componentconfig: add external kubelet configuration type

cmd/kubelet/app/options/options.go

@@ -19,39 +19,16 @@ package options
 
 import (
 	_ "net/http/pprof"
-	"path/filepath"
-	"runtime"
-	"time"
 
 	"k8s.io/kubernetes/pkg/api"
-	"k8s.io/kubernetes/pkg/api/unversioned"
 	"k8s.io/kubernetes/pkg/apis/componentconfig"
-	"k8s.io/kubernetes/pkg/kubelet/qos"
-	"k8s.io/kubernetes/pkg/kubelet/rkt"
-	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
-	"k8s.io/kubernetes/pkg/master/ports"
+	"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
 	"k8s.io/kubernetes/pkg/util"
-	"k8s.io/kubernetes/pkg/util/config"
+	utilconfig "k8s.io/kubernetes/pkg/util/config"
 
 	"github.com/spf13/pflag"
 )
 
-const (
-	defaultRootDir             = "/var/lib/kubelet"
-	experimentalFlannelOverlay = false
-
-	// When these values are updated, also update test/e2e/framework/util.go
-	defaultPodInfraContainerImageName    = "gcr.io/google_containers/pause"
-	defaultPodInfraContainerImageVersion = "3.0"
-	// Auto detect cloud provider.
-	AutoDetectCloudProvider = "auto-detect"
-)
-
-// Returns the arch-specific pause image that kubelet should use as the default
-func GetDefaultPodInfraContainerImage() string {
-	return defaultPodInfraContainerImageName + "-" + runtime.GOARCH + ":" + defaultPodInfraContainerImageVersion
-}
-
 // KubeletServer encapsulates all of the parameters necessary for starting up
 // a kubelet. These can either be set via command line or directly.
 type KubeletServer struct {
@@ -67,94 +44,20 @@ type KubeletServer struct {
 	ChaosChance float64
 	// Crash immediately, rather than eating panics.
 	ReallyCrashForTesting bool
-	SystemReserved        config.ConfigurationMap
-	KubeReserved          config.ConfigurationMap
+	SystemReserved        utilconfig.ConfigurationMap
+	KubeReserved          utilconfig.ConfigurationMap
 }
 
 // NewKubeletServer will create a new KubeletServer with default values.
 func NewKubeletServer() *KubeletServer {
+	config := componentconfig.KubeletConfiguration{}
+	api.Scheme.Convert(&v1alpha1.KubeletConfiguration{}, &config)
 	return &KubeletServer{
 		AuthPath:             util.NewStringFlag("/var/lib/kubelet/kubernetes_auth"), // deprecated
 		KubeConfig:           util.NewStringFlag("/var/lib/kubelet/kubeconfig"),
-
-		SystemReserved: make(config.ConfigurationMap),
-		KubeReserved:   make(config.ConfigurationMap),
-		KubeletConfiguration: componentconfig.KubeletConfiguration{
-			Address:                      "0.0.0.0",
-			CAdvisorPort:                 4194,
-			VolumeStatsAggPeriod:         unversioned.Duration{Duration: time.Minute},
-			CertDirectory:                "/var/run/kubernetes",
-			CgroupRoot:                   "",
-			CloudProvider:                AutoDetectCloudProvider,
-			ConfigureCBR0:                false,
-			ContainerRuntime:             "docker",
-			RuntimeRequestTimeout:        unversioned.Duration{Duration: 2 * time.Minute},
-			CPUCFSQuota:                  true,
-			DockerExecHandlerName:        "native",
-			EventBurst:                   10,
-			EventRecordQPS:               5.0,
-			EnableControllerAttachDetach: true,
-			EnableCustomMetrics:          false,
-			EnableDebuggingHandlers:      true,
-			EnableServer:                 true,
-			FileCheckFrequency:           unversioned.Duration{Duration: 20 * time.Second},
-			HealthzBindAddress:           "127.0.0.1",
-			HealthzPort:                  10248,
-			HostNetworkSources:           kubetypes.AllSource,
-			HostPIDSources:               kubetypes.AllSource,
-			HostIPCSources:               kubetypes.AllSource,
-			HTTPCheckFrequency:           unversioned.Duration{Duration: 20 * time.Second},
-			ImageMinimumGCAge:            unversioned.Duration{Duration: 2 * time.Minute},
-			ImageGCHighThresholdPercent:  90,
-			ImageGCLowThresholdPercent:   80,
-			LowDiskSpaceThresholdMB:      256,
-			MasterServiceNamespace:       api.NamespaceDefault,
-			MaxContainerCount:            -1,
-			MaxPerPodContainerCount:      1,
-			MaxOpenFiles:                 1000000,
-			MaxPods:                      110,
-			NvidiaGPUs:                   0,
-			MinimumGCAge:                 unversioned.Duration{Duration: 0},
-			NetworkPluginDir:             "/usr/libexec/kubernetes/kubelet-plugins/net/exec/",
-			NetworkPluginName:            "",
-			NonMasqueradeCIDR:            "10.0.0.0/8",
-			VolumePluginDir:              "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
-			NodeStatusUpdateFrequency:    unversioned.Duration{Duration: 10 * time.Second},
-			NodeLabels:                   make(map[string]string),
-			OOMScoreAdj:                  int32(qos.KubeletOOMScoreAdj),
-			LockFilePath:                 "",
-			ExitOnLockContention:         false,
-			PodInfraContainerImage:       GetDefaultPodInfraContainerImage(),
-			Port:                             ports.KubeletPort,
-			ReadOnlyPort:                     ports.KubeletReadOnlyPort,
-			RegisterNode:                     true, // will be ignored if no apiserver is configured
-			RegisterSchedulable:              true,
-			RegistryBurst:                    10,
-			RegistryPullQPS:                  5.0,
-			KubeletCgroups:                   "",
-			ResolverConfig:                   kubetypes.ResolvConfDefault,
-			RktPath:                          "",
-			RktAPIEndpoint:                   rkt.DefaultRktAPIServiceEndpoint,
-			RktStage1Image:                   "",
-			RootDirectory:                    defaultRootDir,
-			RuntimeCgroups:                   "",
-			SerializeImagePulls:              true,
-			SeccompProfileRoot:               filepath.Join(defaultRootDir, "seccomp"),
-			StreamingConnectionIdleTimeout:   unversioned.Duration{Duration: 4 * time.Hour},
-			SyncFrequency:                    unversioned.Duration{Duration: 1 * time.Minute},
-			SystemCgroups:                    "",
-			ReconcileCIDR:                    true,
-			ContentType:                      "application/vnd.kubernetes.protobuf",
-			KubeAPIQPS:                       5.0,
-			KubeAPIBurst:                     10,
-			ExperimentalFlannelOverlay:       experimentalFlannelOverlay,
-			OutOfDiskTransitionFrequency:     unversioned.Duration{Duration: 5 * time.Minute},
-			HairpinMode:                      componentconfig.PromiscuousBridge,
-			BabysitDaemons:                   false,
-			EvictionHard:                     "memory.available<100Mi",
-			EvictionPressureTransitionPeriod: unversioned.Duration{Duration: 5 * time.Minute},
-			PodsPerCore:                      0,
-		},
+		SystemReserved:       make(utilconfig.ConfigurationMap),
+		KubeReserved:         make(utilconfig.ConfigurationMap),
+		KubeletConfiguration: config,
 	}
 }
 
