Cluster Networking and Advanced Settings
Prerequisite(s)
Overview
A well-defined cluster network plan is important for streamlining and automating the provisioning of networks for clusters, ensuring consistency and efficiency. In this section, you select the network configuration to attach to this cluster plan. When developers self-serve their environments, the cluster's network configuration is determined by the cluster network plan you specify here.
In addition to the cluster network plan, you can specify whether the cluster should be public or private. Private clusters are designed to ensure that the cluster nodes and master components are not exposed to the public internet, enhancing security and compliance. This is particularly useful in scenarios where sensitive data and applications require strict access controls and isolation from external sources.
You can optionally specify advanced cluster network settings such as Authorized Master Network and Authorized Networks.
📚 For more details on key points, refer to the overview section.
📚 Explore the properties section for additional information on each UI property.
Define a management peering rule
If your cluster is private, then you need to define a management peering rule. Skip this step if your cluster plan does not enable a private cluster.
CLI Instructions
Create a new cluster plan
Follow the instructions in the details section.
Web Interface Instructions
Steps
- Fill in the cluster network details as outlined in the properties section.
- Optionally fill in the Advanced settings as outlined in the properties section.
- Click Continue to proceed
Screenshot(s)
Properties
| Field | Description |
|---|---|
| Cluster Network Plan | The cluster network plan to use when configuring the cluster's network. |
| Enable private cluster | When enabled, the cluster's nodes are only accessible from within a private network. |
| Advanced Settings | Advanced settings in relation to the cluster's network. You can optionally configure these. |
| - Authorised master networks | Signifies a collection of network CIDR ranges allowed to access the Kubernetes API directly, and not via Wayfinder. It defaults to all if not provided. |
| - Authorised networks | This signifies the networks which are allowed to connect to this cluster via Wayfinder, using wf access cluster and kubectl commands. It defaults to all if not provided. |
What comes next?
Related Reading
- Create a Network Plan
- How to define a management peering rule
- Specify the cluster network configuration details based on your cloud provider: