-
Notifications
You must be signed in to change notification settings - Fork 36
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* New Nested Cluster * Added pics; feedback edits; links, etc. * Resonded to feedback * To remove quota; update pics; feedback edits. * to delete old pic
- Loading branch information
Showing
5 changed files
with
187 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| --- | ||
| title: "Nested Clusters" | ||
| metaTitle: "Creating nested clusters on Palette" | ||
| metaDescription: "The methods of creating clusters for a speedy deployment on any CSP" | ||
| icon: "clusters" | ||
| hideToC: false | ||
| fullWidth: false | ||
| --- | ||
|
|
||
| import Tabs from 'shared/components/ui/Tabs'; | ||
| import InfoBox from 'shared/components/InfoBox'; | ||
| import WarningBox from 'shared/components/WarningBox'; | ||
| import PointsOfInterest from 'shared/components/common/PointOfInterest'; | ||
| import Tooltip from "shared/components/ui/Tooltip"; | ||
|
|
||
|
|
||
| # Nested Clusters Overview | ||
|
|
||
| Nested Clusters are Kubernetes clusters that run within an existing cluster (also known as a host cluster) and share selected resources. They are lightweight, cost-effective, secure, and resource efficient. Nested Clusters enable the rapid creation of securely-isolated environments for application testing and development without the infrastructure and operational overhead typically entailed by additional Kubernetes clusters. | ||
|
|
||
| Palette provisions and orchestrates Nested Clusters and makes it easy to use the Kubernetes technology stack and tools eco-system. It can deploy Nested Clusters on both new and imported host clusters. Palette also supports Day 2 operations such as upgrades, backup/restore and more, to keep Nested Clusters secure, compliant, and up-to-date. Additionally, it provides visibility into the workloads running inside your Nested Clusters and their associated costs. | ||
|
|
||
| To get started and create your nested cluster, see the [Nested Cluster Quick Start](/clusters/nested-clusters/cluster-quickstart) page. | ||
|
|
||
|
|
||
| <br /> | ||
|
|
||
| ## Accessibility options | ||
|
|
||
| Two Nested Cluster accessibility options are supported: | ||
| - **LoadBalancer** | ||
| - The host cluster must support dynamic provisioning of load balancers, either via a Cloud Controller Manager in the public cloud or a bare metal load balancer provider, such as MetalLB. | ||
|
|
||
| - **Ingress** | ||
| - The NGINX Ingress Controller must be deployed on the Host cluster with the SSL passthrough enabled. This allows TLS termination to occur at the Nested Cluster's Kubernetes API server. | ||
|
|
||
| - A wildcard DNS record must be configured that maps to the load balancer associated with the NGINX Ingress Controller, e.g., *.nested.host.1.spectrocloud.com. | ||
|
|
||
| <br /> | ||
|
|
||
|
|
||
|
|
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
145 changes: 145 additions & 0 deletions
145
content/docs/04-clusters/4-nested-clusters/nested-cluster-quickstart.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| --- | ||
| title: "Quick Start with Nested Cluster" | ||
| metaTitle: "Getting Started with nested clusters on Palette" | ||
| metaDescription: "The methods of creating nested clusters for a speedy deployment on any CSP" | ||
| icon: "clusters" | ||
| hideToC: false | ||
| fullWidth: false | ||
| --- | ||
|
|
||
| import Tabs from 'shared/components/ui/Tabs'; | ||
| import InfoBox from 'shared/components/InfoBox'; | ||
| import WarningBox from 'shared/components/WarningBox'; | ||
| import PointsOfInterest from 'shared/components/common/PointOfInterest'; | ||
| import Tooltip from "shared/components/ui/Tooltip"; | ||
|
|
||
| # Getting Started with Nested Clusters | ||
|
|
||
| With the Palette Nested Cluster option, you can deploy additional Kubernetes clusters, within an existing cluster, to provide teams with nested cluster environments. | ||
|
|
||
| There are certain advantages to use a nested cluster environment. For example, you are free to operate with admin level privileges, while simultaneously ensuring strong isolation, reducing operational overhead, and improving resource utilization. | ||
|
|
||
| Try the steps below to [enable](/clusters/nested-clusters/cluster-quickstart#enablinganestedclusteronahostcluster) and [deploy](/clusters/nested-clusters/cluster-quickstart#deployinganestedcluster) a managed Nested Cluster from within the Palette orchestrator. | ||
|
|
||
| ## Prerequisites | ||
|
|
||
| - You will need to have access to a Palette Account. Refer to the [Getting Started with Palette](/getting-started) page.<p></p><br /> | ||
|
|
||
| - Ensure you have a functioning [cluster](/clusters/new-clusters) already configured. During the cluster creation, you will be able to configure it as a Host Cluster. | ||
|
|
||
| **Hosted Clusters** | ||
|
|
||
| There are three ways to engage with a Nested Cluster on Palette.<p></p><br /> | ||
|
|
||
| 1. When you [create](/clusters/new-clusters) and [deploy](/clusters/nested-clusters/cluster-quickstart#deployinganestedcluster) a new Host Cluster, there is an option to **Enable Nested Clusters**. <p></p><br />Refer to the [Cluster Endpoint](/clusters/nested-clusters/cluster-quickstart#loadbalancer) step below for more information on how to configure this option. The same settings listed below are available, when you are enabling a Nested Cluster and when deploying a Host Cluster deployment wizard. | ||
|
|
||
| <p></p><br /> | ||
|
|
||
| 2. Similarly, you can [enable](/clusters/nested-clusters/cluster-quickstart#enablinganestedclusteronahostcluster) an existing cluster and allow it to host Nested Clusters.<p></p><br /> | ||
|
|
||
| 3. Or, you can import a [Brownfield Cluster](/clusters/brownfield-clusters#importingabrownfieldcluster) and then, enable it to the Nested Cluster. | ||
|
|
||
|
|
||
| # Enabling a Nested Cluster on a Host Cluster | ||
|
|
||
| 1. From the slide menu, select **Clusters** and view the list of **Clusters**. | ||
|
|
||
|
|
||
| 2. Click any Host Cluster from the list and select **Settings** > **Cluster Settings** > **Nested Clusters**. | ||
|
|
||
|
|
||
| 3. Toggle the **Enable Nested Clusters** option (yes/no). | ||
|
|
||
| **Note**: This feature can be set when first creating a new cluster, so you may find that the host is already enabled. | ||
|
|
||
|
|
||
| 4. Select the **Cluster Endpoint Type**: *Load Balancer* or *Ingress*. | ||
|
|
||
|
|
||
| ## Load Balancer | ||
|
|
||
| If **Load Balancer** is selected, the following must be true:<p></p><br /> | ||
|
|
||
| - The Host Cluster must support dynamic provisioning of load balancers.<p></p><br /> | ||
| - If the Host Cluster is in the public cloud, the AKS/EKS/GCP Cloud Controller Manager will provide this support by default. <p></p><br /> | ||
| - If the Host Cluster is in a private data center, a bare metal load balancer provider such as MetalLB must be installed and correctly configured.<p></p><br /> | ||
|
|
||
| ## Ingress | ||
| - If **Ingress** is selected, a **Host Pattern** must be specified for this Host Cluster. To create a valid Host Pattern, the NGINX Ingress Controller must be deployed on the Host Cluster with SSL passthrough enabled. This allows TLS termination to occur at the nested cluster's Kubernetes API server. | ||
|
|
||
| Additionally, a wildcard DNS record must be configured that maps the Host Pattern to the load balancer associated with the NGINX Ingress Controller. | ||
|
|
||
| For example `*.nested.host.1.spectrocloud.com.` | ||
|
|
||
| <InfoBox> | ||
| <b>Recap</b> | ||
|
|
||
| - Deploy the NGINX Ingress Controller on the Host Cluster and ensure that the SSL passthrough is enabled in the NGINX Ingress Controller pack's values.yaml. Specifically, `charts.ingress-nginx.controller.extraArgs` must be set as follows: | ||
|
|
||
| ```yml | ||
| charts: | ||
| ingress-nginx: | ||
| ... | ||
| controller: | ||
| ... | ||
| extraArgs: | ||
| enable-ssl-passthrough: true | ||
| ``` | ||
| - Identify the public DNS name of the load balancer associated with the LoadBalancer Service that is associated with your NGINX Ingress Controller deployment.<p></p><br /> | ||
| - Create a wildcard DNS record (e.g., in AWS Route53) mapping the Host Pattern to the NGINX Ingress Controller load balancer. | ||
| </InfoBox> | ||
| **Example Record**<p></p> | ||
| Here is an example AWS Route53 record for the `*.starship.te.spectrocloud.com` Host Pattern. | ||
|
|
||
| <br /> | ||
|
|
||
|  | ||
|
|
||
| <br /> | ||
|
|
||
| # Deploying a Nested Cluster | ||
|
|
||
| 1. From the slide menu, select the **Clusters** tab and click the **Nested Clusters** tab to list the available Nested Clusters, and then select **Add New Nested Cluster**. | ||
|
|
||
|
|
||
| 2. Complete the **Deploy New Nested Cluster** information:<p></p><br /> | ||
|
|
||
| - Select a Host cluster.<p></p><br /> | ||
|
|
||
| - Add a Cluster name. | ||
|
|
||
| **Note**: Use lowercase letters and do not add spaces.<p></p><br /> | ||
|
|
||
| - Provide a Description and Tags. These are optional.<p></p><br /> | ||
|
|
||
| - Click the **Attach Profile** button to assign a profile. | ||
|
|
||
| **Note**: Optionally, attach one or more Add-on layers to this cluster. If you do not have a Cluster Profile, see the [Creating Cluster Profile](/cluster-profiles/task-define-profile) page for more information. | ||
|
|
||
|
|
||
| 3. If the Host Cluster's **Cluster Endpoint Type** is a _Load Balancer_, you may optionally provide the following advanced configurations here:<p></p><br /> | ||
|
|
||
| - External Traffic Policy - Cluster or Local<p></p><br /> | ||
|
|
||
| - External IPs (Optional) - Include the external IPs if you have any.<p></p><br /> | ||
|
|
||
| - Load Balancer Source Ranges (Optional) - Add the load balancer source ranges. This is an optional feature. | ||
| <p></p><br /> | ||
|
|
||
|  | ||
|
|
||
| Congratulations! Your Nested Cluster is now deployed. If you like more information on managing your resources, refer to the links below. | ||
| <br /> | ||
|
|
||
| # Resources | ||
|
|
||
| [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | ||
|
|
||
| [CPU resource units](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-cpu) | ||
|
|
||
| [Memory resource units](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory) | ||
|
|
||
|
|
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.