The module is actively developed. It might significantly change in the future.
Virtualization module configuration example:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: virtualization
spec:
# Enable the module.
enabled: true
version: 1
settings:
# List of subnets for virtual machines.
virtualMachineCIDRs:
- 10.10.10.0/24
- 10.20.10.0/24
- 10.30.10.0/24
- 11.11.22.33/32
# Virtual machine image storage settings.
dvcr:
storage:
persistentVolumeClaim:
size: 50G
type: PersistentVolumeClaim
Schema version: 1
-
dvcr
object
Options for settings up Deckhouse virtualization container registry. Internal service for storing all vms images.
-
dvcr.storage
object
Required value
Options for setting up storage.-
dvcr.storage.objectStorage
object
Parameters for objectStorage.
-
dvcr.storage.objectStorage.s3
object
Parameters for S3.
-
dvcr.storage.objectStorage.s3.accessKey
string
Required value
accessKey must be base64 encoded. accessKey is a unique identifier that identifies you as a user with access to S3.Pattern:
^[A-Za-z0-9+/]*={0,2}$
Example:
accessKey: YWNjZXNzS2V5Cg==
-
dvcr.storage.objectStorage.s3.bucket
string
Required value
Bucket in which you can store your files and data objects.Example:
bucket: dvcr
-
dvcr.storage.objectStorage.s3.region
string
Required value
Geographical area.Examples:
region: us-east-2
region: us-west-1
-
dvcr.storage.objectStorage.s3.regionEndpoint
string
Required value
Endpoint for connect to service S3.Pattern:
^https?://[0-9a-zA-Z\.\-:@_]+$
Example:
regionEndpoint: s3.example.com
-
dvcr.storage.objectStorage.s3.secretKey
string
Required value
secretKey must be base64 encoded. secretKey is a confidential secret key associated with your Access Key ID. Secret Access Key is used to sign HTTP requests to Amazon S3 to verify the authenticity of the request and ensure the security of your data.Pattern:
^[A-Za-z0-9+/]*={0,2}$
Example:
secretKey: c2VjcmV0S2V5Cg==
-
dvcr.storage.objectStorage.s3.accessKey
string
-
dvcr.storage.objectStorage.type
string
What ObjectStorage to use as store for dvcr.
Allowed values:
S3
-
dvcr.storage.objectStorage.s3
object
-
dvcr.storage.persistentVolumeClaim
object
Parameters for PersistentVolumeClaim.
-
dvcr.storage.persistentVolumeClaim.size
string
Required value
Persistentvolumeclaim sizeExample:
size: 10Gi
-
dvcr.storage.persistentVolumeClaim.storageClassName
string
What StorageClass to use for creating persistentvolumeclaim.
Examples:
storageClassName: linstor
storageClassName: nfs
-
dvcr.storage.persistentVolumeClaim.size
string
-
dvcr.storage.type
string
The storage usage type:
persistentVolumeClaim
— Use PersistentVolumeClaim as store for dvcr.objectStorage
— Use objectStorage as store for dvcr.
Allowed values:
PersistentVolumeClaim
,ObjectStorage
-
dvcr.storage.objectStorage
object
-
dvcr.storage
object
-
highAvailability
boolean
Manually enable the high availability mode.
By default, Deckhouse automatically decides whether to enable the HA mode. Click here to learn more about the HA mode for modules.
Examples:
highAvailability: true
highAvailability: false
-
https
object
What certificate type to use.
This parameter completely overrides the
global.modules.https
settings.Examples:
mode: Disabled
mode: OnlyInURI
customCertificate: secretName: foobar mode: CustomCertificate
certManager: clusterIssuerName: letsencrypt mode: CertManager
-
https.certManager
object
Parameters for certmanager.
-
https.certManager.clusterIssuerName
string
What ClusterIssuer to use for getting an SSL certificate (currently,
letsencrypt
,letsencrypt-staging
,selfsigned
are available; also, you can define your own).Default:
letsencrypt
Examples:
clusterIssuerName: letsencrypt
clusterIssuerName: letsencrypt-staging
clusterIssuerName: selfsigned
-
https.certManager.clusterIssuerName
string
-
https.customCertificate
object
Parameters for custom certificate usage.
Default:
{}
-
https.customCertificate.secretName
string
The name of the secret in the
d8-system
namespace to use with CDI upload proxy.This secret must have the kubernetes.io/tls format.
-
https.customCertificate.secretName
string
-
https.mode
string
The HTTPS usage mode:
CertManager
— the web UI is accessed over HTTPS using a certificate obtained from a clusterIssuer specified in thecertManager.clusterIssuerName
parameter;CustomCertificate
— the web UI is accessed over HTTPS using a certificate from thed8-system
namespace;Disabled
— in this mode, the documentation web UI can only be accessed over HTTP;OnlyInURI
— the documentation web UI will work over HTTP (thinking that there is an external HTTPS load balancer in front of it that terminates HTTPS traffic). All the links in theuser-authn
will be generated using the HTTPS scheme.
Default:
CertManager
Allowed values:
Disabled
,CertManager
,CustomCertificate
,OnlyInURI
-
https.certManager
object
-
ingressClass
string
The Ingress class that will be used to upload images. By default, the
modules.ingressClass
global value is used.Pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
-
virtualMachineCIDRs
array of strings
List of CIDRs used to allocate static IP addresses for Virtual Machines.
It is important to note that the subnet for virtual machines should not be the same as the subnet used for pods and the subnet used for services. Address conflicts can lead to unpredictable behavior and networking problems.
Example:
virtualMachineCIDRs: - 10.10.10.0/24 - 10.10.20.0/24
-
vmCIDRsDeprecated
array of strings
Since the parameter has been deprecated, use the
virtualMachineCIDRs
parameter.