Create subnets for a MOSK cluster¶
According to the MOSK reference architecture, you should create the following subnets.
lcm-nw¶
The LCM network of the MOSK cluster. Example of lcm-nw
subnet:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
ipam/SVC-k8s-lcm: "1"
name: lcm-nw
namespace: <MOSKClusterNamespace>
spec:
cidr: 172.16.43.0/24
gateway: 172.16.43.1
includeRanges:
- 172.16.43.10-172.16.43.100
k8s-ext-subnet¶
The addresses from this subnet are assigned to interfaces connected to the external network.
Example of k8s-ext-subnet:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
name: k8s-ext-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 172.16.45.0/24
includeRanges:
- 172.16.45.10-172.16.45.100
gateway: 172.16.45.1
mosk-metallb-subnet¶
The addresses from this subnet are not allocated to interfaces, but used as a MetalLB address pool to expose MOSK API endpoints as Kubernetes cluster services.
Example of mosk-metallb-subnet:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
ipam/SVC-metallb: true
cluster.sigs.k8s.io/cluster-name: <MOSKClusterName>
name: mosk-metallb-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 172.16.45.0/24
includeRanges:
- 172.16.45.101-172.16.45.200
k8s-pods-subnet¶
The addresses from this subnet are assigned to interfaces connected to the Kubernetes workloads network and used by Calico CNI as underlay for traffic between the pods in the Kubernetes cluster.
Example of k8s-pods-subnet:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
name: k8s-pods-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 10.12.3.0/24
includeRanges:
- 10.12.3.10-10.12.3.100
neutron-tunnel-subnet¶
The underlay network for VXLAN tunnels for the MOSK tenants traffic. If deployed with Tungsten Fabric, it is used for MPLS over UDP+GRE traffic.
Example of neutron-tunnel-subnet:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
name: neutron-tunnel-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 10.12.2.0/24
includeRanges:
- 10.12.2.10-10.12.2.100
ceph-public-subnet¶
Ceph uses this network for its external connections. Example of a subnet for the storage access network:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
ipam/SVC-ceph-public: true
cluster.sigs.k8s.io/cluster-name: <MOSKClusterName>
name: ceph-public-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 10.12.0.0/24
ceph-cluster-subnet¶
Ceph uses this network for its internal replication traffic. Example of a subnet for the storage replication network:
apiVersion: ipam.mirantis.com/v1alpha1
kind: Subnet
metadata:
labels:
kaas.mirantis.com/provider: baremetal
kaas.mirantis.com/region: region-one
ipam/SVC-ceph-cluster: true
cluster.sigs.k8s.io/cluster-name: <MOSKClusterName>
name: ceph-cluster-subnet
namespace: <MOSKClusterNamespace>
spec:
cidr: 10.12.1.0/24
Now, proceed with creating an L2 template for one or multiple managed clusters as described in Create L2 templates.