The sample YAML file ncp-rc.yml contains a ConfigMap for the configuration file ncp.ini. This ConfigMap section contains parameters that you must specify before you install NCP, as described in the previous section.

The sample ncp-rc.yml that you download has the following ncp.ini information:

# ConfigMap for ncp.ini
apiVersion: v1
kind: ConfigMap
metadata:
  name: nsx-ncp-config
  labels:
    version: v1
data:
  ncp.ini: |
    [DEFAULT]

    # Set to True to enable logging to stderr
    use_stderr = True
    # Set to True to send logs to the syslog daemon
    # use_syslog = False
    # Enabler debug-level logging for the root logger. If set to True, the
    # root logger debug level will be DEBUG, otherwise it will be INFO.
    # debug = True

    # Log file path for NCP operations.
    log_dir = /var/log/nsx-ujo/

    [coe]
    #
    # Common options for Container Orchestrators
    #

    # Container orchestrator adaptor to plug in
    # Options: kubernetes (default), cloud-foundry, openshift
    # adaptor = kubernetes

    # Specify cluster for adaptor. It is a prefix of NSX resources name to
    # distinguish multiple clusters who are using the same NSX.
    # This is also used as the tag of IP blocks for cluster to allocate
    # IP addresses. Different clusters should have different IP blocks.
    # Each cluster in an NSX installation must have a unique name.
    # cluster = k8scluster

    # Log level for the NCP operations. If set, overrides the level specified
    # for the root logger. Possible values are NOTSET, DEBUG, INFO, WARNING,
    # ERROR, CRITICAL
    #loglevel=None

    # Log level for the NSX API client operations. If set, overrides the level
    # specified for the root logger. Possible values are NOTSET, DEBUG, INFO,
    # WARNING, ERROR, CRITICAL
    nsxlib_loglevel=INFO

    [k8s]
    #
    # From kubernetes
    #

    # IP address of the Kubernetes API Server. If not set, will try to
    # read and use the Kubernetes Service IP from environment variable
    # KUBERNETES_SERVICE_HOST.
    #apiserver_host_ip = <ip_address>

    # Port of the Kubernetes API Server.
    # Set to 6443 for https. If not set, will try to
    # read and use the Kubernetes Service port from environment
    # variable KUBERNETES_SERVICE_PORT.
    #apiserver_host_port = <port>

    # Specify a CA bundle file to use in verifying the Kubernetes API server
    # certificate. (string value)
    #ca_file = <None>
    ca_file = /var/run/secrets/kubernetes.io/serviceaccount/ca.crt

    # Full path of the Token file to use for authenticating with the k8s API server.
    #client_token_file = <None>
    client_token_file = /var/run/secrets/kubernetes.io/serviceaccount/token

    # Full path of the client certificate file to use for authenticating
    # with the k8s API server. It must be specified together with
    # "client_private_key_file"
    #client_cert_file = <None>

    # Full path of the client certificate file to use for authenticating
    # with the k8s API server. It must be specified together with
    # "client_cert_file"
    #client_private_key_file = <None>

    # Log level for the kubernetes adaptor. If set, overrides the level specified
    # for the root logger. Possible values are NOTSET, DEBUG, INFO, WARNING,
    # ERROR, CRITICAL
    #loglevel=None

    # Specify how ingress controllers are expected to be deployed. Possible values:
    # hostnetwork or nat. NSX will create NAT rules only in the second case.
    #ingress_mode = hostnetwork

    [nsx_v3]
    #
    # From nsx
    #

    # IP address of one or more NSX managers separated by commas. The IP address
    # should be of the form (list value):
    # <ip_address1>[:<port1>],<ip_address2>[:<port2>],...
    # HTTPS will be used for communication with NSX. If port is not provided,
    # port 443 will be used.
    #nsx_api_managers = <ip_address>

    # Specify a CA bundle file to use in verifying the NSX Manager server
    # certificate. This option is ignored if "insecure" is set to True. If
    # "insecure" is set to False and ca_file is unset, the system root CAs will be
    # used to verify the server certificate. (string value)
    #ca_file = <None>

    # Path to NSX client certificate file. If specified, the nsx_api_user and
    # nsx_api_passsword options will be ignored. This option must be specified
    # along with "nsx_api_private_key_file" option.
    # nsx_api_cert_file = <None>

    # Path to NSX client private key file. If specified, the nsx_api_user and
    # nsx_api_passsword options will be ignored. This option must be specified
    # along with "nsx_api_cert_file" option.
    # nsx_api_private_key_file = <None>

    # The time in seconds before aborting a HTTP connection to a NSX manager.
    # (integer value)
    #http_timeout = 10

    # The time in seconds before aborting a HTTP read response from a NSX manager.
    # (integer value)
    #http_read_timeout = 180

    # Maximum number of times to retry a HTTP connection. (integer value)
    #http_retries = 3

    # Maximum concurrent connections to each NSX manager. (integer value)
    #concurrent_connections = 10

    # The amount of time in seconds to wait before ensuring connectivity to the NSX
    # manager if no manager connection has been used. (integer value)
    #conn_idle_timeout = 10

    # Number of times a HTTP redirect should be followed. (integer value)
    #redirects = 2

    # Maximum number of times to retry API requests upon stale revision errors.
    # (integer value)
    #retries = 10

    # Subnet prefix of IP block. IP block will be retrieved from NSX API and
    # recognised by tag 'cluster'.
    # Prefix should be less than 31, as two addresses(the first and last addresses)
    # need to be network address and broadcast address.
    # The prefix is fixed after the first subnet is created. It can be changed only
    # if there is no subnets in IP block.
    #subnet_prefix = 24

    # Subnet prefix of external IP block. Use subnet_prefix if not specified.
    #external_subnet_prefix = <None>

    # Indicates whether distributed firewall DENY rules are logged.
    #log_dropped_traffic = False