0 0 Share PDF

Supportability of custom kubernetes flags in universal control plane

Article ID: KB000961

Issue

Certain kubernetes features may be gated or otherwise not exposed by Universal Control Plane (UCP). In some cases the UCP configuration can be manually modified to enable such features by specifying command-line arguments on the relevant kubernetes components using UCP settings custom_kube_api_server_flags, custom_kube_controller_manager_flags, custom_kubelet_flags, custom_kube_scheduler_flags. Use of these settings presents several supportability concerns.

Prerequisites

  • Universal Control Plane version 3.0 or later
  • Docker EE version 2.0 or later

Root Cause

Arbitrary modifications of Kubernetes component flags have the potential to break features and compromise UCP's security model. Additionally, Docker cannot ensure that custom flags will be forwards compatible with future versions or Kubernetes or the internal configuration of Kubernetes by UCP, meaning that there is a potential for obscure upgrade failure scenarios. The original intent behind the custom_* options were to provide an escape valve for temporary fixes, rather than a first-class interface for enabling or disabling features.

Resolution

Use of the custom_* flags in UCP configuration is unsupported and generally discouraged when applied outside direct guidance from Docker. At our discretion Docker support may require you to reproduce reported issues without such customization prior to if we suspect the customization to be causally associated. If you are interested in using a custom kubernetes flag, please contact your Docker sales team or Docker support to express your interest in the feature.

What's Next