointControllerConfiguration + // GarbageCollectorControllerConfiguration holds configuration for + // GarbageCollectorController related features. + GarbageCollectorController GarbageCollectorControllerConfiguration + // HPAControllerConfiguration holds configuration for HPAController related features. + HPAController HPAControllerConfiguration + // JobControllerConfiguration holds configuration for JobController related features. + JobController JobControllerConfiguration + // NamespaceControllerConfiguration holds configuration for NamespaceController + // related features. + NamespaceController NamespaceControllerConfiguration + // NodeIPAMControllerConfiguration holds configuration for NodeIPAMController + // related features. + NodeIPAMController NodeIPAMControllerConfiguration + // NodeLifecycleControllerConfiguration holds configuration for + // NodeLifecycleController related features. + NodeLifecycleController NodeLifecycleControllerConfiguration + // PersistentVolumeBinderControllerConfiguration holds configuration for + // PersistentVolumeBinderController related features. + PersistentVolumeBinderController PersistentVolumeBinderControllerConfiguration + // PodGCControllerConfiguration holds configuration for PodGCController + // related features. + PodGCController PodGCControllerConfiguration + // ReplicaSetControllerConfiguration holds configuration for ReplicaSet related features. + ReplicaSetController ReplicaSetControllerConfiguration + // ReplicationControllerConfiguration holds configuration for + // ReplicationController related features. + ReplicationController ReplicationControllerConfiguration + // ResourceQuotaControllerConfiguration holds configuration for + // ResourceQuotaController related features. + ResourceQuotaController ResourceQuotaControllerConfiguration + // SAControllerConfiguration holds configuration for ServiceAccountController + // related features. + SAController SAControllerConfiguration + // ServiceControllerConfiguration holds configuration for ServiceController + // related features. + ServiceController ServiceControllerConfiguration +} + +type GenericControllerManagerConfiguration struct { + // port is the port that the controller-manager's http service runs on. + Port int32 + // address is the IP address to serve on (set to 0.0.0.0 for all interfaces). + Address string + // minResyncPeriod is the resync period in reflectors; will be random between + // minResyncPeriod and 2*minResyncPeriod. + MinResyncPeriod metav1.Duration + // ClientConnection specifies the kubeconfig file and client connection + // settings for the proxy server to use when communicating with the apiserver. + ClientConnection apimachineryconfig.ClientConnectionConfiguration + // How long to wait between starting controller managers + ControllerStartInterval metav1.Duration + // leaderElection defines the configuration of leader election client. + LeaderElection apiserverconfig.LeaderElectionConfiguration + // Controllers is the list of controllers to enable or disable + // '*' means "all enabled by default controllers" + // 'foo' means "enable 'foo'" + // '-foo' means "disable 'foo'" + // first item for a particular name wins + Controllers []string + // DebuggingConfiguration holds configuration for Debugging related features. + Debugging apiserverconfig.DebuggingConfiguration +} + +type KubeCloudSharedConfiguration struct { + // CloudProviderConfiguration holds configuration for CloudProvider related features. + CloudProvider CloudProviderConfiguration + // externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". + // It is currently used by the in repo cloud providers to handle node and volume control in the KCM. + ExternalCloudVolumePlugin string + // useServiceAccountCredentials indicates whether controllers should be run with + // individual service account credentials. + UseServiceAccountCredentials bool + // run with untagged cloud instances + AllowUntaggedCloud bool + // routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider.. + RouteReconciliationPeriod metav1.Duration + // nodeMonitorPeriod is the period for syncing NodeStatus in NodeController. + NodeMonitorPeriod metav1.Duration + // clusterName is the instance prefix for the cluster. + ClusterName string + // clusterCIDR is CIDR Range for Pods in cluster. + ClusterCIDR string + // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if + // ConfigureCloudRoutes is true, to be set on the cloud provider. + AllocateNodeCIDRs bool + // CIDRAllocatorType determines what kind of pod CIDR allocator will be used. + CIDRAllocatorType string + // configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs + // to be configured on the cloud provider. + ConfigureCloudRoutes bool + // nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer + // periods will result in fewer calls to cloud provider, but may delay addition + // of new nodes to cluster. + NodeSyncPeriod metav1.Duration +} +type AttachDetachControllerConfiguration struct { + // Reconciler runs a periodic loop to reconcile the desired state of the with + // the actual state of the world by triggering attach detach operations. + // This flag enables or disables reconcile. Is false by default, and thus enabled. + DisableAttachDetachReconcilerSync bool + // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop + // wait between successive executions. Is set to 5 sec by default. + ReconcilerSyncLoopPeriod metav1.Duration +} + +type CloudProviderConfiguration struct { + // Name is the provider for cloud services. + Name string + // cloudConfigFile is the path to the cloud provider configuration file. + CloudConfigFile string +} + +type CSRSigningControllerConfiguration struct { + // clusterSigningCertFile is the filename containing a PEM-encoded + // X509 CA certificate used to issue cluster-scoped certificates + ClusterSigningCertFile string + // clusterSigningCertFile is the filename containing a PEM-encoded + // RSA or ECDSA private key used to issue cluster-scoped certificates + ClusterSigningKeyFile string + // clusterSigningDuration is the length of duration signed certificates + // will be given. + ClusterSigningDuration metav1.Duration +} + +type DaemonSetControllerConfiguration struct { + // concurrentDaemonSetSyncs is the number of daemonset objects that are + // allowed to sync concurrently. Larger number = more responsive daemonset, + // but more CPU (and network) load. + ConcurrentDaemonSetSyncs int32 +} + +type DeploymentControllerConfiguration struct { + // concurrentDeploymentSyncs is the number of deployment objects that are + // allowed to sync concurrently. Larger number = more responsive deployments, + // but more CPU (and network) load. + ConcurrentDeploymentSyncs int32 + // deploymentControllerSyncPeriod is the period for syncing the deployments. + DeploymentControllerSyncPeriod metav1.Duration +} + +type DeprecatedControllerConfiguration struct { + // DEPRECATED: deletingPodsQps is the number of nodes per second on which pods are deleted in + // case of node failure. + DeletingPodsQps float32 + // DEPRECATED: deletingPodsBurst is the number of nodes on which pods are bursty deleted in + // case of node failure. For more details look into RateLimiter. + DeletingPodsBurst int32 + // registerRetryCount is the number of retries for initial node registration. + // Retry interval equals node-sync-period. + RegisterRetryCount int32 +} + +type EndpointControllerConfiguration struct { + // concurrentEndpointSyncs is the number of endpoint syncing operations + // that will be done concurrently. Larger number = faster endpoint updating, + // but more CPU (and network) load. + ConcurrentEndpointSyncs int32 +} + +type GarbageCollectorControllerConfiguration struct { + // enables the generic garbage collector. MUST be synced with the + // corresponding flag of the kube-apiserver. WARNING: the generic garbage + // collector is an alpha feature. + EnableGarbageCollector bool + // concurrentGCSyncs is the number of garbage collector workers that are + // allowed to sync concurrently. + ConcurrentGCSyncs int32 + // gcIgnoredResources is the list of GroupResources that garbage collection should ignore. + GCIgnoredResources []GroupResource +} + +type HPAControllerConfiguration struct { + // horizontalPodAutoscalerSyncPeriod is the period for syncing the number of + // pods in horizontal pod autoscaler. + HorizontalPodAutoscalerSyncPeriod metav1.Duration + // horizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed. + HorizontalPodAutoscalerUpscaleForbiddenWindow metav1.Duration + // horizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed. + HorizontalPodAutoscalerDownscaleForbiddenWindow metav1.Duration + // HorizontalPodAutoscalerDowncaleStabilizationWindow is a period for which autoscaler will look + // backwards and not scale down below any recommendation it made during that period. + HorizontalPodAutoscalerDownscaleStabilizationWindow metav1.Duration + // horizontalPodAutoscalerTolerance is the tolerance for when + // resource usage suggests upscaling/downscaling + HorizontalPodAutoscalerTolerance float64 + // HorizontalPodAutoscalerUseRESTClients causes the HPA controller to use REST clients + // through the kube-aggregator when enabled, instead of using the legacy metrics client + // through the API server proxy. + HorizontalPodAutoscalerUseRESTClients bool + // HorizontalPodAutoscalerCPUInitializationPeriod is the period after pod start when CPU samples + // might be skipped. + HorizontalPodAutoscalerCPUInitializationPeriod metav1.Duration + // HorizontalPodAutoscalerInitialReadinessDelay is period after pod start during which readiness + // changes are treated as readiness being set for the first time. The only effect of this is that + // HPA will disregard CPU samples from unready pods that had last readiness change during that + // period. + HorizontalPodAutoscalerInitialReadinessDelay metav1.Duration +} + +type JobControllerConfiguration struct { + // concurrentJobSyncs is the number of job objects that are + // allowed to sync concurrently. Larger number = more responsive jobs, + // but more CPU (and network) load. + ConcurrentJobSyncs int32 +} + +type NamespaceControllerConfiguration struct { + // namespaceSyncPeriod is the period for syncing namespace life-cycle + // updates. + NamespaceSyncPeriod metav1.Duration + // concurrentNamespaceSyncs is the number of namespace objects that are + // allowed to sync concurrently. + ConcurrentNamespaceSyncs int32 +} + +type NodeIPAMControllerConfiguration struct { + // serviceCIDR is CIDR Range for Services in cluster. + ServiceCIDR string + // NodeCIDRMaskSize is the mask size for node cidr in cluster. + NodeCIDRMaskSize int32 +} + +type NodeLifecycleControllerConfiguration struct { + // If set to true enables NoExecute Taints and will evict all not-tolerating + // Pod running on Nodes tainted with this kind of Taints. + EnableTaintManager bool + // nodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is healthy + NodeEvictionRate float32 + // secondaryNodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy + SecondaryNodeEvictionRate float32 + // nodeStartupGracePeriod is the amount of time which we allow starting a node to + // be unresponsive before marking it unhealthy. + NodeStartupGracePeriod metav1.Duration + // nodeMontiorGracePeriod is the amount of time which we allow a running node to be + // unresponsive before marking it unhealthy. Must be N times more than kubelet's + // nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet + // to post node status. + NodeMonitorGracePeriod metav1.Duration + // podEvictionTimeout is the grace period for deleting pods on failed nodes. + PodEvictionTimeout metav1.Duration + // secondaryNodeEvictionRate is implicitly overridden to 0 for clusters smaller than or equal to largeClusterSizeThreshold + LargeClusterSizeThreshold int32 + // Zone is treated as unhealthy in nodeEvictionRate and secondaryNodeEvictionRate when at least + // unhealthyZoneThreshold (no less than 3) of Nodes in the zone are NotReady + UnhealthyZoneThreshold float32 +} + +type PersistentVolumeBinderControllerConfiguration struct { + // pvClaimBinderSyncPeriod is the period for syncing persistent volumes + // and persistent volume claims. + PVClaimBinderSyncPeriod metav1.Duration + // volumeConfiguration holds configuration for volume related features. + VolumeConfiguration VolumeConfiguration +} + +type PodGCControllerConfiguration struct { + // terminatedPodGCThreshold is the number of terminated pods that can exist + // before the terminated pod garbage collector starts deleting terminated pods. + // If <= 0, the terminated pod garbage collector is disabled. + TerminatedPodGCThreshold int32 +} + +type ReplicaSetControllerConfiguration struct { + // concurrentRSSyncs is the number of replica sets that are allowed to sync + // concurrently. Larger number = more responsive replica management, but more + // CPU (and network) load. + ConcurrentRSSyncs int32 +} + +type ReplicationControllerConfiguration struct { + // concurrentRCSyncs is the number of replication controllers that are + // allowed to sync concurrently. Larger number = more responsive replica + // management, but more CPU (and network) load. + ConcurrentRCSyncs int32 +} + +type ResourceQuotaControllerConfiguration struct { + // resourceQuotaSyncPeriod is the period for syncing quota usage status + // in the system. + ResourceQuotaSyncPeriod metav1.Duration + // concurrentResourceQuotaSyncs is the number of resource quotas that are + // allowed to sync concurrently. Larger number = more responsive quota + // management, but more CPU (and network) load. + ConcurrentResourceQuotaSyncs int32 +} + +type SAControllerConfiguration struct { + // serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key + // used to sign service account tokens. + ServiceAccountKeyFile string + // concurrentSATokenSyncs is the number of service account token syncing operations + // that will be done concurrently. + ConcurrentSATokenSyncs int32 + // rootCAFile is the root certificate authority will be included in service + // account's token secret. This must be a valid PEM-encoded CA bundle. + RootCAFile string +} + +type ServiceControllerConfiguration struct { + // concurrentServiceSyncs is the number of services that are + // allowed to sync concurrently. Larger number = more responsive service + // management, but more CPU (and network) load. + ConcurrentServiceSyncs int32 +} + +// VolumeConfiguration contains *all* enumerated flags meant to configure all volume +// plugins. From this config, the controller-manager binary will create many instances of +// volume.VolumeConfig, each containing only the configuration needed for that plugin which +// are then passed to the appropriate plugin. The ControllerManager binary is the only part +// of the code which knows what plugins are supported and which flags correspond to each plugin. +type VolumeConfiguration struct { + // enableHostPathProvisioning enables HostPath PV provisioning when running without a + // cloud provider. This allows testing and development of provisioning features. HostPath + // provisioning is not supported in any way, won't work in a multi-node cluster, and + // should not be used for anything other than testing or development. + EnableHostPathProvisioning bool + // enableDynamicProvisioning enables the provisioning of volumes when running within an environment + // that supports dynamic provisioning. Defaults to true. + EnableDynamicProvisioning bool + // persistentVolumeRecyclerConfiguration holds configuration for persistent volume plugins. + PersistentVolumeRecyclerConfiguration PersistentVolumeRecyclerConfiguration + // volumePluginDir is the full path of the directory in which the flex + // volume plugin should search for additional third party volume plugins + FlexVolumePluginDir string +} + +type PersistentVolumeRecyclerConfiguration struct { + // maximumRetry is number of retries the PV recycler will execute on failure to recycle + // PV. + MaximumRetry int32 + // minimumTimeoutNFS is the minimum ActiveDeadlineSeconds to use for an NFS Recycler + // pod. + MinimumTimeoutNFS int32 + // podTemplateFilePathNFS is the file path to a pod definition used as a template for + // NFS persistent volume recycling + PodTemplateFilePathNFS string + // incrementTimeoutNFS is the increment of time added per Gi to ActiveDeadlineSeconds + // for an NFS scrubber pod. + IncrementTimeoutNFS int32 + // podTemplateFilePathHostPath is the file path to a pod definition used as a template for + // HostPath persistent volume recycling. This is for development and testing only and + // will not work in a multi-node cluster. + PodTemplateFilePathHostPath string + // minimumTimeoutHostPath is the minimum ActiveDeadlineSeconds to use for a HostPath + // Recycler pod. This is for development and testing only and will not work in a multi-node + // cluster. + MinimumTimeoutHostPath