VsphereCredential¶
This section describes the VsphereCredential
custom resource (CR)
used in Mirantis Container Cloud API. It contains all information
necessary to connect to a provider backend.
Warning
The kubectl apply command automatically saves the
applied data as plain text into the
kubectl.kubernetes.io/last-applied-configuration
annotation of the
corresponding object. This may result in revealing sensitive data in this
annotation when creating or modifying the object.
Therefore, do not use kubectl apply on this object. Use kubectl create, kubectl patch, or kubectl edit instead.
If you used kubectl apply on this object, you
can remove the kubectl.kubernetes.io/last-applied-configuration
annotation from the object using kubectl edit.
For demonstration purposes, the Container Cloud VsphereCredential
custom resource (CR) can be split into the following sections:
Warning
The fields in this resource are available for viewing only. They are automatically generated by the vSphere cloud provider and must not be modified using the Container Cloud API.
metadata¶
The Container Cloud VsphereCredential
custom resource (CR) contains the following
fields:
apiVersion
Object API version that is
kaas.mirantis.com/v1alpha1
.
kind
Object type that is
VsphereCredential
.
The metadata
object field of the VsphereCredential
resource contains
the following fields:
name
Name of the
VsphereCredential
object
namespace
Container Cloud project in which the
VsphereCredential
object has been created
labels
kaas.mirantis.com/regional-credential
Must be
true
to useVsphereCredential
for the management clusterNote
The
kaas.mirantis.com/regional-credential
label is removed from in 2.26.0 (Cluster releases 17.1.0 and 16.1.0). Therefore, do not add the label starting these releases. On existing clusters updated to these releases, or if manually added, this label will be ignored by Container Cloud.
kaas.mirantis.com/region
Region name
Note
The
kaas.mirantis.com/region
label is removed from all Container Cloud objects in 2.26.0 (Cluster releases 17.1.0 and 16.1.0). Therefore, do not add the label starting these releases. On existing clusters updated to these releases, or if manually added, this label will be ignored by Container Cloud.
Configuration example:
apiVersion: kaas.mirantis.com/v1alpha1
kind: VsphereCredential
metadata:
name: demo
namespace: test
labels:
kaas.mirantis.com/regional-credential: "true"
VsphereCredential configuration¶
The spec
object field of the VsphereCredential
resource contains
configuration and authentication details for the vSphere server.
It contains the following fields:
vsphere
vSphere server information:
server
IP or host name of the vSphere server.
port
vSphere server port.
insecure
SSL certificate verification for connection. Possible values are
false
to enable andtrue
to disable verification.
datacenter
vSphere Data center name.
clusterApi
Credentials of the user that manages vSphere virtual machines:
username
Key name in the secret.
password
Reference to the secret that contains the user password.
value
User password.
cloudProvider
Credentials of the user that manages storage and volumes for Kubernetes.
username
Key name in the secret.
password
Reference to the secret that contains the user password.
value
User password.
Configuration example:
...
spec:
vsphere:
server: vcenter.server.example.org
port: "443"
insecure: true
datacenter: example
clusterApi:
username: vm-user
password: vm-user-password
cloudProvider:
username: storage-user
password: storage-user-password