We list here some details on the APIs we expose, the software versions we use, and the resources we reserve on each node.
OVH APIs
We have added a Kubernetes section to the OVHcloud API.
Using it you will be able to add and remove nodes, update and reset your clusters, or get kubectl configuration.
If you have never used the OVH API, see the First Steps with the OVHcloud API guide.
Kubernetes Configuration
API
Admission plugins (defaults are not listed here):
-
AlwaysPullImages: Force every new pod to pull the required images every time. In a multi-tenant cluster users can be assured that their private images can only be used by those who have the credentials to pull them. -
NodeRestriction: Ensure that the kubelet is restricted to the Node and Pod objects that it could modify as defined. Such kubelets will only be allowed to modify their own NodeAPI object and PodAPI objects that are bound to their node.
Authorization modes:
- Node: Authorize API requests made by kubelets.
- RBAC: Role-based access control is a method of regulating access to computer or network resources based on the roles of individual users within an organization.
Feature gates:
-
TTLAfterFinished: Allow a TTL controller to clean up resources after they finish execution.
Kubelet
-
protect-kernel-defaults: Protect tuned kernel parameters from overriding kubelet default kernel parameter values.
Go further
For more information and tutorials, please see our other Managed Kubernetes support guides or explore the guides for other OVHcloud products and services.