CreateTempDir creates a temporary directory under /etc/kubernetes/tmp or under the provided parent directory if it's set.

CreateTimestampDir is a function that creates a temporary directory under /etc/kubernetes/tmp formatted with the current date.

EtcdSupportedVersion returns officially supported version of etcd for a specific Kubernetes release If passed version is not in the given list, the function returns the nearest version with a warning.

GetAdminKubeConfigPath returns the location on the disk where admin kubeconfig is located by default.

GetAPIServerVirtualIP returns the IP of the internal Kubernetes API service.

GetDNSIP returns a dnsIP, which is 10th IP in svcSubnet CIDR range.

GetDryRunDir creates a temporary directory under /etc/kubernetes/tmp.

GetKubeletKubeConfigPath returns the location on the disk where kubelet kubeconfig is located by default.

GetKubernetesServiceCIDR returns the default Service CIDR for the Kubernetes internal service.

GetStaticPodDirectory returns the location on the disk where the Static Pod should be present.

GetStaticPodFilepath returns the location on the disk where the Static Pod should be present.

AdminKubeConfigFileName defines name for the kubeconfig aimed to be used by the admin of the cluster.

AnnotationKubeadmCRISocket specifies the annotation kubeadm uses to preserve the crisocket information given to kubeadm at init/join time for use later.

APIServerCertAndKeyBaseName defines API's server certificate and key base name.

APIServerCertCommonName defines API's server certificate common name (CN).

APIServerCertName defines API's server certificate name.

APIServerEtcdClientCertAndKeyBaseName defines apiserver's etcd client certificate and key base name.

APIServerEtcdClientCertCommonName defines apiserver's etcd client certificate common name (CN).

APIServerEtcdClientCertName defines apiserver's etcd client certificate name.

APIServerEtcdClientKeyName defines apiserver's etcd client key name.

APIServerKeyName defines API's server key name.

APIServerKubeletClientCertAndKeyBaseName defines kubelet client certificate and key base name.

APIServerKubeletClientCertCommonName defines kubelet client certificate common name (CN).

APIServerKubeletClientCertName defines kubelet client certificate name.

APIServerKubeletClientKeyName defines kubelet client key name.

CACertAndKeyBaseName defines certificate authority base name.

CACertificateValidityPeriod defines the validity period for all the signed CA certificates generated by kubeadm.

CACertName defines certificate name.

CAKeyName defines certificate name.

CertificateBackdate defines the offset applied to notBefore for CA certificates generated by kubeadm.

CertificateKeySize specifies the size of the key used to encrypt certificates on uploadcerts phase.

CertificateValidityPeriod defines the validity period for all the signed certificates generated by kubeadm.

CgroupDriverSystemd holds the systemd driver type.

CIKubernetesVersionPrefix is the prefix for CI Kubernetes version.

ClusterAdminsGroupAndClusterRoleBinding is the name of the Group used for kubeadm generated cluster admin credentials and the name of the ClusterRoleBinding that binds the same Group to the "cluster-admin" built-in ClusterRole.

ClusterConfigurationConfigMapKey specifies in what ConfigMap key the cluster configuration should be stored.

ClusterConfigurationKind is the string kind value for the ClusterConfiguration struct.

ComponentConfigHashAnnotationKey holds the config map annotation key that kubeadm uses to store a SHA256 sum to check for user changes.

ControllerManagerKubeConfigFileName defines the file name for the controller manager's kubeconfig file.

ControllerManagerUser defines the well-known user the controller-manager should be authenticated as.

ControlPlaneComponentHealthCheckTimeout specifies the default control plane component health check timeout.

ControlPlaneMem is the number of megabytes of memory required on the control-plane Below that amount of RAM running a stable control plane would be difficult.

ControlPlaneNumCPU is the number of CPUs required on control-plane.

ControlPlaneTier is the value used in the tier label to identify control plane components.

CoreDNS defines variable used internally when referring to the CoreDNS component.

CoreDNSConfigMap specifies in what ConfigMap in the kube-system namespace the CoreDNS config should be stored.

CoreDNSDeploymentName specifies the name of the Deployment for CoreDNS add-on.

CoreDNSImageName specifies the name of the image for CoreDNS add-on.

CoreDNSVersion is the version of CoreDNS to be deployed if it is used.

CRISocketContainerd is the containerd CRI endpoint.

CRISocketCRIO is the cri-o CRI endpoint.

CRISocketDocker is the cri-dockerd CRI endpoint.

CSRAutoApprovalClusterRoleName defines the name of the auto-bootstrapped ClusterRole for making the csrapprover controller auto-approve the CSR Starting from v1.8, CSRAutoApprovalClusterRoleName is automatically created by the API server on startup.

DefaultAPIServerBindAddress is the default bind address for the API Server.

DefaultCertificateDir defines default certificate directory.

DefaultCertTokenDuration specifies the default amount of time that the token used by upload certs will be valid Default behaviour is 2 hours.

DefaultCIImageRepository points to image registry where CI uploads images from ci build job.

DefaultCRISocket defines the default CRI socket.

DefaultEtcdVersion indicates the default etcd version that kubeadm uses.

DiscoveryRetryInterval specifies how long kubeadm should wait before retrying to connect to the control-plane when doing discovery.

DiscoveryTimeout specifies the default discovery timeout for kubeadm (used unless one is specified in the JoinConfiguration).

EnvVarInitDryRunDir has the environment variable for init dry run directory override.

EnvVarJoinDryRunDir has the environment variable for join dry run directory override.

EnvVarUpgradeDryRunDir has the environment variable for upgrade dry run directory override.

Etcd defines variable used internally when referring to etcd component.

EtcdAdvertiseClientUrlsAnnotationKey is the annotation key on every etcd pod, describing the advertise client URLs.

EtcdAPICallRetryInterval specifies how frequently to retry requests against the etcd API.

EtcdAPICallTimeout specifies how much time to wait for completion of requests against the etcd API.

EtcdCACertAndKeyBaseName defines etcd's CA certificate and key base name.

EtcdCACertName defines etcd's CA certificate name.

EtcdCAKeyName defines etcd's CA key name.

EtcdHealthcheckClientCertAndKeyBaseName defines etcd's healthcheck client certificate and key base name.

EtcdHealthcheckClientCertCommonName defines etcd's healthcheck client certificate common name (CN).

EtcdHealthcheckClientCertName defines etcd's healthcheck client certificate name.

EtcdHealthcheckClientKeyName defines etcd's healthcheck client key name.

EtcdListenClientPort defines the port etcd listen on for client traffic.

EtcdListenPeerPort defines the port etcd listen on for peer traffic.

EtcdMetricsPort is the port at which to obtain etcd metrics and health status.

EtcdPeerCertAndKeyBaseName defines etcd's peer certificate and key base name.

EtcdPeerCertName defines etcd's peer certificate name.

EtcdPeerKeyName defines etcd's peer key name.

EtcdServerCertAndKeyBaseName defines etcd's server certificate and key base name.

EtcdServerCertName defines etcd's server certificate name.

EtcdServerKeyName defines etcd's server key name.

EtcdUserName is the username of the user that etcd runs as.

FrontProxyCACertAndKeyBaseName defines front proxy CA certificate and key base name.

FrontProxyCACertName defines front proxy CA certificate name.

FrontProxyCAKeyName defines front proxy CA key name.

FrontProxyClientCertAndKeyBaseName defines front proxy certificate and key base name.

used as subject.commonname attribute (CN).

FrontProxyClientCertName defines front proxy certificate name.

FrontProxyClientKeyName defines front proxy key name.

GetNodesClusterRoleName defines the name of the ClusterRole and ClusterRoleBinding to get nodes.

InitConfigurationKind is the string kind value for the InitConfiguration struct.

JoinConfigurationKind is the string kind value for the JoinConfiguration struct.

Kubeadm defines variable used internally when referring to the kubeadm component.