int32 + // incrementTimeoutHostPath is the increment of time added per Gi to ActiveDeadlineSeconds + // for a HostPath scrubber pod. This is for development and testing only and will not work + // in a multi-node cluster. + IncrementTimeoutHostPath int32 +} diff --git a/pkg/controller/apis/config/v1alpha1/defaults.go b/pkg/controller/apis/config/v1alpha1/defaults.go new file mode 100644 index 00000000000..5537b5a3ece --- /dev/null +++ b/pkg/controller/apis/config/v1alpha1/defaults.go @@ -0,0 +1,214 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + "time" + + apimachineryconfigv1alpha1 "k8s.io/apimachinery/pkg/apis/config/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + kruntime "k8s.io/apimachinery/pkg/runtime" + apiserverconfigv1alpha1 "k8s.io/apiserver/pkg/apis/config/v1alpha1" + kubectrlmgrconfigv1alpha1 "k8s.io/kube-controller-manager/config/v1alpha1" + utilpointer "k8s.io/utils/pointer" +) + +func addDefaultingFuncs(scheme *kruntime.Scheme) error { + return RegisterDefaults(scheme) +} + +func SetDefaults_KubeControllerManagerConfiguration(obj *KubeControllerManagerConfiguration) { + zero := metav1.Duration{} + if obj.EndpointController.ConcurrentEndpointSyncs == 0 { + obj.EndpointController.ConcurrentEndpointSyncs = 5 + } + if obj.ServiceController.ConcurrentServiceSyncs == 0 { + obj.ServiceController.ConcurrentServiceSyncs = 1 + } + if obj.ReplicationController.ConcurrentRCSyncs == 0 { + obj.ReplicationController.ConcurrentRCSyncs = 5 + } + if obj.ReplicaSetController.ConcurrentRSSyncs == 0 { + obj.ReplicaSetController.ConcurrentRSSyncs = 5 + } + if obj.DaemonSetController.ConcurrentDaemonSetSyncs == 0 { + obj.DaemonSetController.ConcurrentDaemonSetSyncs = 2 + } + if obj.JobController.ConcurrentJobSyncs == 0 { + obj.JobController.ConcurrentJobSyncs = 5 + } + if obj.ResourceQuotaController.ConcurrentResourceQuotaSyncs == 0 { + obj.ResourceQuotaController.ConcurrentResourceQuotaSyncs = 5 + } + if obj.DeploymentController.ConcurrentDeploymentSyncs == 0 { + obj.DeploymentController.ConcurrentDeploymentSyncs = 5 + } + if obj.NamespaceController.ConcurrentNamespaceSyncs == 0 { + obj.NamespaceController.ConcurrentNamespaceSyncs = 10 + } + if obj.SAController.ConcurrentSATokenSyncs == 0 { + obj.SAController.ConcurrentSATokenSyncs = 5 + } + if obj.ResourceQuotaController.ResourceQuotaSyncPeriod == zero { + obj.ResourceQuotaController.ResourceQuotaSyncPeriod = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.NamespaceController.NamespaceSyncPeriod == zero { + obj.NamespaceController.NamespaceSyncPeriod = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.PersistentVolumeBinderController.PVClaimBinderSyncPeriod == zero { + obj.PersistentVolumeBinderController.PVClaimBinderSyncPeriod = metav1.Duration{Duration: 15 * time.Second} + } + if obj.HPAController.HorizontalPodAutoscalerSyncPeriod == zero { + obj.HPAController.HorizontalPodAutoscalerSyncPeriod = metav1.Duration{Duration: 15 * time.Second} + } + if obj.HPAController.HorizontalPodAutoscalerUpscaleForbiddenWindow == zero { + obj.HPAController.HorizontalPodAutoscalerUpscaleForbiddenWindow = metav1.Duration{Duration: 3 * time.Minute} + } + if obj.HPAController.HorizontalPodAutoscalerDownscaleStabilizationWindow == zero { + obj.HPAController.HorizontalPodAutoscalerDownscaleStabilizationWindow = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.HPAController.HorizontalPodAutoscalerCPUInitializationPeriod == zero { + obj.HPAController.HorizontalPodAutoscalerCPUInitializationPeriod = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.HPAController.HorizontalPodAutoscalerInitialReadinessDelay == zero { + obj.HPAController.HorizontalPodAutoscalerInitialReadinessDelay = metav1.Duration{Duration: 30 * time.Second} + } + if obj.HPAController.HorizontalPodAutoscalerDownscaleForbiddenWindow == zero { + obj.HPAController.HorizontalPodAutoscalerDownscaleForbiddenWindow = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.HPAController.HorizontalPodAutoscalerTolerance == 0 { + obj.HPAController.HorizontalPodAutoscalerTolerance = 0.1 + } + if obj.DeploymentController.DeploymentControllerSyncPeriod == zero { + obj.DeploymentController.DeploymentControllerSyncPeriod = metav1.Duration{Duration: 30 * time.Second} + } + if obj.DeprecatedController.RegisterRetryCount == 0 { + obj.DeprecatedController.RegisterRetryCount = 10 + } + if obj.NodeLifecycleController.PodEvictionTimeout == zero { + obj.NodeLifecycleController.PodEvictionTimeout = metav1.Duration{Duration: 5 * time.Minute} + } + if obj.NodeLifecycleController.NodeMonitorGracePeriod == zero { + obj.NodeLifecycleController.NodeMonitorGracePeriod = metav1.Duration{Duration: 40 * time.Second} + } + if obj.NodeLifecycleController.NodeStartupGracePeriod == zero { + obj.NodeLifecycleController.NodeStartupGracePeriod = metav1.Duration{Duration: 60 * time.Second} + } + if obj.NodeIPAMController.NodeCIDRMaskSize == 0 { + obj.NodeIPAMController.NodeCIDRMaskSize = 24 + } + if obj.PodGCController.TerminatedPodGCThreshold == 0 { + obj.PodGCController.TerminatedPodGCThreshold = 12500 + } + if obj.GarbageCollectorController.EnableGarbageCollector == nil { + obj.GarbageCollectorController.EnableGarbageCollector = utilpointer.BoolPtr(true) + } + if obj.GarbageCollectorController.ConcurrentGCSyncs == 0 { + obj.GarbageCollectorController.ConcurrentGCSyncs = 20 + } + if obj.CSRSigningController.ClusterSigningCertFile == "" { + obj.CSRSigningController.ClusterSigningCertFile = "/etc/kubernetes/ca/ca.pem" + } + if obj.CSRSigningController.ClusterSigningKeyFile == "" { + obj.CSRSigningController.ClusterSigningKeyFile = "/etc/kubernetes/ca/ca.key" + } + if obj.CSRSigningController.ClusterSigningDuration == zero { + obj.CSRSigningController.ClusterSigningDuration = metav1.Duration{Duration: 365 * 24 * time.Hour} + } + if obj.AttachDetachController.ReconcilerSyncLoopPeriod == zero { + obj.AttachDetachController.ReconcilerSyncLoopPeriod = metav1.Duration{Duration: 60 * time.Second} + } + if obj.NodeLifecycleController.EnableTaintManager == nil { + obj.NodeLifecycleController.EnableTaintManager = utilpointer.BoolPtr(true) + } + if obj.HPAController.HorizontalPodAutoscalerUseRESTClients == nil { + obj.HPAController.HorizontalPodAutoscalerUseRESTClients = utilpointer.BoolPtr(true) + } + // These defaults override the recommended defaults from the apimachineryconfigv1alpha1 package that are applied automatically + // These client-connection defaults are specific to the kube-controller-manager + if obj.Generic.ClientConnection.QPS == 0.0 { + obj.Generic.ClientConnection.QPS = 50.0 + } + if obj.Generic.ClientConnection.Burst == 0 { + obj.Generic.ClientConnection.Burst = 100 + } +} + +func SetDefaults_GenericControllerManagerConfiguration(obj *GenericControllerManagerConfiguration) { + zero := metav1.Duration{} + if obj.Address == "" { + obj.Address = "0.0.0.0" + } + if obj.MinResyncPeriod == zero { + obj.MinResyncPeriod = metav1.Duration{Duration: 12 * time.Hour} + } + if obj.ControllerStartInterval == zero { + obj.ControllerStartInterval = metav1.Duration{Duration: 0 * time.Second} + } + if len(obj.Controllers) == 0 { + obj.Controllers = []string{"*"} + } + // Use the default ClientConnectionConfiguration and LeaderElectionConfiguration options + apimachineryconfigv1alpha1.RecommendedDefaultClientConnectionConfiguration(&obj.ClientConnection) + apiserverconfigv1alpha1.RecommendedDefaultLeaderElectionConfiguration(&obj.LeaderElection) +} + +func SetDefaults_KubeCloudSharedConfiguration(obj *KubeCloudSharedConfiguration) { + zero := metav1.Duration{} + if obj.NodeMonitorPeriod == zero { + obj.NodeMonitorPeriod = metav1.Duration{Duration: 5 * time.Second} + } + if obj.ClusterName == "" { + obj.ClusterName = "kubernetes" + } + if obj.ConfigureCloudRoutes == nil { + obj.ConfigureCloudRoutes = utilpointer.BoolPtr(true) + } + if obj.RouteReconciliationPeriod == zero { + obj.RouteReconciliationPeriod = metav1.Duration{Duration: 10 * time.Second} + } +} + +func SetDefaults_PersistentVolumeRecyclerConfiguration(obj *PersistentVolumeRecyclerConfiguration) { + if obj.MaximumRetry == 0 { + obj.MaximumRetry = 3 + } + if obj.MinimumTimeoutNFS == 0 { + obj.MinimumTimeoutNFS = 300 + } + if obj.IncrementTimeoutNFS == 0 { + obj.IncrementTimeoutNFS = 30 + } + if obj.MinimumTimeoutHostPath == 0 { + obj.MinimumTimeoutHostPath = 60 + } + if obj.IncrementTimeoutHostPath == 0 { + obj.IncrementTimeoutHostPath = 30 + } +} + +func SetDefaults_VolumeConfiguration(obj *VolumeConfiguration) { + if obj.EnableHostPathProvisioning == nil { + obj.EnableHostPathProvisioning = utilpointer.BoolPtr(false) + } + if obj.EnableDynamicProvisioning == nil { + obj.EnableDynamicProvisioning = utilpointer.BoolPtr(true) + } + if obj.FlexVolumePluginDir == "" { + obj.FlexVolumePluginDir = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" + } +} diff --git a/staging/src/k8s.io/kube-controller-manager/config/v1alpha1/types.go b/staging/src/k8s.io/kube-controller-manager/config/v1alpha1/types.go new file mode 100644 index 00000000000..d831a88c852 --- /dev/null +++ b/staging/src/k8s.io/kube-controller-manager/config/v1alpha1/types.go @@ -0,0 +1,410 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + apimachineryconfigv1alpha1 "k8s.io/apimachinery/pkg/apis/config/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + apiserverconfigv1alpha1 "k8s.io/apiserver/pkg/apis/config/v1alpha1" +) + +type PersistentVolumeRecyclerConfiguration struct { + // maximumRetry is number of retries the PV recycler will execute on failure to recycle + // PV. + MaximumRetry int32 + // minimumTimeoutNFS is the minimum ActiveDeadlineSeconds to use for an NFS Recycler + // pod. + MinimumTimeoutNFS int32 + // podTemplateFilePathNFS is the file path to a pod definition used as a template for + // NFS persistent volume recycling + PodTemplateFilePathNFS string + // incrementTimeoutNFS is the increment of time added per Gi to ActiveDeadlineSeconds + // for an NFS scrubber pod. + IncrementTimeoutNFS int32 + // podTemplateFilePathHostPath is the file path to a pod definition used as a template for + // HostPath persistent volume recycling. This is for development and testing only and + // will not work in a multi-node cluster. + PodTemplateFilePathHostPath string + // minimumTimeoutHostPath is the minimum ActiveDeadlineSeconds to use for a HostPath + // Recycler pod. This is for development and testing only and will not work in a multi-node + // cluster. + MinimumTimeoutHostPath int32 + // incrementTimeoutHostPath is the increment of time added per Gi to ActiveDeadlineSeconds + // for a HostPath scrubber pod. This is for development and testing only and will not work + // in a multi-node cluster. + IncrementTimeoutHostPath int32 +} + +// VolumeConfiguration contains *all* enumerated flags meant to configure all volume +// plugins. From this config, the controller-manager binary will create many instances of +// volume.VolumeConfig, each containing only the configuration needed for that plugin which +// are then passed to the appropriate plugin. The ControllerManager binary is the only part +// of the code which knows what plugins are supported and which flags correspond to each plugin. +type VolumeConfiguration struct { + // enableHostPathProvisioning enables HostPath PV provisioning when running without a + // cloud