Metakube will by default create all resources in SysEleven Stack it needs for a cluster.
You may want to manage them yourself, if you have special requirements.
Metakube may not prevent you from misconfiguring the network.
If you're unsure of what you need, please contact our support.
The Security Group created by default will allow the following traffic to/from your nodes:
NodePort
(and LoadBalancer
) type services.Do not modify the Security Group created by MetaKube (metakube-<cluster-id>
).
It is managed by SysEleven and might receive automatic changes.
Openstack has a Security Group called default
. This Security Group allows egress and traffic between members of the Security Group.
It's not suitable for MetaKube clusters, since Octavia Load Balancers managed by Kubernetes won't work.
Please do not alter the rules in that Security Group!
You may want to use an existing OpenStack network if you want more control over settings such as router configuration.
MetaKube currently does not support IPv6 or mixed networks.
This option is mutually exclusive with specifying a subnet CIDR.
This option is only available in the MetaKube Terraform Provider.
You may specify an existing OpenStack subnet for your nodes.
Only consider this option if you require more IPs for Kubernetes nodes or if the 192.168.1.0/24 IP range collides with another network e.g. that's connected through VPN.
This option is mutually exclusive with specifying an existing subnet.
If specified, MetaKube will create a subnet with the given CIDR.
By default, the nodes will be deployed in a subnet with the 192.168.1.0/24
IP range.
That may collide with other networks you control that need to be routable without NAT.
Or you may require a bigger IP space for more worker nodes.
You can change the IP range for the node subnet to a CIDR of your choice.