KaaS Predeployment Checklist

This checklist describes prerequisites for Kubernetes® deployments on various cloud platforms for customer data centers (CDC).

General requirements

Rackspace Kubernetes-as-a-Service (KaaS) enables you to run Kubernetes workloads on top of one of the supported cloud environments. You need to provide the following information before cluster deployment:

Desired name of the Kubernetes clusterYesThe Kubernetes cluster name with a resolvable subdomain assigned to KaaS.Provide the desired name of the Kubernetes cluster. For OpenStack deployments, specify whether the subdomain is delegated to OpenStack DNS-as-a-Service.
Object storeYesOpenStack deployments: Ceph RGW or OpenStack Swift. Other platforms: On a case-by-case basis.Kubernetes requires an object store that is compatible with the supported version of OpenStack and the Swift API. If you plan to use a different type of object storage, contact your Rackspace representative to submit a deal exception.
Block storageYesOpenStack deployments: Ceph block storage. Other platforms: A dedicated cloud provider.Kubernetes requires block storage. If you cannot use Ceph, contact your Rackspace representative. If your storage appliance is supported by OpenStack, has full cinder API support, and is redundant beyond the disk, you must submit a deal exception to replace Ceph.
Root or intermediate Certificate Authority (CA)OptionalCustomer provided or self-signed.You can provide a certificate authority and key to be used by Kubernetes for signing certificates within Kubernetes. If you have an existing Public Key Infrastructure (PKI) setup, KaaS enables you to maintain certificate trusts in Kubernetes.
DNS zoneYesNot applicableOpenStack deployments: Delegate a DNS zone for OpenStack DNS-as-a-Service (designate). Other platforms: Assign a domain name.
Network for the Kubernetes nodesYesNot applicableThe network must be at least a /24 network.
Whitelist Quay.io, GitHub, and other websites that KaaS uses to deploy the Kubernetes subnet.YesNot applicableList of URLs.

OpenStack environment requirements

If you use KaaS to deploy Kubernetes on Rackspace Private Cloud Powered by OpenStack® (RPCO) or Rackspace Private Cloud Powered by Red Hat® (RPCR), you need to provide the following information in addition to the items described in General requirements:

Host operating system (OS)YesUbuntu 16.04 / RHEL 7Not applicable
OpenStack versionYesNewton or OSP 13Kubernetes is supported on RPCO Newton and RPCR OSP 13. Previous and newer versions are not supported.
DNS zone YesNot applicableDelegate a DNS zone for OpenStack DNS-as-a-Service (designate).
Valid SSL certificates - OpenStack servicesYesValid formed SSLKaaS requires a valid SSL certificate. You cannot use the self-signed certificates used with OpenStack-Ansible (OSA) playbooks for RPCO.
Free compute nodes YesMinimum five nodesAssign a minimum of five free compute nodes per one Kubernetes cluster. Rackspace recommends to use additional free nodes for production workloads.
OpenStack DNS-as-a-Service (designate) and Load Balancer-as-a-Service (octavia) YesDNS and load balancingKubernetes deployments require both services. Octavia requires floating IP (FIP) support, which is satisfied with neutron and the default networking options. Different networking backends require a deal exception.
Networking: required VLANs YesTenant connectivity and octaviaOctavia requires one VLAN for internal management. To support Fast Local Internet Protocol (FLIP), one VLAN is required. Neutron requires one VLAN for the Kubernetes cluster. Note :
Depending on your requirements, you might need to configure multiple VLANs based on the number and size of clusters.
Floating IP support YesOpenStack Load Balancer-as-a-Service (octavia)If another networking backend is selected through the deal exception process, it must support floating IPs.
Custom flavor classes OptionalNot applicableIf you need custom flavors that house the Kubernetes master and worker nodes, notify Rackspace before the deployment.
SMTP server settings OptionalNot applicableSMTP server settings including hostname, password, username, port, and encryption.
A network block for internal Kubernetes services OptionalNot applicableThe network block must be at least a /16 network. It does not have to be routable.
A network block for internal Kubernetes containers Not applicableThe network block must be at least a /16 network. It does not have to be routable.