1/* 2Copyright 2017 The Kubernetes Authors. 3 4Licensed under the Apache License, Version 2.0 (the "License"); 5you may not use this file except in compliance with the License. 6You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10Unless required by applicable law or agreed to in writing, software 11distributed under the License is distributed on an "AS IS" BASIS, 12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13See the License for the specific language governing permissions and 14limitations under the License. 15*/ 16 17package features 18 19import ( 20 "k8s.io/apimachinery/pkg/util/runtime" 21 genericfeatures "k8s.io/apiserver/pkg/features" 22 utilfeature "k8s.io/apiserver/pkg/util/feature" 23 "k8s.io/component-base/featuregate" 24) 25 26const ( 27 // Every feature gate should add method here following this template: 28 // 29 // // owner: @username 30 // // kep: http://kep.k8s.io/NNN 31 // // alpha: v1.X 32 // MyFeature featuregate.Feature = "MyFeature" 33 34 // owner: @tallclair 35 // beta: v1.4 36 AppArmor featuregate.Feature = "AppArmor" 37 38 // owner: @mtaufen 39 // alpha: v1.4 40 // beta: v1.11 41 // deprecated: 1.22 42 DynamicKubeletConfig featuregate.Feature = "DynamicKubeletConfig" 43 44 // owner: @pweil- 45 // alpha: v1.5 46 // 47 // Default userns=host for containers that are using other host namespaces, host mounts, the pod 48 // contains a privileged container, or specific non-namespaced capabilities (MKNOD, SYS_MODULE, 49 // SYS_TIME). This should only be enabled if user namespace remapping is enabled in the docker daemon. 50 ExperimentalHostUserNamespaceDefaultingGate featuregate.Feature = "ExperimentalHostUserNamespaceDefaulting" 51 52 // owner: @jiayingz 53 // beta: v1.10 54 // 55 // Enables support for Device Plugins 56 DevicePlugins featuregate.Feature = "DevicePlugins" 57 58 // owner: @dxist 59 // alpha: v1.16 60 // 61 // Enables support of HPA scaling to zero pods when an object or custom metric is configured. 62 HPAScaleToZero featuregate.Feature = "HPAScaleToZero" 63 64 // owner: @mikedanese 65 // alpha: v1.7 66 // beta: v1.12 67 // 68 // Gets a server certificate for the kubelet from the Certificate Signing 69 // Request API instead of generating one self signed and auto rotates the 70 // certificate as expiration approaches. 71 RotateKubeletServerCertificate featuregate.Feature = "RotateKubeletServerCertificate" 72 73 // owner: @jinxu 74 // beta: v1.10 75 // 76 // New local storage types to support local storage capacity isolation 77 LocalStorageCapacityIsolation featuregate.Feature = "LocalStorageCapacityIsolation" 78 79 // owner: @gnufied 80 // beta: v1.11 81 // Ability to Expand persistent volumes 82 ExpandPersistentVolumes featuregate.Feature = "ExpandPersistentVolumes" 83 84 // owner: @mlmhl 85 // beta: v1.15 86 // Ability to expand persistent volumes' file system without unmounting volumes. 87 ExpandInUsePersistentVolumes featuregate.Feature = "ExpandInUsePersistentVolumes" 88 89 // owner: @gnufied 90 // alpha: v1.14 91 // beta: v1.16 92 // Ability to expand CSI volumes 93 ExpandCSIVolumes featuregate.Feature = "ExpandCSIVolumes" 94 95 // owner: @verb 96 // alpha: v1.16 97 // 98 // Allows running an ephemeral container in pod namespaces to troubleshoot a running pod. 99 EphemeralContainers featuregate.Feature = "EphemeralContainers" 100 101 // owner: @sjenning 102 // alpha: v1.11 103 // 104 // Allows resource reservations at the QoS level preventing pods at lower QoS levels from 105 // bursting into resources requested at higher QoS levels (memory only for now) 106 QOSReserved featuregate.Feature = "QOSReserved" 107 108 // owner: @ConnorDoyle 109 // alpha: v1.8 110 // beta: v1.10 111 // 112 // Alternative container-level CPU affinity policies. 113 CPUManager featuregate.Feature = "CPUManager" 114 115 // owner: @szuecs 116 // alpha: v1.12 117 // 118 // Enable nodes to change CPUCFSQuotaPeriod 119 CPUCFSQuotaPeriod featuregate.Feature = "CustomCPUCFSQuotaPeriod" 120 121 // owner: @lmdaly 122 // alpha: v1.16 123 // beta: v1.18 124 // 125 // Enable resource managers to make NUMA aligned decisions 126 TopologyManager featuregate.Feature = "TopologyManager" 127 128 // owner: @cynepco3hahue(alukiano) @cezaryzukowski @k-wiatrzyk 129 // alpha: v1.21 130 // beta: v1.22 131 132 // Allows setting memory affinity for a container based on NUMA topology 133 MemoryManager featuregate.Feature = "MemoryManager" 134 135 // owner: @sjenning 136 // alpha: v1.4 137 // beta: v1.11 138 // ga: v1.21 139 // 140 // Enable pods to set sysctls on a pod 141 Sysctls featuregate.Feature = "Sysctls" 142 143 // owner: @pospispa 144 // GA: v1.11 145 // 146 // Postpone deletion of a PV or a PVC when they are being used 147 StorageObjectInUseProtection featuregate.Feature = "StorageObjectInUseProtection" 148 149 // owner: @dims, @derekwaynecarr 150 // alpha: v1.10 151 // beta: v1.14 152 // GA: v1.20 153 // 154 // Implement support for limiting pids in pods 155 SupportPodPidsLimit featuregate.Feature = "SupportPodPidsLimit" 156 157 // owner: @mikedanese 158 // alpha: v1.13 159 // beta: v1.21 160 // ga: v1.22 161 // 162 // Migrate ServiceAccount volumes to use a projected volume consisting of a 163 // ServiceAccountTokenVolumeProjection. This feature adds new required flags 164 // to the API server. 165 BoundServiceAccountTokenVolume featuregate.Feature = "BoundServiceAccountTokenVolume" 166 167 // owner: @mtaufen 168 // alpha: v1.18 169 // beta: v1.20 170 // stable: v1.21 171 // 172 // Enable OIDC discovery endpoints (issuer and JWKS URLs) for the service 173 // account issuer in the API server. 174 // Note these endpoints serve minimally-compliant discovery docs that are 175 // intended to be used for service account token verification. 176 ServiceAccountIssuerDiscovery featuregate.Feature = "ServiceAccountIssuerDiscovery" 177 178 // owner: @saad-ali 179 // ga: v1.10 180 // 181 // Allow mounting a subpath of a volume in a container 182 // Do not remove this feature gate even though it's GA 183 VolumeSubpath featuregate.Feature = "VolumeSubpath" 184 185 // owner: @pohly 186 // alpha: v1.14 187 // beta: v1.16 188 // 189 // Enables CSI Inline volumes support for pods 190 CSIInlineVolume featuregate.Feature = "CSIInlineVolume" 191 192 // owner: @pohly 193 // alpha: v1.19 194 // beta: v1.21 195 // 196 // Enables tracking of available storage capacity that CSI drivers provide. 197 CSIStorageCapacity featuregate.Feature = "CSIStorageCapacity" 198 199 // owner: @alculquicondor 200 // beta: v1.20 201 // 202 // Enables the use of PodTopologySpread scheduling plugin to do default 203 // spreading and disables legacy SelectorSpread plugin. 204 DefaultPodTopologySpread featuregate.Feature = "DefaultPodTopologySpread" 205 206 // owner: @pohly 207 // alpha: v1.19 208 // beta: v1.21 209 // 210 // Enables generic ephemeral inline volume support for pods 211 GenericEphemeralVolume featuregate.Feature = "GenericEphemeralVolume" 212 213 // owner: @chendave 214 // alpha: v1.21 215 // beta: v1.22 216 // 217 // PreferNominatedNode tells scheduler whether the nominated node will be checked first before looping 218 // all the rest of nodes in the cluster. 219 // Enabling this feature also implies the preemptor pod might not be dispatched to the best candidate in 220 // some corner case, e.g. another node releases enough resources after the nominated node has been set 221 // and hence is the best candidate instead. 222 PreferNominatedNode featuregate.Feature = "PreferNominatedNode" 223 224 // owner: @tallclair 225 // alpha: v1.12 226 // beta: v1.14 227 // GA: v1.20 228 // 229 // Enables RuntimeClass, for selecting between multiple runtimes to run a pod. 230 RuntimeClass featuregate.Feature = "RuntimeClass" 231 232 // owner: @mtaufen 233 // alpha: v1.12 234 // beta: v1.14 235 // GA: v1.17 236 // 237 // Kubelet uses the new Lease API to report node heartbeats, 238 // (Kube) Node Lifecycle Controller uses these heartbeats as a node health signal. 239 NodeLease featuregate.Feature = "NodeLease" 240 241 // owner: @rikatz 242 // kep: http://kep.k8s.io/2079 243 // alpha: v1.21 244 // beta: v1.22 245 // 246 // Enables the endPort field in NetworkPolicy to enable a Port Range behavior in Network Policies. 247 NetworkPolicyEndPort featuregate.Feature = "NetworkPolicyEndPort" 248 249 // owner: @jessfraz 250 // alpha: v1.12 251 // 252 // Enables control over ProcMountType for containers. 253 ProcMountType featuregate.Feature = "ProcMountType" 254 255 // owner: @janetkuo 256 // alpha: v1.12 257 // 258 // Allow TTL controller to clean up Pods and Jobs after they finish. 259 TTLAfterFinished featuregate.Feature = "TTLAfterFinished" 260 261 // owner: @alculquicondor 262 // alpha: v1.21 263 // beta: v1.22 264 // 265 // Allows Job controller to manage Pod completions per completion index. 266 IndexedJob featuregate.Feature = "IndexedJob" 267 268 // owner: @alculquicondor 269 // alpha: v1.22 270 // 271 // Track Job completion without relying on Pod remaining in the cluster 272 // indefinitely. Pod finalizers, in addition to a field in the Job status 273 // allow the Job controller to keep track of Pods that it didn't account for 274 // yet. 275 JobTrackingWithFinalizers featuregate.Feature = "JobTrackingWithFinalizers" 276 277 // owner: @dashpole 278 // alpha: v1.13 279 // beta: v1.15 280 // 281 // Enables the kubelet's pod resources grpc endpoint 282 KubeletPodResources featuregate.Feature = "KubeletPodResources" 283 284 // owner: @davidz627 285 // alpha: v1.14 286 // beta: v1.17 287 // 288 // Enables the in-tree storage to CSI Plugin migration feature. 