Skip to content

Commit

Permalink
Update optional configuration provider support and etcd
Browse files Browse the repository at this point in the history
  • Loading branch information
taneyland committed Nov 17, 2023
1 parent 96f3aae commit db00c2a
Show file tree
Hide file tree
Showing 16 changed files with 82 additions and 18 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ allowing you to upgrade a number of fields simultaneously with the same procedur
- `workerNodeGroupConfigurations.count`
- `workerNodeGroupConfigurations.machineGroupRef.name`
- `workerNodeGroupConfigurations.kubernetesVersion`
- `etcdConfiguration.externalConfiguration.machineGroupRef.name`
- `externalEtcdConfiguration.machineGroupRef.name`
- `identityProviderRefs` (Only for `kind:OIDCConfig`, `kind:AWSIamConfig` is immutable)
- `gitOpsRef` (Once set, you can't change or delete the field's content later)
- `registryMirrorConfiguration` (for non-authenticated registry mirror)
Expand Down
6 changes: 6 additions & 0 deletions docs/content/en/docs/getting-started/baremetal/bare-spec.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@ The following additional optional configuration can also be included:

* [CNI]({{< relref "../optional/cni.md" >}})
* [Host OS Config]({{< relref "../optional/hostOSConfig.md" >}})
* [Proxy]({{< relref "../optional/proxy.md" >}})
* [Gitops]({{< relref "../optional/gitops.md" >}})
* [IAM Authenticator]({{< relref "../optional/iamauth.md" >}})
* [OIDC]({{< relref "../optional/oidc.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})
* [Machine Health Check Timeouts]({{< relref "../optional/healthchecks.md" >}})

To generate your own cluster configuration, follow instructions from the [Create Bare Metal cluster]({{< relref "./baremetal-getstarted" >}}) section and modify it using descriptions below.
For information on how to add cluster configuration settings to this file for advanced node configuration, see [Advanced Bare Metal cluster configuration]({{< relref "#advanced-bare-metal-cluster-configuration" >}}).
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ The following additional optional configuration can also be included:
* [GitOps]({{< relref "../optional/gitops.md" >}})
* [Proxy]({{< relref "../optional/proxy.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})
* [Machine Health Check Timeouts]({{< relref "../optional/healthchecks.md" >}})


```yaml
Expand Down
15 changes: 10 additions & 5 deletions docs/content/en/docs/getting-started/nutanix/nutanix-spec.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,16 @@ description: >

This is a generic template with detailed descriptions below for reference.

The following additional optional configuration can also be included:

* [CNI]({{< relref "../optional/cni.md" >}})
* [IAM Authenticator]({{< relref "../optional/iamauth.md" >}})
* [OIDC]({{< relref "../optional/oidc.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})
* [Proxy]({{< relref "../optional/proxy.md" >}})
* [Gitops]({{< relref "../optional/gitops.md" >}})
* [Machine Health Check Timeouts]({{< relref "../optional/healthchecks.md" >}})

```yaml
apiVersion: anywhere.eks.amazonaws.com/v1alpha1
kind: Cluster
Expand Down Expand Up @@ -119,11 +129,6 @@ spec:
---
```

The following additional optional configuration can also be included:

* [OIDC]({{< relref "../optional/oidc.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})

## Cluster Fields

### name (required)
Expand Down
2 changes: 1 addition & 1 deletion docs/content/en/docs/getting-started/optional/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,5 @@ aliases:
description: >
Optional Config references for EKS Anywhere clusters such as etcd, OS, CNI, IRSA, proxy, and registry mirror
---
Configuration pages here describe optional features you can add to your EKS Anywhere provider's clusterspec file.
The configuration pages below describe optional features that you can add to your EKS Anywhere provider's clusterspec file.
See each provider's installation section for details on which optional features are supported.
5 changes: 5 additions & 0 deletions docs/content/en/docs/getting-started/optional/cni.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,11 @@ description: >

### Specifying CNI Plugin in EKS Anywhere cluster spec

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

EKS Anywhere currently supports two CNI plugins: Cilium and Kindnet. Only one of them can be selected
for a cluster, and the plugin cannot be changed once the cluster is created.
Up until the 0.7.x releases, the plugin had to be specified using the `cni` field on cluster spec.
Expand Down
19 changes: 12 additions & 7 deletions docs/content/en/docs/getting-started/optional/etcd.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,24 @@ description: >
EKS Anywhere cluster yaml etcd specification reference
---

>**_NOTE_**: Currently, the Unstacked etcd topology is not supported with the Amazon EKS Anywhere Bare Metal and Nutanix deployment options.
### Unstacked etcd topology (recommended)
There are two types of etcd topologies for configuring a Kubernetes cluster:

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** || | |||

There are two types of etcd topologies for configuring a Kubernetes cluster:

* Stacked: The etcd members and control plane components are colocated (run on the same node/machines)
* Unstacked/External: With the unstacked or external etcd topology, etcd members have dedicated machines and are not colocated with control plane components

The unstacked etcd topology is recommended for a HA cluster for the following reasons:

* External etcd topology decouples the control plane components and etcd member.
So if a control plane-only node fails, or if there is a memory leak in a component like kube-apiserver, it won't directly impact an etcd member.
For example, if a control plane-only node fails, or if there is a memory leak in a component like kube-apiserver, it won't directly impact an etcd member.
* Etcd is resource intensive, so it is safer to have dedicated nodes for etcd, since it could use more disk space or higher bandwidth.
Having a separate etcd cluster for these reasons could ensure a more resilient HA setup.
Having a separate etcd cluster for these reasons could ensure a more resilient HA setup.

EKS Anywhere supports both topologies.
In order to configure a cluster with the unstacked/external etcd topology, you need to configure your cluster by updating the configuration file before creating the cluster.
Expand Down Expand Up @@ -57,7 +61,7 @@ spec:
machineGroupRef:
kind: VSphereMachineConfig
name: my-cluster-name-etcd
kubernetesVersion: "1.19"
kubernetesVersion: "1.27"
workerNodeGroupConfigurations:
- count: 1
machineGroupRef:
Expand All @@ -66,11 +70,12 @@ spec:
name: md-0
```
#### externalEtcdConfiguration (under Cluster)
This field accepts any configuration parameters for running external etcd.
External etcd configuration for your Kubernetes cluster.
#### count (required)
This determines the number of etcd members in the cluster.
The recommended number is 3.
#### machineGroupRef (required)
Refers to the Kubernetes object with provider specific configuration for your nodes.
6 changes: 6 additions & 0 deletions docs/content/en/docs/getting-started/optional/gitops.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ description: >
---

# GitOps Support (Optional)

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

EKS Anywhere can create clusters that supports GitOps configuration management with Flux.
In order to add GitOps support, you need to configure your cluster by specifying the configuration file with `gitOpsRef` field when creating or upgrading the cluster.
We currently support two types of configurations: `FluxConfig` and `GitOpsConfig`.
Expand Down
6 changes: 6 additions & 0 deletions docs/content/en/docs/getting-started/optional/healthchecks.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ description: >
---

## Machine Health Checks Support

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

You can configure EKS Anywhere to specify timeouts for machine health checks.
A Machine Health Check is a resource which allows users to define conditions under which Machines within a Cluster should be considered unhealthy. A Machine Health Check is defined on a management cluster and scoped to a particular workload cluster. If not configured in the spec, the default values are used to configure the machine health checks.

Expand Down
8 changes: 6 additions & 2 deletions docs/content/en/docs/getting-started/optional/hostOSConfig.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,13 @@ description: >
## Host OS Configuration
You can configure certain host OS settings through EKS Anywhere.

