4 minute read  

Documentation Index

Overview

• General Architecture
• Gardener landing page gardener.cloud
• “Gardener, the Kubernetes Botanist” blog on kubernetes.io
• “Gardener Project Update” blog on kubernetes.io

Concepts

• Components
  • Gardener API server
    • In-Tree admission plugins
  • Gardener Controller Manager
  • Gardener Scheduler
  • Gardener Admission Controller
  • Gardener Resource Manager
  • Gardener Operator
  • Gardener Node Agent
  • Gardenlet
• Backup Restore
• etcd
• Relation between Gardener API and Cluster API

Usage

• Audit a Kubernetes cluster
• Auto-Scaling for shoot clusters
• Cleanup of Shoot clusters in deletion
• containerd Registry Configuration
• Custom containerd configuration
• Custom CoreDNS configuration
• (Custom) CSI components
• Default Seccomp Profile
• DNS Autoscaling
• DNS Search Path Optimization
• Endpoints and Ports of a Shoot Control-Plane
• ETCD Encryption Config
• ExposureClasses
• Hibernate a Cluster
• IPv6 in Gardener Clusters
• Logging
• NodeLocalDNS feature
• OpenIDConnect presets
• Projects
• Service Account Manager
• Readiness of Shoot Worker Nodes
• Reversed Cluster VPN
• Shoot Cluster Purposes
• Shoot Scheduling Profiles
• Shoot Credentials Rotation
• Shoot Kubernetes and Operating System Versioning
• Shoot KUBERNETES_SERVICE_HOST Environment Variable Injection
• Shoot Networking
• Shoot Maintenance
• Shoot ServiceAccount Configurations
• Shoot Status
• Shoot Info ConfigMap
• Shoot Updates and Upgrades
• Shoot HA Control Plane
• Shoot HA Best Practices
• Shoot Workers Settings
• Accessing Shoot Clusters
• Supported Kubernetes versions
• Tolerations
• Trigger shoot operations
• Trusted TLS certificate for shoot control planes
• Trusted TLS certificate for garden runtime cluster
• Controlling the Kubernetes versions for specific worker pools
• Admission Configuration for the PodSecurity Admission Plugin
• Supported CPU Architectures for Shoot Worker Nodes
• Workerless Shoots

API Reference

• authentication.gardener.cloud API Group
• core.gardener.cloud API Group
• extensions.gardener.cloud API Group
• operations.gardener.cloud API Group
• resources.gardener.cloud API Group
• seedmanagement.gardener.cloud API Group
• settings.gardener.cloud API Group

Proposals

• GEP: Gardener Enhancement Proposal Description
• GEP: Template
• GEP-1: Gardener extensibility and extraction of cloud-specific/OS-specific knowledge
• GEP-2: BackupInfrastructure CRD and Controller Redesign
• GEP-3: Network extensibility
• GEP-4: New core.gardener.cloud/v1beta1 APIs required to extract cloud-specific/OS-specific knowledge out of Gardener core
• GEP-5: Gardener Versioning Policy
• GEP-6: Integrating etcd-druid with Gardener
• GEP-7: Shoot Control Plane Migration
• GEP-8: SNI Passthrough proxy for kube-apiservers
• GEP-9: Gardener integration test framework
• GEP-10: Support additional container runtimes
• GEP-11: Utilize API Server Network Proxy to Invert Seed-to-Shoot Connectivity
• GEP-12: OIDC Webhook Authenticator
• GEP-13: Automated Seed Management
• GEP-14: Reversed Cluster VPN
• GEP-15: Manage Bastions and SSH Key Pair Rotation
• GEP-16: Dynamic kubeconfig generation for Shoot clusters
• GEP-17: Shoot Control Plane Migration “Bad Case” Scenario
• GEP-18: Automated Shoot CA Rotation
• GEP-19: Observability Stack - Migrating to the prometheus-operator and fluent-bit operator
• GEP-20: Highly Available Shoot Control Planes
• GEP-21: IPv6 Single-Stack Support in Local Gardener
• GEP-22: Improved Usage of the ShootState API
• GEP-23: Autoscaling Shoot kube-apiserver via Independently Driven HPA and VPA
• GEP-24: Shoot OIDC Issuer
• GEP-25: Namespaced Cloud Profiles
• GEP-26: Workload Identity - Trust Based Authentication

Development

• Getting started locally (using the local provider)
• Setting up a development environment (using a cloud provider)
• Testing (Unit, Integration, E2E Tests)
• Test Machinery Tests
• Dependency Management
• Kubernetes Clients in Gardener
• Logging in Gardener Components
• Changing the API
• Secrets Management for Seed and Shoot Clusters
• Releases, Features, Hotfixes
• Adding New Cloud Providers
• Adding Support For A New Kubernetes Version
• Extending the Monitoring Stack
• How to create log parser for container into fluent-bit
• PriorityClasses in Gardener Clusters
• High Availability Of Deployed Components
• Checklist For Adding New Components
• Defaulting Strategy and Developer Guideline

Extensions

• Extensibility overview
• Extension controller registration
• Cluster resource
• Extension points
  • General conventions
  • Trigger for reconcile operations
  • Deploy resources into the shoot cluster
  • Shoot resource customization webhooks
  • Logging and monitoring for extensions
  • Contributing to shoot health status conditions
    • Health Check Library
  • CA Rotation in Extensions
  • Blob storage providers
    • BackupBucket resource
    • BackupEntry resource
  • DNS providers
    • DNSRecord resources
  • IaaS/Cloud providers
    • Control plane customization webhooks
    • Bastion resource
    • ControlPlane resource
    • ControlPlane exposure resource
    • Infrastructure resource
    • Worker resource
  • Network plugin providers
    • Network resource
  • Operating systems
    • OperatingSystemConfig resource
  • Container runtimes
    • ContainerRuntime resource
  • Generic (non-essential) extensions
    • Extension resource
  • Extension Admission
  • Heartbeat controller
• Provider Local
• Access to the Garden Cluster
• Control plane migration
• Force Deletion
• Extending project roles
• Referenced resources

Deployment

• Getting started locally
• Getting started locally with extensions
• Setup Gardener on a Kubernetes cluster
• Version Skew Policy
• Deploying Gardenlets
  • Automatic Deployment of Gardenlets
  • Deploy a Gardenlet Manually
  • Scoped API Access for Gardenlets
• Overwrite image vector
• Migration from Gardener v0 to v1
• Feature Gates in Gardener
• Configuring the Logging stack
• SecretBinding Provider Controller

Operations

• Gardener configuration and usage
• Control Plane Migration
• Istio
• Register Shoot as Seed
• NetworkPolicys In Garden, Seed, Shoot Clusters
• Seed Bootstrapping
• Seed Settings
• Topology-Aware Traffic Routing

Monitoring

• Alerting
• Connectivity
• Operator Alerts
• Profiling Gardener Components
• User Alerts