289 CSIMigration featuregate.Feature = "CSIMigration" 290 291 // owner: @davidz627 292 // alpha: v1.14 293 // beta: v1.17 294 // 295 // Enables the GCE PD in-tree driver to GCE CSI Driver migration feature. 296 CSIMigrationGCE featuregate.Feature = "CSIMigrationGCE" 297 298 // owner: @Jiawei0227 299 // alpha: v1.21 300 // 301 // Disables the GCE PD in-tree driver. 302 InTreePluginGCEUnregister featuregate.Feature = "InTreePluginGCEUnregister" 303 304 // owner: @leakingtapan 305 // alpha: v1.14 306 // beta: v1.17 307 // 308 // Enables the AWS EBS in-tree driver to AWS EBS CSI Driver migration feature. 309 CSIMigrationAWS featuregate.Feature = "CSIMigrationAWS" 310 311 // owner: @leakingtapan 312 // alpha: v1.21 313 // 314 // Disables the AWS EBS in-tree driver. 315 InTreePluginAWSUnregister featuregate.Feature = "InTreePluginAWSUnregister" 316 317 // owner: @andyzhangx 318 // alpha: v1.15 319 // beta: v1.19 320 // 321 // Enables the Azure Disk in-tree driver to Azure Disk Driver migration feature. 322 CSIMigrationAzureDisk featuregate.Feature = "CSIMigrationAzureDisk" 323 324 // owner: @andyzhangx 325 // alpha: v1.21 326 // 327 // Disables the Azure Disk in-tree driver. 328 InTreePluginAzureDiskUnregister featuregate.Feature = "InTreePluginAzureDiskUnregister" 329 330 // owner: @andyzhangx 331 // alpha: v1.15 332 // beta: v1.21 333 // 334 // Enables the Azure File in-tree driver to Azure File Driver migration feature. 335 CSIMigrationAzureFile featuregate.Feature = "CSIMigrationAzureFile" 336 337 // owner: @andyzhangx 338 // alpha: v1.21 339 // 340 // Disables the Azure File in-tree driver. 341 InTreePluginAzureFileUnregister featuregate.Feature = "InTreePluginAzureFileUnregister" 342 343 // owner: @divyenpatel 344 // beta: v1.19 (requires: vSphere vCenter/ESXi Version: 7.0u1, HW Version: VM version 15) 345 // 346 // Enables the vSphere in-tree driver to vSphere CSI Driver migration feature. 347 CSIMigrationvSphere featuregate.Feature = "CSIMigrationvSphere" 348 349 // owner: @divyenpatel 350 // alpha: v1.21 351 // 352 // Disables the vSphere in-tree driver. 353 InTreePluginvSphereUnregister featuregate.Feature = "InTreePluginvSphereUnregister" 354 355 // owner: @adisky 356 // alpha: v1.14 357 // beta: v1.18 358 // 359 // Enables the OpenStack Cinder in-tree driver to OpenStack Cinder CSI Driver migration feature. 360 CSIMigrationOpenStack featuregate.Feature = "CSIMigrationOpenStack" 361 362 // owner: @adisky 363 // alpha: v1.21 364 // 365 // Disables the OpenStack Cinder in-tree driver. 366 InTreePluginOpenStackUnregister featuregate.Feature = "InTreePluginOpenStackUnregister" 367 368 // owner: @huffmanca 369 // alpha: v1.19 370 // beta: v1.20 371 // 372 // Determines if a CSI Driver supports applying fsGroup. 373 CSIVolumeFSGroupPolicy featuregate.Feature = "CSIVolumeFSGroupPolicy" 374 375 // owner: @gnufied 376 // alpha: v1.18 377 // beta: v1.20 378 // Allows user to configure volume permission change policy for fsGroups when mounting 379 // a volume in a Pod. 380 ConfigurableFSGroupPolicy featuregate.Feature = "ConfigurableFSGroupPolicy" 381 382 // owner: @gnufied, @verult 383 // alpha: v1.22 384 // If supported by the CSI driver, delegates the role of applying FSGroup to 385 // the driver by passing FSGroup through the NodeStageVolume and 386 // NodePublishVolume calls. 387 DelegateFSGroupToCSIDriver featuregate.Feature = "DelegateFSGroupToCSIDriver" 388 389 // owner: @RobertKrawitz, @derekwaynecarr 390 // beta: v1.15 391 // GA: v1.20 392 // 393 // Implement support for limiting pids in nodes 394 SupportNodePidsLimit featuregate.Feature = "SupportNodePidsLimit" 395 396 // owner: @RobertKrawitz 397 // alpha: v1.15 398 // 399 // Allow use of filesystems for ephemeral storage monitoring. 400 // Only applies if LocalStorageCapacityIsolation is set. 401 LocalStorageCapacityIsolationFSQuotaMonitoring featuregate.Feature = "LocalStorageCapacityIsolationFSQuotaMonitoring" 402 403 // owner: @denkensk 404 // alpha: v1.15 405 // beta: v1.19 406 // 407 // Enables NonPreempting option for priorityClass and pod. 408 NonPreemptingPriority featuregate.Feature = "NonPreemptingPriority" 409 410 // owner: @egernst 411 // alpha: v1.16 412 // beta: v1.18 413 // 414 // Enables PodOverhead, for accounting pod overheads which are specific to a given RuntimeClass 415 PodOverhead featuregate.Feature = "PodOverhead" 416 417 // owner: @khenidak 418 // kep: http://kep.k8s.io/563 419 // alpha: v1.15 420 // beta: v1.21 421 // 422 // Enables ipv6 dual stack 423 IPv6DualStack featuregate.Feature = "IPv6DualStack" 424 425 // owner: @robscott @freehan 426 // kep: http://kep.k8s.io/752 427 // alpha: v1.16 428 // beta: v1.18 429 // ga: v1.21 430 // 431 // Enable Endpoint Slices for more scalable Service endpoints. 432 EndpointSlice featuregate.Feature = "EndpointSlice" 433 434 // owner: @robscott @freehan 435 // kep: http://kep.k8s.io/752 436 // alpha: v1.18 437 // beta: v1.19 438 // ga: v1.22 439 // 440 // Enable Endpoint Slice consumption by kube-proxy for improved scalability. 441 EndpointSliceProxying featuregate.Feature = "EndpointSliceProxying" 442 443 // owner: @robscott @kumarvin123 444 // kep: http://kep.k8s.io/752 445 // alpha: v1.19 446 // beta: v1.21 447 // ga: v1.22 448 // 449 // Enable Endpoint Slice consumption by kube-proxy in Windows for improved scalability. 450 WindowsEndpointSliceProxying featuregate.Feature = "WindowsEndpointSliceProxying" 451 452 // owner: @matthyx 453 // alpha: v1.16 454 // beta: v1.18 455 // GA: v1.20 456 // 457 // Enables the startupProbe in kubelet worker. 458 StartupProbe featuregate.Feature = "StartupProbe" 459 460 // owner: @deads2k 461 // beta: v1.17 462 // GA: v1.21 463 // 464 // Enables the users to skip TLS verification of kubelets on pod logs requests 465 AllowInsecureBackendProxy featuregate.Feature = "AllowInsecureBackendProxy" 466 467 // owner: @mortent 468 // alpha: v1.3 469 // beta: v1.5 470 // 471 // Enable all logic related to the PodDisruptionBudget API object in policy 472 PodDisruptionBudget featuregate.Feature = "PodDisruptionBudget" 473 474 // owner: @alaypatel07, @soltysh 475 // alpha: v1.20 476 // beta: v1.21 477 // GA: v1.22 478 // 479 // CronJobControllerV2 controls whether the controller manager starts old cronjob 480 // controller or new one which is implemented with informers and delaying queue 481 CronJobControllerV2 featuregate.Feature = "CronJobControllerV2" 482 483 // owner: @smarterclayton 484 // alpha: v1.21 485 // beta: v1.22 486 // DaemonSets allow workloads to maintain availability during update per node 487 DaemonSetUpdateSurge featuregate.Feature = "DaemonSetUpdateSurge" 488 489 // owner: @wojtek-t 490 // alpha: v1.18 491 // beta: v1.19 492 // ga: v1.21 493 // 494 // Enables a feature to make secrets and configmaps data immutable. 495 ImmutableEphemeralVolumes featuregate.Feature = "ImmutableEphemeralVolumes" 496 497 // owner: @bart0sh 498 // alpha: v1.18 499 // beta: v1.19 500 // GA: 1.22 501 // 502 // Enables usage of HugePages-<size> in a volume medium, 503 // e.g. emptyDir: 504 // medium: HugePages-1Gi 505 HugePageStorageMediumSize featuregate.Feature = "HugePageStorageMediumSize" 506 507 // owner: @derekwaynecarr 508 // alpha: v1.20 509 // beta: v1.21 (off by default until 1.22) 510 // 511 // Enables usage of hugepages-<size> in downward API. 512 DownwardAPIHugePages featuregate.Feature = "DownwardAPIHugePages" 513 514 // owner: @bswartz 515 // alpha: v1.18 516 // 517 // Enables usage of any object for volume data source in PVCs 518 AnyVolumeDataSource featuregate.Feature = "AnyVolumeDataSource" 519 520 // owner: @javidiaz 521 // kep: http://kep.k8s.io/1797 522 // alpha: v1.19 523 // beta: v1.20 524 // GA: v1.22 525 // 526 // Allow setting the Fully Qualified Domain Name (FQDN) in the hostname of a Pod. If a Pod does not 527 // have FQDN, this feature has no effect. 528 SetHostnameAsFQDN featuregate.Feature = "SetHostnameAsFQDN" 529 530 // owner: @ksubrmnn 531 // alpha: v1.14 532 // beta: v1.20 533 // 534 // Allows kube-proxy to run in Overlay mode for Windows 535 WinOverlay featuregate.Feature = "WinOverlay" 536 537 // owner: @ksubrmnn 538 // alpha: v1.14 539 // 540 // Allows kube-proxy to create DSR loadbalancers for Windows 541 WinDSR featuregate.Feature = "WinDSR" 542 543 // owner: @RenaudWasTaken @dashpole 544 // alpha: v1.19 545 // beta: v1.20 546 // 547 // Disables Accelerator Metrics Collected by Kubelet 548 DisableAcceleratorUsageMetrics featuregate.Feature = "DisableAcceleratorUsageMetrics" 549 550 // owner: @arjunrn @mwielgus @josephburnett 551 // alpha: v1.20 552 // 553 // Add support for the HPA to scale based on metrics from individual containers 554 // in target pods 555 HPAContainerMetrics featuregate.Feature = "HPAContainerMetrics" 556 557 // owner: @andrewsykim 558 // kep: http://kep.k8s.io/1672 559 // alpha: v1.20 560 // beta: v1.22 561 // 562 // Enable Terminating condition in Endpoint Slices. 