Add-Ons Configurations

vsphere-csi

Option	Description
Zone	Zone is the tag category name defined in vCenter Server. Tags belonging to this category are assigned to the host or vSphere cluster objects for marking the storage topology.
Region	Region is the tag category name defined in vCenter Server. Tags belonging to this category are assigned to the Data Center objects for marking the storage topology.
Storage Class	Enter the storage class name. This storage class is used to provision persistent volumes dynamically. A storage class with this name is created in the Kubernetes cluster.
IsDefault	Select True to set this storage class as default.
Reclaim Policy	Select whether to delete or retain the add-on during a reclaim event.
Datastore URL	Enter the datastore URL.

nfs-client

Option	Description
Storage Class	Enter the storage class name. This storage class is used to provision persistent volumes dynamically. A storage class with this name is created in the Kubernetes cluster.
Is Default	To set this storage class as default, select True.
NFS Server Address	For an IPv4 cluster, enter the IPv4 address or FQDN of the NFS Server. For an IPv6 cluster, enter the FQDN.
Path	Enter server IP address and mount path of the NFS client. Ensure that the NFS server is reachable from the cluster. The mount path must also be accessible to read and write.

harbor

If a Harbor has already been registered, click Select Registered Harbor and select the appropriate Harbor from the list. Otherwise, click Add New Harbor and provide the following details:

Option	Description
URL	Enter the Harbor URL.
Username	Enter the Harbor user name.
Password	Enter the Harbor password.

helm

This add-on has no configuration.

multus

Caution:

Do NOT delete multus add-on once it is provisioned, as this might prevent creating or deleting pods on the workload cluster. See multus-cni known issue #461.

Option	Description
Log Level	Enter the log level. Select from: Panic Debug Error Verbose
Log File Path	Path where you want to store the log files.

Option

Description

Log Level

Enter the log level. Select from:

Panic
Debug
Error
Verbose

Log File Path

Path where you want to store the log files.

systemsettings

Option	Description
Cluster Password	Enter the password for the cluster.
Syslog	Add the syslog server IP address/FQDN for capturing the infrastructure logs of all the nodes in the cluster.

load-balancer-and-ingress-service(aka AKO)

Load-balancer-and-ingress-service add-on also known as AKO(AVI Kubernetes Operator) add-on.

Note:

To install load-balancer-and-ingress-service(AKO) add-on for a Workload cluster, you must add AKOO(AVI Kubernetes Operator - Operator) on the Management cluster. For information about adding AKOO, see Add AVI Kubernetes Operator - Operator.
Service engine group can not be shared by more than one TCA clusters, even if load-balancer-and-ingress-service(AKO) add-on is deleted from the original cluster or the original cluster is deleted already. To use a service engine group which was used by other cluster, delete the service engine group from Avi Controller UI and recreate it.
To customize additional load-balancer-and-ingress-service(AKO) configurable fields and manage AKO objects(aviinfrasetting, gatewayclass, gateway) via the Custom Resources(CRs) tab, see Advanced configuration for load-balancer-and-ingress-service add-on.

Option	Description
Cloud Name	Enter the cloud name configured in the AVI Controller.
Default Service Engine Group	Enter the service engine group name configured in the AVI Controller.
Default VIP Network	Enter the VIP network name in the AVI Controller.
Default VIP Network CIDR	Enter the VIP network CIDR in the AVI Controller.
Ingress Configuration for AKO Deployment
Service Type	Enter the ingress method for the service. Choose from the following options: Node Port Cluster IP Node Port Local - Available only for Antrea CNI.
Network Name	Enter the cluster node network name. To add a network, click Add Network.
CIDRs	You can enter multiple comma-separated CIDR values or use the <CR> tag to enter multiple CIDR values.

Promethues

The Prometheus Operator provides Kubernetes-native deployment and management of Prometheus and related monitoring components.

Note:

To customize additional prometheus configurable fields via the Custom Resources(CRs) tab, see Advanced configuration for prometheus add-on.
Some parameters(e.g. PVC parameters, service type, port) are immutable after prometheus add-on provisioned. See Configurable parameters.

Option	Description
Storage Class Name	The name of the Storage Class. Default Storage Class will be used if not set.
Access Mode	Choose from: Read Write Once Read Only Many Read Write Many
Storage	Enter the size of the Persistent Volume Claim (PVC). The default value is 150 GB.

Option

Description

Storage Class Name

The name of the Storage Class. Default Storage Class will be used if not set.

Access Mode

Choose from:

Read Write Once
Read Only Many
Read Write Many

Storage

Enter the size of the Persistent Volume Claim (PVC). The default value is 150 GB.

fluent-Bit

Note:

Do not set cpu-manager-policy is to static for node pools as this may lead to crashing of fluent-bit deamonset pods.
To customize additional fluent-bit configurable fields(inputs, outputs, filters, parsers) via the Custom Resources(CRs) tab, see Advanced configuration for fluent-bit addon.
To update the provisioned fluent-bit configuration, manually restart all fluent-bit pods to make the new configuration take effect.

Option	Description
service	Service configuration for fluent-bit. Default value is: [Service] Flush 5 Log_Level info Daemon off Parsers_File parsers.conf HTTP_Server On HTTP_Listen 0.0.0.0 HTTP_Port 2020

Option

Description

service

Service configuration for fluent-bit. Default value is:

[Service]
  Flush         5
  Log_Level     info
  Daemon        off
  Parsers_File  parsers.conf
  HTTP_Server   On
  HTTP_Listen   0.0.0.0
  HTTP_Port     2020

whereabouts

This add-on has no configuration.

cert-manager

This add-on has no configuration.

Note:

In certain scenarios, the cainjector pod or webhook pod of cert-manager add-on can be in CrashLoopBackOff status while the cert-manager add-on status on UI will be Unhealthy. In such case, restart the CrashLoopBackOff pod with command kubectl delete pod -n cert-manager <crash-pod-name> to recover.

velero

Velero is to back up and restore a workload cluster.


Option	Description
Credential
Access ID	Enter an ID to access backup storage.
Access Key	Enter password to access backup storage.
Backup Storage
Storage URL	Enter URL of the S3-compatible object storage service.
Region	Enter location of the bucket created in the S3-Compatible object storage server. Note: For example, enter minio if you are using the MinIO service.
Storage Bucket Name	Enter name of the storage bucket where the backup should be restored. Note: It is recommended to use a dedicated bucket for each TKG workload cluster.
CA certificate	Paste the CA certificate in PEM format. Note: This field appears only if the storage URL is in HTTPS format. Also append https-proxy certificate if velero is behind https-proxy.