salt.modules.kubeadm
- maintainer
-
Alberto Planas <aplanas@suse.com>
- maturity
-
new
- depends
-
None
- platform
-
Linux
-
New in version 3001.
Renews certificates for a Kubernetes cluster
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.alpha_certs_renew
salt.modules.kubeadm.alpha_certs_renew(rootfs=None)
-
New in version 3001.
Outputs a kubeconfig file for an additional user
- client_name
-
The name of the user. It will be used as the CN if client certificates are created
- apiserver_advertise_address
-
The IP address the API server is accessible on
- apiserver_bind_port
-
The port the API server is accessible on (default 6443)
- cert_dir
-
The path where certificates are stored (default "/etc/kubernetes/pki")
- org
-
The organization of the client certificate
- token
-
The token that show be used as the authentication mechanism for this kubeconfig, instead of client certificates
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.alpha_kubeconfig_user client_name=user
salt.modules.kubeadm.alpha_kubeconfig_user(client_name, apiserver_advertise_address=None, apiserver_bind_port=None, cert_dir=None, org=None, token=None, rootfs=None)
-
New in version 3001.
Downloads the kubelet configuration from the cluster ConfigMap kubelet-config-1.X
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- kubelet_version
-
The desired version for the kubelet
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.alpha_kubelet_config_download salt '*' kubeadm.alpha_kubelet_config_download kubelet_version='1.14.0'
salt.modules.kubeadm.alpha_kubelet_config_download(kubeconfig=None, kubelet_version=None, rootfs=None)
-
New in version 3001.
Enables or updates dynamic kubelet configuration for a node
- node_name
-
Name of the node that should enable the dynamic kubelet configuration
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- kubelet_version
-
The desired version for the kubelet
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.alpha_kubelet_config_enable_dynamic node-1
salt.modules.kubeadm.alpha_kubelet_config_enable_dynamic(node_name, kubeconfig=None, kubelet_version=None, rootfs=None)
-
New in version 3001.
Converts a static Pod-hosted control plane into a selt-hosted one
- cert_dir
-
The path where certificates are stored (default "/etc/kubernetes/pki")
- config
-
Path to kubeadm configuration file
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- store_certs_in_secrets
-
Enable storing certs in secrets
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.alpha_selfhost_pivot
salt.modules.kubeadm.alpha_selfhosting_pivot(cert_dir=None, config=None, kubeconfig=None, store_certs_in_secrets=False, rootfs=None)
-
New in version 3001.
Print a list of images kubeadm will use
- config
-
Path to kubeadm configuration file
- feature_gates
-
A set of key=value pairs that describe feature gates for various features
- kubernetes_version
-
Choose a specifig Kubernetes version for the control plane (default "stable-1")
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_images_list
salt.modules.kubeadm.config_images_list(config=None, feature_gates=None, kubernetes_version=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Pull images used by kubeadm
- config
-
Path to kubeadm configuration file
- cri_socket
-
Path to the CRI socket to connect
- feature_gates
-
A set of key=value pairs that describe feature gates for various features
- kubernetes_version
-
Choose a specifig Kubernetes version for the control plane (default "stable-1")
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_images_pull
salt.modules.kubeadm.config_images_pull(config=None, cri_socket=None, feature_gates=None, kubernetes_version=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Read an older version of the kubeadm configuration API types from a file, and output the similar config object for the newer version
- old_config
-
Path to the kubeadm config file that is usin the old API version and should be converted
- new_config
-
Path to the resulting equivalent kubeadm config file using the new API version. If not specified the output will be returned
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_migrate /oldconfig.cfg
salt.modules.kubeadm.config_migrate(old_config, new_config=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Return default init configuration, that can be used for 'kubeadm init'
- component_config
-
A comma-separated list for component config API object to print the default values for (valid values: KubeProxyConfiguration, KubeletConfiguration)
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_print_init_defaults
salt.modules.kubeadm.config_print_init_defaults(component_configs=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Return default join configuration, that can be used for 'kubeadm join'
- component_config
-
A comma-separated list for component config API object to print the default values for (valid values: KubeProxyConfiguration, KubeletConfiguration)
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_print_join_defaults
salt.modules.kubeadm.config_print_join_defaults(component_configs=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Upload a configuration file to the in-cluster ConfigMap for kubeadm configuration
- config
-
Path to a kubeadm configuration file
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_upload_from_file /config.cfg
salt.modules.kubeadm.config_upload_from_file(config, kubeconfig=None, rootfs=None)
-
New in version 3001.
Create the in-cluster configuration file for the first time using flags
- apiserver_advertise_address
-
The IP address the API server will advertise it's listening on
- apiserver_bind_port
-
The port the API server is accessible on (default 6443)
- apiserver_cert_extra_sans
-
Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate
- cert_dir
-
The path where to save and store the certificates (default "/etc/kubernetes/pki")
- cri_socket
-
Path to the CRI socket to connect
- feature_gates
-
A set of key=value pairs that describe feature gates for various features
- kubernetes_version
-
Choose a specifig Kubernetes version for the control plane (default "stable-1")
- node_name
-
Specify the node name
- pod_network_cidr
-
Specify range of IP addresses for the pod network
- service_cidr
-
Use alternative range of IP address for service VIPs (default "10.96.0.0/12")
- service_dns_domain
-
Use alternative domain for services (default "cluster.local")
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_upload_from_flags
salt.modules.kubeadm.config_upload_from_flags(apiserver_advertise_address=None, apiserver_bind_port=None, apiserver_cert_extra_sans=None, cert_dir=None, cri_socket=None, feature_gates=None, kubernetes_version=None, node_name=None, pod_network_cidr=None, service_cidr=None, service_dns_domain=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
View the kubeadm configuration stored inside the cluster
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.config_view
salt.modules.kubeadm.config_view(kubeconfig=None, rootfs=None)
-
New in version 3001.
Command to set up the Kubernetes control plane
- apiserver_advertise_address
-
The IP address the API server will advertise it's listening on
- apiserver_bind_port
-
The port the API server is accessible on (default 6443)
- apiserver_cert_extra_sans
-
Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate
- cert_dir
-
The path where to save and store the certificates (default "/etc/kubernetes/pki")
- certificate_key
-
Key used to encrypt the control-plane certificates in the kubeadm-certs Secret
- config
-
Path to a kubeadm configuration file
- cri_socket
-
Path to the CRI socket to connect
- experimental_upload_certs
-
Upload control-plane certificate to the kubeadm-certs Secret
- feature_gates
-
A set of key=value pairs that describe feature gates for various features
- ignore_preflight_errors
-
A list of checks whose errors will be shown as warnings
- image_repository
-
Choose a container registry to pull control plane images from
- kubernetes_version
-
Choose a specifig Kubernetes version for the control plane (default "stable-1")
- node_name
-
Specify the node name
- pod_network_cidr
-
Specify range of IP addresses for the pod network
- service_cidr
-
Use alternative range of IP address for service VIPs (default "10.96.0.0/12")
- service_dns_domain
-
Use alternative domain for services (default "cluster.local")
- skip_certificate_key_print
-
Don't print the key used to encrypt the control-plane certificates
- skip_phases
-
List of phases to be skipped
- skip_token_print
-
Skip printing of the default bootstrap token generated by 'kubeadm init'
- token
-
The token to use for establishing bidirectional trust between nodes and control-plane nodes. The token must match a regular expression, that by default is [a-z0-9]{6}.[a-z0-9]{16}
- token_ttl
-
The duration defore the token is automatically deleted (1s, 2m, 3h). If set to '0' the token will never expire. Default value is 24h0m0s
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.init pod_network_cidr='10.244.0.0/16'
salt.modules.kubeadm.init(apiserver_advertise_address=None, apiserver_bind_port=None, apiserver_cert_extra_sans=None, cert_dir=None, certificate_key=None, config=None, cri_socket=None, experimental_upload_certs=False, feature_gates=None, ignore_preflight_errors=None, image_repository=None, kubernetes_version=None, node_name=None, pod_network_cidr=None, service_cidr=None, service_dns_domain=None, skip_certificate_key_print=False, skip_phases=None, skip_token_print=False, token=None, token_ttl=None, rootfs=None)
-
New in version 3001.