563 EndpointSliceTerminatingCondition featuregate.Feature = "EndpointSliceTerminatingCondition" 564 565 // owner: @andrewsykim 566 // kep: http://kep.k8s.io/1669 567 // alpha: v1.22 568 // 569 // Enable kube-proxy to handle terminating ednpoints when externalTrafficPolicy=Local 570 ProxyTerminatingEndpoints featuregate.Feature = "ProxyTerminatingEndpoints" 571 572 // owner: @robscott 573 // kep: http://kep.k8s.io/752 574 // alpha: v1.20 575 // 576 // Enable NodeName field on Endpoint Slices. 577 EndpointSliceNodeName featuregate.Feature = "EndpointSliceNodeName" 578 579 // owner: @derekwaynecarr 580 // alpha: v1.20 581 // beta: v1.22 582 // 583 // Enables kubelet support to size memory backed volumes 584 SizeMemoryBackedVolumes featuregate.Feature = "SizeMemoryBackedVolumes" 585 586 // owner: @andrewsykim @SergeyKanzhelev 587 // GA: v1.20 588 // 589 // Ensure kubelet respects exec probe timeouts. Feature gate exists in-case existing workloads 590 // may depend on old behavior where exec probe timeouts were ignored. 591 // Lock to default and remove after v1.22 based on user feedback that should be reflected in KEP #1972 update 592 ExecProbeTimeout featuregate.Feature = "ExecProbeTimeout" 593 594 // owner: @andrewsykim 595 // alpha: v1.20 596 // 597 // Enable kubelet exec plugins for image pull credentials. 598 KubeletCredentialProviders featuregate.Feature = "KubeletCredentialProviders" 599 600 // owner: @andrewsykim 601 // alpha: v1.22 602 // 603 // Disable any functionality in kube-apiserver, kube-controller-manager and kubelet related to the `--cloud-provider` component flag. 604 DisableCloudProviders featuregate.Feature = "DisableCloudProviders" 605 606 // owner: @zshihang 607 // alpha: v1.20 608 // beta: v1.21 609 // ga: v1.22 610 // 611 // Enable kubelet to pass pod's service account token to NodePublishVolume 612 // call of CSI driver which is mounting volumes for that pod. 613 CSIServiceAccountToken featuregate.Feature = "CSIServiceAccountToken" 614 615 // owner: @bobbypage 616 // alpha: v1.20 617 // beta: v1.21 618 // Adds support for kubelet to detect node shutdown and gracefully terminate pods prior to the node being shutdown. 619 GracefulNodeShutdown featuregate.Feature = "GracefulNodeShutdown" 620 621 // owner: @andrewsykim @uablrek 622 // kep: http://kep.k8s.io/1864 623 // alpha: v1.20 624 // beta: v1.22 625 // 626 // Allows control if NodePorts shall be created for services with "type: LoadBalancer" by defining the spec.AllocateLoadBalancerNodePorts field (bool) 627 ServiceLBNodePortControl featuregate.Feature = "ServiceLBNodePortControl" 628 629 // owner: @janosi 630 // kep: http://kep.k8s.io/1435 631 // alpha: v1.20 632 // 633 // Enables the usage of different protocols in the same Service with type=LoadBalancer 634 MixedProtocolLBService featuregate.Feature = "MixedProtocolLBService" 635 636 // owner: @cofyc 637 // alpha: v1.21 638 VolumeCapacityPriority featuregate.Feature = "VolumeCapacityPriority" 639 640 // owner: @ahg-g 641 // alpha: v1.21 642 // beta: v1.22 643 // 644 // Enables controlling pod ranking on replicaset scale-down. 645 PodDeletionCost featuregate.Feature = "PodDeletionCost" 646 647 // owner: @robscott 648 // kep: http://kep.k8s.io/2433 649 // alpha: v1.21 650 // 651 // Enables topology aware hints for EndpointSlices 652 TopologyAwareHints featuregate.Feature = "TopologyAwareHints" 653 654 // owner: @ehashman 655 // alpha: v1.21 656 // 657 // Allows user to override pod-level terminationGracePeriod for probes 658 ProbeTerminationGracePeriod featuregate.Feature = "ProbeTerminationGracePeriod" 659 660 // owner: @ehashman 661 // alpha: v1.22 662 // 663 // Permits kubelet to run with swap enabled 664 NodeSwap featuregate.Feature = "NodeSwap" 665 666 // owner: @ahg-g 667 // alpha: v1.21 668 // beta: v1.22 669 // 670 // Allow specifying NamespaceSelector in PodAffinityTerm. 671 PodAffinityNamespaceSelector featuregate.Feature = "PodAffinityNamespaceSelector" 672 673 // owner: @andrewsykim @XudongLiuHarold 674 // kep: http://kep.k8s.io/1959 675 // alpha: v1.21 676 // beta: v1.22 677 // 678 // Enable support multiple Service "type: LoadBalancer" implementations in a cluster by specifying LoadBalancerClass 679 ServiceLoadBalancerClass featuregate.Feature = "ServiceLoadBalancerClass" 680 681 // owner: @damemi 682 // alpha: v1.21 683 // beta: v1.22 684 // 685 // Enables scaling down replicas via logarithmic comparison of creation/ready timestamps 686 LogarithmicScaleDown featuregate.Feature = "LogarithmicScaleDown" 687 688 // owner: @hbagdi 689 // kep: http://kep.k8s.io/2365 690 // alpha: v1.21 691 // beta: v1.22 692 // 693 // Enable Scope and Namespace fields on IngressClassParametersReference. 