Public IPs and PKS with NSX-T

Posted On // Leave a Comment
PKS with NSX-T requires a number of "public" facing IPs for deployed Kubernetes clusters. "Public" in this case just means IPs that would be route-able on the network NSX-T is uplinked to. These IPs are pulled from the IP Pool defined as the "Floating IP Pool" in the PKS tile configuration in Pivotal Operations Manager.
  • 1 IP to use for an SNAT rule for all the VMs for the k8s Cluster if those VMs are deployed in NAT mode
  • 1 IP to use with a Virtual Server to front end the k8s Master Nodes
  • 1 IP to use for an HTTP/S Ingress Virtual Server
  • 1 IP to use for an SNAT rule for each namespace
  • 1 IP to use with a Virtual Server for each LoadBalancer service provisioned
So for each cluster PKS deploys you will consume at least the following (if in NAT mode):
Type IP Addresses
Cluster VMs SNAT 1
Master Node(s) Virtual Server 1
Ingress Virtual Server 1
SNAT for default, kube-public, kube-system, and pks-system namespaces 4
Total 7
On top of those 7 IPs, make sure to add one for each additional namespace, and one for each provisioned LoadBalancer service