GCPClusterConfiguration
Version: deckhouse.io/v1
Describes the configuration of a cloud cluster in GCP.
Used by the cloud provider if a cluster’s control plane is hosted in the cloud.
Run the following command to change the configuration in a running cluster:
kubectl -n d8-system exec -ti svc/deckhouse-leader -c deckhouse -- deckhouse-controller edit provider-cluster-configuration
After updating the node parameters, you need to run the dhctl converge command to apply the changes.
Example:
apiVersion: deckhouse.io/v1
kind: GCPClusterConfiguration
layout: WithoutNAT
sshKey: "<SSH_PUBLIC_KEY>"
subnetworkCIDR: 10.36.0.0/24
masterNodeGroup:
replicas: 1
zones:
- europe-west3-b
instanceClass:
machineType: n1-standard-4
image: projects/ubuntu-os-cloud/global/images/ubuntu-2404-noble-amd64-v20240523a
diskSizeGb: 50
nodeGroups:
- name: static
replicas: 1
zones:
- europe-west3-b
instanceClass:
machineType: n1-standard-4
image: projects/ubuntu-os-cloud/global/images/ubuntu-2404-noble-amd64-v20240523a
diskSizeGb: 50
additionalNetworkTags:
- tag1
additionalLabels:
kube-node: static
provider:
region: europe-west3
serviceAccountJSON: "<SERVICE_ACCOUNT_JSON>"
- apiVersion
Required value
Allowed values:
deckhouse.io/v1
,deckhouse.io/v1alpha1
- kind
Required value
Allowed values:
GCPClusterConfiguration
- labels
A list of labels to attach to cluster resources.
Note that you have to re-create all the machines to add new tags if tags were modified in the running cluster.
You can learn more about the labels in the official documentation.
Format —
key: value
. - layout
Required value
The way resources are located in the cloud.
Standard
- set Cloud NAT mode. More info…WithoutNAT
- a dedicated VPC is created for the cluster. All cluster nodes have public IP addresses. More info…Allowed values:
Standard
,WithoutNAT
- masterNodeGroup
Required value
Parameters of the master’s NodeGroup.
Caution! After changing the parameters of the section, you need to run
dhctl converge
for the changes to take effect.- masterNodeGroup.additionalLabels
Additional labels.
Example:
project: cms-production severity: critical
- array of strings
The list of additional tags.
For example, you can use tags to apply firewall rules to instances. The detailed description of network tags is available in the official documentation.
- masterNodeGroup.instanceClass.disableExternalIP
Defines whether to disable external IP for an instance or not.
This parameter is only available for the
Standard
layout.True means that nodes do not have public addresses and connect to the Internet over
CloudNAT
;False means that static public addresses are created for nodes, they are also used for One-to-one NAT.;
Default:
true
Allowed values:
true
,false
- masterNodeGroup.instanceClass.diskSizeGb
Instance disk size in gibibytes.
Example:
diskSizeGb: 50
- masterNodeGroup.instanceClass.etcdDiskSizeGb
Etcd disk size in gibibytes.
Default:
20
Example:
etcdDiskSizeGb: 20
- masterNodeGroup.instanceClass.image
Required value
Image to use while provisioning GCP servers.
You can find a list of available images in the provider documentation.
The list of OS and their versions supported by Deckhouse can be found in the Deckhouse documentation (take into account the Deckhouse version used).
Example:
image: projects/ubuntu-os-cloud/global/images/ubuntu-1804-bionic-v20190911
- masterNodeGroup.instanceClass.machineType
Required value
Machine type of GCP instance.
Caution! Make sure that this type is present in all zones specified in the
zones
parameter.GCP lets you specify a custom amount of resources (CPU and RAM), e.g.,
custom-8-40960
orn2-custom-8-40960
.Example:
machineType: n1-standard-4
- masterNodeGroup.replicas
Required value
The number of master nodes to create.
It is important to have an odd number of masters to ensure a quorum.
Allowed values:
1 <= X
- masterNodeGroup.zones
A limited set of zones in which nodes can be created.
- nodeGroups
An array of additional NodeGroups for creating static nodes (e.g., for dedicated front nodes or gateways).
- nodeGroups.additionalLabels
- array of strings
- nodeGroups.instanceClass.disableExternalIP
Defines whether to disable external IP for an instance or not.
This parameter is only available for the
Standard
layout.True means that nodes do not have public addresses and connect to the Internet over
CloudNAT
;False means that static public addresses are created for nodes, they are also used for One-to-one NAT.;
Default:
true
Allowed values:
true
,false
- nodeGroups.instanceClass.diskSizeGb
Instance disk size in gibibytes.
Example:
diskSizeGb: 50
- nodeGroups.instanceClass.image
Required value
Image to use while provisioning GCP servers.
You can find a list of available images in the provider documentation.
The list of OS and their versions supported by Deckhouse can be found in the Deckhouse documentation (take into account the Deckhouse version used).
Example:
image: projects/ubuntu-os-cloud/global/images/ubuntu-1804-bionic-v20190911
- nodeGroups.instanceClass.machineType
Required value
Machine type of GCP instance.
Caution! Make sure that this type is present in all zones specified in the
zones
parameter.GCP lets you specify a custom amount of resources (CPU and RAM), e.g.,
custom-8-40960
orn2-custom-8-40960
.Example:
machineType: n1-standard-4
- nodeGroups.name
Required value
The name of the NodeGroup to use for generating node names.
- nodeGroups.nodeTemplate
Parameters of Node objects in Kubernetes to add after registering the node.
- nodeGroups.nodeTemplate.annotations
The same as the
metadata.annotations
(https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta). - nodeGroups.nodeTemplate.labels
The same as the
metadata.labels
standard (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta). - nodeGroups.nodeTemplate.taints
The same as the
.spec.taints
field of the Node object(https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#taint-v1-core). CAUTION! Only theeffect
,key
,values
fields are available- nodeGroups.nodeTemplate.taints.effect
Allowed values:
NoSchedule
,PreferNoSchedule
,NoExecute
- nodeGroups.nodeTemplate.taints.key
- nodeGroups.nodeTemplate.taints.value
- nodeGroups.replicas
Required value
The number of nodes to create.
- nodeGroups.zones
A limited set of zones in which nodes can be created.
- peeredVPCs
A list of GCP VPC networks to peer with the cluster network.
The service account must have access to all the VPCs listed. You have to configure the peering connection manually if no access is available.
- provider
Required value
Parameters for connecting to the GCP API.
- provider.region
Required value
The name of the region where instances will be provisioned.
- provider.serviceAccountJSON
Required value
A key to the Service Account with Project Admin privileges (
service account key
) in the JSON format.How to create it a
service account key
.
- sshAllowList
A list of CIDR’s allowed to connect to nodes via SSH.
By default, from any.
- sshKey
Required value
A public key to access nodes as
user
. - standard
Settings for the
Standard
layout.- standard.cloudNATAddresses
A list of public static IP addresses for
Cloud NAT
.
- subnetworkCIDR
A subnet to use for cluster nodes.
Pattern:
^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$
- withoutNAT
Settings for the
WithoutNAT
layout. - zones
A limited set of zones in which nodes can be created.