forked from pivotal-cf/docs-pks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
installing-pks-azure.html.md.erb
176 lines (109 loc) · 8.26 KB
/
installing-pks-azure.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
---
title: Installing Enterprise PKS on Azure
owner: PKS
iaas: Azure
---
<strong><%= modified_date %></strong>
This topic describes how to install and configure <%= vars.product_full %> on Azure.
##<a id='prerequisites'></a>Prerequisites
Before performing the procedures in this topic, you must have deployed and configured Ops Manager.
For more information, see [Azure Prerequisites and Resource Requirements](azure-requirements.html).
<%= partial 'prerequisites' %>
##<a id='install'></a> Step 1: Install <%= vars.product_short %>
<%= partial 'install-pks' %>
##<a id='configure'></a> Step 2: Configure <%= vars.product_short %>
Click the orange **<%= vars.product_tile %>** tile to start the configuration process.
<p class="note warning"><strong>WARNING</strong>: When you configure the <%= vars.product_tile %> tile.
do not use spaces in any field entries. This includes spaces between characters as well as
leading and trailing spaces. If you use a space in any field entry, the deployment of <%= vars.product_short %> fails.</p>
###<a id='azs-networks'></a> Assign Networks
<%= partial 'azs-networks-azure' %>
###<a id='pks-api'></a> PKS API
<%= partial 'pks-api' %>
###<a id='plans'></a> Plans
<%= partial 'plans' %>
###<a id='cloud-provider'></a> Kubernetes Cloud Provider
To configure your Kubernetes cloud provider settings, follow the procedures below:
1. Click **Kubernetes Cloud Provider**.
1. Under **Choose your IaaS**, select **Azure**.
<img src="images/cloud-azure.png" alt="Azure pane configuration">
1. Under **Azure Cloud Name**, select the identifier of your Azure environment.
1. Enter **Subscription ID**. This is the ID of the Azure subscription that the cluster is deployed in.
1. Enter **Tenant ID**. This is the Azure Active Directory (AAD) tenant ID for the subscription that the cluster is deployed in.
1. Enter **Location**. This is the location of the resource group that the cluster is deployed in.
<br><br>
You set the location name in the `terraform.tfvars` file in [Deploying Ops Manager to Azure Using Terraform](https://docs.pivotal.io/pcf/om/azure/prepare-env-terraform.html). However, Terraform removes the spaces from this name and makes it lower-case. For example, if you entered `Central US` in the `terraform.tfvars` file, it becomes `centralus`. You must enter the converted form of the location name in the **Location** field, such as `centralus`.
1. Enter **Resource Group**. This is the name of the resource group that the cluster is deployed in.
1. Enter **Virtual Network**. This is the name of the virtual network that the cluster is deployed in.
1. Enter **Virtual Network Resource Group**. This is the name of the resource group that the virtual network is deployed in.
1. Enter **Default Security Group**. This is the name of the security group attached to the cluster's subnet.
<p class="note"><strong>Note:</strong> <%= vars.product_short %> automatically assigns the default security group to each VM when you create a Kubernetes cluster.
However, on Azure this automatic assignment may not occur. For more information, see <a href="release-notes.html#security-group">Azure Default Security Group Is Not Automatically Assigned to Cluster VMs</a> in <em><%= vars.product_short %> Release Notes</em>.</p>
1. Enter **Primary Availability Set**. This is the name of the availability set that will be used as the load balancer back end.
<br><br>
Terraform creates this availability set and its name is `YOUR-ENVIRONMENT-NAME-pks-as`, where `YOUR-ENVIRONMENT-NAME` is the value you provided for `env_name` in the `terraform.tfvars` file. See [Step 1: Download and Edit the Terraform Variables File](https://docs.pivotal.io/pcf/om/azure/prepare-env-terraform.html) of <em>Deploying Ops Manager to Azure Using Terraform</em> for more information. You can also find the name of the availability set by logging in to the Azure console.
1. For **Master Managed Identity**, enter `pks-master`. You created the managed identity for the master nodes in
[Create the Master Nodes Managed Identity](azure-managed-identities.html#create-master) in *Creating Managed Identities in Azure for <%= vars.product_short %>*.