@@ -168,8 +71,8 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.ManifestURLHeader, "manifest-url-header", s.ManifestURLHeader, "HTTP header to use when accessing the manifest URL, with the key separated from the value with a ':', as in 'key:value'")
 	fs.BoolVar(&s.EnableServer, "enable-server", s.EnableServer, "Enable the Kubelet's server")
 	fs.Var(componentconfig.IPVar{Val: &s.Address}, "address", "The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces)")
-	fs.UintVar(&s.Port, "port", s.Port, "The port for the Kubelet to serve on.")
-	fs.UintVar(&s.ReadOnlyPort, "read-only-port", s.ReadOnlyPort, "The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable)")
+	fs.IntVar(&s.Port, "port", s.Port, "The port for the Kubelet to serve on.")
+	fs.IntVar(&s.ReadOnlyPort, "read-only-port", s.ReadOnlyPort, "The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable)")
 	fs.StringVar(&s.TLSCertFile, "tls-cert-file", s.TLSCertFile, ""+
 		"File containing x509 Certificate for HTTPS.  (CA cert, if any, concatenated after server cert). "+
 		"If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key "+
@@ -179,13 +82,13 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 		"If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored.")
 	fs.StringVar(&s.HostnameOverride, "hostname-override", s.HostnameOverride, "If non-empty, will use this string as identification instead of the actual hostname.")
 	fs.StringVar(&s.PodInfraContainerImage, "pod-infra-container-image", s.PodInfraContainerImage, "The image whose network/ipc namespaces containers in each pod will use.")
-	fs.StringVar(&s.DockerEndpoint, "docker-endpoint", s.DockerEndpoint, "If non-empty, use this for the docker endpoint to communicate with")
+	fs.StringVar(&s.DockerEndpoint, "docker-endpoint", s.DockerEndpoint, "Use this for the docker endpoint to communicate with")
 	fs.StringVar(&s.RootDirectory, "root-dir", s.RootDirectory, "Directory path for managing kubelet files (volume mounts,etc).")
 	fs.StringVar(&s.SeccompProfileRoot, "seccomp-profile-root", s.SeccompProfileRoot, "Directory path for seccomp profiles.")
 	fs.BoolVar(&s.AllowPrivileged, "allow-privileged", s.AllowPrivileged, "If true, allow containers to request privileged mode. [default=false]")
-	fs.StringVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. [default=\"*\"]")
-	fs.StringVar(&s.HostPIDSources, "host-pid-sources", s.HostPIDSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace. [default=\"*\"]")
-	fs.StringVar(&s.HostIPCSources, "host-ipc-sources", s.HostIPCSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace. [default=\"*\"]")
+	fs.StringSliceVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. [default=\"*\"]")
+	fs.StringSliceVar(&s.HostPIDSources, "host-pid-sources", s.HostPIDSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace. [default=\"*\"]")
+	fs.StringSliceVar(&s.HostIPCSources, "host-ipc-sources", s.HostIPCSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace. [default=\"*\"]")
 	fs.Float64Var(&s.RegistryPullQPS, "registry-qps", s.RegistryPullQPS, "If > 0, limit registry pull QPS to this value.  If 0, unlimited. [default=5.0]")
 	fs.Int32Var(&s.RegistryBurst, "registry-burst", s.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps.  Only used if --registry-qps > 0")
 	fs.Float32Var(&s.EventRecordQPS, "event-qps", s.EventRecordQPS, "If > 0, limit event creations per second to this value. If 0, unlimited.")
@@ -201,7 +104,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 	fs.Var(&s.AuthPath, "auth-path", "Path to .kubernetes_auth file, specifying how to authenticate to API server.")
 	fs.MarkDeprecated("auth-path", "will be removed in a future version")
 	fs.Var(&s.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to authenticate to API server (the master location is set by the api-servers flag).")
-	fs.UintVar(&s.CAdvisorPort, "cadvisor-port", s.CAdvisorPort, "The port of the localhost cAdvisor endpoint")
+	fs.IntVar(&s.CAdvisorPort, "cadvisor-port", s.CAdvisorPort, "The port of the localhost cAdvisor endpoint")
 	fs.Int32Var(&s.HealthzPort, "healthz-port", s.HealthzPort, "The port of the localhost healthz endpoint")
 	fs.Var(componentconfig.IPVar{Val: &s.HealthzBindAddress}, "healthz-bind-address", "The IP address for the healthz server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)")
 	fs.Int32Var(&s.OOMScoreAdj, "oom-score-adj", s.OOMScoreAdj, "The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000]")
@@ -212,7 +115,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.ClusterDNS, "cluster-dns", s.ClusterDNS, "IP address for a cluster DNS server.  This value is used for containers' DNS server in case of Pods with \"dnsPolicy=ClusterFirst\"")
 	fs.DurationVar(&s.StreamingConnectionIdleTimeout.Duration, "streaming-connection-idle-timeout", s.StreamingConnectionIdleTimeout.Duration, "Maximum time a streaming connection can be idle before the connection is automatically closed. 0 indicates no timeout. Example: '5m'")
 	fs.DurationVar(&s.NodeStatusUpdateFrequency.Duration, "node-status-update-frequency", s.NodeStatusUpdateFrequency.Duration, "Specifies how often kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Default: 10s")
-	bindableNodeLabels := config.ConfigurationMap(s.NodeLabels)
+	bindableNodeLabels := utilconfig.ConfigurationMap(s.NodeLabels)
 	fs.Var(&bindableNodeLabels, "node-labels", "<Warning: Alpha feature> Labels to add when registering the node in the cluster.  Labels must be key=value pairs separated by ','.")
 	fs.DurationVar(&s.ImageMinimumGCAge.Duration, "minimum-image-ttl-duration", s.ImageMinimumGCAge.Duration, "Minimum age for a unused image before it is garbage collected.  Examples: '300ms', '10s' or '2h45m'. Default: '2m'")
 	fs.Int32Var(&s.ImageGCHighThresholdPercent, "image-gc-high-threshold", s.ImageGCHighThresholdPercent, "The percent of disk usage after which image garbage collection is always run. Default: 90%")
@@ -259,7 +162,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 	fs.BoolVar(&s.ReallyCrashForTesting, "really-crash-for-testing", s.ReallyCrashForTesting, "If true, when panics occur crash. Intended for testing.")
 	fs.Float64Var(&s.ChaosChance, "chaos-chance", s.ChaosChance, "If > 0.0, introduce random client errors and latency. Intended for testing. [default=0.0]")
 	fs.BoolVar(&s.Containerized, "containerized", s.Containerized, "Experimental support for running kubelet in a container.  Intended for testing. [default=false]")
-	fs.Uint64Var(&s.MaxOpenFiles, "max-open-files", s.MaxOpenFiles, "Number of files that can be opened by Kubelet process. [default=1000000]")
+	fs.Int64Var(&s.MaxOpenFiles, "max-open-files", s.MaxOpenFiles, "Number of files that can be opened by Kubelet process. [default=1000000]")
 	fs.BoolVar(&s.ReconcileCIDR, "reconcile-cidr", s.ReconcileCIDR, "Reconcile node CIDR with the CIDR specified by the API server. No-op if register-node or configure-cbr0 is false. [default=true]")
 	fs.Var(&s.SystemReserved, "system-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://releases.k8s.io/HEAD/docs/user-guide/compute-resources.md for more detail. [default=none]")
 	fs.Var(&s.KubeReserved, "kube-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently only cpu and memory are supported. See http://releases.k8s.io/HEAD/docs/user-guide/compute-resources.md for more detail. [default=none]")

