ClusterConfiguration
Version: deckhouse.io/v1
General parameters of a cluster.
Defines, for example, network and CRI parameters, control plane version, etc. Some parameters can be changed after the cluster is bootstrapped, during its operation.
To change the ClusterConfiguration
resource in a running cluster, run the following command:
d8 platform edit cluster-configuration
Example:
apiVersion: deckhouse.io/v1
kind: ClusterConfiguration
podSubnetNodeCIDRPrefix: '24'
podSubnetCIDR: 10.244.0.0/16
serviceSubnetCIDR: 192.168.0.0/16
kubernetesVersion: '1.29'
clusterDomain: k8s.internal
clusterType: Cloud
cloud:
prefix: k8s-dev
provider: Yandex
proxy:
httpProxy: https://user:password@proxy.company.my:8443
httpsProxy: https://user:password@proxy.company.my:8443
noProxy:
- company.my
- apiVersion
Required value
Version of the Deckhouse API.
Allowed values:
deckhouse.io/v1
,deckhouse.io/v1alpha1
- cloud.prefix
A prefix of the objects to be created in the cloud.
Is used, for example, to distinguish objects created for different clusters, to configure routing, etc.
Pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
- cloud.provider
Required value
Cloud provider.
Allowed values:
OpenStack
,AWS
,GCP
,Yandex
,vSphere
,Azure
,VCD
,Zvirt
,Dynamix
,Huaweicloud
,DVP
- clusterDomain
Required value
Cluster domain (used for local routing).
Please note: the domain must not match the domain used in the DNS name template in the publicDomainTemplate parameter. For example, you cannot set
cluster Domain: cluster.local
andpublicDomainTemplate: %s.cluster.local
at the same time.If you need to change a parameter in a running cluster, it is recommended to use instructions
Default:
cluster.local
- clusterType
Required value
Type of the cluster infrastructure:
Static
— a cluster on bare metal (physical servers) or virtual machines. In the case of virtual machines, it is assumed that Deckhouse doesn’t have access to the API for managing virtual machines (they are managed by the administrator using the usual cloud infrastructure tools);Cloud
— a cluster deployed on the resources of a cloud infrastructure. This type implies that Deckhouse has access to the cloud infrastructure API for managing virtual machines.
Allowed values:
Cloud
,Static
- defaultCRI
The container runtime type that used on cluster nodes (NodeGroups) by default.
If the value
NotManaged
is used, then Deckhouse does not manage the container runtime (and doesn’t install it). In this case, it is necessary to use images for NodeGroups on which the container runtime is already installed.If
ContainerdV2
is set,CgroupsV2
will be used (providing improved security and resource management). To useContainerdV2
as the container runtime, cluster nodes must meet the following requirements:- Support for
CgroupsV2
. - Linux kernel version
5.8
or newer. - Systemd version
244
or newer. - Support for
erofs
kernel module.
Default:
Containerd
Allowed values:
Containerd
,ContainerdV2
,NotManaged
- Support for
- encryptionAlgorithm
In Kubernetes version 1.30 and earlier, only the
RSA-2048
algorithm is supported.Starting from version 1.31, kubeadm use the specified asymmetric encryption algorithm when generating keys and certificates for the following control-plane components:
apiserver
apiserver-kubelet-client
apiserver-etcd-client
front-proxy-client
etcd-server
etcd-peer
etcd-healthcheck-client
Certificates for the components listed above will be reissued using the selected algorithm and key length.
Warning. When reissuing certificates, the root certificate (CA) is not rotated. The root certificate is created with the selected algorithm only during the initial cluster bootstrap.
Default:
RSA-2048
Allowed values:
RSA-2048
,RSA-3072
,RSA-4096
,ECDSA-P256
- kind
Required value
Allowed values:
ClusterConfiguration
- kubernetesVersion
Required value
Kubernetes version (control plane components of the cluster).
Changing a parameter in a running cluster will automatically update the cluster’s control plane version.
If
Automatic
is specified, then the control plane version is used, which is considered stable at the moment. If the stable version of control plane is less than the maximum version that has ever been installed in the cluster, more than 1 minor version, then the version of the cluster will not be changed. The version may change when the minor version of the Deckhouse release is changed (see a corresponding release message).Allowed values:
1.29
,1.30
,1.31
,1.32
,1.33
,Automatic
- podSubnetCIDR
Required value
Address space of the cluster’s Pods.
Caution! Normally, you won’t be able to change the parameter in a running cluster. To avoid this limitation use specific flag.
- podSubnetNodeCIDRPrefix
The prefix of Pod network on a node.
Caution! Normally, you won’t be able to change the parameter in a running cluster. To avoid this limitation use specific flag.
Default:
24
- proxy
Available in editions: BE, SE, SE+, EE
Global proxy setup (mainly for working in air-gapped environments).
The parameters described in this section will be translated into the environment variables
HTTP_PROXY
,HTTPS_PROXY
, andNO_PROXY
for all cluster nodes and Deckhouse components. This will result in HTTP(S) requests (curl, git, registry, etc.) to all resources not listed in thenoProxy
parameter being made through a proxy. Note that thepodSubnetCIDR
andserviceSubnetCIDR
subnets, as well as theclusterDomain
domain are added tonoProxy
automatically.Caution! To avoid using proxies in requests between pods and services located in the cluster node network, make sure you list all the host subnets in the
noProxy
parameter.- proxy.httpProxy
Available in editions: BE, SE, SE+, EE
Proxy URL for HTTP requests.
If necessary, specify the proxy server’s username, password, and port.
Pattern:
^https?://([!*'();&=+$,/?%#\[\]0-9a-zA-Z\.\-\_]+(\:[!*'();:@&=+$,/?%#\[\]0-9a-zA-Z\.\-\_]+)?@)?[0-9a-zA-Z\.\-]+(\:[0-9]{1,5})?$
Examples:
httpProxy: http://proxy.company.my
httpProxy: https://user:password@proxy.company.my:8443
httpProxy: https://DOMAIN%5Cuser:password@proxy.company.my:8443
httpProxy: https://user%40domain.local:password@proxy.company.my:8443
- proxy.httpsProxy
Available in editions: BE, SE, SE+, EE
Proxy URL for HTTPS requests.
If necessary, specify the proxy server’s username, password, and port.
Pattern:
^https?://([!*'();&=+$,/?%#\[\]0-9a-zA-Z\.\-\_]+(\:[!*'();:@&=+$,/?%#\[\]0-9a-zA-Z\.\-\_]+)?@)?[0-9a-zA-Z\.\-]+(\:[0-9]{1,5})?$
Examples:
httpsProxy: http://proxy.company.my
httpsProxy: https://user:password@proxy.company.my:8443
httpsProxy: https://DOMAIN%5Cuser:password@proxy.company.my:8443
httpsProxy: https://user%40domain.local:password@proxy.company.my:8443
- proxy.noProxy
Available in editions: BE, SE, SE+, EE
List of no proxy IP and domain entries.
For wildcard domains, use a domain name with a dot prefix, e.g., “.example.com”.
Caution. If the cluster is supposed to have pods interacting with services located in the cluster node network, then specify the list of subnets that are used on the nodes.
- Element of the array
Pattern:
^[a-z0-9\-\./]+$
- serviceSubnetCIDR
Required value
Address space of the cluster’s services.
Caution! Normally, you won’t be able to change the parameter in a running cluster. To avoid this limitation use specific flag.
DeckhouseRelease
Scope: Cluster
Version: v1alpha1
Defines the configuration for Deckhouse release.
- approved
Allows or disables manual updates.
Ignored if the module’s update mode is set to
Auto
(update.mode: Auto
).Default:
false
- spec
Required value
- spec.applyAfter
Marks release as a part of canary release. This release will be delayed until this time.
- spec.changelog
Release’s changelog for enabled modules.
- spec.changelogLink
Link to site with full changelog for this release.
- spec.disruptionsDeprecated
Disruptive changes in the release.
- spec.requirements
Deckhouse release requirements.
- spec.version
Required value
Deckhouse version.
Example:
version: v1.24.20
InitConfiguration
Version: deckhouse.io/v1
Deckhouse configuration to start after installation.
Example:
apiVersion: deckhouse.io/v1
kind: InitConfiguration
deckhouse:
imagesRepo: nexus.company.my/deckhouse/ee
registryDockerCfg: eyJhdXRocyI6IHsgIm5leHVzLmNvbXBhbnkubXkiOiB7InVzZXJuYW1lIjoibmV4dXMtdXNlciIsInBhc3N3b3JkIjoibmV4dXMtcEBzc3cwcmQiLCJhdXRoIjoiYm1WNGRYTXRkWE5sY2pwdVpYaDFjeTF3UUhOemR6QnlaQW89In19fQo=
registryScheme: HTTPS
registryCA: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
- apiVersion
Required value
Version of the Deckhouse API.
Allowed values:
deckhouse.io/v1
,deckhouse.io/v1alpha1
- deckhouse
Required value
Initial parameters required to install Deckhouse.
- deckhouse.devBranchDeprecated
The parameter is used for development needs. Will be replaced with the CLI-tools.
- deckhouse.imagesRepo
Address of a container registry with Deckhouse images.
Specify it if Deckhouse Enterprise Edition edition or third-party registry (e.g. proxy server in a closed environment) is used.
The address matches the edition of Deckhouse used. The public container registry address for Deckhouse Enterprise Edition is
registry.deckhouse.io/deckhouse/ee
.Default:
registry.deckhouse.io/deckhouse/ce
Pattern:
^[0-9a-zA-Z\.\-]+(\:[0-9]{1,5})?(\/[0-9a-zA-Z\.\-\_\/]+)?$
- deckhouse.registryCA
Root CA certificate to validate the container registry’s HTTPS certificate (if self-signed certificates are used).
- deckhouse.registryDockerCfg
A Base64-encoded string from the Docker client configuration file (in Linux it is usually
$HOME/.docker/config.json
), for accessing a third-party container registry.For example, to access the container registry
registry.company.my
under the useruser
with the passwordP@ssw0rd
it will beeyJhdXRocyI6eyJyZWdpc3RyeS5jb21wYW55Lm15Ijp7ImF1dGgiOiJkWE5sY2pwUVFITnpkekJ5WkFvPSJ9fX0K
(string{"auths":{"registry.company.my":{"auth":"dXNlcjpQQHNzdzByZAo="}}}
in Base64).Default:
eyJhdXRocyI6IHsgInJlZ2lzdHJ5LmRlY2tob3VzZS5pbyI6IHt9fX0=
- deckhouse.registryScheme
Registry access scheme (HTTP or HTTPS).
Default:
HTTPS
Allowed values:
HTTP
,HTTPS
- kind
Required value
Allowed values:
InitConfiguration
Module
Scope: Cluster
Version: v1alpha1
Describes the module’s status in the cluster. The Module
object is created automatically after configuring the ModuleSource and successfully completing synchronization.
- properties
- properties.accessibility
Module accessibility settings.
- properties.accessibility.editions
Module operation settings in Deckhouse editions.
- properties.availableSources
Available sources for downloading the module.
- properties.critical
Indicates whether the module critical or not.
- properties.disableOptions
Parameters of module disable protection.
- properties.disableOptions.confirmation
- properties.disableOptions.message
- properties.exclusiveGroup
Indicates the group where only one module can be active at a time.
- properties.namespace
Module namespace.
- properties.releaseChannel
Module release channel.
- properties.requirements
Module dependencies, a set of requirements that must be met for Deckhouse Kubernetes Platform (DKP) to run the module.
- properties.requirements.bootstrapped
Required cluster installation status (for built-in DKP modules only).
- properties.requirements.deckhouse
Required Deckhouse version.
- properties.requirements.kubernetes
Required Kubernetes version.
- properties.requirements.modules
A list of other enabled modules required for the module.
- properties.source
Source the module was downloaded from (otherwise will be blank).
- properties.stage
Current stage of the module lifecycle.
- properties.subsystems
Module subsystems.
- properties.updatePolicy
Module update policy.
- properties.version
Module version.
- properties.weight
Module weight (priority).
ModuleConfig
Scope: Cluster
Version: v1alpha1
Defines the configuration of the Deckhouse module. The name of the ModuleConfig resource must match the name of the module (for example, control-plane-manager
for the control-plane-manager
module).
Example:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
name: module-1
spec:
enabled: true
settings: {}
version: 1
- spec
Required value
- spec.enabled
Enables or disables the module.
Example:
enabled: 'false'
- spec.maintenance
Defines the module maintenance mode.
-
NoResourceReconciliation
: A mode for developing or tweaking the module.In this mode:
- Configuration or hook changes are not reconciled, which prevents resources from being updated automatically.
- Resource monitoring is disabled, which prevents deleted resources from being restored.
- All the module’s resources are labeled with
maintenance: NoResourceReconciliation
. - The
ModuleIsInMaintenanceMode
alert is triggered.
If Deckhouse restarts, the module reapplies its last known state once and then continues in unmanaged mode.
Allowed values:
NoResourceReconciliation
Example:
maintenance: NoResourceReconciliation
-
- spec.settings
Module settings.
- spec.source
The source of the module it provided by one (otherwise empty).
- spec.updatePolicy
Module update policy.
Example:
updatePolicy: test-alpha
- spec.version
Version of settings schema.
Example:
version: '1'
ModuleDocumentation
Scope: Cluster
Version: v1alpha1
Defines the rendering configuration of the Deckhouse module documentation.
Deckhouse creates ModuleDocumentation resources by itself.
- spec
Required value
- spec.checksum
Module version checksum.
- spec.path
Path to the module version.
- spec.version
Required value
Module version.
Example:
version: v1.0.0
ModulePullOverride
Scope: Cluster
Defines the resource configuration for downloading specific versions of Deckhouse modules.
Caution. This resource is intended for development and debugging environments only. Using it in production clusters is not recommended. Support for the resource might be removed in future Deckhouse Kubernetes Platform versions.
- spec
Required value
- spec.imageTag
Required value
Module container image tag, which will be pulled.
- spec.rollback
Indicates whether the module release should be rollback after deleting mpo.
Default:
false
- spec.scanInterval
Scan interval for checking the image digest. If the digest changes, the module is updated.
Default:
15s
Deprecated resource. Support for the resource might be removed in a later release.
Defines the configuration.
- spec
Required value
- spec.imageTag
Required value
Module container image tag, which will be pulled.
- spec.rollback
Indicates whether the module release should be rollback after deleting ModulePullOverride.
Default:
false
- spec.scanInterval
Scan interval for checking the image digest. If the digest changes, the module is updated.
Default:
15s
- spec.source
Required value
Reference to the ModuleSource with the module.
ModuleRelease
Scope: Cluster
Version: v1alpha1
Defines the configuration for a Deckhouse release.
ModuleRelease resources are created by Deckhouse.
- spec
Required value
- spec.applyAfter
Time until which the release will be delayed.
- spec.changelog
Release’s changelog for the module.
- spec.moduleName
Required value
Module name.
- spec.requirements
Release dependencies, a set of requirements that must be met for Deckhouse Kubernetes Platform to run the module release.
- spec.requirements.deckhouse
Required Deckhouse version.
- spec.requirements.kubernetes
Required Kubernetes version.
- spec.requirements.modules
A list of other modules required for the module release. Ensure the modules are enabled.
- spec.update
Optional transition rules.
- spec.update.versions
List of
from
→to
transition rules that allow skipping step-by-step updates. If the current installed module version (statusDeployed
) is not lower thanfrom
, and the cluster has a release whose version matchesto
, the controller will skip intermediate releases and update the module to the version fromto
. Theto
value can specify a minor line (X.Y
— the latest availableX.Y.Z
will be selected). The rule is specified in the constrained release — the one whose version matchesto
.- spec.update.versions.from
Required value
The minimum version from which the transition is allowed (format
X.Y
). - spec.update.versions.to
Required value
The end version of the range — a minor line (
X.Y
).
- spec.version
Required value
Module version.
Example:
version: v1.0.0
- spec.weight
Module weight (priority).
ModuleSettingsDefinition
Scope: Cluster
Version: v1alpha1
It displays module settings. Defines a list of module settings versions.
- spec
Required value
Specification of the module settings.
- spec.versions
List of module settings versions. Each version includes a name and a schema.
- spec.versions.conversions
List of conversion rules for this version.
A single conversion rule with expressions and descriptions.
- spec.versions.conversions.descriptions
Localized descriptions of the conversion.
- spec.versions.conversions.descriptions.en
English description of the conversion.
- spec.versions.conversions.descriptions.ru
Russian description of the conversion.
- spec.versions.conversions.expr
Array of jq expressions to transform settings.
- spec.versions.name
Required value
Module settings version.
- spec.versions.schema
Settings schema for the given module version.
ModuleSource
Scope: Cluster
Version: v1alpha1
Defines the configuration of a source of Deckhouse modules.
Example:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleSource
metadata:
name: example
spec:
registry:
repo: registry.example.io/modules-source
dockerCfg: "<base64 encoded credentials>"
- spec
Required value
- spec.registry
Required value
- spec.registry.ca
Root CA certificate (PEM format) to validate the registry’s HTTPS certificate (if self-signed certificates are used).
Creating a ModuleSource resource with the CA certificate spec will cause the container to restart on all nodes.
- spec.registry.dockerCfg
Container registry access token in Base64. If using anonymous access to the container registry, do not fill in this field.
