Deckhouse Kubernetes Platform in a private environment

Preparing for installation

This feature is available in Standard and Enterprise Edition only.

Configure cluster

Template for DNS names Enter a domain name template containing %s, e.g., %s.domain.my or %s-kube.domain.my. Please don't use the example.com domain name. This template is used for system apps domains within the cluster, e.g., Grafana for %s.domain.my will be available as grafana.domain.my.
This tutorial assumes the use of a public domain pointing to a public cluster address. It is necessary to obtain Let's Encrypt certificates for Deckhouse services. If the existing certificates (including Self-Signed ones) are used, you need to change the global settings in the modules.https section.
We recommend using the sslip.io service (or similar) for testing if wildcard DNS records are unavailable to you for some reason.

The address of the HTTP proxy server (examples: http://proxy.company.my, https://user1:p@ssword@proxy.company.my:8443) Proxy address should match http://proxy.company.my or http[s]://[[USER][:PASSWORD]@]proxy.company.my[:PORT]. Please don't use the proxy.company.my domain name. Leave it blank if you don't use the HTTP proxy server.

The address of the HTTPS proxy server (examples: http://proxy.company.my, https://user1:p@ssword@proxy.company.my:8443) Proxy address should match http://proxy.company.my or http[s]://[[USER][:PASSWORD]@]proxy.company.my[:PORT]. Please don't use the proxy.company.my domain name. Leave it blank if you don't use the HTTP proxy server.

A comma-separated list of IP addresses and domain names for which a proxy server is not used. Also specify here the subnet of the cluster nodes. For wildcard domains, use a domain name with a dot prefix, e.g., ".example.com". (e.g. — 127.0.0.1, 192.168.0.0/24, example.com, ".example.com") The addresses must match the templates 127.0.0.1, 192.168.0.0/24, example.com and ".example.com". Please don't use the example.com domain name. Specify a list of IP addresses, networks, and domain names that can be accessed directly without using a proxy server. Also specify here the subnet of the cluster nodes. For wildcard domains, use a domain name with a dot prefix, e.g., ".example.com".

Parameters for accessing the container image registry (or proxy registry)

Read more about configuring a container image storage, if necessary.

The path prefix for Deckhouse container images (e.g., registry.deckhouse.io/deckhouse/ee for Deckhouse EE). Note that Deckhouse container images must be available at the specified address and path.

Container image registry credentials, Base64-encoded. It is a string from the Docker client configuration file (in Linux it is usually $HOME/.docker/config.json), Base64-encoded.
Read more about the parameter in the documentation. If using anonymous access to the container registry, do not fill in this field.

The container image registry uses the HTTP protocol.

Enable it if the container image registry works over HTTP rather than HTTPS.

The root SSL certificate to verify the container image registry's SSL certificate (e.g., if the registry uses a self-signed certificate). Leave it blank, if the container image registry uses an SSL certificate issued by a public CA.

Go back Next: Installation

Deckhouse Kubernetes Platform in a private environment

Configure cluster

Parameters for accessing the container image registry (or proxy registry)

Request trial access

Thank you

Error

Request callback

Thank you

Something went wrong

Book your sessions

Thank you

Error

Request demo

Thank you

Error

Get the PCI SSC Compliance Report

Thank you

Error