1. For **Worker Managed Identity**, enter `pks-worker`. You created the managed identity for the worker nodes in
[Create the Worker Nodes Managed Identity](azure-managed-identities.html#create-worker) in *Creating Managed Identities in Azure for <%= vars.product_short %>*.
1. Click **Save**.
###<a id='syslog'></a> (Optional) Logging
<%= partial 'logging' %>
###<a id='networking'></a> Networking
To configure networking, do the following:
1. Click **Networking**.
1. Under **Container Networking Interface**, select **Flannel**.
<img src="images/networking-flannel.png" alt="Networking pane configuration" width="425">
1. (Optional) Enter values for **Kubernetes Pod Network CIDR Range** and **Kubernetes Service Network CIDR Range**.
* Ensure that the CIDR ranges do not overlap and have sufficient space for your deployed services.
* Ensure that the CIDR range for the **Kubernetes Pod Network CIDR Range** is large enough to accommodate the expected maximum number of pods.
1. Under **Allow outbound internet access from Kubernetes cluster vms (IaaS-dependent)**, leave the **Enable outbound internet access** checkbox unselected. You must leave this checkbox unselected due to an incompatibility between the public dynamic IPs provided by BOSH and load balancers on Azure.
1. Click **Save**.
###<a id='uaa'></a> UAA
<%= partial 'uaa' %>
###<a id='monitoring'></a> (Optional) Monitoring
<%= partial 'monitoring' %>
###<a id='telemetry'></a> CEIP and Telemetry
<%= partial 'usage-data' %>
###<a id='errands'></a> Errands
<%= partial 'errands' %>
###<a id='resource-config'></a> Resource Config
To modify the resource usage of <%= vars.product_short %> and specify your PKS API load balancer, follow the steps below:
1. Select **Resource Config**.
1. In the **Load Balancers** column, enter the name of your PKS API load balancer.
The name of your PKS API load balancer is `YOUR-ENVIRONMENT-NAME-pks-lb`. Refer to
the environment name you configured in your `terraform.tfstate` file during [Step 1: Download
Templates and Edit Variables File](https://docs.pivotal.io/pcf/om/azure/prepare-env-terraform.html). Then, append `-pks-lb` to that environment name.
<%= partial 'lb-resource-config' %>
1. (Optional) Edit other resources used by the **Pivotal Container Service** job.
The **Pivotal Container Service** job requires a VM with the following minimum
resources:
<table>
<tr>
<th>CPU</th>
<th>Memory</th>
<th>Disk</th>
</tr>
<tr>
<td>2</td>
<td>8 GB</td>
<td>29 GB</td>
</tr>
</table>
<p class="note"><strong>Note</strong>: The automatic <b>VM Type</b> value matches the minimum recommended size for the <b>Pivotal Container Service</b> job. If you experience timeouts or slowness when interacting with the PKS API, select a <strong>VM Type</strong> with greater CPU and memory resources.</p>
##<a id='apply-changes'></a> Step 3: Apply Changes
<%= partial 'apply-changes' %>
##<a id='retrieve-pks-api'></a> Step 4: Retrieve the PKS API Endpoint
<%= partial 'share-endpoint' %>
## <a id='lb-pks-api'></a> Step 5: Configure an Azure Load Balancer for the PKS API
Follow the procedures in [Configuring an Azure Load Balancer for the PKS API](azure-api-load-balancer.html) to configure an Azure load balancer for the PKS API.
## <a id='clis'></a> Step 6: Install the PKS and Kubernetes CLIs
<%= partial 'install-cli' %>
## <a id='auth'></a> Step 7: Configure Authentication for <%= vars.product_short %>
Follow the procedures in [Setting Up <%= vars.product_short %> Admin Users on Azure](azure-configure-pks-users.html).
##<a id='next-steps'></a> Next Steps
After installing <%= vars.product_short %> on Azure, you may want to do one or more of the following:
* Create a load balancer for your <%= vars.product_short %> clusters. For more information, see [Creating and Configuring an Azure Load Balancer for <%= vars.product_short %> Clusters](azure-cluster-load-balancer.html).
* Create your first <%= vars.product_short %> cluster. For more information, see [Creating Clusters](create-cluster.html).