provider. This allows testing and development of provisioning features. HostPath + // provisioning is not supported in any way, won't work in a multi-node cluster, and + // should not be used for anything other than testing or development. + EnableHostPathProvisioning *bool + // enableDynamicProvisioning enables the provisioning of volumes when running within an environment + // that supports dynamic provisioning. Defaults to true. + EnableDynamicProvisioning *bool + // persistentVolumeRecyclerConfiguration holds configuration for persistent volume plugins. + PersistentVolumeRecyclerConfiguration PersistentVolumeRecyclerConfiguration + // volumePluginDir is the full path of the directory in which the flex + // volume plugin should search for additional third party volume plugins + FlexVolumePluginDir string +} + +type GroupResource struct { + // group is the group portion of the GroupResource. + Group string + // resource is the resource portion of the GroupResource. + Resource string +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubeControllerManagerConfiguration struct { + metav1.TypeMeta `json:",inline"` + // Generic holds configuration for a generic controller-manager + Generic GenericControllerManagerConfiguration + // KubeCloudSharedConfiguration holds configuration for shared related features + // both in cloud controller manager and kube-controller manager. + KubeCloudShared KubeCloudSharedConfiguration + // AttachDetachControllerConfiguration holds configuration for + // AttachDetachController related features. + AttachDetachController AttachDetachControllerConfiguration + // CSRSigningControllerConfiguration holds configuration for + // CSRSigningController related features. + CSRSigningController CSRSigningControllerConfiguration + // DaemonSetControllerConfiguration holds configuration for DaemonSetController + // related features. + DaemonSetController DaemonSetControllerConfiguration + // DeploymentControllerConfiguration holds configuration for + // DeploymentController related features. + DeploymentController DeploymentControllerConfiguration + // DeprecatedControllerConfiguration holds configuration for some deprecated + // features. + DeprecatedController DeprecatedControllerConfiguration + // EndpointControllerConfiguration holds configuration for EndpointController + // related features. + EndpointController EndpointControllerConfiguration + // GarbageCollectorControllerConfiguration holds configuration for + // GarbageCollectorController related features. + GarbageCollectorController GarbageCollectorControllerConfiguration + // HPAControllerConfiguration holds configuration for HPAController related features. + HPAController HPAControllerConfiguration + // JobControllerConfiguration holds configuration for JobController related features. + JobController JobControllerConfiguration + // NamespaceControllerConfiguration holds configuration for NamespaceController + // related features. + NamespaceController NamespaceControllerConfiguration + // NodeIPAMControllerConfiguration holds configuration for NodeIPAMController + // related features. + NodeIPAMController NodeIPAMControllerConfiguration + // NodeLifecycleControllerConfiguration holds configuration for + // NodeLifecycleController related features. + NodeLifecycleController NodeLifecycleControllerConfiguration + // PersistentVolumeBinderControllerConfiguration holds configuration for + // PersistentVolumeBinderController related features. + PersistentVolumeBinderController PersistentVolumeBinderControllerConfiguration + // PodGCControllerConfiguration holds configuration for PodGCController + // related features. + PodGCController PodGCControllerConfiguration + // ReplicaSetControllerConfiguration holds configuration for ReplicaSet related features. + ReplicaSetController ReplicaSetControllerConfiguration + // ReplicationControllerConfiguration holds configuration for + // ReplicationController related features. + ReplicationController ReplicationControllerConfiguration + // ResourceQuotaControllerConfiguration holds configuration for + // ResourceQuotaController related features. + ResourceQuotaController ResourceQuotaControllerConfiguration + // SAControllerConfiguration holds configuration for ServiceAccountController + // related features. + SAController SAControllerConfiguration + // ServiceControllerConfiguration holds configuration for ServiceController + // related features. + ServiceController ServiceControllerConfiguration +} + +type GenericControllerManagerConfiguration struct { + // port is the port that the controller-manager's http service runs on. + Port int32 + // address is the IP address to serve on (set to 0.0.0.0 for all interfaces). + Address string + // minResyncPeriod is the resync period in reflectors; will be random between + // minResyncPeriod and 2*minResyncPeriod. + MinResyncPeriod metav1.Duration + // ClientConnection specifies the kubeconfig file and client connection + // settings for the proxy server to use when communicating with the apiserver. + ClientConnection apimachineryconfigv1alpha1.ClientConnectionConfiguration + // How long to wait between starting controller managers + ControllerStartInterval metav1.Duration + // leaderElection defines the configuration of leader election client. + LeaderElection apiserverconfigv1alpha1.LeaderElectionConfiguration + // Controllers is the list of controllers to enable or disable + // '*' means "all enabled by default controllers" + // 'foo' means "enable 'foo'" + // '-foo' means "disable 'foo'" + // first item for a particular name wins + Controllers []string + // DebuggingConfiguration holds configuration for Debugging related features. + Debugging apiserverconfigv1alpha1.DebuggingConfiguration +} + +type KubeCloudSharedConfiguration struct { + // CloudProviderConfiguration holds configuration for CloudProvider related features. + CloudProvider CloudProviderConfiguration + // externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". + // It is currently used by the in repo cloud providers to handle node and volume control in the KCM. + ExternalCloudVolumePlugin string + // useServiceAccountCredentials indicates whether controllers should be run with + // individual service account credentials. + UseServiceAccountCredentials bool + // run with untagged cloud instances + AllowUntaggedCloud bool + // routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider.. + RouteReconciliationPeriod metav1.Duration + // nodeMonitorPeriod is the period for syncing NodeStatus in NodeController. + NodeMonitorPeriod metav1.Duration + // clusterName is the instance prefix for the cluster. + ClusterName string + // clusterCIDR is CIDR Range for Pods in cluster. + ClusterCIDR string + // AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if + // ConfigureCloudRoutes is true, to be set on the cloud provider. + AllocateNodeCIDRs bool + // CIDRAllocatorType determines what kind of pod CIDR allocator will be used. + CIDRAllocatorType string + // configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs + // to be configured on the cloud provider. + ConfigureCloudRoutes *bool + // nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer + // periods will result in fewer calls to cloud provider, but may delay addition + // of new nodes to cluster. + NodeSyncPeriod metav1.Duration +} + +type AttachDetachControllerConfiguration struct { + // Reconciler runs a periodic loop to reconcile the desired state of the with + // the actual state of the world by triggering attach detach operations. + // This flag enables or disables reconcile. Is false by default, and thus enabled. + DisableAttachDetachReconcilerSync bool + // ReconcilerSyncLoopPeriod is the amount of time the reconciler sync states loop + // wait between successive executions. Is set to 5 sec by default. + ReconcilerSyncLoopPeriod metav1.Duration +} + +type CloudProviderConfiguration struct { + // Name is the provider for cloud services. + Name string + // cloudConfigFile is the path to the cloud provider configuration file. + CloudConfigFile string +} + +type CSRSigningControllerConfiguration struct { + // clusterSigningCertFile is the filename containing a PEM-encoded + // X509 CA certificate used to issue cluster-scoped certificates + ClusterSigningCertFile string + // clusterSigningCertFile is the filename containing a PEM-encoded + // RSA or ECDSA private key used to issue cluster-scoped certificates + ClusterSigningKeyFile string + // clusterSigningDuration is the length of duration signed certificates + // will be given. + ClusterSigningDuration metav1.Duration +} + +type DaemonSetControllerConfiguration struct { + // concurrentDaemonSetSyncs is the number of daemonset objects that are + // allowed to sync concurrently. Larger number = more responsive daemonset, + // but more CPU (and network) load. + ConcurrentDaemonSetSyncs int32 +} + +type DeploymentControllerConfiguration struct { + // concurrentDeploymentSyncs is the number of deployment objects that are + // allowed to sync concurrently. Larger number = more responsive deployments, + // but more CPU (and network) load. + ConcurrentDeploymentSyncs int32 + // deploymentControllerSyncPeriod is the period for syncing the deployments. + DeploymentControllerSyncPeriod metav1.Duration +} + +type DeprecatedControllerConfiguration struct { + // DEPRECATED: deletingPodsQps is the number of nodes per second on which pods are deleted in + // case of node failure. + DeletingPodsQps float32 + // DEPRECATED: deletingPodsBurst is the number of nodes on which pods are bursty deleted in + // case of node failure. For more details look into RateLimiter. + DeletingPodsBurst int32 + // registerRetryCount is the number of retries for initial node registration. + // Retry interval equals node-sync-period. + RegisterRetryCount int32 +} + +type EndpointControllerConfiguration struct { + // concurrentEndpointSyncs is the number of endpoint syncing operations + // that will be done concurrently. Larger number = faster endpoint updating, + // but more CPU (and network) load. + ConcurrentEndpointSyncs int32 +} + +type GarbageCollectorControllerConfiguration struct { + // enables the generic garbage collector. MUST be synced with the + // corresponding flag of the kube-apiserver. WARNING: the generic garbage + // collector is an alpha feature. + EnableGarbageCollector *bool + // concurrentGCSyncs is the number of garbage collector workers that are + // allowed to sync concurrently. + ConcurrentGCSyncs int32 + // gcIgnoredResources is the list of GroupResources that garbage collection should ignore. + GCIgnoredResources []GroupResource +} + +type HPAControllerConfiguration struct { + // HorizontalPodAutoscalerSyncPeriod is the period for syncing the number of + // pods in horizontal pod autoscaler. + HorizontalPodAutoscalerSyncPeriod metav1.Duration + // HorizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed. + HorizontalPodAutoscalerUpscaleForbiddenWindow metav1.Duration + // HorizontalPodAutoscalerDowncaleStabilizationWindow is a period for which autoscaler will look + // backwards and not scale down below any recommendation it made during that period. + HorizontalPodAutoscalerDownscaleStabilizationWindow metav1.Duration + // HorizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed. + HorizontalPodAutoscalerDownscaleForbiddenWindow