Skip to content

Latest commit

 

History

History
4242 lines (2367 loc) · 110 KB

REFERENCE.md

File metadata and controls

4242 lines (2367 loc) · 110 KB

Reference

Table of Contents

Classes

Defined types

Resource types

  • kubeconfig: Example: kubeconfig { '/var/lib/kubernetes/utility.conf': ca_cert => '/etc/kubernetes.ca.pem', token => 'utility-token', }
  • kubectl_apply: Example: To encode the bootstrap token "tokenid.tokensecret" into a Kubernetes secret; $tokenid = 'tokenid' $tokensecret = 'tokense

Functions

Data types

Classes

k8s

Sets up a Kubernetes instance - either as a node or as a server

Parameters

The following parameters are available in the k8s class:

api_service_address

Data type: Stdlib::IP::Address::Nosubnet

IP address for the API service

Default value: k8s::ip_in_cidr($service_cluster_cidr, 'first')

cluster_cidr

Data type: K8s::CIDR

CIDR for the pod network

Default value: '10.0.0.0/16'

cluster_domain

Data type: Stdlib::Fqdn

domain name for the cluster

Default value: 'cluster.local'

container_image_tag

Data type: Optional[String[1]]

container image tag to use

Default value: undef

container_manager

Data type: K8s::Container_runtimes

container manager to use

Default value: 'crio'

container_registry

Data type: String[1]

container registry to use

Default value: 'registry.k8s.io'

container_runtime_service

Data type: String[1]

name of the container runtime service

Default value: "${container_manager}.service"

containerd_package

Data type: Optional[String[1]]

name of the containerd package

Default value: undef

control_plane_url

Data type: Stdlib::HTTPUrl

URL for the control plane

Default value: 'https://kubernetes:6443'

crictl_package

Data type: Optional[String[1]]

name of the crictl package

Default value: undef

crio_package

Data type: Optional[String[1]]

name of the crio package

Default value: undef

dns_service_address

Data type: K8s::IP_addresses

IP address for the DNS service

Default value: k8s::ip_in_cidr($service_cluster_cidr, 'second')

ensure

Data type: K8s::Ensure

whether kubernetes should be present or absent

Default value: 'present'

etcd_cluster_name

Data type: String[1]

name of the etcd cluster for searching its nodes in the puppetdb

Default value: 'default'

etcd_version

Data type: String[1]

version of etcd to install

Default value: '3.5.1'

firewall_type

Data type: Optional[K8s::Firewall]

type of firewall to use

Default value: undef

gid

Data type: Integer[0, 65535]

group id for kubernetes files and services

Default value: 888

group

Data type: String[1]

groupname for kubernetes files and services

Default value: 'kube'

hyperkube_name

Data type: String[1]

name of the hyperkube binary

Default value: 'hyperkube'

incluster_control_plane_url

Data type: Stdlib::HTTPUrl

URL for the control plane from within the cluster

Default value: 'https://kubernetes.default.svc'

manage_container_manager

Data type: Boolean

whether to manage the container manager

Default value: true

manage_etcd

Data type: Boolean

whether to manage etcd

Default value: true

manage_firewall

Data type: Boolean

whether to manage the firewall

Default value: false

manage_image

Data type: Boolean

whether to manage the image

Default value: false

manage_kernel_modules

Data type: Boolean

A flag to manage required Kernel modules.

Default value: true

manage_kube_proxy

Data type: K8s::Proxy_method

How/if the kube-proxy component should be managed, either as an in-cluster component (default), or as an on-node component for advanced use-cases.

Default value: true

manage_packages

Data type: Boolean

whether to manage packages

Default value: true

manage_repo

Data type: Boolean

whether to manage the repo

Default value: true

manage_sysctl_settings

Data type: Boolean

A flag to manage required sysctl settings.

Default value: true

native_packaging

Data type: K8s::Native_packaging

type of native packaging to use

Default value: 'loose'

native_url_template

Data type: String[1]

template for native packaging

Default value: 'https://storage.googleapis.com/kubernetes-release/release/v%{version}/bin/%{kernel}/%{arch}/%{binary}'

node_auth

Data type: K8s::Node_auth

authentication method for nodes

Default value: 'bootstrap'

package_template

Data type: String[1]

template for package names

Default value: 'kubernetes-%{component}'

packaging

Data type: Enum['container', 'native']

whether to use native or container packaging

Default value: 'native'

puppetdb_discovery

Data type: Boolean

whether to use puppetdb for node discovery

Default value: false

puppetdb_discovery_tag

Data type: String[1]

tag to use for puppetdb node discovery

Default value: 'default'

purge_manifests

Data type: Boolean

whether to purge manifests

Default value: true

role

Data type: Enum['node','server','none']

role of the node

Default value: 'none'

runc_version

Data type: String[1]

version of runc to install

Default value: 'installed'

service_cluster_cidr

Data type: K8s::CIDR

CIDR for the service network

Default value: '10.1.0.0/24'

sysconfig_path

Data type: Optional[Stdlib::Unixpath]

path to the sysconfig directory

Default value: undef

tarball_url_template

Data type: String[1]

template for tarball packaging

Default value: 'https://dl.k8s.io/v%{version}/kubernetes-%{component}-%{kernel}-%{arch}.tar.gz'

uid

Data type: Integer[0, 65535]

user id for kubernetes files and services

Default value: 888

user

Data type: String[1]

username for kubernetes files and services

Default value: 'kube'

version

Data type: String[1]

version of kubernetes to install

Default value: '1.26.1'

k8s::install::cni_plugins

Class: k8s::install::cni_plugins

Parameters

The following parameters are available in the k8s::install::cni_plugins class:

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

method

Data type: String[1]

installation method

Default value: $k8s::native_packaging

version

Data type: String[1]

sets the version to use

Default value: 'v1.2.0'

download_url_template

Data type: String[1]

template string for the cni_plugins download url

Default value: 'https://github.com/containernetworking/plugins/releases/download/%{version}/cni-plugins-linux-%{arch}-%{version}.tgz'

k8s::install::container_runtime

Class: k8s::install::container_runtime

Parameters

The following parameters are available in the k8s::install::container_runtime class:

container_manager

Data type: K8s::Container_runtimes

set the cri to use

Default value: $k8s::container_manager

containerd_package

Data type: Optional[String[1]]

the containerd package anme

Default value: $k8s::containerd_package

crio_package

Data type: Optional[String[1]]

cri-o the package name

Default value: $k8s::crio_package

k8s_version

Data type: String[1]

the k8s version

Default value: $k8s::version

manage_repo

Data type: Boolean

whether to manage the repo or not

Default value: $k8s::manage_repo

package_ensure

Data type: String[1]

the ensure value to set on the cri package

Default value: installed

runc_version

Data type: String[1]

the runc version

Default value: $k8s::runc_version

k8s::install::crictl

Class: k8s::install::crictl

Parameters

The following parameters are available in the k8s::install::crictl class:

