Use the following reference while configuring Add-Ons on your v2 Workload cluster.

vsphere-csi

Option

Description

Zone

Zone is the tag category name defined in vCenter Server. Tags belonging to this category are assigned to the host or vSphere cluster objects for marking the storage topology.

Region

Region is the tag category name defined in vCenter Server. Tags belonging to this category are assigned to the Data Center objects for marking the storage topology.

Storage Class

Enter the storage class name. This storage class is used to provision persistent volumes dynamically. A storage class with this name is created in the Kubernetes cluster.

IsDefault

Select True to set this storage class as default.

Reclaim Policy

Select whether to delete or retain the add-on during a reclaim event.

Datastore URL

Enter the datastore URL.

nfs-client

Option

Description

Storage Class

Enter the storage class name. This storage class is used to provision persistent volumes dynamically. A storage class with this name is created in the Kubernetes cluster.

Is Default

To set this storage class as default, select True.

NFS Server Address

For an IPv4 cluster, enter the IPv4 address or FQDN of the NFS Server. For an IPv6 cluster, enter the FQDN.

Path

Enter server IP address and mount path of the NFS client. Ensure that the NFS server is reachable from the cluster. The mount path must also be accessible to read and write.

harbor

If a Harbor has already been registered, click Select Registered Harbor and select the appropriate Harbor from the list. Otherwise, click Add New Harbor and provide the following details:

Option

Description

URL

Enter the Harbor URL.

Username

Enter the Harbor user name.

Password

Enter the Harbor password.

helm

This add-on has no configuration.

multus

Caution:

Do NOT delete multus add-on once it is provisioned, as this might prevent creating or deleting pods on the workload cluster. See multus-cni known issue #461.

Option

Description

Log Level

Enter the log level. Select from:

  • Panic

  • Debug

  • Error

  • Verbose

Log File Path

Path where you want to store the log files.

systemsettings

Option

Description

Cluster Password

Enter the password for the cluster.

Syslog

Add the syslog server IP address/FQDN for capturing the infrastructure logs of all the nodes in the cluster.

load-balancer-and-ingress-service(aka AKO)

Load-balancer-and-ingress-service add-on also known as AKO(AVI Kubernetes Operator) add-on.

Note:
  1. To install load-balancer-and-ingress-service(AKO) add-on for a Workload cluster, you must add AKOO(AVI Kubernetes Operator - Operator) on the Management cluster. For information about adding AKOO, see Add AVI Kubernetes Operator - Operator.

  2. Service engine group can not be shared by more than one TCA clusters, even if load-balancer-and-ingress-service(AKO) add-on is deleted from the original cluster or the original cluster is deleted already. To use a service engine group which was used by other cluster, delete the service engine group from Avi Controller UI and recreate it.

  3. To customize additional load-balancer-and-ingress-service(AKO) configurable fields and manage AKO objects(aviinfrasetting, gatewayclass, gateway) via the Custom Resources(CRs) tab, see Advanced configuration for load-balancer-and-ingress-service add-on.

Option

Description

Cloud Name

Enter the cloud name configured in the AVI Controller.

Default Service Engine Group

Enter the service engine group name configured in the AVI Controller.

Default VIP Network

Enter the VIP network name in the AVI Controller.

Default VIP Network CIDR

Enter the VIP network CIDR in the AVI Controller.

Ingress Configuration for AKO Deployment

Service Type

Enter the ingress method for the service. Choose from the following options:

  • Node Port

  • Cluster IP

  • Node Port Local - Available only for Antrea CNI.

Network Name

Enter the cluster node network name. To add a network, click Add Network.

CIDRs

You can enter multiple comma-separated CIDR values or use the <CR> tag to enter multiple CIDR values.

Promethues

The Prometheus Operator provides Kubernetes-native deployment and management of Prometheus and related monitoring components.

Note:
  1. To customize additional prometheus configurable fields via the Custom Resources(CRs) tab, see Advanced configuration for prometheus add-on.

  2. Some parameters(e.g. PVC parameters, service type, port) are immutable after prometheus add-on provisioned. See Configurable parameters.

Option

Description

Storage Class Name

The name of the Storage Class. Default Storage Class will be used if not set.

Access Mode

Choose from:

  • Read Write Once

  • Read Only Many

  • Read Write Many

Storage

Enter the size of the Persistent Volume Claim (PVC). The default value is 150 GB.

fluent-Bit

Note:
  1. Do not set cpu-manager-policy is to static for node pools as this may lead to crashing of fluent-bit deamonset pods.

  2. To customize additional fluent-bit configurable fields(inputs, outputs, filters, parsers) via the Custom Resources(CRs) tab, see Advanced configuration for fluent-bit addon.

  3. To update the provisioned fluent-bit configuration, manually restart all fluent-bit pods to make the new configuration take effect.

Option

Description

service

Service configuration for fluent-bit. Default value is:

[Service]
  Flush         5
  Log_Level     info
  Daemon        off
  Parsers_File  parsers.conf
  HTTP_Server   On
  HTTP_Listen   0.0.0.0
  HTTP_Port     2020

whereabouts

This add-on has no configuration.

cert-manager

This add-on has no configuration.

Note:

In certain scenarios, the cainjector pod or webhook pod of cert-manager add-on can be in CrashLoopBackOff status while the cert-manager add-on status on UI will be Unhealthy. In such case, restart the CrashLoopBackOff pod with command kubectl delete pod -n cert-manager <crash-pod-name> to recover.

velero

Velero is to back up and restore a workload cluster.

Option

Description

Credential

Access ID

Enter an ID to access backup storage.

Access Key

Enter password to access backup storage.

Backup Storage

Storage URL

Enter URL of the S3-compatible object storage service.

Region

Enter location of the bucket created in the S3-Compatible object storage server.

Note:

For example, enter minio if you are using the MinIO service.

Storage Bucket Name

Enter name of the storage bucket where the backup should be restored.

Note:

It is recommended to use a dedicated bucket for each TKG workload cluster.

CA certificate

Paste the CA certificate in PEM format.

Note:
  • This field appears only if the storage URL is in HTTPS format.

  • Also append https-proxy certificate if velero is behind https-proxy.