Skip to content

Latest commit

 

History

History
129 lines (103 loc) · 3.91 KB

cluster-parameters.md

File metadata and controls

129 lines (103 loc) · 3.91 KB
Raw

vSphere cluster parameters

Prerequisites

Cluster Identity

To provide credentials for CAPI vSphere provider (CAPV) the VSphereClusterIdentity resource must be created. This should be done before provisioning any clusters.

To create cluster identity you'll only need username and password for your vSphere instance.

The example of the objects can be found below:

Secret:

apiVersion: v1
kind: Secret
metadata:
  name: vsphere-cluster-identity-secret
  namespace: hmc-system
stringData:
  username: user
  password: Passw0rd

VsphereClusterIdentity:

apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: VSphereClusterIdentity
metadata:
  name: vsphere-cluster-identity
  namespace: hmc-system
spec:
  secretName: vsphere-cluster-identity-secret
  allowedNamespaces:
    selector:
      matchLabels: {}

These objects then should be referenced in the ManagedCluster object in the .spec.config.clusterIdentity field.

ManagedCluster parameters

To deploy managed cluster a number of parameters should be passed to the ManagedCluster object.

Parameter list

The following is the list of vSphere specific parameters, which are required for successful cluster creation.

Parameter Example Description
.spec.config.vsphere.server vcenter.example.com Address of the vSphere server
.spec.config.vsphere.thumbprint "00:00:00" Certificate thumbprint
.spec.config.vsphere.datacenter DC Datacenter name
.spec.config.vsphere.datastore /DC/datastore/DS Datastore path
.spec.config.vsphere.resourcePool /DC/host/vCluster/Resources/ResPool Resource pool path
.spec.config.vsphere.folder /DC/vm/example vSphere folder path
.spec.config.vsphere.username user Username for your vSphere instance
.spec.config.vsphere.password password Password for your vSphere instance

You can check machine parameters for machine specific parameters.

To obtain vSphere certificate thumbprint you can use the following command:

curl -sw %{certs} https://vcenter.example.com | openssl x509 -sha256 -fingerprint -noout | awk -F '=' '{print $2}'

Username and password currently must be passed once more in the ManagedCluster object to provide proper authentication for CCM and CSI driver.

Example of ManagedCluster CR

With all above parameters provided your ManagedCluster can look like this:

apiVersion: hmc.mirantis.com/v1alpha1
kind: ManagedCluster
metadata:
  name: cluster-1
spec:
  template: vsphere-standalone-cp
  config:
    clusterIdentity:
      name: vsphere-cluster-identity
    vsphere:
      server: vcenter.example.com
      thumbprint: "00:00:00"
      datacenter: "DC"
      datastore: "/DC/datastore/DC"
      resourcePool: "/DC/host/vCluster/Resources/ResPool"
      folder: "/DC/vm/example"
      username: "user"
      password: "Passw0rd"
    controlPlaneEndpointIP: "172.16.0.10"

    controlPlane:
      ssh:
        user: ubuntu
        publicKey: |
          ssh-rsa AAA...
      rootVolumeSize: 50
      cpus: 2
      memory: 4096
      vmTemplate: "/DC/vm/template"
      network: "/DC/network/Net"

    worker:
      ssh:
        user: ubuntu
        publicKey: |
          ssh-rsa AAA...
      rootVolumeSize: 50
      cpus: 2
      memory: 4096
      vmTemplate: "/DC/vm/template"
      network: "/DC/network/Net"