The page has been translated by Gen AI.
How-to guides
The user can enter required information for the Kubernetes Engine through the Samsung Cloud Platform Console, select detailed options, and create a service.
Create Kubernetes Engine
You can create and use the Kubernetes Engine service from the Samsung Cloud Platform Console.
You can create and manage clusters to use the Kubernetes Engine service. After creating a cluster, you can add services needed for operation such as nodes, namespaces, and workloads.
Caution
You can select up to 4 Security Groups in the network settings of Kubernetes Engine.
- If you directly add a Security Group to nodes created by Kubernetes Engine on the Virtual Server service page, it may be automatically released because it is not managed by Kubernetes Engine.
- For nodes, the Security Group must be added/managed in the network settings of the Kubernetes Engine service.
Managed Security Group is automatically managed in Kubernetes Engine.
- Do not use it for user arbitrary purposes because deleting the Managed Security Group or adding/deleting rules will automatically be reverted.
Creating a Cluster
You can create and use a Kubernetes Engine cluster service from the Samsung Cloud Platform Console.
To create a Kubernetes Engine cluster, follow these steps.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engine.
- Click the Create Cluster button on the Service Home page. You will be taken to the Create Cluster page.
- Cluster Creation page, enter the information required to create the service, and select detailed options.
- Enter service information area, input or select the required information.
Category Required or notDetailed description Cluster Name Required Cluster Name - Start with an English letter and use English letters, numbers, special character (
-) within 3-30 characters
Control Plane Settings > Kubernetes Version Required Select Kubernetes Version Control Area Settings > Private Endpoint Access Control Select Select whether to use Private Endpoint Access Control - After selecting Use, click Add to select resources that are allowed to access the private endpoint
- Only resources in the same Account and same region can be registered
- Regardless of the Use setting, the nodes of the cluster can access the private endpoint
Control Area Settings > Public Endpoint Access/Access Control Select Select whether to use Public Endpoint Access/Access Control - After selecting Use, enter the Allowed Access IP Range as 192.168.99.0/24
- Set the access control IP range so that external users can access the Kubernetes API server endpoint
- If external access is not needed, you can disable it to reduce security threats
ServiceWatch log collection Optional Set whether to enable log collection so that logs for the cluster can be viewed in ServiceWatch. Log storage up to 5 GB for all services within the account is provided for free, and fees are charged based on storage volume if it exceeds 5 GB. - If you need to check cluster logs, it is recommended to enable the ServiceWatch log collection feature
Cloud Monitoring log collection Optional Set whether to enable log collection so that logs for the cluster can be viewed in Cloud Monitoring. Up to 1 GB of log storage for all services within the account is provided for free, and any amount exceeding 1 GB is deleted sequentially. Network Settings Required Network connection settings for node pool - VPC: Select a pre-created VPC
- Subnet: Choose a standard Subnet to use from the subnets of the selected VPC
- Security Group: after clicking the Select button, select a Security Group in the Security Group Selection popup
- Up to 4 Security Group can be selected
File Storage Settings Required Select the file storage volume to be used in the cluster - Default Volume (NFS): Click the Search button and then select the file storage in the File Storage Selection popup. The default Volume file storage can only use the NFS format.
Table. Kubernetes Engine Service Information Input Items- Additional Information Input Enter or select the required information in the area.
Category RequiredDetailed description Tag Select Add Tag - Up to 50 can be added per resource
- After clicking the Add Tag button, enter or select Key, Value values
Table. Kubernetes Engine Additional Information Input Items
- Start with an English letter and use English letters, numbers, special character (
- Summary Check the detailed information and estimated billing amount generated in the panel, and click the Complete button.
- When creation is complete, check the created resources on the Cluster List page.
Check cluster detailed information
Kubernetes Engine service can view and edit the full resource list and detailed information. Cluster Details page consists of Details, Node Pools, Tags, Activity History tabs.
To view detailed cluster information, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engine.
- Click the Cluster menu on the Service Home page. Navigate to the Cluster List page.
- Click the resource (cluster) you want to view detailed information for on the Cluster List page. You will be taken to the Cluster Details page.
- Cluster Details page displays the cluster’s status information and detailed information, and consists of Details, Node Pool, Tags, Job History tabs.
Category Detailed description Cluster Status Kubernetes Engine cluster status - Creating: Creating
- Running: Created / Running
- Error: Error occurred
Service Termination Button to terminate a Kubernetes Engine cluster - To terminate the Kubernetes Engine service, you must delete all node pools added to the cluster
- If the service is terminated, the running service may be stopped immediately, so termination is necessary after considering the impact of service interruption
Table. Status Information and Additional Functions
- Cluster Details page displays the cluster’s status information and detailed information, and consists of Details, Node Pool, Tags, Job History tabs.
Detailed Information
Cluster List page allows you to view detailed information of the selected resource and, if necessary, edit the information.
| Category | Detailed description |
|---|---|
| service | service name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name
|
| Resource ID | Unique resource ID in the service |
| Creator | User who created the service |
| Creation Time | Time the service was created |
| Editor | User who modified the service information |
| Modification DateTime | Date and time when service information was modified |
| Cluster name | Cluster name |
| LLM Endpoint | LLM Endpoint information |
| Control Plane Settings | Check assigned Kubernetes control plane (Control Plane) version and access permission range
|
| Network Settings | Check VPC, Subnet, and Security Group information set when creating a Kubernetes Engine cluster
|
| File Storage Settings | If you click the volume name, you can view detailed information on the storage detail page |
Table. Cluster detailed information items
Reference
- The version of Kubernetes Engine is denoted in order
[major].[minor].[patch], and you can upgrade only one minor version at a time.- Example: version
1.11.x > 1.13.x(Not possible) / version1.11.x > 1.12.x(Possible)
- Example: version
- If you are using a Kubernetes version that has reached end of support or a version that is scheduled to reach end of support, a red exclamation mark will appear to the right of the version. If this icon appears, we recommend upgrading the Kubernetes version.
Node Pool
You can view, add, modify, or delete cluster node pool information. For detailed information on using node pools, refer to Managing Nodes.
| Category | Detailed description |
|---|---|
| Add node pool | Add node pool to the current cluster
|
| Node Pool Information | Provides node pool list view and management functions
|
Table. Node Pool Items
Reference
If a red exclamation mark icon appears on the version of the node pool information, the server OS of that node pool is not supported in higher versions of Kubernetes. To ensure stable service, the node pool server OS must be upgraded.
- If you want to upgrade the node pool version, you must delete the node pool and then create a new node pool with a higher server OS version.
Tag
On the Cluster List page, you can view the tag information of the selected resource, and you can add, modify, or delete it.
| Category | Detailed description |
|---|---|
| Tag List | Tag List
|
Table. Cluster Tag Tab Items
Work History
You can view the operation history of the selected resource on the Cluster List page.
| Category | Detailed description |
|---|---|
| Work History List | Resource Change History
|
Table. Cluster Job History Tab Detailed Information Items
Managing Cluster Resources
To manage cluster resources, we provide cluster version upgrade, kubeconfig download, and control plane logging modification features.
Caution
To use Kubernetes Engine, you need at least read permissions for VPC, VPC Subnet, Security Group, FileStorage, and Virtual Server.
Security Group and Virtual Server are created/deleted by Kubernetes Engine for lifecycle management purposes even without create/delete permissions, and the creator/modifier is indicated as System.
Security Group and Virtual Server are created/deleted by Kubernetes Engine for lifecycle management purposes even without create/delete permissions, and the creator/modifier is indicated as System.
Cluster Version Upgrade
If there is a version that can be upgraded from the cluster’s Kubernetes version, you can perform the upgrade on the Cluster Details page.
Reference
- Before the cluster upgrade, check the following items.
- Check if the cluster’s status is Running
- Check that all node pool statuses of the cluster are Running or Deleting
- Check that all node pool versions in the cluster are the same version as the cluster
- Check whether automatic scaling/downsizing of all node pools in the cluster and node auto-recovery feature are unused
- After upgrading the cluster, proceed with node pool upgrade. The control plane and node pool upgrades of the Kubernetes cluster are performed separately.
- You can only upgrade one minor version at a time.
- Example: version 1.12.x > 1.13.x (possible) / version 1.11.x > 1.13.x (not possible)
- After an upgrade, you cannot perform a downgrade or rollback, so to use the previous version again you must create a new cluster.
Caution
- Since user systems using end-of-support Kubernetes versions may have security vulnerabilities, upgrade the control plane and node pool versions directly in the Samsung Cloud Platform Console.
- No additional cost will be incurred due to the upgrade.
- Please perform compatibility testing for the upgrade version in advance to ensure stable system operation for users.
Cluster version upgrade preparation
There is no need to delete and recreate API objects when upgrading the cluster version. For the transitioned API, all existing API objects can be read and updated using the new API version. However, due to deprecated APIs in older Kubernetes versions, you may be unable to read or modify existing objects or create new ones. Therefore, to ensure system stability, it is recommended to migrate clients and manifests before the upgrade.
Migrate the client and manifest using the following method.
- Download the new version of the client (e.g., kubectl), install it on the cluster, and modify the Yaml to refer to the new API.
- or use a separate plugin (kubectl convert) to automatically convert. For detailed instructions, refer to the Kubernetes official documentation > Install and set up kubectl on Linux.
Reference
Since the deprecated API differs for each cluster version, the scope of application and system impact may also vary. For detailed explanation, refer to the Kubernetes official documentation > Deprecation Guide.
Upgrade Cluster and Node Pool Versions
To update the cluster and node pool, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. It navigates to the Cluster List page.
- Cluster List page, click the resource (cluster) to upgrade the version. It navigates to the Cluster Details page.
- Click the Edit icon of Kubernetes version on the Cluster Details page. Navigate to the Cluster Version Upgrade popup.
- Select the Kubernetes version to upgrade, and click the Confirm button.
- It may take a few minutes for the cluster upgrade to complete.
- During the upgrade, the cluster status is shown as Updating, and when the upgrade is complete, it is shown as Running.
- When the upgrade is complete, select the Node Pool tab. Go to the Node Pool page.
- Click the More button of the node pool item and click Node Pool Upgrade. It will move to the Node Pool Version Upgrade popup window.
- Node Pool Version Upgrade After checking the message in the popup window, click the Confirm button.
- It may take a few minutes until the node pool upgrade is completed.
- During the upgrade, the node pool status is shown as Updating, and when the upgrade is complete, it is shown as Running.
kubeconfig download
You can download the admin/user kubeconfig settings of the cluster’s public and private endpoints as a yaml document.
To download the cluster’s kubeconfig settings, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- On the Cluster List page, click the resource (cluster) to download the kubeconfig. You will be taken to the Cluster Details page.
- On the Cluster Details page, click the Admin kubeconfig download/User kubeconfig download button for the desired endpoint.
- You can download the kubeconfig file in yaml format for each permission.
Edit Private Endpoint Access Control
You can change the private endpoint access control settings of the cluster.
- Click the All Services > Container > Kubernetes Engine menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Navigate to the Cluster List page.
- On the Cluster List page, click the resource (cluster) to modify private endpoint access control. You will be taken to the Cluster Details page.
- Cluster Details page, click the Edit icon of Private Endpoint Access Control. Navigate to the Private Endpoint Access Control Edit popup.
- Private Endpoint Access Control Modification in the popup window, check the Private Endpoint Access Control Usage, add the allowed access resources, and click the Confirm button.
Modify public endpoint access/access control
You can change the public endpoint access control settings of the cluster.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Navigate to the Cluster List page.
- Click the resource (cluster) to modify public endpoint access control on the Cluster List page. You will be taken to the Cluster Details page.
- Click the Edit icon of Public Endpoint Access/Access Control on the Cluster Details page. It moves to the Public Endpoint Access/Access Control Edit popup.
- Public Endpoint Access/Access Control Modification In the popup window, check the Public Endpoint Access Control Use status and add the allowed IP range, then click the Confirm button.
Modify control area log collection settings
You can change the log collection settings of the cluster’s control plane. Detailed logs of the cluster can be viewed in the ServiceWatch service or the Cloud Monitoring service.
Reference
Even if you set up Cloud Monitoring log collection, you can still view the cluster logs.
- However, since the Cloud Moniotring log collection feature is scheduled for termination, we recommend using ServiceWatch log collection.
Follow the steps below to change the control plane log collection settings of the cluster.
- Click the All Services > Container > Kubernetes Engine menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Navigate to the Cluster List page.
- Cluster List page, click the resource (cluster) to modify control plane logging. Cluster Details page will be opened.
- Cluster Details page, click the Edit icon of ServiceWatch Log Collection. It will navigate to the ServiceWatch Log Collection popup.
- Cloud Monitoring log collection feature can also be set the same way.
- In the ServiceWatch log collection popup, after checking the use of ServiceWatch log modification, click the Confirm button.
Reference
When using log collection, you can view the Audit/Event logs of the cluster control area in each service. Detailed logs can be viewed on the next page.
Security Group Edit
You can modify the cluster’s Security Group.
Caution
In the network settings of Kubernetes Engine, you can select multiple Security Groups. (up to 4)
- If you directly add a Security Group on the Virtual Server service page to nodes created by Kubernetes Engine, they may be automatically released because they are not managed by Kubernetes Engine.
- For nodes, the Security Group must be added/managed in the network settings of the Kubernetes Engine service.
Managed Security Group is automatically managed in Kubernetes Engine.
- Do not use it for any user-defined purpose because if you delete a Managed Security Group or add/delete rules, it will automatically be restored.
To modify the cluster’s Security Group, follow the steps below.
- All Services > Container > Kubernetes Engine menu를 클릭하세요. Kubernetes Engines의 Service Home 페이지로 이동합니다.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Cluster List page, click the resource (cluster) whose Security Group you want to modify. You will be taken to the Cluster Details page.
- Click the Edit icon of Security Group on the Cluster Details page. It will navigate to the Security Group Edit popup.
- After selecting or deselecting the Security Group to modify, click the Confirm button.
Cancel Cluster
Caution
If you terminate the cluster, all node pools will be deleted, and all data in all pods within the cluster will be permanently deleted.
To cancel the cluster, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Click the resource (cluster) on the Cluster List page to view detailed information. You will be taken to the Cluster Detail page.
- On the Cluster Details page, click Service Termination.
- Service termination After checking the contents in the popup window, click the Confirm button.