Use the following list to determine the name of the feature you want to disable:
| Feature gate | Description | Default |
|---|---|---|
AdvancedAuditing |
Enables a more general API auditing pipeline, which includes support for pluggable output backends and an audit policy specifying how different requests should be audited. |
True |
APIListChunking |
Enables the API clients to retrieve LIST or GET resources from API server in chunks. |
True |
APIResponseCompression |
Enables the compression of API responses for LIST or GET requests. |
False |
AppArmor |
Enables AppArmor-based mandatory access control on Linux nodes when using Docker. For more information, see the Kubernetes AppArmor documentation. |
True |
AttachVolumeLimit |
Adds support for volume plugins to report node specific volume limits. |
True |
BalanceAttachedNodeVolumes |
Includes volume count on node to be considered for balanced resource allocation while scheduling. A node which has closer CPU ,memory utilization, and volume count is favored by scheduler while making decisions. |
False |
BlockVolume |
Enables the definition and consumption of raw block devices in pods. For more information, see the Kubernetes Raw Block Volume Support. |
False |
CPUManager |
Enables Container-level CPU affinity support. For more information, see Using CPU Manager. |
True |
CPUCFSQuotaPeriod |
Enables nodes to change CPUCFSQuotaPeriod. |
False |
CRIcontainerLogRotation |
Enables Container log rotation for the CRI Container runtime. |
True |
CSIBlockVolume |
Enables CSI to use raw block storage volumes. |
False |
CSIDriverRegistry |
Enables all logic related to the CSIDriver API object in csi.storage.k8s.io. |
False |
CSINodeInfo |
Enables all logic related to the CSINodeInfo API object in csi.storage.k8s.io. |
False |
CSIPersistentVolume |
Enables discovering and mounting volumes provisioned through a CSI (Container Storage Interface) compatible volume plugin. For more information, see the CSI Volume Plugins in Kubernetes Design Documentation. |
True |
CustomPodDNS |
Enables customizing the DNS settings for a pod using the dnsConfig property. |
True |
Debugcontainers |
Enables running a debugging Container in a pod namespace to troubleshoot a running Pod. |
False |
DevicePlugins |
Enables device plug-in-based resource provisioning on nodes. |
True |
DryRun |
Allows requests to be processed but not stored, so that validation, merging, mutation can be tested without committing. |
False |
DynamicKubeletConfig |
Enables the dynamic configuration in a cluster. |
True |
EnableEquivalenceClassCache |
Enables the scheduler to cache equivalence of nodes when scheduling Pods. |
False |
ExpandPersistentVolumes |
Enables the ability to Expand persistent volumes. |
True |
ExpandInUsePersistentVolumes |
Enables the ability to expand persistent volumes' file system without unmounting volumes. |
False |
ExperimentalHostUserNamespaceDefaultingGate |
Enables the disabling of user namespaces. This is for Containers that are using other host projects, host mounts, or Containers that are privileged or using specific non-project capabilities, such as MKNODE, SYS_MODULE, and so forth. This should only be enabled if user project remapping is enabled in the Docker daemon. |
False |
GCERegionalPersistentDisk |
Enables the GCE Persistent Disk feature. |
True |
HugePages |
Enables the allocation and consumption of pre-allocated huge pages. |
True |
HyperVcontainer |
Enables Hyper-V isolation for Windows Containers. |
False |
Intializers |
Enables the dynamic admission control as an extension to the built-in admission controllers. |
False |
KubeletPluginsWatcher |
Enables probe based plugin watcher utility for discovering Kubelet plugins. |
True |
LocalStorageCapacityIsolation |
Enables the consumption of local ephemeral storage and the |
False |
Mountcontainers |
Enables using utility Containers on the host as the volume mount. |
False |
MountPropagation |
Enables sharing a volume mounted by one Container to other Containers or pods. |
True |
NodeLease |
Kubelet uses the new Lease API to report node heartbeats, (Kube) Node Lifecycle Controller uses these heartbeats as a node health signal. |
False |
PersistentLocalVolumes |
Enables the usage of local volume pods. Pod affinity has to be specified if requesting a local volume. |
True |
PodPriority |
Enables the descheduling and preemption of pods based on their priorities. |
True |
PodReadinessGates |
Supports Pod Readiness. |
True |
PodShareProcessNamespace |
Allows all containers in a pod to share a process namespace. |
True |
ProcMountType |
Enables control over ProcMountType for containers. |
False |
QOSReserved |
Allows resource reservations at the QoS level preventing pods at lower QoS levels from bursting into resources requested at higher QoS levels (memory only for now). |
False |
ResourceLimitsPriorityFunction |
Enables a scheduler priority function that assigns a lowest possible score of |
False |
ResourceQuotaScopeSelectors |
Enables resource quota scope selectors. |
True |
RotateKubeletClientCertificate |
Enables the rotation of the client TLS certificate on the cluster. |
True |
RotateKubeletServerCertificate |
Enables the rotation of the server TLS certificate on the cluster. |
True |
RunAsGroup |
Enables control over the primary group ID set on the init processes of Containers. |
False |
RuntimeClass |
Enables RuntimeClass, for selecting between multiple runtimes to run a pod. |
False |
ScheduleDaemonSetPods |
Enables DaemonSet pods to be scheduled by the default scheduler instead of the DaemonSet controller. |
True |
SCTPSupport |
Enables SCTP as new protocol for Service ports, NetworkPolicy, and ContainerPort in Pod/Containers definition. |
False |
ServiceNodeExclusion |
Enables the exclusion of nodes from load balancers created by a cloud provider. |
False |
StorageObjectInUseProtection |
Enables postponing the deletion of persistent volume or persistent volume claim objects if they are still being used. |
True |
StreamingProxyRedirects |
Instructs the API server to intercept and follow redirects from the backend kubelet for streaming requests. |
True |
SupportIPVSProxyMode |
Enables providing in-cluster service load balancing using IP virtual servers. |
True |
SupportPodPidsLimit |
Enables support for limiting the number of processes (PIDs) running in a pod. |
True |
Sysctls |
Enables pods to set sysctls on a pod. |
True |
TaintBasedEvictions |
Enables evicting pods from nodes based on taints on nodes and tolerations on pods. |
False |
TaintNodesByCondition |
Enables automatic tainting nodes based on node conditions. |
True |
TokenRequest |
Enables the TokenRequest endpoint on service account resources. |
True |
TokenRequestProjection |
Enables ServiceAccountTokenVolumeProjection support in ProjectedVolumes. |
True |
TTLAfterFinished |
Allows TTL controller to clean up Pods and Jobs after they finish. |
False |
ValidateProxyRedirects |
Controls whether the apiserver should validate that redirects are only followed to the same host. Only used if StreamingProxyRedirects is enabled. |
False |
VolumeScheduling |
Enables volume-topology-aware scheduling and make the persistent volume claim (PVC) binding aware of scheduling decisions. It also enables the usage of local volumes types when used together with the PersistentLocalVolumes feature gate. |
True |
VolumeSnapshotDataSource |
Enables volume snapshot data source support. |
False |
VolumeSubpath |
Allows mounting a subpath of a volume in a container. Do not remove this feature gate even though it’s GA. |
True |
VolumeSubpathEnvExpansion |
Allows subpath environment variable substitution. Only applicable if the VolumeSubpath feature is also enabled. |
False |