diff --git a/docs/docs-content/clusters/cluster-management/palette-webctl.md b/docs/docs-content/clusters/cluster-management/palette-webctl.md index e7be28b8b6..a1722d37c1 100644 --- a/docs/docs-content/clusters/cluster-management/palette-webctl.md +++ b/docs/docs-content/clusters/cluster-management/palette-webctl.md @@ -19,9 +19,9 @@ Use the following steps to connect to your host cluster with the kubectl CLI. If you are using Palette Virtual Machine (VM) Management, you can find steps on how to connect to your virtual machines with the [virtctl CLI](https://kubevirt.io/user-guide/user_workloads/virtctl_client_tool/) in the -[Access VM Cluster with virtctl](../../vm-management/create-manage-vm/access-cluster-with-virtctl.md) guide. The virtctl -CLI facilitates some of the VM operations you will perform, such as copying, pasting, or transferring files to and from -a virtual machine using Secure Copy Protocol (SCP). +[Access VM Cluster with virtctl](../../vm-management/create-manage-vm/advanced-topics/access-cluster-with-virtctl.md) +guide. The virtctl CLI facilitates some of the VM operations you will perform, such as copying, pasting, or transferring +files to and from a virtual machine using Secure Copy Protocol (SCP). ::: diff --git a/docs/docs-content/vm-management/architecture.md b/docs/docs-content/vm-management/architecture.md new file mode 100644 index 0000000000..bd04b1d96c --- /dev/null +++ b/docs/docs-content/vm-management/architecture.md @@ -0,0 +1,90 @@ +--- +sidebar_label: "Architecture" +title: "Architecture" +description: "Learn about Palette VMO pack and the architecture behind it." +hide_table_of_contents: false +sidebar_position: 0 +tags: ["vmo", "architecture"] +--- + +The Palette Virtual Machine Orchestrator (VMO) pack consolidates all components that you need to deploy and manage +Virtual Machines (VMs) alongside containers in a Kubernetes host cluster. You can deploy VMO as an +[add-on cluster profile](../profiles/cluster-profiles/create-cluster-profiles/create-addon-profile/create-addon-profile.md) +on top of an existing data center or edge cluster. + +![Diagram that explains the architecture behind Palette VMO.](/vm-management_architecture_vmo-architecture.webp) + +For more detailed information about the technical architecture of VMO, refer to +[Palette VMO Reference Architecture](https://www.spectrocloud.com/resources/whitepaper/vmo-architecture-pdf). + +## Palette VMO Components + +By default, Palette VMO includes the following components: + +- **Descheduler**. Enables VM live migration to different nodes in the node pool when the original node is in + maintenance mode. + +- **Snapshot Controller**. Enables you to create VM snapshots. This component is automatically installed when you + initiate or schedule cluster backups. + + :::info + + Palette installs a snapshot controller into every cluster where backups are scheduled or have been created on-demand + in the past. To prevent resource conflicts, you can disable the VMO snapshot controller in the pack YAML + configuration. + + ```yaml + charts: + virtual-machine-orchestrator: + snapshot-controller: + enabled: false + ``` + + ::: + +- **Spectro VM Dashboard**. Enables you to create, manage, and monitor VMs from Palette. The dashboard becomes available + once the VMO pack is successfully deployed as part of your cluster profile. + +- **KubeVirt**. This open-source solution enables you to create and manage VMs within Kubernetes clusters. KubeVirt + extends Kubernetes with additional virtualization resource types using Kubernetes Custom Resource Definitions (CRD) + API. + + With KubeVirt, you can use the Kubernetes API to manage VM resources in the same way you would manage standard + Kubernetes resources. + + :::tip + + Palette VMO is pre-configured to use a number of KubeVirt feature gates out of the box, and you can configure + additional feature gates as necessary. Refer to the [Feature Gates](#feature-gates) section for more information. + + ::: + +- **KubeVirt CDI**. Provides persistent storage for Kubernetes clusters and enables the use of Persistent Volume Claims + (PVCs) as disks for KubeVirt VMs. + +- **Volume Snapshot Controller**. Watches VolumeSnapshot CRD objects and manages the creation and deletion of volume + snapshots. A snapshot represents a point-in-time copy of a volume. + +- **Multus CNI**. Enables multiple network interfaces to attach to Kubernetes pods. In the context of VMO, Multus + Controller Network Interface (CNI) automatically creates VLAN interfaces onto which you can place VMs. + +### Feature Gates + +Palette VMO includes the following KubeVirt feature gates by default: + +- LiveMigration +- Snapshot +- HotplugVolumes +- VMExport +- ExpandDisks +- HotplugNICs +- VMLiveUpdateFeatures +- [CPU Hotplug](./create-manage-vm/enable-cpu-hotplug.md) + +For more information on KubeVirt feature gates, refer to the +[KubeVirt Activating feature gates](https://kubevirt.io/user-guide/cluster_admin/activating_feature_gates/) guide. + +## Next Steps + +Now that you understand the architecture behind Palette VMO, you can continue exploring it by reviewing our +[Environment Setup](./environment-setup.md) and [Create a VMO Profile](./create-vmo-profile.md) pages. diff --git a/docs/docs-content/vm-management/create-manage-vm/_category_.json b/docs/docs-content/vm-management/create-manage-vm/_category_.json index 094470741d..e7e7c54966 100644 --- a/docs/docs-content/vm-management/create-manage-vm/_category_.json +++ b/docs/docs-content/vm-management/create-manage-vm/_category_.json @@ -1,3 +1,3 @@ { - "position": 10 + "position": 40 } diff --git a/docs/docs-content/vm-management/create-manage-vm/advanced-topics/_category_.json b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/_category_.json new file mode 100644 index 0000000000..e1d4231c70 --- /dev/null +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/_category_.json @@ -0,0 +1,3 @@ +{ + "position": 100 +} diff --git a/docs/docs-content/vm-management/create-manage-vm/access-cluster-with-virtctl.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/access-cluster-with-virtctl.md similarity index 96% rename from docs/docs-content/vm-management/create-manage-vm/access-cluster-with-virtctl.md rename to docs/docs-content/vm-management/create-manage-vm/advanced-topics/access-cluster-with-virtctl.md index 0246413198..ef3eec378a 100644 --- a/docs/docs-content/vm-management/create-manage-vm/access-cluster-with-virtctl.md +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/access-cluster-with-virtctl.md @@ -1,6 +1,6 @@ --- -sidebar_label: "Access VM Cluster with virtctl" -title: "Set up virtctl" +sidebar_label: "Access VM Cluster with Virtctl" +title: "Set up Virtctl" description: "Set up KubeVirt virtctl to facilitate VM operations in Palette Virtual Machine Orchestrator" icon: " " hide_table_of_contents: false diff --git a/docs/docs-content/vm-management/create-manage-vm/advanced-topics/advanced-topics.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/advanced-topics.md new file mode 100644 index 0000000000..35461691f9 --- /dev/null +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/advanced-topics.md @@ -0,0 +1,23 @@ +--- +sidebar_label: "Advanced Topics" +title: "Advanced Topics" +description: "Advanced topics for Palette Virtual Machine Orchestrator." +icon: " " +hide_table_of_contents: false +sidebar_position: 60 +tags: ["vmo"] +--- + +Beyond the standard Virtual Machine (VM) operations such as deployment, clone, and migration, Palette Virtual Machine +Orchestrator (VMO) supports further customization and advanced use cases. + +This section discusses advanced topics such as creating and modifying VM template and disk templates. You will also +learn how to perform standard VM operations via the command-line tool, virtctl, and how to maximize your VM performance +by over-committing CPU and memory. + +## Resources + +- [Access VM Cluster with Virtctl](./access-cluster-with-virtctl.md) +- [Create VM Templates](./create-vm-template.md) +- [Create DISK Templates](./create-disk-templates.md) +- [Over-commit Resources to Enhance VM Performance](./vm-oversubscription.md) diff --git a/docs/docs-content/vm-management/create-manage-vm/create-disk-templates.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/create-disk-templates.md similarity index 93% rename from docs/docs-content/vm-management/create-manage-vm/create-disk-templates.md rename to docs/docs-content/vm-management/create-manage-vm/advanced-topics/create-disk-templates.md index 71c6ff0d38..99286f7b20 100644 --- a/docs/docs-content/vm-management/create-manage-vm/create-disk-templates.md +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/create-disk-templates.md @@ -19,16 +19,16 @@ This guide demonstrates how to implement your own disk and VM templates using Ku ## Prerequisites -- A VMO profile. Check out the [Create a VMO Profile](../vm-packs-profiles/create-vmo-profile.md) guide to learn how you - can create this profile. +- A VMO profile. Check out the [Create a VMO Profile](../../create-vmo-profile.md) guide to learn how you can create + this profile. - A cluster deployed with this VMO profile. Check out the - [Deploy a Cluster](../../clusters/public-cloud/deploy-k8s-cluster.md) tutorial for detailed steps on how you can + [Deploy a Cluster](../../../clusters/public-cloud/deploy-k8s-cluster.md) tutorial for detailed steps on how you can deploy clusters to a public cloud. ## Create a Template 1. Create a new **Add-on Profile** with the following manifest. Check out the - [Add a Manifest](../../profiles/cluster-profiles/create-cluster-profiles/create-addon-profile/create-addon-profile.md) + [Add a Manifest](../../../profiles/cluster-profiles/create-cluster-profiles/create-addon-profile/create-addon-profile.md) guide for more information. The provided manifest defines a `DataVolume` that imports the example disk template for Ubuntu 22.04 into the @@ -173,7 +173,7 @@ This guide demonstrates how to implement your own disk and VM templates using Ku 3. When the CDI clones a PVC, it runs under the `default` service account in the namespace of the target PVC. When the source PVC is in a different namespace, you must give the required permissions to the service account. The - [VMO pack](../vm-management.md) version 4.2.0 (or higher) does this automatically through its default pack + [VMO pack](../../vm-management.md) version 4.2.0 (or higher) does this automatically through its default pack specification. This configuration uses the `vmEnabledNamespaces` option to specify the namespaces for which the permissions are configured. @@ -327,7 +327,7 @@ This guide demonstrates how to implement your own disk and VM templates using Ku ![Add-on Profile](/create-disk-templates-guide/vm-management_create-manage-vm_create-disk-templates_add-on-disk-template-profile.webp) 4. Once the cluster updates, this VM template is available to the VMs you create on your cluster. Check out the - [Deploy VM From a Template](./standard-vm-operations/deploy-vm-from-template.md) guide for more information. + [Deploy VM From a Template](../deploy-vm-from-template.md) guide for more information. ![Create VM from template](/create-disk-templates-guide/vm-management_create-manage-vm_create-disk-templates_create-vm-from-template.webp) @@ -335,8 +335,6 @@ This guide demonstrates how to implement your own disk and VM templates using Ku To learn more about the Palette VMO, we encourage you to check out the reference resources below. -- [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm-packs-profiles.md) +- [Palette VMO](../../vm-management.md) -- [Standard VM Operations](../create-manage-vm/standard-vm-operations/standard-vm-operations.md) - -- [Deploy VM From a Template](../create-manage-vm/standard-vm-operations/deploy-vm-from-template.md) +- [Deploy VM From a Template](../deploy-vm-from-template.md) diff --git a/docs/docs-content/vm-management/create-manage-vm/create-vm-template.