From c0579b37894848bf3c178c2bdc1c4a60eb448674 Mon Sep 17 00:00:00 2001 From: CecileRobertMichon Date: Wed, 16 May 2018 11:53:52 -0700 Subject: [PATCH 1/4] fix example typo --- .../kubernetes-private-cluster-single-master.json | 2 +- examples/kubernetes-config/kubernetes-private-cluster.json | 2 +- pkg/acsengine/defaults.go | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/examples/kubernetes-config/kubernetes-private-cluster-single-master.json b/examples/kubernetes-config/kubernetes-private-cluster-single-master.json index 8a6673c4f1..806c0fbefd 100644 --- a/examples/kubernetes-config/kubernetes-private-cluster-single-master.json +++ b/examples/kubernetes-config/kubernetes-private-cluster-single-master.json @@ -9,7 +9,7 @@ "jumpboxProfile": { "name": "my-jb", "vmSize": "Standard_D2_v2", - "diskSizeGB": 30, + "osDiskSizeGB": 30, "username": "azureuser", "publicKey": "" } diff --git a/examples/kubernetes-config/kubernetes-private-cluster.json b/examples/kubernetes-config/kubernetes-private-cluster.json index 2b214b92f8..ca1929d17e 100644 --- a/examples/kubernetes-config/kubernetes-private-cluster.json +++ b/examples/kubernetes-config/kubernetes-private-cluster.json @@ -9,7 +9,7 @@ "jumpboxProfile": { "name": "my-jb", "vmSize": "Standard_D2_v2", - "diskSizeGB": 30, + "osDiskSizeGB": 30, "username": "azureuser", "publicKey": "" } diff --git a/pkg/acsengine/defaults.go b/pkg/acsengine/defaults.go index 4327a09579..668e206f39 100644 --- a/pkg/acsengine/defaults.go +++ b/pkg/acsengine/defaults.go @@ -733,10 +733,8 @@ func setAgentNetworkDefaults(a *api.Properties) { // Allocate IP addresses for pods if VNET integration is enabled. if a.OrchestratorProfile.IsAzureCNI() { - if a.OrchestratorProfile.OrchestratorType == api.Kubernetes { agentPoolMaxPods, _ := strconv.Atoi(profile.KubernetesConfig.KubeletConfig["--max-pods"]) profile.IPAddressCount += agentPoolMaxPods - } } } } From f647464c907afbccfb518299c77e382443fc25a7 Mon Sep 17 00:00:00 2001 From: CecileRobertMichon Date: Wed, 16 May 2018 15:21:50 -0700 Subject: [PATCH 2/4] improve documentation about max pods --- docs/kubernetes/features.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/kubernetes/features.md b/docs/kubernetes/features.md index bc55ea899a..73e7a7ca3a 100644 --- a/docs/kubernetes/features.md +++ b/docs/kubernetes/features.md @@ -204,7 +204,7 @@ you can define stricter policies. Good resources to get information about that a *Note: Custom VNET for Kubernetes Windows cluster has a [known issue](https://github.com/Azure/acs-engine/issues/1767).* -ACS Engine supports deploying into an existing VNET. Operators must specify the ARM path/id of Subnets for the `masterProfile` and any `agentPoolProfiles`, as well as the first IP address to use for IP static IP allocation in `firstConsecutiveStaticIP`. Additionally, to prevent source address NAT'ing within the VNET, we assign to the `vnetCidr` property in `masterProfile` the CIDR block that represents the usable address space in the existing VNET. +ACS Engine supports deploying into an existing VNET. Operators must specify the ARM path/id of Subnets for the `masterProfile` and any `agentPoolProfiles`, as well as the first IP address to use for static IP allocation in `firstConsecutiveStaticIP`. Please note that in any azure subnet, the first four and the last ip address is reserved and can not be used. Additionally, each POD now gets the IP address from the Subnet. As a result, enough IP addresses (equal to `ipAddressCount` for each node) should be available beyond `firstConsecutiveStaticIP`. By default, the `ipAddressCount` has a value of 31, 1 for the node and 30 for pods, (note that the number of pods can be changed via `KubeletConfig["--max-pods"]`). `ipAddressCount` can be changed if desired. Furthermore, to prevent source address NAT'ing within the VNET, we assign to the `vnetCidr` property in `masterProfile` the CIDR block that represents the usable address space in the existing VNET. Depending upon the size of the VNET address space, during deployment, it is possible to experience IP address assignment collision between the required Kubernetes static IPs (one each per master and one for the API server load balancer, if more than one masters) and Azure CNI-assigned dynamic IPs (one for each NIC on the agent nodes). In practice, the larger the VNET the less likely this is to happen; some detail, and then a guideline. From 20b6bb819b13adf05e1d9b93e021c47c7a60f81f Mon Sep 17 00:00:00 2001 From: CecileRobertMichon Date: Wed, 16 May 2018 15:48:49 -0700 Subject: [PATCH 3/4] go fmt --- pkg/acsengine/defaults.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/acsengine/defaults.go b/pkg/acsengine/defaults.go index 668e206f39..317fe6a7d6 100644 --- a/pkg/acsengine/defaults.go +++ b/pkg/acsengine/defaults.go @@ -733,8 +733,8 @@ func setAgentNetworkDefaults(a *api.Properties) { // Allocate IP addresses for pods if VNET integration is enabled. if a.OrchestratorProfile.IsAzureCNI() { - agentPoolMaxPods, _ := strconv.Atoi(profile.KubernetesConfig.KubeletConfig["--max-pods"]) - profile.IPAddressCount += agentPoolMaxPods + agentPoolMaxPods, _ := strconv.Atoi(profile.KubernetesConfig.KubeletConfig["--max-pods"]) + profile.IPAddressCount += agentPoolMaxPods } } } From 50aec7d5e70fa636e1cae1612c24857699577a97 Mon Sep 17 00:00:00 2001 From: CecileRobertMichon Date: Thu, 17 May 2018 15:41:29 -0700 Subject: [PATCH 4/4] fix typo --- docs/kubernetes/features.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/kubernetes/features.md b/docs/kubernetes/features.md index 73e7a7ca3a..fdc5a619ad 100644 --- a/docs/kubernetes/features.md +++ b/docs/kubernetes/features.md @@ -204,7 +204,7 @@ you can define stricter policies. Good resources to get information about that a *Note: Custom VNET for Kubernetes Windows cluster has a [known issue](https://github.com/Azure/acs-engine/issues/1767).* -ACS Engine supports deploying into an existing VNET. Operators must specify the ARM path/id of Subnets for the `masterProfile` and any `agentPoolProfiles`, as well as the first IP address to use for static IP allocation in `firstConsecutiveStaticIP`. Please note that in any azure subnet, the first four and the last ip address is reserved and can not be used. Additionally, each POD now gets the IP address from the Subnet. As a result, enough IP addresses (equal to `ipAddressCount` for each node) should be available beyond `firstConsecutiveStaticIP`. By default, the `ipAddressCount` has a value of 31, 1 for the node and 30 for pods, (note that the number of pods can be changed via `KubeletConfig["--max-pods"]`). `ipAddressCount` can be changed if desired. Furthermore, to prevent source address NAT'ing within the VNET, we assign to the `vnetCidr` property in `masterProfile` the CIDR block that represents the usable address space in the existing VNET. +ACS Engine supports deploying into an existing VNET. Operators must specify the ARM path/id of Subnets for the `masterProfile` and any `agentPoolProfiles`, as well as the first IP address to use for static IP allocation in `firstConsecutiveStaticIP`. Please note that in any azure subnet, the first four and the last ip address is reserved and can not be used. Additionally, each pod now gets the IP address from the Subnet. As a result, enough IP addresses (equal to `ipAddressCount` for each node) should be available beyond `firstConsecutiveStaticIP`. By default, the `ipAddressCount` has a value of 31, 1 for the node and 30 for pods, (note that the number of pods can be changed via `KubeletConfig["--max-pods"]`). `ipAddressCount` can be changed if desired. Furthermore, to prevent source address NAT'ing within the VNET, we assign to the `vnetCidr` property in `masterProfile` the CIDR block that represents the usable address space in the existing VNET. Therefore, it is recommended to use a large subnet size such as `/16`. Depending upon the size of the VNET address space, during deployment, it is possible to experience IP address assignment collision between the required Kubernetes static IPs (one each per master and one for the API server load balancer, if more than one masters) and Azure CNI-assigned dynamic IPs (one for each NIC on the agent nodes). In practice, the larger the VNET the less likely this is to happen; some detail, and then a guideline.