Creating and Managing Network Profiles in the Management Console

Page last updated:

You can add, view and remove network profiles using the Tanzu Kubernetes Grid Integrated Edition Management Console on vSphere.

Using Network Profiles

Network profiles let you customize the NSX-T infrastructure networking and the runtime NCP networking for Kubernetes clusters provisioned by Tanzu Kubernetes Grid Integrated Edition. For example, using a network profile you can change the size of the control plane load balancer, add an additional subnet for nodes, and enable the use of a third party ingress controller. For a complete list of use cases, see Network Profile Use Cases.

Requirements for Network Profiles

Network profiles are supported in NSX mode only; there is no support for Flannel mode. In addition, only management console root and pks.clusters.admin users can create, view, and delete network profiles. Cluster managers can use a network profile when creating a cluster, either using the management console or the TKGI CLI.

Create Cluster with Network Profile

Use the Tanzu Kubernetes Grid Integrated Edition Management Console to create a cluster with an existing network profile.

  1. Select TKG Integrated Edition > Clusters, and select Create Cluster.
  2. Use the Network Profile drop-down menu to select the network profile to use.
  3. Click Show More to view the profile.

    Create cluster with network profile View a larger version of this image

Define Network Profile

Use the Tanzu Kubernetes Grid Integrated Edition Management Console to define a network profile.

NOTE: You must be at the console home page to view the Network Profiles tab.

  1. Select Profiles and select the Network tab.
  2. Click Create Profile.
  3. Enter a Name for the profile.
  4. Enter a suitable Description for the profile.
  5. Optionally you can set up Parameters for Advanced Network or Container Network.
  6. Configure the new profile as needed, or use the default values.
  7. Click Save.

    Define network profile with advanced networks parameters View a larger version of this image

    Define network profile with container network parameters View a larger version of this image

Delete Network Profile

Use the Tanzu Kubernetes Grid Integrated Edition Management Console to delete network profile.

NOTE: You cannot delete a network profile that is in use by a cluster.

  1. Select the Network Profiles tab.
  2. Select the network profile to remove.
  3. Click Delete.
  4. Confirm deletion.

    Delete network profile View a larger version of this image

Advanced Network Parameters

The table lists and describes the available network profile options for customizing NSX-T.

Profile Option Description
Load Balancer Size Size of the control plane load balancer: Small, Medium, Large.
Pod IP Block IDs Array of Pod IP Block UUIDs defined in NSX-T.
Pod Subnet Prefix Size of the Pods IP Block subnet.
Pod Routability Make routable the custom Pods subnet: Yes or No.
Floating Pool IDs Array of floating IP pool UUIDs defined in NSX-T.
T0 Router ID Tenant Tier-0 Router UUID defined in NSX-T.
Failover Mode Select Preemptive or Non-preemptive.
Master VMs NSGroup IDs Namespace Group UUID as defined in NSX-T.
Node IP Block IDs Array of Node IP Block UUIDs defined in NSX-T.
Node Routable Make routable the custom Node subnet: Yes or No.
Node Subnet Prefix Size of the Node IP Block subnet.
Nodes DNS Array of DNS server IP addresses for lookup of Kubernetes nodes and pods.
DNS Lookup Mode DNS lookup for the API LB (API) and ingress controller (API_INGRESS).
Ingress Prefix Ingress controller hostname prefix for DNS lookup.
Single Tier Topology Use a single Tier-1 Router per cluster: Yes or No.
Infrastructure Networks Array of IP addresses and subnets for use with a single tier topology in a multi-T0 environment.
Custom Infrastructure Networks Comma-separated array of custom IP addresses or network CIDRs to be used for Infrastructure Networks.

Container Networks Parameters

The table lists and describes the available network profile options for customizing NCP.

Profile Option Description
Use NSX-T L4 Virtual Server for K8s Load Balancer Use NSX-T layer 4 virtual server for each Kubernetes service of type LoadBalancer: Yes or No.
Use NSX-T L7 Virtual Server as the Ingress Controller for K8s Cluster Use NSX-T layer 7 virtual server as the ingress controller for the Kubernetes cluster: Yes or No.
Use Same Source IP for Calling Clients Use the same source IP for calling clients: Insert or Replace.
Ingress controller IP address IP address to use for the ingress controller.
NCP Log Level Configure NCP log levels: INFO, WARNING, DEBUG, ERROR, CRITICAL.
Log Dropped Firewall Traffic Log dropped firewall traffic: Yes or No.
Log Firewall Traffic Select All, None, or Deny.
Ingress Persistence Type Specify the ingress persistence type: none, cookie, source_ip.
Persistence Timeout Interval in Seconds Persistence timeout interval in seconds.
Maximum Number of L4 Servers Per Cluster Limit the number of L4 virtual servers per cluster.
L4 Persitence Type Connection stickiness based on source_ip.
L4 Load Balancer Behavior Customize the layer 4 load balancer behavior: round_robin, least_connection, ip_hash, weighted_round_robin.
Top Section-id for Distributed Firewall Section UUID of the top section-id for the distributed firewall (DFW) section as defined in NSX-T.
Bottom Section-id for Distributed Firewall Section UUID of the bottom section-id for the distributed firewall (DFW) section as defined in NSX-T.
Lb Http Request Header Size The default maximum request header size is 10,240 characters.
Lb Http Response Header Size The default maximum response header size is 10,240 characters.
Lb Http Response Timeout Timeout in seconds.
Connect Retry Timeout Timeout in seconds.

Please send any feedback you have to pks-feedback@pivotal.io.