Avi Kubernetes Operator 1.11

tunables.for.ako tenancy.in.ako namespace.sync.in.ako multiple.ako.instances.in.a.cluster cloud.connector.to.ako.migration install.avi.kubernetes.operator handling.of.kubernetes.openshift.and.avi.objects high.availability.support.in.ako enhanced.virtual.hosting.in.ako compatibility.guide.for.ako ako.deployment.in.openstack ako.optimisation.recommendations avi.kubernetes.operator.deployment.guide

AKO
 Optimization Recommendations

AKO
 watches events(CUD) of different Kubernetes/OpenShift cluster objects to realize the
NSX Advanced Load Balancer Controller
 side objects.
AKO
 provides config level knobs that can help to filter Kubernetes/OpenShift objects and help improve
AKO
 performance. This topic discusses
AKO
values.yaml
 (
configmap
) level settings that will help in optimizing
AKO
 performance.

AKOSettings.namespaceSelector.labelKey
 and
AKOSettings.namespaceSelector.labelValue

These two parameters act as a namespace filter.
AKO
 syncs Ingresses/Routes, L4 services from namespaces having this namespace selector.
Parameter
Description
Default
AKOSettings.namespaceSelector.labelKey
Key used as a label based selection for the namespaces
empty
AKOSettings.namespaceSelector.labelValue
Value used as a label based selection for the namespaces
empty
If either of the above values is left empty,
AKO
 will sync objects from all namespaces with the
NSX Advanced Load Balancer Controller
. For example, if user specifies values as
labelKey: app
 and
labelValue: migrate
 in values.yaml, the user has to label namespace with
app: migrate
.

    apiVersion: v1
    kind: Namespace
    metadata:
      creationTimestamp: "2020-12-04T13:20:42Z"
      labels:
        app: migrate
      name: red
      resourceVersion: "14055620"
      selfLink: /api/v1/namespaces/red
      uid: a424bf13-2f4a-4005-a84d-f2fb65acfda0
    spec:
      finalizers:
      - kubernetes
    status:
      phase: Active
AKO
 syncs all objects from correctly labeled namespaces.
If the label of the
red
 namespace is changed from
app: migrate
 (valid) to
app: migrate1
 (invalid), the following objects of
red
 namespace will be deleted from the
NSX Advanced Load Balancer Controller
.
  • Pools associated with, insecure ingresses/routes
  • SNI virtual services associated with secure ingresses/routes
  • Virtual services associated with L4 objects
  • EVH virtual services associated with secure, insecure ingresses/routes.
  • AKO
     will sync back objects of a namespace with
    NSX Advanced Load Balancer Controller
     if namespace label is changed from an invalid label to a valid label.
AKO
 reboot will be required if value of this knob is changed in
AKO
 configmap.

AKOSettings.blockedNamespaceList

The
blockedNamespaceList
 lists the Kubernetes/OpenShift namespaces blocked by
AKO
.
AKO
 will not process any Kubernetes/OpenShift object update from these namespaces. Default value is empty list.
Parameter
Description
Default
AKOSettings.blockedNamespaceList
List of Kubernetes/OpenShift namespaces blocked by
AKO
Empty List
For example, to block syncing objects from
kube-system
,
kube-public
 namespaces, you can specify those namespaces as follows:
AKOSettings:
    .
    .
  blockedNamespaceList:
  - kube-system
  - kube-public
AKO
 reboot is required if the value of this knob is changed in
AKO
 configmap.

nodeSelectorLabels.key
 and
nodeSelectorLabels.value

It might not be desirable to have all the nodes of a Kubernetes/OpenShift cluster to participate in becoming server pool members. So, key/value pairs are used as a label based selection on the nodes in Kubernetes/OpenShift to filter out nodes. If key/value pairs are not specified, all nodes are selected. This setting is applicable in
NodePort
 deployment only.
Parameter
Description
Default
nodeSelectorLabels.key
Key used as a label based selection for the nodes.
Empty
nodeSelectorLabels.value
Value used as a label based selection for the nodes.
Empty
For example, if user you have specified
nodeSelectorLabels.key
 as a node selected and
nodeSelectorLabels.value
 as
yes
, the nodes which do have this label will be selected during pool server population.

    apiVersion: v1
    kind: Node
    metadata:
      annotations:
        node.alpha.kubernetes.io/ttl: "0"
        volumes.kubernetes.io/controller-managed-attach-detach: "true"
      labels:
        kubernetes.io/hostname: node2
        kubernetes.io/os: linux
        nodeselected: yes
      name: node2
    spec:
      .
      .
      .
AKO
 selects
node2
 while populating pool servers.
Rebooting of
AKO
 will be required if the value of this knob is changed in the
AKO
configmap
.

Content feedback and comments