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

version

Data type: String[1]

the k8s version

Default value: 'v1.26.0'

config

Data type: Hash

config for crictl, for example: k8s::install::crictl::config: 'runtime-endpoint': 'unix:///run/containerd/containerd.sock' 'image-endpoint': 'unix:///run/containerd/containerd.sock'

Default value: {}

crictl_package

Data type: Optional[String[1]]

the package name of crictl

Default value: $k8s::crictl_package

manage_repo

Data type: Boolean

whether to manage the repo or not

Default value: $k8s::manage_repo

download_url_template

Data type: Stdlib::HTTPUrl

template string for the URL to download tar.gz from

Default value: 'https://github.com/kubernetes-sigs/cri-tools/releases/download/%{version}/crictl-%{version}-linux-%{arch}.tar.gz'

k8s::install::kubeadm

Installs the kubeadm binary

Parameters

The following parameters are available in the k8s::install::kubeadm class:

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

k8s::install::kubectl

Installs the kubectl binary

Parameters

The following parameters are available in the k8s::install::kubectl class:

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

k8s::node

Installs a Kubernetes node

Parameters

The following parameters are available in the k8s::node class:

ca_cert

Data type: Stdlib::Unixpath

path to the ca cert

Default value: "${cert_path}/ca.pem"

cert_path

Data type: Stdlib::Unixpath

path to cert files

Default value: '/var/lib/kubelet/pki'

control_plane_url

Data type: Stdlib::HTTPUrl

cluster API connection

Default value: $k8s::control_plane_url

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

firewall_type

Data type: Optional[K8s::Firewall]

define the type of firewall to use

Default value: $k8s::firewall_type

manage_crictl

Data type: Boolean

toggle to install crictl

Default value: false

manage_firewall

Data type: Boolean

whether to manage firewall or not

Default value: $k8s::manage_firewall

manage_kernel_modules

Data type: Boolean

whether to load kernel modules or not

Default value: $k8s::manage_kernel_modules

manage_kubelet

Data type: Boolean

whether to manage kublet or not

Default value: true

manage_proxy

Data type: Boolean

whether to manage kube-proxy or not

Default value: $k8s::manage_kube_proxy == 'on-node'

manage_simple_cni

Data type: Boolean

toggle to use a simple bridge network for containers

Default value: false

manage_sysctl_settings

Data type: Boolean

whether to manage sysctl settings or not

Default value: $k8s::manage_sysctl_settings

node_auth

Data type: K8s::Node_auth

type of node authentication

Default value: $k8s::node_auth

node_cert

Data type: Optional[Stdlib::Unixpath]

path to node cert file

Default value: undef

node_key

Data type: Optional[Stdlib::Unixpath]

path to node key file

Default value: undef

node_token

Data type: Optional[Sensitive[String]]

k8s token to join a cluster

Default value: undef

proxy_auth

Data type: K8s::Proxy_auth

which proxy auth to use

Default value: 'incluster'

proxy_cert

Data type: Optional[Stdlib::Unixpath]

path to proxy cert file

Default value: undef

proxy_key

Data type: Optional[Stdlib::Unixpath]

path to proxy key file

Default value: undef

proxy_token

Data type: Optional[Sensitive[String]]

k8s token for kube-proxy

Default value: undef

puppetdb_discovery_tag

Data type: String[1]

enable puppetdb resource searching

Default value: $k8s::puppetdb_discovery_tag

k8s::node::kube_proxy

For most use-cases, running kube-proxy inside the cluster itself is recommended

Parameters

The following parameters are available in the k8s::node::kube_proxy class:

arguments

Data type: Hash[String, Data]

A hash of additional arguments to pass to kube-proxy

Default value: {}

auth

Data type: K8s::Proxy_auth

The authentication method to use for the API server

Default value: $k8s::node::proxy_auth

ca_cert

Data type: Optional[Stdlib::Unixpath]

The path to the CA certificate to use for the API server

Default value: $k8s::node::ca_cert

cert

Data type: Optional[Stdlib::Unixpath]

The path to the client certificate to use for the API server

Default value: $k8s::node::proxy_cert

cluster_cidr

Data type: K8s::CIDR

The CIDR range of the cluster

Default value: $k8s::cluster_cidr

config

Data type: Hash[String, Data]

A hash of additional configuration options to pass to kube-proxy

Default value: {}

control_plane_url

Data type: Stdlib::HTTPUrl

The URL of the Kubernetes API server

Default value: $k8s::node::control_plane_url

ensure

Data type: K8s::Ensure

Whether the kube-proxy service should be configured

Default value: $k8s::node::ensure

key

Data type: Optional[Stdlib::Unixpath]

The path to the client key to use for the API server

Default value: $k8s::node::proxy_key

puppetdb_discovery_tag

Data type: String

The tag to use for PuppetDB service discovery

Default value: $k8s::node::puppetdb_discovery_tag

token

Data type: Optional[Sensitive[String]]

The token to use for the API server

Default value: $k8s::node::proxy_token

k8s::node::kubectl

Installs the kubectl binary

Parameters

The following parameters are available in the k8s::node::kubectl class:

ensure

Data type: K8s::Ensure

Whether to install the binary

Default value: $k8s::ensure

k8s::node::kubelet

Installs and configures kubelet

Parameters

The following parameters are available in the k8s::node::kubelet class:

arguments

Data type: Hash[String, Data]

additional arguments to pass to kubelet

Default value: {}

auth

Data type: K8s::Node_auth

type of node authentication

Default value: $k8s::node::node_auth

ca_cert

Data type: Optional[Stdlib::Unixpath]

path to the ca cert

Default value: $k8s::node::ca_cert

cert

Data type: Optional[Stdlib::Unixpath]

path to node cert file

Default value: $k8s::node::node_cert

cert_path

Data type: Stdlib::Unixpath

path to cert files

Default value: $k8s::node::cert_path

config

Data type: Hash[String, Data]

additional config to pass to kubelet

Default value: {}

control_plane_url

Data type: Stdlib::HTTPUrl

cluster API connection

Default value: $k8s::node::control_plane_url

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::node::ensure

firewall_type

Data type: Optional[K8s::Firewall]

define the type of firewall to use

Default value: $k8s::node::firewall_type

key

Data type: Optional[Stdlib::Unixpath]

path to node key file

Default value: $k8s::node::node_key

kubeconfig

Data type: Stdlib::Unixpath

path to kubeconfig

Default value: '/srv/kubernetes/kubelet.kubeconf'

manage_firewall

Data type: Boolean

whether to manage firewall or not

Default value: $k8s::node::manage_firewall

manage_kernel_modules

Data type: Boolean

whether to load kernel modules or not

Default value: $k8s::node::manage_kernel_modules

manage_sysctl_settings

Data type: Boolean

whether to manage sysctl settings or not

Default value: $k8s::node::manage_sysctl_settings

puppetdb_discovery_tag

Data type: String[1]

