Konvoy DocumentationKubernetes Base Addons Requirements
Kubernetes Base Addons (KBA) require more resources than solely deploying clusters. Some addons are prerequisites for others to deploy. Your cluster must have sufficient resources when deploying a Konvoy cluster, or you must adjust the addons deployed before running konvoy up.
The following table describes all KBAs supplied, by default, with Konvoy, minimum resource suggestions and persistent storage requirements, and their default status when starting Konvoy.
| Name of Addon | Description | Default Minimum Resources Suggested | Default Minimum Persistent Storage Required | Default On When konvoy init |
| awsebscsiprovisioner | Supports persistent volumes on AWS | Yes | ||
| awsebsprovisioner | Legacy “in-tree” volume provisioner | No | ||
| azuredisk-csi-driver | Supports persistent volumes on Azure | cpu: 10m memory: 20Mi | No | |
| azurediskprovisioner | Legacy volume provisioner | No | ||
| cert-manager | Automates the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry. It has ACME integration which would allow users to get a Let’s Encrypt certificate automatically and then talk to Let’s Encrypt server to get a valid certificate. | cpu: 10m memory: 32Mi | Yes | |
| dashboard | Provides a general-purpose web-based user interface for the Kubernetes cluster | cpu: 250m memory: 300Mi | Yes | |
| defaultstorageclass-protection | Ensures that there is 1 default storage class (that is, something that would provide a volume) | Yes | ||
| dex | Provides identity service (authentication) to the Kubernetes clusters | cpu: 100m memory: 50Mi | Yes | |
| dex-k8s-authenticator | Enables authentication flow to obtain `kubectl` token for accessing the cluster. | cpu: 100m memory: 128Mi | Yes | |
| elasticsearch | Enables scalable, high-performance logging pipeline | cpu: 4.6 memory: 21Gi | # of PVs: 7 PV sizes: 4Gi x 3, 30Gi x 4 (total: 132Gi) | Yes |
| elasticsearch-curator | Helps curate, or manage, your Elasticsearch indices and snapshots by obtaining the full list of indices (or snapshots) from the cluster, as the actionable list; iterate through a list of user-defined filters to progressively remove indices (or snapshots) from this actionable list as needed; and perform various actions on the items which remain in the actionable list. | cpu: 100m memory: 128Mi | Yes | |
| elasticsearchexporter | The purpose of exporters is to take data collected from any Elastic Stack source and route it to the monitoring cluster | cpu: 100m memory: 128Mi | Yes | |
| external-dns | Makes Kubernetes resources discoverable using public DNS servers; retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. It's not a DNS server itself, but merely configures other DNS providers accordingly. | cpu: 10m memory: 50Mi | Yes | |
| flagger | Automates the release process for applications running on Kubernetes | cpu: 10m memory: 32Mi | No | |
| fluentbit | Collects and collates logs from different sources and send logged messages to multiple destinations | cpu: 200m memory: 200Mi | Yes | |
| gatekeeper | Policy controller for Kubernetes, allowing organizations to enforce configurable policies using the Open Policy Agent, a policy engine for Cloud Native environments hosted by CNCF as an incubation-level project. | cpu: 200m memory: 300Mi | Yes | |
| istio Experimental | Helps you manage cloud-based deployments by providing an open-source service mesh to connect, secure, control, and observe microservices. | cpu: 10m memory: 50Mi | No | |
| kibana | Supports data visualization for content indexed by Elasticsearch | cpu: 100m | Yes | |
| konvoyconfig | Manages installation related configuration | Yes | ||
| kube-oidc-proxy | Reverse proxy to authenticate to managed Kubernetes API servers via OIDC | Yes | ||
| localvolumeprovisioner | Uses the local volume static provisioner to manage persistent volumes for pre-allocated disks. It does this by watching the /mnt/disks folder on each host and creating persistent volumes in the localvolumeprovisioner storage class for each disk that is discovered in this folder. | cpu: 100m memory: 128Mi | No | |
| opsportal | Centralizes access to addon dashboards | cpu: 100m memory: 128Mi | Yes | |
| prometheus | Collects and evaluates metrics for monitoring and alerting | cpu: 300m memory: 1500Mi | # of PVs: 1 PV sizes: 50Gi | Yes |
| prometheusadapter | Gathers the names of available metrics from Prometheus at a regular interval, and then only exposes metrics that follow specific forms. | cpu: 1000m memory: 1000Mi | Yes | |
| reloader | Watches changes in `ConfigMap` and `Secret` and do rolling upgrades on Pods with their associated `DeploymentConfigs`, `Deployments`, `Daemonsets` and `Statefulsets` | cpu: 100m memory: 128Mi | Yes | |
| traefik | Routes layer 7 traffic as a reverse proxy and load balancer. | cpu: 500m | Yes | |
| traefik-forward-auth | Provides basic authorization for Traefik ingress | cpu: 100m memory: 128Mi | Yes | |
| velero | Backs up and restores Kubernetes cluster resources and persistent volumes. | cpu: 250m memory: 256Mi | # of PVs: 4 PV sizes: 4 x 10Gi (total: 40Gi) | Yes |
| dispatch | D2iQ’s cloud-native GitOps platform | cpu: 250m memory: 256Mi | No | |
| kommander | D2iQ's administrative cluster for multi-cluster management of Kubernetes lifecycle, governance, and workloads | cpu: 100m memory: 256Mi | # of PVs: 3 PV sizes: 0.2Gi, 32Gi, 2Gi (total: 35Gi) | Yes |
KBA Addons
The table below lists all supplied addons and their version number.
