AWSClusterConfiguration

Version: deckhouse.io/v1

  • additionalRolePoliciesarray of strings

    List containing an additional policies for IAM roles.

    • Additional policies would be attached to default IAM role policies.
    • Parameter is optional. If ommitted, only default IAM role policies are used.

    Default IAM role policies are:

    - "ec2:DescribeTags"
    - "ec2:DescribeInstances"
    
    • Element of the arraystring

      Pattern: ^(\w+):(\w+)$

  • apiVersionstring

    Required value

    Allowed values: deckhouse.io/v1, deckhouse.io/v1alpha1

  • existingVPCIDstring

    ID of the existing VPC to use for deploying.

    • A mandatory parameter if the vpcNetworkCIDR is omitted.
    • Caution! If there is an Internet Gateway in the target VPC, the deployment of the basic infrastructure will fail with an error. Currently, an Internet Gateway cannot be adopted.
  • kindstring

    Required value

    Allowed values: AWSClusterConfiguration

  • layoutstring

    Required value

    The way resources are located in the cloud.

    Read more about possible provider layouts.

    Note, that the Standard layout is deprecated.

    Allowed values: WithoutNAT, WithNAT, Standard

  • masterNodeGroupobject

    Required value

    Parameters of the master’s NodeGroup.

    • additionalTagsobject

      The additional tags to attach to the instances created (in addition to those specified in the cloud provider configuration).

      Example:

      project: cms-production
      severity: critical
      
    • instanceClassobject

      Required value

      Partial contents of the fields of the AWSInstanceClass.

      • additionalSecurityGroupsarray of strings

        The additional security groups to add to provisioned instances of the specific InstanceClass.

      • amistring

        Required value

        The Amazon Machine Image (AMI ID) to use in provisioned instances.

        Here is how you can find the required AMI (each region has its own set of AMIs):

        aws ec2 --region <REGION> describe-images \
        --filters 'Name=name,Values=ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-2020*' | \
        jq '.Images[].ImageId'
        

        Example:

        ami: ami-040a1551f9c9d11ad
        
      • diskSizeGbinteger

        Instance disk size in gigabytes.

        Example:

        diskSizeGb: 20
        
      • diskTypestring

        Instance EBS disk type.

        Allowed values: gp3, gp2, io2, io1, st1, sc1

        Example:

        diskType: gp2
        
      • instanceTypestring

        Required value

        Instance type of AWS instance.

        Caution! Ensure that this type is present in all zones specified in the zones parameter.

        Example:

        instanceType: t3.large
        
    • replicasinteger

      Required value

      The number of master nodes to create.

      Allowed values: 1 <= X

    • zonesarray of strings

      Not required value.

      A limited set of zones in which master nodes can be created.

  • nodeGroupsarray of objects

    An array of additional NodeGroups for creating static nodes (e.g., for dedicated front nodes or gateways).

    • additionalTagsobject

      The additional tags to attach to the instances created (in addition to those specified in the cloud provider configuration).

      Example:

      project: cms-production
      severity: critical
      
    • instanceClassobject

      Required value

      Partial contents of the fields of the AWSInstanceClass.

      • additionalSecurityGroupsarray of strings

        The additional security groups to add to provisioned instances of the specific InstanceClass.

      • amistring

        Required value

        The Amazon Machine Image (AMI ID) to use in provisioned instances.

        Here is how you can find the required AMI (each region has its own set of AMIs):

        aws ec2 --region <REGION> describe-images \
        --filters 'Name=name,Values=ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-2020*' | \
        jq '.Images[].ImageId'
        

        Example:

        ami: ami-040a1551f9c9d11ad
        
      • diskSizeGbinteger

        Instance disk size in gigabytes.

        Example:

        diskSizeGb: 20
        
      • diskTypestring

        Instance EBS disk type.

        Allowed values: gp3, gp2, io2, io1, st1, sc1

        Example:

        diskType: gp2
        
      • instanceTypestring

        Required value

        Instance type of AWS instance.

        Caution! Ensure that this type is present in all zones specified in the zones parameter.

        Example:

        instanceType: t3.large
        
    • namestring

      Required value

      The name of the NodeGroup. It is used to generate the node name.

    • nodeTemplate

      Parameters of Node objects in Kubernetes to add after registering the node.