cmd/kubelet/app/server.go

@@ -122,17 +122,17 @@ HTTP server: The kubelet can also listen for HTTP and respond to a simple API
 // UnsecuredKubeletConfig returns a KubeletConfig suitable for being run, or an error if the server setup
 // is not valid.  It will not start any background processes, and does not include authentication/authorization
 func UnsecuredKubeletConfig(s *options.KubeletServer) (*KubeletConfig, error) {
-	hostNetworkSources, err := kubetypes.GetValidatedSources(strings.Split(s.HostNetworkSources, ","))
+	hostNetworkSources, err := kubetypes.GetValidatedSources(s.HostNetworkSources)
 	if err != nil {
 		return nil, err
 	}
 
-	hostPIDSources, err := kubetypes.GetValidatedSources(strings.Split(s.HostPIDSources, ","))
+	hostPIDSources, err := kubetypes.GetValidatedSources(s.HostPIDSources)
 	if err != nil {
 		return nil, err
 	}
 
-	hostIPCSources, err := kubetypes.GetValidatedSources(strings.Split(s.HostIPCSources, ","))
+	hostIPCSources, err := kubetypes.GetValidatedSources(s.HostIPCSources)
 	if err != nil {
 		return nil, err
 	}
@@ -234,7 +234,7 @@ func UnsecuredKubeletConfig(s *options.KubeletServer) (*KubeletConfig, error) {
 		ManifestURLHeader:            manifestURLHeader,
 		MasterServiceNamespace:       s.MasterServiceNamespace,
 		MaxContainerCount:            int(s.MaxContainerCount),
-		MaxOpenFiles:                 s.MaxOpenFiles,
+		MaxOpenFiles:                 uint64(s.MaxOpenFiles),
 		MaxPerPodContainerCount:      int(s.MaxPerPodContainerCount),
 		MaxPods:                      int(s.MaxPods),
 		NvidiaGPUs:                   int(s.NvidiaGPUs),
@@ -250,8 +250,8 @@ func UnsecuredKubeletConfig(s *options.KubeletServer) (*KubeletConfig, error) {
 		PodCIDR:                      s.PodCIDR,
 		ReconcileCIDR:                s.ReconcileCIDR,
 		PodInfraContainerImage:       s.PodInfraContainerImage,
-		Port:                           s.Port,
-		ReadOnlyPort:                   s.ReadOnlyPort,
+		Port:                           uint(s.Port),
+		ReadOnlyPort:                   uint(s.ReadOnlyPort),
 		RegisterNode:                   s.RegisterNode,
 		RegisterSchedulable:            s.RegisterSchedulable,
 		RegistryBurst:                  int(s.RegistryBurst),
@@ -352,7 +352,7 @@ func run(s *options.KubeletServer, kcfg *KubeletConfig) (err error) {
 	}
 
 	if kcfg.CAdvisorInterface == nil {
-		kcfg.CAdvisorInterface, err = cadvisor.New(s.CAdvisorPort, kcfg.ContainerRuntime)
+		kcfg.CAdvisorInterface, err = cadvisor.New(uint(s.CAdvisorPort), kcfg.ContainerRuntime)
 		if err != nil {
 			return err
 		}
@@ -553,6 +553,8 @@ func SimpleKubelet(client *clientset.Clientset,
 	evictionConfig := eviction.Config{
 		PressureTransitionPeriod: evictionPressureTransitionPeriod,
 	}
+
+	c := componentconfig.KubeletConfiguration{}
 	kcfg := KubeletConfig{
 		Address:                      net.ParseIP(address),
 		CAdvisorInterface:            cadvisorInterface,
@@ -594,7 +596,7 @@ func SimpleKubelet(client *clientset.Clientset,
 		NodeStatusUpdateFrequency: nodeStatusUpdateFrequency,
 		OOMAdjuster:               oom.NewFakeOOMAdjuster(),
 		OSInterface:               osInterface,
-		PodInfraContainerImage:    options.GetDefaultPodInfraContainerImage(),
+		PodInfraContainerImage:    c.PodInfraContainerImage,
 		Port:                port,
 		ReadOnlyPort:        readOnlyPort,
 		RegisterNode:        true,

