diff options
Diffstat (limited to 'nixos/modules/services/cluster/kubernetes')
9 files changed, 136 insertions, 136 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/addon-manager.nix b/nixos/modules/services/cluster/kubernetes/addon-manager.nix index b677d900ff5..99fd1e6f049 100644 --- a/nixos/modules/services/cluster/kubernetes/addon-manager.nix +++ b/nixos/modules/services/cluster/kubernetes/addon-manager.nix @@ -21,7 +21,7 @@ in options.services.kubernetes.addonManager = with lib.types; { bootstrapAddons = mkOption { - description = '' + description = lib.mdDoc '' Bootstrap addons are like regular addons, but they are applied with cluster-admin rigths. They are applied at addon-manager startup only. ''; @@ -43,7 +43,7 @@ in }; addons = mkOption { - description = "Kubernetes addons (any kind of Kubernetes resource can be an addon)."; + description = lib.mdDoc "Kubernetes addons (any kind of Kubernetes resource can be an addon)."; default = { }; type = attrsOf (either attrs (listOf attrs)); example = literalExpression '' diff --git a/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/nixos/modules/services/cluster/kubernetes/addons/dns.nix index 7bd4991f43f..5b1e9a68768 100644 --- a/nixos/modules/services/cluster/kubernetes/addons/dns.nix +++ b/nixos/modules/services/cluster/kubernetes/addons/dns.nix @@ -15,7 +15,7 @@ in { enable = mkEnableOption "kubernetes dns addon"; clusterIp = mkOption { - description = "Dns addon clusterIP"; + description = lib.mdDoc "Dns addon clusterIP"; # this default is also what kubernetes users default = ( @@ -31,31 +31,31 @@ in { }; clusterDomain = mkOption { - description = "Dns cluster domain"; + description = lib.mdDoc "Dns cluster domain"; default = "cluster.local"; type = types.str; }; replicas = mkOption { - description = "Number of DNS pod replicas to deploy in the cluster."; + description = lib.mdDoc "Number of DNS pod replicas to deploy in the cluster."; default = 2; type = types.int; }; reconcileMode = mkOption { - description = '' + description = lib.mdDoc '' Controls the addon manager reconciliation mode for the DNS addon. Setting reconcile mode to EnsureExists makes it possible to tailor DNS behavior by editing the coredns ConfigMap. - See: <link xlink:href="https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/addon-manager/README.md"/>. + See: <https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/addon-manager/README.md>. ''; default = "Reconcile"; type = types.enum [ "Reconcile" "EnsureExists" ]; }; coredns = mkOption { - description = "Docker image to seed for the CoreDNS container."; + description = lib.mdDoc "Docker image to seed for the CoreDNS container."; type = types.attrs; default = { imageName = "coredns/coredns"; @@ -66,10 +66,10 @@ in { }; corefile = mkOption { - description = '' + description = lib.mdDoc '' Custom coredns corefile configuration. - See: <link xlink:href="https://coredns.io/manual/toc/#configuration"/>. + See: <https://coredns.io/manual/toc/#configuration>. ''; type = types.str; default = '' diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix index a192e93badc..c9ae2c14bbf 100644 --- a/nixos/modules/services/cluster/kubernetes/apiserver.nix +++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix @@ -30,7 +30,7 @@ in options.services.kubernetes.apiserver = with lib.types; { advertiseAddress = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. @@ -40,40 +40,40 @@ in }; allowPrivileged = mkOption { - description = "Whether to allow privileged containers on Kubernetes."; + description = lib.mdDoc "Whether to allow privileged containers on Kubernetes."; default = false; type = bool; }; authorizationMode = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver authorization mode (AlwaysAllow/AlwaysDeny/ABAC/Webhook/RBAC/Node). See - <link xlink:href="https://kubernetes.io/docs/reference/access-authn-authz/authorization/"/> + <https://kubernetes.io/docs/reference/access-authn-authz/authorization/> ''; default = ["RBAC" "Node"]; # Enabling RBAC by default, although kubernetes default is AllowAllow type = listOf (enum ["AlwaysAllow" "AlwaysDeny" "ABAC" "Webhook" "RBAC" "Node"]); }; authorizationPolicy = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver authorization policy file. See - <link xlink:href="https://kubernetes.io/docs/reference/access-authn-authz/authorization/"/> + <https://kubernetes.io/docs/reference/access-authn-authz/authorization/> ''; default = []; type = listOf attrs; }; basicAuthFile = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver basic authentication file. See - <link xlink:href="https://kubernetes.io/docs/reference/access-authn-authz/authentication"/> + <https://kubernetes.io/docs/reference/access-authn-authz/authentication> ''; default = null; type = nullOr path; }; bindAddress = mkOption { - description = '' + description = lib.mdDoc '' The IP address on which to listen for the --secure-port port. The associated interface(s) must be reachable by the rest of the cluster, and by CLI/web clients. @@ -83,16 +83,16 @@ in }; clientCaFile = mkOption { - description = "Kubernetes apiserver CA file for client auth."; + description = lib.mdDoc "Kubernetes apiserver CA file for client auth."; default = top.caFile; defaultText = literalExpression "config.