kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Proposed doc updated after discussions

This commit is contained in:
alok87 2016-12-01 09:13:18 +05:30
parent fa18857b43
commit c9751b66a9
1 changed files with 26 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
docs/bastion.md
View File

@ -12,38 +12,44 @@ Note: Bastion will get setup for the cluster(by default) only when `--topology="
### Specify instance type of bastion
Instance types in AWS comprise varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to choose the appropriate mix of resources for your applications.
```
kops create cluster --bastion-instance-type="t2.large"
- Bastion Instance type can be modified using `kops edit cluster`
- Defaults to `t2.medium`
#### TODO: add the example below for configuration
```
Bastion instance type will default to `t2.medium`
```
[More information](https://aws.amazon.com/ec2/instance-types/)
#### Enable/disable bastion, defaults to false
### Turn on/off bastion
To turn on/off bastion host setup completely.
- **Defaults** to `false` if the topology selected is `public`
- **Defaults** to `true` if the topology selected is `private`
| Turn on/off Bastion | Example | Bastion ASG settings
| ----------------------- |------------------------------------------ | --------------------
| Enable Bastion | `kops create cluster --bastion=true` | ASG's desired/min/max set to default value 1
| Disable Bastion | `kops create cluster --bastion=false` | ASG' desired/min/max = 0
#### Reach bastion from outside of vpc using a name
When the cluster is created using below -
```
kops create cluster --bastion-name="bastion" --dns-zone="uswest1.clusters.example.com"
```
This will create a route53 entry for `bastion.uswest1.clusters.example.com` mapping with bastion ASG's ELB. And bastion can be reached using
```
ssh -i <key> ubuntu@bastion.uswest1.clusters.example.com
kops create cluster --bastion=[true|false]
```
### High idle timeout for bastion ASG's ELB.
### Reach bastion from outside of vpc using a name
By default, elastic load balancing sets the idle timeout to 60 seconds. This value can be configured by the user using `-bastion-elb-idle-timeout=120` for making it 120 seconds.
- **Default:** CNAME for the bastion is only created when the user explicitly define it using `kops edit cluster`
- **Configure:** Bastion friendly CNAME can be configured using `kops edit cluster`
#### TODO: add the example below for configuration
```
```
### High idle timeout for bastion ASG's ELB. (Configurable LoadBalancer Attributes)
By default, elastic load balancing sets the idle timeout to `60` seconds.
- **Default:** Bastion ELB in kops will have `120` seconds as their default timeout.
- **Configure:** This value can be configured using `kops edit cluster`
#### TODO: add the example below for configuration
```
```
[More information](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html)
### Improve access to bastion instances