enable puppetdb resource searching

Default value: $k8s::node::puppetdb_discovery_tag

rotate_server_tls

Data type: Boolean

whether to rotate server tls or not

Default value: $auth == 'bootstrap'

runtime

Data type: String

which container runtime to use

Default value: $k8s::container_manager

runtime_service

Data type: String

name of the service of the container runtime

Default value: $k8s::container_runtime_service

support_dualstack

Data type: Boolean

whether to support dualstack or not

Default value: $k8s::cluster_cidr =~ Array[Data, 2]

token

Data type: Optional[Sensitive[String]]

k8s token to join a cluster

Default value: $k8s::node::node_token

k8s::node::simple_cni

Class: k8s::node::simple_cni

Parameters

The following parameters are available in the k8s::node::simple_cni class:

pod_cidr

Data type: K8s::CIDR

cidr for pods in the network

Default value: $k8s::cluster_cidr

k8s::repo

Handles repositories for the container runtime

Parameters

The following parameters are available in the k8s::repo class:

container_manager

Data type: K8s::Container_runtimes

The name of the container manager

Default value: $k8s::container_manager

crio_version

Data type: String[1]

version o cri-o

Default value: $k8s::version.split('\.')[0, 2].join('.')

manage_container_manager

Data type: Boolean

whether to add cri-o repository or not

Default value: $k8s::manage_container_manager

k8s::server

Sets up a Kubernetes server instance

Parameters

The following parameters are available in the k8s::server class:

aggregator_ca_cert

Data type: Stdlib::Unixpath

path to the aggregator ca cert

Default value: "${cert_path}/aggregator-ca.pem"

aggregator_ca_key

Data type: Stdlib::Unixpath

path to the aggregator ca key

Default value: "${cert_path}/aggregator-ca.key"

api_port

Data type: Integer[1]

Cluster API port

Default value: 6443

ca_cert

Data type: Stdlib::Unixpath

path to the ca cert

Default value: "${cert_path}/ca.pem"

ca_key

Data type: Stdlib::Unixpath

path to the ca key

Default value: "${cert_path}/ca.key"

cert_path

Data type: Stdlib::Unixpath

path to cert files

Default value: '/etc/kubernetes/certs'

cluster_cidr

Data type: K8s::CIDR

cluster cidr

Default value: $k8s::cluster_cidr

cluster_domain

Data type: String

cluster domain name

Default value: $k8s::cluster_domain

control_plane_url

Data type: String

cluster API connection

Default value: $k8s::control_plane_url

direct_control_plane_url

Data type: String

direct clust API connection

Default value: "https://${fact('networking.ip')}:${api_port}"

dns_service_address

Data type: K8s::IP_addresses

cluster dns service address

Default value: $k8s::dns_service_address

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::ensure

etcd_cluster_name

Data type: String[1]

name of the etcd cluster for searching its nodes in the puppetdb

Default value: $k8s::etcd_cluster_name

etcd_servers

Data type: Optional[Array[Stdlib::HTTPUrl]]

list etcd servers if no puppetdb is used

Default value: undef

firewall_type

Data type: Optional[K8s::Firewall]

define the type of firewall to use

Default value: $k8s::firewall_type

generate_ca

Data type: Boolean

initially generate ca

Default value: false

manage_certs

Data type: Boolean

whether to manage certs or not

Default value: true

manage_components

Data type: Boolean

whether to manage components or not

Default value: true

manage_crictl

Data type: Boolean

whether to install crictl or not

Default value: false

manage_etcd

Data type: Boolean

whether to manage etcd or not

Default value: $k8s::manage_etcd

manage_firewall

Data type: Boolean

whether to manage firewall or not

Default value: $k8s::manage_firewall

manage_kubeadm

Data type: Boolean

whether to install kubeadm or not

Default value: false

manage_resources

Data type: Boolean

whether to manage cluster internal resources or not

Default value: true

manage_signing

Data type: Boolean

whether to manage cert signing or not

Default value: $k8s::puppetdb_discovery

node_on_server

Data type: Boolean

whether to use controller also as nodes or not

Default value: true

puppetdb_discovery_tag

Data type: String[1]

enable puppetdb resource searching

Default value: $k8s::puppetdb_discovery_tag

k8s::server::apiserver

Installs and configures a Kubernetes apiserver

Parameters

The following parameters are available in the k8s::server::apiserver class:

advertise_address

Data type: Stdlib::IP::Address::Nosubnet

bind address of the apiserver

Default value: fact('networking.ip')

aggregator_ca_cert

Data type: Stdlib::Unixpath

path to the aggregator ca cert file

Default value: $k8s::server::tls::aggregator_ca_cert

apiserver_cert

Data type: Stdlib::Unixpath

path to the apiserver cert file

Default value: "${cert_path}/kube-apiserver.pem"

apiserver_client_cert

Data type: Stdlib::Unixpath

path to the apiserver client cert file

Default value: "${cert_path}/apiserver-kubelet-client.pem"

apiserver_client_key

Data type: Stdlib::Unixpath

path to the apiserver client key file

Default value: "${cert_path}/apiserver-kubelet-client.key"

apiserver_key

Data type: Stdlib::Unixpath

path to the apiserver cert file

Default value: "${cert_path}/kube-apiserver.key"

arguments

Data type: Hash[String, Data]

additional arguments for the apiserver

Default value: {}

ca_cert

Data type: Stdlib::Unixpath

path to the ca cert

Default value: $k8s::server::tls::ca_cert

cert_path

Data type: Stdlib::Unixpath

path to cert files

Default value: $k8s::server::tls::cert_path

container_image

Data type: String[1]

container image to use for the apiserver

Default value: 'kube-apiserver'

container_image_tag

Data type: Optional[String[1]]

container image tag to use for the apiserver

Default value: $k8s::container_image_tag

container_registry

Data type: String[1]

container registry to pull the image from

Default value: $k8s::container_registry

discover_etcd_servers

Data type: Boolean

enable puppetdb resource searching

Default value: $k8s::puppetdb_discovery

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::server::ensure

etcd_ca

Data type: Stdlib::Unixpath

path to the etcd ca cert file

Default value: "${cert_path}/etcd-ca.pem"

etcd_cert

Data type: Stdlib::Unixpath

path to the etcd cert file

Default value: "${cert_path}/etcd.pem"

etcd_cluster_name

Data type: String[1]

name of the etcd cluster for searching its nodes in the puppetdb

Default value: $k8s::server::etcd_cluster_name

etcd_key

Data type: Stdlib::Unixpath

path to the etcd key file

Default value: "${cert_path}/etcd.key"

etcd_servers

Data type: Optional[Array[Stdlib::HTTPUrl]]

list etcd servers if no puppetdb is used

Default value: $k8s::server::etcd_servers

firewall_type

Data type: Optional[K8s::Firewall]

define the type of firewall to use

Default value: $k8s::server::firewall_type

front_proxy_cert

Data type: Stdlib::Unixpath

path to the front proxy cert file

Default value: "${cert_path}/front-proxy-client.pem"

front_proxy_key

Data type: Stdlib::Unixpath

path to the front proxy key file

Default value: "${cert_path}/front-proxy-client.key"

manage_firewall

Data type: Boolean

whether to manage firewall or not

Default value: $k8s::server::manage_firewall

puppetdb_discovery_tag

Data type: String

enable puppetdb resource searching

Default value: $k8s::server::puppetdb_discovery_tag

service_cluster_cidr

Data type: K8s::CIDR

cidr of the service cluster

Default value: $k8s::service_cluster_cidr

serviceaccount_private

Data type: Stdlib::Unixpath

path to the service account private key file

Default value: "${cert_path}/service-account.key"

serviceaccount_public

Data type: Stdlib::Unixpath

path to the service account public key file

Default value: "${cert_path}/service-account.pub"

k8s::server::controller_manager

Installs and configures a Kubernetes controller manager

Parameters

The following parameters are available in the k8s::server::controller_manager class:

arguments

Data type: Hash[String, Data]

Additional arguments to pass to the controller manager.

Default value: {}

ca_cert

Data type: Stdlib::Unixpath

The path to the CA certificate.

Default value: $k8s::server::tls::ca_cert

ca_key

Data type: Stdlib::Unixpath

The path to the CA key.

Default value: $k8s::server::tls::ca_key

cert

Data type: Stdlib::Unixpath

The path to the controller manager certificate.

Default value: "${cert_path}/kube-controller-manager.pem"

cert_path

Data type: Stdlib::Unixpath

The path to the TLS certificates.

Default value: $k8s::server::tls::cert_path

cluster_cidr

Data type: K8s::CIDR

The CIDR of the cluster.

Default value: $k8s::cluster_cidr

container_image

Data type: String[1]

The container image to use for the controller manager.

Default value: 'kube-controller-manager'

container_image_tag

Data type: Optional[String[1]]

The container image tag to use for the controller manager.

Default value: $k8s::container_image_tag

container_registry

Data type: String[1]

The container registry to pull the controller manager image from.

Default value: $k8s::container_registry

control_plane_url

Data type: Stdlib::HTTPUrl

The URL of the Kubernetes API server.

Default value: $k8s::control_plane_url

ensure

Data type: K8s::Ensure

Whether the controller manager should be configured.

Default value: $k8s::server::ensure

key

Data type: Stdlib::Unixpath

The path to the controller manager key.

Default value: "${cert_path}/kube-controller-manager.key"

service_cluster_cidr

Data type: K8s::CIDR

The CIDR of the service cluster.

Default value: $k8s::service_cluster_cidr

k8s::server::etcd

Sets up an etcd cluster node

Parameters

The following parameters are available in the k8s::server::etcd class:

addn_names

Data type: K8s::TLS_altnames

additional names for certificates

Default value: []

cert_path

Data type: Stdlib::Unixpath

path to cert files

Default value: '/var/lib/etcd/certs'

client_ca_cert

Data type: Stdlib::Unixpath

path to the client ca cert

Default value: "${cert_path}/client-ca.pem"

client_ca_key

Data type: Stdlib::Unixpath

path to the client ca key

Default value: "${cert_path}/client-ca.key"

cluster_name

Data type: String[1]

name of the etcd cluster for searching its nodes in the puppetdb

Default value: pick($k8s::server::etcd_cluster_name, 'default')

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: 'present'

firewall_type

Data type: Optional[K8s::Firewall]

define the type of firewall to use

Default value: $k8s::server::firewall_type

generate_ca

Data type: Boolean

whether to generate a own ca or not

Default value: false

group

Data type: String[1]

group to run etcd as

Default value: 'etcd'

manage_certs

Data type: Boolean

whether to manage certs or not

Default value: true

manage_firewall

Data type: Boolean

whether to manage firewall or not

Default value: false

manage_members

Data type: Boolean

whether to manage the ectd cluster member joining or not

Default value: false

manage_setup

Data type: Boolean

whether to manage the setup of etcd or not

Default value: true

peer_ca_cert

Data type: Stdlib::Unixpath

path to the peer ca cert

Default value: "${cert_path}/peer-ca.pem"

peer_ca_key

Data type: Stdlib::Unixpath

path to the peer ca key

Default value: "${cert_path}/peer-ca.key"

puppetdb_discovery_tag

Data type: String[1]

enable puppetdb resource searching

Default value: pick($k8s::server::puppetdb_discovery_tag, $cluster_name)

self_signed_tls

Data type: Boolean

whether to use self signed tls or not

Default value: false

user

Data type: String[1]

user to run etcd as

Default value: 'etcd'

version

Data type: String[1]

version of ectd to install

Default value: pick($k8s::etcd_version, '3.5.1')

k8s::server::etcd::setup

Installs and configures an etcd instance

Parameters

The following parameters are available in the k8s::server::etcd::setup class:

advertise_client_urls

Data type: Array[Stdlib::HTTPUrl]

The client urls to advertise

Default value: ["https://${fqdn}:2379"]

archive_template

Data type: Stdlib::HTTPUrl

The download url template for the etc archive

Default value: 'https://storage.googleapis.com/etcd/v%{version}/etcd-v%{version}-%{kernel}-%{arch}.%{kernel_ext}'

auto_compaction_retention

Data type: Optional[Integer]

The auto compaction retention

Default value: undef

auto_tls

Data type: Boolean

Use auto tls

Default value: $k8s::server::etcd::self_signed_tls

binary_path

Data type: Optional[Stdlib::Unixpath]

path to the etcd binary

Default value: undef

cert_file

Data type: Optional[Stdlib::Unixpath]

path to the cert file

Default value: undef

client_cert_auth

Data type: Boolean

Use client cert auth

Default value: false

data_dir

Data type: String[1]

path to the data dir

Default value: "${etcd_name}.etcd"

ensure

Data type: K8s::Ensure

set ensure for installation or deinstallation

Default value: $k8s::server::etcd::ensure

etcd_name

Data type: String[1]

The etcd instance name

Default value: $facts['networking']['hostname']

fqdn

Data type: String[1]

fully qualified domain name

Default value: $facts['networking']['fqdn']

gid

Data type: Optional[Integer[0, 65535]]

The group system id

Default value: undef

group

Data type: String[1]

etcd system user group

Default value: $k8s::server::etcd::group

initial_advertise_peer_urls

Data type: Array[Stdlib::HTTPUrl]

The peer urls to advertise

Default value: ["https://${fqdn}:2380"]

initial_cluster

Data type: Array[String[1]]

The initial cluster

Default value: []

initial_cluster_state

Data type: Optional[Enum['existing', 'new']]

The initial cluster state

Default value: undef

initial_cluster_token

Data type: Optional[String[1]]

