Cloud provider — Yandex Cloud: provider configuration

YandexClusterConfiguration

Version: deckhouse.io/v1

Describes the configuration of a cloud cluster in Yandex Cloud.

Used by the cloud provider if a cluster’s control plane is hosted in the cloud.

Run the following command to change the configuration in a running cluster:

kubectl -n d8-system exec -ti deploy/deckhouse -- deckhouse-controller edit provider-cluster-configuration

Example:

apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: Standard
nodeNetworkCIDR: 127.0.0.1/8
labels:
  label-2: b
sshPublicKey: "<SSH_PUBLIC_KEY>"
masterNodeGroup:
  replicas: 1
  instanceClass:
    cores: 4
    memory: 8192
    imageID: fd8nb7ecsbvj76dfaa8b
nodeGroups:
- name: worker
  replicas: 1
  zones:
  - ru-central1-a
  instanceClass:
    cores: 4
    memory: 8192
    imageID: fd8nb7ecsbvj76dfaa8b
    coreFraction: 50
    externalIPAddresses:
    - 198.51.100.5
    - Auto
provider:
  cloudID: "<CLOUD_ID>"
  folderID: "<FOLDER_ID>"
  serviceAccountJSON: |
    {
    "id": "id",
    "service_account_id": "service_account_id",
    "key_algorithm": "RSA_2048",
    "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
    "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
    }

apiVersionstring
Required value
Allowed values: deckhouse.io/v1, deckhouse.io/v1alpha1
dhcpOptionsobject
A list of DHCP parameters to use for all subnets.

Note that setting dhcpOptions may lead to problems.
- dhcpOptions.domainNamestring
  The name of the search domain.
- dhcpOptions.domainNameServersarray of strings
  A list of recursive DNS addresses.
  - Element of the arraystring
    Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
existingNetworkIDstring
The ID of the existing VPC Network.
existingZoneToSubnetIDMapobject
One or more pre-existing subnets mapped to respective zone.

Warning! Deckhouse will create a route table that must be manually attached to these subnets.

Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}$
Example:
```
existingZoneToSubnetIDMap:
  ru-central1-a: e2lu8r1tbbtryhdpa9ro
  ru-central1-b: e2lu8r1tbbtryhdpa9ro
  ru-central1-c: e2lu8r1tbbtryhdpa9ro
```
kindstring
Required value
Allowed values: YandexClusterConfiguration
labelsobject
Labels to attach to resources created in the Yandex Cloud.

Note that you have to re-create all the machines to add new labels if labels were modified in the running cluster.
layoutstring
Required value
The way resources are located in the cloud.

Read more about possible provider layouts.

Allowed values: Standard, WithoutNAT, WithNATInstance
masterNodeGroupobject
Required value
The definition of the master’s NodeGroup.

Caution! After changing the parameters of the section, you need to run dhctl converge for the changes to take effect.
- masterNodeGroup.instanceClassobject
  Required value
  Partial contents of the fields of the YandexInstanceClass.
  - masterNodeGroup.instanceClass.additionalLabelsobject
    Additional labels.
    
    Example:
    project: cms-production severity: critical
  - masterNodeGroup.instanceClass.coresinteger
    Required value
    Amount of CPU cores to provision on a Yandex Compute Instance.
  - masterNodeGroup.instanceClass.diskSizeGBinteger
    Yandex Compute Instance disk size in gigabytes.
    
    Default: 50
    Example:
    diskSizeGB: 20
  - masterNodeGroup.instanceClass.externalIPAddressesarray of strings
    A list of external addresses. The number of array elements must correspond to the number of replicas.
    
    If externalSubnetID is not set, you have to use either reserved public IP addresses or the Auto constant.
    
    If externalSubnetID is set, you must select specific unallocated IP addresses from the specified subnet.
    - Element of the arraystring
      Pattern: ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|(Auto)$
  - masterNodeGroup.instanceClass.externalSubnetIDDeprecatedstring
    If specified, an additional network interface will be added to the node (the latter will use it as a default route).
  - masterNodeGroup.instanceClass.externalSubnetIDsarray of strings
    If specified, an additional network interface will be added to the node (the latter will use it as a default route).
    
    Also, a route for the node’s internal interface will be added (it will cover the entire nodeNetworkCIDR subnet).
    
    The number of array elements must correspond to the number of replicas.
  - masterNodeGroup.instanceClass.imageIDstring
    Required value
    Image ID to use while provisioning Yandex Compute Instances.
    
    Example:
    imageID: fd8nb7ecsbvj76dfaa8b
  - masterNodeGroup.instanceClass.memoryinteger
    Required value
    Amount of primary memory in MB provision on a Yandex Compute Instance.
    
    Example:
    memory: 8192
  - masterNodeGroup.instanceClass.networkTypestring
    Network type.
    
    Default: "Standard"
    Allowed values: Standard, SoftwareAccelerated
  - masterNodeGroup.instanceClass.platformstring
    The type of virtual machine to create.
    
    Default: "standard-v2"
- masterNodeGroup.replicasinteger
  Required value
  The number of master nodes to create. It is important to have an odd number of masters to ensure a quorum.
  
  Allowed values: 1 <= X
- masterNodeGroup.zonesarray
  Not required value.
  A limited set of zones in which nodes can be created.
  - Element of the array
    Allowed values: ru-central1-a, ru-central1-b, ru-central1-c
nodeGroupsarray of objects
An array of additional NodeGroups for creating static nodes (e.g., for dedicated front nodes or gateways).
- nodeGroups.instanceClassobject
  Required value
  Partial contents of the fields of the YandexInstanceClass.
  - nodeGroups.instanceClass.additionalLabelsobject
    Additional labels.
    