| Namespace | Name | Version | App Version | Kind |
|---|---|---|---|---|
| ambassador | 1.13.3-1 | 1.13.3 | ClusterAddon | |
| awsebscsiprovisioner | 0.8.0-1 | 0.8.0 | ClusterAddon | |
| awsebsprovisioner | 1.0.0-1 | 1.0 | ClusterAddon | |
| azuredisk-csi-driver | 0.7.2-3 | 0.7.2 | ClusterAddon | |
| azurediskprovisioner | 1.0.0-2 | 1.0 | ClusterAddon | |
| cert-manager | 1.0.3-7 | 1.0.3 | ClusterAddon | |
| dashboard | 3.0.2-0 | 3.0.2 | ClusterAddon | |
| defaultstorageclass-protection | 1.1.0-0 | 0.0.6 | ClusterAddon | |
| external-dns | 0.7.0-4 | 0.7.0 | ClusterAddon | |
| gcpdisk-csi-driver | 0.7.1-2 | 0.7.1 | ClusterAddon | |
| gcpdiskprovisioner | 1.0.0-2 | 1.0 | ClusterAddon | |
| istio | 1.9.1-1 | 1.9.1 | ClusterAddon | |
| jaeger | 2.18.3-7 | 1.21.0 | ClusterAddon | |
| kiali | v1.29.1-4 | 1.29.0 | ClusterAddon | |
| localvolumeprovisioner | 1.0.0-1 | 1.0 | ClusterAddon | |
| metallb | 0.9.3-5 | 0.9.3 | ClusterAddon | |
| traefik | 1.7.30-0 | 1.7.30+d2iq.0 | ClusterAddon | |
| velero | 1.5.2-2 | null | ClusterAddon | |
| vsphere-csi-driver | 1.3.0-1 | 2.2.0 | ClusterAddon | |
| kubeaddons | dex | 2.27.0-3 | 2.27.0 | Addon |
| kubeaddons | dex-k8s-authenticator | 1.2.2-6 | v1.2.2 | Addon |
| kubeaddons | elasticsearch | 7.10.1-1 | 7.10.1 | Addon |
| kubeaddons | elasticsearch-curator | 5.8.1-4 | 5.8.1 | Addon |
| kubeaddons | elasticsearchexporter | 1.1.0-5 | 1.1.0 | Addon |
| kubeaddons | fluentbit | 1.6.8-5 | 1.6.8 | Addon |
| kubeaddons | gatekeeper | 3.4.0-2 | 3.4.0 | Addon |
| kubeaddons | kibana | 7.9.3-2 | 7.9.3 | Addon |
| kubeaddons | konvoyconfig | 0.0.4-4 | 0.0.4 | Addon |
| kubeaddons | kube-oidc-proxy | 0.2.0-2 | v0.2.0 | Addon |
| kubeaddons | nvidia | 0.2.0-8 | 0.2.0 | ClusterAddon |
| kubeaddons | opsportal | 1.5.0-17 | 1.5.0 | Addon |
| kubeaddons | prometheus | 0.47.0-3 | 2.26.0 | Addon |
| kubeaddons | prometheusadapter | v0.8.3-4 | v0.8.3 | Addon |
| kubeaddons | reloader | v0.0.85-1 | v0.0.85 | Addon |
| kubeaddons | traefik-forward-auth | 2.0.0-1 | null | Addon |
| kubeaddons-flagger | flagger | 0.19.0-6 | 0.19.0 | ClusterAddon |
Related information
For information on related topics or procedures, refer to the following: