Configures the kubernetes cluster-wide configurations.
Command Mode
Exec > Global Configuration (config) > Cluster Configuration (config-clusters-cluster_name )
Syntax
configuration { additional-master-virtual-ip-cidr cidr_notation_netmask | additional-master-virtual-ip ip_address | additional-master-virtual-ipv6-cidr cidr_notation_netmask | additional-master-virtual-ipv6 ipv6_address | addtional-master-virtual-ip-interface string | allow-insecure-registry { false | true } | customization-image docker_image | default-not-ready-toleration notready_toleration_time | default-unreachable-toleration unreachable_toleration_time | docker-ipv6-cidr ipv6_cidr_docker_subnet | enable-pod-security-policy { false | true } | enable-wireguard { false | true } | ipv6-mode ipv6_mode | keepalived-auth aes_encrypted_string | master-keepalived-multicast { false | true } | master-virtual-ip-cidr cidr_notation | master-virtual-ip-interface ethernet_interface | master-virtual-ip ip_address | master-virtual-ipv6-cidr cidr_notation_netmask | master-virtual-ipv6 ipv6_address | node-monitor-grace-period grace_period | node-monitor-period monitor_period | node-status-update-frequency update_frequency | pod-subnet-ipv6 ipv6_pod_subnet | pod-subnet pod_subnet | restrict-logging { false | true } | service-subnet-ipv6 ipv6_service_subnet | service-subnet service_subnet | size cluster_size | virtual-ip-vrrp-router-id vrrp_router_id | calico-ipv6-cidr calico_ipv6_cidr }
additional-master-virtual-ip-cidr cidr_notation_netmask
Specfies the CIDR notation (netmask) of additional master virtual IP.
Must be an integer in the range of 0-32.
Default Value: 32.
additional-master-virtual-ip ip_address
Specfies the virtual IPv4 address used to provide additional access to the HA kubernetes masters. This must be set on initial
cluster creation.
additional-master-virtual-ipv6-cidr cidr_notation_netmask
Specify the CIDR notation (netmask) of additional-master-virtual-ipv6.
Must be an integer in the range of 0-120.
Default Value: 112.
additional-master-virtual-ipv6 ipv6_address
Specify the virtual IPv6 address used to provide additional access to the HA kubernetes masters. This must be set on initial
cluster creation.
addtional-master-virtual-ip-interface string
Specify the ethernet interface to which the additional master IP will be assigned. This will correspond to netplan network
IDs.
Must be a string.
Default Value: ens192.
allow-insecure-registry { false | true }
Specify whether to allow the use of insecure docker and helm registries.
Must be one of the following:
Default Value: false.
calico-ipv6-cidr calico_ipv6_cidr
Specify the Calico IPv6 CIDR.
customization-image docker_image
Specify the Docker image to use for customizing the VMs deployed in the cluster.
Must be a string.
default-not-ready-toleration notready_toleration_time
Specify the pod eviction toleration time when the node is not ready, in seconds.
Default value: 30 seconds
default-unreachable-toleration unreachable_toleration_time
Specify the pod eviction toleration time when the node is unreachable, in seconds.
Default value: 30 seconds
docker-ipv6-cidr ipv6_cidr_docker_subnet
Specify the fixed IPv6 CIDR docker subnet.
Default Value: fd00::/80.
enable-pod-security-policy { false | true }
Specify whether to enable or disable pod security policy.
Must be one of the following:
Default Value: false.
enable-wireguard { false | true }
Specify whether to enable or disable Wireguard.
Must be one of the following:
Default Value: false.
error-on-automatic-rolling-upgrade { false | true }
Specify whether to allow or block automatic base image or firmware based rolling upgrades.
Must be one of the following:
Default Value: false.
ipv6-mode ipv6_mode
Specify whether to allow dual-stack pod and service subnets.
Must be one of the following:
Default Value: none.
keepalived-auth aes_encrypted_string
Specify the authentication password for Keepalived.
Default Value: 4be37dc3b4c90194d1600c483e10ad1d.
master-keepalived-multicast { false | true }
Specify whether to enable or disable master keepalived multicast.
Must be one of the following:
Default Value: false.
master-virtual-ip-cidr cidr_notation
Specify the CIDR notation of the additional master virtual IP.
Must be an integer in the range of 0-32.
Default Value: 32.
master-virtual-ip-interface ethernet_interface
Specify the ethernet interface to which the master IP will be assigned.
Must be a string.
Default Value: ens192.
master-virtual-ip ip_address
Specify the virtual IPv4 address used to make the kubernetes masters Highly Available (HA).
master-virtual-ipv6-cidr cidr_notation_netmask
Specify the CIDR notation (netmask) of additional-master-virtual-ipv6.
Must be an integer in the range of 0-112.
Default Value: 112.
master-virtual-ipv6 ipv6_address
Specify the virtual IPv6 address used to make the kubernetes masters HA. This must be set on initial cluster creation.
node-monitor-grace-period grace_period
Specify the node to be marked unhealthy after a period that it became unresponsive, in seconds.
Default value: 40 seconds
node-monitor-period monitor_period
Specify the period for syncing NodeStatus in NodeController, in seconds.
Default value: 5 seconds
node-status-update-frequency update_frequency
Specify the node status update interval from kubelet to kube-controller, in seconds.
Default value: 10 seconds
pod-subnet-ipv6 ipv6_pod_subnet
Specify the the IPv6 pod subnet to configure k8s and calico.
Default Value: fd20::0/112.
pod-subnet pod_subnet
Specify the pod subnet to configure k8s and calico.
Default Value: 192.168.0.0/16.
restrict-logging { false | true }
Specify whether to allow logging of critical information on failure for debugging purposes.
Must be one of the following:
Default Value: true.
Note
|
It's recommended to always set restrict-logging to true. Setting it to false is not secure and could result in unauthorized access to critical user data.
|
service-subnet-ipv6 ipv6_service_subnet
Specify the the IPv6 service subnet to configure k8s and calico.
Default Value: fd40::0/112.
service-subnet service_subnet
Specify the service subnet to configure k8s and calico.
Default Value: 10.96.0.0/12.
size cluster_size
Specify the cluster size.
Must be one of the following:
-
functional-test-aio
-
functional-test-ha
-
production
Default Value: production.
virtual-ip-vrrp-router-id vrrp_router_id
Specify the VRRP router ID. If multiple instances of VRRP are in use on the same subnet, router ID must be unique. This is
typically needed if running multiple SMI k8s clusters in the same subnet. Issues will show up with virtual IP not binding
properly.
Must be an integer in the range of 1-255.
Usage Guidelines
Use this command to configure the kubernetes cluster-wide configurations.