The **container-service-extension** (`CSE`) is an add-on to VMware vCloud Director that helps tenants work with Kubernetes clusters.
# Overview
`CSE` enables Kubernetes as a service on vCloud Director (vCD) installations. `CSE` is based on VM templates that are automatically generated during the installation process, or anytime thereafter. vCD tenants can then request fully functional Kubernetes clusters that `CSE` instantiate on the tenant VDC from the templates, customized based on the tenant preferences.
![Image](cse_architecture.png)
The current document covers the following `CSE` topics:
- for System Administrators:
- [installation and configuration](#installation)
- [operation](#operation)
- for Tenants:
- [installation](#tenant-installation)
- [usage](#using-the-container-service)
- [programming](#scripting-and-programming)
- [static persistent volumes](#nfs-based-static-persistent-volumes)
- [reference](#reference)
- [command syntax](#command-syntax)
- [release notes](#release-notes)
# Installation
The `CSE` service is designed to be installed by the vCloud Director System Administrator on a virtual machine (the `CSE` appliance) with network connectivity to the vCloud Director infrastructure where the following components access is required:
- vCloud Director instance (Public Load Balancer VIP for multiple cells)
- vCenter Server
- AMQP Server
vCD tenants can use `CSE` through [vcd-cli](https://vmware.github.io/vcd-cli). Web UI access will be available in a future release.
## System Administrator Installation
Allocate a new virtual machine to run `CSE` (the `CSE` appliance) or use one of the existing servers in the vCloud Director installation. `CSE` requires Python 3.6 or higher. See the [Appendix](#appendix) at the end for installing Python 3 on different platforms.
The `CSE` appliance doesn't need access to the network where the master template will be created (`network` and `temp_vapp` configuration parameters) or the tenant networks where the clusters will be created. The `CSE` appliance requires network access to the vCD cell, AMQP server and vCenter server.
### 1\. Install `CSE` package.
```shell
$ pip3 install --user container-service-extension
$ cse version
CSE, Container Service Extension for VMware vCloud Director, version 0.3.0
```
Alternatively, `CSE` can be installed directly from GitHub specifying a version number with:
```shell
$ pip3 install --user git+https://github.com/vmware/[email protected]
```
The exact version might be different from the one listed above.
`CSE` can also be installed using [virtualenv](https://virtualenv.pypa.io) and [virtualenvwrapper](http://virtualenvwrapper.readthedocs.io). `pip3 install` can be used with additional options depending on the needs:
| option | meaning |
|:-----------------|:----------------------------------------------|
| `--user` | install to the Python user install directory |
| `--upgrade` | upgrade an existing installation |
| `--pre` | install a pre-release and development version |
| `--no-cache-dir` | disable the cache and download the package |
### 2\. Generate a skeleton configuration and provide site specific settings.
```shell
$ cse sample > config.yaml
```
Edit file `config.yaml` with the values for your vCloud Director installation. The following table describes the setting values.
#### `CSE` Configuration Settings
`CSE` supports multiple templates to create Kubernetes clusters. Each template might have a different guest OS or Kubernetes versions, and must have an unique name. One template has to be defined as the default. Tenants can specify the template to use during cluster or node creation, or use the default.
The configuration file has 5 sections:
- `amqp`: AMQP settings
- `vcd`: vCD settings
- `vcs`: vCenter Server settings
- `service`: service settings
- `broker`: service broker settings
Group 'vcd' has following key properties
| Property | Value |
|:------------------|:------------------------------------------------------------------------------------------------|
| `host` | IP or hostname of the vCloud Director |
| `username` | Username of the vCD service account with minimum roles and rights |
| `password` | Password of the vCD service account. |
It is recommended to create a service account for vCD with minimum required privileges (as it can be catastrophic if someone gets hold of credentials of the user account with admin-level privileges).
