forked from pivotal-cf/docs-pks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nsxt-topologies.html.md.erb
52 lines (31 loc) · 2.56 KB
/
nsxt-topologies.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
---
title: NSX-T Deployment Topologies for PKS
owner: PKS
---
<strong><%= modified_date %></strong>
There are three supported topologies in which to deploy NSX-T with PKS.
##<a id='topology-nat'></a> NAT Topology
The following figure shows a Network Address Translation (NAT) deployment:
[View a larger version of this image.](images/vsphere/nsxt-topology-nat.png)
This topology has the following characteristics:
* PKS control plane (Ops Manager, BOSH Director, and PKS VM) components are all located on a logical switch that has undergone Network Address Translation on a T0.
* Kubernetes cluster master and worker nodes are located on a logical switch
that has undergone Network Address Translation on a T0. This requires DNAT rules to allow access to Kubernetes APIs.
##<a id='topology-no-nat-virtual-switch'></a> No-NAT with Virtual Switch (VSS/VDS) Topology
The following figure shows a No-NAT with Virtual Switch (VSS/VDS) deployment:
[View a larger version of this image.](images/vsphere/nsxt-topology-no-nat-virtual-switch.png)
This topology has the following characteristics:
* PKS control plane (Ops Manager, BOSH Director, and PKS VM) components are using corporate routable IP addresses.
* Kubernetes cluster master and worker nodes are using corporate routable IP addresses.
* The PKS control plane is deployed outside of the NSX-T network and the Kubernetes clusters are deployed and managed within the NSX-T network. Since BOSH needs routable access to the Kubernetes Nodes to monitor and manage them, the Kubernetes Nodes need routable access.
##<a id='topology-no-nat-logical-switch'></a> No-NAT with Logical Switch (NSX-T) Topology
The following figure shows a No-NAT with Logical Switch (NSX-T) deployment:
[View a larger version of this image.](images/vsphere/nsxt-topology-no-nat-logical-switch.png)
This topology has the following characteristics:
* PKS control plane (Ops Manager, BOSH Director, and PKS VM) components are using corporate routable IP addresses.
* Kubernetes cluster master and worker nodes are using corporate routable IP addresses.
* The PKS control plane is deployed inside of the NSX-T network. Both the PKS control plane components (VMs) and the Kubernetes Nodes use corporate routable IP addresses.
<p class="note"><strong>Note</strong>: PKS does not support the use of NSX-T edge clusters on bare metal.</p>