metav1.Duration + // HorizontalPodAutoscalerTolerance is the tolerance for when + // resource usage suggests upscaling/downscaling + HorizontalPodAutoscalerTolerance float64 + // HorizontalPodAutoscalerUseRESTClients causes the HPA controller to use REST clients + // through the kube-aggregator when enabled, instead of using the legacy metrics client + // through the API server proxy. + HorizontalPodAutoscalerUseRESTClients *bool + // HorizontalPodAutoscalerCPUInitializationPeriod is the period after pod start when CPU samples + // might be skipped. + HorizontalPodAutoscalerCPUInitializationPeriod metav1.Duration + // HorizontalPodAutoscalerInitialReadinessDelay is period after pod start during which readiness + // changes are treated as readiness being set for the first time. The only effect of this is that + // HPA will disregard CPU samples from unready pods that had last readiness change during that + // period. + HorizontalPodAutoscalerInitialReadinessDelay metav1.Duration +} + +type JobControllerConfiguration struct { + // concurrentJobSyncs is the number of job objects that are + // allowed to sync concurrently. Larger number = more responsive jobs, + // but more CPU (and network) load. + ConcurrentJobSyncs int32 +} + +type NamespaceControllerConfiguration struct { + // namespaceSyncPeriod is the period for syncing namespace life-cycle + // updates. + NamespaceSyncPeriod metav1.Duration + // concurrentNamespaceSyncs is the number of namespace objects that are + // allowed to sync concurrently. + ConcurrentNamespaceSyncs int32 +} + +type NodeIPAMControllerConfiguration struct { + // serviceCIDR is CIDR Range for Services in cluster. + ServiceCIDR string + // NodeCIDRMaskSize is the mask size for node cidr in cluster. + NodeCIDRMaskSize int32 +} + +type NodeLifecycleControllerConfiguration struct { + // If set to true enables NoExecute Taints and will evict all not-tolerating + // Pod running on Nodes tainted with this kind of Taints. + EnableTaintManager *bool + // nodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is healthy + NodeEvictionRate float32 + // secondaryNodeEvictionRate is the number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy + SecondaryNodeEvictionRate float32 + // nodeStartupGracePeriod is the amount of time which we allow starting a node to + // be unresponsive before marking it unhealthy. + NodeStartupGracePeriod metav1.Duration + // nodeMontiorGracePeriod is the amount of time which we allow a running node to be + // unresponsive before marking it unhealthy. Must be N times more than kubelet's + // nodeStatusUpdateFrequency, where N means number of retries allowed for kubelet + // to post node status. + NodeMonitorGracePeriod metav1.Duration + // podEvictionTimeout is the grace period for deleting pods on failed nodes. + PodEvictionTimeout metav1.Duration + // secondaryNodeEvictionRate is implicitly overridden to 0 for clusters smaller than or equal to largeClusterSizeThreshold + LargeClusterSizeThreshold int32 + // Zone is treated as unhealthy in nodeEvictionRate and secondaryNodeEvictionRate when at least + // unhealthyZoneThreshold (no less than 3) of Nodes in the zone are NotReady + UnhealthyZoneThreshold float32 +} + +type PersistentVolumeBinderControllerConfiguration struct { + // pvClaimBinderSyncPeriod is the period for syncing persistent volumes + // and persistent volume claims. + PVClaimBinderSyncPeriod metav1.Duration + // volumeConfiguration holds configuration for volume related features. + VolumeConfiguration VolumeConfiguration +} + +type PodGCControllerConfiguration struct { + // terminatedPodGCThreshold is the number of terminated pods that can exist + // before the terminated pod garbage collector starts deleting terminated pods. + // If <= 0, the terminated pod garbage collector is disabled. + TerminatedPodGCThreshold int32 +} + +type ReplicaSetControllerConfiguration struct { + // concurrentRSSyncs is the number of replica sets that are allowed to sync + // concurrently. Larger number = more responsive replica management, but more + // CPU (and network) load. + ConcurrentRSSyncs int32 +} + +type ReplicationControllerConfiguration struct { + // concurrentRCSyncs is the number of replication controllers that are + // allowed to sync concurrently. Larger number = more responsive replica + // management, but more CPU (and network) load. + ConcurrentRCSyncs int32 +} + +type ResourceQuotaControllerConfiguration struct { + // resourceQuotaSyncPeriod is the period for syncing quota usage status + // in the system. + ResourceQuotaSyncPeriod metav1.Duration + // concurrentResourceQuotaSyncs is the number of resource quotas that are + // allowed to sync concurrently. Larger number = more responsive quota + // management, but more CPU (and network) load. + ConcurrentResourceQuotaSyncs int32 +} + +type SAControllerConfiguration struct { + // serviceAccountKeyFile is the filename containing a PEM-encoded private RSA key + // used to sign service account tokens. + ServiceAccountKeyFile string + // concurrentSATokenSyncs is the number of service account token syncing operations + // that will be done concurrently. + ConcurrentSATokenSyncs int32 + // rootCAFile is the root certificate authority will be included in service + // account's token secret. This must be a valid PEM-encoded CA bundle. + RootCAFile string +} + +type ServiceControllerConfiguration struct { + // concurrentServiceSyncs is the number of services that are + // allowed to sync concurrently. Larger number = more responsive service + // management, but more CPU (and network) load. + ConcurrentServiceSyncs int32 +}