At high-level, below are minimum roles and (admin-view) rights required for the service account (they may subject to change with new versions of vCD)
- Catalog Author (Role)
- vApp Author (Role)
- vApp User (Role)
- vCenter: View (Right)
- vCenter: Refresh (Right)
- vCenter: Open in vSphere (Right)
- Task: View Tasks (Right)
- Task: Update (Right)
- Task: Resume, Abort, or Fail (Right)
- Catalog Item: Add to My Cloud (Right)
- Catalog Item: Create/Upload a vApp Template/Media (Right)
- Catalog Item: View vApp Templates/Media (Right)
- Catalog Item: Copy/Move a vApp Template/Media (Right)
- General: Administrator View (Right)
- Organization VDC: View Organization VDCs (Right)
- Organization VDC Network: View Properties (Right)
- Organization: View Organizations (Right)
Notes:
- Use commands from vcd-cli to get list of rights required by 'Catalog Author' and 'vApp Author' eg: vcd role list-rights 'Catalog Author'. Create a custom role with union of rights derived from above set of roles and rights and then assign the custom role to user account.
- Always ensure vCD service account has enough privileges. Another way is to create a role with Admin privileges and unselect (or) delete rights which are not required from the newly created role.
Group 'broker' has following key properties
| Property | Value | Value |
|:---------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------|
| `type` | Broker type, set to `default` | |
| `org` | vCD organization that contains the shared catalog where the master templates will be stored | |
| `vdc` | Virtual datacenter within `org` that will be used during the install process to build the template | |
| `network` | Org Network within `vdc` that will be used during the install process to build the template. It should have outbound access to the public Internet. The `CSE` appliance doesn't need to be connected to this network | |
| `ip_allocation_mode` | IP allocation mode to be used during the install process to build the template. Possible values are `dhcp` or `pool`. During creation of clusters for tenants, `pool` IP allocation mode is always used | |
| `catalog` | Public shared catalog within `org` where the template will be published
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
共70个文件
sh:20个
py:16个
txt:10个
资源分类:Python库 所属语言:Python 资源全名:container-service-extension-1.1.1.dev13.tar.gz 资源来源:官方 安装方法:https://lanzao.blog.csdn.net/article/details/101784059
资源推荐
资源详情
资源评论
收起资源包目录
container-service-extension-1.1.1.dev13.tar.gz (70个子文件)
container-service-extension-1.1.1.dev13
.travis.yml 395B
PKG-INFO 3KB
test-requirements.txt 62B
NOTICE.txt 476B
docs
_layouts
default.html 2KB
nfs_static_pv.md 7KB
_config.yml 167B
cse_architecture.png 43KB
nfs_roles_responsibilities.png 89KB
k8cluster_with_nfs.png 51KB
README.md 48KB
cse.service 323B
PULL_REQUEST_TEMPLATE.md 362B
container_service_extension
client
cluster.py 9KB
__init__.py 0B
cse.py 15KB
system.py 2KB
swagger
swagger.yaml 9KB
task.py 1KB
utils.py 3KB
broker.py 32KB
cluster.py 15KB
processor.py 6KB
service.py 8KB
__init__.py 0B
cse.py 6KB
consumer.py 8KB
config.py 26KB
open_source_license_container-service-extension_1.2.0_GA.txt 7KB
tests
deploy-app.sh 360B
add-nodes.sh 170B
create-clusters.sh 191B
list-apps.sh 174B
info-clusters.sh 121B
list-nodes.sh 118B
cluster.py 2KB
delete-clusters.sh 129B
config.yml 697B
tox.ini 391B
container_service_extension.egg-info
PKG-INFO 3KB
requires.txt 108B
not-zip-safe 1B
SOURCES.txt 2KB
entry_points.txt 61B
top_level.txt 28B
dependency_links.txt 1B
pbr.json 47B
.gitlab-ci.yml 439B
cleanup.sh 108B
CONTRIBUTING.md 3KB
setup.cfg 1KB
requirements.txt 120B
AUTHORS 505B
setup.py 305B
format-code.sh 234B
cse.sh 159B
CODE_OF_CONDUCT.md 1KB
ChangeLog 5KB
README.md 2KB
scripts
cust-photon-v2.sh 2KB
mstr-ubuntu-16.04.sh 339B
node-photon-v2.sh 208B
init-ubuntu-16.04.sh 365B
nfsd-ubuntu-16.04.sh 228B
init-photon-v2.sh 354B
cust-ubuntu-16.04.sh 3KB
node-ubuntu-16.04.sh 208B
mstr-photon-v2.sh 338B
publish.sh 158B
LICENSE.txt 1KB
共 70 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功