Platform Service Requirements

Kubernetes Platform Services Descriptions and Resource Requirements

Platform Services Requirements

Platform Services require more resources than solely deploying clusters. Some are prerequisites for others to deploy. Your cluster must have sufficient resources when deploying a Konvoy cluster, or you must adjust the services deployed before running konvoy up.

The following table describes all services supplied, by default, with Konvoy, minimum resource suggestions and persistent storage requirements, and their default status when starting Konvoy.

Name of Service Description Default Minimum Resources Suggested Default Minimum Persistent Storage Required Default On When konvoy init
awsebscsiprovisioner Supports persistent volumes on AWS Yes
awsebsprovisioner Legacy “in-tree” volume provisioner No
azuredisk-csi-driver Supports persistent volumes on Azure cpu: 10m memory: 20Mi No
azurediskprovisioner Legacy volume provisioner No
cert-manager Automates the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry. It has ACME integration which would allow users to get a Let’s Encrypt certificate automatically and then talk to Let’s Encrypt server to get a valid certificate. cpu: 10m memory: 32Mi Yes
dashboard Provides a general-purpose web-based user interface for the Kubernetes cluster cpu: 250m memory: 300Mi Yes
defaultstorageclass-protection Ensures that there is 1 default storage class (that is, something that would provide a volume) Yes
dex Provides identity service (authentication) to the Kubernetes clusters cpu: 100m memory: 50Mi Yes
dex-k8s-authenticator Enables authentication flow to obtain `kubectl` token for accessing the cluster. cpu: 100m memory: 128Mi Yes
elasticsearch Enables scalable, high-performance logging pipeline cpu: 4.6 memory: 21Gi # of PVs: 7 PV sizes: 4Gi x 3, 30Gi x 4 (total: 132Gi) Yes
elasticsearch-curator Helps curate, or manage, your Elasticsearch indices and snapshots by obtaining the full list of indices (or snapshots) from the cluster, as the actionable list; iterate through a list of user-defined filters to progressively remove indices (or snapshots) from this actionable list as needed; and perform various actions on the items which remain in the actionable list. cpu: 100m memory: 128Mi Yes
elasticsearchexporter The purpose of exporters is to take data collected from any Elastic Stack source and route it to the monitoring cluster cpu: 100m memory: 128Mi Yes
external-dns Makes Kubernetes resources discoverable using public DNS servers; retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. It's not a DNS server itself, but merely configures other DNS providers accordingly. cpu: 10m memory: 50Mi Yes
flagger Automates the release process for applications running on Kubernetes cpu: 10m memory: 32Mi No
fluentbit Collects and collates logs from different sources and send logged messages to multiple destinations cpu: 200m memory: 200Mi Yes
gatekeeper Policy controller for Kubernetes, allowing organizations to enforce configurable policies using the Open Policy Agent, a policy engine for Cloud Native environments hosted by CNCF as an incubation-level project. cpu: 200m memory: 300Mi Yes
istio Experimental Helps you manage cloud-based deployments by providing an open-source service mesh to connect, secure, control, and observe microservices. cpu: 10m memory: 50Mi No
kibana Supports data visualization for content indexed by Elasticsearch cpu: 100m Yes
konvoyconfig Manages installation related configuration Yes
kube-oidc-proxy Reverse proxy to authenticate to managed Kubernetes API servers via OIDC Yes
localvolumeprovisioner Uses the local volume static provisioner to manage persistent volumes for pre-allocated disks. It does this by watching the /mnt/disks folder on each host and creating persistent volumes in the localvolumeprovisioner storage class for each disk that is discovered in this folder. cpu: 100m memory: 128Mi No
opsportal Centralizes access to addon dashboards cpu: 100m memory: 128Mi Yes
prometheus Collects and evaluates metrics for monitoring and alerting cpu: 300m memory: 1500Mi # of PVs: 1 PV sizes: 50Gi Yes
prometheusadapter Gathers the names of available metrics from Prometheus at a regular interval, and then only exposes metrics that follow specific forms. cpu: 1000m memory: 1000Mi Yes
reloader Watches changes in `ConfigMap` and `Secret` and do rolling upgrades on Pods with their associated `DeploymentConfigs`, `Deployments`, `Daemonsets` and `Statefulsets` cpu: 100m memory: 128Mi Yes
traefik Routes layer 7 traffic as a reverse proxy and load balancer. cpu: 500m Yes
traefik-forward-auth Provides basic authorization for Traefik ingress cpu: 100m memory: 128Mi Yes
velero Backs up and restores Kubernetes cluster resources and persistent volumes. cpu: 250m memory: 256Mi # of PVs: 4 PV sizes: 4 x 10Gi (total: 40Gi) Yes
dispatch D2iQ’s cloud-native GitOps platform cpu: 250m memory: 256Mi No
kommander D2iQ's administrative cluster for multi-cluster management of Kubernetes lifecycle, governance, and workloads cpu: 100m memory: 256Mi # of PVs: 3 PV sizes: 0.2Gi, 32Gi, 2Gi (total: 35Gi) Yes

