Kubernetes Base Addons Requirements
Kubernetes Base Addons (KBA) require more resources than solely deploying clusters. Some addons are prerequisites for others to deploy. Your cluster must have sufficient resources when deploying a Konvoy cluster, or you must adjust the addons deployed before running konvoy up
.
The following table describes all KBAs supplied, by default, with Konvoy, minimum resource suggestions and persistent storage requirements, and their default status when starting Konvoy.
Name of Addon | Description | Default Minimum Resources Suggested | Default Minimum Persistent Storage Required | Default On When konvoy init |
awsebscsiprovisioner | Supports persistent volumes on AWS | Yes | ||
awsebsprovisioner | Legacy “in-tree” volume provisioner | No | ||
azuredisk-csi-driver | Supports persistent volumes on Azure | cpu: 10m
memory: 20Mi |
No | |
azurediskprovisioner | Legacy volume provisioner | No | ||
cert-manager | Automates the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry. It has ACME integration which would allow users to get a Let’s Encrypt certificate automatically
and then talk to Let’s Encrypt server to get a valid certificate. |
cpu: 10m
memory: 32Mi |
Yes | |
dashboard | Provides a general-purpose web-based user interface for the Kubernetes cluster | cpu: 250m
memory: 300Mi |
Yes | |
defaultstorageclass-protection | Ensures that there is 1 default storage class (i.e. something that would provide a volume) | Yes | ||
dex | Provides identity service (authentication) to the Kubernetes clusters | cpu: 100m
memory: 50Mi |
Yes | |
dex-k8s-authenticator | Enables authentication flow to obtain `kubectl` token for accessing the cluster. | cpu: 100m
memory: 128Mi |
Yes | |
elasticsearch | Enables scalable, high-performance logging pipeline | cpu: 100m
memory: 1536Mi |
# of PVs: 7
Total size: 132Gi |
Yes |
elasticsearch-curator | Helps curate, or manage, your Elasticsearch indices and snapshots by obtaining the full list of indices (or snapshots) from the cluster, as the actionable list; iterate through a list of user-defined filters to progressively remove indices (or snapshots) from this actionable list as needed; and perform various actions on the items which remain in the actionable list. | cpu: 100m
memory: 128Mi |
Yes | |
elasticsearchexporter | The purpose of exporters is to take data collected from any Elastic Stack source and route it to the monitoring cluster | cpu: 100m
memory: 128Mi |
Yes | |
external-dns | Makes Kubernetes resources discoverable via public DNS servers; retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. It's not a DNS server itself, but merely configures other DNS providers accordingly. | cpu: 10m
memory: 50Mi |
Yes | |
flagger | Automates the release process for applications running on Kubernetes | cpu: 10m
memory: 32Mi |
No | |
fluentbit | Collects and collates logs from different sources and send logged messages to multiple destinations | cpu: 200m
memory: 200Mi |
Yes | |
gatekeeper | Policy controller for Kubernetes, allowing organizations to enforce configurable policies using the Open Policy Agent, a policy engine for Cloud Native environments hosted by CNCF as an incubation-level project. | cpu: 200m
memory: 300Mi |
Yes | |
istio Experimental | Helps you manage cloud-based deployments by providing an open-source service mesh to connect, secure, control, and observe microservices. | cpu: 10m
memory: 50Mi |
No | |
kibana | Supports data visualization for content indexed by Elasticsearch | cpu: 100m | Yes | |
konvoyconfig | Manages installation related configuration | Yes | ||
kube-oidc-proxy | Reverse proxy to authenticate to managed Kubernetes API servers via OIDC | Yes | ||
localvolumeprovisioner | Uses the local volume static provisioner to manage persistent volumes for pre-allocated disks. It does this by watching the /mnt/disks folder on each host and creating persistent volumes in the localvolumeprovisioner storage class for each disk that is discovered in this folder. | No | ||
nvidia | Enables deployment of NVIDIA GPU clusters | cpu: 100m
memory: 128Mi |
No | |
opsportal | Centralizes access to addon dashboards | cpu: 100m
memory: 128Mi |
Yes | |
prometheus | Collects and evaluates metrics for monitoring and alerting | cpu: 300m
memory: 1500Mi |
# of PVs: 1
Total size: 50Gi |
Yes |
prometheusadapter | Gathers the names of available metrics from Prometheus at a regular interval, and then only exposes metrics that follow specific forms. | cpu: 1000m
memory: 1000Mi |
Yes | |
reloader | Watches changes in `ConfigMap` and `Secret` and do rolling upgrades on Pods with their associated `DeploymentConfigs`, `Deployments`, `Daemonsets` and `Statefulsets` | cpu: 100m
memory: 128Mi |
Yes | |
traefik | Routes layer 7 traffic as a reverse proxy and load balancer. | cpu: 500m | Yes | |
traefik-forward-auth | Provides basic authorization for Traefik ingress | cpu: 100m
memory: 128Mi |
Yes | |
velero | Backs up and restores Kubernetes cluster resources and persistent volumes. | cpu: 250m
memory: 256Mi |
# of PVs: 4
Total size: 40Gi |
Yes |
dispatch | D2iQ’s cloud-native GitOps platform | cpu: 250m
memory: 256Mi |
No | |
kommander | D2iQ's administrative cluster for multi-cluster management of Kubernetes lifecycle, governance, and workloads | cpu: 100m
memory: 256Mi |
# of PVs: 3
Total size: 35Gi |
Yes |
Related information
For information on related topics or procedures, refer to the following: