...
- Privileged pods:
- works as expected
- Ingress:
- works as expected
- Wildcard DNS/TLS
- Wildcard DNS worked fine via Google domains
- *.azure.ndslabs.org > public IP if ingress ilb
- TLS should work (disabled during testing)
- Access to Kubernetes API
- apiserver assumes token path. Added TOKEN_PATH configuration to entrypoint.sh
- Access to etcd:
- Requires dedicated etcd (etcd.yaml)
- SMTP server
- Problem: Azure requires SMTP mail relay. This will require code changes
- Workaround – create accounts via ndslabsctl
- Node labeling:
- works as expected
- Loadbalancer/Public IP
- works as expected (via kubectl expose)
- Storage:
- Broken by default
- Need to use AzureFile or GlusterFS
- AzureFile
- Need to test how/if this works
- May support quotas, but only through direct API integration
- GlusterFS requires deploying Gluster cluster
Addons
Access to Kubedash via kubectl proxy
- Monitoring
- Heapster installed, but no Grafana by default
- Logging
- No Kibana/Fluentd or cluster-wide logging services
- DNS
- yes
- Container registry as separate service
...