Available in editions:  EE, SE+

The module lifecycle stageGeneral Availability

The module is automatically enabled for all cloud clusters deployed in vSphere.

How to explicitly enable the module…

You may explicitly enable or disable the module in one of the following ways:

  • Via Deckhouse web UI. In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the cloud-provider-vsphere module and enable (or disable) the “Module enabled” toggle. Save changes.

    Example:

    Module enable/disable interface

  • Via Deckhouse CLI (d8).

    Use the d8 system module enable command for enabling, or d8 system module disable command for disabling the module (you need Deckhouse CLI (d8), configured to work with the cluster).

    Example of enabling the module:

    d8 system module enable cloud-provider-vsphere

  • Using ModuleConfig cloud-provider-vsphere.

    Set spec.enabled to true or false in ModuleConfig cloud-provider-vsphere (create it if necessary);

    Example of a manifest to enable module cloud-provider-vsphere:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: cloud-provider-vsphere
spec:
  enabled: true

How to configure the module…

You can configure the module in one of the following ways:

  • Via Deckhouse web UI.

    In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the cloud-provider-vsphere module and enable the “Advanced Settings” switch. Fill in the required fields in the “Configuration” tab or specify the module settings in YAML format on the “YAML” tab, excluding the settings section. Save the changes.

    Example:

    Module Setup Interface

    You can also edit the ModuleConfig object cloud-provider-vsphere on the “YAML” tab in the module settings window (“System” → “System Management” → “Deckhouse” → “Modules”, open the module cloud-provider-vsphere) by specifying the schema version in the spec.version parameter and the necessary module parameters in the spec.settings section.

  • Via Deckhouse CLI (d8) (requires Deckhouse CLI (d8) configured to work with the cluster).

    Edit the existing ModuleConfig cloud-provider-vsphere (for more details on configuring Deckhouse, see the documentation) by executing the following command:

    d8 k edit mc cloud-provider-vsphere

    Make the necessary changes in the spec.settings section. If necessary, specify the schema version in the spec.version parameter. Save the changes.

    You can also create a file with manifest for ModuleConfig cloud-provider-vsphere using the example below. Fill in the spec.settings section with the required module parameters. If necessary, specify the schema version in the spec.version parameter.

    Apply the manifest using the following command (indicate the manifest file name):

    d8 k apply -f <FILENAME>

    Example of a manifest for ModuleConfig cloud-provider-vsphere:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: cloud-provider-vsphere
spec:
  version: 2
  enabled: true
  settings: # Module parameters from the "Parameters" section below.

Conversions

The module is configured using the ModuleConfig resource, the schema of which contains a version number. When you apply an old version of the ModuleConfig schema in a cluster, automatic transformations are performed. To manually update the ModuleConfig schema version, the following steps must be completed sequentially for each version :

  • Updates from version 1 to 2:

    If the field .storageClass.compatibilityFlag exists, capitalize the field value.

If the cluster control plane is hosted on a virtual machines or bare-metal servers, the cloud provider uses the settings from the cloud-provider-vsphere module in the Deckhouse configuration (see below). Otherwise, if the cluster control plane is hosted in a cloud, the cloud provider uses the VsphereClusterConfiguration structure for configuration.

You can configure the number and parameters of ordering machines in the cloud via the NodeGroup custom resource of the node-manager module. Also, in this custom resource, you can specify the instance class’s name for the above group of nodes (the cloudInstances.ClassReference parameter of NodeGroup). In the case of the vSphere cloud provider, the instance class is the VsphereInstanceClass custom resource that stores specific parameters of the machines.

Storage

The module automatically creates a StorageClass for each Datastore and DatastoreCluster in the zone (or zones).

Also, it can set the name of StorageClass that will be used in the cluster by default (the default parameter), and filter out the unnecessary StorageClasses (the exclude parameter).

CSI

By default, the storage subsystem uses CNS volumes with the ability of online-resize. FCD volumes are also supported, but only in the legacy or migration modes. You can set this via the compatibilityFlag parameter.

Important information concerning the increase of the PVC size

Due to the nature f volume-resizer, CSI, and vSphere API, you have to do the following after increasing the PVC size:

  1. On the node where the Pod is located, run the d8 k cordon <node_name> command.
  2. Delete the Pod.
  3. Make sure that the resize was successful. The PVC object must not have the Resizing condition.

    The FileSystemResizePending state is OK.

  4. On the node where the Pod is located, run the d8 k uncordon <node_name> command.

Parameters

Schema version: 2

  • settings
    object
    • settings.disableTimesync
      boolean

      Disable time synchronization on the vSphere side.

      Caution! This parameter will not disable the NTP daemons in the guest OS, but only disable the time correction on the part of ESXi.

    • settings.externalNetworkNames
      array of strings

      Names of networks (just the name and not the full path) connected to VirtualMachines and used by vsphere-cloud-controller-manager to insert ExternalIP into the .status.addresses field in the Node API object.

    • settings.host
      string

      The domain of the vCenter server.

