Equinix Metal with private networking

Available since 2.14.0

This section describes the architecture for a Mirantis Container Cloud deployment based on the Equinix Metal infrastructure using private networks.

Private networks are required for the following use cases:

  • Connect the Container Cloud to the on-premises corporate networks without exposing it to the Internet. This can be required by corporate security policies.

  • Reduce ingress and egress bandwidth costs and the number of public IP addresses utilized by the deployment. Public IP addresses are a scarce and valuable resource, and Container Cloud should only expose the necessary services in that address space.

  • Testing and staging environments typically do not require accepting connections from the outside of the cluster. Such Container Cloud clusters should be isolated in private VLANs.

The following diagram illustrates a high-level overview of the architecture. It covers the Container Cloud deployment across multiple Metros, marked as A and B on the diagram.

../_images/equinix-v2-overview.png

Container Cloud clusters are isolated in private VLANs and do not use any public IP addresses. An external infrastructure allows exposing necessary services to the outside world. This external infrastructure must be provided by the Operator before installing Container Cloud.