We've discontinued the registration of new Bundles

New Bundle registrations are no longer accepted. Existing bundles remain functional. We recommend using the Juju Terraform Provider for new deployments.

Learn more

Canonical Kubernetes Canal

Canonical Kubernetes Publisher | bundle

Platform:

Ubuntu
Channel Revision Published
latest/stable 1233 16 Dec 2021
latest/candidate 1185 26 Oct 2021
latest/beta 1233 15 Dec 2021
latest/edge 1281 01 Feb 2022 
juju deploy canonical-kubernetes-canal

Learn to deploy on juju >

Learn about configurations >

  • config_version | string

    Default: v2

    Containerd config version. Can be "v1" or "v2". DEPRECATED: config_version will be removed in a future release.

  • custom-registry-ca | string

    Base64 encoded Certificate Authority (CA) bundle. Setting this config allows container runtimes to pull images from registries with TLS certificates signed by an external CA.

  • custom_registries | string

    Default: []

    Registry endpoints and credentials. Setting this config allows Kubelet to pull images from registries where auth is required. The value for this config must be a JSON array of credential objects, like this: e.g.: [{"host": "my.registry:port", "username": "user", "password": "pass"}] Credential Object Parameters: `url: REQUIRED str` the URL to the registry, include the port if not it isn't implied from the schema. e.g: "url": "https://my.registry:8443" e.g: "url": "http://my.registry" host: OPTIONAL str - defaults to auto-generated from the url could be registry host address or a name e.g.: myregistry.io:9000, 10.10.10.10:5432 e.g.: myregistry.io, myregistry Note: It will be derived from `url` if not provided. e.g.: "url": "http://10.10.10.10:8000" --> "host": "10.10.10.10:8000" username: OPTIONAL str - default '' password: OPTIONAL str|dict - default '' Used by containerd for basic authentication to the registry. If a string, will be rendered wrapped as a double-quoted str (password = "my-strong-password") If a dictionary, will be rendered as a single-quoted json (password = '{"my": "json"}') e.g.: "password": '"$(jq -c . gce.json)"' ca_file: OPTIONAL str - default '' cert_file: OPTIONAL str - default '' key_file: OPTIONAL str - default '' For ssl/tls communication these should be a base64 encoded file e.g.: "ca_file": "'"$(base64 -w 0 < my.custom.registry.pem)"'" insecure_skip_verify: OPTIONAL bool - default false For situatations where the registry has self-signed or expired certs and a quick work-around is necessary. e.g.: "insecure_skip_verify": true example config) juju config containerd custom_registries='[{ "url": "https://registry.example.com", "ca_file": "'"$(base64 -w 0 < ~/my.custom.ca.pem)"'", "cert_file": "'"$(base64 -w 0 < ~/my.custom.cert.pem)"'", "key_file": "'"$(base64 -w 0 < ~/my.custom.key.pem)"'", }]'

  • disable-juju-proxy | boolean

    Ignore juju-http(s) proxy settings on this charm. If set to true, all juju https proxy settings will be ignored

  • enable-cgroups | boolean

    Enable GRUB cgroup overrides cgroup_enable=memory swapaccount=1. WARNING changing this option will reboot the host - use with caution on production services.

  • gpu_driver | string

    Default: auto

    Override GPU driver installation. Options are "auto", "nvidia", "none". Caution: setting this to nvidia will cause nvidia drivers to be installed on kubernetes-control-plane, even if a GPU is not present.

  • http_proxy | string

    URL to use for HTTP_PROXY to be used by Containerd. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.

  • https_proxy | string

    URL to use for HTTPS_PROXY to be used by Containerd. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.

  • kill_signal | string

    Default: SIGTERM

    Set containerd systemd KillSignal. Options are standard signals from https://man7.org/linux/man-pages/man7/signal.7.html

  • no_proxy | string

    Comma-separated list of destinations (either domain names or IP addresses) which should be accessed directly, rather than through the proxy defined in http_proxy or https_proxy. Must be less than 2023 characters long.

  • nvidia_apt_key_urls | string

    Default: https://nvidia.github.io/nvidia-container-runtime/gpgkey https://developer.download.nvidia.com/compute/cuda/repos/{id}{version_id_no_dot}/x86_64/3bf863cc.pub

    Space-separated list of APT GPG key URLs to add when using Nvidia GPUs. Supported template options: {id}: OS release ID, e.g. "ubuntu" {version_id}: OS release version ID, e.g. "20.04" {version_id_no_dot}: OS release version ID with no dot, e.g. "2004"

  • nvidia_apt_packages | string

    Default: cuda-drivers nvidia-container-runtime

    Space-separated list of APT packages to install when using Nvidia GPUs.

  • nvidia_apt_sources | string

    Default: deb https://nvidia.github.io/libnvidia-container/stable/deb/$(ARCH) / deb https://nvidia.github.io/nvidia-container-runtime/{id}{version_id}/$(ARCH) / deb https://developer.download.nvidia.com/compute/cuda/repos/{id}{version_id_no_dot}/x86_64 /

    Newline-separated list of APT sources to add when using Nvidia GPUs. Supported template options: {id}: OS release ID, e.g. "ubuntu" {version_id}: OS release version ID, e.g. "20.04" {version_id_no_dot}: OS release version ID with no dot, e.g. "2004"

  • runtime | string

    Default: auto

    Set a custom containerd runtime. Set "auto" to select based on hardware.

  • shim | string

    Default: containerd-shim

    Set a custom containerd shim.