Environment Prepare¶
1. Design resource¶
it is necessary to plan in advance the IP/hostname and L4 IP and domain name registration used by K8s cluster master/worker
| Function | HostName | IP | OS | A10 | Domain Name |
|---|---|---|---|---|---|
| Ansible controller | zsoansibap | 10.55.13.139 | Rocky Linux 8.10 | ||
| Gitlab PoC | ZSGITLABD | 10.41.21.20 | Ubuntu 22.04 | ||
| Harbor PoC | ZSHARBORD | 10.41.21.30 | Ubuntu 22.04 | ||
| Rancher PoC | ZSRANCHD1 | 10.41.21.75 | Ubuntu 22.04 | 10.41.21.22 | rancher-wzspoc.wistron.com |
| Rancher PoC | ZSRANCHD2 | 10.41.21.76 | Ubuntu 22.04 | 10.41.21.22 | rancher-wzspoc.wistron.com |
| Rancher PoC | ZSRANCHD3 | 10.41.21.77 | Ubuntu 22.04 | 10.41.21.22 | rancher-wzspoc.wistron.com |
| K8S master PoC | zstmesqm1 | 10.41.243.35 | Ubuntu 22.04 | ||
| K8S master PoC | zstmesqm2 | 10.41.243.36 | Ubuntu 22.04 | ||
| K8S master PoC | zstmesqm3 | 10.41.243.37 | Ubuntu 22.04 | ||
| K8S worker PoC | zstmesqw1 | 10.41.243.51 | Ubuntu 22.04 | 10.41.244.11 | *.wzs-sat-poc-01.k8s.wistron.com |
| K8S worker PoC | zstmesqw2 | 10.41.243.52 | Ubuntu 22.04 | 10.41.244.11 | *.wzs-sat-poc-01.k8s.wistron.com |
| K8S worker PoC | zstmesqw3 | 10.41.243.53 | Ubuntu 22.04 | 10.41.244.11 | *.wzs-sat-poc-01.k8s.wistron.com |
planning Cluster CIDR and Service CIDR network segments - IP segment used for internal communication between K8s Pod and Service. It is necessary to apply for planning with the network team in advance to avoid that the network segments we have allocated will be allocated to other services
| Type | IP |
|---|---|
| Cluster CIDR | 172.41.0.0/16 |
| Service CIDR | 172.42.0.0/16 |
2. Prepare network permission¶
network permission application
-
2.1 master(NAT)/worker -> Rancher:443
-
2.2 add rancher domain name of the router to the SFCS DNS server
-
2.3 the domain name of worker A10 is resolved to SFCS DNS server
-
2.4 port 80/443 from master/worker (NAT) to Harbor proxy cache
-
2.5 site k8s node to corp harbor/gitlab/vault access