Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Creating a Cluster

Updated on 2024-01-26 GMT+08:00

On the CCE console, you can easily create Kubernetes clusters. After a cluster is created, the master node is hosted by CCE. You only need to create worker nodes. In this way, you can implement cost-effective O&M and efficient service deployment.

Constraints

  • During the node creation, software packages are downloaded from OBS using the domain name. Use a private DNS server to resolve the OBS domain name, and configure the DNS server address of the subnet where the node resides with a private DNS server address. When you create a subnet, the private DNS server is used by default. If you change the subnet DNS, ensure that the DNS server in use can resolve the OBS domain name.
  • You can create a maximum of 50 clusters in a single region.
  • After a cluster is created, the following items cannot be changed:
    • Cluster type
    • Number of master nodes in the cluster
    • AZ of a master node
    • Network configuration of the cluster, such as the VPC, subnet, container CIDR block, Service CIDR block, and kube-proxy (request forwarding) settings.
    • Network model. For example, change Tunnel network to VPC network.

Procedure

  1. Log in to the CCE console.
  2. Choose Clusters. On the displayed page, select the type of the cluster to be created and click Create.
  3. Specify cluster parameters.

    Basic Settings
    • Cluster Name: indicates the name of the cluster to be created. The cluster name must be unique under the same account.
    • Enterprise Project:

      This parameter is displayed only for enterprise users who have enabled the enterprise project function.

      After an enterprise project (for example, default) is selected, the cluster, nodes in the cluster, cluster security groups, node security groups, and elastic IPs (EIPs) of the automatically created nodes will be created in this enterprise project. After a cluster is created, you are advised not to modify the enterprise projects of nodes, cluster security groups, and node security groups in the cluster.

      An enterprise project facilitates project-level management and grouping of cloud resources and users.

    • Cluster Version: Select the Kubernetes version used by the cluster.
    • Cluster Scale: maximum number of nodes that can be managed by the cluster.
    • HA: distribution mode of master nodes. By default, master nodes are randomly distributed in different AZs to improve DR capabilities.
      You can also expand advanced settings and customize the master node distribution mode. The following two modes are supported:
      • Random: Master nodes are created in different AZs for DR.
      • Custom: You can determine the location of each master node.
        • Host: Master nodes are created on different hosts in the same AZ.
        • Custom: You can determine the location of each master node.

    Network Settings

    The cluster network settings cover nodes, containers, and Services. For details about the cluster networking and container network models, see Overview.

    • Network Model: CCE clusters support VPC network and Tunnel network. CCE Turbo clusters support Cloud Native Network 2.0.. For details, see Overview.
    • VPC: Select the VPC to which the cluster belongs. If no VPC is available, click Create VPC to create one. The value cannot be changed after creation.
    • Master Node Subnet: Select the subnet where the master node is deployed. If no subnet is available, click Create Subnet to create one. The subnet cannot be changed after creation.
    • Container CIDR Block (CCE Cluster): Specify the CIDR block used by containers, which determines the maximum number of containers in the cluster.
    • Default Pod Subnet (CCE Turbo Cluster): Select the subnet where the container is located. If no subnet is available, click Create Subnet. The pod subnet determines the maximum number of containers in the cluster. You can add pod subnets after creating the cluster.
    • IPv4 Service CIDR Block: CIDR block for Services used by containers in the same cluster to access each other. The value determines the maximum number of Services you can create. The value cannot be changed after creation.

    Advanced Settings

    • Request Forwarding: The IPVS and iptables modes are supported. For details, see Comparing iptables and IPVS.
    • CPU Manager: When enabled, CPU cores will be exclusively allocated to workload pods. For details, see CPU Policy.
    • Certificate Authentication:
      • Default: The X509-based authentication mode is enabled by default. X509 is a commonly used certificate format.
      • Custom: The cluster can identify users based on the header in the request body for authentication.

        Upload your CA root certificate, client certificate, and private key of the client certificate.

        CAUTION:
        • Upload a file smaller than 1 MiB. The CA certificate and client certificate can be in .crt or .cer format. The private key of the client certificate can only be uploaded unencrypted.
        • The validity period of the client certificate must be longer than five years.
        • The uploaded CA certificate is used for both the authentication proxy and the kube-apiserver aggregation layer configuration. If the certificate is invalid, the cluster cannot be created.
        • Starting from v1.25, Kubernetes no longer supports certificate authentication generated using the SHA1WithRSA or ECDSAWithSHA1 algorithm. You are advised to use the SHA256 algorithm.
    • Description: The description cannot exceed 200 characters.

  4. Click Next: Add-on Configuration.

    Domain Name Resolution:

    • Domain Name Resolution: The coredns add-on is installed by default to resolve domain names and connect to the cloud DNS server.

    Container Storage: The everest add-on is installed by default to provide container storage based on CSI and connect to cloud storage services such as EVS.

    Fault Detection: The npd add-on is installed by default to provide node fault detection and isolation for the cluster, helping you identify node problems in a timely manner.

    Data Plane Logs
    • Using ICAgent:

      A log collector provided by Application Operations Management (AOM), reporting logs to AOM and Log Tank Service (LTS) according to the log collection rules you configured.

      You can collect stdout logs as required.

    Overload Control: If enabled, concurrent requests are dynamically controlled based on the resource pressure of master nodes to keep them and the cluster available. For details, see Cluster Overload Control.

  5. After the parameters are specified, click Next: Confirm. The cluster resource list is displayed. Confirm the information and click Submit.

    It takes about 6 to 10 minutes to create a cluster. You can click Back to Cluster List to perform other operations on the cluster or click Go to Cluster Events to view the cluster details.

Related Operations

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback