System requirements
To start using Deckhouse Commander, you need a cluster based on Deckhouse Kubernetes Platform. If you don’t have a cluster yet, refer to the installation instructions.
We recommend creating a fault-tolerant management cluster that will include the following node sets (NodeGroup):
Node Group | Number of nodes | CPU, cores | Memory, GB | Disk, GB |
---|---|---|---|---|
master | 3 | 4 | 8 | 50 |
system | 2 | 4 | 8 | 50 |
frontend | 2 | 4 | 8 | 50 |
commander | 3 | 8 | 12 | 50 |
- PostgreSQL in HighAvailability mode in two replicas requires 1 core and 1 GB of memory on 2 separate nodes.
- The API server in HighAvailability mode for two replicas needs 1 core and 1GB of memory on two separate nodes.
- Service components used for rendering configurations and connecting to application clusters require 0.5 cores and 128 MB of memory per cluster.
- Cluster manager and dhctl server together require resources based on the number of clusters they serve and the number of DKP versions they serve simultaneously.
- Up to 2 cores per node can be occupied by DKP service components (for example: runtime-audit-engine, istio, cilium, log-shipper).
Number of clusters | CPU, cores | Memory, GB | Number of 8/8 nodes | Number of 8/12 nodes |
---|---|---|---|---|
10 | 9 | 16 | 3 (=24/24) | 2 (=16/24) |
25 | 10 | 19 | 3 (=24/24) | 3(=24/36) |
100 | 15 | 29 | 4 (=32/32) | 4 (=32/48) |
Prepare DBMS
Deckhouse Commander works with the PostgreSQL database management system. PostgreSQL extensions plpgsql and pgcrypto are required for Deckhouse Commander to function properly.
Option 1: External DBMS
This is the recommended way to use Deckhouse Commander in production environments. To use Deckhouse Commander, you need to prepare the connection parameters to the database.
Option 2: operator-postgres module
This is not a recommended method for use in production environments. However, the use of
operator-postgres
is convenient for quick start with Deckhouse Commander or for environments where there are no
high availability and support requirements.
It is important to enable the Deckhouse Commander module after CRDs from the operator-postgres
module have appeared in the cluster.
The operator-postgres
module uses the PostgreSQL operator.
You can use your own postgres-operator installation version v1.10.0
or later.
Step 1: Enabling operator-postgres
First, you need to enable the postgres operator module and wait for it to be enabled.
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: operator-postgres
spec:
enabled: true
Step 2: Complete the installation
To make sure that the module is enabled, wait for the Deckhouse task queue to become empty:
kubectl -n d8-system exec svc/deckhouse-leader -c deckhouse -- deckhouse-controller queue main
Check for the necessary CRDs in the cluster:
kubectl get crd | grep postgresqls.acid.zalan.do
Enabling Deckhouse Commander
For a complete list of configuration settings, see Settings
If you are using your own PostgreSQL database installation
To enable Deckhouse Commander, create a ModuleConfig:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: commander
spec:
enabled: true
version: 1
settings:
postgres:
mode: External
external:
host: "..." # Mandatory field
port: "..." # Mandatory field
user: "..." # Mandatory field
password: "..." # Mandatory field
db: "..." # Mandatory field
If you are using the operator-postgres module
It is enough to enable the commander
module in the Internal
database connection mode. Deckhouse Commander
will independently configure the database in the PostgreSQL operator.
Please note that the default storage class (StorageClass
) will be used for the database. For
Deckhouse Commander the storage class can be set explicitly:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: commander
spec:
enabled: true
version: 1
settings:
postgres:
mode: Internal
internal:
storageClass: my-storage-class # optional setting
Setting up access control (optional)
Starting with version 1.11, experimental access control support has been added to Deckhouse Commander. Access control is disabled by default, so all users have the same maximum permissions as in previous versions. No additional actions are required to use Deckhouse Commander in this mode.
If access control is enabled, all users and groups who previously used Deckhouse Commander will automatically become administrators. This makes it possible to maintain compatibility in permissions, but they can be limited.
To activate access control, specify the value permissionsEnabled: true
in the featureFlags field in ModuleConfig
.
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: commander
spec:
enabled: true
version: 1
settings:
featureFlags:
permissionsEnabled: true
If you then turn off access control (permissionsEnabled: false
), then all users who enter the Deckhouse Commander interface
will get maximum permissions again.
Thus, in version 1.11, you can enable and disable access control without losing the default behavior (without restrictions on permissions). However, in future versions, access control support will become permanent and will not be disabled.
In case of emergency, it is possible to assign temporary administrators. This may be required in the following situations:
- Deckhouse Commander was launched with access control before anyone entered its interface, as a result, there is not a single user or group with any permissions in the system.
- During the process of configuring access control, the administrator’s permissions were lost and must be restored.
Assign temporary administrators to configure access control (optional)
Create a commander-admins
ConfigMap in the d8-commander
namespace, specifying the users and groups that require temporary administrative access:
apiVersion: v1
kind: ConfigMap
metadata:
name: commander-admins
namespace: d8-commander
data:
users: |
john.doe@example.com
jane.doe@example.com
groups: |
Enterprise Admins
Administrators
Users and group members will receive maximum permissions in the Deckhouse Commander interface.
Attention! After completing the configuration of the required roles and role bindings, the ConfigMap commander-admins
must be deleted.
After deletion, temporary access will be revoked, and only manually issued permissions will take effect.