Skip to main content
Skip table of contents

Pre-provisioned Air-gapped FIPS: Define Control Plane Endpoint

Define the Control Plane Endpoint for your cluster as well as connection mechanism

A control plane should have three, five, or seven nodes, so it can remain available if one or more nodes fail. A control plane with one node should not be used in production.

In addition, the control plane should have an endpoint that remains available if some nodes fail.

CODE 
                            -------- cp1.example.com:6443
                            |
      lb.example.com:6443 ---------- cp2.example.com:6443
                            |
                            -------- cp3.example.com:6443

In this example, the control plane endpoint host is lb.example.com, and the control plane endpoint port is 6443. The control plane nodes are cp1.example.com, cp2.example.com, and cp3.example.com. The port of each API server is 6443.

Select your Connection Mechanism

A virtual IP is the address that the client uses to connect to the service. A load balancer is the device that distributes the client connections to the backend servers. Before you create a new DKP cluster, choose an external load balancer(LB) or virtual IP.

  • External load balancer

It is recommended that an external load balancer be the control plane endpoint. To distribute request load among the control plane machines, configure the load balancer to send requests to all the control plane machines. Configure the load balancer to send requests only to control plane machines that are responding to API requests.

  • Built-in virtual IP

If an external load balancer is not available, use the built-in virtual IP. The virtual IP is not a load balancer; it does not distribute request load among the control plane machines. However, if the machine receiving requests does not respond to them, the virtual IP automatically moves to another machine.

Single-Node Control Plane

Do not use a single-node control plane in a production cluster.

A control plane with one node can use its single node as the endpoint, so you will not require an external load balancer, or a built-in virtual IP. At least one control plane node must always be running. Therefore, to upgrade a cluster with one control plane node, a spare machine must be available in the control plane inventory. This machine is used to provision the new node before the old node is deleted.

Modify Control Plane Audit logs settings using the information contained in the page Configure the Control Plane.

When the API server endpoints are defined, you can create the cluster using the link in Next Step below.

Known Limitations

Be aware of these limitations in the current release of DKP.

The control plane endpoint port is also used as the API server port on each control plane machine. The default port is 6443. Before you create the cluster, ensure the port is available for use on each control plane machine.

Next Step:

Pre-provisioned Air-gapped FIPS: Create a Management Cluster

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close