${otop.caFile}"; type = nullOr path; }; disableAdmissionPlugins = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes admission control plugins to disable. See - <link xlink:href="https://kubernetes.io/docs/admin/admission-controllers/"/> + <https://kubernetes.io/docs/admin/admission-controllers/> ''; default = []; type = listOf str; @@ -101,9 +101,9 @@ in enable = mkEnableOption "Kubernetes apiserver"; enableAdmissionPlugins = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes admission control plugins to enable. See - <link xlink:href="https://kubernetes.io/docs/admin/admission-controllers/"/> + <https://kubernetes.io/docs/admin/admission-controllers/> ''; default = [ "NamespaceLifecycle" "LimitRanger" "ServiceAccount" @@ -120,25 +120,25 @@ in etcd = { servers = mkOption { - description = "List of etcd servers."; + description = lib.mdDoc "List of etcd servers."; default = ["http://127.0.0.1:2379"]; type = types.listOf types.str; }; keyFile = mkOption { - description = "Etcd key file."; + description = lib.mdDoc "Etcd key file."; default = null; type = types.nullOr types.path; }; certFile = mkOption { - description = "Etcd cert file."; + description = lib.mdDoc "Etcd cert file."; default = null; type = types.nullOr types.path; }; caFile = mkOption { - description = "Etcd ca file."; + description = lib.mdDoc "Etcd ca file."; default = top.caFile; defaultText = literalExpression "config.${otop.caFile}"; type = types.nullOr types.path; @@ -146,77 +146,77 @@ in }; extraOpts = mkOption { - description = "Kubernetes apiserver extra command line options."; + description = lib.mdDoc "Kubernetes apiserver extra command line options."; default = ""; type = separatedString " "; }; extraSANs = mkOption { - description = "Extra x509 Subject Alternative Names to be added to the kubernetes apiserver tls cert."; + description = lib.mdDoc "Extra x509 Subject Alternative Names to be added to the kubernetes apiserver tls cert."; default = []; type = listOf str; }; featureGates = mkOption { - description = "List set of feature gates"; + description = lib.mdDoc "List set of feature gates"; default = top.featureGates; defaultText = literalExpression "config.${otop.featureGates}"; type = listOf str; }; insecureBindAddress = mkOption { - description = "The IP address on which to serve the --insecure-port."; + description = lib.mdDoc "The IP address on which to serve the --insecure-port."; default = "127.0.0.1"; type = str; }; insecurePort = mkOption { - description = "Kubernetes apiserver insecure listening port. (0 = disabled)"; + description = lib.mdDoc "Kubernetes apiserver insecure listening port. (0 = disabled)"; default = 0; type = int; }; kubeletClientCaFile = mkOption { - description = "Path to a cert file for connecting to kubelet."; + description = lib.mdDoc "Path to a cert file for connecting to kubelet."; default = top.caFile; defaultText = literalExpression "config.${otop.caFile}"; type = nullOr path; }; kubeletClientCertFile = mkOption { - description = "Client certificate to use for connections to kubelet."; + description = lib.mdDoc "Client certificate to use for connections to kubelet."; default = null; type = nullOr path; }; kubeletClientKeyFile = mkOption { - description = "Key to use for connections to kubelet."; + description = lib.mdDoc "Key to use for connections to kubelet."; default = null; type = nullOr path; }; preferredAddressTypes = mkOption { - description = "List of the preferred NodeAddressTypes to use for kubelet connections."; + description = lib.mdDoc "List of the preferred NodeAddressTypes to use for kubelet connections."; type = nullOr str; default = null; }; proxyClientCertFile = mkOption { - description = "Client certificate to use for connections to proxy."; + description = lib.mdDoc "Client certificate to use for connections to proxy."; default = null; type = nullOr path; }; proxyClientKeyFile = mkOption { - description = "Key to use for connections to proxy."; + description = lib.mdDoc "Key to use for connections to proxy."; default = null; type = nullOr path; }; runtimeConfig = mkOption { - description = '' + description = lib.mdDoc '' Api runtime configuration. See - <link xlink:href="https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/"/> + <https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/> ''; default = "authentication.k8s.io/v1beta1=true"; example = "api/all=false,api/v1=true"; @@ -224,7 +224,7 @@ in }; storageBackend = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver storage backend. ''; default = "etcd3"; @@ -232,13 +232,13 @@ in }; securePort = mkOption { - description = "Kubernetes apiserver secure port."; + description = lib.mdDoc "Kubernetes apiserver secure port."; default = 6443; type = int; }; apiAudiences = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver ServiceAccount issuer. ''; default = "api,https://kubernetes.default.svc"; @@ -246,7 +246,7 @@ in }; serviceAccountIssuer = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver ServiceAccount issuer. ''; default = "https://kubernetes.default.svc"; @@ -254,7 +254,7 @@ in }; serviceAccountSigningKeyFile = mkOption { - description = '' + description = lib.mdDoc '' Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. @@ -263,7 +263,7 @@ in }; serviceAccountKeyFile = mkOption { - description = '' + description = lib.mdDoc '' File containing PEM-encoded x509 RSA or ECDSA private or public keys, used to verify ServiceAccount tokens. The specified file can contain multiple keys, and the flag can be specified multiple times with @@ -274,7 +274,7 @@ in }; serviceClusterIpRange = mkOption { - description = '' + description = lib.mdDoc '' A CIDR notation IP range from which to assign service cluster IPs. This must not overlap with any IP ranges assigned to nodes for pods. ''; @@ -283,39 +283,39 @@ in }; tlsCertFile = mkOption { - description = "Kubernetes apiserver certificate file."; + description = lib.mdDoc "Kubernetes apiserver certificate file."; default = null; type = nullOr path; }; tlsKeyFile = mkOption { - description = "Kubernetes apiserver private key file."; + description = lib.mdDoc "Kubernetes apiserver private key file."; default = null; type = nullOr path; }; tokenAuthFile = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver token authentication file. See - <link xlink:href="https://kubernetes.io/docs/reference/access-authn-authz/authentication"/> + <https://kubernetes.io/docs/reference/access-authn-authz/authentication> ''; default = null; type = nullOr path; }; verbosity = mkOption { - description = '' + description = lib.mdDoc '' Optional glog verbosity level for logging statements. See - <link xlink:href="https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md"/> + <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md> ''; default = null; type = nullOr int; }; webhookConfig = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes apiserver Webhook config file. It uses the kubeconfig file format. - See <link xlink:href="https://kubernetes.io/docs/reference/access-authn-authz/webhook/"/> + See <https://kubernetes.io/docs/reference/access-authn-authz/webhook/> ''; default = null; type = nullOr path; diff --git a/nixos/modules/services/cluster/kubernetes/controller-manager.nix b/nixos/modules/services/cluster/kubernetes/controller-manager.nix index 7c317e94dee..6080e6f9915 100644 --- a/nixos/modules/services/cluster/kubernetes/controller-manager.nix +++ b/nixos/modules/services/cluster/kubernetes/controller-manager.nix @@ -17,19 +17,19 @@ in options.services.kubernetes.controllerManager = with lib.types; { allocateNodeCIDRs = mkOption { - description = "Whether to automatically allocate CIDR ranges for cluster nodes."; + description = lib.mdDoc "Whether to automatically allocate CIDR ranges for cluster nodes."; default = true; type = bool; }; bindAddress = mkOption { - description = "Kubernetes controller manager listening address."; + description = lib.mdDoc "Kubernetes controller manager listening address."; default = "127.0.0.1"; type = str; }; clusterCidr = mkOption { - description = "Kubernetes CIDR Range for Pods in cluster."; + description = lib.mdDoc "Kubernetes CIDR Range for Pods in cluster."; default = top.clusterCidr; defaultText = literalExpression "config.${otop.clusterCidr}"; type = str; @@ -38,20 +38,20 @@ in enable = mkEnableOption "Kubernetes controller manager"; extraOpts = mkOption { - description = "Kubernetes controller manager extra command line options."; + description = lib.mdDoc "Kubernetes controller manager extra command line options."; default = ""; type = separatedString " "; }; featureGates = mkOption { - description = "List set of feature gates"; + description = lib.mdDoc "List set of feature gates"; default = top.featureGates; defaultText = literalExpression "config.