Skip to main content
Version: v0.10.0

Installation

Although OpenKruise now can work with Kubernetes version >= 1.13, we strongly recommend you to use Kruise with Kubernetes version >= 1.16.

Note that:

  1. For Kubernetes 1.13 and 1.14, users must enable CustomResourceWebhookConversion feature-gate in kube-apiserver before install or upgrade Kruise.
  2. To install it in Kubernetes >= 1.22, you have to use the latest version.

Install with helm#

Kruise can be simply installed by helm v3.1+, which is a simple command-line tool and you can get it from here.

# Firstly add openkruise charts repository if you haven't do this.$ helm repo add openkruise https://openkruise.github.io/charts/
# [Optional]$ helm repo update
# Install the stable version.# Note that if the Kubernetes version < 1.15, you may need to add --disable-openapi-validation$ helm install kruise openkruise/kruise --version 0.10.0

Upgrade with helm#

If you are using Kruise with an old version, it is recommended that you should upgrade to the latest version for safety and more features:

# Firstly add openkruise charts repository if you haven't do this.$ helm repo add openkruise https://openkruise.github.io/charts/
# [Optional]$ helm repo update
# Upgrade the latest version.# Note that if the Kubernetes version < 1.15, you may need to add --disable-openapi-validation$ helm upgrade kruise openkruise/kruise --version 0.10.0

Note that:

  1. Before upgrade, you must firstly read the Change Log to make sure that you have understand the breaking changes in the new version.
  2. If you want to drop the chart parameters you configured for the old release or set some new parameters, it is recommended to add --reset-values flag in helm upgrade command.

Optional: download charts manually#

If you have problem with connecting to https://openkruise.github.io/charts/ in production, you might need to download the chart from here manually and install or upgrade with it.

Charts releases: https://github.com/openkruise/charts/releases

Options#

Note that installing this chart directly means it will use the default template values for Kruise.

You may have to set your specific configurations if it is deployed into a production cluster, or you want to configure feature-gates.

Optional: chart parameters#

The following table lists the configurable parameters of the chart and their default values.

ParameterDescriptionDefault
featureGatesFeature gates for Kruise, empty string means all by default``
installation.namespacenamespace for kruise installationkruise-system
manager.log.levelLog level that kruise-manager printed4
manager.replicasReplicas of kruise-controller-manager deployment2
manager.image.repositoryRepository for kruise-manager imageopenkruise/kruise-manager
manager.image.tagTag for kruise-manager imagev0.10.0
manager.resources.limits.cpuCPU resource limit of kruise-manager container100m
manager.resources.limits.memoryMemory resource limit of kruise-manager container256Mi
manager.resources.requests.cpuCPU resource request of kruise-manager container100m
manager.resources.requests.memoryMemory resource request of kruise-manager container256Mi
manager.metrics.portPort of metrics served8080
manager.webhook.portPort of webhook served9443
manager.nodeAffinityNode affinity policy for kruise-manager pod{}
manager.nodeSelectorNode labels for kruise-manager pod{}
manager.tolerationsTolerations for kruise-manager pod[]
daemon.log.levelLog level that kruise-daemon printed4
daemon.portPort of metrics and healthz that kruise-daemon served10221
daemon.resources.limits.cpuCPU resource limit of kruise-daemon container50m
daemon.resources.limits.memoryMemory resource limit of kruise-daemon container128Mi
daemon.resources.requests.cpuCPU resource request of kruise-daemon container0
daemon.resources.requests.memoryMemory resource request of kruise-daemon container0
daemon.affinityAffinity policy for kruise-daemon pod{}
daemon.socketLocationLocation of the container manager control socket/var/run
webhookConfiguration.failurePolicy.podsThe failurePolicy for pods in mutating webhook configurationIgnore
webhookConfiguration.timeoutSecondsThe timeoutSeconds for all webhook configuration30
crds.managedKruise will not install CRDs with chart if this is falsetrue

Specify each parameter using the --set key=value[,key=value] argument to helm install or helm upgrade.

Optional: feature-gate#

Feature-gate controls some influential features in Kruise:

NameDescriptionDefaultEffect (if closed)
PodWebhookWhether to open a webhook for Pod createtrueSidecarSet/KruisePodReadinessGate disabled
KruiseDaemonWhether to deploy kruise-daemon DaemonSettrueImagePulling/ContainerRecreateRequest disabled
DaemonWatchingPodShould each kruise-daemon watch pods on the same nodetrueFor in-place update with same imageID or env from labels/annotations
CloneSetShortHashEnables CloneSet controller only set revision hash name to pod labelfalseCloneSet name can not be longer than 54 characters
KruisePodReadinessGateEnables Kruise webhook to inject 'KruisePodReady' readiness-gate to all Pods during creationfalseThe readiness-gate will only be injected to Pods created by Kruise workloads
PreDownloadImageForInPlaceUpdateEnables CloneSet controller to create ImagePullJobs to pre-download images for in-place updatefalseNo image pre-download for in-place update
CloneSetPartitionRollbackEnables CloneSet controller to rollback Pods to currentRevision when number of updateRevision pods is bigger than (replicas - partition)falseCloneSet will only update Pods to updateRevision
ResourcesDeletionProtectionEnables protection for resources deletionfalseNo protection for resources deletion
TemplateNoDefaultsWhether to disable defaults injection for pod/pvc template in workloadsfalseShould not close this feature if it has open
PodUnavailableBudgetDeleteGateEnables PodUnavailableBudget for pod deletion, evictionfalseNo protection for pod deletion, eviction
PodUnavailableBudgetUpdateGateEnables PodUnavailableBudget for pod.Spec updatefalseNo protection for in-place update
WorkloadSpreadEnables WorkloadSpread to manage multi-domain and elastic deployfalseWorkloadSpread disabled

If you want to configure the feature-gate, just set the parameter when install or upgrade. Such as:

$ helm install kruise https://... --set featureGates="ResourcesDeletionProtection=true\,PreDownloadImageForInPlaceUpdate=true"

If you want to enable all feature-gates, set the parameter as featureGates=AllAlpha=true.

Optional: the local image for China#

If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud:

$ helm install kruise https://... --set  manager.image.repository=openkruise-registry.cn-hangzhou.cr.aliyuncs.com/openkruise/kruise-manager

Uninstall#

Note that this will lead to all resources created by Kruise, including webhook configurations, services, namespace, CRDs, CR instances and Pods managed by Kruise controller, to be deleted!

Please do this ONLY when you fully understand the consequence.

To uninstall kruise if it is installed with helm charts:

$ helm uninstall kruiserelease "kruise" uninstalled