- spec.registry.repo
Required value
URL of the container registry.
Example:
repo: registry.example.io/deckhouse/modules
- spec.registry.scheme
Protocol to access the registry.
Default:
HTTPS
Allowed values:
HTTP
,HTTPS
- spec.releaseChannelDeprecated
Desirable default release channel for modules in the current source.
ModuleUpdatePolicy
Scope: Cluster
Defines the update settings for a module’s release.
Example:
apiVersion: deckhouse.io/v1alpha2
kind: ModuleUpdatePolicy
metadata:
name: example-update-policy
spec:
releaseChannel: Alpha
update:
mode: Auto
windows:
- days:
- Mon
- Wed
from: '13:30'
to: '14:00'
- spec
Required value
- spec.releaseChannel
Desirable module release channel.
The order in which the stability of the release channel increases (from less stable to more stable):
Alpha
,Beta
,EarlyAccess
,Stable
,RockSolid
.Default:
Stable
Allowed values:
Alpha
,Beta
,EarlyAccess
,Stable
,RockSolid
- spec.update
Required value
Update settings for target modules.
- spec.update.mode
Modules version update mode (release change).
-
AutoPatch
— automatic update mode for patch releases.To change a minor version (for example, from
v1.15.*
tov1.16.*
), confirmation is required.A patch version update (for example, from
v1.16.1
tov1.16.2
) is applied according to the update windows, if they are set. -
Auto
— all updates are applied automatically.Modules minor version updates (for example, from
v1.15.*
tov1.16.*
) and patch version updates (for example, fromv1.16.1
tov1.16.2
) are applied according to the update windows or (if no update windows are set) as they appear on the corresponding release channel; -
Manual
— confirmation is required for updating both minor and patch versions.
To confirm the update, add the
modules.deckhouse.io/approved="true"
annotation to the corresponding ModuleRelease resource.Default:
Auto
Allowed values:
Auto
,Manual
,AutoPatch
-
- spec.update.windows
Modules update timetable.
- spec.update.windows.days
The days of the week on which the update window is applied.
Examples:
days: Mon
days: Wed
- Element of the array
Day of the week.
Allowed values:
Mon
,Tue
,Wed
,Thu
,Fri
,Sat
,Sun
Example:
Mon
- spec.update.windows.from
Required value
Start time of the update window (UTC timezone).
Should be less than the end time of the update window.
Pattern:
^(?:\d|[01]\d|2[0-3]):[0-5]\d$
Example:
from: '13:00'
- spec.update.windows.to
Required value
End time of the update window (UTC timezone).
Should be more than the start time of the update window.
Pattern:
^(?:\d|[01]\d|2[0-3]):[0-5]\d$
Example:
to: '18:30'
Deprecated resource. Support for the resource might be removed in a later release.
Defines the update settings for a module’s release.
Example:
apiVersion: deckhouse.io/v1alpha1
kind: ModuleUpdatePolicy
metadata:
name: example-update-policy
spec:
moduleReleaseSelector:
labelSelector:
matchLabels:
source: example
module: module-1
releaseChannel: Alpha
update:
mode: Auto
windows:
- days:
- Mon
- Wed
from: '13:30'
to: '14:00'
- spec
Required value
- spec.moduleReleaseSelector
Required value
Selects target modules to apply update settings to.
- spec.moduleReleaseSelector.labelSelector
Required value
Label-selector-based filter to match target modules.
If both
matchExpressions
andmatchLabels
parameters are set, their requirements are ANDed together — they must all be satisfied in order to match. If multiplematchExpression
conditions are provided, they all must be satisfied in order to match.- spec.moduleReleaseSelector.labelSelector.matchExpressions
An array of set-based expressions.
- spec.moduleReleaseSelector.labelSelector.matchExpressions.key
Required value
A label name.
- spec.moduleReleaseSelector.labelSelector.matchExpressions.operator
Required value
A comparison operator.
Allowed values:
In
,NotIn
,Exists
,DoesNotExist
- spec.moduleReleaseSelector.labelSelector.matchExpressions.values
A label value.
- spec.moduleReleaseSelector.labelSelector.matchLabels
A number of equality-based label filters.
Example:
matchLabels: source: deckhouse module: deckhouse-admin
- spec.releaseChannel
Desirable module release channel.
The order in which the stability of the release channel increases (from less stable to more stable):
Alpha
,Beta
,EarlyAccess
,Stable
,RockSolid
.Default:
Stable
Allowed values:
Alpha
,Beta
,EarlyAccess
,Stable
,RockSolid
- spec.update
Required value
Update settings for target modules.