${otop.featureGates}"; type = listOf str; }; insecurePort = mkOption { - description = "Kubernetes controller manager insecure listening port."; + description = lib.mdDoc "Kubernetes controller manager insecure listening port."; default = 0; type = int; }; @@ -59,13 +59,13 @@ in kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes controller manager"; leaderElect = mkOption { - description = "Whether to start leader election before executing main loop."; + description = lib.mdDoc "Whether to start leader election before executing main loop."; type = bool; default = true; }; rootCaFile = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes controller manager certificate authority file included in service account's token secret. ''; @@ -75,13 +75,13 @@ in }; securePort = mkOption { - description = "Kubernetes controller manager secure listening port."; + description = lib.mdDoc "Kubernetes controller manager secure listening port."; default = 10252; type = int; }; serviceAccountKeyFile = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes controller manager PEM-encoded private RSA key file used to sign service account tokens ''; @@ -90,21 +90,21 @@ in }; tlsCertFile = mkOption { - description = "Kubernetes controller-manager certificate file."; + description = lib.mdDoc "Kubernetes controller-manager certificate file."; default = null; type = nullOr path; }; tlsKeyFile = mkOption { - description = "Kubernetes controller-manager private key file."; + description = lib.mdDoc "Kubernetes controller-manager private key file."; default = null; type = nullOr path; }; verbosity = mkOption { - description = '' + description = lib.mdDoc '' Optional glog verbosity level for logging statements. See - <link xlink:href="https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md"/> + <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md> ''; default = null; type = nullOr int; diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index 35ec99d83c8..f5374fc7194 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -77,25 +77,25 @@ let mkKubeConfigOptions = prefix: { server = mkOption { - description = "${prefix} kube-apiserver server address."; + description = lib.mdDoc "${prefix} kube-apiserver server address."; type = types.str; }; caFile = mkOption { - description = "${prefix} certificate authority file used to connect to kube-apiserver."; + description = lib.mdDoc "${prefix} certificate authority file used to connect to kube-apiserver."; type = types.nullOr types.path; default = cfg.caFile; defaultText = literalExpression "config.${opt.caFile}"; }; certFile = mkOption { - description = "${prefix} client certificate file used to connect to kube-apiserver."; + description = lib.mdDoc "${prefix} client certificate file used to connect to kube-apiserver."; type = types.nullOr types.path; default = null; }; keyFile = mkOption { - description = "${prefix} client key file used to connect to kube-apiserver."; + description = lib.mdDoc "${prefix} client key file used to connect to kube-apiserver."; type = types.nullOr types.path; default = null; }; @@ -111,7 +111,7 @@ in { options.services.kubernetes = { roles = mkOption { - description = '' + description = lib.mdDoc '' Kubernetes role that this machine should take. Master role will enable etcd, apiserver, scheduler, controller manager @@ -123,7 +123,7 @@ in { }; package = mkOption { - description = "Kubernetes package to use."; + description = lib.mdDoc "Kubernetes package to use."; type = types.package; default = pkgs.kubernetes; defaultText = literalExpression "pkgs.kubernetes"; @@ -132,7 +132,7 @@ in { kubeconfig = mkKubeConfigOptions "Default kubeconfig"; apiserverAddress = mkOption { - description = '' + description = lib.mdDoc '' Clusterwide accessible address for the kubernetes apiserver, including protocol and optional port. ''; @@ -141,49 +141,49 @@ in { }; caFile = mkOption { - description = "Default kubernetes certificate authority"; + description = lib.mdDoc "Default kubernetes certificate authority"; type = types.nullOr types.path; default = null; }; dataDir = mkOption { - description = "Kubernetes root directory for managing kubelet files."; + description = lib.mdDoc "Kubernetes root directory for managing kubelet files."; default = "/var/lib/kubernetes"; type = types.path; }; easyCerts = mkOption { - description = "Automatically setup x509 certificates and keys for the entire cluster."; + description = lib.mdDoc "Automatically setup x509 certificates and keys for the entire cluster."; default = false; type = types.bool; }; featureGates = mkOption { - description = "List set of feature gates."; + description = lib.mdDoc "List set of feature gates."; default = []; type = types.listOf types.str; }; masterAddress = mkOption { - description = "Clusterwide available network address or hostname for the kubernetes master server."; + description = lib.mdDoc "Clusterwide available network address or hostname for the kubernetes master server."; example = "master.example.com"; type = types.str; }; path = mkOption { - description = "Packages added to the services' PATH environment variable. Both the bin and sbin subdirectories of each package are added."; + description = lib.mdDoc "Packages added to the services' PATH environment variable. Both the bin and sbin subdirectories of each package are added."; type = types.listOf types.package; default = []; }; clusterCidr = mkOption { - description = "Kubernetes controller manager and proxy CIDR Range for Pods in cluster."; + description = lib.mdDoc "Kubernetes controller manager and proxy CIDR Range for Pods in cluster."; default = "10.1.0.0/16"; type = types.nullOr types.str; }; lib = mkOption { - description = "Common functions for the kubernetes modules."; + description = lib.mdDoc "Common functions for the kubernetes modules."; default = { inherit mkCert; inherit mkKubeConfig; @@ -193,7 +193,7 @@ in { }; secretsPath = mkOption { - description = "Default location for kubernetes secrets. Not a store location."; + description = lib.mdDoc "Default location for kubernetes secrets. Not a store location."; type = types.path; default = cfg.dataDir + "/secrets"; defaultText = literalExpression '' diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index 4363ed35d34..cbb1cffc169 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -38,17 +38,17 @@ let taintOptions = with lib.types; { name, ... }: { options = { key = mkOption { - description = "Key of taint."; + description = lib.mdDoc "Key of taint."; default = name; defaultText = literalDocBook "Name of this submodule."; type = str; }; value = mkOption { - description = "Value of taint."; + description = lib.mdDoc "Value of taint."; type = str; }; effect = mkOption { - description = "Effect of taint."; + description = lib.mdDoc "Effect of taint."; example = "NoSchedule"; type = enum ["NoSchedule" "PreferNoSchedule" "NoExecute"]; }; @@ -68,26 +68,26 @@ in options.services.kubernetes.kubelet = with lib.types; { address = mkOption { - description = "Kubernetes kubelet info server listening address."; + description = lib.mdDoc "Kubernetes kubelet info server listening address."; default = "0.0.0.0"; type = str; }; clusterDns = mkOption { - description = "Use alternative DNS."; + description = lib.mdDoc "Use alternative DNS."; default = "10.1.0.1"; type = str; }; clusterDomain = mkOption { - description = "Use alternative domain."; + description = lib.mdDoc "Use alternative domain."; default = config.services.kubernetes.addons.dns.clusterDomain; defaultText = literalExpression "config.${options.services.kubernetes.addons.dns.clusterDomain}"; type = str; }; clientCaFile = mkOption { - description = "Kubernetes apiserver CA file for client authentication."; + description = lib.mdDoc "Kubernetes apiserver CA file for client authentication."; default = top.caFile; defaultText = literalExpression "config.${otop.caFile}"; type = nullOr path; @@ -95,13 +95,13 @@ in cni = { packages = mkOption { - description = "List of network plugin packages to install."; + description = lib.mdDoc "List of network plugin packages to install."; type = listOf package; default = []; }; config = mkOption { - description = "Kubernetes CNI configuration."; + description = lib.mdDoc "Kubernetes CNI configuration."; type = listOf attrs; default = []; example = literalExpression '' @@ -127,20 +127,20 @@ in }; configDir = mkOption { - description = "Path to Kubernetes CNI configuration directory."; + description = lib.mdDoc "Path to Kubernetes CNI configuration directory."; type = nullOr path; default = null; }; }; containerRuntime = mkOption { - description = "Which container runtime type to use"; + description = lib.mdDoc "Which container runtime type to use"; type = enum ["docker" "remote"]; default = "remote"; }; containerRuntimeEndpoint = mkOption { - description = "Endpoint at which to find the container runtime api interface/socket"; + description = lib.mdDoc "Endpoint at which to find the container runtime api interface/socket"; type = str; default = "unix:///run/containerd/containerd.sock"; }; @@ -148,13 +148,13 @@ in enable = mkEnableOption "Kubernetes kubelet."; extraOpts = mkOption { - description = "Kubernetes kubelet extra command line options."; + description = lib.mdDoc "Kubernetes kubelet extra command line options."; default = ""; type = separatedString " "; }; featureGates = mkOption { - description = "List set of feature gates"; + description = lib.mdDoc "List set of feature gates"; default = top.featureGates; defaultText = literalExpression "config.