This document describes how to create a general cluster and configure the VPCs, subnets and security groups in the TKE console.
Prerequisites
Before creating a cluster, you need to complete the following preparations:
To create a cluster whose network type is virtual private cloud (VPC), you need to create a VPC in the target region and create a subnet in the target availability zone under the VPC. If you do not use the default security group, you need to create a security group in the target region and add a security group rule that meets your business requirements. To bind an SSH key pair when creating a Linux instance, you need to create SSH keys for the target project. When you create a cluster, you will use the resources such as VPCs, subnets, and security groups. Each region has a resource quota. For more information, see Quota Limits for Cluster Purchase. Create a Cluster in the TKE Console
1. Enter the cluster information
1. Log in to the TKE console and click Cluster in the left sidebar. 2. On the "Cluster management" page, click Create above the cluster list.
3. Select General cluster, and click Create.
4. On Create Cluster page, configure the basic information of the cluster as shown in the figure below: Cluster name: Set the name of the cluster with up to 50 characters.
Project of new-added resource: Select a project as needed. The newly added resources will be automatically assigned to this project.
Container network: Assigns IP addresses that are within the container network IP range to containers in the cluster. For details, see Container Network Overview. Image provider: You can select a public image or custom image. For more information, see Image Overview. Operating system: Select the operating system based on your requirements.
Cluster description: Enter information about the cluster, which will be displayed on the Cluster information page.
Advanced settings (optional):
Tencent Cloud tags: After binding tags to the cluster, you can categorize the resources. For more information, see Querying Resources by Tag. Deletion protection: When it's enabled, the cluster will not be deleted by misoperation in the console or via the API.
Kube-proxy proxy mode: Select iptables or ipvs. IPVS mode is applicable to large-scale services. You cannot disable it once it is enabled. For more information, see Enabling IPVS for a Cluster. Runtime version: Select the version of the container runtime component.
5. Click Next.
2. Select a model
On the Select model page, confirm the billing mode, select an AZ and the corresponding subnet, and confirm the node model.
1. Select Add node or Existing nodes for Node source.
Create a cluster by adding nodes (that is, by adding CVMs). The details are as follows:
Cluster type: You can select Managed cluster or Self-deployed cluster.
Managed cluster: The Master and Etcd of the Kubernetes cluster will be managed and maintained by Tencent Cloud.
Self-deployed cluster: The Master and Etcd of the Kubernetes cluster will be deployed on the CVM instance you purchased.
Cluster specification: Select an appropriate cluster specification as needed. For more information, see Purchase Instructions. You can adjust the cluster specification manually, or enable Auto Cluster Upgrade to have it adjusted automatically. Billing Mode: Pay-as-you-go is supported. For more information, see Billing Plans. Worker configurations: If you select Add node for Node source and Managed cluster for Cluster type, all configuration items in this module are set to the default values. You can modify them as needed.
Availability zone: You can select multiple availability zones at the same time to deploy your Master or Etcd nodes to ensure higher availability of the cluster.
Node network: You can select multiple subnet resources at the same time to deploy your Master or Etcd nodes to ensure higher availability of the cluster.
Model: Choose a model higher than CPU 4-core. For details, see Instance Types. System disk: The default value is “HDD cloud disk - 50 GB”. You can select local disk, HDD cloud disk, SSD cloud disk, or premium cloud disk based on your actual model. For details, see Storage Overview. Data disk: As it is not recommended to deploy other applications on the Master and Etcd nodes, no data disk is configured for them by default. You can purchase one and add it if needed.
Public network bandwidth: Select Assign free public IP and the system will assign a public IP address for free. Two billing methods are available. For more information, see Public Network Billing. Node name: The name of the computer in the OS (the node name displayed by running the kubectl get nodes
command). It is a cluster attribute. The node name can be named in the following two modes:
Auto-generated: The node hostname defaults to the private IP of the node.
Custom name: You can use sequential numbering or custom format string. It can contain lower-case letters, numbers, hyphens ("-") and periods ("."). Symbols cannot be placed at the beginning nor end, and cannot be used consecutively. For more naming rules, see Batch Sequential Naming or Pattern String-Based Naming. Note
Due to the naming restriction of kubernetes node, you can only use the lower-case letters when customizing the hostname, for example, 'cvm {R:13}-big{R:2}-test'.
Instance name: The CVM instance name displayed in the console, which is determined by the naming mode of the hostname.
