Kubernetes Control Plane

  • Canonical Kubernetes
Channel Revision Published Runs on
latest/stable 560 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/stable 559 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/stable 558 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/stable 219 17 Apr 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/candidate 560 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/candidate 559 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/candidate 558 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/candidate 219 07 Sep 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/beta 536 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/beta 535 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/beta 534 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/beta 211 24 Jan 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 563 Today
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 562 Today
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 561 Today
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 508 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 507 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 506 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
latest/edge 211 07 Sep 2023
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.32/edge 563 Today
Ubuntu 22.04 Ubuntu 20.04
1.32/edge 562 Today
Ubuntu 22.04 Ubuntu 20.04
1.32/edge 561 Today
Ubuntu 22.04 Ubuntu 20.04
1.31/stable 560 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.31/stable 559 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.31/stable 558 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.31/stable 219 16 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.31/candidate 560 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/candidate 559 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/candidate 558 06 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/beta 536 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/beta 535 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/beta 534 20 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/edge 539 27 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/edge 538 27 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/edge 537 27 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/stable 505 11 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/stable 504 11 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/stable 503 11 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/beta 505 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/beta 504 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/beta 503 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/edge 511 29 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.30/edge 510 29 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.30/edge 509 29 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.30/edge 508 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.30/edge 507 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.30/edge 506 27 Jul 2024
Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04
1.29/stable 502 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/stable 501 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/stable 500 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/candidate 502 02 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/candidate 501 02 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/candidate 500 02 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/beta 439 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/beta 438 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/beta 437 05 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/edge 427 05 Mar 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/edge 426 05 Mar 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/edge 425 05 Mar 2024
Ubuntu 22.04 Ubuntu 20.04
1.28/stable 321 07 Nov 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/candidate 321 01 Nov 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/beta 302 18 Aug 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/edge 305 06 Sep 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/stable 274 12 Jun 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/candidate 274 12 Jun 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/beta 260 10 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/edge 261 10 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/stable 247 20 Mar 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/candidate 247 16 Mar 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/beta 220 09 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/edge 220 01 Dec 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.26/edge 211 16 Nov 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/stable 219 01 Dec 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/candidate 219 30 Nov 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/beta 221 01 Dec 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/beta 186 01 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/edge 190 09 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.24/stable 171 04 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/stable 152 05 May 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/candidate 171 02 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.24/beta 152 05 May 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/edge 172 12 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/edge 166 21 Jul 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/edge 165 10 Jul 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.23/beta 90 22 Mar 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.23/edge 98 25 Mar 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
juju deploy kubernetes-control-plane
Show information

Platform:

Ubuntu
24.04 22.04 20.04 18.04 16.04

This charm is an encapsulation of the Kubernetes control plane processes and related operations to run on any cloud for the entire lifecycle of the cluster.

Deployment

This charm is not fully functional when deployed by itself. It requires other charms to model a complete Kubernetes cluster. A Kubernetes cluster needs a distributed key value store such as Etcd and the kubernetes-worker charm which delivers the Kubernetes node services. Other common requirements include a Software Defined Network (SDN), a Container Runtime such as containerd, and a Transport Layer Security (TLS) provider so the components in a cluster can communicate securely.

Please take a look at the Charmed Kubernetes or the Kubernetes core bundles for examples of complete models of Kubernetes clusters.

Resources

The kubernetes-control-plane charm takes advantage of Juju Resources to deliver core Kubernetes software.

In deployments on public clouds, resources are provided to the charm automatically with no user intervention. Some environments with strict firewall rules may not be able to fetch these directly. In these network restricted environments, local resources can be uploaded to the model by the Juju operator.

Snap Refresh

The Kubernetes resources used by this charm are snap packages. When not specified during deployment, these resources come from the public store. By default, the snapd daemon will refresh all snaps installed from the store four (4) times per day. A charm configuration option is provided for operators to control this refresh frequency.

NOTE: this is a global configuration option and will affect the refresh time for all snaps installed on a system.

Examples:

## refresh kubernetes-control-plane snaps every tuesday
juju config kubernetes-control-plane snapd_refresh="tue"

## refresh snaps at 11pm on the last (5th) friday of the month
juju config kubernetes-control-plane snapd_refresh="fri5,23:00"

## delay the refresh as long as possible
juju config kubernetes-control-plane snapd_refresh="max"

## use the system default refresh timer
juju config kubernetes-control-plane snapd_refresh=""

For more information, see the snap refresh documentation.

Configuration

Charmed Kubernetes ships with sensible, tested default configurations to ensure a reliable Kubernetes experience, but of course these can be changed to reflect the purpose and resources of your cluster. The configuration section details all available configuration options, while this section deals with specific, commonly used settings. You may wish to also read the Addons page for information on the extra services installed with Charmed Kubernetes.

IPVS (IP Virtual Server)

IPVS implements transport-layer load balancing as part of the Linux kernel, and can be used by the kube-proxy service to handle service routing. By default kube-proxy uses a solution based on iptables, but this can cause a lot of overhead in systems with large numbers of nodes. There is more information on this in the upstream Kubernetes IPVS deep dive documentation.

IPVS is an extra option for kube-proxy, and can be enabled by changing the configuration:

juju config kubernetes-control-plane proxy-extra-config='{mode: ipvs, ipvs: {strictARP: true}}'

It is also necessary to change this configuration option on the worker:

juju config kubernetes-worker proxy-extra-config='{mode: ipvs, ipvs: {strictARP: true}}'

Admission controls

As with other aspects of the Kubernetes API, admission controls can be enabled by adding extra values to the charm’s api-extra-args configuration.

For admission controls, it may be useful to refer to the Kubernetes blog for more information on the options, but for example, to add the PersistentVolumeLabel admission controller:

  1. Check any current config settings for api-extra-args (there are none by default):
    juju config kubernetes-control-plane api-extra-args
    
  2. Append the desired config option to the previous output and apply:
    juju config kubernetes-control-plane api-extra-args="enable-admission-plugins=PersistentVolumeLabel"
    

Adding SANs and certificate regeneration

As explained in the Certificates and trust overview, the extra_sans configuration settings can be used to add SANs and regenerate x509 certificate(s) for the API server running on the Kubernetes control plane node(s), and for the load balancer. When this configuration is changed, the control plane node(s) will regenerate certificates and restart the API server to update the certificate used for communication.

NOTE: this is disruptive as the Kubernetes API server is restarted.

The process is the same for both the kubernetes-control-plane and the kubeapi-load-balancer charms. The configuration option takes a space-separated list of extra entries:

juju config kubernetes-control-plane extra_sans="main.mydomain.com lb.mydomain.com"
juju config kubeapi-load-balancer extra_sans="main.mydomain.com lb.mydomain.com"

To clear the entries out of the certificate, use an empty string:

juju config kubernetes-control-plane extra_sans=""
juju config kubeapi-load-balancer extra_sans=""

More information


Help improve this document in the forum (guidelines). Last updated 1 year, 3 months ago.