Available in editions: EE, SE+
The module is automatically enabled for all cloud clusters deployed in vSphere.
Conversions
The module is configured using the ModuleConfig resource, the schema of which contains a version number. When you apply an old version of the ModuleConfig schema in a cluster, automatic transformations are performed. To manually update the ModuleConfig schema version, the following steps must be completed sequentially for each version :
- Updates from version 1 to 2:
If the field
.storageClass.compatibilityFlagexists, capitalize the field value.
If the cluster control plane is hosted on a virtual machines or bare-metal servers, the cloud provider uses the settings from the cloud-provider-vsphere module in the Deckhouse configuration (see below). Otherwise, if the cluster control plane is hosted in a cloud, the cloud provider uses the VsphereClusterConfiguration structure for configuration.
You can configure the number and parameters of ordering machines in the cloud via the NodeGroup custom resource of the node-manager module. Also, in this custom resource, you can specify the instance class’s name for the above group of nodes (the cloudInstances.ClassReference parameter of NodeGroup). In the case of the vSphere cloud provider, the instance class is the VsphereInstanceClass custom resource that stores specific parameters of the machines.
Storage
The module automatically creates a StorageClass for each Datastore and DatastoreCluster in the zone (or zones).
Also, it can set the name of StorageClass that will be used in the cluster by default (the default parameter), and filter out the unnecessary StorageClasses (the exclude parameter).
CSI
By default, the storage subsystem uses CNS volumes with the ability of online-resize. FCD volumes are also supported, but only in the legacy or migration modes. You can set this via the compatibilityFlag parameter.
Important information concerning the increase of the PVC size
Due to the nature f volume-resizer, CSI, and vSphere API, you have to do the following after increasing the PVC size:
- On the node where the Pod is located, run the
d8 k cordon <node_name>command. - Delete the Pod.
- Make sure that the resize was successful. The PVC object must not have the
Resizingcondition.The
FileSystemResizePendingstate is OK. - On the node where the Pod is located, run the
d8 k uncordon <node_name>command.
Settings
The module is configured using the ModuleConfig custom resource named cloud-provider-vsphere (learn more about setting up Deckhouse…).
Example of the ModuleConfig/cloud-provider-vsphere resource for configuring the module:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: cloud-provider-vsphere
spec:
version: 2
enabled: true
settings: # <-- Module parameters from the "Parameters" section below.
Parameters
Schema version: 2
- objectsettings
- booleansettings.disableTimesync
Disable time synchronization on the vSphere side.
Caution! This parameter will not disable the NTP daemons in the guest OS, but only disable the time correction on the part of ESXi.
- array of stringssettings.externalNetworkNames
Names of networks (just the name and not the full path) connected to
VirtualMachinesand used byvsphere-cloud-controller-managerto insert ExternalIP into the.status.addressesfield in the Node API object. - stringsettings.host
The domain of the vCenter server.
- booleansettings.insecure
Set to
trueif vCenter has a self-signed certificate. - array of stringssettings.internalNetworkNames
Names of networks (just the name and not the full path) connected to
VirtualMachinesand used byvsphere-cloud-controller-managerto insert InternalIP into the.status.addressesfield in the Node API object. - objectsettings.nsxt
Kubernetes load balancer support using NSX-T for the vSphere cloud controller manager.
- stringsettings.nsxt.defaultIpPoolName
Required value
Name of the default IP pool used for the SVC’s without
loadbalancer.vmware.io/classannotation set.Example:
defaultIpPoolName: pool1 - stringsettings.nsxt.defaultTcpAppProfileName
Name of default NSX-T application profile used for TCP connections.
Default:
default-tcp-lb-app-profileExamples:
defaultTcpAppProfileName: default-tcp-lb-app-profiledefaultTcpAppProfileName: tcp-profile1 - stringsettings.nsxt.defaultUdpAppProfileName
Name of default NSX-T application profile used for UDP connections.
Default:
default-udp-lb-app-profileExamples:
defaultUdpAppProfileName: default-udp-lb-app-profiledefaultUdpAppProfileName: udp-profile1 - stringsettings.nsxt.host
Required value
NSX-T host.
Example:
host: 1.2.3.4 - booleansettings.nsxt.insecureFlag
To be set to true if NSX-T uses self-signed certificate.
Examples:
insecureFlag: trueinsecureFlag: false - arraysettings.nsxt.loadBalancerClass
Additional section to define Load Balancer Classes (to use class, set annotation
loadbalancer.vmware.io/class: <class name>to SVC).Examples:
loadBalancerClass: []loadBalancerClass: name: LBC1 ipPoolName: pool2loadBalancerClass: name: LBC1 ipPoolName: pool2 tcpAppProfileName: profile2 udpAppProfileName: profile3- stringsettings.nsxt.loadBalancerClass.ipPoolName
Required value
Name of the IP pool.
- stringsettings.nsxt.loadBalancerClass.name
Required value
Load Balancer Class name to use in SVC annotation
loadbalancer.vmware.io/class: <class name>. - stringsettings.nsxt.loadBalancerClass.tcpAppProfileName
Name of application profile used for TCP connections.
Default:
defaultTcpAppProfileName - stringsettings.nsxt.loadBalancerClass.udpAppProfileName
Name of application profile used for UDP connections.
Default:
defaultUdpAppProfileName
- stringsettings.nsxt.password
Required value
NSX-T password.
Example:
password: password - stringsettings.nsxt.size
Size of load balancer service.
Default:
MEDIUMAllowed values:
SMALL,MEDIUM,LARGE,XLARGEExample:
size: SMALL - stringsettings.nsxt.tier1GatewayPath
Required value
Policy path for the NSX-T tier1 gateway.
Example:
tier1GatewayPath: "/path/tier1" - stringsettings.nsxt.user
Required value
NSX-T user name.
Example:
user: user
- stringsettings.password
The user’s password.
- stringsettings.region
Is a tag added to the vSphere Datacenter where all actions will occur: provisioning VirtualMachines, storing virtual disks on datastores, connecting to the network.
- stringsettings.regionTagCategory
The name of the tag category used to identify the region (vSphere Datacenter).
- array of stringssettings.sshKeys
A list of public SSH keys in plain-text format.
- objectsettings.storageClass
- stringsettings.storageClass.compatibilityFlag
A flag allowing the use of the old CSI version:
Legacy— use the old version of the driver. FCD discs only, no online-resizing;Migration— in this case, both drivers will be available in the cluster at the same time. This mode is used to migrate from an old driver.
Allowed values:
Legacy,Migration - stringsettings.storageClass.defaultDeprecated
The name of StorageClass that will be used in the cluster by default.
If the parameter is omitted, the default StorageClass is either:
- an arbitrary StorageClass present in the cluster that has the default annotation;
- the first (in lexicographic order) StorageClass created by the module.
Parameter is deprecated. Instead, use the global parameter global.defaultClusterStorageClass.
Example:
default: fast-lun102-7d0bf578 - array of stringssettings.storageClass.exclude
A list of StorageClass names (or regex expressions for names) to exclude from the creation in the cluster.
Example:
exclude: - ".*-lun101-.*" - slow-lun103-1c280603
- stringsettings.username
The login ID.
- stringsettings.vmFolderPath
The path to the VirtualMachine Folder where the cloned VMs will be created.
- stringsettings.zoneTagCategory
The name of the tag category used to identify the region (vSphere Cluster).
- array of stringssettings.zones
The globally restricted set of zones that this Cloud Provider works with.