The initial cluster token

Default value: undef

install

Data type: Enum['archive','package']

etcd installation method

Default value: 'archive'

key_file

Data type: Optional[Stdlib::Unixpath]

path to the key file

Default value: undef

listen_client_urls

Data type: Array[Stdlib::HTTPUrl]

The client urls to listen on

Default value: ['https://[::]:2379']

listen_peer_urls

Data type: Array[Stdlib::HTTPUrl]

The peer urls to listen on

Default value: ['https://[::]:2380']

package

Data type: String[1]

etcd package name

Default value: 'etcd'

peer_auto_tls

Data type: Boolean

Use peer auto tls

Default value: $k8s::server::etcd::self_signed_tls

peer_cert_file

Data type: Optional[Stdlib::Unixpath]

path to the peer cert file

Default value: undef

peer_client_cert_auth

Data type: Boolean

Use peer client cert auth

Default value: false

peer_key_file

Data type: Optional[Stdlib::Unixpath]

path to the peer key file

Default value: undef

peer_trusted_ca_file

Data type: Optional[Stdlib::Unixpath]

path to the peer trusted ca file

Default value: undef

proxy

Data type: Enum['on','off','readonly']

The proxy mode

Default value: 'off'

storage_path

Data type: Stdlib::Unixpath

path to the working dir of etcd

Default value: '/var/lib/etcd'

trusted_ca_file

Data type: Optional[Stdlib::Unixpath]

path to the trusted ca file

Default value: undef

uid

Data type: Optional[Integer[0, 65535]]

The user system id

Default value: undef

user

Data type: String[1]

etcd system user

Default value: $k8s::server::etcd::user

version

Data type: String[1]

The ectd version to install

Default value: $k8s::server::etcd::version

k8s::server::resources

Generates and deploys standard Kubernetes in-cluster services

Parameters

The following parameters are available in the k8s::server::resources class:

ca_cert

Data type: Stdlib::Unixpath

the path to the CA certificate to use for the cluster

Default value: $k8s::server::tls::ca_cert

cluster_cidr

Data type: K8s::CIDR

the CIDR to use for the cluster

Default value: $k8s::server::cluster_cidr

cluster_domain

Data type: String[1]

the domain to use for the cluster

Default value: $k8s::server::cluster_domain

control_plane_url

Data type: String[1]

the URL to use for the control plane

Default value: $k8s::server::control_plane_url

coredns_deployment_config

Data type: Hash[String,Data]

the configuration to use for the CoreDNS Deployment

Default value: {}

coredns_image

Data type: String[1]

the image to use for the CoreDNS

Default value: 'coredns/coredns'

coredns_registry

Data type: String[1]

the registry to use for the CoreDNS image

Default value: 'docker.io'

coredns_tag

Data type: String[1]

the tag to use for the CoreDNS image

Default value: '1.8.7'

dns_service_address

Data type: K8s::IP_addresses

the IP address to use for the DNS service

Default value: $k8s::server::dns_service_address

extra_kube_proxy_args

Data type: Hash[String,Data]

the extra arguments to pass to the kube-proxy

Default value: {}

flannel_cni_image

Data type: String[1]

the image to use for the Flannel CNI

Default value: 'rancher/mirrored-flannelcni-flannel-cni-plugin'

flannel_cni_registry

Data type: String[1]

the registry to use for the Flannel CNI image

Default value: 'docker.io'

flannel_cni_tag

Data type: String[1]

the tag to use for the Flannel CNI image

Default value: 'v1.0.0'

flannel_daemonset_config

Data type: Hash[String,Data]

the configuration to use for the Flannel DaemonSet

Default value: {}

flannel_image

Data type: String[1]

the image to use for the Flannel

Default value: 'rancher/mirrored-flannelcni-flannel'

flannel_registry

Data type: String[1]

the registry to use for the Flannel image

Default value: 'docker.io'

flannel_tag

Data type: String[1]

the tag to use for the Flannel image

Default value: 'v0.16.1'

image_pull_secrets

Data type: Optional[Array]

the secrets to pull from private registries

Default value: undef

kube_proxy_daemonset_config

Data type: Hash[String,Data]

the configuration to use for the kube-proxy DaemonSet

Default value: {}

kube_proxy_image

Data type: String[1]

the image to use for the kube-proxy

Default value: 'kube-proxy'

kube_proxy_registry

Data type: String[1]

the registry to use for the kube-proxy image

Default value: $k8s::container_registry

kube_proxy_tag

Data type: String[1]

the tag to use for the kube-proxy image

Default value: "v${k8s::version}"

kubeconfig

Data type: Stdlib::Unixpath

the path to the kubeconfig file to use for kubectl

Default value: '/root/.kube/config'

manage_bootstrap

Data type: Boolean

whether to manage the bootstrap resources

Default value: true

manage_coredns

Data type: Boolean

whether to manage the CoreDNS resources

Default value: true

manage_flannel

Data type: Boolean

whether to manage the Flannel resources

Default value: true

manage_kube_proxy

Data type: K8s::Proxy_method

whether to manage the kube-proxy resources

Default value: $k8s::manage_kube_proxy

k8s::server::resources::bootstrap

Generates and deploys the default Puppet boostrap configuration into the cluster

Parameters

The following parameters are available in the k8s::server::resources::bootstrap class:

control_plane_url

Data type: String[1]

The main API URL to encode in the bootstrap configuration

Default value: $k8s::server::resources::control_plane_url

ensure

Data type: K8s::Ensure

Whether the resources should be present or absent

Default value: $k8s::ensure

kubeconfig

Data type: Stdlib::Unixpath

The path to the kubeconfig file to use for the bootstrap configuration

Default value: $k8s::server::resources::kubeconfig

secret

Data type: Optional[Sensitive[K8s::Bootstrap_token]]

The exact token secret to use, will be generated as a random 16-char string if left blank. The generated value can be retrieved from the bootstrap-token-puppet Secret in kube-system.

