What and where is the default kubeadm config file?

10/20/2018

Using kubeadm init initializes the control plane with default configuration options.

Is there a way to see what default values/configuration it will use for the control plane, how can I view that configuration file, and where is it stored?

-- Ijaz Ahmad Khan
kubeadm
kubectl
kubernetes

2 Answers

9/21/2019

kubeadm config print init-defaults (cf. join-defaults) will show the defaults:

$ kubeadm config print init-defaults
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 1.2.3.4
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  name: k1.london.vultr
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: v1.16.0
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12
scheduler: {}

(kubeadm v1.16.0)

As far as I can tell these are built-in defaults, and there is no overridable defaults file, i.e. to supply a different config file it is necessary to pass --config=<file>.

-- OJFord
Source: StackOverflow

10/21/2018

Found the command: ( just in case someone needs it)

C02W84XMHTD5:~ iahmad$ kubectl get configMap kubeadm-config -o yaml --namespace=kube-system
apiVersion: v1
data:
  MasterConfiguration: |
    api:
      advertiseAddress: 192.168.64.4
      bindPort: 8443
      controlPlaneEndpoint: localhost
    apiServerExtraArgs:
      admission-control: Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota
    auditPolicy:
      logDir: /var/log/kubernetes/audit
      logMaxAge: 2
      path: ""
    authorizationModes:
    - Node
    - RBAC
    certificatesDir: /var/lib/minikube/certs/
    cloudProvider: ""
    criSocket: /var/run/dockershim.sock
    etcd:
      caFile: ""
      certFile: ""
      dataDir: /data/minikube
      endpoints: null
      image: ""
      keyFile: ""
    imageRepository: k8s.gcr.io
    kubeProxy:
      config:
        bindAddress: 0.0.0.0
        clientConnection:
          acceptContentTypes: ""
          burst: 10
          contentType: application/vnd.kubernetes.protobuf
          kubeconfig: /var/lib/kube-proxy/kubeconfig.conf
          qps: 5
        clusterCIDR: ""
        configSyncPeriod: 15m0s
        conntrack:
          max: null
          maxPerCore: 32768
          min: 131072
          tcpCloseWaitTimeout: 1h0m0s
          tcpEstablishedTimeout: 24h0m0s
        enableProfiling: false
        healthzBindAddress: 0.0.0.0:10256
        hostnameOverride: ""
        iptables:
          masqueradeAll: false
          masqueradeBit: 14
          minSyncPeriod: 0s
          syncPeriod: 30s
        ipvs:
          minSyncPeriod: 0s
          scheduler: ""
          syncPeriod: 30s
        metricsBindAddress: 127.0.0.1:10249
        mode: ""
        nodePortAddresses: null
        oomScoreAdj: -999
        portRange: ""
        resourceContainer: /kube-proxy
        udpIdleTimeout: 250ms
    kubeletConfiguration: {}
    kubernetesVersion: v1.10.0
    networking:
      dnsDomain: cluster.local
      podSubnet: ""
      serviceSubnet: 10.96.0.0/12
    noTaintMaster: true
    nodeName: minikube
    privilegedPods: false
    token: ""
    tokenGroups:
    - system:bootstrappers:kubeadm:default-node-token
    tokenTTL: 24h0m0s
    tokenUsages:
    - signing
    - authentication
    unifiedControlPlaneImage: ""
-- Ijaz Ahmad Khan
Source: StackOverflow