Configuring Kubernetes

Working with your Kubernetes infrastructure

The Kubernetes tab, as you would expect, lets you configure Kubernetes settings:

The Kubernetes tab

Figure 1 - The Kubernetes tab

Here are the details of these fields:

Master API URL

Under normal circumstances this value should not be changed. It can be useful in a Bring Your Own Kubernetes environment when defining connections between the ACM and Kubernetes. Contact Altinity support for help setting this up.

Auth Options - TLS Handshake + Token

This authentication scheme is the most common:

The Kubernetes tab - TLS Handshake and Token

Figure 2 - Using the TLS Handshake and Token authentication scheme

The Client Key and Client Cert are defined for you. Under normal circumstances, you won’t need to change these values at all.

Auth Options - No Auth (Proxy)

This approach is used for development purposes only. It should never be used in production.

The Kubernetes tab - No Auth

Figure 3 - Using the No Auth authentication scheme

Auth Options - Access Token

This is a legacy technique that is no longer used. It will be removed in a future version of the ACM.

The Kubernetes tab - Access Token

Figure 4 - Using the Access Token authentication scheme

Namespace

The namespace used for the ClickHouse clusters deployed by Altinity. The default value is altinity-cloud-managed-clickhouse. Once the ClickHouse cluster is created, the namespace cannot be changed.

Manage Namespace

If this switch is turned on, namespaces will be managed by the ACM.

Certificate ARN

The ARN (Amazon Resource Name) for the certificate used by this environment. This is managed for you in Altinity.Cloud environments, and is typically not needed in an Altinity.Cloud Anywhere environment.

Load Balancer Type

The default value (and likely the only value available) is Altinity Edge Ingress. If your cloud provider is AWS, AWS NLB may be an option as well. In some cases, you’ll see checkboxes that let you enable the load balancer for public and/or private traffic. If you need to use a different load balancer, contact Altinity support.

Node Scope Label

Defines a label that will be added to nodes created by the ACM. This is useful for Kubernetes clusters that have user-created nodes. With a node scope label, the ACM will only deploy pods to nodes with that label.

Subnets CIDR

This is used in Bring Your Own Cloud (BYOC) environments. You define subnets in your cloud account, then reference them when you use the ACM to create a Kubernetes cluster in your cloud account. The subnets you provided when you defined the environment appear here.

K8S Dashboard URL

You have the option of installing a Kubernetes monitoring tool inside the Kubernetes cluster that hosts your ClickHouse clusters. If you do, enter the URL of the monitoring tool here. Most customers use tools that run outside the Kubernetes cluster (k9s, for example), so this option is rarely used.

Server Startup Mode

The startup modes affect how Altinity Cloud Manager starts a ClickHouse cluster when you change its configuration. The three modes are:

  • Default mode
  • Direct mode - If something goes wrong during startup, the ACM will retry the startup several times before giving up.
  • Troubleshooting mode - If something goes wrong during startup, the ACM will not try to restart it if it fails. This is useful for debugging any problems with your cluster’s updated configuration.

Server Startup Time

Depending on the number of tables and the amount of data in your ClickHouse cluster, it may take longer than normal to start. That means it’s possible that the Kubernetes cluster hosting your ClickHouse cluster will delete and restart the pods needed to run ClickHouse before ClickHouse can start. For that reason, you can define a startup time, which is the number of seconds the Kubernetes cluster should wait for your ClickHouse cluster to start.

SNI Proxy

In an Altinity.Cloud Anywhere environment, the endpoints the ACM needs to access may not be publicly accessible. This field lets you define an SNI proxy to route requests from the ACM to the correct endpoint inside your Altinity.Cloud Anywhere environment. (Server Name Indication is an extension to TLS that allows multiple hostnames to be served over a single HTTP endpoint.)

Use SNI Proxy to access ClickHouse

Turns the SNI proxy on or off.

Use Operator Managed PVs

If selected, the persistent volumes used by your ClickHouse clusters will be managed by the Altinity Kubernetes Operator. This is the default; only legacy Altinity.Cloud environments should disable this option.