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/create-vm-template.md similarity index 100% rename from docs/docs-content/vm-management/create-manage-vm/create-vm-template.md rename to docs/docs-content/vm-management/create-manage-vm/advanced-topics/create-vm-template.md diff --git a/docs/docs-content/vm-management/create-manage-vm/vm-oversubscription.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/vm-oversubscription.md similarity index 59% rename from docs/docs-content/vm-management/create-manage-vm/vm-oversubscription.md rename to docs/docs-content/vm-management/create-manage-vm/advanced-topics/vm-oversubscription.md index bf2eb73bff..ca9bc3df11 100644 --- a/docs/docs-content/vm-management/create-manage-vm/vm-oversubscription.md +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/vm-oversubscription.md @@ -1,6 +1,6 @@ --- -sidebar_label: "VM Performance" -title: "VM Performance" +sidebar_label: "Over-commit Resources to Enhance VM Performance" +title: "Over-commit Resources to Enhance VM Performance" description: "Learn how to improve VM performance by maximizing virtual machine CPU and memory using Palette." icon: " " hide_table_of_contents: false @@ -15,32 +15,44 @@ VM workloads typically have varying resource demands and peak utilization patter possible to allocate them flexibly and take advantage of the fact that not all VMs will require their maximum allocation simultaneously. -The hypervisor automatically overcommits CPU and memory. This means that more virtualized CPU and memory can be +The hypervisor automatically over-commits CPU and memory. This means that more virtualized CPU and memory can be allocated to VMs than there are physical resources on the system. -## CPU Overcommit +## Over-commit CPUs Kubevirt offers the `cpuAllocationRatio` in its Custom Resource Definitions (CRD). This ratio is used to normalize the amount of CPU time the pod will request based on the number of virtual CPUs (vCPUs). -Using the following algorithm, when `cpuAllocationRatio` is set to 1, the full amount of vCPUs are requested for the -pod: `pod CPU request = number of vCPUs * 1/cpuAllocationRatio`. +### Prerequisites -The `cpuAllocationRatio` is global, so setting it to greater than 1 has the effect of requesting less CPU from -Kubernetes for each VM. +- An active VMO cluster in Palette. -Certain workloads that require a predictable latency and enhanced performance would benefit from obtaining dedicated CPU -resources. KubeVirt relies on the Kubernetes CPU manager to pin vCPUs to the physical host’s CPUs. To learn more, refer -to [Dedicated CPU Resources](https://kubevirt.io/user-guide/compute/dedicated_cpu_resources/) and -[Resources Requests and Limits](https://kubevirt.io/user-guide/compute/virtual_hardware/#resources-requests-and-limits) -Kubevirt documentation. +### Procedure + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. From the left **Main Menu**, click on **Profiles**. + +3. Select the profile you use to create the cluster with the VMO pack. + +4. Select the VMO add-on layer of the cluster profile. + +5. Using the following algorithm, when `cpuAllocationRatio` is set to 1, the full amount of vCPUs are requested for the + pod: `pod CPU request = number of vCPUs * 1/cpuAllocationRatio`. The `cpuAllocationRatio` is global, so setting it to + greater than 1 has the effect of requesting less CPU from Kubernetes for each VM. + + Certain workloads that require a predictable latency and enhanced performance would benefit from obtaining dedicated + CPU resources. KubeVirt relies on the Kubernetes CPU manager to pin vCPUs to the physical host’s CPUs. To learn more, + refer to [Dedicated CPU Resources](https://kubevirt.io/user-guide/compute/dedicated_cpu_resources/) and + [Resources Requests and Limits](https://kubevirt.io/user-guide/compute/virtual_hardware/#resources-requests-and-limits) + Kubevirt documentation. :::warning -- We do not recommend overcommitting CPUs in a production environment without extensive testing. Applications that use - 100 percent of processing resources may become unstable in overcommitted environments. +- We do not recommend over-committing CPUs in a production environment without extensive testing. Applications that use + 100 percent of processing resources may become unstable in over-committed environments. -- Ensure you don't overcommit guest VMs on more than the physical number of processing cores. For example, a guest VM +- Ensure you don't over-commit guest VMs on more than the physical number of processing cores. For example, a guest VM with four vCPUs should only be deployed on a host physical machine with a quad-core processor instead of a dual-core processor. @@ -48,7 +60,7 @@ Kubevirt documentation. ::: -## Memory Overcommit +## Over-Commit Memory KubeVirt allows you to assign more or less memory to a VM than a VM requests to Kubernetes. You may want to overcommit VM memory if you have a cluster or a few nodes that are dedicated to running VMs. In this case, overcommitting memory @@ -57,9 +69,13 @@ makes use of all the memory in the nodes regardless of reserved or requested mem To learn about options for memory overcommitment, refer to [Node Overcommit](https://kubevirt.io/user-guide/compute/node_overcommit/) KubeVirt resource. -You can make several changes to reduce the memory footprint and overcommit the per-VMI memory overhead. +### Prerequisites + +### Procedure + +You can make several changes to reduce the memory footprint and over-commit the per-VMI memory overhead. -- Enable guest overhead overcommit by setting `spec.domain.resources.overcommitGuestOverhead` to true. +- Enable guest overhead over-commit by setting `spec.domain.resources.overcommitGuestOverhead` to true. - Enable guest memory by setting `spec.domain.memory.guest` to a value higher than `spec.domain.resources.requests.memory`, as shown in the example. diff --git a/docs/docs-content/vm-management/create-manage-vm/clone-vm.md b/docs/docs-content/vm-management/create-manage-vm/clone-vm.md new file mode 100644 index 0000000000..8c84f77179 --- /dev/null +++ b/docs/docs-content/vm-management/create-manage-vm/clone-vm.md @@ -0,0 +1,56 @@ +--- +sidebar_label: "Clone a VM" +title: "Clone a VM" +description: "Learn how to clone a VM from a template using Palette Virtual Machine Orchestrator." +icon: " " +hide_table_of_contents: false +sidebar_position: 40 +tags: ["vmo"] +--- + +A VM clone is a copy of an existing virtual machine (VM). The cloned VM has the same configuration settings and +identifiers as the parent VM. After you clone a VM, the cloned VM acts as a separate virtual machine. + +Cloning is a quick way to create a new virtual machine that shares the same properties as the parent. You may want to +clone a VM for the following reasons: + +- Software testing. Developers can clone an active VM to test new changes to their code. + +- Forensics. Security administrators can clone an infected machine and connect it to an air-gaped network to investigate + the source of the infection while the parent VM can be destroyed or remediated. + +## Prerequisites + +- An active cluster in Palette with the Virtual Machine Orchestrator (VMO) pack. + +- Outbound internet connectivity for port 443 is allowed so that you and your applications can connect with the Spectro + Cloud reverse proxy. + +- Users or groups must be mapped to a Virtual Machine RBAC role. You can create a custom role through a manifest and use + Palette's RoleBinding feature to associate users and groups with the role. Refer to the + [Create Role Bindings](../../clusters/cluster-management/cluster-rbac.md#create-role-bindings) guide to learn more. + +- A namespace for VMs. Although you can deploy VMs from the default namespace, we recommend creating at least one + namespace dedicated to VMs as a way to organize and manage them. To learn how to create a namespace, check out + [Create a Namespace](../../clusters/cluster-management/namespace-management.md#create-a-namespace). + +## Clone a VM + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. From the left **Main Menu**, click **Clusters** and click on your cluster. + +3. Click on the **Virtual Machine** tab. + +4. Select the VM to clone and click either the **three-dot Menu** or **Actions**. + +5. Power off the parent VM and click **Clone**. If you forget to power it off, the parent VM will automatically be + powered off while cloning is in progress. + +6. Give the clone a name, an optional description, and select a namespace. + +7. Optionally, you can enable the checkbox to start the cloned VM automatically when cloning is complete. + +## Validate + +From the **Virtual Machines** tab, verify the cloned VM is listed and displays **Running** status. diff --git a/docs/docs-content/vm-management/create-manage-vm/create-manage-vm.md b/docs/docs-content/vm-management/create-manage-vm/create-manage-vm.md index 45dfaff670..8268488eb0 100644 --- a/docs/docs-content/vm-management/create-manage-vm/create-manage-vm.md +++ b/docs/docs-content/vm-management/create-manage-vm/create-manage-vm.md @@ -2,7 +2,6 @@ sidebar_label: "Create and Manage VMs" title: "Create and Manage VMs" description: "Learn methods to create VMs using Palette's Virtual Machine Orchestrator.." -icon: " " hide_table_of_contents: false tags: ["vmo"] --- @@ -10,51 +9,48 @@ tags: ["vmo"] Palette Virtual Machine Orchestrator (VMO) allows you to deploy and manage Virtual Machines (VMs) alongside containerized applications. -## Prerequisites - -- Outbound internet connectivity for port 443 is allowed so that you and your applications can connect with the Spectro - Cloud reverse proxy. - -- Users or groups must be mapped to a Virtual Machine RBAC role. You can create a custom role through a manifest and use - Palette's RoleBinding feature to associate users and groups with the role. Refer to the - [Create Role Bindings](../../clusters/cluster-management/cluster-rbac.md#create-role-bindings) guide to learn more. - -- A namespace for VMs. Although you can deploy VMs from the default namespace, we recommend creating at least one - namespace dedicated to VMs as a way to organize and manage them. To learn how to create a namespace, check out - [Create a Namespace](../../clusters/cluster-management/namespace-management.md#create-a-namespace). - ## VM Creation -You can create a VM three ways: +You can create a VM in one of the following ways: - Deploy a VM from a template. Palette provides out-of-the-box templates, or your organization may provide templates. - For the latter, refer to the [Create a VM Template](create-vm-template.md) guide. + For the latter, refer to the [Create a VM Template](./advanced-topics/create-vm-template.md) guide. -- Create an empty VM and install the Operating System (OS) using a standard method, such as a Preboot Execution +- Create an empty VM and install the Operating System (OS) using a standard method, such as a Pre-boot Execution Environment (PXE) or optical disk image (ISO). -- Clone an existing VM. +- Clone an existing VM. For more information, refer to [Clone a VM](./clone-vm.md). Administrators can also import VMs from their existing VMware vSphere environment into Palette. +### Optional Components + Although no additional components are required in VMs, the **QEMU Guest Agent** is an optional component that runs inside a VM and provides runtime information. Additionally, Virtio is a virtualization standard for network and disk device drivers where only the guest's device driver knows it is deployed in a virtual environment, and cooperates with the hypervisor. This enables guests to receive -high performance network and disk operations and provides most of the performance benefits of paravirtualization. +high performance network and disk operations and provides most of the performance benefits of para-virtualization. :::warning We recommend installing the QEMU guest agent to display additional details in Palette Virtual Machine Orchestrator. We -also recommend installing VirtIO drivers to ensure you can use the paravirtualized hardware properly. +also recommend installing VirtIO drivers to ensure you can use the para-virtualized hardware properly. ::: -## Resources +## VM Management + +After creating your VMs, you can make updates to the VM such as adding disk storage and adding network interfaces. You +can also take snapshots of the VMs and use those snapshots to provision other VMs. You can also migrate them to a +different node. Refer to the following resources to learn about VM management. -- [Standard VM Operations](standard-vm-operations/standard-vm-operations.md) +- [Migrate VM to Different Node](./migrate-vm-to-different-node.md) +- [Update VM Configuration](./update-vm-configuration.md) +- [Take Snapshot of VM](./take-snapshot-of-vm.md) -- [Deploy VM from a Template](standard-vm-operations/deploy-vm-from-template.md) +## Advanced Topics -- [Create a VM Template](create-vm-template.md) +Beyond the standard Virtual Machine (VM) operations such as deployment, clone, and migration, Palette Virtual Machine +Orchestrator (VMO) supports further customization and advanced use cases. For more information, refer to the +[Advanced Topics](./advanced-topics/advanced-topics.md) section. diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/deploy-vm-from-template.md b/docs/docs-content/vm-management/create-manage-vm/deploy-vm-from-template.md similarity index 69% rename from docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/deploy-vm-from-template.md rename to docs/docs-content/vm-management/create-manage-vm/deploy-vm-from-template.md index c70121f1f3..1acb61afff 100644 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/deploy-vm-from-template.md +++ b/docs/docs-content/vm-management/create-manage-vm/deploy-vm-from-template.md @@ -2,7 +2,6 @@ sidebar_label: "Deploy VM From a Template" title: "Deploy VM From a Template" description: "Learn how to deploy a VM from a template using Palette Virtual Machine Orchestrator" -icon: " " hide_table_of_contents: false sidebar_position: 0 tags: ["vmo"] @@ -13,8 +12,23 @@ organization's administrator provides. ## Prerequisites -- Configured Virtual Machine Orchestrator profile applied to your cluster. Review - [Create a VMO Profile](../../vm-packs-profiles/create-vmo-profile.md) to configure the dashboard. +- An active cluster with the Virtual Machine Orchestrator (VMO) pack. Review + [Create a VMO Profile](../create-vmo-profile.md) to configure the dashboard. + + - If this is an Edge cluster with VMs as Edge hosts, such as a VM in VMware vCenter, the VM Edge host must support + hardware-assisted virtualization to the guest Operating System (OS). + +- Outbound internet connectivity for port 443 is allowed so that you and your applications can connect with the Spectro + Cloud reverse proxy. + +- Users or groups must be mapped to a Virtual Machine Role-Based Access Control (RBAC) role. You can create a custom + role through a manifest and use Palette's RoleBinding feature to associate users and groups with the role. Refer to + the [Create Role Bindings](../../clusters/cluster-management/cluster-rbac.md#create-role-bindings) guide to learn + more. + +- A namespace for VMs. Although you can deploy VMs from the default namespace, we recommend creating at least one + namespace dedicated to VMs as a way to organize and manage them. To learn how to create a namespace, check out + [Create a Namespace](../../clusters/cluster-management/namespace-management.md#create-a-namespace). ## Deploy VM from a Template @@ -30,8 +44,7 @@ These steps will help guide you to deploy a VM from an out-of-the-box VM templat 5. From the **Virtual Machines** tab that appears, click **New Virtual Machine**. -6. Click the **New Virtual Machine** button. Available templates are displayed based on supported Operating Systems - (OS). +6. Click the **New Virtual Machine** button. Available templates are displayed based on supported OS. 7. You can deploy from a template or create an empty VM as follows: @@ -81,4 +94,4 @@ Try installing your applications. If you did not install the QEMU guest agent as install it now. The guest agent displays additional details in the **Virtual Machines** > **Details** tab. You can update the VM configuration from the VM console or from tabs when you click on the VM. Learn about updates you -can make in the [Update VM Configuration](update-vm-configuration.md) guide. +can make in the [Update VM Configuration](./update-vm-configuration.md) guide. diff --git a/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md b/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md new file mode 100644 index 0000000000..10d3c78e65 --- /dev/null +++ b/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md @@ -0,0 +1,92 @@ +--- +sidebar_label: "Enable CPU Hotplug" +title: "Enable CPU Hotplug" +description: "Learn how to enable the CPU Hotplug feature in your VMs using Palette Virtual Machine Orchestrator." +sidebar_position: 50 +tags: ["vmo", "cpu-hotplug"] +--- + +You can enable the [KubeVirt CPU Hotplug](https://kubevirt.io/user-guide/compute/cpu_hotplug/) feature in Palette, which +allows the Virtual Machine (VM) to add and remove virtual CPUs while the VM is running. + +## Limitations + +- CPU hotplug is not currently supported by the ARM64 architecture. +- The current CPU hotplug implementation requires the live migration of the VM workload. + +## Prerequisites + +- A VM deployed and active in Palette. + +## Enable CPU Hotplug + +1. Log in to [Palette](https://console.spectrocloud.com/). + +2. From the left **Main Menu**, select **Clusters**, and then select the cluster with the VM you want to update. + +3. Select the **Virtual Machines** tab, then select the necessary VM and open its **YAML** tab. + + ![Palette with the VM YAML editor displayed.](/vm-management_create-manage-vm_enable-cpu-hotplug_vm-yaml-editor.webp) + +4. In the VM YAML configuration editor, navigate to the VM object configuration and update the number of CPU sockets. + Consider the following example for reference. + + ```yaml + spec: + template: + spec: + domain: + cpu: + // highlight-next-line + sockets: 5 + ``` + +5. In the bottom-left corner, select **Save**. Palette applies your updates. + +6. To track the update process, in the YAML configuration editor, select **Reload** and monitor for a status update + similar to the following example. + + ```yaml + status: + conditions: + - lastProbeTime: null + lastTransitionTime: null + status: "True" + type: LiveMigratable + - lastProbeTime: null + lastTransitionTime: null + status: "True" + // highlight-next-line + type: HotVCPUChange + ``` + +## Validate + +1. Log in to [Palette](https://console.spectrocloud.com/). + +2. From the left **Main Menu**, select **Clusters**, and then select the cluster with the VM where you enabled the CPU + hotplug. + +3. Select the **Virtual Machines** tab, then select the necessary VM and open its **YAML** tab. + +4. In the VM YAML configuration editor, navigate to the VM object and status configurations and verify that they specify + the expected number of CPUs. Consider the following example for reference. + + ```yaml + spec: + template: + spec: + domain: + cpu: + cores: 1 + // highlight-next-line + sockets: 5 + threads: 1 + ... + status: + currentCPUTopology: + cores: 1 + // highlight-next-line + sockets: 5 + threads: 1 + ``` diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/migrate-vm-to-different-node.md b/docs/docs-content/vm-management/create-manage-vm/migrate-vm-to-different-node.md similarity index 84% rename from docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/migrate-vm-to-different-node.md rename to docs/docs-content/vm-management/create-manage-vm/migrate-vm-to-different-node.md index 771159c4d8..87e5f0aaef 100644 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/migrate-vm-to-different-node.md +++ b/docs/docs-content/vm-management/create-manage-vm/migrate-vm-to-different-node.md @@ -2,25 +2,28 @@ sidebar_label: "Migrate a VM" title: "Migrate a VM to a Different Node" description: "Learn how to migrate a VM to another physical host in the cluster using Palette." -icon: " " hide_table_of_contents: false sidebar_position: 20 tags: ["vmo"] --- -Palette supports virtual machine (VM) migration to another physical host in the cluster. This is known as _live +Palette supports Virtual Machine (VM) migration to another physical host in the cluster. This is known as _live migration_. During live migration, the VM and its memory, storage, and CPU resources are moved from one cluster compute node to another without any noticeable downtime. Successful live migrations rely on appropriately configured storage and networking, and live migration must be enabled as a feature gate. Live migration is enabled by default in the `feature-gates` section of the KubeVirt configuration -file that is part of the **Virtual Machine Orchestrator** pack. Refer to -[Feature Gates](../../vm-management.md#feature-gates) for more information. +file that is part of the **Virtual Machine Orchestrator** pack. Refer to [Feature Gates](../vm-management.md) for more +information. Live migration is used with rolling Kubernetes upgrades and workload balancing. To avoid interrupting a VM when a node is placed into maintenance or upgraded, all VM instances require a `LiveMigrate` eviction strategy. -## Prerequisites +## Migrate VM to a Different Node + +Follow the instructions below to migrate VMs to a different node. + +### Prerequisites - All VM instances must have an eviction strategy set as `evictionStrategy: LiveMigrate` to ensure that a VM is not interrupted if the node is placed into maintenance. This is configured automatically in the KubeVirt configuration @@ -34,7 +37,7 @@ is placed into maintenance or upgraded, all VM instances require a `LiveMigrate` - A VM’s pod network cannot use a Bridge interface. Disable the default Bridge interface on the pod network. However, other interfaces such as those that Multus grants, may use a bridge interface for live migration. -## Migrate VM to a Different Node +### Instructions 1. Log in to [Palette](https://console.spectrocloud.com). @@ -71,7 +74,11 @@ Kubernetes resource. - Ensure `LiveMigrate` is set as the eviction strategy for all affected VMs. When the host is put in maintenance mode, this feature allows for a smooth and uninterrupted migration process. -### Evacuate VMs in Palette +### Instructions + + + + 1. Log in to [Palette](https://console.spectrocloud.com). @@ -89,21 +96,13 @@ Kubernetes resource. ::: -### Validate - -You can validate evacuation completed by following the steps below. - -1. Log in to [Palette](https://console.spectrocloud.com). - -2. From the left **Main Menu**, choose **Clusters**. - -3. Verify the **Health** column displays the **Maintenance mode: Completed** icon. + -## Evacuate VMs Manually + -1. Obtain the kubeconfig file from Palette, and set the KUBECONFIG environment variable to access it so you can issue - kubectl commands to the cluster. To learn how, refer to - [Set up Kubectl](../../../clusters/cluster-management/palette-webctl.md#set-up-kubectl). +1. Obtain the kubeconfig file from Palette, and set the `KUBECONFIG` environment variable to access it so you can issue + kubectl commands to the cluster. For more information, refer to + [Set up Kubectl](../../clusters/cluster-management/palette-webctl.md#set-up-kubectl). 2. Issue the following command to mark the node as _un-schedulable_. This alerts the Kubernetes scheduler not to schedule any new pods on that node but allows existing pods on the node to continue to operate. @@ -133,9 +132,30 @@ You can validate evacuation completed by following the steps below. ::: + + + + ### Validate -1. Using kubectl, log in to a machine that has access to the kubernetes cluster. + + + + +You can validate evacuation completed by following the steps below. + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. From the left **Main Menu**, choose **Clusters**. + +3. Verify the **Health** column displays the **Maintenance mode: Completed** icon. + + + + + +1. Using kubectl, log in to a machine that has access to the Kubernetes cluster. For more information, refer to + [Access Cluster with Kubectl](../../clusters/cluster-management/palette-webctl.md). 2. Issue the following command to verify the pods are rescheduled on a different node by verifying the name and IP address of the new node changed. @@ -144,6 +164,10 @@ You can validate evacuation completed by following the steps below. kubectl get pods --output wide ``` + + + + ## Resources - [Persistent Volume Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/_category_.json b/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/_category_.json deleted file mode 100644 index 3fca6fb9f9..0000000000 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/_category_.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "position": 0 -} diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/clone-vm.md b/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/clone-vm.md deleted file mode 100644 index 641e677867..0000000000 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/clone-vm.md +++ /dev/null @@ -1,43 +0,0 @@ ---- -sidebar_label: "Clone a VM" -title: "Clone a VM" -description: "Learn how to clone a VM from a template using Palette Virtual Machine Orchestrator." -icon: " " -hide_table_of_contents: false -sidebar_position: 40 -tags: ["vmo"] ---- - -A VM clone is a copy of an existing, or parent, virtual machine (VM). The cloned VM has the same configuration settings -and identifiers as the parent VM. After you clone a VM, it as a separate virtual machine. - -Cloning is a quick way to create a new virtual machine that shares the same properties as the parent. You may want to -clone a VM for the following reasons: - -- Software testing - developers can clone an active VM to test new changes to their code. - -- Forensics - security administators can clone an infected machine and connect it to an air-gaped network to investigate - the source of the infection while the parent VM can be destroyed or remediated. - -## Prerequisites - -There are no requirements. - -## Clone a VM - -1. Log in to [Palette](https://console.spectrocloud.com). - -2. From the left **Main Menu**, click **Clusters** and click on your cluster. - -3. Select the VM to clone and click either the **three-dot Menu** or **Actions** - -4. Power off the parent VM and click **Clone**. If you forget to power it off, the parent VM will automatically be - powered off while cloning is in progress. - -5. Give the clone a name, give an optional description, and select a namespace. - -6. Optionally, you can enable the checkbox to start the cloned VM automatically when cloning is complete. - -## Validate - -From the **Virtual Machines** tab, verify the cloned VM is listed and displays **Running** status. diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/standard-vm-operations.md b/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/standard-vm-operations.md deleted file mode 100644 index 88198c8d88..0000000000 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/standard-vm-operations.md +++ /dev/null @@ -1,62 +0,0 @@ ---- -sidebar_label: "Standard VM Operations" -title: "Standard VM Operations" -description: "Learn about standard VM operations that you can perform using Palette Virtual Machine Orchestrator." -icon: " " -hide_table_of_contents: false -tags: ["vmo"] ---- - -Palette Virtual Machine Orchestrator (VMO) supports standard VM power operations: - -- **Start** - -- **Stop** - -- **Pause** - -- **Restart** - -From the **Virtual Machines** tab, you can select a VM to view its details and perform standard VM operations, such as -live migration (vMotion), snapshots, and cloning. VM operations are accessible from the **three-dot Menu** at the right -of each listed VM. - -When you select a VM from the **Clusters** > **Virtual Machines** tab, the following tabs display. Tabs are specific to -the selected VM. - -- **Overview**: Provides general information about the VM, such as its IP address, operating system, creation date and - time zone, status, active users, whether the guest agent is installed or not, the quantity of Network Interface Cards - (NIC) and disks, and any recent events. - -- **Details**: Provides additional VM details such as labels associated with the VM, pod information, scheduling and - resource requirements, and CPU and memory. If the QEMU Guest Agent is not installed, **Not Available** displays in - place of details that would otherwise be available to you. - -- **YAML**: You can review and change the VM configuration from here. - -- **Events**: Displays streaming events in the VM. Any standard operations you perform on the VM are captured here. - -- **Console**: Allows you to access and interact with the VM through its console. If you are not using a template, you - can configure the VM using the console. - -- **Network Interfaces**: Allows you to add and manage network interfaces. By default, the Pod Networking interface is a - masquerade type interface, or in simple terms, it's a one-to-many IP address translation. You can change this to be a - Bridge or other interface type. - -- **Disks**: Allows you to add and manage disks. You can update the disk size, specify type `Disk`, `CD-ROM`, or `LUN`, - and specify the interface `virtuo`, `sata`, or `scsi`. By default, `spectro-storage-class` is applied to the disk. - -- **Snapshots**: Allows you to take a new snapshot of a VM's disk file at a given point in time and manage existing - snapshots. - -## Resources - -- [Deploy VM From a Template](deploy-vm-from-template.md) - -- [Update VM Configuration](update-vm-configuration.md) - -- [Migrate VM to a Different Node](migrate-vm-to-different-node.md) - -- [Take a VM Snapshot](take-snapshot-of-vm.md) - -- [Clone a VM](clone-vm.md) diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/update-vm-configuration.md b/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/update-vm-configuration.md deleted file mode 100644 index 47639a1d73..0000000000 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/update-vm-configuration.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -sidebar_label: "Update VM Configuration" -title: "Update VM Configuration" -description: "Learn how to add disk storage and network interfaces to a VM using Palette Virtual Machine Orchestrator." -icon: " " -hide_table_of_contents: false -sidebar_position: 10 -tags: ["vmo"] ---- - -You can add storage and additional network interfaces to your virtual machines (VMs). - -## Add Disk Storage - -KubeVirt allows hot plugging additional storage into a running VM. Both block and file system volume types are -supported. - -### Prerequisites - -- A deployed VM. - -### Add a Disk - -1. Log in to [Palette](https://console.spectrocloud.com). - -2. From the left **Main Menu**, click **Clusters** and click on your cluster. - -3. Navigate to **Virtual Machines** > **Disks** tabs and click the **Add disk** button. - -4. Review the parameters and update as needed. You can specify the disk size, disk type (Disk, CD-ROM, or LUN), and - network interface. - - The interface type determines out-of-the-box operating system (OS) support and disk performance. Choose from the - following: - - - **virtio**: Optimized for best performance, but the operating system may require additional Virtio drivers. - - - **sata**: Most operating systems support Serial ATA (SATA). However it offers lower performance. - - - **scsi**: A paravirtualized Internet Small Computer System Interface (iSCSI) HDD driver that offers similar - functionality to the virtio-block device but with some additional enhancements. In particular, this driver supports - adding hundreds of devices and names devices using the standard SCSI device naming scheme. - -5. Click **Add** when you are done. - -### Validate - -The **Disks** tab lists the newly added disk as `PersistingHotplug`. - -## Add Network Interfaces - -You can add additional network interfaces to a VM. By default, VMs use the native networking already configured in the -pod. Typically, this means using the Bridge option, and your VM has the same IP address as the pod. This approach makes -interoperability possible. The VM can integrate with different cases like sidecar containers and pod masquerading. - -When using pod masquerading, you choose a CIDR for which VMs are not assigned a private IP, and instead use Network -Address Translation (NAT) behind the pod IP. - -Multus is a secondary network that uses Multus-CNI. Multus allows you to attach multiple network interfaces to pods in -Kubernetes. If you use Multus as your network, ensure that Multus is installed across your cluster and that you have -created a default `NetworkAttachmentDefinition` CRD. For more information, refer to the -[Multus CNI](/integrations/multus-cni) guide. - -### Prerequisites - -- A deployed VM. - -### Add an Interface - -1. Log in to [Palette](https://console.spectrocloud.com). - -2. From the left **Main Menu**, click **Clusters** and click on your cluster. - -3. Navigate to **Virtual Machines > Network Interfaces** and click the **Add network interface** button. - -4. Review the