contrib/mesos/pkg/executor/service/service.go

@@ -209,7 +209,7 @@ func (s *KubeletExecutorServer) runKubelet(
 
 	// create custom cAdvisor interface which return the resource values that Mesos reports
 	ni := <-nodeInfos
-	cAdvisorInterface, err := NewMesosCadvisor(ni.Cores, ni.Mem, s.CAdvisorPort, kcfg.ContainerRuntime)
+	cAdvisorInterface, err := NewMesosCadvisor(ni.Cores, ni.Mem, uint(s.CAdvisorPort), kcfg.ContainerRuntime)
 	if err != nil {
 		return err
 	}

pkg/api/conversion.go

@@ -50,10 +50,27 @@ func init() {
 		Convert_string_To_Pointer_string,
 		Convert_labels_Selector_To_string,
 		Convert_fields_Selector_To_string,
+		Convert_int64_ref_To_int,
+		Convert_int_To_int64_ref,
 		Convert_resource_Quantity_To_resource_Quantity,
 	)
 }
 
+func Convert_int64_ref_To_int(in **int64, out *int, s conversion.Scope) error {
+	if *in == nil {
+		*out = 0
+		return nil
+	}
+	*out = int(**in)
+	return nil
+}
+
+func Convert_int_To_int64_ref(in *int, out **int64, s conversion.Scope) error {
+	temp := int64(*in)
+	*out = &temp
+	return nil
+}
+
 func Convert_Pointer_string_To_string(in **string, out *string, s conversion.Scope) error {
 	if *in == nil {
 		*out = ""

pkg/apis/componentconfig/register.go

@@ -46,5 +46,10 @@ func addKnownTypes(scheme *runtime.Scheme) {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&KubeProxyConfiguration{},
 		&KubeSchedulerConfiguration{},
+		&KubeletConfiguration{},
 	)
 }
+
+func (obj *KubeProxyConfiguration) GetObjectKind() unversioned.ObjectKind     { return &obj.TypeMeta }
+func (obj *KubeSchedulerConfiguration) GetObjectKind() unversioned.ObjectKind { return &obj.TypeMeta }
+func (obj *KubeletConfiguration) GetObjectKind() unversioned.ObjectKind       { return &obj.TypeMeta }

pkg/apis/componentconfig/types.go

@@ -58,7 +58,7 @@ type KubeProxyConfiguration struct {
 	PortRange string `json:"portRange"`
 	// resourceContainer is the absolute name of the resource-only container to create and run
 	// the Kube-proxy in (Default: /kube-proxy).
-	ResourceContainer string `json:"kubeletCgroups"`
+	ResourceContainer string `json:"resourceContainer"`
 	// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
 	// Must be greater than 0. Only applicable for proxyMode=userspace.
 	UDPIdleTimeout unversioned.Duration `json:"udpTimeoutMilliseconds"`
@@ -102,6 +102,8 @@ const (
 
 // TODO: curate the ordering and structure of this config object
 type KubeletConfiguration struct {
+	unversioned.TypeMeta
+
 	// config is the path to the config file or directory of files
 	Config string `json:"config"`
 	// syncFrequency is the max period between synchronizing running
@@ -123,10 +125,10 @@ type KubeletConfiguration struct {
 	// for all interfaces)
 	Address string `json:"address"`
 	// port is the port for the Kubelet to serve on.
-	Port uint `json:"port"`
+	Port int `json:"port"`
 	// readOnlyPort is the read-only port for the Kubelet to serve on with
 	// no authentication/authorization (set to 0 to disable)
-	ReadOnlyPort uint `json:"readOnlyPort"`
+	ReadOnlyPort int `json:"readOnlyPort"`
 	// tLSCertFile is the file containing x509 Certificate for HTTPS.  (CA cert,
 	// if any, concatenated after server cert). If tlsCertFile and
 	// tlsPrivateKeyFile are not provided, a self-signed certificate
@@ -158,13 +160,13 @@ type KubeletConfiguration struct {
 	AllowPrivileged bool `json:"allowPrivileged"`
 	// hostNetworkSources is a comma-separated list of sources from which the
 	// Kubelet allows pods to use of host network. Defaults to "*".
-	HostNetworkSources string `json:"hostNetworkSources"`
+	HostNetworkSources []string `json:"hostNetworkSources"`
 	// hostPIDSources is a comma-separated list of sources from which the
 	// Kubelet allows pods to use the host pid namespace. Defaults to "*".
-	HostPIDSources string `json:"hostPIDSources"`
+	HostPIDSources []string `json:"hostPIDSources"`
 	// hostIPCSources is a comma-separated list of sources from which the
 	// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
-	HostIPCSources string `json:"hostIPCSources"`
+	HostIPCSources []string `json:"hostIPCSources"`
 	// registryPullQPS is the limit of registry pulls per second. If 0,
 	// unlimited. Set to 0 for no limit. Defaults to 5.0.
 	RegistryPullQPS float64 `json:"registryPullQPS"`
@@ -192,7 +194,7 @@ type KubeletConfiguration struct {
 	// to retain globally. Each container takes up some disk space.
 	MaxContainerCount int32 `json:"maxContainerCount"`
 	// cAdvisorPort is the port of the localhost cAdvisor endpoint
-	CAdvisorPort uint `json:"cAdvisorPort"`
+	CAdvisorPort int `json:"cAdvisorPort"`
 	// healthzPort is the port of the localhost healthz endpoint
 	HealthzPort int32 `json:"healthzPort"`
 	// healthzBindAddress is the IP address for the healthz server to serve
@@ -221,7 +223,7 @@ type KubeletConfiguration struct {
 	// status to master. Note: be cautious when changing the constant, it
 	// must work with nodeMonitorGracePeriod in nodecontroller.
 	NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
-	// minimumGCAge is the minimum age for a unused image before it is
+	// imageMinimumGCAge is the minimum age for a unused image before it is
 	// garbage collected.
 	ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
 	// imageGCHighThresholdPercent is the percent of disk usage after which
@@ -257,7 +259,7 @@ type KubeletConfiguration struct {
 	// SystemCgroups is absolute name of cgroups in which to place
 	// all non-kernel processes that are not already in a container. Empty
 	// for no container. Rolling back the flag requires a reboot.
-	SystemCgroups string `json:"systemContainer,omitempty"`
+	SystemCgroups string `json:"systemCgroups,omitempty"`
 	// cgroupRoot is the root cgroup to use for pods. This is handled by the
 	// container runtime on a best effort basis.
 	CgroupRoot string `json:"cgroupRoot,omitempty"`
@@ -318,7 +320,7 @@ type KubeletConfiguration struct {
 	// containerized should be set to true if kubelet is running in a container.
 	Containerized bool `json:"containerized"`
 	// maxOpenFiles is Number of files that can be opened by Kubelet process.
-	MaxOpenFiles uint64 `json:"maxOpenFiles"`
+	MaxOpenFiles int64 `json:"maxOpenFiles"`
 	// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
 	// API server. No-op if register-node or configure-cbr0 is false.
 	ReconcileCIDR bool `json:"reconcileCIDR"`