Kubernetes Platform Services

The table below lists all supplied Platform Services and their version number.

Namespace Name Version App Version Kind
ambassador 1.8.0-2 1.8.0 ClusterAddon
awsebscsiprovisioner 0.8.0-1 0.8.0 ClusterAddon
awsebsprovisioner 1.0.0-1 1.0 ClusterAddon
azuredisk-csi-driver 0.7.2-3 0.7.2 ClusterAddon
azurediskprovisioner 1.0.0-2 1.0 ClusterAddon
cert-manager 1.0.3-7 1.0.3 ClusterAddon
dashboard 2.7.1-3 2.7.1 ClusterAddon
defaultstorageclass-protection 0.0.4-3 0.0.4 ClusterAddon
external-dns 0.7.0-4 0.7.0 ClusterAddon
gcpdisk-csi-driver 0.7.1-2 0.7.1 ClusterAddon
gcpdiskprovisioner 1.0.0-2 1.0 ClusterAddon
istio 1.8.2-2 1.8.2 ClusterAddon
jaeger 2.18.3-4 1.21.0 ClusterAddon
kiali 1.29.0-2 1.29.0 ClusterAddon
localvolumeprovisioner 1.0.0-1 1.0 ClusterAddon
metallb 0.9.3-5 0.9.3 ClusterAddon
traefik 1.7.24-25 1.7.24 ClusterAddon
velero 1.5.2-1 null ClusterAddon
vsphere-csi-driver 1.2.1-1 2.0.1 ClusterAddon
kubeaddons dex-k8s-authenticator 1.2.2-5 v1.2.2 Addon
kubeaddons dex 2.27.0-1 2.27.0 Addon
kubeaddons elasticsearch-curator 5.8.1-4 5.8.1 Addon
kubeaddons elasticsearchexporter 1.1.0-4 1.1.0 Addon
kubeaddons elasticsearch 6.8.13-11 6.8.13 Addon
kubeaddons fluentbit 1.6.8-2 1.6.8 Addon
kubeaddons gatekeeper 3.2.2-1 3.2.2 Addon
kubeaddons kibana 6.8.13-13 6.8.13 Addon
kubeaddons konvoyconfig 0.0.4-4 0.0.4 Addon
kubeaddons kube-oidc-proxy 0.2.0-2 v0.2.0 Addon
kubeaddons nvidia 0.2.0-8 0.2.0 ClusterAddon
kubeaddons opsportal 1.5.0-5 1.5.0 Addon
kubeaddons prometheusadapter v0.7.0-4 v0.7.0 Addon
kubeaddons prometheus 0.44.0-1 2.22.1 Addon
kubeaddons reloader v0.0.79-1 v0.0.79 Addon
kubeaddons traefik-forward-auth 1.0.5-1 null Addon
kubeaddons-flagger flagger 0.19.0-4 0.19.0 ClusterAddon

For information on related topics or procedures, refer to the following: