How do I create a peering connection between VPCs?
Let’s, for example, create a peering connection between two VPCs, vpc-a and vpc-b.
Caution! IPv4 CIDR must be unique for each VPC.
To configure, follow these steps:
- Switch to the region where vpc-a is running.
- CLick
VPC
->VPC Peering Connections
->Create Peering Connection
and then configure a peering connection:- Name:
vpc-a-vpc-b
. - Fill in
Local
andAnother VPC
fields.
- Name:
- Switch to the region where vpc-b is running.
- Click
VPC
->VPC Peering Connections
. - Select the newly created perring connection and click
Action "Accept Request"
. - Add routes to vpc-b’s CIDR over a peering connection to the vpc-a’s routing tables.
- Add routes to vpc-a’s CIDR over a peering connection to the vpc-b’s routing tables.
How do I create a cluster in a new VPC with access over an existing bastion host?
-
Bootstrap the base-infrastructure of the cluster:
dhctl bootstrap-phase base-infra --config config
-
Set up a peering connection using the instructions above.
-
Continue installing the cluster, enter
y
when asked about the Terraform cache:dhctl bootstrap --config config --ssh-...
How do I create a cluster in a new VPC and set up bastion host to access the nodes?
-
Bootstrap the base-infrastructure of the cluster:
dhctl bootstrap-phase base-infra --config config
-
Manually set up the bastion host in the subnet
-public-0. -
Continue installing the cluster, enter
y
when asked about the Terraform cache:dhctl bootstrap --config config --ssh-...
Configuring a bastion host
There are two possible cases:
- A bastion host already exists in an external VPC; in this case, you need to:
- Create a basic infrastructure of the cluster:
dhctl bootstrap-phase base-infra
; - Set up peering connection between an external and a newly created VPC;
- Continue the installation by specifying the bastion host:
dhctl bootstrap --ssh-bastion...
- Create a basic infrastructure of the cluster:
- A bastion host needs to be deployed to a newly created VPC; in this case, you need to:
- Create a basic infrastructure of the cluster:
dhctl bootstrap-phase base-infra
; - Manually run a bastion in the
-public-0 subnet; - Continue the installation by specifying the bastion host:
dhctl bootstrap --ssh-bastion...
- Create a basic infrastructure of the cluster:
Adding CloudStatic nodes to a cluster
To add a pre-created VM as a node to a cluster, follow these steps:
- Attach a security group
<prefix>-node
to the virtual machine. - Attach the IAM role
<prefix>-node
to the virtual machine. -
Add the following tags to the virtual machine (so that
cloud-controller-manager
can find virtual machines in the cloud):"kubernetes.io/cluster/<cluster_uuid>" = "shared" "kubernetes.io/cluster/<prefix>" = "shared"
-
You can find out the
cluster_uuid
using the command:kubectl -n kube-system get cm d8-cluster-uuid -o json | jq -r '.data."cluster-uuid"'
-
You can find out
prefix
using the command:kubectl -n kube-system get secret d8-cluster-configuration -o json | jq -r '.data."cluster-configuration.yaml"' \ | base64 -d | grep prefix
-
How to increase the size of a volume?
Set the new size in the corresponding PersistentVolumeClaim resource, in the spec.resources.requests.storage
parameter.
The operation is fully automatic and takes up to one minute. No further action is required.
The progress of the process can be observed in events using the command kubectl describe pvc
.
After modifying a volume, you must wait at least six hours and ensure that the volume is in the
in-use
oravailable
state before you can modify the same volume. This is sometimes referred to as a cooldown period. You can find details in the official documentation.