Deckhouse Platform in Yandex.Cloud

1
Selecting infrastructure
2
A brief overview of installation
3
Setting up cluster
4
Preparing environment
5
Installation
6
Getting access to the cluster
7
What can I do next?

Configure cluster

Enter a domain name template containing %s, e.g., %s.domain.my or %s-kube.domain.my. Please don't use the example.com domain name. This template is used for system apps domains within the cluster, e.g., Grafana for %s.domain.my will be available as grafana.domain.my.
This tutorial assumes the use of a public domain pointing to a public cluster address. It is necessary to obtain Let's Encrypt certificates for Deckhouse services. If the existing certificates (including Self-Signed ones) are used, you need to change the global settings in the modules.https section.
We recommend using the nip.io service (or similar) for testing if wildcard DNS records are unavailable to you for some reason.
This prefix is used for naming cluster objects created by Deckhouse (virtual machines, networks, security policies, etc.).
This key is passed to the cloud provider during the virtual machine creation process.

Select layout

Layout is the way how resources are located in the cloud. There are several pre-defined layouts.

WithoutNAT (recommended) Standard WithNATInstance

resources

This deployment scheme does not use NAT and gives each node a public IP.

Warning! Deckhouse does not yet support Yandex Security Groups, so all nodes in the cluster will be publicly accessible.

resources

Under this placement strategy, virtual machines access the Internet using a Yandex CloudNAT with a public (and single) source IP.

Warning! The Yandex.Cloud NAT feature is at the Preview stage. In order to enable Cloud NAT in your cloud, you need to contact Yandex.Cloud support in advance and request the feature.

resources

In this placement scheme, a NAT VM is created. This instance is configured as default route for other VMs.

Select preset

Preset is the structure of nodes in the cluster. There are several pre-defined presets.

Minimal Multi-master Recommended for production
  • The cluster consists of one master node and one worker node.
  • Kubernetes Control Plane and Deckhouse controller run on the master node.
  • Deckhouse deploys other components (Ingress Controller, Prometheus, cert-manager, etc.) on the worker node.
  • Your applications should run on the worker node.
  • Highly Available Kubernetes Control Plane.
  • The cluster consists of three master nodes and two worker nodes.
  • Kubernetes Control Plane and Deckhouse controller run on master nodes.
  • Deckhouse deploys other components (Ingress Controller, Prometheus, cert-manager, etc.) on the worker nodes.
  • Your applications should run on the worker nodes.
  • Highly Available Kubernetes Control Plane.
  • The cluster consists of three master nodes, two system nodes, several frontend nodes, and one worker node.
  • Kubernetes Control Plane and Deckhouse controller run on master nodes.
  • Deckhouse deploys system components (Prometheus, cert-manager, etc.) on system nodes.
  • Deckhouse deploys Ingress Controller on frontend nodes. The number of frontend nodes depends on the number of availability zones in a cloud provider.
  • Your applications should run on the worker node.
Go back Next: Preparing environment