parameters and update as needed. Interface types are: **Masquerade**, **Bridge**, and **SR-IOV**. - -5. Click **Add** when you are done. - -:::info - -Multus allows hot plugging network interfaces only when interfaces use the **virtio** model connected through bridge -binding. - -::: - -### Validate - -The **Network Interfaces** tab lists the newly added interface. - -## Resources - -- [Multus CNI](../../../integrations/multus-cni.md) diff --git a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/take-snapshot-of-vm.md b/docs/docs-content/vm-management/create-manage-vm/take-snapshot-of-vm.md similarity index 96% rename from docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/take-snapshot-of-vm.md rename to docs/docs-content/vm-management/create-manage-vm/take-snapshot-of-vm.md index fd03b7a503..8e94c336d9 100644 --- a/docs/docs-content/vm-management/create-manage-vm/standard-vm-operations/take-snapshot-of-vm.md +++ b/docs/docs-content/vm-management/create-manage-vm/take-snapshot-of-vm.md @@ -1,7 +1,7 @@ --- sidebar_label: "Take a VM Snapshot" title: "Take a Snapshot of the VM" -description: "Learn how to snapshot a VM using Palette Virtual Machine Orchestrator.." +description: "Learn how to snapshot a VM using Palette Virtual Machine Orchestrator." icon: " " hide_table_of_contents: false sidebar_position: 30 @@ -33,7 +33,7 @@ is found, the **Snapshot** action is not possible. ## Prerequisites -- A deployed VM. +- A deployed VM in an active cluster in Palette with the Virtual Machine Orchestrator (VMO) pack. ## Take a Snapshot diff --git a/docs/docs-content/vm-management/create-manage-vm/update-vm-configuration.md b/docs/docs-content/vm-management/create-manage-vm/update-vm-configuration.md new file mode 100644 index 0000000000..0a47fa383d --- /dev/null +++ b/docs/docs-content/vm-management/create-manage-vm/update-vm-configuration.md @@ -0,0 +1,112 @@ +--- +sidebar_label: "Update VM Configuration" +title: "Update VM Configuration" +description: "Learn how to add disk storage and network interfaces to a VM using Palette Virtual Machine Orchestrator." +icon: " " +hide_table_of_contents: false +sidebar_position: 10 +tags: ["vmo"] +--- + +You can add storage and additional network interfaces to your virtual machines (VMs). + +## Add Disk Storage + +KubeVirt allows hot plugging additional storage into an active VM. Both block and file system volume types are +supported. Disks are "hot plugged" into your VMs, meaning that you do not need to power off the VM in order to add +disks. + +### Prerequisites + +- A deployed VM in an active cluster that has the Virtual Machine Orchestrator (VMO) pack. + +### Add a Disk + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. From the left **Main Menu**, click **Clusters** and click on your cluster. + +3. Navigate to **Virtual Machines** > **Disks** tabs and click the **Add disk** button. + +4. Review the parameters and update as needed. You can specify the disk size, disk type (Disk, CD-ROM, or LUN), and + network interface. + + The interface type determines out-of-the-box operating system (OS) support and disk performance. Choose from the + following. + + | Interface type | Description | + | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | + | virtio | Optimized for best performance, but the operating system may require additional Virtio drivers. | + | sata | Most operating systems support Serial ATA (SATA). However it offers lower performance. | + | scsi | A paravirtualized Internet Small Computer System Interface (iSCSI) HDD driver that offers similar functionality to the virtio-block device but with some additional enhancements. In particular, this driver supports adding hundreds of devices and names devices using the standard SCSI device naming scheme. | + +5. Next, specify the access mode for your disk. + + | Access mode | Description | + | --------------------- | ---------------------------------------------------------------------------- | + | Read-Write-Once (RWO) | Ensures that only one client can write to the volume at any given time. | + | Read-Write-Many (RWX) | Allows multiple clients to read from and write to the volume simultaneously. | + | Read-Only-Many (ROX) | Permits multiple clients to read data only. | + +6. Specify the volume mode for your disk. + + | Volume mode | Description | + | ----------- | ------------------------------------------------------------------------------------------------------------------------------------ | + | Filesystem | The volume is formatted with a filesystem. The OS manages the volume using a directory structure, where files are stored in folders. | + | Block | The volume is presented as a raw block device. The OS manages the volume at the block level, without any filesystem structure. | + +7. If you'd like to allocate storage to the VM right away, check **Enable preallocation**. Otherwise, the storage is + allocated to your VM as data is written to the storage. + +8. Click **Add** when you are done. + +### Validate + +The **Disks** tab lists the newly added disk as `PersistingHotplug`. + +## Add Network Interfaces + +You can add additional network interfaces to a VM. By default, VMs use the native networking already configured in the +pod. Typically, this means using the Bridge option, and your VM has the same IP address as the pod. This approach makes +interoperability possible. The VM can integrate with different cases like sidecar containers and pod masquerading. + +When using pod masquerading, you choose a CIDR for which VMs are not assigned a private IP, and instead use Network +Address Translation (NAT) behind the pod IP. + +Multus is a secondary network that uses Multus-CNI. Multus allows you to attach multiple network interfaces to pods in +Kubernetes. If you use Multus as your network, ensure that Multus is installed across your cluster and that you have +created a default `NetworkAttachmentDefinition` CRD. For more information, refer to the +[Multus CNI](../../integrations/multus-cni.md) guide. + +### Prerequisites + +- A deployed VM in an active cluster that has the Virtual Machine Orchestrator (VMO) pack. + +- The VM must be in the **Stopped** state. + +### Add an Interface + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. From the left **Main Menu**, click **Clusters** and click on your cluster. + +3. Navigate to **Virtual Machines > Network Interfaces** and click the **Add network interface** button. + +4. Review the parameters and update as needed. Interface types are: **Masquerade**, **Bridge**, and **SR-IOV**. + +5. Click **Add** when you are done. + +:::info + +Multus allows hot plugging network interfaces only when interfaces use the **virtio** model connected through bridge +binding. + +::: + +### Validate + +The **Network Interfaces** tab lists the newly added interface. + +## Resources + +- [Multus CNI](../../integrations/multus-cni.md) diff --git a/docs/docs-content/vm-management/vm-packs-profiles/create-vmo-profile.md b/docs/docs-content/vm-management/create-vmo-profile.md similarity index 85% rename from docs/docs-content/vm-management/vm-packs-profiles/create-vmo-profile.md rename to docs/docs-content/vm-management/create-vmo-profile.md index e7b72e0a51..27b614dcd0 100644 --- a/docs/docs-content/vm-management/vm-packs-profiles/create-vmo-profile.md +++ b/docs/docs-content/vm-management/create-vmo-profile.md @@ -4,13 +4,13 @@ title: "Create a VMO Profile" description: "Learn how to create a cluster profile to utilize Palette Virtual Machine Orchestrator capabilities." icon: " " hide_table_of_contents: false -sidebar_position: 5 +sidebar_position: 10 tags: ["vmo"] --- The **Virtual Machine Orchestrator** pack conveniently includes several components and automatically installs the -[Spectro Proxy](../../integrations/frp.md) pack when you use the default profile configuration. To learn about pack -components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm-packs-profiles.md). +[Spectro Proxy](../integrations/frp.md) pack when you use the default profile configuration. To learn about pack +components, refer to [Palette VMO](./vm-management.md). ## Limitations @@ -28,7 +28,7 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm - A Palette permission key `create` for the resource `clusterProfile`. -- If you are creating an Edge cluster profile, your profile must have a Container Storage Interface pack. +- If you are creating an Edge cluster profile, your profile must have a Container Storage Interface (CSI) pack. ## Create the Profile @@ -49,8 +49,8 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm 7. Review the **Access** configuration panel at right. The default setting is **Proxied**, which automatically adds the **Spectro Proxy** pack when you create the cluster, allowing access to the Spectro VM Dashboard from anywhere. Check - out the [Spectro Proxy](../../integrations/frp.md) guide to learn more. Changing the default may require some - additional configuration. + out the [Spectro Proxy](../integrations/frp.md) guide to learn more. Changing the default may require some additional + configuration. The **Direct** option is intended for a private configuration where a proxy is not implemented or not desired. @@ -68,7 +68,7 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm 10. Review the profile and click **Finish Configuration**. 11. Apply the profile to your cluster. For more information, refer to - [Create a Cluster](../../clusters/public-cloud/deploy-k8s-cluster.md). + [Create a Cluster](../clusters/public-cloud/deploy-k8s-cluster.md). @@ -89,7 +89,7 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm 7. Review the **Access** configuration panel at right. The default setting is **Proxied**, which automatically adds the **Spectro Proxy** pack when you create the cluster, allowing access to the Spectro VM Dashboard from anywhere. Changing the default may require some additional configuration. Check out the - [Spectro Proxy](../../integrations/frp.md) guide to learn more + [Spectro Proxy](../integrations/frp.md) guide to learn more The **Direct** option is intended for a private configuration where a proxy is not implemented or not desired. @@ -108,7 +108,7 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm ``` 9. If your cluster profile does include a load balancer such as MetalLB, no changes are required and you can skip this - step. For more information about MetalLB, refer to [MetalLB pack documentation](../../integrations/metallb.md). + step. For more information about MetalLB, refer to [MetalLB pack documentation](../integrations/metallb.md). If your cluster profile does not include a load balancer, update the services `charts.virtual-machine-orchestrator.kubevirt` and `charts.virtual-machine-orchestrator.cdi` to type ClusterIP in @@ -160,7 +160,7 @@ components, refer to [Virtual Machine Orchestrator Pack](../vm-packs-profiles/vm 12. Review the profile and click **Finish Configuration**. 13. Add the add-on profile when you create a cluster. For more information, refer to - [Create Cluster Definition](../../clusters/edge/site-deployment/cluster-deployment.md). + [Create Cluster Definition](../clusters/edge/site-deployment/cluster-deployment.md). @@ -185,13 +185,14 @@ You can validate the profile is created. You will need to configure roles and role bindings to give users access to clusters. You can use VM user roles and permissions or standard Kubernetes roles. For configuration guidance, refer to -[Add Roles and Role Bindings](add-roles-and-role-bindings.md). The -[VM User Roles and Permissions](../vm-roles-permissions.md) reference lists Cluster Roles and equivalent Palette Roles. +[Add Roles and Role Bindings](./rbac/add-roles-and-role-bindings.md). The +[VM User Roles and Permissions](./rbac/vm-roles-permissions.md) reference lists Cluster Roles and equivalent Palette +Roles. If you have OpenID Connect (OIDC) configured at the Kubernetes layer of your cluster profile, you can create a role binding that maps individual users or groups assigned within the OIDC provider's configuration to a role. To learn more, -review [Use RBAC with OIDC](../../integrations/kubernetes.md#use-rbac-with-oidc). +review [Use RBAC with OIDC](../integrations/kubernetes.md#use-rbac-with-oidc). ## Resources -- [Add Roles and Role Bindings](add-roles-and-role-bindings.md) +- [Add Roles and Role Bindings](./rbac/add-roles-and-role-bindings.md) diff --git a/docs/docs-content/vm-management/environment-setup.md b/docs/docs-content/vm-management/environment-setup.md new file mode 100644 index 0000000000..c524d76da3 --- /dev/null +++ b/docs/docs-content/vm-management/environment-setup.md @@ -0,0 +1,180 @@ +--- +sidebar_label: "Environment Setup" +title: "Environment Setup" +description: "Learn about Palette VMO pack and the architecture behind it." +hide_table_of_contents: false +sidebar_position: 5 +tags: ["vmo", "environment-setup"] +--- + +This page provides reference specifications for the Palette Virtual Machine Orchestrator (VMO) hardware and network +resources. + +## Hardware Resources + +The following sections list the hardware requirements for worker nodes and control plane nodes in a VMO cluster. + +### Worker Nodes + +Refer to the following table for the minimum and recommended hardware specifications for the worker nodes of the +cluster. + +| Component | Minimum | Recommended | Comments | +| -------------------- | -------------------------------------------------------------------------------------------------- | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | +| **Form Factor** | The server must fit Fiber Channel (FC) adapters and have sufficient Network Interface Cards (NIC). | 2U Rackmount Chassis | | +| **CPU** | Intel or AMD x64 CPU with 8 cores | Intel or AMD x64 CPU with 8 cores | | +| **RAM** | 24 GB | 256 GB or more | Assumes the deployment of 20 VMs per node multiplied by the median RAM per VM. | +| **Network Adapters** | 2 x 10 Gbps
(data + management) | 2 x 10 Gbps (data)
2 x 10 Gbps (management) | Pod overlay operates on the management network. | +| **Storage Adapters** | 2 x 16 Gbps FC | 2 x 16 Gbps FC | Storage adapters must support the FC protocol, a high-speed network protocol used for data transfer. | +| **Disks** | Local disk for the OS boot (SAN boot is supported) | Local disk for the OS boot | Boot from SAN requires special consideration due to the multi-path configuration. | + +### Control Plane Nodes + +Typically, the cluster control plane nodes do not operate any VMO workloads. As a result, they can have lighter hardware +specifications in terms of CPU and RAM. For example, a server with 4 cores and 8 GB RAM is sufficient for a +minimum-specification control plane node. The rest of the hardware requirements for control plane nodes remain the same +as worker nodes. + +| Component | Minimum | Recommended | Comments | +| -------------------- | -------------------------------------------------------------------------------------------------- | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | +| **Form Factor** | The server must fit Fiber Channel (FC) adapters and have sufficient Network Interface Cards (NIC). | 2U Rackmount Chassis | | +| **Network Adapters** | 2 x 10 Gbps
(data + management) | 2 x 10 Gbps (data)
2 x 10 Gbps (management) | Pod overlay operates on the management network. | +| **Storage Adapters** | 2 x 16 Gbps FC | 2 x 16 Gbps FC | Storage adapters must support the FC protocol, a high-speed network protocol used for data transfer. | +| **Disks** | Local disk for the OS boot (SAN boot is supported) | Local disk for the OS boot | Boot from SAN requires special consideration due to the multi-path configuration. | + +The CPU and RAM requirements for control plane nodes increase with the number of worker nodes and namespaces in the +cluster. Refer to the following table for guidance on control plane node sizing. + +:::warning + +These recommendations assume that each cluster has at least three control plane nodes. + +::: + +| Worker Nodes | Namespaces | CPU Cores | Memory (GB) | +| ------------ | ---------- | --------- | ----------- | +| 10 | 100 | 4 | 8 | +| 25 | 500 | 4 | 16 | +| 100 | 1000 | 8 | 32 | +| 250 | 2000 | 16 | 64 | +| 500 | 4000 | 32 | 128 | + +## Network Configuration + +Compared to the standard Kubernetes clusters, networking for Palette VMO can require additional configuration, +especially if your VMs need to be accessible on the existing VLANs. As this configuration requires bypassing the typical +Kubernetes pod networking stack, we use Multus for networking in Palette VMO. + +This also implies additional requirements for the host network configuration of worker nodes in order to have valid +network targets for the VMs. + +Refer to the following table for an example of network configuration. + +| Network | VLAN ID | Network CIDR | Gateway | +| --------------------------------- | ------------- | -------------- | ---------- | +| **Bare Metal Deployment** | 0 (native) | 192.168.0.0/22 | | +| **Kubernetes Hosts (management)** | 10 | 172.16.0.0/22 | | +| **End-user Access (data)** | 20 | 10.20.30.0/16 | 10.20.30.1 | +| **Pod Overlay** | N/A (virtual) | 100.64.0.0/18 | | +| **Cluster Services** | N/A (virtual) | 100.64.64.0/18 | | +| **Existing VM VLANs** | 21 – 100 | | | + +MetalLB can use the **End-user Access** network to publish non-virtualized apps in the following ways: + +- As a network on which to advertise IP addresses, as + [Layer 2 advertisements](https://metallb.universe.tf/concepts/layer2/). + +- As a BGP network where it can + [advertise BGP addresses](https://access.redhat.com/webassets/avalon/d/OpenShift_Container_Platform-4.10-Networking-en-US/images/afe4598d665b24b7a193bfd5b4440d48/209_OpenShift_BGP_0122.png) + to BGP routers. + +You can select either approach depending on your network equipment. + +:::tip + +We recommend using a dedicated VLAN for end-user access and not sharing it with VLANs used by VMs. + +::: + +Refer to the following table for an example of a host network configuration, which uses a total of 4 NICs in 2 bonds and +fits with our recommended VMO network configuration. + +| Interface | Type | Contents | VLAN | CIDR | Gateway | +| ---------------------- | ------ | -------------------- | ------ | -------------- | ---------- | +| **bond_management** | Bond | enp1s0
enp2s0 | Native | 192.168.0.0/22 | | +| **bond_management.10** | VLAN | bond_management | 10 | 172.16.0.0/22 | | +| **bond_data** | Bond | enp1s1
enp2s1 | Native | | | +| **bond_data.20** | VLAN | bond_data | 20 | 10.20.30.0/16 | 10.20.30.1 | +| **br0** | Bridge | bond_data | Native | | | + +The **br0** bridge interface is used as a primary interface by Multus to automatically create VLAN interfaces for VMs. +In this scenario, the primary interface must be a bridge, as no other type will work. + +This setup also assumes that the physical servers (the worker nodes) have four physical network interfaces that are +connected to the switch, as described in the following table. + +| Physical Port | Name in OS | Purpose | Switchport Configuration | +| ----------------- | ---------- | ---------------------------------------------------- | ------------------------ | +| **NIC 1, Port 1** | enp1s0 | PXE boot for OS deployment
Management network | Trunk (allowing 0, 10) | +| **NIC 1, Port 2** | enp2s0 | Management network | Trunk (allowing 0, 10) | +| **NIC 2, Port 1** | enp1s1 | Data network | Trunk (allowing 20-100) | +| **NIC 2, Port 2** | enp2s1 | Data network | Trunk (allowing 20-100) | + +For PXE boot, you can use both an untagged or native VLAN 0 network and a tagged network, such as VLAN 5. However, to +ensure a successful PXE boot on a tagged network, we recommend setting the native VLAN network to the tagged VLAN ID on +the switch port (in our example, this would be 5), so that the PXE boot can work with untagged traffic. + +Alternatively, if the server supports UEFI PXE boot and allows you to set the VLAN ID for PXE boot directly, you can +also use this option. In this case, you need to adjust the configuration for **bond_management** to operate the +`192.168.0.0/22` CIDR on a **bond_management.5** subinterface. However, because it is difficult to achieve PXE boot on a +tagged VLAN, we recommend using a native or untagged VLAN for PXE. + +The **bond_data.20** subinterface provides outbound connectivity, as it has the default gateway. This is the primary way +to publish services from container workloads to the end users. If there are any specific data center networks that you +want to reach over the **bond_management.10** subinterface instead, you can configure them through static routes on the +`172.16.0.0/22` subnet in Canonical MAAS. Those routes will be automatically applied by MAAS upon server installation. + +For publishing workloads from VMs, you have the following ways: + +- Operating the VM on the pod network like containers and publishing the individual VM ports as Kubernetes services on + the **bond_data.20** network. In this case, you can use MetalLB to assign IP addresses. + +- Placing the entire VM on a VLAN and using Multus to assign the VM to a VLAN on top of the **br0** interface. In this + case, it's the responsibility of the VM (for static IPs) or the network (for DHCP) to assign IP addresses. + +### Limited Alternative + +If your setup is limited to two physical network interfaces, you will need to make some adjustments. Assuming the same +networks and VLANs are used, consider the following network configuration example (configured through Canonical MAAS). + +| Interface | Type | Contents | VLAN | CIDR | Gateway | +| ------------ | ------ | -------------------- | ------ | -------------- | ---------- | +| **bond0** | Bond | enp1s0
enp2s0 | Native | | | +| **bond0.10** | VLAN | bond0 | 10 | 172.16.0.0/22 | | +| **bond0.20** | VLAN | bond0 | 20 | 10.20.30.0/16 | 10.20.30.1 | +| **br0** | Bridge | bond0 | Native | 192.168.0.0/22 | | + +For this setup, it is assumed that the physical servers (worker nodes) are connected to the switch, as described in the +following table. + +| Physical Port | Name in OS | Purpose | Switchport Configuration | +| ----------------- | ---------- | ------------------------------------------------------------------------ | ------------------------------ | +| **NIC 1, Port 1** | enp1s0 | PXE boot for OS deployment
Management network
Data network | Trunk (allowing 0, 10, 20-100) | +| **NIC 1, Port 2** | enp2s0 | Management network