    Example:
    project: cms-production severity: critical
  - nodeGroups.instanceClass.coreFractioninteger
    Percent of reserved CPU capacity on a Yandex Compute Instance. Details…
    
    Default: 100
    Allowed values: 5, 20, 50, 100
    Example:
    coreFraction: 20
  - nodeGroups.instanceClass.coresinteger
    Required value
    Amount of CPU cores to provision on a Yandex Compute Instance.
  - nodeGroups.instanceClass.diskSizeGBinteger
    Yandex Compute Instance disk size in gigabytes.
    
    Default: 50
    Example:
    diskSizeGB: 20
  - nodeGroups.instanceClass.externalIPAddressesarray of strings
    A list of external addresses. The number of array elements must correspond to the number of replicas.
    
    If externalSubnetID is not set, you have to use either reserved public IP addresses or the Auto constant.
    
    If externalSubnetID is set, you must select specific unallocated IP addresses from the specified subnet.
    - Element of the arraystring
      Pattern: ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|(Auto)$
  - nodeGroups.instanceClass.externalSubnetIDDeprecatedstring
    If specified, an additional network interface will be added to the node (the latter will use it as a default route).
  - nodeGroups.instanceClass.externalSubnetIDsarray of strings
    If specified, an additional network interface will be added to the node (the latter will use it as a default route).
    
    Also, a route for the node’s internal interface will be added (it will cover the entire nodeNetworkCIDR subnet).
    
    The number of array elements must correspond to the number of replicas.
  - nodeGroups.instanceClass.imageIDstring
    Required value
    Image ID to use while provisioning Yandex Compute Instances.
    
    Example:
    imageID: fd8nb7ecsbvj76dfaa8b
  - nodeGroups.instanceClass.memoryinteger
    Required value
    Amount of primary memory in MB provision on a Yandex Compute Instance.
    
    Example:
    memory: 8192
  - nodeGroups.instanceClass.networkTypestring
    Network type.
    
    Default: "Standard"
    Allowed values: Standard, SoftwareAccelerated
  - nodeGroups.instanceClass.platformstring
    The type of virtual machine to create.
    
    Default: "standard-v2"
- nodeGroups.namestring
  Required value
  The name of the NodeGroup to use for generating node names.
- nodeGroups.nodeTemplate
  Parameters of Node objects in Kubernetes to add after registering the node.
  - nodeGroups.nodeTemplate.annotationsobject
    The same as the metadata.annotations standard field.
    
    Example:
    annotations: ai.fleet.com/discombobulate: "true"
  - nodeGroups.nodeTemplate.labelsobject
    A list of labels to attach to cluster resources.
    
    The same as the metadata.labels standard field.
    
    Note that you have to re-create all the machines to add new tags if tags were modified in the running cluster.
    
    Example:
    labels: environment: production app: warp-drive-ai
  - nodeGroups.nodeTemplate.taintsarray of objects
    The same as the .spec.taints field of the Node object.
    
    Caution! Only the effect, key, values fields are available.
    
    Example:
    taints: - effect: NoExecute key: ship-class value: frigate
    - nodeGroups.nodeTemplate.taints.effectstring
      Allowed values: NoSchedule, PreferNoSchedule, NoExecute
    - nodeGroups.nodeTemplate.taints.keystring
    - nodeGroups.nodeTemplate.taints.valuestring
- nodeGroups.replicasinteger
  Required value
  The number of nodes to create.
- nodeGroups.zonesarray
  A limited set of zones in which nodes can be created.
  - Element of the array
    Allowed values: ru-central1-a, ru-central1-b, ru-central1-c
nodeNetworkCIDRstring
Required value
This subnet will be split into three equal parts.

They will serve as a basis for subnets in three Yandex Cloud zones.

providerobject

Required value

Contains settings to connect to the Yandex Cloud API.

provider.cloudIDstring
Required value
The cloud ID.
provider.folderIDstring
Required value
ID of the directory.

provider.serviceAccountJSONstring

Required value

A key to the Service Account in the JSON format generated by yc iam key create.

Pattern: ^[ \t\n]*\{(.|\n)*\}[ \t\n]*$

Example:

serviceAccountJSON: |
  {
     "id": "...",
     "service_account_id": "...",
     "created_at": "2022-08-04T05:38:34.756137618Z",
     "key_algorithm": "RSA_2048",
     "public_key": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----\n",
     "private_key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----\n"
  }

sshPublicKeystring
Required value
A public key for accessing nodes.
withNATInstanceobject
Settings for the WithNATInstance layout.
- withNATInstance.exporterAPIKeystring
  API-key for cloud metrics exporter.
  - If parameter is empty, cloud metrics exporter will not be deployed in the cluster.
  - If parameter is Auto, Deckhouse will create service account with the monitoring.viewer role and create API-key manually. Provider service account should have the admin role.
  - Any other value is considered a valid API-key. See this instruction for creating API-key. Service account should have monitoring.viewer role.
  Default: ""
- withNATInstance.externalSubnetIDstring
  If specified, an additional network interface will be added to the node (the node will use it as a default route).
- withNATInstance.internalSubnetIDstring
  ID of a subnet for the internal interface.
- withNATInstance.natInstanceExternalAddressstring
  A reserved external IP address (or externalSubnetID address if specified).
  
  Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
- withNATInstance.natInstanceInternalAddressDeprecatedstring
  Consider using automatically generated address instead.
  
  Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
zonesarray
The globally restricted set of zones that this cloud provider works with.
- Element of the array
  Allowed values: ru-central1-a, ru-central1-b, ru-central1-c