      • annotationsobject

        The same as the metadata.annotations standard field.

        Example:

        annotations:
          ai.fleet.com/discombobulate: "true"
        
      • labelsobject

        A list of labels to attach to cluster resources.

        The same as the metadata.labels standard field.

        Note that you have to re-create all the machines to add new tags if tags were modified in the running cluster.

        Example:

        labels:
          environment: production
          app: warp-drive-ai
        
      • taintsarray of objects

        The same as the .spec.taints field of the Node object.

        Caution! Only the effect, key, values fields are available.

        Example:

        taints:
        - effect: NoExecute
          key: ship-class
          value: frigate
        
        • effectstring

          Allowed values: NoSchedule, PreferNoSchedule, NoExecute

        • keystring
        • valuestring
    • replicasinteger

      Required value

      The number of nodes.

    • zonesarray of strings

      Not required value.

      A limited set of zones in which master nodes can be created.

  • nodeNetworkCIDRstring

    A subnet to use for cluster nodes.

    • The IP range must overlap or match the VPC address range.
    • The IP range will be evenly split into subnets, one per Availability Zone in your region.
    • An optional but recommended parameter. By default, it corresponds to the whole range of VPC addresses.

    If a new VPC is created along with a new cluster and no vpcNetworkCIDR is provided, then the range from nodeNetworkCIDR is used for the VPC. Thus, the entire VPC is allocated for the cluster networks, and you will not be able to add other resources to this VPC.

    The nodeNetworkCIDR range is distributed between subnets depending on the number of availability zones in the selected region. For example: if nodeNetworkCIDR: "10.241.1.0/20" and there are three availability zones in the region, subnets will be created with the /22 mask.

    Pattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$

  • peeredVPCsarray of strings

    A list of AWS VPC IDs to peer with the cluster network.

    The service account must have access to all the VPCs listed. You have to configure the peering connection manually if no access is available.

  • providerobject

    Required value

    Contains settings to connect to the AWS API.

    • providerAccessKeyIdstring

      Required value

      Access key ID.

    • providerSecretAccessKeystring

      Required value

      Access key secret.

    • regionstring

      Required value

      The name of the AWS region where instances will be provisioned.

  • sshAllowListarray of strings

    A list of CIDR’s allowed to connect to nodes via ssh.

    By default, 0.0.0.0/0.

  • sshPublicKeystring

    Required value

    A public key for accessing nodes.

  • standardobject

    Layout is deprecated.

    • associatePublicIPToMastersboolean
    • associatePublicIPToNodesboolean
  • tagsobject

    Not required value.

    A dictionary of tags to create on all resources that support this feature.

    You have to re-create all the machines to add new tags if tags were modified in the running cluster.

  • vpcNetworkCIDRstring

    A subnet to use in the VPC being created.

    A mandatory parameter if the existingVPCID parameter is omitted.

    Pattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$

  • withNATobject
    • bastionInstanceobject
      • instanceClassobject

        Required value

        Partial contents of the fields of the AWSInstanceClass.

        • additionalSecurityGroupsarray of strings

          The additional security groups to add to provisioned instance of the specific InstanceClass.

        • amistring

          Required value

          The Amazon Machine Image (AMI ID) to use in provisioned instance.

          Here is how you can find the required AMI (each region has its own set of AMIs):

          aws ec2 --region <REGION> describe-images \
          --filters 'Name=name,Values=ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-2020*' | \
          jq '.Images[].ImageId'
          

          Example:

          ami: ami-040a1551f9c9d11ad
          
        • diskSizeGbinteger

          Instance disk size in gigabytes.

          Example:

          diskSizeGb: 20
          
        • diskTypestring

          Instance EBS disk type.

          Allowed values: gp3, gp2, io2, io1, st1, sc1

          Example:

          diskType: gp2
          
        • instanceTypestring

          Required value

          Instance type of AWS instance.

          Caution! Ensure that this type is present in selected zone.

          Example:

          instanceType: t3.large
          
      • zonestring

        The zone in which the bastion instance will be created.

        By default, the first available zone in the region or the first from the list of the global parameter zones will be used.

  • withoutNATobject
    • zonesarray of strings

      The globally restricted set of zones that this cloud provider works with.