Data network | Trunk (allowing 0, 10, 20-100) | + +In this configuration, VLANs 10 (management) and 20 (data) are not available for use by VMs on the **br0** interface +because the VLAN subinterfaces on the bridge primary interface and VLAN subinterfaces on the bridge are mutually +exclusive. + +If you need to operate VMs on the same VLAN as either the management (10) or the data (20) VLAN, you can facilitate this +by changing the network configuration as follows. + +| Interface | Type | Contents | VLAN | CIDR | Gateway | +| ------------ | ------ | -------------------- | ------ | -------------- | ---------- | +| **bond0** | Bond | enp1s0
enp2s0 | Native | | | +| **bond0.10** | VLAN | bond0 | 10 | 172.16.0.0/22 | | +| **br0** | Bridge | bond0 | Native | 192.168.0.0/22 | | +| **br0.20** | VLAN | br0 | 20 | 10.20.30.0/16 | 10.20.30.1 | + +In this example, VLAN 20 is defined as a subinterface of **br0** instead of on **bond0**. This configuration allows +virtual machines to also operate on VLAN 20 without conflicts. diff --git a/docs/docs-content/vm-management/rbac/_category_.json b/docs/docs-content/vm-management/rbac/_category_.json new file mode 100644 index 0000000000..c3460c6dbd --- /dev/null +++ b/docs/docs-content/vm-management/rbac/_category_.json @@ -0,0 +1,3 @@ +{ + "position": 30 +} diff --git a/docs/docs-content/vm-management/vm-packs-profiles/add-roles-and-role-bindings.md b/docs/docs-content/vm-management/rbac/add-roles-and-role-bindings.md similarity index 80% rename from docs/docs-content/vm-management/vm-packs-profiles/add-roles-and-role-bindings.md rename to docs/docs-content/vm-management/rbac/add-roles-and-role-bindings.md index c7aadbccf6..e8e0a064ea 100644 --- a/docs/docs-content/vm-management/vm-packs-profiles/add-roles-and-role-bindings.md +++ b/docs/docs-content/vm-management/rbac/add-roles-and-role-bindings.md @@ -13,14 +13,14 @@ tags: ["vmo"] You must configure permissions for actions that users can perform on Virtual Machines (VMs) deployed using Palette Virtual Machine Orchestrator (VMO), such as cloning, updating, and migrating VMs. You can do this by creating roles and cluster role bindings to determine access permissions. Refer to -[VM User Roles and Permissions](../vm-roles-permissions.md) for a list of Cluster Roles and equivalent Palette Roles. To -learn more about Cluster RBAC in Palette, review the -[RBAC and NS Support](../../clusters/cluster-management/cluster-rbac.md) guide. +[VM User Roles and Permissions](./vm-roles-permissions.md) for a list of Cluster Roles and equivalent Palette Roles. To +learn more about role-based Access Control (RBAC) in Palette, review the +[RBAC and Namespace Support](../../clusters/cluster-management/cluster-rbac.md) guide. ## Prerequisites - A cluster profile with the **Virtual Machine Orchestrator** add-on pack configured. Check out the - [Create a VMO Profile](../vm-packs-profiles/create-vmo-profile.md) guide to learn more. + [Create a VMO Profile](../create-vmo-profile.md) guide to learn more. - Additional cluster roles, based on the user's persona, must be associated with the user by specifying a cluster role binding or a namespace-restricted role binding: @@ -43,7 +43,7 @@ learn more about Cluster RBAC in Palette, review the 3. Click on **Settings** and choose **RBAC** to add role bindings. Refer to [Create a Role Binding](../../clusters/cluster-management/cluster-rbac.md#create-role-bindings) for guidance. Refer - to [VM User Roles and Permissions](../vm-roles-permissions.md) for a list of Cluster Roles and equivalent Palette + to [VM User Roles and Permissions](./vm-roles-permissions.md) for a list of Cluster Roles and equivalent Palette Roles. If you have OpenID Connect (OIDC) configured at the Kubernetes layer of your cluster profile, you can create a role @@ -83,10 +83,9 @@ You can verify role creation and role binding is successful by following the ste ## Next Steps -Now you are ready to deploy a VM. Review the -[Deploy VM From a Template](../create-manage-vm/standard-vm-operations/deploy-vm-from-template.md) guide to get started -with the deployment process. +Now you are ready to deploy a VM. Review the [Deploy VM From a Template](../create-manage-vm/deploy-vm-from-template.md) +guide to get started with the deployment process. ## Resources -- [VM User Roles and Permissions](../vm-roles-permissions.md) +- [VM User Roles and Permissions](./vm-roles-permissions.md) diff --git a/docs/docs-content/vm-management/vm-packs-profiles/configure_OIDC.md b/docs/docs-content/vm-management/rbac/configure_OIDC.md similarity index 93% rename from docs/docs-content/vm-management/vm-packs-profiles/configure_OIDC.md rename to docs/docs-content/vm-management/rbac/configure_OIDC.md index ae5785af20..bfff1ccdf0 100644 --- a/docs/docs-content/vm-management/vm-packs-profiles/configure_OIDC.md +++ b/docs/docs-content/vm-management/rbac/configure_OIDC.md @@ -54,5 +54,4 @@ select in the Kubernetes layer of the infrastructure profile. ## Next Steps -You are now ready to create the VMO profile. Refer to -[Create the VMO Profile](../vm-packs-profiles/create-vmo-profile.md) for guidance. +You are now ready to create the VMO profile. Refer to [Create the VMO Profile](../create-vmo-profile.md) for guidance. diff --git a/docs/docs-content/vm-management/rbac/rbac.md b/docs/docs-content/vm-management/rbac/rbac.md new file mode 100644 index 0000000000..e21aaac168 --- /dev/null +++ b/docs/docs-content/vm-management/rbac/rbac.md @@ -0,0 +1,22 @@ +--- +sidebar_label: "RBAC" +title: "Role-based access control" +description: "Learn about the different RBAC capabilities Palette VMO has to offer." +icon: " " +hide_table_of_contents: false +sidebar_position: 0 +tags: ["vmo"] +--- + +Access to the Virtual Machines (VM) is governed by Role-Based Access Control (RBAC). You must create roles and role +bindings and role bindings and assign them to users before they are allowed to create or manage VMs. + +To get started, review [VM Roles and Permissions](./vm-roles-permissions.md) and learn about the default roles and the +available permissions. Then, refer to [Add Roles and Role Bindings](./add-roles-and-role-bindings.md) to learn how to +assign roles and role bindings to users. + +## Resources + +- [Add Roles and Role Bindings](./add-roles-and-role-bindings.md) +- [Configure OIDC](./configure_OIDC.md) +- [VM Roles and Permissions](./vm-roles-permissions.md) diff --git a/docs/docs-content/vm-management/vm-roles-permissions.md b/docs/docs-content/vm-management/rbac/vm-roles-permissions.md similarity index 93% rename from docs/docs-content/vm-management/vm-roles-permissions.md rename to docs/docs-content/vm-management/rbac/vm-roles-permissions.md index 11596f02b3..f42aac7b13 100644 --- a/docs/docs-content/vm-management/vm-roles-permissions.md +++ b/docs/docs-content/vm-management/rbac/vm-roles-permissions.md @@ -36,8 +36,8 @@ to specify bindings to configure granular Role-Based Access Control (RBAC) rules You can configure namespaces and RBAC from within a cluster or from a Palette workspace that contains a cluster group. In a cluster group, all RoleBindings must occur at the namespace level. For details, review the -[Cluster RBAC](../clusters/cluster-management/cluster-rbac.md) and -[workspace RBAC](../workspace/workspace.md#role-based-access-controlrbac) guides. +[Cluster RBAC](../../clusters/cluster-management/cluster-rbac.md) and +[workspace RBAC](../../workspace/workspace.md#role-based-access-controlrbac) guides. Palette leverages Regex Pattern matching so you can select multiple namespaces to apply role bindings. Check out -[Regex for Namespaces](../workspace/workload-features.md#regex-for-namespaces) to learn more. +[Regex for Namespaces](../../workspace/workload-features.md#regex-for-namespaces) to learn more. diff --git a/docs/docs-content/vm-management/vm-management.md b/docs/docs-content/vm-management/vm-management.md index 41a06176e4..d19fa9070d 100644 --- a/docs/docs-content/vm-management/vm-management.md +++ b/docs/docs-content/vm-management/vm-management.md @@ -10,112 +10,48 @@ sidebar_custom_props: tags: ["vmo"] --- -Palette Virtual Machine Orchestrator (VMO) provides a unified platform for managing containerized and virtualized -applications. This solution allows organizations to onboard, deploy, manage, and scale VMs within the same cluster as -their containerized applications. Palette VM Orchestrator simplifies managing infrastructure, improves resource -utilization, and removes the cost of having a hypervisor. +Palette Virtual Machine Orchestrator (VMO) provides a unified platform for deploying, managing, and scaling Virtual +Machines (VMs) and containerized applications within Kubernetes clusters. Palette VMO supports deployment to edge +devices and bare metal servers in data centers. -![A drawing of VMs deployed to Palette](/docs_vm-mangement_vmo-diagram.webp) +Palette VMO simplifies infrastructure management, improves resource utilization, and eliminates hypervisor costs. -## Use Cases - -Palette VM Orchestrator is particularly suitable in the following scenarios: - -- Organizations that want to remove their virtualization infrastructure due to an aging environment or to reduce costs. - By using Palette VM Orchestrator, legacy applications and modern, containerized applications can be deployed on VMs. - -- Edge locations with a few VMs deployed and where a hypervisor is no longer desired. - -## Prerequisites - -Palette Virtual Machine Orchestrator requires the following: - -- Palette version 3.3.0 or higher. - -- For data centers, production VMs are supported on bare metal Kubernetes clusters deployed on Canonical MAAS. To learn - how to configure MAAS and create MAAS clusters in Palette, refer to the - [Deploy to MAAS](../clusters/data-center/maas/create-manage-maas-clusters.md) guide. - -- For Edge deployment, your Edge cluster profile must have a CSI pack. For more information, refer to - [Create VMO Profile](./vm-packs-profiles/create-vmo-profile.md#create-the-profile) in the **Edge** tab. - -- VMs with Persistent Volume Claim (PVC) must have a StorageClass that supports `ReadWriteMany` (`RWX`) access mode for - seamless live migration to a different node - either when triggered manually or during a Kubernetes upgrades. - - :::warning +![A drawing of VMs deployed to Palette](/vm-mangement_vmo-diagram.webp) - In environments that use nested virtualization, where VMs operate inside of VMs due to lack of hardware to host VMs, - it is technically possible to operate VMs in Kubernetes by setting the KubeVirt resource `useEmulation` to true. - However, we do not recommend this approach. - - ::: - -## Get Started With VM Orchestrator - -To get started, review [Virtual Machine Orchestrator Pack](vm-packs-profiles/vm-packs-profiles.md) to learn about its -components. - -Review [Create a VMO Profile](vm-packs-profiles/create-vmo-profile.md) and -[Add Roles and Role Bindings](vm-packs-profiles/add-roles-and-role-bindings.md) to learn how to create the cluster -profile and add roles and permissions that allow users to create and manage Virtual Machines (VMs). - -Palette VM Orchestrator provides various methods to quickly deploy VMs from out-of-the-box templates or from your -organization's templates. To learn more about using and creating templates, review -[Deploy VM From a Template](create-manage-vm/standard-vm-operations/deploy-vm-from-template.md) and -[Create a VM Template](create-manage-vm/create-vm-template.md). +## Use Cases -While you can import template disks from external locations when deploying a VM, it can be inefficient. Instead, you can -leverage the `DataVolume` resource to import template disks once and then clone them when deploying new VMs. Review the -[Create Disk Templates](create-manage-vm/create-disk-templates.md) guide for more information. +You will benefit from Palette VMO in the following cases: -## Feature Gates +- You are planning to gradually shift from VMs to containers and want to continue using both during the transition. -Palette VM Orchestrator utilizes open-source KubeVirt as a component of the **Virtual Machine Orchestrator** pack to -manage VMs and enables the following KubeVirt feature gates by default: +- Your established infrastructure combines containers and VMs, and you want to manage them more effectively. -- LiveMigration -- Snapshot -- HotplugVolumes -- VMExport -- ExpandDisks -- HotplugNICs -- VMLiveUpdateFeatures +- You are integrating new VM-based applications into an existing containerized infrastructure. -KubeVirt offers other feature gates you may find useful and which you can enable using -[Kubernetes feature gates](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/). To enable -more KubeVirt feature gates, you can modify the `kubevirt.kubevirtResource.additonalFeatureGates` parameter in the -**Virtual Machine Orchestrator** manifest. +- You are managing edge locations with VM-based workloads and would like to stop using a hypervisor. -For more information on KubeVirt feature gates, refer to the -[KubeVirt user guide](https://kubevirt.io/user-guide/cluster_admin/activating_feature_gates/). +## Get Started -## Kubevirt Plugins +To get started with Palette VMO, review the [Architecture](./architecture.md) page to learn about the components +involved in enabling VMO for your infrastructure. Then, review the [Create a VMO Profile](./create-vmo-profile.md) guide +to prepare everything you need to deploy your first VMO cluster. -VMO includes the following KubeVirt plugins: +Once your VMO cluster is up and healthy, refer to the [Create and Manage VMs](./create-manage-vm/create-manage-vm.md) +section for information on deploying VMs from existing Palette templates and performing standard VM operations. +Alternatively, review the [Advanced Topics](./create-manage-vm/advanced-topics/advanced-topics.md) section to understand +how you can create VM and disk templates, manage the VM resources, and perform other advanced operations. -- [Kubevirt-Velero](https://github.com/kubevirt/kubevirt-velero-plugin) - VMO includes the Kubevirt-Velero plugin, which - allows you to back up and restore VMs using Velero. This installs Velero snapshot controller and Custom Resource - Definitions required by Velero. Refer to the - [Virtual Machine Orchestrator Pack](./vm-packs-profiles/vm-packs-profiles.md) guide for more information. +Finally, refer to the [Role-based Access Control (RBAC)](./rbac/rbac.md) section for information on configuring roles +and permissions for your VMs. ## Resources -- [Virtual Machine Orchestrator Pack](vm-packs-profiles/vm-packs-profiles.md) - -- [Create a VMO Profile](vm-packs-profiles/create-vmo-profile.md) - -- [Add Roles and Role Bindings](vm-packs-profiles/add-roles-and-role-bindings.md) - -- [Create and Manage VMs](create-manage-vm/create-manage-vm.md) - -- [Standard VM Operations](create-manage-vm/standard-vm-operations/standard-vm-operations.md) - -- [Deploy VM from a Template](create-manage-vm/standard-vm-operations/deploy-vm-from-template.md) +- [Architecture](./architecture.md) -- [Create a VM Template](create-manage-vm/create-vm-template.md) +- [Create a VMO Profile](./create-vmo-profile.md) -- [Create Disk Templates](create-manage-vm/create-disk-templates.md) +- [Create and Manage VMs](./create-manage-vm/create-manage-vm.md) -- [VM Roles and Permissions](vm-roles-permissions.md) +- [Advanced Topics](./create-manage-vm/advanced-topics/advanced-topics.md) -- [KubeVirt user guide](https://kubevirt.io/user-guide/) +- [RBAC](./rbac/rbac.md) diff --git a/docs/docs-content/vm-management/vm-packs-profiles/_category_.json b/docs/docs-content/vm-management/vm-packs-profiles/_category_.json deleted file mode 100644 index 3fca6fb9f9..0000000000 --- a/docs/docs-content/vm-management/vm-packs-profiles/_category_.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "position": 0 -} diff --git a/docs/docs-content/vm-management/vm-packs-profiles/vm-packs-profiles.md b/docs/docs-content/vm-management/vm-packs-profiles/vm-packs-profiles.md deleted file mode 100644 index 065dbeb3a7..0000000000 --- a/docs/docs-content/vm-management/vm-packs-profiles/vm-packs-profiles.md +++ /dev/null @@ -1,75 +0,0 @@ ---- -sidebar_label: "Virtual Machine Orchestrator Pack" -title: "Virtual Machine Orchestrator Pack" -description: "Learn about components of the Virtual Machine Orchestrator pack." -icon: " " -hide_table_of_contents: false -tags: ["vmo"] ---- - -The **Virtual Machine Orchestrator** pack provides a single-pack experience that consolidates all the dependencies -needed to deploy and manage VMs in your Kubernetes host cluster. You use **Virtual Machine Orchestrator** pack to create -a VMO cluster profile. The pack's components are described below. All the components are enabled by default in the -`charts:` section of the pack YAML configuration file. - -- **Descheduler** - Provides the ability to live migrate a VM to a different node in the node pool when the node is - placed in maintenance mode. - -- **Snapshot Controller** - Provides the ability to create VM snapshots. - - :::warning - - The snapshot controller is installed automatically when you initiate or schedule a backup for your cluster. If you are - deploying the VMO pack and your cluster already has a backup schedule configured or you have taken an on-demand backup - in the past, then the snapshot controller will already be installed. To prevent any resource conflicts, you can - disable the snapshot controller in the pack YAML file - - ```yaml - charts: - virtual-machine-orchestrator: - snapshot-controller: - enabled: false - ``` - - ::: - -- **Spectro VM Dashboard**: Enables access to a web console so you can manage and monitor your VMs. The console is - accessible from the **Virtual Machines** tab that appears on the cluster overview page when using Palette Virtual - Machine Orchestrator (VMO). The dashboard provides a web interface to create and manage VMs in your Kubernetes - cluster. - -- **KubeVirt**: Allows you to create VMs within a Kubernetes cluster using open-source [KubeVirt](https://kubevirt.io). - KubeVirt provides feature gates you can enable in the Virtual Machine Orchestrator pack YAML file. To learn which - feature gates Palette enables by default and how you can enable additional feature gates, check out the - [Feature Gates](../vm-management.md#feature-gates) section. - - KubeVirt extends Kubernetes with additional virtualization resource types using Kubernetes Custom Resource Definitions - (CRD) API. KubeVirt also includes controllers and agents that provide VM management capabilities on the cluster. - Through KubeVirt you can use the Kubernetes API to manage VM resources similar to the way you manage Kubernetes - resources. - -- **KubeVirt CDI**: Provides persistent storage for Kubernetes clusters. It enables Persistent Volume Claims (PVCs) to - be used as disks for KubeVirt VMs. - -- **Volume Snapshot Controller**: A Kubernetes plugin that watches VolumeSnapshot CRD objects and manages the creation - and deletion of volume snapshots. A snapshot represents a point-in-time copy of a volume. - -- **Multus CNI**: A Controller Network Interface (CNI) plugin that enables multiple network interfaces to attach to - Kubernetes pods. In this context, it is used to attach VM networks to the launched VM. - -:::info - -The **Spectro Proxy** pack enables the use of a reverse proxy with a Kubernetes cluster and is automatically installed -when you create the cluster with the default **Proxied** setting for **Access** during cluster profile creation. Check -out the [Spectro Proxy](../../integrations/frp.md) pack documentation to learn more. - -::: - -Administrators can configure the out-of-the-box add-on packs, cluster profiles, and VM templates that include commonly -used operating systems, or they can define their own VM templates to share with users. - -## Resources - -- [Spectro Proxy](../../integrations/frp.md) - -- [Feature Gates](../vm-management.md#feature-gates) diff --git a/redirects.js b/redirects.js index a2fc6d11da..65f2059484 100644 --- a/redirects.js +++ b/redirects.js @@ -181,15 +181,15 @@ const redirects = [ }, { from: `/vm-management/vm-packs-profiles/enable-vm-dashboard/`, - to: `/vm-management/vm-packs-profiles/add-roles-and-role-bindings/`, + to: `/vm-management/rbac/add-roles-and-role-bindings/`, }, { from: `/vm-management/vm-packs-profiles/vm-dashboard/`, - to: `/vm-management/create-manage-vm/standard-vm-operations/`, + to: `/vm-management/create-manage-vm`, }, { from: `/vm-management/vm-packs-profiles/create-vm-dashboard-profile/`, - to: `/vm-management/vm-packs-profiles/create-vmo-profile/`, + to: `/vm-management/create-vmo-profile/`, }, { from: `/knowledgebase/`, diff --git a/static/assets/docs/images/docs_vm-mangement_vmo-diagram.webp b/static/assets/docs/images/docs_vm-mangement_vmo-diagram.webp deleted file mode 100644 index c06e38a9db..0000000000 Binary files a/static/assets/docs/images/docs_vm-mangement_vmo-diagram.webp and /dev/null differ diff --git a/static/assets/docs/images/vm-management_architecture_vmo-architecture.webp b/static/assets/docs/images/vm-management_architecture_vmo-architecture.webp new file mode 100644 index 0000000000..4fb722e1b0 Binary files /dev/null and b/static/assets/docs/images/vm-management_architecture_vmo-architecture.webp differ diff --git a/static/assets/docs/images/vm-management_create-manage-vm_enable-cpu-hotplug_vm-yaml-editor.webp b/static/assets/docs/images/vm-management_create-manage-vm_enable-cpu-hotplug_vm-yaml-editor.webp new file mode 100644 index 0000000000..383b04e0bc Binary files /dev/null and b/static/assets/docs/images/vm-management_create-manage-vm_enable-cpu-hotplug_vm-yaml-editor.webp differ diff --git a/static/assets/docs/images/vm-mangement_vmo-diagram.webp b/static/assets/docs/images/vm-mangement_vmo-diagram.webp new file mode 100644 index 0000000000..0c6b7ee723 Binary files /dev/null and b/static/assets/docs/images/vm-mangement_vmo-diagram.webp differ diff --git a/styleguide/spectro-cloud-style-guide.md b/styleguide/spectro-cloud-style-guide.md index 8e072eeab4..03e4d56ef7 100644 --- a/styleguide/spectro-cloud-style-guide.md +++ b/styleguide/spectro-cloud-style-guide.md @@ -280,12 +280,10 @@ heading. Include two lines between each item. - [Create and Manage VMs](/vm-management/create-manage-vm) -- [Deploy VM from a Template](/vm-management/create-manage-vm/standard-vm-operations/deploy-vm-from-template) +- [Deploy VM from a Template](/vm-management/create-manage-vm/deploy-vm-from-template) - [Create a VM Template](/vm-management/create-manage-vm/create-vm-template) -- [Standard VM Operations](/vm-management/create-manage-vm/standard-vm-operations) - - [VM Roles and Permissions](/vm-management/vm-roles-permissions) ### Metadata