694 IngressClassNamespacedParams featuregate.Feature = "IngressClassNamespacedParams" 695 696 // owner: @maplain @andrewsykim 697 // kep: http://kep.k8s.io/2086 698 // alpha: v1.21 699 // 700 // Enables node-local routing for Service internal traffic 701 ServiceInternalTrafficPolicy featuregate.Feature = "ServiceInternalTrafficPolicy" 702 703 // owner: @adtac 704 // alpha: v1.21 705 // beta: v1.22 706 // 707 // Allows jobs to be created in the suspended state. 708 SuspendJob featuregate.Feature = "SuspendJob" 709 710 // owner: @fromanirh 711 // alpha: v1.21 712 // 713 // Enable POD resources API to return allocatable resources 714 KubeletPodResourcesGetAllocatable featuregate.Feature = "KubeletPodResourcesGetAllocatable" 715 716 // owner: @jayunit100 @abhiraut @rikatz 717 // kep: http://kep.k8s.io/2161 718 // beta: v1.21 719 // ga: v1.22 720 // 721 // Labels all namespaces with a default label "kubernetes.io/metadata.name: <namespaceName>" 722 NamespaceDefaultLabelName featuregate.Feature = "NamespaceDefaultLabelName" 723 724 // owner: @fengzixu 725 // alpha: v1.21 726 // 727 // Enables kubelet to detect CSI volume condition and send the event of the abnormal volume to the corresponding pod that is using it. 728 CSIVolumeHealth featuregate.Feature = "CSIVolumeHealth" 729 730 // owner: @marosset 731 // alpha: v1.22 732 // 733 // Enables support for 'HostProcess' containers on Windows nodes. 734 WindowsHostProcessContainers featuregate.Feature = "WindowsHostProcessContainers" 735 736 // owner: @ravig 737 // alpha: v1.22 738 // 739 // StatefulSetMinReadySeconds allows minReadySeconds to be respected by StatefulSet controller 740 StatefulSetMinReadySeconds featuregate.Feature = "StatefulSetMinReadySeconds" 741 742 // owner: @gjkim42 743 // kep: http://kep.k8s.io/2595 744 // alpha: v1.22 745 // 746 // Enables apiserver and kubelet to allow up to 32 DNSSearchPaths and up to 2048 DNSSearchListChars. 747 ExpandedDNSConfig featuregate.Feature = "ExpandedDNSConfig" 748 749 // owner: @saschagrunert 750 // alpha: v1.22 751 // 752 // Enables the use of `RuntimeDefault` as the default seccomp profile for all workloads. 753 SeccompDefault featuregate.Feature = "SeccompDefault" 754 755 // owner: @liggitt, @tallclair, sig-auth 756 // alpha: v1.22 757 // 758 // Enables the PodSecurity admission plugin 759 PodSecurity featuregate.Feature = "PodSecurity" 760 761 // owner: @chrishenzie 762 // alpha: v1.22 763 // 764 // Enables usage of the ReadWriteOncePod PersistentVolume access mode. 765 ReadWriteOncePod featuregate.Feature = "ReadWriteOncePod" 766 767 // owner: @enj 768 // beta: v1.22 769 // 770 // Allows clients to request a duration for certificates issued via the Kubernetes CSR API. 771 CSRDuration featuregate.Feature = "CSRDuration" 772 773 // owner: @AkihiroSuda 774 // alpha: v1.22 775 // 776 // Enables support for running kubelet in a user namespace. 777 // The user namespace has to be created before running kubelet. 778 // All the node components such as CRI need to be running in the same user namespace. 779 KubeletInUserNamespace featuregate.Feature = "KubeletInUserNamespace" 780 781 // owner: @xiaoxubeii 782 // kep: http://kep.k8s.io/2570 783 // alpha: v1.22 784 // 785 // Enables kubelet to support memory QoS with cgroups v2. 786 MemoryQoS featuregate.Feature = "MemoryQoS" 787 788 // owner: @fromanirh 789 // alpha: v1.22 790 // 791 // Allow fine-tuning of cpumanager policies 792 CPUManagerPolicyOptions featuregate.Feature = "CPUManagerPolicyOptions" 793 794 // owner: @jiahuif 795 // alpha: v1.21 796 // beta: v1.22 797 // 798 // Enables Leader Migration for kube-controller-manager and cloud-controller-manager 799 ControllerManagerLeaderMigration featuregate.Feature = "ControllerManagerLeaderMigration" 800) 801 802func init() { 803 runtime.Must(utilfeature.DefaultMutableFeatureGate.Add(defaultKubernetesFeatureGates)) 804} 805 806// defaultKubernetesFeatureGates consists of all known Kubernetes-specific feature keys. 807// To add a new feature, define a key for it above and add it here. The features will be 808// available throughout Kubernetes binaries. 