Default value: undef

k8s::server::resources::coredns

Generates and deploys the default CoreDNS DNS provider for Kubernetes

Parameters

The following parameters are available in the k8s::server::resources::coredns class:

cluster_domain

Data type: Stdlib::Fqdn

The cluster domain to use for the CoreDNS ConfigMap

Default value: $k8s::server::resources::cluster_domain

corefile_content

Data type: Optional[String[1]]

The content to use for the CoreDNS ConfigMap

Default value: undef

deployment_config

Data type: Hash[String,Data]

Additional configuration to merge into the Kubernetes Deployment object

Default value: $k8s::server::resources::coredns_deployment_config

dns_service_address

Data type: K8s::IP_addresses

The address for the DNS service

Default value: $k8s::server::resources::dns_service_address

ensure

Data type: K8s::Ensure

Whether the resource should be present or absent on the target system

Default value: $k8s::ensure

hosts

Data type: Array[String[1]]

Additional host-style entries for the CoreDNS deployment to serve

Default value: []

image

Data type: String[1]

The CoreDNS image name to use

Default value: $k8s::server::resources::coredns_image

image_pull_secrets

Data type: Optional[Array]

the secrets to pull from private registries

Default value: $k8s::server::resources::image_pull_secrets

image_tag

Data type: String[1]

The CoreDNS image tag to use

Default value: $k8s::server::resources::coredns_tag

kubeconfig

Data type: Stdlib::Unixpath

The path to the kubeconfig to use for kubectl commands

Default value: $k8s::server::resources::kubeconfig

registry

Data type: String[1]

The CoreDNS image registry to use

Default value: $k8s::server::resources::coredns_registry

template_path

Data type: String[1]

The path to the template to use for the CoreDNS ConfigMap

Default value: 'k8s/server/resources/coredns_corefile.epp'

template_variables

Data type: Hash[String, Any]

The variables to use for the CoreDNS ConfigMap template

Default value: { cluster_domain => $cluster_domain }

k8s::server::resources::flannel

Generates and deploys the default CoreDNS DNS provider for Kubernetes

Parameters

The following parameters are available in the k8s::server::resources::flannel class:

cluster_cidr

Data type: K8s::CIDR

The internal cluster CIDR to proxy for

Default value: $k8s::server::resources::cluster_cidr

cni_image

Data type: String[1]

The Flannel CNI plugin image name to use

Default value: $k8s::server::resources::flannel_cni_image

cni_image_tag

Data type: String[1]

The Flannel CNI plugin image tag to use

Default value: $k8s::server::resources::flannel_cni_tag

cni_registry

Data type: String[1]

The Flannel CNI plugin image registry to use

Default value: $k8s::server::resources::flannel_cni_registry

daemonset_config

Data type: Hash[String,Data]

Additional configuration to merge into the DaemonSet object

Default value: $k8s::server::resources::flannel_daemonset_config

ensure

Data type: K8s::Ensure

Whether the resource should be present or absent on the system

Default value: $k8s::ensure

image

Data type: String[1]

The Flannel image name to use

Default value: $k8s::server::resources::flannel_image

image_pull_secrets

Data type: Optional[Array]

the secrets to pull from private registries

Default value: $k8s::server::resources::image_pull_secrets

image_tag

Data type: String[1]

The Flannel image tag to use

Default value: $k8s::server::resources::flannel_tag

kubeconfig

Data type: Stdlib::Unixpath

The path to the kubeconfig file to use

Default value: $k8s::server::resources::kubeconfig

net_config

Data type: Hash[String,Data]

Additional configuration to merge into net-conf.json for Flannel

Default value: {}

registry

Data type: String[1]

The Flannel image registry to use

Default value: $k8s::server::resources::flannel_registry

k8s::server::resources::kube_proxy

Generates and deploys the default kube-proxy service for Kubernetes

Parameters

The following parameters are available in the k8s::server::resources::kube_proxy class:

cluster_cidr

Data type: K8s::CIDR

The internal cluster CIDR to proxy for

Default value: $k8s::server::resources::cluster_cidr

daemonset_config

Data type: Hash[String,Data]

Additional configuration to merge into the DaemonSet object

Default value: {}

ensure

Data type: K8s::Ensure

Whether the resource should be present or absent

Default value: $k8s::ensure

extra_args

Data type: Hash[String,Data]

Additional arguments to specify to the kube-proxy application

Default value: {}

extra_config

Data type: Hash[String,Data]

Additional configuration data to apply to the kube-proxy configuration file

Default value: {}

image

Data type: String[1]

The kube-proxy image name to use

Default value: $k8s::server::resources::kube_proxy_image

image_pull_secrets

Data type: Optional[Array]

the secrets to pull from private registries

Default value: $k8s::server::resources::image_pull_secrets

image_tag

Data type: String[1]

The kube-proxy image tag to use

Default value: $k8s::server::resources::kube_proxy_tag

kubeconfig

Data type: Stdlib::Unixpath

The path to the kubeconfig file to use

Default value: $k8s::server::resources::kubeconfig

registry

Data type: String[1]

The kube-proxy image registry to use

Default value: $k8s::server::resources::kube_proxy_registry

k8s::server::scheduler

Installs and configures a Kubernetes scheduler

Parameters

The following parameters are available in the k8s::server::scheduler class:

ensure

Data type: K8s::Ensure

Whether the scheduler should be configured.

Default value: $k8s::server::ensure

control_plane_url

Data type: Stdlib::HTTPUrl

The URL of the Kubernetes API server.

Default value: $k8s::control_plane_url

arguments

Data type: Hash[String, Data]

Additional arguments to pass to the scheduler.

Default value: {}

cert_path

Data type: Stdlib::Unixpath

The path to the directory containing the TLS certificates.

Default value: $k8s::server::tls::cert_path

ca_cert

Data type: Stdlib::Unixpath

The path to the CA certificate.

Default value: $k8s::server::tls::ca_cert

cert

Data type: Stdlib::Unixpath

The path to the scheduler certificate.

Default value: "${cert_path}/kube-scheduler.pem"

key

Data type: Stdlib::Unixpath

The path to the scheduler key.

Default value: "${cert_path}/kube-scheduler.key"

container_registry

Data type: String[1]

The container registry to pull images from.

Default value: $k8s::container_registry

container_image

Data type: String[1]

The container image to use for the scheduler.

Default value: 'kube-scheduler'

container_image_tag

Data type: Optional[String[1]]

The container image tag to use for the scheduler.

Default value: $k8s::container_image_tag

k8s::server::tls

Generates the necessary Kubernetes certificates for a server

Parameters

The following parameters are available in the k8s::server::tls class:

aggregator_ca_cert

Data type: Stdlib::Unixpath

The path to the aggregator CA certificate

Default value: $k8s::server::aggregator_ca_cert

aggregator_ca_key

Data type: Stdlib::Unixpath

The path to the aggregator CA key

Default value: $k8s::server::aggregator_ca_key

api_addn_names

Data type: K8s::TLS_altnames

Additional names to add to the API server certificate

Default value: []

api_service_address

Data type: Stdlib::IP::Address::Nosubnet

The API service address

Default value: $k8s::api_service_address

ca_cert

Data type: Stdlib::Unixpath

The path to the CA certificate

Default value: $k8s::server::ca_cert

ca_key

Data type: Stdlib::Unixpath

The path to the CA key

Default value: $k8s::server::ca_key

cert_path

Data type: Stdlib::Unixpath

The path to the certificates

Default value: $k8s::server::cert_path

cluster_domain

Data type: String[1]

The cluster domain

Default value: $k8s::cluster_domain

ensure

Data type: K8s::Ensure

Whether to generate the certificates or not

Default value: 'present'

generate_ca

Data type: Boolean

Whether to generate the CA or not

Default value: $k8s::server::generate_ca

key_bits

Data type: Integer[512]

