The functionality of the module might change, but the main features will remain. Compatibility with future versions is guaranteed, but might require additional migration steps.

Virtualization module configuration example:

apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: virtualization
spec:
  # Enable the module.
  enabled: true
  version: 1
  settings:
    # List of subnets for virtual machines.
    virtualMachineCIDRs:
      - 10.10.10.0/24
      - 10.20.10.0/24
      - 10.30.10.0/24
      - 11.11.22.33/32
    # Virtual machine image storage settings.
    dvcr:
      storage:
        persistentVolumeClaim:
          size: 50G
        type: PersistentVolumeClaim

Schema version: 1

  • dvcr
    object
    Options for settings up Deckhouse virtualization container registry. Internal service for storing all vms images.
    • dvcr.storage
      object

      Required value

      Options for setting up storage.
      • dvcr.storage.objectStorage
        object
        Parameters for objectStorage.
        • dvcr.storage.objectStorage.s3
          object
          Parameters for S3.
          • dvcr.storage.objectStorage.s3.accessKey
            string

            Required value

            accessKey must be base64 encoded. accessKey is a unique identifier that identifies you as a user with access to S3.

            Pattern: ^[A-Za-z0-9+/]*={0,2}$

            Example:


            accessKey: YWNjZXNzS2V5Cg==
            
          • dvcr.storage.objectStorage.s3.bucket
            string

            Required value

            Bucket in which you can store your files and data objects.

            Example:


            bucket: dvcr
            
          • dvcr.storage.objectStorage.s3.region
            string

            Required value

            Geographical area.

            Examples:


            region: us-east-2
            
            region: us-west-1
            
          • dvcr.storage.objectStorage.s3.regionEndpoint
            string

            Required value

            Endpoint for connect to service S3.

            Pattern: ^https?://[0-9a-zA-Z\.\-:@_]+$

            Example:


            regionEndpoint: s3.example.com
            
          • dvcr.storage.objectStorage.s3.secretKey
            string

            Required value

            secretKey must be base64 encoded. secretKey is a confidential secret key associated with your Access Key ID. Secret Access Key is used to sign HTTP requests to Amazon S3 to verify the authenticity of the request and ensure the security of your data.

            Pattern: ^[A-Za-z0-9+/]*={0,2}$

            Example:


            secretKey: c2VjcmV0S2V5Cg==
            
        • dvcr.storage.objectStorage.type
          string
          What ObjectStorage to use as store for dvcr.

          Allowed values: S3

      • dvcr.storage.persistentVolumeClaim
        object
        Parameters for PersistentVolumeClaim.
        • dvcr.storage.persistentVolumeClaim.size
          string

          Required value

          Persistentvolumeclaim size

          Example:


          size: 10Gi
          
        • dvcr.storage.persistentVolumeClaim.storageClassName
          string
          What StorageClass to use for creating persistentvolumeclaim.

          Examples:


          storageClassName: linstor
          
          storageClassName: nfs
          
      • dvcr.storage.type
        string

        The storage usage type:

        • persistentVolumeClaim — Use PersistentVolumeClaim as store for dvcr.
        • objectStorage — Use objectStorage as store for dvcr.

        Allowed values: PersistentVolumeClaim, ObjectStorage

  • highAvailability
    boolean

    Manually enable the high availability mode.

    By default, Deckhouse automatically decides whether to enable the HA mode. Click here to learn more about the HA mode for modules.

    Examples:


    highAvailability: true
    
    highAvailability: false
    
  • https
    object

    What certificate type to use.

    This parameter completely overrides the global.modules.https settings.

    Examples:


    mode: Disabled
    
    mode: OnlyInURI
    
    customCertificate:
      secretName: foobar
    mode: CustomCertificate
    
    certManager:
      clusterIssuerName: letsencrypt
    mode: CertManager
    
    • https.certManager
      object
      Parameters for certmanager.
      • https.certManager.clusterIssuerName
        string
        What ClusterIssuer to use for getting an SSL certificate (currently, letsencrypt, letsencrypt-staging, selfsigned are available; also, you can define your own).

        Default: letsencrypt

        Examples:


        clusterIssuerName: letsencrypt
        
        clusterIssuerName: letsencrypt-staging
        
        clusterIssuerName: selfsigned
        
    • https.customCertificate
      object
      Parameters for custom certificate usage.

      Default: {}

      • https.customCertificate.secretName
        string

        The name of the secret in the d8-system namespace to use with CDI upload proxy.

        This secret must have the kubernetes.io/tls format.

    • https.mode
      string

      The HTTPS usage mode:

      • CertManager — the web UI is accessed over HTTPS using a certificate obtained from a clusterIssuer specified in the certManager.clusterIssuerName parameter;
      • CustomCertificate — the web UI is accessed over HTTPS using a certificate from the d8-system namespace;
      • Disabled — in this mode, the documentation web UI can only be accessed over HTTP;
      • OnlyInURI — the documentation web UI will work over HTTP (thinking that there is an external HTTPS load balancer in front of it that terminates HTTPS traffic). All the links in the user-authn will be generated using the HTTPS scheme.

      Default: CertManager

      Allowed values: Disabled, CertManager, CustomCertificate, OnlyInURI

  • ingressClass
    string
    The Ingress class that will be used to upload images. By default, the modules.ingressClass global value is used.

    Pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$

  • logFormat
    string

    Sets a logging format.

    Working for this components:

    • virtualization-controller

    Allowed values: text, json

  • logLevel
    string

    Sets a logging level.

    Working for this components:

    • virtualization-api
    • virtualization-controller
    • kube-api-proxy
    • vm-route-forge

    Allowed values: debug, info, warn, error

  • virtualMachineCIDRs
    array of strings

    List of CIDRs used to allocate static IP addresses for Virtual Machines.

    It is important to note that the subnet for virtual machines should not be the same as the subnet used for pods and the subnet used for services. Address conflicts can lead to unpredictable behavior and networking problems.

    Example:


    virtualMachineCIDRs:
    - 10.10.10.0/24
    - 10.10.20.0/24