forked from pivotal-cf/docs-pks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
installing-pks-vsphere.html.md.erb
124 lines (85 loc) · 5.67 KB
/
installing-pks-vsphere.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
---
title: Installing Enterprise PKS on vSphere
owner: PKS
iaas: vSphere
---
<strong><%= modified_date %></strong>
This topic describes how to install and configure <%= vars.product_full %> on vSphere.
##<a id='prerequisites'></a>Prerequisites
Before performing the procedures in this topic, you must have deployed and configured Ops Manager.
For more information, see [vSphere Prerequisites and Resource Requirements](vsphere-requirements.html).
<%= partial 'prerequisites' %>
##<a id='install'></a> Step 1: Install <%= vars.product_short %>
<%= partial 'install-pks' %>
##<a id='configure'></a> Step 2: Configure <%= vars.product_short %>
Click the orange **<%= vars.product_tile %>** tile to start the configuration process.
<p class="note warning"><strong>WARNING</strong>: When you configure the <%= vars.product_tile %> tile,
do not use spaces in any field entries. This includes spaces between characters as well as
leading and trailing spaces. If you use a space in any field entry, the deployment of <%= vars.product_short %> fails.</p>
###<a id='azs-networks'></a> Assign AZs and Networks
<%= partial 'azs-networks' %>
###<a id='pks-api'></a> PKS API
<%= partial 'pks-api' %>
###<a id='plans'></a> Plans
<%= partial 'plans' %>
###<a id='cloud-provider'></a> Kubernetes Cloud Provider
<%= partial 'cloud-provider' %>
###<a id='syslog'></a> (Optional) Logging
<%= partial 'logging' %>
###<a id='networking'></a> Networking
To configure networking, do the following:
1. Click **Networking**.
1. Under **Container Networking Interface**, select **Flannel**.
<img src="images/networking-flannel.png" alt="Networking pane configuration" width="425">
1. (Optional) Enter values for **Kubernetes Pod Network CIDR Range** and **Kubernetes Service Network CIDR Range**.
* Ensure that the CIDR ranges do not overlap and have sufficient space for your deployed services.
* Ensure that the CIDR range for the **Kubernetes Pod Network CIDR Range** is large enough to accommodate the expected maximum number of pods.
1. (Optional) Configure a global proxy for all outgoing HTTP and HTTPS traffic from your Kubernetes clusters. This setting will not set the proxy for running Kubernetes workloads or pods.
<br><br>
Production environments can deny direct access to public Internet services and between internal services by placing an HTTP or HTTPS proxy in the network path between Kubernetes nodes and those services.
<br><br>
If your environment includes HTTP or HTTPS proxies, configuring <%= vars.product_short %> to use these proxies allows <%= vars.product_short %>-deployed Kubernetes nodes to access public Internet services and other internal services. Follow the steps below to configure a global proxy for all outgoing HTTP/HTTPS traffic from your Kubernetes clusters:
1. Under **HTTP/HTTPS proxy**, select **Enabled**.
<img src="images/networking-https-proxy.png" alt="Networking pane configuration" width="325">
1. Under **HTTP Proxy URL**, enter the URL of your HTTP/HTTPS proxy endpoint. For example, `http://myproxy.com:1234`.
1. (Optional) If your proxy uses basic authentication, enter the username and password under **HTTP Proxy Credentials**.
1. Under **No Proxy**, enter the service network CIDR where your <%= vars.product_short %> cluster is deployed. List any additional IP addresses or domain names that should bypass the proxy. The **No Proxy** property for vSphere accepts wildcard domains denoted by a prefixed `*.` or `.`, for example `*.example.com` and `.example.com`.
<p class="note"><strong>Note</strong>: By default, the <code>.internal</code>, <code>10.100.0.0/8</code>, and <code>10.200.0.0/8</code> IP address ranges are not proxied. This allows internal <%= vars.product_short %> communication.
<br><br>
Do not use the <code>-</code> character in the <b>No Proxy</b> field. Entering an
underscore character in this field can cause upgrades to fail.
<br><br>
Because some jobs in the VMs accept `*.` as a wildcard, while others only accept `.`, we recommend that you define a wildcard domain using both of them. For example, to denote `example.com` as a wildcard domain, add both `*.example.com` and `example.com` to the **No Proxy** property.</p>
1. Under **Allow outbound internet access from Kubernetes cluster vms (IaaS-dependent)**, ignore the **Enable outbound internet access** checkbox.
1. Click **Save**.
###<a id='uaa'></a> UAA
<%= partial 'uaa' %>
###<a id='monitoring'></a> (Optional) Monitoring
<%= partial 'monitoring' %>
###<a id='telemetry'></a> CEIP and Telemetry
<%= partial 'usage-data' %>
###<a id='errands'></a> Errands
<%= partial 'errands' %>
###<a id='resource-config'></a> (Optional) Resource Config
Edit other resources used by the **Pivotal Container Service** job.
The **Pivotal Container Service** job requires a VM with the following minimum
resources:
<table>
<tr>
<th>CPU</th>
<th>Memory</th>
<th>Disk</th>
</tr>
<tr>
<td>2</td>
<td>8 GB</td>
<td>29 GB</td>
</tr>
</table>
<p class="note"><strong>Note</strong>: The automatic <b>VM Type</b> value matches the minimum recommended size for the <b>Pivotal Container Service</b> job. If you experience timeouts or slowness when interacting with the PKS API, select a <strong>VM Type</strong> with greater CPU and memory resources.</p>
## <a id='apply-changes'></a> Step 3: Apply Changes
<%= partial 'apply-changes' %>
## <a id='next-install-step'></a> Next Installation Step
To configure the PKS API load balancer, follow the procedures in [Configure PKS API Load Balancer](vsphere-configure-pks-api.html).