-
Notifications
You must be signed in to change notification settings - Fork 14.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: Update KubeletConfigDropinDir doc information
Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com> Signed-off-by: Peter Hunt <pehunt@redhat.com>
- Loading branch information
1 parent
d665f92
commit c306367
Showing
2 changed files
with
344 additions
and
28 deletions.
There are no files selected for viewing
155 changes: 155 additions & 0 deletions
155
content/en/docs/reference/node/kubelet-config-directory-merging.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,155 @@ | ||
| --- | ||
| content_type: "reference" | ||
| title: Kubelet Configuration Directory Merging | ||
| weight: 50 | ||
| --- | ||
|
|
||
| When using the kubelet's `--config-dir` flag to specify a drop-in directory for | ||
| configuration, there is some specific behavior on how different types are | ||
| merged. | ||
|
|
||
| Here are some examples of how different data types behave during configuration merging: | ||
|
|
||
| ### Structure Fields | ||
| There are two types of structure fields in a YAML structure: singular (or a | ||
| scalar type) and embedded (structures that contain scalar types). | ||
| The configuration merging process handles the overriding of singular and embedded struct fields to create a resulting kubelet configuration. | ||
|
|
||
| For instance, you may want a baseline kubelet configuration for all nodes, but you may want to customize the `address` and `authorization` fields. | ||
| This can be done as follows: | ||
|
|
||
| Main kubelet configuration file contents: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| authorization: | ||
| mode: Webhook | ||
| webhook: | ||
| cacheAuthorizedTTL: "5m" | ||
| cacheUnauthorizedTTL: "30s" | ||
| serializeImagePulls: false | ||
| address: "192.168.0.1" | ||
| ``` | ||
| Contents of a file in `--config-dir` directory: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| authorization: | ||
| mode: AlwaysAllow | ||
| webhook: | ||
| cacheAuthorizedTTL: "8m" | ||
| cacheUnauthorizedTTL: "45s" | ||
| address: "192.168.0.8" | ||
| ``` | ||
|
|
||
| The resulting configuration will be as follows: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| serializeImagePulls: false | ||
| authorization: | ||
| mode: AlwaysAllow | ||
| webhook: | ||
| cacheAuthorizedTTL: "8m" | ||
| cacheUnauthorizedTTL: "45s" | ||
| address: "192.168.0.8" | ||
| ``` | ||
|
|
||
| ### Lists | ||
| You can overide the slices/lists values of the kubelet configuration. | ||
| However, the entire list gets overridden during the merging process. | ||
| For example, you can override the `clusterDNS` list as follows: | ||
|
|
||
| Main kubelet configuration file contents: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| serializeImagePulls: false | ||
| clusterDNS: | ||
| - "192.168.0.9" | ||
| - "192.168.0.8" | ||
| ``` | ||
|
|
||
| Contents of a file in `--config-dir` directory: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| clusterDNS: | ||
| - "192.168.0.2" | ||
| - "192.168.0.3" | ||
| - "192.168.0.5" | ||
| ``` | ||
|
|
||
| The resulting configuration will be as follows: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| serializeImagePulls: false | ||
| clusterDNS: | ||
| - "192.168.0.2" | ||
| - "192.168.0.3" | ||
| - "192.168.0.5" | ||
| ``` | ||
|
|
||
| ### Maps, including Nested Structures | ||
|
|
||
| Individual fields in maps, regardless of their value types (boolean, string, etc.), can be selectively overridden. | ||
| However, for `map[string][]string`, the entire list associated with a specific field gets overridden. | ||
| Let's understand this better with an example, particularly on fields like `featureGates` and `staticPodURLHeader`: | ||
|
|
||
| Main kubelet configuration file contents: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| serializeImagePulls: false | ||
| featureGates: | ||
| AllAlpha: false | ||
| MemoryQoS: true | ||
| staticPodURLHeader: | ||
| kubelet-api-support: | ||
| - "Authorization: 234APSDFA" | ||
| - "X-Custom-Header: 123" | ||
| custom-static-pod: | ||
| - "Authorization: 223EWRWER" | ||
| - "X-Custom-Header: 456" | ||
| ``` | ||
|
|
||
| Contents of a file in `--config-dir` directory: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| featureGates: | ||
| MemoryQoS: false | ||
| KubeletTracing: true | ||
| DynamicResourceAllocation: true | ||
| staticPodURLHeader: | ||
| custom-static-pod: | ||
| - "Authorization: 223EWRWER" | ||
| - "X-Custom-Header: 345" | ||
| ``` | ||
|
|
||
| The resulting configuration will be as follows: | ||
| ```yaml | ||
| apiVersion: kubelet.config.k8s.io/v1beta1 | ||
| kind: KubeletConfiguration | ||
| port: 20250 | ||
| serializeImagePulls: false | ||
| featureGates: | ||
| AllAlpha: false | ||
| MemoryQoS: false | ||
| KubeletTracing: true | ||
| DynamicResourceAllocation: true | ||
| staticPodURLHeader: | ||
| kubelet-api-support: | ||
| - "Authorization: 234APSDFA" | ||
| - "X-Custom-Header: 123" | ||
| custom-static-pod: | ||
| - "Authorization: 223EWRWER" | ||
| - "X-Custom-Header: 345" | ||
| ``` |
Oops, something went wrong.