The number of bits to use for the key

Default value: 2048

manage_certs

Data type: Boolean

Whether to manage the certificates or not

Default value: $k8s::server::manage_certs

valid_days

Data type: Integer[1]

The number of days the certificate is valid for

Default value: 10000

k8s::server::wait_online

Creates a dummy exec to allow deferring applies until the Kubernetes API server has started

Defined types

k8s::binary

Deploys a Kubernetes binary

Parameters

The following parameters are available in the k8s::binary defined type:

ensure

Data type: K8s::Ensure

Whether the binary should be present or absent

Default value: $k8s::ensure

version

Data type: String[1]

The version to deploy

Default value: $k8s::version

packaging

Data type: String[1]

The packaging method to use

Default value: $k8s::packaging

target

Data type: String[1]

The directory to deploy the binary to

Default value: "/opt/k8s/${$version}"

tarball_target

Data type: String[1]

The directory to download tarballs to

Default value: '/opt/k8s/archives'

active

Data type: Boolean

Whether the binary should be active

Default value: true

component

Data type: Optional[String]

The component to deploy

Default value: undef

k8s::server::bootstrap_token

You generally only want this to be done on a single Kubernetes server

Parameters

The following parameters are available in the k8s::server::bootstrap_token defined type:

addn_data

Data type: Hash[String,Data]

Additional data to add to the token

Default value: {}

description

Data type: Optional[String]

A description of the token

Default value: undef

ensure

Data type: K8s::Ensure

Whether the token should be present or absent

Default value: 'present'

expiration

Data type: Optional[K8s::Timestamp]

The expiration time of the token

Default value: undef

extra_groups

Data type: Optional[Array[String]]

An array of extra groups to add to the token

Default value: undef

id

Data type: Pattern[/^[a-z0-9]{6}$/]

The ID of the token to generate

Default value: $name

kubeconfig

Data type: Stdlib::Unixpath

The path to the kubeconfig file to use

secret

Data type: Sensitive[K8s::Bootstrap_token]

The secret to use for the token

Default value: Sensitive(fqdn_rand_string(16).downcase())

update

Data type: Boolean

Whether to update the token if it already exists

Default value: false

use_authentication

Data type: Boolean

Whether the token should be used for authentication

Default value: true

use_signing

Data type: Optional[Boolean]

Whether the token should be used for signing

Default value: undef

k8s::server::etcd::member

TODO - Convert to native type

Parameters

The following parameters are available in the k8s::server::etcd::member defined type:

cluster_ca

Data type: Optional[Stdlib::Unixpath]

The cluster CA for the new member

Default value: undef

cluster_cert

Data type: Optional[Stdlib::Unixpath]

The cluster cert for the new member

Default value: undef

cluster_key

Data type: Optional[Stdlib::Unixpath]

The cluster key for the new member

Default value: undef

cluster_urls

Data type: Optional[Array[Stdlib::HTTPUrl]]

The cluster URLs for the new member

Default value: undef

peer_urls

Data type: Array[String, 1]

The peer URLs for the new member

k8s::server::tls::ca

Generates a TLS CA

Parameters

The following parameters are available in the k8s::server::tls::ca defined type:

key

Data type: Stdlib::Unixpath

The path to the CA key

cert

Data type: Stdlib::Unixpath

The path to the CA certificate

ensure

Data type: K8s::Ensure

Whether the CA should be present or absent

Default value: present

subject

Data type: String[1]

The subject of the CA certificate

Default value: "/CN=${title}"

owner

Data type: String[1]

The owner of the CA key and certificate

Default value: 'root'

group

Data type: String[1]

The group of the CA key and certificate

Default value: 'root'

key_bits

Data type: Integer[512]

The number of bits in the CA key

Default value: 2048

valid_days

Data type: Integer[1]

The number of days the CA certificate is valid

Default value: 10000

generate

Data type: Boolean

Whether to generate the CA key and certificate

Default value: true

k8s::server::tls::cert

Generates and signs a TLS certificate

Parameters

The following parameters are available in the k8s::server::tls::cert defined type:

addn_names

Data type: K8s::TLS_altnames

The additional names for the certificate

Default value: []

ca_cert

Data type: Stdlib::Unixpath

The path to the CA certificate

ca_key

Data type: Stdlib::Unixpath

The path to the CA key

cert

Data type: Stdlib::Unixpath

The path to the certificate file

Default value: "${cert_path}/${title}.pem"

cert_path

Data type: Stdlib::Unixpath

The path to the directory where the certificate will be stored

config

Data type: Stdlib::Unixpath

The path to the OpenSSL config file

Default value: "${cert_path}/${title}.cnf"

csr

Data type: Stdlib::Unixpath

The path to the CSR file

Default value: "${cert_path}/${title}.csr"

distinguished_name

Data type: Hash[String, String]

The distinguished name for the certificate

ensure

Data type: K8s::Ensure

Whether the certificate should be present or absent

Default value: present

extended_key_usage

Data type: K8s::Extended_key_usage

The extended key usage for the certificate

Default value: ['clientAuth']

group

Data type: String[1]

The group of the certificate files

Default value: 'root'

key

Data type: Stdlib::Unixpath

The path to the key file

Default value: "${cert_path}/${title}.key"

key_bits

Data type: Integer[512]

The number of bits in the key

Default value: 2048

owner

Data type: String[1]

The owner of the certificate files

Default value: 'root'

valid_days

Data type: Integer[1]

The number of days the certificate should be valid

Default value: 10000

k8s::server::tls::k8s_sign

TODO - This should probably be done as a service next to the apiservers

Parameters

The following parameters are available in the k8s::server::tls::k8s_sign defined type:

kubeconfig

Data type: Any

Path to the kubeconfig file

Default value: '/root/.kube/config'

Resource types

kubeconfig

Example:

kubeconfig { '/var/lib/kubernetes/utility.conf': ca_cert => '/etc/kubernetes.ca.pem', token => 'utility-token', }

Properties

The following properties are available in the kubeconfig type.

ensure

Valid values: present, absent

Whether the kubeconfig should be present or absent (default: present)

Default value: present

Parameters

The following parameters are available in the kubeconfig type.

ca_cert

The path to a CA certificate to include in the kubeconfig

client_cert

The path to a client certificate to include in the kubeconfig

client_key

The path to a client key to include in the kubeconfig

cluster

The name of the cluster to manage in the kubeconfig file

Default value: default

context

The name of the cluster to manage in the kubeconfig file

Default value: default

current_context

The current context to set

embed_certs

Valid values: true, false

Should the certificate files be embedded into the kubeconfig file

Default value: true

group

The owner of the kubeconfig file

mode

The access mode of the kubeconfig file

Default value: 0600

namespace

The namespace to default to

Default value: default

owner

The owner of the kubeconfig file

password

The password of a user

path

An arbitrary path used as the identity of the resource.

