You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cloudstack.apache.org by Ricardo Andres Pertuz de las Salas <ri...@kuasar.co> on 2021/12/21 02:05:38 UTC

Kubernetes on VPC Isolated Network

Hi,

Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?

Thanks!

Re: Kubernetes on VPC Isolated Network

Posted by Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>.

Got it! Thanks!

On 21/12/21, 8:00 AM, "Wei ZHOU" <us...@gmail.com> wrote:

    Hi,

    ACS automatically adds port forwarding rules for the k8s master and nodes.
    They can be accessed by port 2222 (2223, 2224, etc) of public IP of the
    network or VPC.
    refer to
    http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html

    -Wei

    On Tue, 21 Dec 2021 at 13:38, Ricardo Andres Pertuz de las Salas <
    ricardo.pertuz@kuasar.co> wrote:

    > Thanks!  it says that some connectivity is needed:
    >
    > This provides functionality to create Kubernetes clusters for Shared,
    > Isolated and VPC networks in CloudStack, but such networks must be
    > accessible to the CloudStack management server for provisioning virtual
    > machines on the cluster.
    >
    > So the ACS Manangement should access the k8s master on 443 port?
    > ________________________________
    > From: Rohit Yadav <ro...@shapeblue.com>
    > Sent: Tuesday, December 21, 2021 5:11:09 AM
    > To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
    > Subject: Re: Kubernetes on VPC Isolated Network
    >
    > Hi Ricardo,
    >
    > Yes, it's possible to deployed k8s with CKS on VPC networks/tiers.
    >
    > As per the docs
    > http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html
    > isolated networks, VPC and shared networks are supported.
    >
    >
    > Regards.
    >
    > ________________________________
    > From: Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>
    > Sent: Tuesday, December 21, 2021 07:35
    > To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
    > Subject: Kubernetes on VPC Isolated Network
    >
    > Hi,
    >
    > Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?
    >
    > Thanks!
    >
    >
    >
    >

Re: Kubernetes on VPC Isolated Network

Posted by Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>.

I understand that CSK on VPC needs a network offering with the feature "Firewall" not ACL,  and VPCVirtualRouter does not support Firewall feature so I will  need something like BigSwitchIP to deploy it on VPC Isolated Network, right? 

On 21/12/21, 8:00 AM, "Wei ZHOU" <us...@gmail.com> wrote:

    Hi,

    ACS automatically adds port forwarding rules for the k8s master and nodes.
    They can be accessed by port 2222 (2223, 2224, etc) of public IP of the
    network or VPC.
    refer to
    http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html

    -Wei

    On Tue, 21 Dec 2021 at 13:38, Ricardo Andres Pertuz de las Salas <
    ricardo.pertuz@kuasar.co> wrote:

    > Thanks!  it says that some connectivity is needed:
    >
    > This provides functionality to create Kubernetes clusters for Shared,
    > Isolated and VPC networks in CloudStack, but such networks must be
    > accessible to the CloudStack management server for provisioning virtual
    > machines on the cluster.
    >
    > So the ACS Manangement should access the k8s master on 443 port?
    > ________________________________
    > From: Rohit Yadav <ro...@shapeblue.com>
    > Sent: Tuesday, December 21, 2021 5:11:09 AM
    > To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
    > Subject: Re: Kubernetes on VPC Isolated Network
    >
    > Hi Ricardo,
    >
    > Yes, it's possible to deployed k8s with CKS on VPC networks/tiers.
    >
    > As per the docs
    > http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html
    > isolated networks, VPC and shared networks are supported.
    >
    >
    > Regards.
    >
    > ________________________________
    > From: Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>
    > Sent: Tuesday, December 21, 2021 07:35
    > To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
    > Subject: Kubernetes on VPC Isolated Network
    >
    > Hi,
    >
    > Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?
    >
    > Thanks!
    >
    >
    >
    >

Re: Kubernetes on VPC Isolated Network

Posted by Wei ZHOU <us...@gmail.com>.

Hi,

ACS automatically adds port forwarding rules for the k8s master and nodes.
They can be accessed by port 2222 (2223, 2224, etc) of public IP of the
network or VPC.
refer to
http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html

-Wei

On Tue, 21 Dec 2021 at 13:38, Ricardo Andres Pertuz de las Salas <
ricardo.pertuz@kuasar.co> wrote:

> Thanks!  it says that some connectivity is needed:
>
> This provides functionality to create Kubernetes clusters for Shared,
> Isolated and VPC networks in CloudStack, but such networks must be
> accessible to the CloudStack management server for provisioning virtual
> machines on the cluster.
>
> So the ACS Manangement should access the k8s master on 443 port?
> ________________________________
> From: Rohit Yadav <ro...@shapeblue.com>
> Sent: Tuesday, December 21, 2021 5:11:09 AM
> To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
> Subject: Re: Kubernetes on VPC Isolated Network
>
> Hi Ricardo,
>
> Yes, it's possible to deployed k8s with CKS on VPC networks/tiers.
>
> As per the docs
> http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html
> isolated networks, VPC and shared networks are supported.
>
>
> Regards.
>
> ________________________________
> From: Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>
> Sent: Tuesday, December 21, 2021 07:35
> To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
> Subject: Kubernetes on VPC Isolated Network
>
> Hi,
>
> Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?
>
> Thanks!
>
>
>
>

Re: Kubernetes on VPC Isolated Network

Posted by Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>.

Thanks!  it says that some connectivity is needed:

This provides functionality to create Kubernetes clusters for Shared, Isolated and VPC networks in CloudStack, but such networks must be accessible to the CloudStack management server for provisioning virtual machines on the cluster.

So the ACS Manangement should access the k8s master on 443 port?
________________________________
From: Rohit Yadav <ro...@shapeblue.com>
Sent: Tuesday, December 21, 2021 5:11:09 AM
To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
Subject: Re: Kubernetes on VPC Isolated Network

Hi Ricardo,

Yes, it's possible to deployed k8s with CKS on VPC networks/tiers.

As per the docs http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html isolated networks, VPC and shared networks are supported.

Regards.

________________________________
From: Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>
Sent: Tuesday, December 21, 2021 07:35
To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
Subject: Kubernetes on VPC Isolated Network

Hi,

Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?

Thanks!

Re: Kubernetes on VPC Isolated Network

Posted by Rohit Yadav <ro...@shapeblue.com>.

Hi Ricardo,

Yes, it's possible to deployed k8s with CKS on VPC networks/tiers.

As per the docs http://docs.cloudstack.apache.org/en/latest/plugins/cloudstack-kubernetes-service.html isolated networks, VPC and shared networks are supported.


Regards.

________________________________
From: Ricardo Andres Pertuz de las Salas <ri...@kuasar.co>
Sent: Tuesday, December 21, 2021 07:35
To: users@cloudstack.apache.org <us...@cloudstack.apache.org>
Subject: Kubernetes on VPC Isolated Network

Hi,

Is it possible to deploy CSK on a VPC Isolated Network? If not, why not?

Thanks!