Skip to main content

Azure

概述#

除了将名称设置为azure外,还必须设置一些特定的配置选项,才可以启用 Azure 云提供商。此外,Azure 节点名称还必须与 Kubernetes 节点名称一致。

cloud_provider:
name: azure
azureCloudProvider:
aadClientId: xxxxxxxxx
aadClientSecret: xxxxxxxxx
location: xxxxxxxxx
resourceGroup: xxxxxxxxx
subnetName: xxxxxxxxx
subscriptionId: xxxxxxxxx
vnetName: xxxxxxxxx
tenantId: xxxxxxxxx
securityGroupName: xxxxxxxxx

覆盖主机名称#

因 Azure 节点名称必须与 Kubernetes 节点名称相匹配,可以通过为每个节点设置hostname_override来覆盖节点上的 Kubernetes 名称。如果不设置hostname_override,Kubernetes 节点名将被设置为address,会导致 Azure 云提供商失败。

nodes:
- address: x.x.x.x
hostname_override: azure-rke1
user: ubuntu
role:
- controlplane
- etcd
- worker

Azure 配置选项列表#

除了上文中的 Azure 选项,RKE 还支持许多其他选项,详情请参考下表。

Azure Configuration OptionsTypeRequiredDescription
tenantIdstring*The Azure Active Directory (Azure AD) tenant ID for the subscription that the cluster is deployed in.
subscriptionIdstring*The ID of the Azure subscription that the cluster is deployed in.
aadClientIdstring*The client ID for an Azure AD application with RBAC access to talk to Azure Resource Manager APIs. This is used for service principal authentication.
aadClientSecretstring*The client secret for an Azure AD application with RBAC access to talk to Azure Resource Manager APIs. This is used for service principal authentication.
cloudstringThe cloud environment identifier. Takes values from here.
resourceGroupstringThe name of the resource group that the Vnet is deployed in.
locationstringThe location of the resource group that the cluster is deployed in.
vnetNamestringThe name of the virtual network that the cluster is deployed in.
vnetResourceGroupstringThe name of the resource group that the virtual network is deployed in.
subnetNamestringThe name of the subnet that the cluster is deployed in.
securityGroupNamestringThe name of the security group attached to the cluster's subnet.
routeTableNamestringThe name of the route table attached to the subnet that the cluster is deployed in.
primaryAvailabilitySetNamestringThe name of the availability set that should be used as the load balancer backend. If this is set, the Azure cloud provider will only add nodes from that availability set to the load balancer backend pool. If this is not set, and multiple agent pools (availability sets) are used, then the cloud provider will try to add all nodes to a single backend pool which is forbidden. In other words, if you use multiple agent pools (availability sets), you must set this field.
vmTypestringThe type of Azure nodes. Candidate values are: vmss and standard. If not set, it will be default to standard. Set to vmss if the cluster is running on Azure virtual machine scale sets instead of standard machines.
primaryScaleSetNamestringThe name of the scale set that should be used as the load balancer backend. If this is set, the Azure cloud provider will only add nodes from that scale set to the load balancer backend pool. If this is not set, and multiple agent pools (scale sets) are used, then the cloud provider will try to add all nodes to a single backend pool which is forbidden. In other words, if you use multiple agent pools (scale sets), you must set this field.
aadClientCertPathstringThe path of a client certificate for an Azure AD application with RBAC access to talk to Azure Resource Manager APIs. This is used for client certificate authentication.
aadClientCertPasswordstringThe password of the client certificate for an Azure AD application with RBAC access to talk to Azure Resource Manager APIs. This is used for client certificate authentication.
cloudProviderBackoffboolEnable exponential backoff to manage resource request retries.
cloudProviderBackoffRetriesintBackoff retry limit.
cloudProviderBackoffExponentintBackoff exponent.
cloudProviderBackoffDurationintBackoff duration.
cloudProviderBackoffJitterintBackoff jitter.
cloudProviderRateLimitboolEnable rate limiting.
cloudProviderRateLimitQPSintRate limit QPS.
cloudProviderRateLimitBucketintRate limit bucket Size.
useInstanceMetadataboolUse instance metadata service where possible.
useManagedIdentityExtensionboolUse managed service identity for the virtual machine to access Azure Resource Manager APIs. This is used for managed identity authentication. For user-assigned managed identity, UserAssignedIdentityID needs to be set.
UserAssignedIdentityIDstringThe client ID of the user assigned Managed Service Identity (MSI) which is assigned to the underlying VMs. This is used for managed identity authentication.
maximumLoadBalancerRuleCountintThe limit enforced by Azure Load balancer. The default is 0 and maximum is 148.
LoadBalancerSkustringSKU of the load balancer and public IP. Valid values are basic or standard. Default(blank) to basic.
ExcludeMasterFromStandardLBboolExcludes master nodes (labeled with node-role.kubernetes.io/master) from the backend pool of Azure standard loadbalancer. Defaults to nil.
Last updated on by kingsd041