Command to join to an existing cluster
- api_server_endpoint
-
IP address or domain name and port of the API Server
- apiserver_advertise_address
-
If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on
- apiserver_bind_port
-
If the node should host a new control plane instance, the port the API Server to bind to (default 6443)
- certificate_key
-
Use this key to decrypt the certificate secrets uploaded by init
- config
-
Path to a kubeadm configuration file
- cri_socket
-
Path to the CRI socket to connect
- discovery_file
-
For file-based discovery, a file or URL from which to load cluster information
- discovery_token
-
For token-based discovery, the token used to validate cluster information fetched from the API Server
- discovery_token_ca_cert_hash
-
For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>")
- discovery_token_unsafe_skip_ca_verification
-
For token-based discovery, allow joining without 'discovery-token-ca-cert-hash' pinning
- experimental_control_plane
-
Create a new control plane instance on this node
- ignore_preflight_errors
-
A list of checks whose errors will be shown as warnings
- node_name
-
Specify the node name
- skip_phases
-
List of phases to be skipped
- tls_bootstrap_token
-
Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node
- token
-
Use this token for both discovery-token and tls-bootstrap-token when those values are not provided
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.join 10.160.65.165:6443 token='token'
salt.modules.kubeadm.join(api_server_endpoint=None, apiserver_advertise_address=None, apiserver_bind_port=None, certificate_key=None, config=None, cri_socket=None, discovery_file=None, discovery_token=None, discovery_token_ca_cert_hash=None, discovery_token_unsafe_skip_ca_verification=False, experimental_control_plane=False, ignore_preflight_errors=None, node_name=None, skip_phases=None, tls_bootstrap_token=None, token=None, rootfs=None)
-
New in version 3001.
Return the parameters required for joining into the cluster
- create_if_needed
-
If the token bucket is empty and this parameter is True, a new token will be created.
CLI Example:
salt '*' kubeadm.join_params salt '*' kubeadm.join_params create_if_needed=True
salt.modules.kubeadm.join_params(create_if_needed=False)
-
New in version 3001.
Revert any changes made to this host by 'kubeadm init' or 'kubeadm join'
- cert_dir
-
The path to the directory where the certificates are stored (default "/etc/kubernetes/pki")
- cri_socket
-
Path to the CRI socket to connect
- ignore_preflight_errors
-
A list of checks whose errors will be shown as warnings
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.join 10.160.65.165:6443 token='token'
salt.modules.kubeadm.reset(cert_dir=None, cri_socket=None, ignore_preflight_errors=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Create bootstrap tokens on the server
- token
-
Token to write, if None one will be generated. The token must match a regular expression, that by default is [a-z0-9]{6}.[a-z0-9]{16}
- config
-
Path to kubeadm configuration file
- description
-
A human friendly description of how this token is used
- groups
-
List of extra groups that this token will authenticate, default to ['system:bootstrappers:kubeadm:default-node-token']
- ttl
-
The duration defore the token is automatically deleted (1s, 2m, 3h). If set to '0' the token will never expire. Default value is 24h0m0s
- usages
-
Describes the ways in which this token can be used. The default value is ['signing', 'authentication']
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.token_create salt '*' kubeadm.token_create a1b2c.0123456789abcdef salt '*' kubeadm.token_create ttl='6h' salt '*' kubeadm.token_create usages="['signing']"
salt.modules.kubeadm.token_create(token=None, config=None, description=None, groups=None, ttl=None, usages=None, kubeconfig=None, rootfs=None)
-
New in version 3001.
Delete bootstrap tokens on the server
- token
-
Token to write, if None one will be generated. The token must match a regular expression, that by default is [a-z0-9]{6}.[a-z0-9]{16}
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.token_delete a1b2c salt '*' kubeadm.token_create a1b2c.0123456789abcdef
salt.modules.kubeadm.token_delete(token, kubeconfig=None, rootfs=None)
-
New in version 3001.
Generate and return a bootstrap token, but do not create it on the server
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.token_generate
salt.modules.kubeadm.token_generate(kubeconfig=None, rootfs=None)
-
New in version 3001.
List bootstrap tokens on the server
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.token_list
salt.modules.kubeadm.token_list(kubeconfig=None, rootfs=None)
-
New in version 3001.
Return the version of kubeadm
- kubeconfig
-
The kubeconfig file to use when talking to the cluster. The default values in /etc/kubernetes/admin.conf
- rootfs
-
The path to the real host root filesystem
CLI Example:
salt '*' kubeadm.version
salt.modules.kubeadm.version(kubeconfig=None, rootfs=None)
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/modules/all/salt.modules.kubeadm.html