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||| | | |

{{% alert title="Note" color="primary" %}}
Currently, these settings are only supported for vSphere and Tinkerbell providers.<br>
Additionally, settings under `bottlerocketConfiguration` are only supported for `osFamily: bottlerocket`
Settings under `bottlerocketConfiguration` are only supported for `osFamily: bottlerocket`
{{% /alert %}}

The following cluster spec shows an example of how to configure host OS settings:
Expand Down
6 changes: 6 additions & 0 deletions docs/content/en/docs/getting-started/optional/iamauth.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ description: >
---

## AWS IAM Authenticator support (optional)

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

EKS Anywhere can create clusters that support AWS IAM Authenticator-based api server authentication.
In order to add IAM Authenticator support, you need to configure your cluster by updating the configuration file before creating the cluster.
This is a generic template with detailed descriptions below for reference:
Expand Down
5 changes: 5 additions & 0 deletions docs/content/en/docs/getting-started/optional/oidc.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ description: >
## OIDC support (optional)
EKS Anywhere can create clusters that support api server OIDC authentication.

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

In order to add OIDC support, you need to configure your cluster by updating the configuration file to include the details below. The OIDC configuration can be added at cluster creation time, or introduced via a cluster upgrade in VMware and CloudStack.

This is a generic template with detailed descriptions below for reference:
Expand Down
6 changes: 6 additions & 0 deletions docs/content/en/docs/getting-started/optional/proxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ description: >
---

## Proxy support (optional)

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

You can configure EKS Anywhere to use a proxy to connect to the Internet. This is the
generic template with proxy configuration for your reference:
```yaml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,13 @@ description: >
EKS Anywhere cluster specification for registry mirror configuration
---

## Registry Mirror Support (optional)

#### Provider support details
| | vSphere | Bare Metal | Nutanix | CloudStack | Snow |
|:--------------:|:-------:|:----------:|:-------:|:----------:|:----:|
| **Supported?** ||||||

You can configure EKS Anywhere to use a local registry mirror for its dependencies. When a registry mirror is configured in the EKS Anywhere cluster specification, EKS Anywhere will use it instead of defaulting to Amazon ECR for its dependencies. For details on how to configure your local registry mirror for EKS Anywhere, see the [Configure local registry mirror]({{< relref "./registrymirror/#configure-local-registry-mirror" >}}) section.

See the [airgapped documentation page]({{<relref "../airgapped" >}}) for instructions on downloading and importing EKS Anywhere dependencies to a local registry mirror.
Expand Down
1 change: 1 addition & 0 deletions docs/content/en/docs/getting-started/snow/snow-spec.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ The following additional optional configuration can also be included:
* [GitOps]({{< relref "../optional/gitops.md" >}})
* [Proxy]({{< relref "../optional/proxy.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})
* [Machine Health Check Timeouts]({{< relref "../optional/healthchecks.md" >}})

```yaml
apiVersion: anywhere.eks.amazonaws.com/v1alpha1
Expand Down
5 changes: 3 additions & 2 deletions docs/content/en/docs/getting-started/vsphere/vsphere-spec.md
Original file line number Diff line number Diff line change
Expand Up @@ -106,10 +106,11 @@ The following additional optional configuration can also be included:
* [IAM Roles for Service Accounts]({{< relref "../optional/irsa.md" >}})
* [IAM Authenticator]({{< relref "../optional/iamauth.md" >}})
* [OIDC]({{< relref "../optional/oidc.md" >}})
* [gitops]({{< relref "../optional/gitops.md" >}})
* [proxy]({{< relref "../optional/proxy.md" >}})
* [Gitops]({{< relref "../optional/gitops.md" >}})
* [Proxy]({{< relref "../optional/proxy.md" >}})
* [Registry Mirror]({{< relref "../optional/registrymirror.md" >}})
* [Host OS Config]({{< relref "../optional/hostOSConfig.md" >}})
* [Machine Health Check Timeouts]({{< relref "../optional/healthchecks.md" >}})

## Cluster Fields

Expand Down

0 comments on commit db00c2a

Please sign in to comment.