The page has been translated by Gen AI.
How-to guides
Users can enter the required information for the Kubernetes Engine and select detailed options to create a service through the Samsung Cloud Platform Console.
Create Kubernetes Engine
You can create and use the Kubernetes Engine service from the Samsung Cloud Platform Console.
You can create and manage clusters to use the Kubernetes Engine service. After creating a cluster, you can add services needed for operation such as nodes, namespaces, and workloads.
Caution
You can select up to 4 Security Groups in the network settings of Kubernetes Engine.
- If you directly add a Security Group to nodes created by Kubernetes Engine on the Virtual Server service page, they may be automatically detached because they are not managed by Kubernetes Engine.
- For nodes, the Security Group must be added/managed in the network settings of the Kubernetes Engine service.
Managed Security Group is automatically managed in Kubernetes Engine.
- Do not use Managed Security Group for arbitrary user purposes because if you delete it or add/delete rules, it will automatically be restored.
Creating a cluster
You can create and use a Kubernetes Engine cluster service from the Samsung Cloud Platform Console.
To create a Kubernetes Engine cluster, follow these steps.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engine.
- Click the Create Cluster button on the Service Home page. You will be taken to the Create Cluster page.
- Cluster Creation page, enter the information required for service creation, and select detailed options.
- Service Information Input area, please enter or select the required information.
Category RequiredDetailed description Cluster Name Required Cluster Name - Start with an English letter and use English letters, numbers, and the special character (
-) within 3-30 characters
Control Plane Settings > Kubernetes Version Required Select Kubernetes Version Control Area Settings > Private Endpoint Access Control Select Select whether to use Private Endpoint Access Control - After selecting Use, click Add to select resources that are allowed to access the private endpoint
- Only resources in the same Account and same region can be registered
- Regardless of the Use setting, the nodes of the cluster can access the private endpoint
Control Area Settings > Public Endpoint Access/Access Control Select Select whether to use Public Endpoint Access/Access Control - After selecting Use, enter the Allowed Access IP Range as 192.168.99.0/24
- Set the access control IP range so that external users can access the Kubernetes API server endpoint
- If external access is not needed, you can disable it to reduce security threats
ServiceWatch log collection Select Set whether to enable log collection so that logs for the cluster can be viewed in ServiceWatch - Use to select provides 5 GB of log storage for free for all services within the Account, and if it exceeds 5 GB, charges are applied based on storage amount
- If you need to check cluster logs, it is recommended to enable the ServiceWatch log collection feature
Cloud Monitoring log collection Select Set whether to enable log collection so that logs for the cluster can be viewed in Cloud Monitoring - Enable: If selected, 1 GB of log storage is provided for free for all services within the Account, and any amount exceeding 1 GB will be deleted sequentially
Network Settings Required Network connection settings for node pool - VPC Name: Select a pre-created VPC
- Subnet Name: Choose a standard Subnet to use among the subnets of the selected VPC
- Security Group: Select button after clicking then Select Security Group popup window select Security Group
- Up to 4 Security Group can be selected
File Storage Settings Required Select the file storage volume to be used in the cluster - Default Volume (NFS): Click the Search button and then select the file storage in the File Storage Selection popup. The default Volume file storage can only use the NFS format
Table. Kubernetes Engine service information input items - Start with an English letter and use English letters, numbers, and the special character (
- Enter additional information area, input or select the required information.
Category Required or notDetailed description Tag Select Add Tag - Up to 50 can be added per resource
- After clicking the Add Tag button, enter or select Key, Value values
Table. Kubernetes Engine Additional Information Input Items
- Service Information Input area, please enter or select the required information.
- Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- When creation is complete, check the created resources on the Cluster List page.
Check cluster details
Kubernetes Engine service allows you to view and edit the full resource list and detailed information. Cluster Details page consists of Details, Node Pools, Tags, Activity History tabs.
To view detailed cluster information, follow the steps below.
- All Services > Container > Kubernetes Engine 메뉴를 클릭하세요. Kubernetes Engine의 Service Home 페이지로 이동합니다.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Click the resource (cluster) you want to view detailed information for on the Cluster List page. You will be taken to the Cluster Details page.
- Cluster Details page displays the cluster’s status information and detailed information, and consists of Details, Node Pool, Tags, Job History tabs.
Category Detailed description Cluster Status Kubernetes Engine cluster status - Creating: Creating
- Running: Created / Running
- Updating: Version upgrade in progress
- Deleting: Deleting
- Error: Error occurred
Service Termination Button to terminate a Kubernetes Engine cluster - To terminate the Kubernetes Engine service, you must delete all node pools added to the cluster
- If the service is terminated, the running service may be stopped immediately, so termination is necessary considering the impact of service interruption
Table. Cluster status information and additional functions
- Cluster Details page displays the cluster’s status information and detailed information, and consists of Details, Node Pool, Tags, Job History tabs.
Detailed Information
You can view detailed information of the selected resource on the Cluster List page, and modify the information if necessary.
| Category | Detailed description |
|---|---|
| service | service name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name
|
| Resource ID | Unique resource ID in the service |
| Creator | User who created the service |
| Creation DateTime | DateTime when the service was created |
| Modifier | User who modified the service information |
| Modification DateTime | DateTime when service information was modified |
| Cluster Name | Cluster Name |
| LLM Endpoint | LLM Endpoint information |
| Control Plane Settings | Check assigned Kubernetes control plane (Control Plane) version and access permission scope
|
| Network Settings | View VPC, Subnet, and Security Group information set when creating a Kubernetes Engine cluster
|
| File Storage Settings | If you click the volume name, you can view detailed information on the storage detail page |
Table. Cluster detailed information tab items
Reference
- The version of Kubernetes Engine is denoted in the order
[major].[minor].[patch], and you can upgrade only one minor version at a time.- Example: Version
1.11.x > 1.13.x(Not allowed) / Version1.11.x > 1.12.x(Allowed)
- Example: Version
- If you are using a Kubernetes version that has reached end of support or a version that is scheduled to reach end of support, a red exclamation mark will appear to the right of the version. If this icon is displayed, we recommend upgrading the Kubernetes version.
Node Pool
You can view cluster node pool information and add, modify, or delete. For detailed information on using node pools, refer to Managing Nodes.
| Category | Detailed description |
|---|---|
| Add Node Pool | Add node pool to current cluster
|
| Node Pool List | Check the list of node pools created in the current cluster
|
| More menu | Provides node pool management features
|
Table. Node Pool Tab Items
Reference
If a red exclamation mark icon appears on the version of the node pool information, the server OS of that node pool is not supported in newer versions of Kubernetes. To ensure stable service, the node pool server OS must be upgraded.
- To upgrade the node pool version, delete the existing node pool and then create a new node pool with a higher server OS version.
Tag
Cluster List page allows you to view the tag information of the selected resource, and you can add, modify, or delete it.
| Category | Detailed description |
|---|---|
| Tag List | Tag List
|
Table. Cluster Tag Tab Items
Work History
You can view the operation history of the selected resource on the Cluster List page.
| Category | Detailed description |
|---|---|
| Work History List | Resource Change History
|
Table. Cluster Job History Tab Items
Managing Cluster Resources
We provide cluster version upgrade, kubeconfig download, and control plane logging modification features for cluster resource management.
Caution
To use Kubernetes Engine, you need at least read permissions for VPC, VPC Subnet, Security Group, FileStorage, and Virtual Server.
Even without create/delete permissions, Security Group and Virtual Server are created/deleted by Kubernetes Engine for lifecycle management purposes, and the creator/modifier is indicated as System.
Even without create/delete permissions, Security Group and Virtual Server are created/deleted by Kubernetes Engine for lifecycle management purposes, and the creator/modifier is indicated as System.
Cluster Version Upgrade
If there is a version that can be upgraded from the cluster’s Kubernetes version, you can perform the upgrade on the Cluster Details page.
Reference
- Before the cluster upgrade, check the following items.
- Check if the cluster status is Running
- Check that the status of all node pools in the cluster is Running or Deleting
- Check that all node pool versions in the cluster are the same version as the cluster
- Check if automatic scaling/downsizing of all node pools in the cluster and node auto-recovery feature are disabled
- After upgrading the cluster, proceed with the node pool upgrade. The control plane and node pool upgrades of the Kubernetes cluster are performed separately.
- You can upgrade only one minor version at a time.
- Example: version 1.12.x > 1.13.x (possible) / version 1.11.x > 1.13.x (not possible)
- After an upgrade, you cannot perform a downgrade or rollback, so to use the previous version again you must create a new cluster.
Caution
- Since user systems using an end-of-support Kubernetes version may become vulnerable, upgrade the control plane and node pool versions directly in the Samsung Cloud Platform Console.
- No separate cost will be incurred due to the upgrade.
- Please perform compatibility testing for the upgrade version in advance to ensure stable system operation for users.
Cluster version upgrade preparation
There is no need to delete and recreate API objects when upgrading the cluster version. For the transitioned API, all existing API objects can be read and updated using the new API version. However, due to deprecated APIs in older Kubernetes versions, you may be unable to read or modify existing objects or create new ones. Therefore, to ensure system stability, it is recommended to migrate clients and manifests before the upgrade.
Migrate the client and manifest using the following method.
- Download the new version of the client (e.g., kubectl), install it on the cluster, and modify the YAML to refer to the new API.
- Or use a separate plugin (kubectl convert) to automatically convert it. For detailed explanation, refer to Kubernetes official documentation > Install and configure kubectl on Linux.
Reference
Since the deprecated API differs for each cluster version, the scope of application and system impact may also differ. For detailed explanation, refer to the Kubernetes official documentation > Deprecation Guide.
Upgrade cluster and node pool version
To update the cluster and node pool, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Service Home page, click the Cluster menu. Go to the Cluster List page.
- Click the resource (cluster) to upgrade the version on the Cluster List page. You will be taken to the Cluster Details page.
- Click the edit icon of Kubernetes version on the Cluster Details page. The Cluster version upgrade popup opens.
- Select the Kubernetes version to upgrade, and click the Confirm button.
- It may take a few minutes until the cluster upgrade is complete
- During the upgrade, the cluster status is shown as Updating, and when the upgrade is complete, it is shown as Running.
- When the upgrade is complete, select the Node Pool tab. Go to the Node Pool page.
- Click the More button of the node pool item and click Node Pool Upgrade. The Node Pool Version Upgrade popup window opens.
- Node Pool Version Upgrade After checking the message in the popup window, click the Confirm button.
- It may take a few minutes until the node pool upgrade is completed.
- During the upgrade, the node pool status is shown as Updating, and when the upgrade is complete, it is shown as Running.
kubeconfig download
You can download the admin/user kubeconfig settings of the cluster’s public and private endpoints as a yaml document.
To download the kubeconfig settings of the cluster, follow the steps below.
- Click the All Services > Container > Kubernetes Engine menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Click the resource (cluster) to download the kubeconfig on the Cluster List page. You will be taken to the Cluster Details page.
- Cluster Details on the page, select the desired endpoint’s Admin kubeconfig download/User kubeconfig download button and click it.
- You can download the kubeconfig file in yaml format for each permission.
Modify private endpoint access control
You can change the private endpoint access control settings of the cluster.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Navigate to the Cluster List page.
- Cluster List page, click the resource (cluster) for which you want to modify the private endpoint access control. You will be taken to the Cluster Details page.
- Click the Edit icon of Private Endpoint Access Control on the Cluster Details page. The Edit Private Endpoint Access Control popup opens.
- In the Private Endpoint Access Control Edit popup, set the Use status of Private Endpoint Access Control, add the allowed access resources, and then click the Confirm button.
Modify public endpoint access/access control
You can change the public endpoint access control settings of the cluster.
- All Services > Container > Kubernetes Engine menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Cluster List page, click the resource (cluster) you want to modify public endpoint access control. Navigate to the Cluster Details page.
- Click the Edit icon of Public Endpoint Access/Access Control on the Cluster Details page. The Public Endpoint Access/Access Control Edit popup opens.
- Public endpoint access/access control modification In the popup, set the use of Public endpoint access control, add the allowed IP range, and then click the Confirm button.
Modify control area log collection settings
You can change the log collection settings of the cluster’s control plane. Detailed logs of the cluster can be viewed in the ServiceWatch service or the Cloud Monitoring service.
Reference
Even if you set up Cloud Monitoring log collection, you can check the cluster logs.
- However, the Cloud Moniotring log collection feature is scheduled for termination, so we recommend using ServiceWatch log collection.
To change the control plane log collection settings of the cluster, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Go to the Cluster List page.
- Click the resource (cluster) to modify control plane logging on the Cluster List page. You will be taken to the Cluster Details page.
- On the Cluster Details page, click the Edit icon of ServiceWatch Log Collection. The ServiceWatch Log Collection popup opens.
- Cloud Monitoring log collection feature can also be set the same way.
- ServiceWatch log collection in the popup window, after setting the use of ServiceWatch log modification, click the Confirm button.
Reference
When log collection is used, you can view the Audit/Event logs of the cluster control plane in each service. Detailed logs can be viewed on the next page.
Security Group Edit
You can modify the cluster’s Security Group.
Caution
You can select up to 4 Security Groups in the network settings of Kubernetes Engine.
- If you directly add a Security Group on the Virtual Server service page for nodes created by Kubernetes Engine, it may be automatically released because it is not managed by Kubernetes Engine.
- For nodes, the Security Group must be added/managed in the network settings of the Kubernetes Engine service.
Managed Security Group is automatically managed in Kubernetes Engine.
- Do not use Managed Security Group for arbitrary user purposes because if you delete it or add/delete rules, it will automatically be restored.
Follow the steps below to modify the cluster’s Security Group.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. You will be taken to the Cluster List page.
- Click the resource (cluster) to modify the Security Group on the Cluster List page. You will be taken to the Cluster Details page.
- Click the Edit icon of Security Group on the Cluster Details page. The Edit Security Group popup window opens.
- After selecting or deselecting the Security Group to modify, click the Confirm button.
Cancel Cluster
Caution
If you terminate the cluster, all connected node pools will be deleted, and all data in all pods within the cluster will be permanently deleted.
To cancel the cluster, follow the steps below.
- All Services > Container > Kubernetes Engine Click the menu. Navigate to the Service Home page of Kubernetes Engines.
- Click the Cluster menu on the Service Home page. Move to the Cluster List page.
- Cluster List page, click the resource (cluster) for which you want to view detailed information. You will be taken to the Cluster Detail page.
- Click Cancel Service on the Cluster Details page.
- Service termination After reviewing the content in the popup window, click the Confirm button.