    • settings.insecure
      boolean

      Set to true if vCenter has a self-signed certificate.

    • settings.internalNetworkNames
      array of strings

      Names of networks (just the name and not the full path) connected to VirtualMachines and used by vsphere-cloud-controller-manager to insert InternalIP into the .status.addresses field in the Node API object.

    • settings.nsxt
      object

      Kubernetes load balancer support using NSX-T for the vSphere cloud controller manager.

      • settings.nsxt.defaultIpPoolName
        string

        Required value

        Name of the default IP pool used for the SVC’s without loadbalancer.vmware.io/class annotation set.

        Example:

        defaultIpPoolName: pool1
      • settings.nsxt.defaultTcpAppProfileName
        string

        Name of default NSX-T application profile used for TCP connections.

        Default: default-tcp-lb-app-profile

        Examples:

        defaultTcpAppProfileName: default-tcp-lb-app-profile

        defaultTcpAppProfileName: tcp-profile1
      • settings.nsxt.defaultUdpAppProfileName
        string

        Name of default NSX-T application profile used for UDP connections.

        Default: default-udp-lb-app-profile

        Examples:

        defaultUdpAppProfileName: default-udp-lb-app-profile

        defaultUdpAppProfileName: udp-profile1
      • settings.nsxt.host
        string

        Required value

        NSX-T host.

        Example:

        host: 1.2.3.4
      • settings.nsxt.insecureFlag
        boolean

        To be set to true if NSX-T uses self-signed certificate.

        Examples:

        insecureFlag: true

        insecureFlag: false
      • settings.nsxt.loadBalancerClass
        array

        Additional section to define Load Balancer Classes (to use class, set annotation loadbalancer.vmware.io/class: <class name> to SVC).

        Examples:

        loadBalancerClass: []

        loadBalancerClass:
  name: LBC1
  ipPoolName: pool2

        loadBalancerClass:
  name: LBC1
  ipPoolName: pool2
  tcpAppProfileName: profile2
  udpAppProfileName: profile3
        • settings.nsxt.loadBalancerClass.ipPoolName
          string

          Required value

          Name of the IP pool.

        • settings.nsxt.loadBalancerClass.name
          string

          Required value

          Load Balancer Class name to use in SVC annotation loadbalancer.vmware.io/class: <class name>.

        • settings.nsxt.loadBalancerClass.tcpAppProfileName
          string

          Name of application profile used for TCP connections.

          Default: defaultTcpAppProfileName

        • settings.nsxt.loadBalancerClass.udpAppProfileName
          string

          Name of application profile used for UDP connections.

          Default: defaultUdpAppProfileName

      • settings.nsxt.password
        string

        Required value

        NSX-T password.

        Example:

        password: password
      • settings.nsxt.size
        string

        Size of load balancer service.

        Default: MEDIUM

        Allowed values: SMALL, MEDIUM, LARGE, XLARGE

        Example:

        size: SMALL
      • settings.nsxt.tier1GatewayPath
        string

        Required value

        Policy path for the NSX-T tier1 gateway.

        Example:

        tier1GatewayPath: "/path/tier1"
      • settings.nsxt.user
        string

        Required value

        NSX-T user name.

        Example:

        user: user
    • settings.password
      string

      The user’s password.

    • settings.region
      string

      Is a tag added to the vSphere Datacenter where all actions will occur: provisioning VirtualMachines, storing virtual disks on datastores, connecting to the network.

    • settings.regionTagCategory
      string

      The name of the tag category used to identify the region (vSphere Datacenter).

    • settings.sshKeys
      array of strings

      A list of public SSH keys in plain-text format.

    • settings.storageClass
      object
      • settings.storageClass.compatibilityFlag
        string

        A flag allowing the use of the old CSI version:

        • Legacy — use the old version of the driver. FCD discs only, no online-resizing;
        • Migration — in this case, both drivers will be available in the cluster at the same time. This mode is used to migrate from an old driver.

        Allowed values: Legacy, Migration

      • settings.storageClass.default
        Deprecated
        string

        The name of StorageClass that will be used in the cluster by default.

        If the parameter is omitted, the default StorageClass is either:

        • an arbitrary StorageClass present in the cluster that has the default annotation;
        • the first (in lexicographic order) StorageClass created by the module.

        Parameter is deprecated. Instead, use the global parameter global.defaultClusterStorageClass.

        Example:

        default: fast-lun102-7d0bf578
      • settings.storageClass.exclude
        array of strings

        A list of StorageClass names (or regex expressions for names) to exclude from the creation in the cluster.

        Example:

        exclude:
- ".*-lun101-.*"
- slow-lun103-1c280603
    • settings.username
      string

      The login ID.

    • settings.vmFolderPath
      string

      The path to the VirtualMachine Folder where the cloned VMs will be created.

    • settings.zoneTagCategory
      string

      The name of the tag category used to identify the region (vSphere Cluster).

    • settings.zones
      array of strings

      The globally restricted set of zones that this Cloud Provider works with.