When the node hostname is automatically generated, it supports sequential numbering or custom format for multiple instances. The instance name is automatically generated by default in the format of tke_cluster id_worker
.
When the node hostname is customized, the instance name is the same as the hostname, without the need to reconfigure it.
CVM quantity: Set the number of instances as needed.
Note
If Self-deployed cluster is selected for Cluster type, you can also refer to “Worker configurations” to set the Master and Etcd nodes. Deploy at least three instances, which can be in different availability zones.
Create a cluster using the existing nodes (that is, by using the existing CVMs). The details are as follows:
Note
The selected CVMs will be reinstalled and all data in the system disk will be cleared.
The selected CVMs will be migrated to the project of the cluster. All related security groups will be unbound. You need to bind them manually again.
If you set the data disk mounting parameters when configuring the CVM, this parameter will be applied to all Master and Worker nodes. For more information, see the Mount data disk section in Adding an existing node. Cluster type: You can select Managed cluster or Self-deployed cluster.
Managed cluster: The Master and Etcd of the Kubernetes cluster will be managed and maintained by Tencent Cloud.
Self-deployed cluster: The Master and Etcd of the Kubernetes cluster will be deployed on the CVM instance you purchased.
Cluster specification: Select an appropriate cluster specification as needed. For more information, see Purchase Instructions. You can adjust the cluster specification manually, or enable Auto Cluster Upgrade to have it adjusted automatically. Worker configurations: Select the existing CVMs based on actual needs.
3. Configure CVM
1. In the "CVM configuration" step, configure a CVM based on the following information: qGPU sharing: When it is enabled, GPU sharing is enabled for all added GPU nodes in the cluster by default. You can enable or disable GPU sharing through the Label. Note that the qGPU add-on must be installed if you want to use GPU sharing.
Container Directory: Select this option to set up the container and image storage directory. We recommend that you store to the data disk, such as /var/lib/docker
.
Security Group: The security group works as a firewall to control access to the CVM network. The following settings are supported:
Create and bind the default security group. You can preview the default security group rules.
Add a security group to configure custom security group rules according to your actual needs. For details, see TKE Security Group Settings. Login Method: Three login methods are available.
SSH Key Pair: A key pair is a pair of parameters generated by an algorithm. It is a way to log in to a CVM instance that is more secure than regular passwords. For more details, see SSH Key. Random Password: The system sends an automatically generated password to your Message Center. Custom Password: Set a password as prompted.
Security Services: Free DDoS, Web Application Firewall (WAF) and Cloud Workload Protection (CWP) are activated by default. For more information, see Cloud Workload Protection. Cloud Monitor: Free monitoring, analysis, and alarms are activated by default, and components are installed to obtain CVM monitoring metrics. For more information, see Tencent Cloud Observability Platform. 2. (Optional) Click Advanced Settings to view or configure more information. CAM Role: You can bind all the nodes created this time to the same CAM role, and grant the authorization policy bound to the role to the nodes. For more information, see Managing Roles. Node Launch Configuration: Specify custom data to configure the node, that is, to run the configured script when the node is launched. You need to ensure the reentrant and retry logic of the script. The script and its log files can be viewed at the node path: /usr/local/qcloud/tke/userscript
.
Cordon: After you check Cordon this node, new Pods cannot be scheduled to this node. You can uncordon the node manually, or execute the uncordon command in custom data as needed. Label: Click Add to customize the label. The label set here will be automatically added to the initial nodes of the cluster, and is used to filter and manage nodes in the future.
3. Click Next.
4. Configure add-ons
1. Configure add-ons based on the following information: - Addon: You can select the add-ons such as storage, monitor, and image as needed. For more information, see Add-on Overview. TMP: When it is enabled, you can configure data collection rules and alarm rules based on your needs. Then, you can check monitoring data on the Grafana dashboard. For more information, see TMP Overview. Log Service: The cluster auditing is enabled by default. For more information, see Cluster Audit. 2. Click Next.
5. Confirm the information
On the Confirm information page, confirm the configuration and billing information for the cluster, and select I have read and agree to TKE Service Level Agreement. Click Done to complete the process. 6. View the cluster
You can view clusters that have been created in the cluster list. You can click the cluster ID to enter the details page, and then view the cluster, node, and network information on the "Basic information" page. Create a Cluster via the API
Was this page helpful?