Compare languages | Cloud provider — Yandex Cloud: Layouts

Three layouts are supported. Below is more information about each of them.

Поддерживаются три схемы размещения. Ниже подробнее о каждой их них.

Standard

Standard

In this placement strategy, nodes do not have public IP addresses allocated to them; they use NAT gateway service in Yandex Cloud to connect to the Internet.

В данной схеме размещения узлы не будут иметь публичных IP-адресов, а будут выходить в интернет через NAT-шлюз (NAT Gateway) Yandex Cloud.

Yandex Cloud Standard Layout scheme

Схема размещения Standard в Yandex Cloud

Example of the layout configuration:

Пример конфигурации схемы размещения:

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: Standard provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 zones:

  • ru-central1-a
  • ru-central1-b instanceClass: cores: 4 memory: 8192 imageID: fd8nb7ecsbvj76dfaa8b externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: additionalLabels: takes: priority nodeGroups:
  • name: worker replicas: 1 zones:
  • ru-central1-a instanceClass: cores: 4 memory: 8192 imageID: fd8nb7ecsbvj76dfaa8b coreFraction: 50 externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: additionalLabels: toy: example labels: billing: prod sshPublicKey: "" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: dhcpOptions: domainName: test.local domainNameServers:
  • 213.177.96.1
  • 231.177.97.1

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: Standard sshPublicKey: “" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 zones:

  • ru-central1-a
  • ru-central1-b instanceClass: cores: 4 memory: 8192 imageID: testtest externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: additionalLabels: takes: priority nodeGroups:
  • name: worker replicas: 1 zones:
  • ru-central1-a instanceClass: cores: 4 memory: 8192 imageID: testtest coreFraction: 50 externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: additionalLabels: toy: example labels: billing: prod dhcpOptions: domainName: test.local domainNameServers:
  • 213.177.96.1
  • 231.177.97.1

WithoutNAT

WithoutNAT

In this layout, NAT (of any kind) is not used, and each node is assigned a public IP.

В данной схеме размещения NAT (любого вида) не используется, а каждому узлу выдается публичный IP-адрес.

Caution! Currently, the cloud-provider-yandex module does not support Security Groups; thus, is why all cluster nodes connect directly to the Internet.

Внимание! В модуле cloud-provider-yandex пока нет поддержки групп безопасности (security group), поэтому все узлы кластера будут смотреть наружу.

Yandex Cloud WithoutNAT Layout scheme

Схема размещения WithoutNAT в Yandex Cloud

Example of the layout configuration:

Пример конфигурации схемы размещения:

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: WithoutNAT provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: externalIPAddresses:

  • “198.51.100.5”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a
  • ru-central1-b nodeGroups:
  • name: worker replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: testtest coreFraction: 50 externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a sshPublicKey: “" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: dhcpOptions: domainName: test.local domainNameServers:
  • 8.8.8.8
  • 8.8.4.4

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: WithoutNAT provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: externalIPAddresses:

  • “198.51.100.5”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a
  • ru-central1-b nodeGroups:
  • name: worker replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: testtest coreFraction: 50 externalIPAddresses:
  • “198.51.100.5”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a sshPublicKey: “" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: dhcpOptions: domainName: test.local domainNameServers:
  • 8.8.8.8
  • 8.8.4.4

WithNATInstance

WithNATInstance

In this placement strategy, Deckhouse creates a NAT instance and adds a rule to a route table containing a route to 0.0.0.0/0 with a NAT instance as the next hop.

В данной схеме размещения создается NAT-инстанс, а в таблицу маршрутизации добавляется правило на 0.0.0.0/0 с NAT-инстанса nexthop’ом.

If the withNATInstance.externalSubnetID parameter is set, the NAT instance will be created in this subnet.

Если задан withNATInstance.externalSubnetID — NAT-инстанс будет создан в зоне этого subnet.

IF the withNATInstance.externalSubnetID parameter is not set and withNATInstance.internalSubnetID is set, the NAT instance will be created in this last subnet.

Если withNATInstance.externalSubnetID не задан, а withNATInstance.internalSubnetID задан — NAT-инстанс будет создан в зоне этого subnet.

If neither withNATInstance.externalSubnetID nor withNATInstance.internalSubnetID is set, the NAT instance will be created in the ru-central1-a zone.

Если ни withNATInstance.externalSubnetID, ни withNATInstance.internalSubnetID не заданы — NAT-инстанс создастся в зоне ru-central1-a.

If the IP address of the NAT-instance does not matter, you can pass an empty object withNATInstance: {}, then the necessary networks and dynamic IP will be created automatically.

Если IP-адрес NAT-инстанса не имеет значения, можно передать пустой объект withNATInstance: {}, тогда необходимые сети и динамический IP-адрес будут созданы автоматически.

Yandex Cloud WithNATInstance Layout scheme

Схема размещения WithNATInstance в Yandex Cloud

Example of the layout configuration:

Пример конфигурации схемы размещения:

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: WithNATInstance withNATInstance: natInstanceExternalAddress: internalSubnetID: externalSubnetID: provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: externalIPAddresses:

  • “1.1.1.1”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a
  • ru-central1-b nodeGroups:
  • name: worker replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: coreFraction: 50 externalIPAddresses:
  • “1.1.1.1”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a sshPublicKey: “" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: dhcpOptions: domainName: test.local domainNameServers:
  • 8.8.8.8
  • 8.8.4.4

yaml apiVersion: deckhouse.io/v1 kind: YandexClusterConfiguration layout: WithNATInstance withNATInstance: natInstanceExternalAddress: internalSubnetID: externalSubnetID: provider: cloudID: folderID: serviceAccountJSON: | { "id": "id", "service_account_id": "service_account_id", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMIIwID....AQAB\n-----END PUBLIC KEY-----\n", "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE....1ZPJeBLt+\n-----END PRIVATE KEY-----\n" } masterNodeGroup: replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: externalIPAddresses:

  • “1.1.1.1”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a
  • ru-central1-b nodeGroups:
  • name: worker replicas: 1 instanceClass: cores: 4 memory: 8192 imageID: coreFraction: 50 externalIPAddresses:
  • “1.1.1.1”
  • “Auto” externalSubnetID: zones:
  • ru-central1-a sshPublicKey: “" nodeNetworkCIDR: 192.168.12.13/24 existingNetworkID: dhcpOptions: domainName: test.local domainNameServers:
  • 8.8.8.8
  • 8.8.4.4