MKE configuration management¶
This section describes configuration specifics of an MKE cluster deployed using Container Cloud.
MKE configuration managed by Container Cloud¶
Since 2.25.1 (Cluster releases 16.0.1 and 17.0.1), Container Cloud does not override changes in MKE configuration except the following list of parameters that are automatically managed by Container Cloud. These parameters are always overridden by the Container Cloud default values if modified direclty using the MKE API. For details on configuration using the MKE API, see MKE configuration managed directly by the MKE API.
However, you can manually configure a few options from this list using the
Cluster
object of a Container Cloud cluster. They are labeled with the
superscript and contain references to the
respective configuration procedures in the Comments columns of the tables.
[audit_log_configuration]¶
MKE parameter name |
Default value in Container Cloud |
Comments |
---|---|---|
|
You can configure this option either using MKE API with no Container Cloud
overrides or using the If configured using the |
|
|
|
For configuration procedure, see comments above. |
[auth]¶
MKE parameter name |
Default value in Container Cloud |
---|---|
|
|
|
|
|
|
|
|
[auth.external_identity_provider]¶
MKE parameter name |
Default value in Container Cloud |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[hardening_configuration]¶
MKE parameter name |
Default value in Container Cloud |
---|---|
|
|
|
|
|
|
|
|
|
|
[scheduling_configuration]¶
MKE parameter name |
Default value in Container Cloud |
---|---|
|
|
|
|
[tracking_configuration]¶
MKE parameter name |
Default value in Container Cloud |
---|---|
|
|
[cluster_config]¶
Caution
Since Container Cloud 2.27.3 (Cluster release 16.2.3), support for vSphere-based clusters is suspended. For details, see Deprecation notes.
MKE parameter name |
Default value in Container Cloud |
Comments |
---|---|---|
|
|
|
|
|
For configuration steps, see Set the MTU size for Calico. |
|
|
|
|
|
|
|
|
|
|
|
Depends on the selected cloud provider. |
|
|
|
|
|
Applies only to MKE on the management cluster. |
|
|
|
|
|
|
|
|
|
|
|
For configuration steps, see Increase storage quota for etcd. |
|
|
|
|
|
|
|
For configuration steps, see Configure Kubernetes auditing and profiling. |
|
|
|
|
|
|
|
|
|
|
|
|
For configuration steps, see Configure Kubernetes auditing and profiling. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
You can override this value in |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
You can override this value in |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- 2(1,2)
The
CSIMigrationvSphere
flag applies only to the vSphere provider since 2.25.1.- 3(1,2)
For
priv_attributes
parameters, you can add custom options on top of existing parameters using the MKE API.- 4
For management clusters since 2.26.0 (Cluster release 16.1.0).
- 5
For management and managed clusters since 2.24.3 (Cluster releases 15.0.2 and 14.0.2).
- 6(1,2,3)
For management and managed clusters since 2.27.0 (Cluster releases 17.2.0 and 16.2.0). For configuration steps, see Configure Kubernetes auditing and profiling.
Note
All possible values for parameters labeled with the
Cluster
object are described in
MKE Operations Guide: Configuration options.
MKE configuration managed directly by the MKE API¶
Since 2.25.1, aside from MKE parameters described in MKE configuration managed by Container Cloud, Container Cloud does not override changes in MKE configuration that are applied directly through the MKE API. For the configuration options and procedure, see MKE documentation:
Configure an existing MKE cluster
While using this procedure, replace the command to upload the newly edited MKE configuration file with the following one:
curl --silent --insecure -X PUT -H "X-UCP-Allow-Restricted-API: i-solemnly-swear-i-am-up-to-no-good" -H "accept: application/toml" -H "Authorization: Bearer $AUTHTOKEN" --upload-file 'mke-config.toml' https://$MKE_HOST/api/ucp/config-toml
Important
Mirantis cannot guarrantee the expected behavior of the functionality configured using the MKE API as long as customer-specific configuration does not undergo testing within Container Cloud. Therefore, Mirantis recommends that you test custom MKE settings configured through the MKE API on a staging environment before applying them to production.