provider

The specific backend to use for this kubeconfig resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

server

The server URL for the cluster

skip_tls_verify

Valid values: true, false

Skip verifying the TLS certs for the cluster

Default value: false

tls_server_name

Specify an alternate server name to use for TLS verification

token

An authentication token for a user

token_file

The path to a file containing an authentication token

user

The name of the user to manage in the kubeconfig file

Default value: default

username

The username of a user

kubectl_apply

Example:

To encode the bootstrap token "tokenid.tokensecret" into a Kubernetes secret;

$tokenid = 'tokenid'
$tokensecret = 'tokensecret'
kubectl_apply { "bootstrap-token-${tokenid}":
  namespace   => 'kube-system',
  kubeconfig  => '/root/.kube/config',

  api_version => 'v1,
  kind        => 'Secret',

  content     => {
    type => 'bootstrap.kubernetes.io/token',
    data => {
      'token-id'                       => Binary.new($tokenid, '%s'),
      'token-secret'                   => Binary.new($tokensecret, '%s'),
      'usage-bootstrap-authentication' => 'true',
    },
  },
}

Properties

The following properties are available in the kubectl_apply type.

ensure

Valid values: present, absent

Whether the described resource should be present or absent (default: present)

Default value: present

Parameters

The following parameters are available in the kubectl_apply type.

api_version

The apiVersion of the resource

content

The resource content, will be used as the base for the resulting Kubernetes resource

Default value: {}

file

The local file for the resource

kind

The kind of the resource

kubeconfig

The kubeconfig file to use for handling the resource

name

namevar

The Puppet name of the instance

namespace

The namespace the resource is contained in

provider

The specific backend to use for this kubectl_apply resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

recreate

Valid values: true, false, yes, no

Should updates be done by removal and recreation

Default value: false

resource_name

The name of the resource

show_diff

Valid values: true, false, yes, no

Whether to display the difference when the resource changes

Default value: false

update

Valid values: true, false, yes, no

Whether to update the resource if the content differs

Default value: true

Functions

k8s::format_arguments

Type: Ruby 4.x API

Formats a hash of arguments into something that can be passed to a kubernetes application

k8s::format_arguments(Hash[String,Data] $arguments)

Formats a hash of arguments into something that can be passed to a kubernetes application

Returns: Array[String] An array of formatted kubernetes arguments

arguments

Data type: Hash[String,Data]

A hash of arguments to format

k8s::format_url

Type: Ruby 4.x API

Formats a download URL for K8s binaries

k8s::format_url(String[1] $url, Hash[String,Data] $components)

Formats a download URL for K8s binaries

Returns: Any String A valid download URL

url

Data type: String[1]

The URL template to format

components

Data type: Hash[String,Data]

A hash of additional arguments

k8s::ip_in_cidr

Type: Ruby 4.x API

Retrieves an IP inside of a CIDR based on an index

Examples

In 192.168.0.0/24
k8s::ip_in_cidr('192.168.0.0/24', 'first')
# => 192.168.0.1
k8s::ip_in_cidr('192.168.0.0/24', 'second')
# => 192.168.0.2
k8s::ip_in_cidr('192.168.0.0/16', 600)
# => 192.168.1.244

k8s::ip_in_cidr(Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Array[Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR]]] $cidr, Optional[Variant[Enum["first","second"], Integer[1]]] $index)

Retrieves an IP inside of a CIDR based on an index

Returns: String The first IP address in the CIDR

Examples
In 192.168.0.0/24
k8s::ip_in_cidr('192.168.0.0/24', 'first')
# => 192.168.0.1
k8s::ip_in_cidr('192.168.0.0/24', 'second')
# => 192.168.0.2
k8s::ip_in_cidr('192.168.0.0/16', 600)
# => 192.168.1.244
cidr

Data type: Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Array[Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR]]]

The CIDR to work on

index

Data type: Optional[Variant[Enum["first","second"], Integer[1]]]

The index of the IP to retrieve

Data types

K8s::Bootstrap_token

A Kubernetes bootstrap token, must be 16-characters lowercase alphanumerical

Alias of Pattern[/\A[a-z0-9]{16}\z/]

K8s::CIDR

a type to describe one or more IPv4/6 CIDR

Alias of

Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Array[
    Variant[
      Stdlib::IP::Address::V4::CIDR,
      Stdlib::IP::Address::V6::CIDR
    ],
    1
  ]]

K8s::Container_runtimes

a type to describe the supported container runtimes

Alias of Enum['crio', 'containerd']

K8s::Duration

https://golang.org/pkg/time/#ParseDuration

Alias of Pattern[/^(-?[0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$/]

K8s::Ensure

a type to describe the ensure pattern

Alias of Enum['present', 'absent']

K8s::Extended_key_usage

a type to describe extended key usage for a TLS certificate

Alias of

Array[Enum[
    'clientAuth',
    'serverAuth'
  ]]

K8s::Firewall

a type to describe the type of the firewall to use

Alias of Enum['iptables', 'firewalld']

K8s::IP_addresses

a type to describe multiple IP addresses without subnet sizes

Alias of

Variant[Stdlib::IP::Address::Nosubnet, Array[
    Stdlib::IP::Address::Nosubnet,
    1
  ]]

K8s::Native_packaging

a type to describe Kubernetes native packaging methods

  • Note hyperkube is a legacy name for single-binary packages

Alias of Enum['package', 'tarball', 'loose', 'hyperkube', 'manual']

K8s::Node_auth

a type to describe node/kubelet authentication methods

Alias of Enum['cert', 'token', 'bootstrap']

K8s::PortRange

This regexp matches port range values

Alias of Pattern[/^[0-9]+(-[0-9]+)?$/]

K8s::Proxy_auth

a type to describe kube-proxy authentication methods

Alias of Enum['cert', 'token', 'incluster']

K8s::Proxy_method

a type to describe how kube-proxy should be deployed

Alias of

Variant[Enum[
    'on-node',
    'in-cluster',
  ], Boolean]

K8s::Quantity

This regexp matches quantities, like those for resource requests/limits

Alias of Pattern[/^[+-]?([0-9]+|[0-9]+\.[0-9]{1,3}|\.[0-9]{1,3}|[0-9]+\.)([KMGTPE]i|[mkMGTPE]|[eE][0-9]+(\.[0-9]+)?)?$/]

K8s::TLS_altnames

a type to describe TLS alternative names in certificates

Alias of

Array[Variant[
    Stdlib::Fqdn,
    Stdlib::IP::Address::Nosubnet,
  ]]

K8s::Timestamp

This regexp matches RFC3339 timestamps, the same as what Kubernetes expects to find

Alias of Pattern[/^([0-9]+)-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])[Tt]([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]|60)(\.[0-9]+)?([Zz]|[+-]([01][0-9]|2[0-3]):[0-5][0-9])$/]

K8s::URI

This regexp matches URI values

Alias of Pattern[/^[a-z]+:\/\//]

K8s::Version

A type for handling Kubernetes version numbers

Alias of Pattern[/^(\d+\.){2}\d+$/]