KubeadmCertsSecret specifies in what Secret in the kube-system namespace the certificates should be stored.

KubeadmConfigConfigMap specifies in what ConfigMap in the kube-system namespace the `kubeadm init` configuration should be stored.

KubeAPIServer defines variable used internally when referring to kube-apiserver component.

KubeAPIServerAdvertiseAddressEndpointAnnotationKey is the annotation key on every apiserver pod, describing the API endpoint (advertise address and bind port of the api server).

KubeAPIServerPort is the default port for the apiserver.

KubeAPIServerUserName is the username of the user that kube-apiserver runs as.

KubeCertificatesVolumeName specifies the name for the Volume that is used for injecting certificates to control plane components (can be both a hostPath volume or a projected, all-in-one volume).

KubeConfigVolumeName specifies the name for the Volume that is used for injecting the kubeconfig to talk securely to the api server for a control plane component if applicable.

KubeControllerManager defines variable used internally when referring to kube-controller-manager component.

KubeControllerManagerPort is the default port for the controller manager status server.

KubeControllerManagerUserName is the username of the user that kube-controller-manager runs as.

Kubelet defines variable used internally when referring to the Kubelet.

KubeletBaseConfigMapRole defines the base kubelet configuration ConfigMap.

KubeletBaseConfigurationConfigMap specifies in what ConfigMap in the kube-system namespace the initial remote configuration of kubelet should be stored.

KubeletBaseConfigurationConfigMapKey specifies in what ConfigMap key the initial remote configuration of kubelet should be stored.

KubeletBootstrapKubeConfigFileName defines the file name for the kubeconfig that the kubelet will use to do the TLS bootstrap to get itself an unique credential.

KubeletConfigurationFileName specifies the file name on the node which stores initial remote configuration of kubelet This file should exist under KubeletRunDirectory.

KubeletEnvFileName is a file "kubeadm init" writes at runtime.

KubeletEnvFileVariableName specifies the shell script variable name "kubeadm init" should write a value to in KubeletEnvFile.

KubeletHealthCheckTimeout specifies the default kubelet timeout.

KubeletHealthzPort is the port of the kubelet healthz endpoint.

KubeletInstanceConfigurationFileName is the name of the kubelet instance configuration file written to all nodes.

KubeletKubeConfigFileName defines the file name for the kubeconfig that the control-plane kubelet will use for talking to the API server.

KubeletPort is the default port for the kubelet server on each host machine.

KubeletRunDirectory specifies the directory where the kubelet runtime information is stored.

KubeProxy defines variable used internally when referring to kube-proxy component.

KubeProxyClusterRoleBindingName sets the name for the kube-proxy ClusterRoleBinding.

KubeProxyClusterRoleName sets the name for the kube-proxy ClusterRole.

KubeProxyConfigMap specifies in what ConfigMap in the kube-system namespace the kube-proxy configuration should be stored.

KubeProxyConfigMapKey specifies in what ConfigMap key the component config of kube-proxy should be stored.

KubernetesAPICallRetryInterval defines how long kubeadm should wait before retrying a failed API operation.

KubernetesAPICallTimeout specifies how long kubeadm should wait for API calls.

KubernetesDir is the directory Kubernetes owns for storing various configuration files.

KubeScheduler defines variable used internally when referring to kube-scheduler component.

KubeSchedulerPort is the default port for the scheduler status server.

KubeSchedulerUserName is the username of the user that kube-scheduler runs as.

LabelExcludeFromExternalLB can be set on a node to exclude it from external load balancers.

LabelNodeRoleControlPlane specifies that a node hosts control-plane components.

ManifestsSubDirName defines directory name to store manifests.

MaximumBitsForServiceSubnet defines maximum possible size of the service subnet in terms of bits.

MinExternalEtcdVersion indicates minimum external etcd version which kubeadm supports.

MinimumAddressesInPodSubnet defines minimum amount of pods in the cluster.

MinimumAddressesInServiceSubnet defines minimum amount of nodes the Service subnet should allow.

