Available with limitations in:  CE

Available without limitations in:  SE+, EE

The module lifecycle stageGeneral Availability
The module has requirements for installation

How to explicitly enable the module…

You may explicitly enable or disable the module in one of the following ways:

  • Via Deckhouse web UI. In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the virtualization module and enable (or disable) the “Module enabled” toggle. Save changes.

    Example:

    Module enable/disable interface

  • Via Deckhouse CLI (d8).

    Use the d8 system module enable command for enabling, or d8 system module disable command for disabling the module (you need Deckhouse CLI (d8), configured to work with the cluster).

    Example of enabling the module:

    d8 system module enable virtualization

  • Using ModuleConfig virtualization.

    Set spec.enabled to true or false in ModuleConfig virtualization (create it if necessary);

    Example of a manifest to enable module virtualization:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: virtualization
spec:
  enabled: true

How to configure the module…

You can configure the module in one of the following ways:

  • Via Deckhouse web UI.

    In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the virtualization module and enable the “Advanced Settings” switch. Fill in the required fields in the “Configuration” tab or specify the module settings in YAML format on the “YAML” tab, excluding the settings section. Save the changes.

    Example:

    Module Setup Interface

    You can also edit the ModuleConfig object virtualization on the “YAML” tab in the module settings window (“System” → “System Management” → “Deckhouse” → “Modules”, open the module virtualization) by specifying the schema version in the spec.version parameter and the necessary module parameters in the spec.settings section.

  • Via Deckhouse CLI (d8) (requires Deckhouse CLI (d8) configured to work with the cluster).

    Edit the existing ModuleConfig virtualization (for more details on configuring Deckhouse, see the documentation) by executing the following command:

    d8 k edit mc virtualization

    Make the necessary changes in the spec.settings section. If necessary, specify the schema version in the spec.version parameter. Save the changes.

    You can also create a file with manifest for ModuleConfig virtualization using the example below. Fill in the spec.settings section with the required module parameters. If necessary, specify the schema version in the spec.version parameter.

    Apply the manifest using the following command (indicate the manifest file name):

    d8 k apply -f <FILENAME>

    Example of a manifest for ModuleConfig virtualization:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: virtualization
spec:
  version: 1
  enabled: true
  settings: # Module parameters from the "Parameters" section below.

How to change the module release channel…

To change the module release channel, follow the instruction.

Requirements

To the Deckhouse version: 1.74.2 and above.

To the versions of other modules:

  • cni-cilium: any version.

Parameters

Schema version: 1

  • settings
    object
    • settings.audit
      object
      Parameters for audit controller.
      • settings.audit.enabled
        boolean
        Enable audit controlller.

        Default: false

    • settings.dvcr
      object
      Options for settings up Deckhouse virtualization container registry. Internal service for storing all vms images.
      • settings.dvcr.gc
        object
        Parameters for garbage collection.
        • settings.dvcr.gc.schedule
          string

          Schedule to run garbage collection procedure that remove stale images for ClusterVirtualImage, VirtualImage, VirtualDisk resources deleted from the cluster.

          By default, periodic garbage collection is enabled and runs daily at 02:00.

      • settings.dvcr.storage
        object

        Required value

        Options for setting up storage.
        • settings.dvcr.storage.persistentVolumeClaim
          object
          Parameters for PersistentVolumeClaim.
          • settings.dvcr.storage.persistentVolumeClaim.size
            string

            Required value

            Persistentvolumeclaim size

            Example: 


            size: 10Gi
          • settings.dvcr.storage.persistentVolumeClaim.storageClassName
            string
            What StorageClass to use for creating persistentvolumeclaim. If not specified, the default StorageClass specified in the cluster will be used.

            Examples: 


            storageClassName: linstor

            storageClassName: nfs
        • settings.dvcr.storage.type
          string

          The storage usage type:

          • persistentVolumeClaim — Use PersistentVolumeClaim as store for dvcr.

          Allowed values: PersistentVolumeClaim

    • settings.featureGates
      array of strings

      Enable experimental or early access features.

      • HotplugCPUWithLiveMigration — enable live changing of cpu cores number. (Not available in CE);
      • HotplugMemoryWithLiveMigration — enable live changing of memory size. (Not available in CE);
      • settings.featureGates.Element of the array
        string

        Allowed values: HotplugCPUWithLiveMigration, HotplugMemoryWithLiveMigration

    • settings.highAvailability
      boolean

      Manually enable the high availability (HA) mode.

