English
Our Service
Other service

How VKS works?

Below are the current concepts being provided to you by VKS:

1. Public Cluster

When you create a Public Cluster with Public Node Group , the VKS system will:

  • Create a VM with Floating IP (ie Public IP). Now these VMs (Nodes) can directly join the K8S cluster through this Public IP. By using Public Cluster and Public Node Group, you can easily create Kubernetes clusters and expose services without using Load Balancer. This will contribute to cost savings for your cluster.

When you create a Public Cluster with a Private Node Group , the VKS system will:

  • Create VM without Floating IP (ie without Public IP). At this time, these VMs (Nodes) cannot join the K8S cluster directly. In order for these VMs to join the K8S cluster, you need to use a NAT Gateway ( NATGW ). NATGW acts as a relay station, allowing VMs to connect to the K8S cluster without needing a Public IP. With VNG Cloud, we recommend you use Pfsense or Palo Alto as a NATGW for your Cluster. Pfsense will help you manage incoming and outgoing network traffic (inbound and outbound traffic) effectively, ensuring network security and access management. Besides, using Private Node Group will help you control applications in the cluster more securely, specifically you can limit control plane access rights through the Whitelist IP feature.

2. Private Cluster

When you create a Public Cluster with Public/Private Node Group , the VKS system will:

  • To enhance the security of your cluster, we have introduced the private cluster model. The Private Cluster feature helps make your K8S cluster as secure as possible, all connections are completely private from the connection between nodes to the control plane, the connection from the client to the control plane, or the connection from nodes to products. Other services in VNG Cloud such as: vStorage, vCR, vMonitor, VNGCloud APIs,...Private Cluster is the ideal choice for services that require strict access control, ensuring compliance with security regulations and data privacy.

3. Comparison between using Public Cluster and Private Cluster

Below is a comparison table between creating and using Public Cluster and Private Cluster on the VKS system:

Therefore:

  • Public Cluster : Suitable for applications that do not require high security and need flexibility and access from multiple locations. Easy to deploy and manage but has higher security risks.

  • Private Cluster : Suitable for applications that require high security, strictly complying with security and privacy regulations. Provides stable and secure connectivity, but requires more complex configuration and management, as well as higher costs.

PreviousWhat is VKS?NextAnnouncements and Updates

Last updated

Logo

Address

VNG Corporation

Contact us

support@vngcloud.vn1900 1549

About us

About VNG CloudGet started our cloud