Initialize Kato Cluster Parameters

By default, the initialization parameters of the cluster are automatically configured by the driver according to different Kubernetes cluster providers. However, in some advanced scenarios, such as when users have custom HA database, custom ETCD configuration, and custom mirror warehouse requirements, custom Initializing Kato cluster parameters will be useful to you.

  • Kato pursues automatic configuration with best practice parameters to reduce user threshold. Before you fully grasp the initialization parameter configuration, please configure it carefully.

As shown in the figure above, when entering the cluster initialization confirmation page, you can click the red box to configure the cluster initialization parameters.

Configuration examples are as follows:

metadata:
  creationTimestamp: null
  name: katocluster
spec:
  enableHA: true
  etcdConfig:
    endpoints:
    - 192.168.3.103:2379
    - 192.168.3.102:2379
    - 192.168.3.101:2379
    secretName: rbd-etcd-secret
  gatewayIngressIPs:
  - 192.168.3.104
  nodesForGateway:
  - internalIP: 192.168.3.101
    name: 192.168.3.101
  - internalIP: 192.168.3.102
    name: 192.168.3.102
  - internalIP: 192.168.3.103
    name: 192.168.3.103
  imageHub:
    domain: image.xxxxx.com
    namespace: test
    password: xxxxx!
    username: root
  katoVolumeSpecRWO:
    csiPlugin: {}
    imageRepository: ""
    storageClassParameters: {}
  katoVolumeSpecRWX:
    storageClassName: glusterfs-simple
    csiPlugin: 
    	aliyunNas: {}
    storageClassParameters: 
    	parameters: 
    	  volumeAs: subpath
    	  server: xxx.nas.server.dddd.com
    	  archiveOnDelete: true
  regionDatabase:
    host: 172.20.251.91
    name: rbdregion
    password: password
    port: 3306
    username: root
  suffixHTTPHost: 5-3-0.gridworkz.org

The parameters only need to set the parts that need to be customized, not all settings are required.

The configuration parameters are described as follows:

ParametersSecondary ParametersDescription
etcdConfig (struct)endpoints (array)ETCD instance list
secretName (string)ETCD’s SSL certificate secret name, how to generate the secret, please refer to “Generate ETCD certificate secret” below
enableHA (bool)Whether high availability deployment, true/false, default false
suffixHTTPHost(string)Cluster HTTP default domain name suffix, leave it blank to automatically assign
gatewayIngressIPs (array)Gateway external network IP address, generally refers to SLB or VIP
nodesForGateway (array)name(string)Node name (subject to kubernetes node information)
internalIP(string)Node internal network IP (subject to kubernetes node information)
externalIP(string)Node peripheral IP (subject to kubernetes node information)
nodesForChaos (array)Consistent with nodesForGateway
imageHub(struct)domain (string)The domain name of the mirror repository, which needs to be accessible normally
namespace(string)Mirror warehouse namespace
username(string)Username
password(string)Password
regionDatabase(struct)host(string)Cluster database IP address
port(int)Cluster database port
username(string)Cluster account
password(string)Cluster password
name(string)Cluster database name
katoVolumeSpecRWXShared storage configuration, refer to the use case for details. Leave blank to use the default storage
storageClassName(string)The name of the storageclass that exists in the cluster, not required
storageClassParameters(struct)
csiPlugin(struct)
storageRequest(int)
katoVolumeSpecRWOConsistent with katoVolumeSpecRWX.Single read single write storage, generally refers to block storage devices. If provided, stateful services will be used by default.

Generate Etcd Certificate Secret

RKE :

  • CA certificate: /etc/kubernetes/ssl/kube-ca.pem
  • Client certificate: /etc/etcd/ssl/kube-node.pem
  • Client key: /etc/etcd/ssl/kube-node-key.pem
kubectl create secret generic rbd-etcd-secret -n rbd-system \
--from-file=ca-file=/etc/kubernetes/ssl/kube-ca.pem \
--from-file=cert-file=/etc/kubernetes/ssl/kube-node.pem \
--from-file=key-file=/etc/kubernetes/ssl/kube-node-key.pem

kubeash :

  • CA certificate: /etc/kubernetes/ssl/ca.pem
  • Client certificate: /etc/etcd/ssl/etcd.pem
  • Client key: /etc/etcd/ssl/etcd-key.pem
kubectl create secret generic rbd-etcd-secret -n rbd-system \
--from-file=ca-file=/etc/kubernetes/ssl/ca.pem \
--from-file=cert-file=/etc/kubernetes/ssl/etcd.pem \
--from-file=key-file=/etc/kubernetes/ssl/etcd-key.pem