Three layouts are supported. Below is more information about each of them.
| Поддерживаются три схемы размещения. Ниже подробнее о каждой их них.
|
Standard
| Standard
|
In this placement strategy, nodes do not have public IP addresses allocated to them; they use NAT gateway service in Yandex Cloud to connect to the Internet.
| В данной схеме размещения узлы не будут иметь публичных IP-адресов, а будут выходить в интернет через NAT-шлюз (NAT Gateway) Yandex Cloud.
|
|
|
Example of the layout configuration:
| Пример конфигурации схемы размещения:
|
yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: Standard
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
zones:
- ru-central1-a
- ru-central1-b
instanceClass:
cores: 4
memory: 8192
imageID: fd8nb7ecsbvj76dfaa8b
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
additionalLabels:
takes: priority
nodeGroups:
- name: worker
replicas: 1
zones:
- ru-central1-a
instanceClass:
cores: 4
memory: 8192
imageID: fd8nb7ecsbvj76dfaa8b
coreFraction: 50
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
additionalLabels:
toy: example
labels:
billing: prod
sshPublicKey: ""
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
dhcpOptions:
domainName: test.local
domainNameServers:
- 213.177.96.1
- 231.177.97.1
| yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: Standard
sshPublicKey: “"
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
zones:
- ru-central1-a
- ru-central1-b
instanceClass:
cores: 4
memory: 8192
imageID: testtest
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
additionalLabels:
takes: priority
nodeGroups:
- name: worker
replicas: 1
zones:
- ru-central1-a
instanceClass:
cores: 4
memory: 8192
imageID: testtest
coreFraction: 50
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
additionalLabels:
toy: example
labels:
billing: prod
dhcpOptions:
domainName: test.local
domainNameServers:
- 213.177.96.1
- 231.177.97.1
|
WithoutNAT
| WithoutNAT
|
In this layout, NAT (of any kind) is not used, and each node is assigned a public IP.
| В данной схеме размещения NAT (любого вида) не используется, а каждому узлу выдается публичный IP-адрес.
|
Caution! Currently, the cloud-provider-yandex module does not support Security Groups; thus, is why all cluster nodes connect directly to the Internet.
|
Внимание! В модуле cloud-provider-yandex пока нет поддержки групп безопасности (security group), поэтому все узлы кластера будут смотреть наружу.
|
|
|
Example of the layout configuration:
| Пример конфигурации схемы размещения:
|
yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: WithoutNAT
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
- ru-central1-b
nodeGroups:
- name: worker
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID: testtest
coreFraction: 50
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
sshPublicKey: “"
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
dhcpOptions:
domainName: test.local
domainNameServers:
- 8.8.8.8
- 8.8.4.4
| yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: WithoutNAT
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
- ru-central1-b
nodeGroups:
- name: worker
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID: testtest
coreFraction: 50
externalIPAddresses:
- “198.51.100.5”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
sshPublicKey: “"
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
dhcpOptions:
domainName: test.local
domainNameServers:
- 8.8.8.8
- 8.8.4.4
|
WithNATInstance
| WithNATInstance
|
In this placement strategy, Deckhouse creates a NAT instance and adds a rule to a route table containing a route to 0.0.0.0/0 with a NAT instance as the next hop.
| В данной схеме размещения создается NAT-инстанс, а в таблицу маршрутизации добавляется правило на 0.0.0.0/0 с NAT-инстанса nexthop’ом.
|
If the withNATInstance.externalSubnetID parameter is set, the NAT instance will be created in this subnet.
| Если задан withNATInstance.externalSubnetID — NAT-инстанс будет создан в зоне этого subnet.
|
IF the withNATInstance.externalSubnetID parameter is not set and withNATInstance.internalSubnetID is set, the NAT instance will be created in this last subnet.
| Если withNATInstance.externalSubnetID не задан, а withNATInstance.internalSubnetID задан — NAT-инстанс будет создан в зоне этого subnet.
|
If neither withNATInstance.externalSubnetID nor withNATInstance.internalSubnetID is set, the NAT instance will be created in the ru-central1-a zone.
| Если ни withNATInstance.externalSubnetID , ни withNATInstance.internalSubnetID не заданы — NAT-инстанс создастся в зоне ru-central1-a .
|
If the IP address of the NAT-instance does not matter, you can pass an empty object withNATInstance: {} , then the necessary networks and dynamic IP will be created automatically.
| Если IP-адрес NAT-инстанса не имеет значения, можно передать пустой объект withNATInstance: {} , тогда необходимые сети и динамический IP-адрес будут созданы автоматически.
|
|
|
Example of the layout configuration:
| Пример конфигурации схемы размещения:
|
yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: WithNATInstance
withNATInstance:
natInstanceExternalAddress:
internalSubnetID:
externalSubnetID:
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
externalIPAddresses:
- “1.1.1.1”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
- ru-central1-b
nodeGroups:
- name: worker
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
coreFraction: 50
externalIPAddresses:
- “1.1.1.1”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
sshPublicKey: “"
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
dhcpOptions:
domainName: test.local
domainNameServers:
- 8.8.8.8
- 8.8.4.4
| yaml
apiVersion: deckhouse.io/v1
kind: YandexClusterConfiguration
layout: WithNATInstance
withNATInstance:
natInstanceExternalAddress:
internalSubnetID:
externalSubnetID:
provider:
cloudID:
folderID:
serviceAccountJSON: |
{
"id": "id",
"service_account_id": "service_account_id",
"key_algorithm": "RSA_2048",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n"
}
masterNodeGroup:
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
externalIPAddresses:
- “1.1.1.1”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
- ru-central1-b
nodeGroups:
- name: worker
replicas: 1
instanceClass:
cores: 4
memory: 8192
imageID:
coreFraction: 50
externalIPAddresses:
- “1.1.1.1”
- “Auto”
externalSubnetID:
zones:
- ru-central1-a
sshPublicKey: “"
nodeNetworkCIDR: 192.168.12.13/24
existingNetworkID:
dhcpOptions:
domainName: test.local
domainNameServers:
- 8.8.8.8
- 8.8.4.4
|