kube-apiserver Configuration (v1alpha1)
Package v1alpha1 is the v1alpha1 version of the API.
Resource Types
AdmissionConfiguration
AdmissionConfiguration provides versioned configuration for admission controllers.
Field | Description |
---|---|
apiVersion string | apiserver.k8s.io/v1alpha1 |
kind string | AdmissionConfiguration |
plugins []AdmissionPluginConfiguration | Plugins allows specifying a configuration per admission control plugin. |
EgressSelectorConfiguration
EgressSelectorConfiguration provides versioned configuration for egress selector clients.
Field | Description |
---|---|
apiVersion string | apiserver.k8s.io/v1alpha1 |
kind string | EgressSelectorConfiguration |
egressSelections [Required][]EgressSelection | connectionServices contains a list of egress selection client configurations |
TracingConfiguration
TracingConfiguration provides versioned configuration for tracing clients.
Field | Description |
---|---|
apiVersion string | apiserver.k8s.io/v1alpha1 |
kind string | TracingConfiguration |
endpoint string | Endpoint of the collector that’s running on the control-plane node. The APIServer uses the egressType ControlPlane when sending data to the collector. The syntax is defined in https://github.com/grpc/grpc/blob/master/doc/naming.md. Defaults to the otlpgrpc default, localhost:4317 The connection is insecure, and does not support TLS. |
samplingRatePerMillion int32 | SamplingRatePerMillion is the number of samples to collect per million spans. Defaults to 0. |
AdmissionPluginConfiguration
Appears in:
AdmissionPluginConfiguration provides the configuration for a single plug-in.
Field | Description |
---|---|
name [Required]string | Name is the name of the admission controller. It must match the registered admission plugin name. |
path string | Path is the path to a configuration file that contains the plugin’s configuration |
configuration k8s.io/apimachinery/pkg/runtime.Unknown | Configuration is an embedded configuration object to be used as the plugin’s configuration. If present, it will be used instead of the path to the configuration file. |
Connection
Appears in:
Connection provides the configuration for a single egress selection client.
Field | Description |
---|---|
proxyProtocol [Required]ProtocolType | Protocol is the protocol used to connect from client to the konnectivity server. |
transport Transport | Transport defines the transport configurations we use to dial to the konnectivity server. This is required if ProxyProtocol is HTTPConnect or GRPC. |
EgressSelection
Appears in:
EgressSelection provides the configuration for a single egress selection client.
Field | Description |
---|---|
name [Required]string | name is the name of the egress selection. Currently supported values are “controlplane”, “master”, “etcd” and “cluster” The “master” egress selector is deprecated in favor of “controlplane” |
connection [Required]Connection | connection is the exact information used to configure the egress selection |
ProtocolType
(Alias of string
)
Appears in:
ProtocolType is a set of valid values for Connection.ProtocolType
TCPTransport
Appears in:
TCPTransport provides the information to connect to konnectivity server via TCP
Field | Description |
---|---|
url [Required]string | URL is the location of the konnectivity server to connect to. As an example it might be “https://127.0.0.1:8131“ |
tlsConfig TLSConfig | TLSConfig is the config needed to use TLS when connecting to konnectivity server |
TLSConfig
Appears in:
TLSConfig provides the authentication information to connect to konnectivity server Only used with TCPTransport
Field | Description |
---|---|
caBundle string | caBundle is the file location of the CA to be used to determine trust with the konnectivity server. Must be absent/empty if TCPTransport.URL is prefixed with http:// If absent while TCPTransport.URL is prefixed with https://, default to system trust roots. |
clientKey string | clientKey is the file location of the client key to be used in mtls handshakes with the konnectivity server. Must be absent/empty if TCPTransport.URL is prefixed with http:// Must be configured if TCPTransport.URL is prefixed with https:// |
clientCert string | clientCert is the file location of the client certificate to be used in mtls handshakes with the konnectivity server. Must be absent/empty if TCPTransport.URL is prefixed with http:// Must be configured if TCPTransport.URL is prefixed with https:// |
Transport
Appears in:
Transport defines the transport configurations we use to dial to the konnectivity server
Field | Description |
---|---|
tcp TCPTransport | TCP is the TCP configuration for communicating with the konnectivity server via TCP ProxyProtocol of GRPC is not supported with TCP transport at the moment Requires at least one of TCP or UDS to be set |
uds UDSTransport | UDS is the UDS configuration for communicating with the konnectivity server via UDS Requires at least one of TCP or UDS to be set |
UDSTransport
Appears in:
UDSTransport provides the information to connect to konnectivity server via UDS
Field | Description |
---|---|
udsName [Required]string | UDSName is the name of the unix domain socket to connect to konnectivity server This does not use a unix:// prefix. (Eg: /etc/srv/kubernetes/konnectivity-server/konnectivity-server.socket) |