Create a managed cluster

This section describes how to create a VMware vSphere-based managed cluster using the Mirantis Container Cloud web UI of the vSphere-based management cluster.

To create a vSphere-based managed cluster:

1. Log in to the Container Cloud web UI with the m:kaas:namespace@operator or m:kaas:namespace@writer permissions.

2. Switch to the required non-default project using the Switch Project action icon located on top of the main left-side navigation panel.

   To create a project, refer to Create a project for managed clusters.

3. In the SSH Keys tab, click Add SSH Key to upload the public SSH key(s) that will be used for the vSphere VMs creation.

4. In the Credentials tab:

   1. Click Add Credential to add your vSphere credentials. You can either upload your vSphere vsphere.yaml configuration file or fill in the fields manually.

   2. Verify that the new credentials status is Ready. If the status is Error, hover over the status to determine the reason of the issue.

5. Optional. In the Proxies tab, enable proxy access to the managed cluster:

   1. Click Add Proxy.

   2. In the Add New Proxy wizard, fill out the form with the following parameters:

      Proxy configuration

      Parameter	Description
      Proxy Name	Name of the proxy server to use during a managed cluster creation.
      Region	From the drop-down list, select the required region.
      HTTP Proxy	Add the HTTP proxy server domain name in the following format: http://proxy.example.com:port - for anonymous access http://user:password@proxy.example.com:port - for restricted access
      HTTPS Proxy	Add the HTTPS proxy server domain name in the same format as for HTTP Proxy.
      No Proxy	Comma-separated list of IP addresses or domain names.

      For implementation details, see Proxy and cache support.

   Caution

   Since Container Cloud 2.20.0, if your proxy requires a trusted CA certificate, select the CA Certificate check box and paste a CA certificate for a MITM proxy to the corresponding field or upload a certificate using Upload Certificate.

   For the list of Mirantis resources and IP addresses to be accessible from the Container Cloud clusters, see Requirements for a VMware vSphere-based cluster.

6. In the RHEL Licenses tab, click Add RHEL License and fill out the form with the following parameters:

   RHEL license parameters

   Parameter	Description
   RHEL License Name	RHEL license name
   Username	User name to access the RHEL license
   Password	Password to access the RHEL license
   Pool IDs	Optional. Specify the pool IDs for RHEL licenses for Virtual Datacenters. Otherwise, Subscription Manager will select a subscription from the list of available and appropriate for the machines.

7. In the Clusters tab, click Create Cluster and fill out the form with the following parameters as required:

   1. Configure general settings and Kubernetes parameters:

      Managed cluster configuration

      Section	Parameter	Description
      General Settings	Name	Cluster name
      	Provider	Select vSphere
      	Provider Credential	From the drop-down list, select the vSphere credentials name that you have previously added.
      	Release Version	Container Cloud version.
      	Proxy	Optional. From the drop-down list, select the proxy server name that you have previously created.
      	SSH Keys	From the drop-down list, select the SSH key name(s) that you have previously added for SSH access to VMs.
      Provider	LB Host IP	IP address of the load balancer endpoint that will be used to access the Kubernetes API of the new cluster.
      	LB Address Range	MetalLB range of IP addresses that can be assigned to load balancers for Kubernetes Services.
      vSphere	Machine Folder Path	Full path to a folder that will store the cluster machines metadata. Use the drop-down list to select the required item. 0
      	Network Path	Full path to a network for cluster machines. Use the drop-down list to select the required item. 0
      	Resource Pool Path	Full path to a resource pool in which VMs will be created. Use the drop-down list to select the required item. 0
      	Datastore For Cluster	Full path to a storage for virtual machines disks. Use the drop-down list to select the required item. 0
      	Datastore For Cloud Provider	Full path to a storage for Kubernetes volumes. Use the drop-down list to select the required item. 0
      	SCSI Controller Type	SCSI controller type for virtual machines. Leave pvscsi as default.
      	Enable IPAM	Enables IPAM. Set to true if a vSphere network has no DHCP server. Also, provide the following additional parameters for a proper network setup on machines using embedded IP address management (IPAM): Network CIDR CIDR of the provided vSphere network. For example, 10.20.0.0/16. Network Gateway Gateway of the provided vSphere network. DNS Name Servers List of nameservers for the provided vSphere network. Include Ranges IP range for the cluster machines. Specify the range of the provided CIDR. For example, 10.20.0.100-10.20.0.200. Exclude Ranges Optional. IP ranges to be excluded from being assigned to the cluster machines. The MetalLB range and the load balancer IP address should not intersect with the addresses for IPAM. For example, 10.20.0.150-10.20.0.170.
      Kubernetes	Node CIDR	Kubernetes nodes CIDR block. For example, 10.10.10.0/24.
      	Services CIDR Blocks	Kubernetes Services CIDR block. For example, 10.233.0.0/18.
      	Pods CIDR Blocks	Kubernetes pods CIDR block. For example, 10.233.64.0/18. Note The network subnet size of Kubernetes pods influences the number of nodes that can be deployed in the cluster. The default subnet size /18 is enough to create a cluster with up to 256 nodes. Each node uses the /26 address blocks (64 addresses), at least one address block is allocated per node. These addresses are used by the Kubernetes pods with hostNetwork: false. The cluster size may be limited further when some nodes use more than one address block.

      0(1,2,3,4,5)

      Every drop-down list item of the vSphere section represents a short name of a particular vSphere resource, without the datacenter path. The Network Path drop-down list items also represent specific network types. Start typing the item name in the drop-down list field to filter the results and select the required item.

   2. Configure StackLight:

      StackLight configuration

      Section	Parameter name	Description
      StackLight	Enable Monitoring	Selected by default. Deselect to skip StackLight deployment. Note You can also enable, disable, or configure StackLight parameters after deploying a managed cluster. For details, see Change a cluster configuration or Configure StackLight.
      	Enable Logging	Select to deploy the StackLight logging stack. For details about the logging components, see Deployment architecture. Note The logging mechanism performance depends on the cluster log load. In case of a high load, you may need to increase the default resource requests and limits for fluentdLogs. For details, see StackLight configuration parameters: Resource limits.
      	HA Mode	Select to enable StackLight monitoring in the HA mode. For the differences between HA and non-HA modes, see Deployment architecture.
      	StackLight Default Logs Severity Level	Log severity (verbosity) level for all StackLight components. The default value for this parameter is Default component log level that respects original defaults of each StackLight component. For details about severity levels, see Log verbosity.
      	StackLight Component Logs Severity Level	The severity level of logs for a specific StackLight component that overrides the value of the StackLight Default Logs Severity Level parameter. For details about severity levels, see Log verbosity. Expand the drop-down menu for a specific component to display its list of available log levels.
      OpenSearch	Logstash Retention Time Available since 2.17.0	Available if you select Enable Logging. Specifies the logstash-* index retention time.
      	Events Retention Time Available since 2.17.0	Available if you select Enable Logging. Specifies the kubernetes_events-* index retention time.
      	Notifications Retention Time Available since 2.17.0	Available if you select Enable Logging. Specifies the notification-* index retention time and is used for Mirantis OpenStack for Kubernetes.
      	Retention Time Removed since 2.17.0	Available if you select Enable Logging. The OpenSearch logs retention period.
      	Persistent Volume Claim Size	Available if you select Enable Logging. The OpenSearch persistent volume claim size.
      	Collected Logs Severity Level	Available if you select Enable Logging. The minimum severity of all Container Cloud components logs collected in OpenSearch. For details about severity levels, see Logging.
      Prometheus	Retention Time	The Prometheus database retention period.
      	Retention Size	The Prometheus database retention size.
      	Persistent Volume Claim Size	The Prometheus persistent volume claim size.
      	Enable Watchdog Alert	Select to enable the Watchdog alert that fires as long as the entire alerting pipeline is functional.
      	Custom Alerts	Specify alerting rules for new custom alerts or upload a YAML file in the following exemplary format: - alert: HighErrorRate expr: job:request_latency_seconds:mean5m{job="myjob"} > 0.5 for: 10m labels: severity: page annotations: summary: High request latency For details, see Official Prometheus documentation: Alerting rules. For the list of the predefined StackLight alerts, see Operations Guide: Available StackLight alerts.
      StackLight Email Alerts	Enable Email Alerts	Select to enable the StackLight email alerts.
      	Send Resolved	Select to enable notifications about resolved StackLight alerts.
      	Require TLS	Select to enable transmitting emails through TLS.
      	Email alerts configuration for StackLight	Fill out the following email alerts parameters as required: To - the email address to send notifications to. From - the sender address. SmartHost - the SMTP host through which the emails are sent. Authentication username - the SMTP user name. Authentication password - the SMTP password. Authentication identity - the SMTP identity. Authentication secret - the SMTP secret.
      StackLight Slack Alerts	Enable Slack alerts	Select to enable the StackLight Slack alerts.
      	Send Resolved	Select to enable notifications about resolved StackLight alerts.
      	Slack alerts configuration for StackLight	Fill out the following Slack alerts parameters as required: API URL - The Slack webhook URL. Channel - The channel to send notifications to, for example, #channel-for-alerts.

8. Click Create.

   To monitor the cluster readiness, hover over the status icon of a specific cluster in the Status column of the Clusters page.

   Once the orange blinking status icon is green and Ready, the cluster deployment or update is complete.

   You can monitor live deployment status of the following cluster components:

   Component	Description
   Bastion	For the OpenStack and AWS-based clusters, the Bastion node IP address status that confirms the Bastion node creation
   Helm	Installation or upgrade status of all Helm releases
   Kubelet	Readiness of the node in a Kubernetes cluster, as reported by kubelet
   Kubernetes	Readiness of all requested Kubernetes objects
   Nodes	Equality of the requested nodes number in the cluster to the number of nodes having the Ready LCM status
   OIDC	Readiness of the cluster OIDC configuration
   StackLight	Health of all StackLight-related objects in a Kubernetes cluster
   Swarm	Readiness of all nodes in a Docker Swarm cluster
   LoadBalancer	Readiness of the Kubernetes API load balancer
   ProviderInstance	Readiness of all machines in the underlying infrastructure (virtual or bare metal, depending on the provider type)

9. Proceed with Add a machine.

See also

Delete a managed cluster