Module configuration

Available with limitations in: CE

Available without limitations in: SE+, EE

Generally available version. Ready to be used in production environments.

parameters

Schema version: 1

settings
object
- audit
  
  object
  Parameters for audit controller.
  - audit.enabled
    
    boolean
    Enable audit controlller.
    
    Default: false
- dvcr
  
  object
  Options for settings up Deckhouse virtualization container registry. Internal service for storing all vms images.
  - dvcr.storage
    
    object
    Required value
    
    Options for setting up storage.
    - dvcr.storage.objectStorage
      
      object
      Parameters for objectStorage.
      - dvcr.storage.objectStorage.s3
        
        object
        Parameters for S3.
        
        dvcr.storage.objectStorage.s3.accessKey
        
        string
        Required value
        
        accessKey must be base64 encoded. accessKey is a unique identifier that identifies you as a user with access to S3.
        
        Pattern: ^[A-Za-z0-9+/]*={0,2}$
        
        Example:
        
        accessKey: YWNjZXNzS2V5Cg==
        
        dvcr.storage.objectStorage.s3.bucket
        
        string
        Required value
        
        Bucket in which you can store your files and data objects.
        
        Example:
        
        bucket: dvcr
        
        dvcr.storage.objectStorage.s3.region
        
        string
        Required value
        
        Geographical area.
        
        Examples:
        
        region: us-east-2
        region: us-west-1
        
        dvcr.storage.objectStorage.s3.regionEndpoint
        
        string
        Required value
        
        Endpoint for connect to service S3.
        
        Pattern: ^https?://[0-9a-zA-Z\.\-:@_]+$
        
        Example:
        
        regionEndpoint: s3.example.com
        
        dvcr.storage.objectStorage.s3.secretKey
        
        string
        Required value
        
        secretKey must be base64 encoded. secretKey is a confidential secret key associated with your Access Key ID. Secret Access Key is used to sign HTTP requests to Amazon S3 to verify the authenticity of the request and ensure the security of your data.
        
        Pattern: ^[A-Za-z0-9+/]*={0,2}$
        
        Example:
        
        secretKey: c2VjcmV0S2V5Cg==
      - dvcr.storage.objectStorage.type
        
        string
        What ObjectStorage to use as store for dvcr.
        
        Allowed values: S3
    - dvcr.storage.persistentVolumeClaim
      
      object
      Parameters for PersistentVolumeClaim.
      - dvcr.storage.persistentVolumeClaim.size
        
        string
        Required value
        
        Persistentvolumeclaim size
        
        Example:
        
        size: 10Gi
      - dvcr.storage.persistentVolumeClaim.storageClassName
        
        string
        What StorageClass to use for creating persistentvolumeclaim. If not specified, the default StorageClass specified in the cluster will be used.
        
        Examples:
        
        storageClassName: linstor
        storageClassName: nfs
    - dvcr.storage.type
      
      string
      The storage usage type:
      
      persistentVolumeClaim — Use PersistentVolumeClaim as store for dvcr.
      
      objectStorage — Use objectStorage as store for dvcr.
      
      Allowed values: PersistentVolumeClaim, ObjectStorage
- highAvailability
  
  boolean
  Manually enable the high availability mode.
  
  By default, Deckhouse automatically decides whether to enable the HA mode. Click here to learn more about the HA mode for modules.
  
  Examples:
  highAvailability: true
  highAvailability: false
- https
  
  object
  What certificate type to use.
  
  This parameter completely overrides the global.modules.https settings.
  
  Examples:
  mode: Disabled
  mode: OnlyInURI
  customCertificate: secretName: foobar mode: CustomCertificate
  certManager: clusterIssuerName: letsencrypt mode: CertManager
  - https.certManager
    
    object
    Parameters for certmanager.
    - https.certManager.clusterIssuerName
      
      string
      What ClusterIssuer to use for getting an SSL certificate (currently, letsencrypt, letsencrypt-staging, selfsigned are available; also, you can define your own).
      
      Default: letsencrypt
      
      Examples:
      
      clusterIssuerName: letsencrypt
      clusterIssuerName: letsencrypt-staging
      clusterIssuerName: selfsigned
  - https.customCertificate
    
    object
    Parameters for custom certificate usage.
    
    Default: {}
    - https.customCertificate.secretName
      
      string
      The name of the secret in the d8-system namespace to use with CDI upload proxy.
      
      This secret must have the kubernetes.io/tls format.
  - https.mode
    
    string
    The HTTPS usage mode:
    
    CertManager — the web UI is accessed over HTTPS using a certificate obtained from a clusterIssuer specified in the certManager.clusterIssuerName parameter;
    
    CustomCertificate — the web UI is accessed over HTTPS using a certificate from the d8-system namespace;
    
    Disabled — in this mode, the documentation web UI can only be accessed over HTTP;
    
    OnlyInURI — the documentation web UI will work over HTTP (thinking that there is an external HTTPS load balancer in front of it that terminates HTTPS traffic). All the links in the user-authn will be generated using the HTTPS scheme.
    Default: CertManager
    
    Allowed values: Disabled, CertManager, CustomCertificate, OnlyInURI
- ingressClass
  
  string
  The Ingress class that will be used to upload images. By default, the modules.ingressClass global value is used.
  
  Pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- logFormat
  
  string
  Sets a logging format.
  
  Working for this components:
  - virtualization-controller
  Allowed values: text, json
- logLevel
  
  string
  Sets a logging level.
  
  Working for this components:
  - virtualization-api
  - virtualization-controller
  - kube-api-rewriter
  - vm-route-forge
  Allowed values: debug, info, warn, error
- virtualDisks
  
  object
  Configuring storage class for virtual disks.
  - virtualDisks.allowedStorageClassSelector
    
    object
    Selector for allowed storage classes to be used for virtual disks.
    - virtualDisks.allowedStorageClassSelector.matchNames
      
      array of strings
      
      Examples:
      
      matchNames: sc-1
      matchNames: sc-2
  - virtualDisks.defaultStorageClassName
    
    string
    Specifies the name of the default storage class to be used for virtual disks.
- virtualImages
  
  object
  Configuring storage class for virtual images on PVC.
  - virtualImages.allowedStorageClassSelector
    
    object
    Selector for allowed storage classes to be used for virtual images on PVC.
    - virtualImages.allowedStorageClassSelector.matchNames
      
      array of strings
      
      Examples:
      
      matchNames: sc-1
      matchNames: sc-2
  - virtualImages.defaultStorageClassName
    
    string
    Specifies the name of the default storage class to be used for virtual images on PVC.
  - virtualImages.storageClassName
    Deprecated
    string
    Since the parameter has been deprecated, use the defaultStorageClassName parameter.
- virtualMachineCIDRs
  
  array of strings
  List of CIDRs used to allocate static IP addresses for Virtual Machines.
  
  Warning. The subnet for virtual machines should not be the same as the subnet used for pods, services and nodes. Address conflicts can lead to unpredictable behavior and networking problems.
  
  It is prohibited to delete subnets from which IP addresses have already been assigned to virtual machines.
  
  Example:
  virtualMachineCIDRs: - 10.10.10.0/24 - 10.10.20.0/24

parameters

Request trial access

Thank you

Error

Request callback

Thank you

Something went wrong

Book your sessions

Thank you

Error

Request demo

Thank you

Error

Get the PCI SSC Compliance Report

Thank you

Error