Skip to main content

Add-Ons

RKE supports configuring pluggable add-ons in the cluster YML. Add-ons are used to deploy several cluster components including:

These add-ons require images that can be found under the system_images directive. For each Kubernetes version, there are default images associated with each add-on, but these can be overridden by changing the image tag in system_images.

There are a few things worth noting:

  • In addition to these pluggable add-ons, you can specify an add-on that you want deployed after the cluster deployment is complete.
  • As of v0.1.8, RKE will update an add-on if it is the same name.
  • Before v0.1.8, update any add-ons by using kubectl edit.

Critical and Non-Critical Add-ons

As of version v0.1.7, add-ons are split into two categories:

  • Critical add-ons: If these add-ons fail to deploy for any reason, RKE will error out. All system add-ons, such as the network plug-in, KubeDNS, and ingress controllers, are considered critical.

  • Non-critical add-ons: If these add-ons fail to deploy, RKE will only log a warning and continue deploying any other add-ons. User-defined add-ons are considered non-critical.

Add-on Deployment Jobs

RKE uses Kubernetes jobs to deploy add-ons. In some cases, add-ons deployment takes longer than expected. As of with version v0.1.7, RKE provides an option to control the job check timeout in seconds. This timeout is set at the cluster level.

addon_job_timeout: 30

Add-on Placement

Applies to v0.2.3 and higher

ComponentnodeAffinity nodeSelectorTermsnodeSelectorTolerations
Calicobeta.kubernetes.io/os:NotIn:windowsnone- NoSchedule:Exists
- NoExecute:Exists
- CriticalAddonsOnly:Exists
Flannelbeta.kubernetes.io/os:NotIn:windowsnone- operator:Exists
Canalbeta.kubernetes.io/os:NotIn:windowsnone- NoSchedule:Exists
- NoExecute:Exists
- CriticalAddonsOnly:Exists
Weavebeta.kubernetes.io/os:NotIn:windowsnone- NoSchedule:Exists
- NoExecute:Exists
CoreDNSnode-role.kubernetes.io/worker:Existsbeta.kubernetes.io/os:linux- NoSchedule:Exists
- NoExecute:Exists
- CriticalAddonsOnly:Exists
kube-dns- beta.kubernetes.io/os:NotIn:windows
- node-role.kubernetes.io/worker Exists
none- NoSchedule:Exists
- NoExecute:Exists
- CriticalAddonsOnly:Exists
nginx-ingress- beta.kubernetes.io/os:NotIn:windows
- node-role.kubernetes.io/worker Exists
none- NoSchedule:Exists
- NoExecute:Exists
metrics-server- beta.kubernetes.io/os:NotIn:windows
- node-role.kubernetes.io/worker Exists
none- NoSchedule:Exists
- NoExecute:Exists

Tolerations

Available as of v1.2.4

Tolerations can be configured per add-on and apply to Deployment resources. The configured tolerations will replace the existing tolerations so make sure you configure all the tolerations you need. See the specific add-on doc pages for more information.