- spec.update.mode
Modules version update mode (release change).
-
AutoPatch
— automatic update mode for patch releases.To change a minor version (for example, from
v1.15.*
tov1.16.*
), confirmation is required.A patch version update (for example, from
v1.16.1
tov1.16.2
) is applied according to the update windows, if they are set. -
Auto
— all updates are applied automatically.Modules minor version updates (for example, from
v1.15.*
tov1.16.*
) and patch version updates (for example, fromv1.16.1
tov1.16.2
) are applied according to the update windows or (if no update windows are set) as they appear on the corresponding release channel; -
Manual
— confirmation is required for updating both minor and patch versions.
To confirm the update, add the
modules.deckhouse.io/approved="true"
annotation to the corresponding ModuleRelease resource.Ignore
— updates are ignored.
Default:
AutoPatch
Allowed values:
Auto
,Manual
,Ignore
,AutoPatch
-
- spec.update.windows
Modules update timetable.
- spec.update.windows.days
The days of the week on which the update window is applied.
Examples:
days: Mon
days: Wed
- Element of the array
Day of the week.
Allowed values:
Mon
,Tue
,Wed
,Thu
,Fri
,Sat
,Sun
Example:
Mon
- spec.update.windows.from
Required value
Start time of the update window (UTC timezone).
Should be less than the end time of the update window.
Pattern:
^(?:\d|[01]\d|2[0-3]):[0-5]\d$
Example:
from: '13:00'
- spec.update.windows.to
Required value
End time of the update window (UTC timezone).
Should be more than the start time of the update window.
Pattern:
^(?:\d|[01]\d|2[0-3]):[0-5]\d$
Example:
to: '18:30'
StaticClusterConfiguration
Version: deckhouse.io/v1
Parameters of a static (bare metal) cluster.
To change the StaticClusterConfiguration
resource in a running cluster, run the following command:
d8 p edit static-cluster-configuration
Example:
apiVersion: deckhouse.io/v1
kind: StaticClusterConfiguration
internalNetworkCIDRs:
- 10.244.0.0/16
- 10.50.0.0/16
- apiVersion
Required value
Version of the Deckhouse API.
Allowed values:
deckhouse.io/v1
,deckhouse.io/v1alpha1
- internalNetworkCIDRs
List of internal cluster networks.
Internal cluster networks connect Kubernetes components (
kube-apiserver
,kubelet
, etc.).The parameter is mandatory in the following cases:
- Cluster nodes have more than one network interface
- The cluster is deployed inside a Deckhouse Virtualization Platform
When changing the value, subnets in the new list must include IP addresses of currently joined nodes.
Example:
internalNetworkCIDRs: - 192.168.42.0/24 - 172.16.16.0/24
- Element of the array
Pattern:
^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$
- kind
Required value
Allowed values:
StaticClusterConfiguration
SSHConfig
Version: dhctl.deckhouse.io/v1
General dhctl SSH config.
Example:
apiVersion: dhctl.deckhouse.io/v1
kind: SSHConfig
sshUser: user
sshPort: 22
sshExtraArgs: "-vvv"
sshAgentPrivateKeys:
- key: "<ssh-private-key>"
- apiVersion
Version of the Deckhouse API.
Allowed values:
dhctl.deckhouse.io/v1
- kind
Allowed values:
SSHConfig
- legacyMode
Switch to legacy SSH mode
- sshAgentPrivateKeys
- sshAgentPrivateKeys.key
Required value
Private SSH key.
- sshAgentPrivateKeys.passphrase
Password for SSH key.
- sshBastionHost
SSH bastion host.
- sshBastionPassword
A password for the bastion user.
- sshBastionPort
Port of SSH bastion.
- sshBastionUser
Username for bastion.
- sshExtraArgs
Additional arguments for SSH connection.
- sshPort
SSH port.
- sshUser
SSH username.
- sudoPassword
A sudo password for the user.
SSHHost
Version: dhctl.deckhouse.io/v1
General dhctl SSH host config.
Example:
apiVersion: dhctl.deckhouse.io/v1
kind: SSHHost
host: 172.16.0.0
- apiVersion
Required value
Version of the Deckhouse API.
Allowed values:
dhctl.deckhouse.io/v1
- host
Required value
Host.
- kind
Required value
Allowed values:
SSHHost