Creating Additional Kubernetes Clusters
Creating an additional Kubernetes cluster is optional. Although one Kubernetes cluster is automatically created during the bootstrap process you may prefer to create a new Kubernetes cluster to isolate one set of Elastic Path services from other services. For more information about this architecture, see Multi-Cluster Architecture.
Creating a Additional Kubernetes Cluster
To create an additional cluster using CloudOps for Kubernetes, run the create-additional-kubernetes-cluster
job in Jenkins.
The cluster name is specified as a job parameter and a DNS CNAME record
is created for this cluster with the recordSetName *.central<clusterName>
. This new secondary cluster will share the following resources with the primary cluster that was created using docker-compose:
- Docker container registry
- DNS zone
- AWS account (where applicable)
- Azure subscription(where applicable)
- Azure resource group(where applicable)
- Web Application Firewall(AWS only)
- Terraform backend
- Repositories
Jenkins parameters
The create-additional-kubernetes-cluster
Jenkins job includes the following parameters:
Universal parameters
deleteCluster
Whether to delete the cluster created by this job. If no cluster has been created, the job can still be run to build the bootstrap Docker image.
buildBootstrap
When specified, the job will re-build the bootstrap Docker image. This parameter must be set to true
when first running this job.
clusterName
The name of the Kubernetes cluster to create. This value is also used to determine the DNS records for this cluster. For more information about how DNS and cluster names are used, see URL reference.
enableNewRelic
(optional) Whether or not to enable New Relic on the newly created Kubernetes cluster. If set to true
you must also specify values for a New Relic License key and New Relic cluster name to use with New Relic.
newRelicLicenseKey
(optional) The New Relic License Key to use with the newly created cluster.
newRelicClusterName
(optional) The name of the cluster set in New Relic.
enablePrometheus
Whether or not to enable Prometheus in the cluster.
alertLogicKey
(optional) The Alert Logic registration key to use. If left blank, Alert Logic is not enabled on this cluster.
hubAllowedCidr
The CIDR range that is allowed to access Jenkins and Nexus on the new server.
cloudOpsForKubernetesBranch
The branch of CloudOps for Kubernetes to use when running the job. This determines which scripts are used when the job is run.
cloudOpsForKubernetesRepoURL
The Git repository from which to pull CloudOps for Kubernetes code. This determines which scripts are used when the job is run.
AWS specific parameters
enableCloudWatch
Whether to install a Fluentd agent to forward all Pod logs to CloudWatch.
eksInstanceType
The AWS EC2 instance size to use for the Kubernetes worker nodes.
eksMinNodeCount
The minimum number of nodes per node group. By default, three node groups will be created, so a value of 1
will create 3 nodes, 2
will create 6 nodes, and so on.
vpcCidr
The CIDR for the VPC that will be created. If you are using multiple connected VPCs or are connecting this VPC with other resources, it is a best practice to ensure the CIDR ranges do not overlap.
Azure specific parameters
letsEncryptEmail
The email to register with Let’s Encrypt that will be used to contact you with issues and notifications around any generated SSL certificates.
aksNodeVMSize
The size of the virtual machines in the AKS cluster, such as StandardF8s_v2
for production or Standard_B4ms
for developer grade nodes.
warning
Unless modifications are made to cloudops-for-kubernetes
, ensure that you use a virtual machine with at least 4 cores, 14GB of RAM, and support for Premium Storage.
note
The Azure Kubernetes Service (AKS) does not support all of the virtual machine sizes provided by Azure. For information about Azure’s VMs sizes, see Sizes for Linux virtual machines in Azure in the Azure documentation. To validate if a particular VM size is supported by AKS, please contact Azure Support.
aksNodeCount
The starting number of virtual machines in the AKS cluster.
- The minimum value is
1
- The maximum value is
100
For more information about AKS cluster size limits, see Azure subscription and service limits, quotas, and constraints in the Azure documentation.
apiServerCidr
The CIDR range that is allowed to authenticate and manage the newly created Azure Kuberntes Service cluster. This value can later be updated using the Azure CLI command:
az aks update --resource-group {your resource group} --name {clusterName} --subscription {your Azure subscription} --api-server-authorized-ip-ranges {comma separated list of source CIDR ranges}
location
Enter the Azure short name of the Azure location or region for AKS cluster, such as westus
or eastus
.
To obtain a list of Azure location short names use the following Azure CLI command:
az account list-locations | jq -r '.[].name'
note
Ensure that you specify an Azure location which supports all of the Azure services that Elastic Path requires, such as AKS and Azure Database for MySQL.
For more information, see the Azure Documentation.