Skip to main content
Version: Next

Installation

Since v1.0.0 (alpha/beta), OpenKruise requires Kubernetes version >= 1.16.

Install with helm#

Kruise can be simply installed by helm v3.1+, which is a simple command-line tool and you can get it from here.

# Firstly add openkruise charts repository if you haven't do this.$ helm repo add openkruise https://openkruise.github.io/charts/
# [Optional]$ helm repo update
# Install the latest version.$ helm install kruise openkruise/kruise --version 1.0.0-alpha.1

If you want to install the stable version, read doc.

Upgrade with helm#

# Firstly add openkruise charts repository if you haven't do this.$ helm repo add openkruise https://openkruise.github.io/charts/
# [Optional]$ helm repo update
# Upgrade the latest version.$ helm upgrade kruise openkruise/kruise --version 1.0.0-alpha.1

Note that:

  1. Before upgrade, you must firstly read the Change Log to make sure that you have understand the breaking changes in the new version.
  2. If you want to drop the chart parameters you configured for the old release or set some new parameters, it is recommended to add --reset-values flag in helm upgrade command. Otherwise you should use --reuse-values flag to reuse the last release's values.

Optional: download charts manually#

If you have problem with connecting to https://openkruise.github.io/charts/ in production, you might need to download the chart from here manually and install or upgrade with it.

$ helm install/upgrade kruise /PATH/TO/CHART

Options#

Note that installing this chart directly means it will use the default template values for Kruise.

You may have to set your specific configurations if it is deployed into a production cluster, or you want to configure feature-gates.

Optional: chart parameters#

The following table lists the configurable parameters of the chart and their default values.

ParameterDescriptionDefault
featureGatesFeature gates for Kruise, empty string means all by default``
installation.namespacenamespace for kruise installationkruise-system
manager.log.levelLog level that kruise-manager printed4
manager.replicasReplicas of kruise-controller-manager deployment2
manager.image.repositoryRepository for kruise-manager imageopenkruise/kruise-manager
manager.image.tagTag for kruise-manager imagev0.10.0
manager.resources.limits.cpuCPU resource limit of kruise-manager container100m
manager.resources.limits.memoryMemory resource limit of kruise-manager container256Mi
manager.resources.requests.cpuCPU resource request of kruise-manager container100m
manager.resources.requests.memoryMemory resource request of kruise-manager container256Mi
manager.metrics.portPort of metrics served8080
manager.webhook.portPort of webhook served9443
manager.nodeAffinityNode affinity policy for kruise-manager pod{}
manager.nodeSelectorNode labels for kruise-manager pod{}
manager.tolerationsTolerations for kruise-manager pod[]
daemon.log.levelLog level that kruise-daemon printed4
daemon.portPort of metrics and healthz that kruise-daemon served10221
daemon.resources.limits.cpuCPU resource limit of kruise-daemon container50m
daemon.resources.limits.memoryMemory resource limit of kruise-daemon container128Mi
daemon.resources.requests.cpuCPU resource request of kruise-daemon container0
daemon.resources.requests.memoryMemory resource request of kruise-daemon container0
daemon.affinityAffinity policy for kruise-daemon pod{}
daemon.socketLocationLocation of the container manager control socket/var/run
webhookConfiguration.failurePolicy.podsThe failurePolicy for pods in mutating webhook configurationIgnore
webhookConfiguration.timeoutSecondsThe timeoutSeconds for all webhook configuration30
crds.managedKruise will not install CRDs with chart if this is falsetrue
manager.resyncPeriodResync period of informer kruise-manager, defaults no resync0
manager.hostNetworkWhether kruise-manager pod should run with hostnetworkfalse

Specify each parameter using the --set key=value[,key=value] argument to helm install or helm upgrade.

Optional: feature-gate#

Feature-gate controls some influential features in Kruise:

NameDescriptionDefaultEffect (if closed)
PodWebhookWhether to open a webhook for Pod createtrueSidecarSet/KruisePodReadinessGate disabled
KruiseDaemonWhether to deploy kruise-daemon DaemonSettrueImagePulling/ContainerRecreateRequest disabled
DaemonWatchingPodShould each kruise-daemon watch pods on the same nodetrueFor in-place update with same imageID or env from labels/annotations
CloneSetShortHashEnables CloneSet controller only set revision hash name to pod labelfalseCloneSet name can not be longer than 54 characters
KruisePodReadinessGateEnables Kruise webhook to inject 'KruisePodReady' readiness-gate to all Pods during creationfalseThe readiness-gate will only be injected to Pods created by Kruise workloads
PreDownloadImageForInPlaceUpdateEnables CloneSet controller to create ImagePullJobs to pre-download images for in-place updatefalseNo image pre-download for in-place update
CloneSetPartitionRollbackEnables CloneSet controller to rollback Pods to currentRevision when number of updateRevision pods is bigger than (replicas - partition)falseCloneSet will only update Pods to updateRevision
ResourcesDeletionProtectionEnables protection for resources deletionfalseNo protection for resources deletion
TemplateNoDefaultsWhether to disable defaults injection for pod/pvc template in workloadsfalseShould not close this feature if it has open
PodUnavailableBudgetDeleteGateEnables PodUnavailableBudget for pod deletion, evictionfalseNo protection for pod deletion, eviction
PodUnavailableBudgetUpdateGateEnables PodUnavailableBudget for pod.Spec updatefalseNo protection for in-place update
WorkloadSpreadEnables WorkloadSpread to manage multi-domain and elastic deployfalseWorkloadSpread disabled
InPlaceUpdateEnvFromMetadataEnables Kruise to in-place update a container in Pod when its env from labels/annotations changed and pod is in-place updatingfalseOnly container image can be in-place update

If you want to configure the feature-gate, just set the parameter when install or upgrade. Such as:

$ helm install kruise https://... --set featureGates="ResourcesDeletionProtection=true\,PreDownloadImageForInPlaceUpdate=true"

If you want to enable all feature-gates, set the parameter as featureGates=AllAlpha=true.

Optional: the local image for China#

If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud:

$ helm install kruise https://... --set  manager.image.repository=openkruise-registry.cn-hangzhou.cr.aliyuncs.com/openkruise/kruise-manager

Best Practices#

Installation parameters for k3s#

Usually k3s has the different runtime path from the default /var/run. So you have to set daemon.socketLocation to the real runtime socket path on your k3s node (e.g. /run/k3s or /var/run/k3s/).

Uninstall#

Note that this will lead to all resources created by Kruise, including webhook configurations, services, namespace, CRDs, CR instances and Pods managed by Kruise controller, to be deleted!

Please do this ONLY when you fully understand the consequence.

To uninstall kruise if it is installed with helm charts:

$ helm uninstall kruiserelease "kruise" uninstalled