YandexClusterConfiguration

Version: deckhouse.io/v1

Describes the configuration of a cloud cluster in Yandex Cloud.

Used by the cloud provider if a cluster’s control plane is hosted in the cloud.

Run the following command to change the configuration in a running cluster:

d8 p edit provider-cluster-configuration

After updating the node parameters, you need to run the dhctl converge command to apply the changes.

Example:

apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: Standard
nodeNetworkCIDR: 127.0.0.1/8
labels:
  label-2: b
sshPublicKey: "<SSH_PUBLIC_KEY>"
masterNodeGroup:
  replicas: 1
  instanceClass:
    cores: 4
    memory: 8192
    imageID: fd85m9q2qspfnsv055rh
nodeGroups:
- name: worker
  replicas: 1
  zones:
  - ru-central1-a
  instanceClass:
    cores: 4
    memory: 8192
    imageID: fd85m9q2qspfnsv055rh
    coreFraction: 50
    externalIPAddresses:
    - 198.51.100.5
    - Auto
provider:
  cloudID: "<CLOUD_ID>"
  folderID: "<FOLDER_ID>"
  serviceAccountJSON: |
    {
    "id": "id",
    "service_account_id": "service_account_id",
    "key_algorithm": "RSA_2048",
    "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
    "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
    }
  • apiVersion
    string

    Required value

    Allowed values: deckhouse.io/v1, deckhouse.io/v1alpha1

  • dhcpOptions
    object

    A list of DHCP parameters to use for all subnets.

    Note that setting dhcpOptions may lead to problems.

    • dhcpOptions.domainName
      string

      The name of the search domain.

    • dhcpOptions.domainNameServers
      array of strings

      A list of recursive DNS addresses.

      • Element of the array
        string

        Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$

  • existingNetworkID
    string

    The ID of the existing VPC Network.

  • existingZoneToSubnetIDMap
    object

    One or more pre-existing subnets mapped to respective zone.

    Warning! Deckhouse will create a route table that must be manually attached to these subnets. You can only associate one routing table with a given subnet. This means you cannot run multiple clusters using cni-simple-bridge in the same subnets. To run multiple clusters in the same network ranges, use cni-cilium instead.

    Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}$

    Example:

    existingZoneToSubnetIDMap:
  ru-central1-a: e2lu8r1tbbtryhdpa9ro
  ru-central1-b: e2lu8r1tbbtryhdpa9ro
  ru-central1-d: e2lu8r1tbbtryhdpa9ro
  • kind
    string

    Required value

    Allowed values: YandexClusterConfiguration

  • labels
    object

    Labels to attach to resources created in the Yandex Cloud.

    Note that you have to re-create all the machines to add new labels if labels were modified in the running cluster.

  • layout
    string

    Required value

    The way resources are located in the cloud.

    Read more about possible provider layouts.

    Allowed values: Standard, WithoutNAT, WithNATInstance

  • masterNodeGroup
    object

    Required value

    The definition of the master’s NodeGroup.

    For the changes to take effect, run dhctl converge after modifying the parameters of the masterNodeGroup section.

    • masterNodeGroup.instanceClass
      object

      Required value

      Partial contents of the fields of the YandexInstanceClass.

      • masterNodeGroup.instanceClass.additionalLabels
        object

        Additional labels.

        Example:

        project: cms-production
severity: critical
      • masterNodeGroup.instanceClass.cores
        integer

        Required value

        Amount of CPU cores to provision on a Yandex Compute Instance.

      • masterNodeGroup.instanceClass.diskSizeGB
        integer

        Yandex Compute Instance disk size in gibibytes.

        Default: 50

        Example:

        diskSizeGB: 0
      • masterNodeGroup.instanceClass.diskType
        string

        Yandex Compute Instance disk type. Size of network-ssd-nonreplicated and network-ssd-io-m3 disks must be a multiple of 93 GB.

        Default: network-ssd

        Allowed values: network-ssd, network-ssd-io-m3, network-ssd-nonreplicated

        Example:

        diskType: network-ssd-io-m3
      • masterNodeGroup.instanceClass.etcdDiskSizeGb
        integer

        etcd disk size in gibibytes.

        If this parameter is changed, each etcd disk must be manually expanded in the Yandex Cloud interface (the reason for this behavior is in the issue).

        Default: 10

        Example:

        etcdDiskSizeGb: 10
      • masterNodeGroup.instanceClass.externalIPAddresses
        array of strings

        A list of external IP addresses, listed in the order of the zones where nodes will be created.

        The following values can be specified in the list:

        • IP address from an additional external network for the corresponding zone (parameter externalSubnetIDs);
        • reserved public IP address, if the list of additional external networks is not defined (parameter externalSubnetIDs);
        • Auto, to order a public IP address in the corresponding zone.

        Please note:

        • The array elements must be listed according to the order of zones (parameter zones) in which the nodes will be created.

          For example:

          - <RU-CENTRAL1-A-IP-ADDRESS>
- <RU-CENTRAL1-B-IP-ADDRESS>
- <RU-CENTRAL1-D-IP-ADDRESS>
        • The number of elements in the externalIPAddresses array must equal the number of nodes in the group (the replicas parameter). To automatically order public IP addresses in the zone, use the value Auto in the list of the externalIPAddresses parameter at the corresponding position (matching the order of zones).
        • If externalIPAddresses is not specified, the nodes in the group will be ordered without external IP addresses.
        • Element of the array
          string

          Pattern: ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|(Auto)$

      • masterNodeGroup.instanceClass.externalSubnetID
        Deprecated
        string

        If specified, an additional network interface will be added to the node (the latter will use it as a default route).

      • masterNodeGroup.instanceClass.externalSubnetIDs
        array of strings

        List of additional external networks connected to the nodes.

        The node interface that is in the list will be assigned as the default gateway.

        Also, a route for the node’s internal network interface will be added for the entire subnet specified in nodeNetworkCIDR.

        The array elements must be listed in the same order as the zones (parameter zones) in which the nodes will be created. For example:

        - <RU-CENTRAL1-A-SUBNET-ID>
- <RU-CENTRAL1-B-SUBNET-ID>
- <RU-CENTRAL1-D-SUBNET-ID>
      • masterNodeGroup.instanceClass.imageID
        string

        Required value

        Image ID to use while provisioning Yandex Compute Instances.

        Example:

        imageID: fd85m9q2qspfnsv055rh
      • masterNodeGroup.instanceClass.memory
        integer

        Required value

        Amount of primary memory in MB provision on a Yandex Compute Instance.

        Example:

        memory: 8192
      • masterNodeGroup.instanceClass.networkType
        string

        Network type.

        Default: Standard

        Allowed values: Standard, SoftwareAccelerated

      • masterNodeGroup.instanceClass.platform
        string

        The type of virtual machine to create.

        Default: standard-v2

    • masterNodeGroup.replicas
      integer

      Required value

      The number of master nodes to create. It is important to have an odd number of masters to ensure a quorum.

      Allowed values: 1 <= X

    • masterNodeGroup.zones
      array

      Not required value.

      A limited set of zones in which master nodes can be created.

      The order in which zones are specified does not influence the sequence of node creation. Nodes are assigned to zones in alphabetical order: the first node is placed in the alphabetically first zone, the second node in the second zone, and so forth. If there are more nodes than zones, the assignment process restarts from the beginning of the zone list after placing a node in the last alphabetical zone.

      • Element of the array

        Allowed values: ru-central1-a, ru-central1-b, ru-central1-d

  • nodeGroups
    array of objects

    An array of additional NodeGroups for creating static nodes (e.g., for dedicated front nodes or gateways).

    • nodeGroups.instanceClass
      object

      Required value

      Partial contents of the fields of the YandexInstanceClass.

      • nodeGroups.instanceClass.additionalLabels
        object

        Additional labels.

        Example:

        project: cms-production
severity: critical
      • nodeGroups.instanceClass.coreFraction
        integer

        Percent of reserved CPU capacity on a Yandex Compute Instance. Details…

        Default: 100

        Allowed values: 5, 20, 50, 100

        Example:

        coreFraction: 20
      • nodeGroups.instanceClass.cores
        integer

        Required value

        Amount of CPU cores to provision on a Yandex Compute Instance.

      • nodeGroups.instanceClass.diskSizeGB
        integer

        Yandex Compute Instance disk size in gibibytes.

        Default: 50

        Example:

        diskSizeGB: 0
      • nodeGroups.instanceClass.diskType
        string

        Yandex Compute Instance disk type. Size of network-ssd-nonreplicated and network-ssd-io-m3 disks must be a multiple of 93 GB.

        Default: network-ssd

        Allowed values: network-ssd, network-ssd-io-m3, network-ssd-nonreplicated

        Example:

        diskType: network-ssd-io-m3
      • nodeGroups.instanceClass.externalIPAddresses
        array of strings

        A list of external IP addresses, listed in the order of the zones where nodes will be created.

        The following values can be specified in the list:

        • IP address from an additional external network for the corresponding zone (parameter externalSubnetIDs);
        • reserved public IP address, if the list of additional external networks is not defined (parameter externalSubnetIDs);
        • Auto, to order a public IP address in the corresponding zone.

        Please note:

        • The array elements must be listed according to the order of zones (parameter zones) in which the nodes will be created.

          For example:

          - <RU-CENTRAL1-A-IP-ADDRESS>
- <RU-CENTRAL1-B-IP-ADDRESS>
- <RU-CENTRAL1-D-IP-ADDRESS>
        • The number of elements in the externalIPAddresses array must equal the number of nodes in the group (the replicas parameter). To automatically order public IP addresses in the zone, use the value Auto in the list of the externalIPAddresses parameter at the corresponding position (matching the order of zones).
        • If externalIPAddresses is not specified, the nodes in the group will be ordered without external IP addresses.
        • Element of the array
          string

          Pattern: ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|(Auto)$

      • nodeGroups.instanceClass.externalSubnetID
        Deprecated
        string

        If specified, an additional network interface will be added to the node (the latter will use it as a default route).

      • nodeGroups.instanceClass.externalSubnetIDs
        array of strings

        List of additional external networks connected to the nodes.

        The node interface that is in the list will be assigned as the default gateway.

        Also, a route for the node’s internal network interface will be added for the entire subnet specified in nodeNetworkCIDR.

        The array elements must be listed in the same order as the zones (parameter zones) in which the nodes will be created. For example:

        - <RU-CENTRAL1-A-SUBNET-ID>
- <RU-CENTRAL1-B-SUBNET-ID>
- <RU-CENTRAL1-D-SUBNET-ID>
      • nodeGroups.instanceClass.imageID
        string

        Required value

        Image ID to use while provisioning Yandex Compute Instances.

        Example:

        imageID: fd85m9q2qspfnsv055rh
      • nodeGroups.instanceClass.memory
        integer

        Required value

        Amount of primary memory in MB provision on a Yandex Compute Instance.

        Example:

        memory: 8192
      • nodeGroups.instanceClass.networkType
        string

        Network type.

        Default: Standard

        Allowed values: Standard, SoftwareAccelerated

      • nodeGroups.instanceClass.platform
        string

        The type of virtual machine to create.

        Default: standard-v2

    • nodeGroups.name
      string

      Required value

      The name of the NodeGroup to use for generating node names.

    • nodeGroups.nodeTemplate

      Parameters of Node objects in Kubernetes to add after registering the node.

      • nodeGroups.nodeTemplate.annotations
        object

        The same as the metadata.annotations standard field.

        Example:

        annotations:
  ai.fleet.com/discombobulate: "true"
      • nodeGroups.nodeTemplate.labels
        object

        A list of labels to attach to cluster resources.

        The same as the metadata.labels standard field.

        Note that you have to re-create all the machines to add new tags if tags were modified in the running cluster.

        Example:

        labels:
  environment: production
  app: warp-drive-ai
      • nodeGroups.nodeTemplate.taints
        array of objects

        The same as the .spec.taints field of the Node object.

        Available fields: effect, key, and values.

        Example:

        taints:
- effect: NoExecute
  key: ship-class
  value: frigate
        • nodeGroups.nodeTemplate.taints.effect
          string

          Allowed values: NoSchedule, PreferNoSchedule, NoExecute

        • nodeGroups.nodeTemplate.taints.key
          string
        • nodeGroups.nodeTemplate.taints.value
          string
    • nodeGroups.replicas
      integer

      Required value

      The number of nodes to create.

    • nodeGroups.zones
      array

      A limited set of zones in which nodes can be created.

      The order in which zones are specified does not influence the sequence of node creation. Nodes are assigned to zones in alphabetical order: the first node is placed in the alphabetically first zone, the second node in the second zone, and so forth. If there are more nodes than zones, the assignment process restarts from the beginning of the zone list after placing a node in the last alphabetical zone.

      • Element of the array

        Allowed values: ru-central1-a, ru-central1-b, ru-central1-d

  • nodeNetworkCIDR
    string

    Required value

    This subnet will be split into three equal parts.

    They will serve as a basis for subnets in three Yandex Cloud zones.

  • provider
    object

    Required value

    Contains settings to connect to the Yandex Cloud API.

    • provider.cloudID
      string

      Required value

      The cloud ID.

    • provider.folderID
      string

      Required value

      ID of the directory.

    • provider.serviceAccountJSON
      string

      Required value

      A key to the Service Account in the JSON format.

      You can get it by using [yc iam key create](environment.html) command.

      Pattern: ^[ \t\n]*\{(.|\n)*\}[ \t\n]*$

      Example:

      serviceAccountJSON: |
  {
     "id": "...",
     "service_account_id": "...",
     "created_at": "2022-08-04T05:38:34.756137618Z",
     "key_algorithm": "RSA_2048",
     "public_key": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----\n",
     "private_key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----\n"
  }
  • sshPublicKey
    string

    Required value

    A public key for accessing nodes.

  • withNATInstance
    object

    Settings for the WithNATInstance layout.

    • withNATInstance.exporterAPIKey
      string

      API-key for cloud metrics exporter.

      • If parameter is empty, cloud metrics exporter will not be deployed in the cluster.
      • If parameter is Auto, Deckhouse will create service account with the monitoring.viewer role and create API-key manually. Provider service account should have the admin role.
      • Any other value is considered a valid API-key. See this instruction for creating API-key. Service account should have monitoring.viewer role.

      Default:

    • withNATInstance.externalSubnetID
      string

      If specified, an additional network interface will be added to the node (the node will use it as a default route).

    • withNATInstance.internalSubnetCIDR

      CIDR of an automatically created subnet for the internal interface. Overrides internalSubnetID parameter.

    • withNATInstance.internalSubnetID
      string

      ID of a subnet for the internal interface.

    • withNATInstance.natInstanceExternalAddress
      string

      A reserved external IP address (or externalSubnetID address if specified).

      Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$

    • withNATInstance.natInstanceInternalAddress
      Deprecated
      string

      Consider using automatically generated address instead.

      Pattern: ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$

    • withNATInstance.natInstanceResources
      object

      Computing resources that are allocated to the NAT instance. If not specified, the default values will be used.

      Warning. If these parameters are changed, terraform-auto-converger will automatically restart NAT-instance if autoConvergerEnabled is set to true. This may result in a temporary interruption of network traffic in the cluster.

      • withNATInstance.natInstanceResources.cores
        integer

        Amount of CPU cores to provision on the NAT instance.

        Default: 2

      • withNATInstance.natInstanceResources.memory
        integer

        Amount of primary memory in MB provision on the NAT instance.

        Default: 2048

      • withNATInstance.natInstanceResources.platform
        string

        Processor platform type on the NAT instance.

        Default: standard-v2

  • zones
    array

    The globally restricted set of zones that this cloud provider works with.

    • Element of the array

      Allowed values: ru-central1-a, ru-central1-b, ru-central1-d