Customizing your installation

You can complete most of your cluster customization in the /<installation_directory>/cluster/config.yaml file. These customizations must be done during the installation of your cluster.

To review a full list of parameters that are available to customize, see Customizing the cluster with the config.yaml file.

You can also set node-specific parameters values in the /<installation_directory>/cluster/hosts file. However, parameter values that are set in the config.yaml file have the highest priority during an installation. To set a parameter value in the hosts file, you must remove the parameter from the config.yaml file. For more information about setting node-specific parameter values in the hosts file, see Setting the node roles in the hosts file.

• General installation options
• HA installation options
• Cluster directory structure

General installation options

To customize your cluster, the following are a few of the optional features that can be configured during installation.

1. Configure the monitoring service. See Configuring the monitoring service. Important: If you use a high availability configuration, follow the monitoring service configuration steps to allow the monitoring service to use a network shared storage provider.
2. Specify a certificate authority (CA) for your cluster. See Specifying your own certificate authority (CA) for IBM Cloud Private services.
3. Enable the Vulnerability Advisor. See Enabling the Vulnerability Advisor. This feature is not available for IBM Cloud Private-CE (Community Edition).
4. Configure GlusterFS storage. See Configuring GlusterFS during IBM Cloud Private installation.
5. Configure vSphere Cloud Provider. See Configuring a vSphere Cloud Provider.
6. Configure AWS Cloud Provider. See AWS Cloud Provider settings.
7. Create one or more storage classes for the storage provisioners in your environment. See Dynamic storage provisioning.
8. Encrypt cluster data network traffic with IPsec. See Encrypting cluster data network traffic with IPsec.
9. Encrypt volumes. See Encrypting volumes by using dm-crypt.
10. Integrate VMware NSX-T 2.3 with IBM Cloud Private cluster nodes. See Integrating VMware NSX-T 2.3 with IBM Cloud Private.
11. Specify a default Docker storage directory. See Specifying a default Docker storage directory by using bind mount.
12. Specify other default storage directories. See Specifying other default storage directories by using bind mount.
13. Set up an external load balancer. See Setting up an external load-balancer.

HA installation options

Ensure that you review the High availability IBM® Cloud Private clusters topic. HA is supported for IBM Cloud Private Cloud Native and Enterprise editions only.

For HA clusters, configure the HA parameters:

1. Enable the ports for the master nodes to communicate with each other and Tiller by completing the following steps on each master node:

   1. Run the following command to open the ports:

      firewall-cmd --permanent --add-port=44134/tcp
      

   2. Run the following command to reload the firewall settings:

      firewall-cmd --reload
      

   3. Restart the master node and wait for all of the pods to show a running state.

   4. Repeat those steps for the other master nodes in your environment.

2. To configure HA for your master nodes, update the HA settings section in the config.yaml file. For the vip_iface parameter value, provide your environment's interface name. For the cluster_vip parameter value, provide an available IP address, preferably one from the same IP range that your cluster nodes use. For the master nodes, the virtual IP has to be in the same subnet. The configuration resembles the following code:

   # HA settings
   vip_iface:  eth0
   cluster_vip:  5.5.5.1
   

3. To configure HA for your proxy nodes, update the Proxy settings section in the config.yaml file. For the proxy_vip_iface parameter value, provide your environment's interface name. For the proxy_vip parameter value, provide an available IP address, preferably one from the same IP range that your cluster nodes use. The configuration resembles the following code:

   # Proxy settings
   proxy_vip_iface:  eth0
   proxy_vip:  5.5.5.2
   

   Note: You must use different IP addresses for the cluster_vip and proxy_vip parameter values.

   Note: You can also set these node-specific parameters in the hosts file. For example, you can set the vip_iface parameter values, as shown in the following code:

   [master]
   <master_node_1_IP_address> vip_iface=eth0
   <master_node_2_IP_address> vip_iface=ens192
   <master_node_3_IP_address> vip_iface=ens160
   

Parameter values in the config.yaml file have the highest priority during an installation. To set a parameter value in the hosts file, you must remove the parameter from the config.yaml file.

Cluster directory structure

The cluster directory contains the following files:

• config.yaml: The configuration settings that are used to install IBM Cloud Private to your cluster.

• hosts: The definition of the nodes in your cluster.

• misc/storage_class: A folder that contains the dynamic storage class definitions for your cluster.

• ssh_key: A placeholder file for the SSH private key that is used to communicate with other nodes in the cluster.

• docker-engine: Contains the IBM Cloud Private Docker packages that can be used to install Docker on your cluster nodes.