ModeABAC is the mode to use Attribute Based Access Control to authorize.

ModeAlwaysAllow is the mode to set all requests as authorized.

ModeAlwaysDeny is the mode to set no requests as authorized.

ModeNode is an authorization mode that authorizes API requests made by kubelets.

ModeRBAC is the mode to use Role Based Access Control to authorize.

ModeWebhook is the mode to make an external webhook call to authorize.

NodeAutoApproveBootstrapClusterRoleBinding defines the name of the ClusterRoleBinding that makes the csrapprover approve node CSRs.

NodeAutoApproveCertificateRotationClusterRoleBinding defines name of the ClusterRoleBinding that makes the csrapprover approve node auto rotated CSRs.

NodeBootstrapperClusterRoleName defines the name of the auto-bootstrapped ClusterRole for letting someone post a CSR.

NodeBootstrapTokenAuthGroup specifies which group a Node Bootstrap Token should be authenticated in.

NodeKubeletBootstrap defines the name of the ClusterRoleBinding that lets kubelets post CSRs.

NodesClusterRoleBinding defines the well-known ClusterRoleBinding which binds the too permissive system:node ClusterRole to the system:nodes group.

NodeSelfCSRAutoApprovalClusterRoleName is a role defined in default 1.8 RBAC policies for automatic CSR approvals for automatically rotated node certificates.

NodesGroup defines the well-known group for all nodes.

NodesUserPrefix defines the user name prefix as requested by the Node authorizer.

PauseVersion indicates the default pause image version for kubeadm.

PodSubnetNodeMaskMaxDiff is limited to 16 due to an issue with uncompressed IP bitmap in core: xref: #44918 The node subnet mask size must be no more than the pod subnet mask size + 16.

PullImageRetry specifies how many times ContainerRuntime retries when pulling image failed.

RemoveContainerRetry specifies how many times ContainerRuntime retries when removing container failed.

ResetConfigurationKind is the string kind value for the ResetConfiguration struct.

SchedulerKubeConfigFileName defines the file name for the scheduler's kubeconfig file.

SchedulerUser defines the well-known user the scheduler should be authenticated as.

ServiceAccountKeyBaseName defines SA key base name.

ServiceAccountKeyReadersGroupName is the group of users that are allowed to read the service account private key.

ServiceAccountPrivateKeyName defines SA private key base name.

ServiceAccountPublicKeyName defines SA public key base name.

SuperAdminKubeConfigFileName defines name for the kubeconfig aimed to be used by the super-admin of the cluster.

SystemPrivilegedGroup defines the well-known group for the apiservers.

TempDir defines temporary directory for kubeadm should be joined with KubernetesDir.

TLSBootstrapRetryInterval specifies how long kubeadm should wait before retrying the TLS Bootstrap check.

TLSBootstrapTimeout specifies how long kubeadm should wait for the kubelet to perform the TLS Bootstrap.

UpgradeConfigurationKind is the string kind value for the UpgradeConfiguration struct.

UpgradeManifestsTimeout specifies the default timeout for upgrading static Pod manifests.

YAMLDocumentSeparator is the separator for YAML documents TODO: Find a better place for this constant.

ControlPlaneComponents defines the control-plane component names.

ControlPlaneTaint is the taint to apply on the PodSpec for being able to run that Pod on the control-plane.

ControlPlaneToleration is the toleration to apply on the PodSpec for being able to run that Pod on the control-plane.

CurrentKubernetesVersion specifies current Kubernetes version supported by kubeadm.

DefaultKubernetesPlaceholderVersion is a placeholder version in case the component-base version was not populated during build.

KubeadmCertsClusterRoleName sets the name for the ClusterRole that allows the bootstrap tokens to access the kubeadm-certs Secret during the join of a new control-plane.

MinimumControlPlaneVersion specifies the minimum control plane version kubeadm can deploy.

MinimumKubeletVersion specifies the minimum version of kubelet which kubeadm supports.

SupportedEtcdVersion lists officially supported etcd versions with corresponding Kubernetes releases.