Cluster modifiers define the configuration axes for Kubernetes clusters created during conformance testing. Each modifier belongs to a group, and within each group only one modifier is active per cluster. This creates an exclusive selection axis for generating the cluster matrix.
| Group | Options | Description |
|---|---|---|
cni | canal, cilium | Container Network Interface plugin |
expose-strategy | NodePort, LoadBalancer, Tunneling | How the cluster API is exposed |
proxy-mode | ipvs, iptables, ebpf | Kube-proxy mode |
audit | enabled, disabled | Kubernetes audit logging |
ssh | enabled, disabled | SSH key agent |
opa | enabled, disabled | Open Policy Agent integration |
mla-monitoring | enabled, disabled | MLA monitoring stack |
mla-logging | enabled, disabled | MLA logging stack |
node-local-dns | enabled, disabled | Node-local DNS cache |
k8s-dashboard | enabled, disabled | Kubernetes Dashboard |
pod-node-selector | enabled, disabled | PodNodeSelector admission controller |
event-rate-limit | disabled, server-only, namespace-only, all-limit-types | EventRateLimit admission controller |
csi-driver | enabled, disabled | CSI driver integration |
update-window | configured, none | Maintenance window (excluded from dedup) |
oidc | disabled | OIDC configuration (excluded from dedup) |
external-ccm | enabled, disabled | External Cloud Controller Manager |
ipvs-strict-arp | enabled, disabled | IPVS strict ARP mode |
Cluster modifiers are deduplicated using SHA-256 hashing. Two modifier combinations that produce the same effective cluster spec will share the same cluster, avoiding redundant cluster creation.
Some groups are excluded from the dedup hash because they don’t change the cluster’s functional behavior:
update-window — Maintenance windows don’t affect cluster behavioroidc — OIDC is orthogonal to the provider/version matrixEach modifier has: