Switching to Direct Mode
To switch an already running cluster to Direct mode, follow these steps:
- During the first switch, the containerd v1 service will be restarted, as the switch to the new authorization configuration will take place.
- When changing the registry mode or registry parameters, Deckhouse will be restarted.
-
If the cluster is running with containerd v1, you need to prepare custom containerd configuration.
-
Make sure all master nodes are in the
Readystate and do not have theSchedulingDisabledstatus, using the following command:d8 k get nodesExample output:
NAME STATUS ROLES ... master-0 Ready control-plane,master ... master-1 Ready control-plane,master ... master-2 Ready control-plane,master ...Example of output when the master node (
master-2in the example) is in theSchedulingDisabledstatus:NAME STATUS ROLES ... master-0 Ready control-plane,master ... master-1 Ready control-plane,master ... master-2 Ready,SchedulingDisabled control-plane,master ... -
Make sure the
registrymodule is enabled and running. To do this, execute the following command:d8 k get module registry -o wideExample output:
NAME WEIGHT ... PHASE ENABLED DISABLED MESSAGE READY registry 38 ... Ready True True -
Set the
Directmode configuration in the ModuleConfigdeckhouse. If you’re using a registry other thanregistry.deckhouse.io, refer to the deckhouse module documentation for correct configuration.Configuration example:
apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: deckhouse spec: version: 1 enabled: true settings: registry: mode: Direct direct: imagesRepo: registry.deckhouse.io/deckhouse/ee scheme: HTTPS license: <LICENSE_KEY> # Replace with your license key -
Check the registry switch status in the
registry-statesecret using this guide. Example output:conditions: # ... - lastTransitionTime: "..." message: "" reason: "" status: "True" type: Ready hash: .. mode: Direct target_mode: Direct
Switching to Unmanaged Mode
When changing the registry mode or registry parameters, Deckhouse will be restarted.
Switching to the Unmanaged mode is only available from Direct mode. Registry configuration parameters will be taken from the previously active mode.
To switch the cluster to Unmanaged mode, follow these steps:
-
Make sure all master nodes are in the
Readystate and do not have theSchedulingDisabledstatus, using the following command:d8 k get nodesExample output:
NAME STATUS ROLES ... master-0 Ready control-plane,master ... master-1 Ready control-plane,master ... master-2 Ready control-plane,master ...Example of output when the master node (
master-2in the example) is in theSchedulingDisabledstatus:NAME STATUS ROLES ... master-0 Ready control-plane,master ... master-1 Ready control-plane,master ... master-2 Ready,SchedulingDisabled control-plane,master ... -
Ensure that the
registrymodule is running inDirectmode and the switch status toDirectisReady. You can verify the state via theregistry-statesecret using this guide. Example output:conditions: # ... - lastTransitionTime: "..." message: "" reason: "" status: "True" type: Ready hash: .. mode: Direct target_mode: Direct -
Set the
Unmanagedmode in the ModuleConfigdeckhouse:apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: deckhouse spec: version: 1 enabled: true settings: registry: mode: Unmanaged -
Check the registry switch status in the
registry-statesecret using this guide. Example output:conditions: # ... - lastTransitionTime: "..." message: "" reason: "" status: "True" type: Ready hash: .. mode: Unmanaged target_mode: Unmanaged -
If you need to switch back to the previous containerd v1 auth configuration, refer to the instruction.
This containerd configuration format is deprecated.