${otop.featureGates}"; type = listOf str; @@ -162,20 +162,20 @@ in healthz = { bind = mkOption { - description = "Kubernetes kubelet healthz listening address."; + description = lib.mdDoc "Kubernetes kubelet healthz listening address."; default = "127.0.0.1"; type = str; }; port = mkOption { - description = "Kubernetes kubelet healthz port."; + description = lib.mdDoc "Kubernetes kubelet healthz port."; default = 10248; type = int; }; }; hostname = mkOption { - description = "Kubernetes kubelet hostname override."; + description = lib.mdDoc "Kubernetes kubelet hostname override."; default = config.networking.hostName; defaultText = literalExpression "config.networking.hostName"; type = str; @@ -184,69 +184,69 @@ in kubeconfig = top.lib.mkKubeConfigOptions "Kubelet"; manifests = mkOption { - description = "List of manifests to bootstrap with kubelet (only pods can be created as manifest entry)"; + description = lib.mdDoc "List of manifests to bootstrap with kubelet (only pods can be created as manifest entry)"; type = attrsOf attrs; default = {}; }; networkPlugin = mkOption { - description = "Network plugin to use by Kubernetes."; + description = lib.mdDoc "Network plugin to use by Kubernetes."; type = nullOr (enum ["cni" "kubenet"]); default = "kubenet"; }; nodeIp = mkOption { - description = "IP address of the node. If set, kubelet will use this IP address for the node."; + description = lib.mdDoc "IP address of the node. If set, kubelet will use this IP address for the node."; default = null; type = nullOr str; }; registerNode = mkOption { - description = "Whether to auto register kubelet with API server."; + description = lib.mdDoc "Whether to auto register kubelet with API server."; default = true; type = bool; }; port = mkOption { - description = "Kubernetes kubelet info server listening port."; + description = lib.mdDoc "Kubernetes kubelet info server listening port."; default = 10250; type = int; }; seedDockerImages = mkOption { - description = "List of docker images to preload on system"; + description = lib.mdDoc "List of docker images to preload on system"; default = []; type = listOf package; }; taints = mkOption { - description = "Node taints (https://kubernetes.io/docs/concepts/configuration/assign-pod-node/)."; + description = lib.mdDoc "Node taints (https://kubernetes.io/docs/concepts/configuration/assign-pod-node/)."; default = {}; type = attrsOf (submodule [ taintOptions ]); }; tlsCertFile = mkOption { - description = "File containing x509 Certificate for HTTPS."; + description = lib.mdDoc "File containing x509 Certificate for HTTPS."; default = null; type = nullOr path; }; tlsKeyFile = mkOption { - description = "File containing x509 private key matching tlsCertFile."; + description = lib.mdDoc "File containing x509 private key matching tlsCertFile."; default = null; type = nullOr path; }; unschedulable = mkOption { - description = "Whether to set node taint to unschedulable=true as it is the case of node that has only master role."; + description = lib.mdDoc "Whether to set node taint to unschedulable=true as it is the case of node that has only master role."; default = false; type = bool; }; verbosity = mkOption { - description = '' + description = lib.mdDoc '' Optional glog verbosity level for logging statements. See - <link xlink:href="https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md"/> + <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md> ''; default = null; type = nullOr int; diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 7d9198d20e8..7c46ac85584 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -44,13 +44,13 @@ in enable = mkEnableOption "easyCert issuer service"; certs = mkOption { - description = "List of certificate specs to feed to cert generator."; + description = lib.mdDoc "List of certificate specs to feed to cert generator."; default = {}; type = attrs; }; genCfsslCACert = mkOption { - description = '' + description = lib.mdDoc '' Whether to automatically generate cfssl CA certificate and key, if they don't exist. ''; @@ -59,7 +59,7 @@ in }; genCfsslAPICerts = mkOption { - description = '' + description = lib.mdDoc '' Whether to automatically generate cfssl API webserver TLS cert and key, if they don't exist. ''; @@ -68,7 +68,7 @@ in }; cfsslAPIExtraSANs = mkOption { - description = '' + description = lib.mdDoc '' Extra x509 Subject Alternative Names to be added to the cfssl API webserver TLS cert. ''; default = []; @@ -77,7 +77,7 @@ in }; genCfsslAPIToken = mkOption { - description = '' + description = lib.mdDoc '' Whether to automatically generate cfssl API-token secret, if they doesn't exist. ''; @@ -86,13 +86,13 @@ in }; pkiTrustOnBootstrap = mkOption { - description = "Whether to always trust remote cfssl server upon initial PKI bootstrap."; + description = lib.mdDoc "Whether to always trust remote cfssl server upon initial PKI bootstrap."; default = true; type = bool; }; caCertPathPrefix = mkOption { - description = '' + description = lib.mdDoc '' Path-prefrix for the CA-certificate to be used for cfssl signing. Suffixes ".pem" and "-key.pem" will be automatically appended for the public and private keys respectively. @@ -103,7 +103,7 @@ in }; caSpec = mkOption { - description = "Certificate specification for the auto-generated CAcert."; + description = lib.mdDoc "Certificate specification for the auto-generated CAcert."; default = { CN = "kubernetes-cluster-ca"; O = "NixOS"; diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix index 0fd98d1c157..51114c32499 100644 --- a/nixos/modules/services/cluster/kubernetes/proxy.nix +++ b/nixos/modules/services/cluster/kubernetes/proxy.nix @@ -16,7 +16,7 @@ in options.services.kubernetes.proxy = with lib.types; { bindAddress = mkOption { - description = "Kubernetes proxy listening address."; + description = lib.mdDoc "Kubernetes proxy listening address."; default = "0.0.0.0"; type = str; }; @@ -24,20 +24,20 @@ in enable = mkEnableOption "Kubernetes proxy"; extraOpts = mkOption { - description = "Kubernetes proxy extra command line options."; + description = lib.mdDoc "Kubernetes proxy extra command line options."; default = ""; type = separatedString " "; }; featureGates = mkOption { - description = "List set of feature gates"; + description = lib.mdDoc "List set of feature gates"; default = top.featureGates; defaultText = literalExpression "config.${otop.featureGates}"; type = listOf str; }; hostname = mkOption { - description = "Kubernetes proxy hostname override."; + description = lib.mdDoc "Kubernetes proxy hostname override."; default = config.networking.hostName; defaultText = literalExpression "config.networking.hostName"; type = str; @@ -46,9 +46,9 @@ in kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes proxy"; verbosity = mkOption { - description = '' + description = lib.mdDoc '' Optional glog verbosity level for logging statements. See - <link xlink:href="https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md"/> + <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md> ''; default = null; type = nullOr int; diff --git a/nixos/modules/services/cluster/kubernetes/scheduler.nix b/nixos/modules/services/cluster/kubernetes/scheduler.nix index 2d95528a6ea..ddc67889a37 100644 --- a/nixos/modules/services/cluster/kubernetes/scheduler.nix +++ b/nixos/modules/services/cluster/kubernetes/scheduler.nix @@ -12,7 +12,7 @@ in options.services.kubernetes.scheduler = with lib.types; { address = mkOption { - description = "Kubernetes scheduler listening address."; + description = lib.mdDoc "Kubernetes scheduler listening address."; default = "127.0.0.1"; type = str; }; @@ -20,13 +20,13 @@ in enable = mkEnableOption "Kubernetes scheduler"; extraOpts = mkOption { - description = "Kubernetes scheduler extra command line options."; + description = lib.mdDoc "Kubernetes scheduler extra command line options."; default = ""; type = separatedString " "; }; featureGates = mkOption { - description = "List set of feature gates"; + description = lib.mdDoc "List set of feature gates"; default = top.featureGates; defaultText = literalExpression "config.${otop.featureGates}"; type = listOf str; @@ -35,21 +35,21 @@ in kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes scheduler"; leaderElect = mkOption { - description = "Whether to start leader election before executing main loop."; + description = lib.mdDoc "Whether to start leader election before executing main loop."; type = bool; default = true; }; port = mkOption { - description = "Kubernetes scheduler listening port."; + description = lib.mdDoc "Kubernetes scheduler listening port."; default = 10251; type = int; }; verbosity = mkOption { - description = '' + description = lib.mdDoc '' Optional glog verbosity level for logging statements. See - <link xlink:href="https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md"/> + <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md> ''; default = null; type = nullOr int; |