      By default, Deckhouse automatically decides whether to enable the HA mode. To learn more about the HA mode, refer to High reliability and availability.

      Examples: 


      highAvailability: true

      highAvailability: false
    • settings.https
      object

      What certificate type to use.

      This parameter completely overrides the global.modules.https settings.

      Examples: 


      mode: Disabled

      mode: OnlyInURI

      customCertificate:
  secretName: foobar
mode: CustomCertificate

      certManager:
  clusterIssuerName: letsencrypt
mode: CertManager
      • settings.https.certManager
        object
        Parameters for certmanager.
        • settings.https.certManager.clusterIssuerName
          string
          What ClusterIssuer to use for getting an SSL certificate (currently, letsencrypt, letsencrypt-staging, selfsigned are available; also, you can define your own).

          Default: letsencrypt

          Examples: 


          clusterIssuerName: letsencrypt

          clusterIssuerName: letsencrypt-staging

          clusterIssuerName: selfsigned
      • settings.https.customCertificate
        object
        Parameters for custom certificate usage.

        Default: {}

        • settings.https.customCertificate.secretName
          string

          The name of the secret in the d8-system namespace to use with CDI upload proxy.

          This secret must have the kubernetes.io/tls format.

      • settings.https.mode
        string

        The HTTPS usage mode:

        • CertManager — the web UI is accessed over HTTPS using a certificate obtained from a clusterIssuer specified in the certManager.clusterIssuerName parameter;
        • CustomCertificate — the web UI is accessed over HTTPS using a certificate from the d8-system namespace;
        • Disabled — in this mode, the documentation web UI can only be accessed over HTTP;
        • OnlyInURI — the documentation web UI will work over HTTP (thinking that there is an external HTTPS load balancer in front of it that terminates HTTPS traffic). All the links in the user-authn will be generated using the HTTPS scheme.

        Default: CertManager

        Allowed values: Disabled, CertManager, CustomCertificate, OnlyInURI

    • settings.ingressClass
      string
      The Ingress class that will be used to upload images. By default, the modules.ingressClass global value is used.

      Pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$

    • settings.logFormat
      string

      Sets a logging format.

      Working for this components:

      • virtualization-controller

      Allowed values: text, json

    • settings.logLevel
      string

      Sets a logging level.

      Working for this components:

      • virtualization-api
      • virtualization-controller
      • kube-api-rewriter
      • vm-route-forge

      Allowed values: debug, info, warn, error

    • settings.virtualDisks
      object
      Configuring storage class for virtual disks.
      • settings.virtualDisks.allowedStorageClassSelector
        object
        Selector for allowed storage classes to be used for virtual disks.
        • settings.virtualDisks.allowedStorageClassSelector.matchNames
          array of strings

          Examples: 


          matchNames: sc-1

          matchNames: sc-2
          • settings.virtualDisks.allowedStorageClassSelector.matchNames.Element of the array
            string

            Minimal length: 1

      • settings.virtualDisks.defaultStorageClassName
        string
        Specifies the name of the default storage class to be used for virtual disks.
    • settings.virtualImages
      object
      Configuring storage class for virtual images on PVC.
      • settings.virtualImages.allowedStorageClassSelector
        object
        Selector for allowed storage classes to be used for virtual images on PVC.
        • settings.virtualImages.allowedStorageClassSelector.matchNames
          array of strings

          Examples: 


          matchNames: sc-1

          matchNames: sc-2
          • settings.virtualImages.allowedStorageClassSelector.matchNames.Element of the array
            string

            Minimal length: 1

      • settings.virtualImages.defaultStorageClassName
        string
        Specifies the name of the default storage class to be used for virtual images on PVC.
      • settings.virtualImages.storageClassName
        Deprecated
        string
        Since the parameter has been deprecated, use the defaultStorageClassName parameter.
    • settings.virtualMachineCIDRs
      array of strings

      List of CIDRs used to allocate static IP addresses for Virtual Machines.

      Warning. The subnet for virtual machines should not be the same as the subnet used for pods, services and nodes. Address conflicts can lead to unpredictable behavior and networking problems.

      It is prohibited to delete subnets from which IP addresses have already been assigned to virtual machines.

      Example: 


      virtualMachineCIDRs:
- 10.10.10.0/24
- 10.10.20.0/24