You are viewing documentation for Kubernetes version: v1.30
Kubernetes v1.30 documentation is no longer actively maintained. The version you are currently viewing is a static snapshot. For up-to-date information, see the latest version.
Customizing components with the kubeadm API
This page covers how to customize the components that kubeadm deploys. For control plane components you can use flags in the ClusterConfiguration structure or es per-node. For the kubelet and kube-proxy you can use KubeletConfiguration and KubeProxyConfiguration, accordingly.
All of these options are possible via the kubeadm configuration API. For more details on each field in the configuration you can navigate to our API reference pages.
Note:
Customizing the CoreDNS deployment of kubeadm is currently not supported. You must manually thekube-system/coredns ConfigMap and recreate the CoreDNS Pods after that. Alternatively, you can skip the default CoreDNS deployment and deploy your own variant. For more details on that see Using init phases with kubeadm.Note:
To reconfigure a cluster that has already been created see Reconfiguring a kubeadm cluster.Customizing the control plane with flags in ClusterConfiguration
The kubeadm ClusterConfiguration object exposes a way for users to override the default flags passed to control plane components such as the APIServer, ControllerManager, Scheduler and Etcd. The components are defined using the following structures:
apiServercontrollerManagerscheduleretcd
These structures contain a common extraArgs field, that consists of key: value pairs. To override a flag for a control plane component:
- Add the appropriate
extraArgsto your configuration. - Add flags to the
extraArgsfield. - Run
kubeadm initwith--config <YOUR CONFIG YAML>.
Note:
You can generate aClusterConfiguration object with default values by running kubeadm config print init-defaults and saving the output to a file of your choice.Note:
TheClusterConfiguration object is currently global in kubeadm clusters. This means that any flags that you add, will apply to all instances of the same component on different nodes. To apply individual configuration per component on different nodes you can use es.Note:
Duplicate flags (keys), or passing the same flag--foo multiple times, is currently not supported. To workaround that you must use es.APIServer flags
For details, see the reference documentation for kube-apiserver.
Example usage:
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.16.0
apiServer:
extraArgs:
anonymous-auth: "false"
enable-admission-plugins: AlwaysPullImages,DefaultStorageClass
audit-log-path: /home/johndoe/audit.log
ControllerManager flags
For details, see the reference documentation for kube-controller-manager.
Example usage:
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.16.0
controllerManager:
extraArgs:
cluster-signing-key-file: /home/johndoe/keys/ca.key
deployment-controller-sync-period: "50"
Scheduler flags
For details, see the reference documentation for kube-scheduler.
Example usage:
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.16.0
scheduler:
extraArgs:
config: /etc/kubernetes/scheduler-config.yaml
extraVolumes:
- name: schedulerconfig
hostPath: /home/johndoe/schedconfig.yaml
mountPath: /etc/kubernetes/scheduler-config.yaml
readOnly: true
pathType: "File"
Etcd flags
For details, see the etcd server documentation.
Example usage:
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
etcd:
local:
extraArgs:
election-timeout: 1000
Customizing with es
Kubernetes v1.22 [beta]Kubeadm allows you to pass a directory with files to InitConfiguration and JoinConfiguration on individual nodes. These es can be used as the last customization step before component configuration is written to disk.
You can pass this file to kubeadm init with --config <YOUR CONFIG YAML>:
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
es:
directory: /home/user/somedir
Note:
Forkubeadm init you can pass a file containing both a ClusterConfiguration and InitConfiguration separated by ---.You can pass this file to kubeadm join with --config <YOUR CONFIG YAML>:
apiVersion: kubeadm.k8s.io/v1beta3
kind: JoinConfiguration
es:
directory: /home/user/somedir
The directory must contain files named target[suffix][+type].extension. For example, kube-apiserver0+merge.yaml or just etcd.json.
targetcan be one ofkube-apiserver,kube-controller-manager,kube-scheduler,etcdandkubeletconfiguration.suffixis an optional string that can be used to determine which es are applied first alpha-numerically.typecan be one ofstrategic,mergeorjsonand these must match the ing formats supported by kubectl. The defaulttypeisstrategic.extensionmust be eitherjsonoryaml.
Note:
If you are usingkubeadm upgrade to upgrade your kubeadm nodes you must again provide the same es, so that the customization is preserved after upgrade. To do that you can use the --es flag, which must point to the same directory. kubeadm upgrade currently does not support a configuration API structure that can be used for the same purpose.Customizing the kubelet
To customize the kubelet you can add a KubeletConfiguration next to the ClusterConfiguration or InitConfiguration separated by --- within the same configuration file. This file can then be passed to kubeadm init and kubeadm will apply the same base KubeletConfiguration to all nodes in the cluster.
For applying instance-specific configuration over the base KubeletConfiguration you can use the kubeletconfiguration target.
Alternatively, you can use kubelet flags as overrides by passing them in the nodeRegistration.kubeletExtraArgs field supported by both InitConfiguration and JoinConfiguration. Some kubelet flags are deprecated, so check their status in the kubelet reference documentation before using them.
For additional details see Configuring each kubelet in your cluster using kubeadm
Customizing kube-proxy
To customize kube-proxy you can pass a KubeProxyConfiguration next your ClusterConfiguration or InitConfiguration to kubeadm init separated by ---.
For more details you can navigate to our API reference pages.
Note:
kubeadm deploys kube-proxy as a DaemonSet, which means that theKubeProxyConfiguration would apply to all instances of kube-proxy in the cluster.