To use ContainerdV2 as the container runtime on cluster nodes, the operating systems on virtual machines must meet the following requirements:
- Linux kernel version 5.8 or newer.
CgroupsV2support.- Systemd version
244or newer. erofskernel module support.
For more information, see the documentation.
The cloud-init package must be installed on the VMs.
After the virtual machine is started, the following services associated with this package must be started:
cloud-config.service;cloud-final.service;cloud-init.service.
Caution! Only regions where Availability Zones are available are supported.
The provider supports working with only one disk in the virtual machine template. Make sure the template contains only one disk.
To rule the Microsoft Azure cloud, you need an account and at least a single Subscription connected to id.
You have to create a service account with Microsoft Azure so that Deckhouse Kubernetes Platform can manage cloud resources:
-
Install the Azure CLI, login and get Subscription ID:
export SUBSCRIPTION_ID=$(az login | jq -r '.[0].id') -
Create the service account:
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/$SUBSCRIPTION_ID" --name "DeckhouseCANDI"Example output of the command:
{ "appId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx", <-- used in the clientId parameter of the AzureClusterConfiguration resource "displayName": "DeckhouseCANDI", "password": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", <-- used in the clientSecret parameter of the AzureClusterConfiguration resource "tenant": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" <-- used in the tenantId parameter of the AzureClusterConfiguration resource }By default, service account will be created with a secret (used in the clientSecret parameter of the
AzureClusterConfigurationresource) validity period of one year without automatic renewal. Refer to the official documentation to create a service account with a longer secret expiration date.
You have to be logged in for further work with the az tool. Use the service account username, password, and tenant to log in:
az login --service-principal -u <username> -p <password> --tenant <tenant>