K8s datasource configuration doc
this document describes how to config kubernetes datasource: * copy kubernetes cluster config file * copy keys to establish SSL connection * config vitrage.conf Change-Id: I146cf9811cedffb2e4fed6ee96937e6c53e44588
This commit is contained in:
Idan Kinory
parent
7d484d979c
commit
1149e45757
@ -25,7 +25,7 @@ Datasources
|
||||
static-config
|
||||
static-physical-config
|
||||
zabbix_vitrage
|
||||
|
||||
k8s_datasource
|
||||
|
||||
Notifiers
|
||||
---------
|
||||
|
||||
83
doc/source/contributor/k8s_datasource.rst
Normal file
83
doc/source/contributor/k8s_datasource.rst
Normal file
@ -0,0 +1,83 @@
|
||||
=====================
|
||||
Kubernetes datasource
|
||||
=====================
|
||||
|
||||
This document describes how to configure kubernetes datasource properly.
|
||||
Note that currently we support only Kubernetes on top of Nova (k8s nodes must be nova.instance)
|
||||
|
||||
Datasource configuration
|
||||
------------------------
|
||||
|
||||
|
||||
Step 1
|
||||
_______
|
||||
|
||||
In order to access k8s cluster the following files should be copied from k8s master and stored in the same machine as vitrage :
|
||||
* kubeconfig - kubernetes cluster config file is called kubeconfig.
|
||||
* certificate-authority (ca.pem)
|
||||
* client-certificate (kubectl.pem)
|
||||
* client-key (kubectl-key.pem)
|
||||
|
||||
|
||||
|
||||
Kubeconfig example ::
|
||||
|
||||
|
||||
apiVersion: v1
|
||||
kind: Config
|
||||
clusters:
|
||||
- cluster:
|
||||
certificate-authority: /home/k8s/ca.pem
|
||||
server: https://<IP>:<Port>
|
||||
name: bcmt-kubernetes
|
||||
contexts:
|
||||
- context:
|
||||
cluster: bcmt-kubernetes
|
||||
namespace: kube-system
|
||||
user: kubelet
|
||||
name: kubelet-context
|
||||
current-context: kubelet-context
|
||||
preferences: {}
|
||||
users:
|
||||
- name: kubelet
|
||||
user:
|
||||
client-certificate: /home/k8s/kubectl.pem
|
||||
client-key: /home/k8s/kubectl-key.pem
|
||||
|
||||
|
||||
|
||||
keys location (.pem) is usually at ``/etc/kubernetes/ssl``
|
||||
|
||||
kubeconfig is usually at ``$HOME/.kube/config``
|
||||
|
||||
Make sure to place the files in the same path as written in kubeconfig file.
|
||||
for example ``ca.pem`` at ``/home/k8s/ca.pem``
|
||||
|
||||
|
||||
|
||||
Better option is to create a new user + corresponding SSL keys
|
||||
|
||||
This requires new SSL keys and some basic understanding in kubernetes (config new user credentials and rules).
|
||||
this might be more complicated than the first approach.
|
||||
|
||||
|
||||
Step 2
|
||||
_______
|
||||
|
||||
In ``/etc/vitrage/vitrage.conf``:
|
||||
|
||||
Set the location for kubeconfig file:
|
||||
|
||||
[kubernetes]
|
||||
|
||||
config_file = /home/k8s/kubeconfig
|
||||
|
||||
|
||||
Add kubernetes to the list of active datasources:
|
||||
|
||||
[datasources]
|
||||
|
||||
types = nova.host,nova.instance,nova.zone,aodh,static,cinder.volume,neutron.network,neutron.port,kubernetes
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user