809var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureSpec{ 810 AppArmor: {Default: true, PreRelease: featuregate.Beta}, 811 DynamicKubeletConfig: {Default: false, PreRelease: featuregate.Deprecated}, // feature gate is deprecated in 1.22, remove no early than 1.23 812 ExperimentalHostUserNamespaceDefaultingGate: {Default: false, PreRelease: featuregate.Beta}, 813 DevicePlugins: {Default: true, PreRelease: featuregate.Beta}, 814 RotateKubeletServerCertificate: {Default: true, PreRelease: featuregate.Beta}, 815 LocalStorageCapacityIsolation: {Default: true, PreRelease: featuregate.Beta}, 816 Sysctls: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 817 EphemeralContainers: {Default: false, PreRelease: featuregate.Alpha}, 818 QOSReserved: {Default: false, PreRelease: featuregate.Alpha}, 819 ExpandPersistentVolumes: {Default: true, PreRelease: featuregate.Beta}, 820 ExpandInUsePersistentVolumes: {Default: true, PreRelease: featuregate.Beta}, 821 ExpandCSIVolumes: {Default: true, PreRelease: featuregate.Beta}, 822 CPUManager: {Default: true, PreRelease: featuregate.Beta}, 823 MemoryManager: {Default: true, PreRelease: featuregate.Beta}, 824 CPUCFSQuotaPeriod: {Default: false, PreRelease: featuregate.Alpha}, 825 TopologyManager: {Default: true, PreRelease: featuregate.Beta}, 826 StorageObjectInUseProtection: {Default: true, PreRelease: featuregate.GA}, 827 SupportPodPidsLimit: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 828 SupportNodePidsLimit: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 829 BoundServiceAccountTokenVolume: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 830 ServiceAccountIssuerDiscovery: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.22 831 CSIMigration: {Default: true, PreRelease: featuregate.Beta}, 832 CSIMigrationGCE: {Default: false, PreRelease: featuregate.Beta}, // Off by default (requires GCE PD CSI Driver) 833 InTreePluginGCEUnregister: {Default: false, PreRelease: featuregate.Alpha}, 834 CSIMigrationAWS: {Default: false, PreRelease: featuregate.Beta}, // Off by default (requires AWS EBS CSI driver) 835 InTreePluginAWSUnregister: {Default: false, PreRelease: featuregate.Alpha}, 836 CSIMigrationAzureDisk: {Default: false, PreRelease: featuregate.Beta}, // Off by default (requires Azure Disk CSI driver) 837 InTreePluginAzureDiskUnregister: {Default: false, PreRelease: featuregate.Alpha}, 838 CSIMigrationAzureFile: {Default: false, PreRelease: featuregate.Beta}, // Off by default (requires Azure File CSI driver) 839 InTreePluginAzureFileUnregister: {Default: false, PreRelease: featuregate.Alpha}, 840 CSIMigrationvSphere: {Default: false, PreRelease: featuregate.Beta}, // Off by default (requires vSphere CSI driver) 841 InTreePluginvSphereUnregister: {Default: false, PreRelease: featuregate.Alpha}, 842 CSIMigrationOpenStack: {Default: true, PreRelease: featuregate.Beta}, 843 InTreePluginOpenStackUnregister: {Default: false, PreRelease: featuregate.Alpha}, 844 VolumeSubpath: {Default: true, PreRelease: featuregate.GA}, 845 ConfigurableFSGroupPolicy: {Default: true, PreRelease: featuregate.Beta}, 846 CSIInlineVolume: {Default: true, PreRelease: featuregate.Beta}, 847 CSIStorageCapacity: {Default: true, PreRelease: featuregate.Beta}, 848 CSIServiceAccountToken: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 849 GenericEphemeralVolume: {Default: true, PreRelease: featuregate.Beta}, 850 CSIVolumeFSGroupPolicy: {Default: true, PreRelease: featuregate.Beta}, 851 RuntimeClass: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 852 NodeLease: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, 853 NetworkPolicyEndPort: {Default: true, PreRelease: featuregate.Beta}, 854 ProcMountType: {Default: false, PreRelease: featuregate.Alpha}, 855 TTLAfterFinished: {Default: true, PreRelease: featuregate.Beta}, 856 IndexedJob: {Default: true, PreRelease: featuregate.Beta}, 857 JobTrackingWithFinalizers: {Default: false, PreRelease: featuregate.Alpha}, 858 KubeletPodResources: {Default: true, PreRelease: featuregate.Beta}, 859 LocalStorageCapacityIsolationFSQuotaMonitoring: {Default: false, PreRelease: featuregate.Alpha}, 860 NonPreemptingPriority: {Default: true, PreRelease: featuregate.Beta}, 861 PodOverhead: {Default: true, PreRelease: featuregate.Beta}, 862 IPv6DualStack: {Default: true, PreRelease: featuregate.Beta}, 863 EndpointSlice: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.25 864 EndpointSliceProxying: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.25 865 EndpointSliceTerminatingCondition: {Default: true, PreRelease: featuregate.Beta}, 866 ProxyTerminatingEndpoints: {Default: false, PreRelease: featuregate.Alpha}, 867 EndpointSliceNodeName: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, //remove in 1.25 868 WindowsEndpointSliceProxying: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.25 869 StartupProbe: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 870 AllowInsecureBackendProxy: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 871 PodDisruptionBudget: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.25 872 CronJobControllerV2: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 873 DaemonSetUpdateSurge: {Default: true, PreRelease: featuregate.Beta}, // on by default in 1.22 874 ImmutableEphemeralVolumes: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.24 875 HugePageStorageMediumSize: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.23 876 DownwardAPIHugePages: {Default: false, PreRelease: featuregate.Beta}, // on by default in 1.22 877 AnyVolumeDataSource: {Default: false, PreRelease: featuregate.Alpha}, 878 DefaultPodTopologySpread: {Default: true, PreRelease: featuregate.Beta}, 879 SetHostnameAsFQDN: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, //remove in 1.24 880 WinOverlay: {Default: true, PreRelease: featuregate.Beta}, 881 WinDSR: {Default: false, PreRelease: featuregate.Alpha}, 882 DisableAcceleratorUsageMetrics: {Default: true, PreRelease: featuregate.Beta}, 883 HPAContainerMetrics: {Default: false, PreRelease: featuregate.Alpha}, 884 SizeMemoryBackedVolumes: {Default: true, PreRelease: featuregate.Beta}, 885 ExecProbeTimeout: {Default: true, PreRelease: featuregate.GA}, // lock to default and remove after v1.22 based on KEP #1972 update 886 KubeletCredentialProviders: {Default: false, PreRelease: featuregate.Alpha}, 887 GracefulNodeShutdown: {Default: true, PreRelease: featuregate.Beta}, 888 ServiceLBNodePortControl: {Default: true, PreRelease: featuregate.Beta}, 889 MixedProtocolLBService: {Default: false, PreRelease: featuregate.Alpha}, 890 VolumeCapacityPriority: {Default: false, PreRelease: featuregate.Alpha}, 891 PreferNominatedNode: {Default: true, PreRelease: featuregate.Beta}, 892 ProbeTerminationGracePeriod: {Default: false, PreRelease: featuregate.Beta}, // Default to false in beta 1.22, set to true in 1.24 893 NodeSwap: {Default: false, PreRelease: featuregate.Alpha}, 894 PodDeletionCost: {Default: true, PreRelease: featuregate.Beta}, 895 TopologyAwareHints: {Default: false, PreRelease: featuregate.Alpha}, 896 PodAffinityNamespaceSelector: {Default: true, PreRelease: featuregate.Beta}, 897 ServiceLoadBalancerClass: {Default: true, PreRelease: featuregate.Beta}, 898 IngressClassNamespacedParams: {Default: true, PreRelease: featuregate.Beta}, 899 ServiceInternalTrafficPolicy: {Default: true, PreRelease: featuregate.Beta}, 900 LogarithmicScaleDown: {Default: true, PreRelease: featuregate.Beta}, 901 SuspendJob: {Default: true, PreRelease: featuregate.Beta}, 902 KubeletPodResourcesGetAllocatable: {Default: false, PreRelease: featuregate.Alpha}, 903 NamespaceDefaultLabelName: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.24 904 CSIVolumeHealth: {Default: false, PreRelease: featuregate.Alpha}, 905 WindowsHostProcessContainers: {Default: false, PreRelease: featuregate.Alpha}, 906 DisableCloudProviders: {Default: false, PreRelease: featuregate.Alpha}, 907 StatefulSetMinReadySeconds: {Default: false, PreRelease: featuregate.Alpha}, 908 ExpandedDNSConfig: {Default: false, PreRelease: featuregate.Alpha}, 909 SeccompDefault: {Default: false, PreRelease: featuregate.Alpha}, 910 PodSecurity: {Default: false, PreRelease: featuregate.Alpha}, 911 ReadWriteOncePod: {Default: false, PreRelease: featuregate.Alpha}, 912 CSRDuration: {Default: true, PreRelease: featuregate.Beta}, 913 DelegateFSGroupToCSIDriver: {Default: false, PreRelease: featuregate.Alpha}, 914 KubeletInUserNamespace: {Default: false, PreRelease: featuregate.Alpha}, 915 MemoryQoS: {Default: false, PreRelease: featuregate.Alpha}, 916 CPUManagerPolicyOptions: {Default: false, PreRelease: featuregate.Alpha}, 917 ControllerManagerLeaderMigration: {Default: true, PreRelease: featuregate.Beta}, 918 919 // inherited features from generic apiserver, relisted here to get a conflict if it is changed 920 // unintentionally on either side: 921 genericfeatures.StreamingProxyRedirects: {Default: false, PreRelease: featuregate.Deprecated}, // remove in 1.24 922 genericfeatures.ValidateProxyRedirects: {Default: true, PreRelease: featuregate.Deprecated}, 923 genericfeatures.AdvancedAuditing: {Default: true, PreRelease: featuregate.GA}, 924 genericfeatures.APIResponseCompression: {Default: true, PreRelease: featuregate.Beta}, 925 genericfeatures.APIListChunking: {Default: true, PreRelease: featuregate.Beta}, 926 genericfeatures.DryRun: {Default: true, PreRelease: featuregate.GA}, 927 genericfeatures.ServerSideApply: {Default: true, PreRelease: featuregate.GA}, 928 genericfeatures.APIPriorityAndFairness: {Default: true, PreRelease: featuregate.Beta}, 929 genericfeatures.WarningHeaders: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.24 930 931 // features that enable backwards compatibility but are scheduled to be removed 932 // ... 933 HPAScaleToZero: {Default: false, PreRelease: featuregate.Alpha}, 934} 935