diff --git a/docs/example-hpe-etcd.md b/docs/example-hpe-etcd.md new file mode 100644 index 00000000..fbb7f7c9 --- /dev/null +++ b/docs/example-hpe-etcd.md @@ -0,0 +1,72 @@ +## Example YAML for HPE-ETCD +After generating the file, place it in the /etc/kubernetes/manifests directory to automaticly start the pod and have it persist. This +example only covers a single instance; however, for HA you will want to replicate it to two additional nodes (3 nodes in total). + +## HPE Etcd Setup +1. Set the node IP address for step 2 +```export HostIP=""``` +2. Create the hpe-etcd.yaml file below; note that this file shares the TLS settings of your Kubernetes etcd cluster. In production + you should create your own TLS keys and certificates for this separate etcd key value database. +``` +cat < /etc/kubernetes/manifests/hpe-etcd.yaml +apiVersion: v1 +kind: Pod +metadata: + labels: + component: hpe-etcd + tier: control-plane + name: hpe-etcd + namespace: kube-system +spec: + containers: + - command: + - etcd + - --advertise-client-urls=https://${HostIP}:23790,http://${HostIP}:4001 + - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt + - --cert-file=/etc/kubernetes/pki/etcd/server.crt + - --key-file=/etc/kubernetes/pki/etcd/server.key + - --client-cert-auth=true + - --data-dir=/var/lib/hpe-etcd + - --initial-advertise-peer-urls=https://${HostIP}:23800 + - --initial-cluster-token=etcd-cluster-1 + - --initial-cluster-state=new + - --initial-cluster=m2-dl360g9-75=https://${HostIP}:23800 + - --listen-client-urls=https://0.0.0.0:23790,https://0.0.0.0:4001 + - --listen-peer-urls=https://0.0.0.0:23800 + - --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt + - --peer-client-cert-auth=true + - --peer-key-file=/etc/kubernetes/pki/etcd/peer.key + - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt + - --snapshot-count=10000 + image: k8s.gcr.io/etcd:3.3.15-0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 8 + httpGet: + host: 127.0.0.1 + path: /health + port: 2381 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: hpe-etcd + resources: {} + volumeMounts: + - mountPath: /var/lib/hpe-etcd + name: hpe-etcd-data + - mountPath: /etc/kubernetes/pki/etcd + name: etcd-certs + hostNetwork: true + priorityClassName: system-cluster-critical + volumes: + - hostPath: + path: /etc/kubernetes/pki/etcd + type: DirectoryOrCreate + name: etcd-certs + - hostPath: + path: /var/lib/hpe-etcd + type: DirectoryOrCreate + name: hpe-etcd-data +status: {} +EOF +``` diff --git a/docs/quick_start_guide.md b/docs/quick_start_guide.md index 7271ece8..02e7a02a 100644 --- a/docs/quick_start_guide.md +++ b/docs/quick_start_guide.md @@ -118,7 +118,7 @@ export HostIP="" ``` 2. Run the following Docker command to create the HPE etcd container ->**NOTE:** etcd stores the HPE 3PAR volume metadata and is required for the plugin to function properly. If you have multiple instances of etcd running on the same Docker node, you will need to modify the default etcd ports (2379, 2380, 4001) and make the adjustment in the **hpe.conf** as well. +>**NOTE:** etcd stores the HPE 3PAR volume metadata and is required for the plugin to function properly. If you have multiple instances of etcd running on the same Docker node, you will need to modify the default etcd ports (2379, 2380, 4001) and make the adjustment in the **hpe.conf** as well. See example [/docs/example-hpe-etcd.md](/docs/example-hpe-etcd.md). ``` sudo docker run -d -v /usr/share/ca-certificates/:/etc/ssl/certs -p 4001:4001 \ diff --git a/docs/system-reqs.md b/docs/system-reqs.md index 9e4a4101..44775bb8 100644 --- a/docs/system-reqs.md +++ b/docs/system-reqs.md @@ -18,7 +18,7 @@ Versions starting at v1.0 have been tested and are supported on the following Li **Supported software versions:** -* Docker EE 17.03 or later is supported +* Docker EE 18.09 or later is supported * Python 2.7 * etcd 2.x