kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add documentation on gossip

This commit is contained in:
Ole Markus With 2020-05-10 20:38:25 +02:00
parent 8768178082
commit 44ad2dd262
4 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/bastion.md
View File

@ -86,10 +86,10 @@ spec:
- "sg-***" - "sg-***"
``` ```
### Access when using gossip (k8s.local) ### Access when using gossip
When using gossip mode, there is no DNS zone where we can configure a When using [gossip mode](gossip.md), there is no DNS zone where we can configure a
CNAME for the bastion. Because bastions are fronted with a load CNAME for the bastion. Because bastions are fronted with a load
balancer, you can instead use the endpoint of the load balancer to balancer, you can instead use the endpoint of the load balancer to
reach your bastion. reach your bastion.

8
docs/getting_started/aws.md
View File

@ -64,17 +64,13 @@ export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)
## Configure DNS ## Configure DNS
Note: If you are using Kops 1.6.2 or later, then DNS configuration is
optional. Instead, a gossip-based cluster can be easily created. The
only requirement to trigger this is to have the cluster name end with
`.k8s.local`. If a gossip-based cluster is created then you can skip
this section.
In order to build a Kubernetes cluster with `kops`, we need to prepare In order to build a Kubernetes cluster with `kops`, we need to prepare
somewhere to build the required DNS records. There are three scenarios somewhere to build the required DNS records. There are three scenarios
below and you should choose the one that most closely matches your AWS below and you should choose the one that most closely matches your AWS
situation. situation.
Note: if you want to use [gossip-based DNS](../gossip.md), you can skip this section.
### Scenario 1a: A Domain purchased/hosted via AWS ### Scenario 1a: A Domain purchased/hosted via AWS
If you bought your domain with AWS, then you should already have a hosted zone If you bought your domain with AWS, then you should already have a hosted zone

29
docs/gossip.md Normal file
View File

@ -0,0 +1,29 @@
# Gossip DNS
Gossip-based clusters uses a peer-to-peer network for propagating the K8s API address instead of normal DNS.
This means that no hosted zone is needed for the cluster.
Gossip does not suffer potential disruptions due to the DNS TTL as the propagation is almost instant.
Gossip is also the only option if you want to deploy a cluster in any of the China of GovCloud AWS regions as Route 53 is not available there.
## Configuring a cluster to use Gossip
The only thing you need to do in order to use gossip-based DNS is to use the `k8s.local` suffix for the cluster domain name.
## Accessing the cluster
### Kubernetes API
When using gossip mode, you have to expose the kubernetes API using a loadbalancer. Since there is no hosted zone for gossip-based clusters, you simply use the load balancer address directly. The user experience is identical to standard clusters. Kops will add the ELB DNS name to the kops-generated kubernetes configuration.
### Bastion
If you are using [bastion hosts](bastion.md), it is a bit tricky to find the bastion address name. On AWS, you can run the following command:
```
kops toolbox dump -ojson | grep 'bastion.*elb.amazonaws.com'
```

1
mkdocs.yml
View File

@ -81,6 +81,7 @@ nav:
- Service Account Token Volume: "operations/service_account_token_volumes.md" - Service Account Token Volume: "operations/service_account_token_volumes.md"
- Moving from a Single Master to Multiple HA Masters: "single-to-multi-master.md" - Moving from a Single Master to Multiple HA Masters: "single-to-multi-master.md"
- Running kops in a CI environment: "continuous_integration.md" - Running kops in a CI environment: "continuous_integration.md"
- Gossip DNS: "gossip.md"
- etcd: - etcd:
- etcd administration: "operations/etcd_administration.md" - etcd administration: "operations/etcd_administration.md"
- etcd backup, restore and encryption: "operations/etcd_backup_restore_encryption.md" - etcd backup, restore and encryption: "operations/etcd_backup_restore_encryption.md"