Advanced cluster configuration

This page describes advanced configuration settings that you can apply to a Confidential Kubernetes cluster.

To apply these settings, you need to edit the config file constellation-conf.yaml as described below.

Prerequisites

• You have created a Confidential Kubernetes cluster: Create a Confidential Kubernetes cluster
• You can edit the config file and run the command constellation apply to change the configuration of the cluster.

Configuration options

Image version

You can run another version of the image. However, only the image versions listed in the Image Version Table Confidential Kubernetes are supported.

• Update the CLI with installing the latest version. See: Installation and setup.
• Generate new configuration file for your Confidential cluster and fill in your custom details. See: Create a Confidential Kubernetes cluster.

Cluster version Downgrade

If you want to create a new cluster with a previous image version you only need to update yourconstellation-conf.yaml file and change the image version and optional microserviceVersion values:

version: v4 # Schema version of this configuration file.
image: v2.19.0 # Machine image version used to create Constellation nodes.
...
microserviceVersion: v2.19.0 # Microservice version to be installed into the cluster. Defaults to the version of the CLI.

Flavor (Instance Types)

By default, Constellation uses m1a.4cd VMs (4 vCPUs, 30 GB RAM) to create your cluster. Optionally, you can switch to a different VM type by modifying instanceType in the configuration file.

The following flavors (instance types) are supported:

name	vCPUs	GB RAM
m1a.4cd	4	30
m1a.8cd	8	60
m1a.16cd	16	120
m1a.30cd	30	230

You can choose any of the SEV-enabled flavors (instance types).

The Constellation CLI can also print the supported flavors (instance types) by running the command constellation config instance-types.

How to change the flavor:

Insert the flavor name into the constellation-conf.yaml instance type fields.

nodeGroups:
    control_plane_default:
        ...
        instanceType: m1a.8cd # VM instance type to use for the nodes.
        ...
    worker_default:
        ...
        instanceType: m1a.8cd # VM instance type to use for the nodes.
        ...

Additional node groups

By default, Constellation creates the node groups control_plane_default and worker_default for control-plane nodes and workers, respectively. If you require additional control-plane or worker groups with different instance types, zone placements, or disk sizes, you can add additional node groups to the constellation-conf.yml file. Each node group can be scaled individually.

nodeGroups:
    control_plane_default:
        role: control-plane # Role of the nodes in this group. Valid values are "control-plane" and "worker".
        zone: "eu01-1" # Availability zone to place the VMs in.
        instanceType: m1a.4cd # VM instance type to use for the nodes.
        stateDiskSizeGB: 30 # Size (in GB) of a node's disk to store the non-volatile state.
        stateDiskType: storage_premium_perf6 # Type of a node's state disk. The type influences boot time and I/O performance.
        initialCount: 1 # Number of nodes to be initially created.
    worker_default:
        role: worker # Role of the nodes in this group. Valid values are "control-plane" and "worker".
        zone: "eu01-1" # Availability zone to place the VMs in.
        instanceType: m1a.4cd # VM instance type to use for the nodes.
        stateDiskSizeGB: 30 # Size (in GB) of a node's disk to store the non-volatile state.
        stateDiskType: storage_premium_perf6 # Type of a node's state disk. The type influences boot time and I/O performance.
        initialCount: 2 # Number of nodes to be initially created.
     high_cpu:
        role: worker # Role of the nodes in this group. Valid values are "control-plane" and "worker".
        zone: "eu01-1" # Availability zone to place the VMs in.
        instanceType: m1a.30cd # VM instance type to use for the nodes.
        stateDiskSizeGB: 128 # Size (in GB) of a node's disk to store the non-volatile state.
        stateDiskType: storage_premium_perf6 # Type of a node's state disk. The type influences boot time and I/O performance.
        initialCount: 1 # Number of nodes to be initially created.

STACKIT currently offers SEV-enabled CPUs in the eu01-1, eu01-2, eu01-3 zones.

Kubernetes version

To learn which Kubernetes versions can be installed with your current CLI, you can run: constellation config kubernetes-versions

See also Constellation’s Kubernetes support policy.

See also

• Regions and availability zones