Networking Configurations Supported By AWS Cloud Provider

This tutorial describes the various networking configurations Platform9 Managed Kubernetes supports on Amazon AWS.

Platform9 Managed Kubernetes provides a native integration with various Cloud Providers including Amazon AWS, where it utilizes native capabilities provided by the cloud for networking and storage integrations during creation of Kubernetes clusters on these endpoints.

A key component of this process is integration with different networking configurations on AWS.

Following are the 4 different networking configurations that we support today. If you would like to see support for an additional configuration, drop us a note to

Creation of New VPC Using Public Subnet(s)

This is the default and the simplest option while creating Kubernetes clusters on Amazon AWS. With this option, Platform9 creates the following on your AWS endpoint ;

Each node in this cluster configuration is thus routable from the internet and gets its own public IP.

Once created, the cluster nodes are easily accessible from the internet for debugging purpose.

Creation of New VPC Using Private Subnet(s)

With this option, Platform9 creates the following on your AWS endpoint:

This option is more secure than the previous option and is recommended for production workloads.

The cluster nodes are accessible from within the cluster only but not from outside. The nodes can reach the internet via the NAT gateway but they are not reachable externally.

Integration with an Existing VPC

If you have existing VPC setup that is configured per your organization's requirements and you'd like to utilize that for Managed Kubernetes deployment, this option allows you to do that.

With this option, Platform9 will not create any networking components behind the scene, it will utilize existing networking configuration you have. In addition to selecting an existing VPC, you are asked to select a (public or private) subnet per Availability zone where the cluster nodes are to be deployed.

This option allows you to seamlessly integrate Managed Kubernetes in your existing setup.

Integration with an Existing VPN Setup Within AWS

Large enterprises will typically have VPN configured to enable direct connect access to their corporate data center environment. Platform9 Managed Kuberntes can integrate with this setup. When you select this option, Managed Kubernetes does not create any networking component in your AWS environment. It simply integrates with your existing VPN setup. If you choose this option, you will likely need to specify your organization's network proxy as part of the wizard so that traffic can be routed appropriately.

Refer to the article Setting up Kubernetes Clusters on Amazon VPC based Private Subnets to understand behind-the-scene details of what gets configured.

October 02, 2017