Deckhouse Platform in Yandex.Cloud

1
Selecting infrastructure
2
A brief overview of installation
3
Setting up cluster
4
Preparing environment
5
Installation
6
Getting access to the cluster
7
What can I do next?

Configure cluster

Enter a domain name template containing %s, e.g., %s.domain.my or %s-kube.domain.my. Please don't use the example.com domain name. This template is used for system apps domains within the cluster, e.g., Grafana for %s.domain.my will be available as grafana.domain.my.
This tutorial assumes the use of a public domain directed to a public cluster address. This is necessary to obtain Let's Encrypt certificates for Deckhouse services. If using existing certificates (including Self-Signed), you need to change the global settings in the modules.https section.
This prefix is used for names of cluster objects created by Deckhouse (virtual machines, networks, security policies, etc.).
This key is passed to the cloud provider during the virtual machine creation process.

Select layout

Layout — the way how resources are located in the cloud. There are several pre-defined layouts.

WithoutNAT (recommended) Standard WithNATInstance

resources

This deployment scheme does not use NAT and gives each node a public IP.

Warning! Deckhouse does not yet support Yandex Security Groups, so all nodes in the cluster will be publicly accessible.

resources

Under this placement strategy, virtual machines access the Internet using a Yandex CloudNAT with a public (and single) source IP.

Warning! The Yandex.Cloud NAT feature is at the Preview stage. In order to enable Cloud NAT in your cloud, you need to contact Yandex.Cloud support in advance and request the feature.

resources

In this placement scheme, a NAT VM is created. This instance is configured as default route for other VMs.

Select preset

Preset — the structure of nodes in the cluster. There are several pre-defined presets.

Minimal Multi-master Recommended for production
  • The cluster consists of one master node and one worker node.
  • Kubernetes Control Plane and Deckhouse controller run on the master node.
  • Deckhouse deploys other components (Ingress Controller, Prometheus, cert-manager, etc.) on the worker node.
  • Your applications should run on the worker node.
  • Highly Available Kubernetes Control Plane.
  • The cluster consists of three master nodes and two worker nodes.
  • Kubernetes Control Plane and Deckhouse controller run on master nodes.
  • Deckhouse deploys other components (Ingress Controller, Prometheus, cert-manager, etc.) on the worker nodes.
  • Your applications should run on the worker nodes.
  • Highly Available Kubernetes Control Plane.
  • The cluster consists of three master nodes, two system nodes, several frontend nodes, and one worker node.
  • Kubernetes Control Plane and Deckhouse controller run on master nodes.
  • Deckhouse deploys system components (Prometheus, cert-manager, etc.) on system nodes.
  • Deckhouse deploys Ingress Controller on frontend nodes. The number of frontend nodes depends on the number of availability zones in a cloud provider.
  • Your applications should run on the worker node.
Go back Next: Preparing environment