pkg/apis/componentconfig/v1alpha1/defaults.go

@@ -22,15 +22,19 @@ import (
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/api/unversioned"
 	"k8s.io/kubernetes/pkg/kubelet/qos"
+	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/master/ports"
 	"k8s.io/kubernetes/pkg/runtime"
 )
 
+var zeroDuration = unversioned.Duration{}
+
 func addDefaultingFuncs(scheme *runtime.Scheme) {
 	scheme.AddDefaultingFuncs(
 		SetDefaults_KubeProxyConfiguration,
 		SetDefaults_KubeSchedulerConfiguration,
 		SetDefaults_LeaderElectionConfiguration,
+		SetDefaults_KubeletConfiguration,
 	)
 }
 
@@ -112,3 +116,174 @@ func SetDefaults_LeaderElectionConfiguration(obj *LeaderElectionConfiguration) {
 		obj.RetryPeriod = unversioned.Duration{Duration: 2 * time.Second}
 	}
 }
+
+func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) {
+	if obj.Address == "" {
+		obj.Address = "0.0.0.0"
+	}
+	if obj.CloudProvider == "" {
+		obj.CloudProvider = "auto-detect"
+	}
+	if obj.CAdvisorPort == 0 {
+		obj.CAdvisorPort = 4194
+	}
+	if obj.CertDirectory == "" {
+		obj.CertDirectory = "/var/run/kubernetes"
+	}
+	if obj.ConfigureCBR0 == nil {
+		obj.ConfigureCBR0 = boolVar(false)
+	}
+	if obj.ContainerRuntime == "" {
+		obj.ContainerRuntime = "docker"
+	}
+	if obj.CPUCFSQuota == nil {
+		obj.CPUCFSQuota = boolVar(true)
+	}
+	if obj.DockerExecHandlerName == "" {
+		obj.DockerExecHandlerName = "native"
+	}
+	if obj.DockerEndpoint == "" {
+		obj.DockerEndpoint = "unix:///var/run/docker.sock"
+	}
+	if obj.EventBurst == 0 {
+		obj.EventBurst = 10
+	}
+	if obj.EventRecordQPS == 0 {
+		obj.EventRecordQPS = 5.0
+	}
+	if obj.EnableDebuggingHandlers == nil {
+		obj.EnableDebuggingHandlers = boolVar(true)
+	}
+	if obj.EnableServer == nil {
+		obj.EnableServer = boolVar(true)
+	}
+	if obj.FileCheckFrequency == zeroDuration {
+		obj.FileCheckFrequency = unversioned.Duration{20 * time.Second}
+	}
+	if obj.HealthzBindAddress == "" {
+		obj.HealthzBindAddress = "127.0.0.1"
+	}
+	if obj.HealthzPort == 0 {
+		obj.HealthzPort = 10248
+	}
+	if obj.HostNetworkSources == nil {
+		obj.HostNetworkSources = []string{kubetypes.AllSource}
+	}
+	if obj.HostPIDSources == nil {
+		obj.HostPIDSources = []string{kubetypes.AllSource}
+	}
+	if obj.HostIPCSources == nil {
+		obj.HostIPCSources = []string{kubetypes.AllSource}
+	}
+	if obj.HTTPCheckFrequency == zeroDuration {
+		obj.HTTPCheckFrequency = unversioned.Duration{20 * time.Second}
+	}
+	if obj.ImageGCHighThresholdPercent == 0 {
+		obj.ImageGCHighThresholdPercent = 90
+	}
+	if obj.ImageGCLowThresholdPercent == 0 {
+		obj.ImageGCLowThresholdPercent = 80
+	}
+	if obj.LowDiskSpaceThresholdMB == 0 {
+		obj.LowDiskSpaceThresholdMB = 256
+	}
+	if obj.MasterServiceNamespace == "" {
+		obj.MasterServiceNamespace = api.NamespaceDefault
+	}
+	if obj.MaxContainerCount == nil {
+		temp := int64(100)
+		obj.MaxContainerCount = &temp
+	}
+	if obj.MaxPerPodContainerCount == 0 {
+		obj.MaxPerPodContainerCount = 2
+	}
+	if obj.MaxOpenFiles == 0 {
+		obj.MaxOpenFiles = 1000000
+	}
+	if obj.MaxPods == 0 {
+		obj.MaxPods = 40
+	}
+	if obj.MinimumGCAge == zeroDuration {
+		obj.MinimumGCAge = unversioned.Duration{1 * time.Minute}
+	}
+	if obj.VolumeStatsAggPeriod == zeroDuration {
+		obj.VolumeStatsAggPeriod = unversioned.Duration{time.Minute}
+	}
+	if obj.NetworkPluginDir == "" {
+		obj.NetworkPluginDir = "/usr/libexec/kubernetes/kubelet-plugins/net/exec/"
+	}
+	if obj.NonMasqueradeCIDR == "" {
+		obj.NonMasqueradeCIDR = "10.0.0.0/8"
+	}
+	if obj.VolumePluginDir == "" {
+		obj.VolumePluginDir = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/"
+	}
+	if obj.NodeStatusUpdateFrequency == zeroDuration {
+		obj.NodeStatusUpdateFrequency = unversioned.Duration{10 * time.Second}
+	}
+	if obj.OOMScoreAdj == 0 {
+		obj.OOMScoreAdj = int32(qos.KubeletOOMScoreAdj)
+	}
+	if obj.PodInfraContainerImage == "" {
+		//obj.PodInfraContainerImage = kubetypes.PodInfraContainerImage
+	}
+	if obj.Port == 0 {
+		obj.Port = ports.KubeletPort
+	}
+	if obj.ReadOnlyPort == 0 {
+		obj.ReadOnlyPort = ports.KubeletReadOnlyPort
+	}
+	if obj.RegisterNode == nil {
+		obj.RegisterNode = boolVar(true)
+	}
+	if obj.ResolverConfig == "" {
+		obj.ResolverConfig = "/etc/resolv.conf"
+	}
+	if obj.RegisterSchedulable == nil {
+		obj.RegisterSchedulable = boolVar(true)
+	}
+	if obj.RegistryBurst == 0 {
+		obj.RegistryBurst = 10
+	}
+	if obj.RegistryPullQPS == 0 {
+		obj.RegistryPullQPS = 5.0
+	}
+	if obj.RootDirectory == "" {
+		obj.RootDirectory = "/var/lib/kubelet"
+	}
+	if obj.SerializeImagePulls == nil {
+		obj.SerializeImagePulls = boolVar(true)
+	}
+	if obj.StreamingConnectionIdleTimeout == zeroDuration {
+		obj.StreamingConnectionIdleTimeout = unversioned.Duration{4 * time.Hour}
+	}
+	if obj.SyncFrequency == zeroDuration {
+		obj.SyncFrequency = unversioned.Duration{1 * time.Minute}
+	}
+	if obj.ReconcileCIDR == nil {
+		obj.ReconcileCIDR = boolVar(true)
+	}
+	if obj.KubeAPIQPS == 0 {
+		obj.KubeAPIQPS = 5.0
+	}
+	if obj.KubeAPIBurst == 0 {
+		obj.KubeAPIBurst = 10
+	}
+	if obj.ExperimentalFlannelOverlay == nil {
+		obj.ExperimentalFlannelOverlay = boolVar(false)
+	}
+	if obj.OutOfDiskTransitionFrequency == zeroDuration {
+		obj.OutOfDiskTransitionFrequency = unversioned.Duration{5 * time.Minute}
+	}
+	if string(obj.HairpinMode) == "" {
+		obj.HairpinMode = PromiscuousBridge
+	}
+}
+
+func boolVar(b bool) *bool {
+	return &b
+}
+
+var (
+	defaultCfg = KubeletConfiguration{}
+)

pkg/apis/componentconfig/v1alpha1/register.go

@@ -36,5 +36,10 @@ func addKnownTypes(scheme *runtime.Scheme) {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&KubeProxyConfiguration{},
 		&KubeSchedulerConfiguration{},
+		&KubeletConfiguration{},
 	)
 }
+
+func (obj *KubeProxyConfiguration) GetObjectKind() unversioned.ObjectKind     { return &obj.TypeMeta }
+func (obj *KubeSchedulerConfiguration) GetObjectKind() unversioned.ObjectKind { return &obj.TypeMeta }
+func (obj *KubeletConfiguration) GetObjectKind() unversioned.ObjectKind       { return &obj.TypeMeta }

pkg/apis/componentconfig/v1alpha1/types.go

@@ -115,6 +115,24 @@ type KubeSchedulerConfiguration struct {
 	LeaderElection LeaderElectionConfiguration `json:"leaderElection"`
 }
 
+// HairpinMode denotes how the kubelet should configure networking to handle
+// hairpin packets.
+type HairpinMode string
+
+// Enum settings for different ways to handle hairpin packets.
+const (
+	// Set the hairpin flag on the veth of containers in the respective
+	// container runtime.
+	HairpinVeth = "hairpin-veth"
+	// Make the container bridge promiscuous. This will force it to accept
+	// hairpin packets, even if the flag isn't set on ports of the bridge.
+	PromiscuousBridge = "promiscuous-bridge"
+	// Neither of the above. If the kubelet is started in this hairpin mode
+	// and kube-proxy is running in iptables mode, hairpin packets will be
+	// dropped by the container bridge.
+	HairpinNone = "none"
+)
+
 // LeaderElectionConfiguration defines the configuration of leader election
 // clients for components that can run with leader election enabled.
 type LeaderElectionConfiguration struct {
@@ -139,3 +157,242 @@ type LeaderElectionConfiguration struct {
 	// leader election is enabled.
 	RetryPeriod unversioned.Duration `json:"retryPeriod"`
 }
+
+type KubeletConfiguration struct {
+	unversioned.TypeMeta
+
+	// config is the path to the config file or directory of files
+	Config string `json:"config"`
+	// syncFrequency is the max period between synchronizing running
+	// containers and config
+	SyncFrequency unversioned.Duration `json:"syncFrequency"`
+	// fileCheckFrequency is the duration between checking config files for
+	// new data
+	FileCheckFrequency unversioned.Duration `json:"fileCheckFrequency"`
+	// httpCheckFrequency is the duration between checking http for new data
+	HTTPCheckFrequency unversioned.Duration `json:"httpCheckFrequency"`
+	// manifestURL is the URL for accessing the container manifest
+	ManifestURL string `json:"manifestURL"`
+	// manifestURLHeader is the HTTP header to use when accessing the manifest
+	// URL, with the key separated from the value with a ':', as in 'key:value'
+	ManifestURLHeader string `json:"manifestURLHeader"`
+	// enableServer enables the Kubelet's server
+	EnableServer *bool `json:"enableServer"`
+	// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
+	// for all interfaces)
+	Address string `json:"address"`
+	// port is the port for the Kubelet to serve on.
+	Port int32 `json:"port"`
+	// readOnlyPort is the read-only port for the Kubelet to serve on with
+	// no authentication/authorization (set to 0 to disable)
+	ReadOnlyPort int32 `json:"readOnlyPort"`
+	// tLSCertFile is the file containing x509 Certificate for HTTPS.  (CA cert,
+	// if any, concatenated after server cert). If tlsCertFile and
+	// tlsPrivateKeyFile are not provided, a self-signed certificate
+	// and key are generated for the public address and saved to the directory
+	// passed to certDir.
+	TLSCertFile string `json:"tLSCertFile"`
+	// tLSPrivateKeyFile is the ile containing x509 private key matching
+	// tlsCertFile.
+	TLSPrivateKeyFile string `json:"tLSPrivateKeyFile"`
+	// certDirectory is the directory where the TLS certs are located (by
+	// default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile
+	// are provided, this flag will be ignored.
+	CertDirectory string `json:"certDirectory"`
+	// hostnameOverride is the hostname used to identify the kubelet instead
+	// of the actual hostname.
+	HostnameOverride string `json:"hostnameOverride"`
+	// podInfraContainerImage is the image whose network/ipc namespaces
+	// containers in each pod will use.
+	PodInfraContainerImage string `json:"podInfraContainerImage"`
+	// dockerEndpoint is the path to the docker endpoint to communicate with.
+	DockerEndpoint string `json:"dockerEndpoint"`
+	// rootDirectory is the directory path to place kubelet files (volume
+	// mounts,etc).
+	RootDirectory string `json:"rootDirectory"`
+	// allowPrivileged enables containers to request privileged mode.
+	// Defaults to false.
+	AllowPrivileged *bool `json:"allowPrivileged"`
+	// hostNetworkSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use of host network. Defaults to "*".
+	HostNetworkSources []string `json:"hostNetworkSources"`
+	// hostPIDSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use the host pid namespace. Defaults to "*".
+	HostPIDSources []string `json:"hostPIDSources"`
+	// hostIPCSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
+	HostIPCSources []string `json:"hostIPCSources"`
+	// registryPullQPS is the limit of registry pulls per second. If 0,
+	// unlimited. Set to 0 for no limit. Defaults to 5.0.
+	RegistryPullQPS float64 `json:"registryPullQPS"`
+	// registryBurst is the maximum size of a bursty pulls, temporarily allows
+	// pulls to burst to this number, while still not exceeding registryQps.
+	// Only used if registryQps > 0.
+	RegistryBurst int64 `json:"registryBurst"`
+	// eventRecordQPS is the maximum event creations per second. If 0, there
+	// is no limit enforced.
+	EventRecordQPS float32 `json:"eventRecordQPS"`
+	// eventBurst is the maximum size of a bursty event records, temporarily
+	// allows event records to burst to this number, while still not exceeding
+	// event-qps. Only used if eventQps > 0
+	EventBurst int64 `json:"eventBurst"`
+	// enableDebuggingHandlers enables server endpoints for log collection
+	// and local running of containers and commands
+	EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers"`
+	// minimumGCAge is the minimum age for a finished container before it is
+	// garbage collected.
+	MinimumGCAge unversioned.Duration `json:"minimumGCAge"`
+	// maxPerPodContainerCount is the maximum number of old instances to
+	// retain per container. Each container takes up some disk space.
+	MaxPerPodContainerCount int64 `json:"maxPerPodContainerCount"`
+	// maxContainerCount is the maximum number of old instances of containers
+	// to retain globally. Each container takes up some disk space.
+	MaxContainerCount *int64 `json:"maxContainerCount"`
+	// cAdvisorPort is the port of the localhost cAdvisor endpoint
+	CAdvisorPort int32 `json:"cAdvisorPort"`
+	// healthzPort is the port of the localhost healthz endpoint
+	HealthzPort int32 `json:"healthzPort"`
+	// healthzBindAddress is the IP address for the healthz server to serve
+	// on.
+	HealthzBindAddress string `json:"healthzBindAddress"`
+	// oomScoreAdj is The oom-score-adj value for kubelet process. Values
+	// must be within the range [-1000, 1000].
+	OOMScoreAdj int32 `json:"oomScoreAdj"`
+	// registerNode enables automatic registration with the apiserver.
+	RegisterNode *bool `json:"registerNode"`
+	// clusterDomain is the DNS domain for this cluster. If set, kubelet will
+	// configure all containers to search this domain in addition to the
+	// host's search domains.
+	ClusterDomain string `json:"clusterDomain"`
+	// masterServiceNamespace is The namespace from which the kubernetes
+	// master services should be injected into pods.
+	MasterServiceNamespace string `json:"masterServiceNamespace"`
+	// clusterDNS is the IP address for a cluster DNS server.  If set, kubelet
+	// will configure all containers to use this for DNS resolution in
+	// addition to the host's DNS servers
+	ClusterDNS string `json:"clusterDNS"`
+	// streamingConnectionIdleTimeout is the maximum time a streaming connection
+	// can be idle before the connection is automatically closed.
+	StreamingConnectionIdleTimeout unversioned.Duration `json:"streamingConnectionIdleTimeout"`
+	// nodeStatusUpdateFrequency is the frequency that kubelet posts node
+	// status to master. Note: be cautious when changing the constant, it
+	// must work with nodeMonitorGracePeriod in nodecontroller.
+	NodeStatusUpdateFrequency unversioned.Duration `json:"nodeStatusUpdateFrequency"`
+	// imageMinimumGCAge is the minimum age for a unused image before it is
+	// garbage collected.
+	ImageMinimumGCAge unversioned.Duration `json:"imageMinimumGCAge"`
+	// imageGCHighThresholdPercent is the percent of disk usage after which
+	// image garbage collection is always run. The percent is calculated as
+	// this field value out of 100.
+	ImageGCHighThresholdPercent int32 `json:"imageGCHighThresholdPercent"`
+	// imageGCLowThresholdPercent is the percent of disk usage before which
+	// image garbage collection is never run. Lowest disk usage to garbage
+	// collect to. The percent is calculated as this field value out of 100.
+	ImageGCLowThresholdPercent int32 `json:"imageGCLowThresholdPercent"`
+	// lowDiskSpaceThresholdMB is the absolute free disk space, in MB, to
+	// maintain. When disk space falls below this threshold, new pods would
+	// be rejected.
+	LowDiskSpaceThresholdMB int64 `json:"lowDiskSpaceThresholdMB"`
+	// How frequently to calculate and cache volume disk usage for all pods
+	VolumeStatsAggPeriod unversioned.Duration `json:volumeStatsAggPeriod`
+	// networkPluginName is the name of the network plugin to be invoked for
+	// various events in kubelet/pod lifecycle
+	NetworkPluginName string `json:"networkPluginName"`
+	// networkPluginDir is the full path of the directory in which to search
+	// for network plugins
+	NetworkPluginDir string `json:"networkPluginDir"`
+	// volumePluginDir is the full path of the directory in which to search
+	// for additional third party volume plugins
+	VolumePluginDir string `json:"volumePluginDir"`
+	// cloudProvider is the provider for cloud services.
+	CloudProvider string `json:"cloudProvider"`
+	// cloudConfigFile is the path to the cloud provider configuration file.
+	CloudConfigFile string `json:"cloudConfigFile"`
+	// kubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
+	KubeletCgroups string `json:"kubeletCgroups,omitempty"`
+	// runtimeCgroups are cgroups that container runtime is expected to be isolated in.
+	RuntimeCgroups string `json:"runtimeCgroups,omitempty"`
+	// systemCgroups is absolute name of cgroups in which to place
+	// all non-kernel processes that are not already in a container. Empty
+	// for no container. Rolling back the flag requires a reboot.
+	SystemCgroups string `json:"systemCgroups,omitempty"`
+	// cgroupRoot is the root cgroup to use for pods. This is handled by the
+	// container runtime on a best effort basis.
+	CgroupRoot string `json:"cgroupRoot"`
+	// containerRuntime is the container runtime to use.
+	ContainerRuntime string `json:"containerRuntime"`
+	// rktPath is hte path of rkt binary. Leave empty to use the first rkt in
+	// $PATH.
+	RktPath string `json:"rktPath"`
+	// lockFilePath is the path that kubelet will use to as a lock file.
+	// It uses this file as a lock to synchronize with other kubelet processes
+	// that may be running.
+	LockFilePath *string `json:"lockFilePath"`
+	// rktStage1Image is the image to use as stage1. Local paths and
+	// http/https URLs are supported.
+	RktStage1Image string `json:"rktStage1Image"`
+	// configureCBR0 enables the kublet to configure cbr0 based on
+	// Node.Spec.PodCIDR.
+	ConfigureCBR0 *bool `json:"configureCbr0"`
+	// How should the kubelet configure the container bridge for hairpin packets.
+	// Setting this flag allows endpoints in a Service to loadbalance back to
+	// themselves if they should try to access their own Service. Values:
+	//   "promiscuous-bridge": make the container bridge promiscuous.
+	//   "hairpin-veth":       set the hairpin flag on container veth interfaces.
+	//   "none":               do nothing.
+	// Setting --configure-cbr0 to false implies that to achieve hairpin NAT
+	// one must set --hairpin-mode=veth-flag, because bridge assumes the
+	// existence of a container bridge named cbr0.
+	HairpinMode string `json:"hairpinMode"`
+	// maxPods is the number of pods that can run on this Kubelet.
+	MaxPods int32 `json:"maxPods"`
+	// dockerExecHandlerName is the handler to use when executing a command
+	// in a container. Valid values are 'native' and 'nsenter'. Defaults to
+	// 'native'.
+	DockerExecHandlerName string `json:"dockerExecHandlerName"`
+	// The CIDR to use for pod IP addresses, only used in standalone mode.
+	// In cluster mode, this is obtained from the master.
+	PodCIDR string `json:"podCIDR"`
+	// ResolverConfig is the resolver configuration file used as the basis
+	// for the container DNS resolution configuration."), []
+	ResolverConfig string `json:"resolvConf"`
+	// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that
+	// specify CPU limits
+	CPUCFSQuota *bool `json:"cpuCFSQuota"`
+	// containerized should be set to true if kubelet is running in a container.
+	Containerized *bool `json:"containerized"`
+	// maxOpenFiles is Number of files that can be opened by Kubelet process.
+	MaxOpenFiles int64 `json:"maxOpenFiles"`
+	// reconcileCIDR is Reconcile node CIDR with the CIDR specified by the
+	// API server. No-op if register-node or configure-cbr0 is false.
+	ReconcileCIDR *bool `json:"reconcileCIDR"`
+	// registerSchedulable tells the kubelet to register the node as
+	// schedulable. No-op if register-node is false.
+	RegisterSchedulable *bool `json:"registerSchedulable"`
+	// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
+	KubeAPIQPS float32 `json:"kubeAPIQPS"`
+	// kubeAPIBurst is the burst to allow while talking with kubernetes
+	// apiserver
+	KubeAPIBurst int32 `json:"kubeAPIBurst"`
+	// serializeImagePulls when enabled, tells the Kubelet to pull images one
+	// at a time. We recommend *not* changing the default value on nodes that
+	// run docker daemon with version  < 1.9 or an Aufs storage backend.
+	// Issue #10959 has more details.
+	SerializeImagePulls *bool `json:"serializeImagePulls"`
+	// experimentalFlannelOverlay enables experimental support for starting the
+	// kubelet with the default overlay network (flannel). Assumes flanneld
+	// is already running in client mode.
+	ExperimentalFlannelOverlay *bool `json:"experimentalFlannelOverlay"`
+	// outOfDiskTransitionFrequency is duration for which the kubelet has to
+	// wait before transitioning out of out-of-disk node condition status.
+	OutOfDiskTransitionFrequency unversioned.Duration `json:"outOfDiskTransitionFrequency"`
+	// nodeIP is IP address of the node. If set, kubelet will use this IP
+	// address for the node.
+	NodeIP string `json:"nodeIP"`
+	// nodeLabels to add when registering the node in the cluster.
+	NodeLabels map[string]string `json:"nodeLabels"`
+	// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
+	NonMasqueradeCIDR string `json:"nonMasqueradeCIDR"`
+	// enable gathering custom metrics.
+	EnableCustomMetrics bool `json:"enableCustomMetrics"`
+}