Create a Managed Kubernetes cluster on a cloud server

You can create no more than 10 highly available and 10 basic Managed Kubernetes clusters on cloud servers in one project and one pool.

Control panel

1. Configure the cluster.
2. Configure a node group.
3. Configure automation.

1. Configure the cluster

1. In the Control panel, on the top menu, click Products and select Managed Kubernetes.

2. Click Create cluster.

3. Enter a cluster name. The name will be included in the names of cluster objects: node groups, nodes, load balancers, networks, and disks. For example, if the cluster name is kelsie, the node group name will be kelsie-node-gdc8q, and the boot disk name will be kelsie-node-gdc8q-volume.

4. Select a location where the master nodes will be located. You cannot change the location after creating the cluster.

5. Select a Kubernetes version. After creating a cluster, you can update the Kubernetes version.

6. Optional: select a network plugin (CNI). Calico is used in the cluster by default. You cannot change the CNI after creating the cluster.

   In the Cilium network plugin, the default settings are:

   • the envoy daemonset setting is enabled — for more details on this setting, see the Envoy section of the Cilium documentation;
   • the hubble-relay setting is disabled — for more details on this setting, see the Hubble Relay subsection of the Hubble internals article in the Cilium documentation.

   If you want to change these settings, create a cluster using the Managed Kubernetes API. Note that using the hubble-relay setting requires at least 4 GB of RAM on the node.

7. Select a cluster type. You cannot change the cluster type after creating the cluster.

8. Optional: to make the cluster accessible via a private network and unavailable from the internet, check the Private kube API checkbox. By default, the cluster is created in a public network and is automatically assigned a public kube API IP address, which is accessible from the internet. You cannot change the kube API access type after creating the cluster.

9. Click Continue.

2. Configure a node group

1. In the Server type field, select Cloud server.

2. Select a location where all worker nodes in the group will be located. You cannot change the location after creating the cluster.

3. Configure the worker node configuration in the group:

   3.1. Click Select configuration and choose the worker node configuration in the group:

   • custom — any resource ratio can be specified;
   • or fixed with GPU — prebuilt node configurations with GPUs and a specified resource ratio.

   If standard configurations do not suit your needs, you can add a node group with a fixed cloud server configuration via the Managed Kubernetes API or Terraform after creating the cluster.

   3.2. If you have selected a custom configuration, specify the number of vCPUs, RAM, and select a boot disk. Specify the disk size.

   3.3. If you have selected a fixed configuration with GPU, choose a prebuilt node configuration with GPUs, a boot disk, and specify the disk size. To install GPU drivers yourself, turn off the GPU drivers toggle. By default, the GPU drivers toggle is turned on, and the cluster uses pre-installed drivers.

   3.4. Click Save.

4. Configure the number of worker nodes. For fault-tolerant operation of system components and the Cilium network plugin, we recommend having at least two worker nodes in the cluster; the nodes can be located in different groups:

   4.1. To set a fixed number of nodes in a node group, open the Fixed tab and specify the number of nodes.

   4.2. To use autoscaling with Cluster Autoscaler, open the Autoscaling tab and set the minimum and maximum number of nodes in the group; the number of nodes will only change within this range. Autoscaling is not available for GPU node groups without drivers.

5. Optional: to make the node group preemptible, check the Preemptible node group checkbox. Preemptible node groups are available in the regions of St. Petersburg, Moscow, and Novosibirsk.

6. Optional: add node group labels:

   6.1. In the Labels field, click Add.

   6.2. Enter the label key.

   6.3. Enter the label value.

   6.4. Click Add.

7. Optional: add node group taints:

   7.1. In the Taints field, click Add.

   7.2. Enter the taint key.

   7.3. Enter the taint value.

   7.4. Select the effect:

   • NoSchedule — new pods will not be scheduled, and existing pods will continue to run;
   • PreferNoSchedule — new pods will be scheduled if there are no other available places in the cluster;
   • NoExecute — running pods without tolerations will be evicted.

   7.5. Click Add.

8. Optional: add a script with custom parameters to configure the Managed Kubernetes cluster:

   8.1. In the User data field, click Add.

   8.2. Paste the script. The maximum size of a script with data not encoded in Base64 is 47 KB. You can find script examples and supported formats in the User data instructions.

9. Optional: to add an additional worker node group to the cluster, click Add node group. You can create a cluster with worker node groups in different segments of the same pool. This will improve fault tolerance and help maintain application availability in case of a failure in one of the segments.

10. In the Cloud network block, configure a private subnet without internet access to group all cluster nodes.

    10.1. To create a private subnet, in the Subnet for nodes field, select New private subnet.

    A private network <cluster_name>-network, a private subnet, and a router <cluster_name>-router will be created automatically, where <cluster_name> is the cluster name. The CIDR is assigned automatically.

    A default security group will be assigned to node ports. Do not change its rules or assign a different security group. This will prevent cluster malfunction.

    10.2. If a private subnet has been created, in the Subnet for nodes field, select an existing subnet. The subnet must meet the following conditions:

    • connected to a cloud router;
    • does not overlap with the 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24 ranges. These ranges are used for internal Managed Kubernetes addressing;
    • DHCP is disabled;
    • only the default security group is assigned to the ports. Do not change its rules or assign a different security group. This will prevent cluster malfunction. You can view security groups on ports.

11. Click Continue.

3. Configure automation

1. Optional: to enable node auto-recovery, select the Node auto-recovery checkbox. If the cluster has only one worker node, auto-recovery is not available.

2. Optional: to enable automatic patch version upgrades, select the Automatic patch version upgrades checkbox. If the cluster has only one master node (base cluster) or one worker node, automatic Kubernetes patch version upgrades are not available.

3. Select the cluster maintenance start time — the time at which automatic cluster maintenance operations will begin.

4. Optional: to enable audit logs, select the Audit logs checkbox. After creating the cluster, configure the log storage and analysis system integration.

5. Check the cluster price on a cloud server.

6. Click Create. Creating a cluster takes several minutes, during which the cluster will be in the status CREATING. The cluster will be ready for use when it enters the status ACTIVE.

Terraform

Use the instructions in the Terraform documentation:

• Create a basic Managed Kubernetes cluster;
• Create a high-availability Managed Kubernetes cluster.