[BOP-811] External address docs (#39)

Co-authored-by: Moshiur Howlader <[email protected]> Co-authored-by: ogusarenko <[email protected]>
Mirantis · Jul 18, 2024 · 5b20492 · 5b20492
1 parent f257069
commit 5b20492
Show file tree

Hide file tree

Showing 11 changed files with 298 additions and 80 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,15 @@
 # IntelliJ IDEA files
 .idea/
+
+# Terraform files and artifacts
+**/.terraform
+**/.terraform.lock.hcl
+**/terraform.tfstate
+**/terraform.tfstate.backup
+**/terraform.tfvars
+**/VMs.yaml
+
+# MKE 4 config files
+
+**/mke4.yaml
+**/mke.yaml
diff --git a/content/docs/getting-started/create-cluster.md b/content/docs/getting-started/create-cluster.md
@@ -3,7 +3,6 @@ title: Create a cluster
 weight: 3
 ---
 
-
 ## Install dependecies
 
 Verify that you have installed `mkectl` and other dependencies on your system
@@ -68,12 +67,72 @@ process and ensures consistency in cluster deployments.
    license:
      refresh: true
    apiServer:
-     sans: ["mydomain.com"]
+     externalAddress: mke.example.com
+     sans: []
    ingressController:
-     enabled: false
+     enabled: true
+     replicaCount: 2
+     extraArgs:
+       httpPort: 80
+       httpsPort: 443
+       enableSslPassthrough: false
+       defaultSslCertificate: mke/auth-https.tls
    monitoring:
      enableGrafana: true
      enableOpscare: false
+   network:
+     kubeProxy:
+       disabled: false
+       mode: iptables
+       metricsbindaddress: 0.0.0.0:10249
+       iptables:
+         masqueradebit: null
+         masqueradeall: false
+         localhostnodeports: null
+         syncperiod:
+           duration: 0s
+         minsyncperiod:
+           duration: 0s
+       ipvs:
+         syncperiod:
+           duration: 0s
+         minsyncperiod:
+           duration: 0s
+         scheduler: ""
+         excludecidrs: []
+         strictarp: false
+         tcptimeout:
+           duration: 0s
+         tcpfintimeout:
+           duration: 0s
+         udptimeout:
+           duration: 0s
+       nodeportaddresses: []
+     nllb:
+       disabled: true
+     cplb:
+       disabled: true
+     providers:
+       - provider: calico
+         enabled: true
+         CALICO_DISABLE_FILE_LOGGING: true
+         CALICO_STARTUP_LOGLEVEL: DEBUG
+         FELIX_LOGSEVERITYSCREEN: DEBUG
+         clusterCIDRIPv4: 192.168.0.0/16
+         deployWithOperator: false
+         enableWireguard: false
+         ipAutodetectionMethod: null
+         mode: vxlan
+         overlay: Always
+         vxlanPort: 4789
+         vxlanVNI: 10000
+         windowsNodes: false
+       - provider: kuberouter
+         enabled: false
+         deployWithOperator: false
+       - provider: custom
+         enabled: false
+         deployWithOperator: false
    ```
 
 {{< /details >}}
@@ -84,16 +143,22 @@ process and ensures consistency in cluster deployments.
    mkectl init > mke.yaml
    ```
 
-2. In the configuration file, edit the `hosts` section to match your roster
-   of nodes. Provide the SSH information for each cluster node, as well as
-   the role of the node based on their functions within the cluster. The table
-   below provides the list of available node roles and their descriptions:
+2. In the generated configuration file:
+
+   - Edit the `hosts` section to match your roster of nodes. Provide the SSH
+     information for each cluster node, as well as the role of the node based
+     on their functions within the cluster. The table below provides the list
+     of available node roles and their descriptions:
+
+     | Node Role             | Description                                                                                     |
+     |-----------------------|-------------------------------------------------------------------------------------------------|
+     | **controller+worker** | A manager node that runs both control plane and data plane components. This role combines the responsibilities of managing cluster operations and executing workloads. |
+     | **worker**            | A worker node that runs the data plane components. These nodes are dedicated to executing workloads and   handling the operational tasks assigned by the control plane. |
+     | **single**            | A special role used when the cluster consists of a single node. This node handles both control plane and data plane components, effectively managing and executing workloads within a standalone environment. |
 
-   | Node Role             | Description                                                                                     |
-   |-----------------------|-------------------------------------------------------------------------------------------------|
-   | **controller+worker** | A manager node that runs both control plane and data plane components. This role combines the responsibilities of managing cluste   operations and executing workloads. |
-   | **worker**            | A worker node that runs the data plane components. These nodes are dedicated to executing workloads and handling the operational task   assigned by the control plane. |
-   | **single**            | A special role used when the cluster consists of a single node. This node handles both control plane and data plane components, effectivel   managing and executing workloads within a standalone environment. |
+   - Specify the external address in the in `apiServer.externalAddress` field.
+     The external address is the domain name of the load balancer configured
+     as described in [System Requirements: Load balancer](../system-requirements#load-balancer-requirements).  
 
 ## Create a cluster
 

diff --git a/content/docs/getting-started/system-requirements.md b/content/docs/getting-started/system-requirements.md
@@ -19,3 +19,36 @@ documentation](https://docs.k0sproject.io/v1.29.4+k0s.0/system-requirements/).
   - Ubuntu 20.04 Linux
 - Architecture: `amd64`
 - CNI: Calico
+
+## Load balancer requirements
+
+The load balancer can be implemented in many different ways. You can use for example
+HAProxy, NGINX, or the load balancer of your cloud provider.
+
+To ensure the MKE Dashboard functions properly, MKE requires a TCP load balancer.
+This load balancer acts as a single point of contact to access the controllers.
+With the default MKE configuration, the load balancer must allow and route traffic
+to each controller through the following ports:
+
+| Listen port | Target port | Purpose             | Configurable          |
+|-------------|-------------|---------------------|-----------------------|
+| 6443        | 6443        | Kubernetes API      | {{< icon "ban" >}}    |
+| 8132        | 8132        | Konnectivity        | {{< icon "ban" >}}    |
+| 9443        | 9443        | Controller join API | {{< icon "ban" >}}    |
+| 443         | 33001       | Ingress Controller  | {{< icon "check" >}}  |
+
+You can configure the listen port of the Ingress Controller to be different from
+the default port `443`. However, if you change the listen port, you must append
+the new port number to the external address in the configuration file. For example,
+if you set the listen port to be the same as the target port, `33001`, the configuration
+should look as follows:
+
+```yaml
+apiServer:
+  externalAddress: "mke.example.com:33001"
+```
+
+The target port must match the HTTPS node port of the Ingress Controller,
+which is `33001` by default, but can be adjusted as needed. See the configuration
+details for `nodePorts` in the 
+[Ingress Controller configuration](../../operations/ingress#configuration)
diff --git a/content/docs/migrate-from-MKE-3.md b/content/docs/migrate-from-MKE-3.md
@@ -94,20 +94,23 @@ are performed through the use of the `mkectl` tool:
 - Carry out post-upgrade cleanup, to remove MKE 3 components.
 - Output the new MKE 4 config file.
 
-To upgrade an MKE 3 cluster, run the following command:
+To upgrade an MKE 3 cluster, use the `mkectl upgrade` command:
 
 ```shell
-mkectl upgrade --hosts-path <path-to-hosts-yaml> --admin-username <admin-username> --admin-password <admin-password>
+mkectl upgrade --hosts-path <path-to-hosts-yaml> \
+  --mke3-admin-username <admin-username> \
+  --mke3-admin-password <admin-password> \
+  --external-address <external-address>\
+  --config-out <path-to-desired-file-location>
 ```
 
-{{< callout type="info" >}}
-
-The MKE 4 config file prints to your console when the migration is complete. To
-output the config file to a file for future use, run `mkectl apply`.
-Alternatively, you can set the `--config-out` flag to the path where you want
-to save the MKE 4 config file.
+The external address is the domain name of the load balancer. For details,
+see [System requirements: Load balancer requirements](../getting-started/system-requirements#load-balancer-requirements).
 
-{{< /callout >}}
+The `--config-out` flag allows you to specify a path where the MKE 4 configuration
+file will be automatically created and saved during migration. If not specified,
+the configuration file prints to your console on completion. In this case, save
+the output to a file for future reference
 
 The upgrade process requires time to complete. Once the process is complete,
 run the following command to verify that the MKE 4 cluster is operating: