You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -14,15 +14,40 @@ When you create a **Public Cluster with a Private Node Group** , the VKS system
14
14
15
15
* Create VM without Floating IP (ie without Public IP). At this time, these VMs (Nodes) cannot join the K8S cluster directly. In order for these VMs to join the K8S cluster, you need to use a NAT Gateway ( **NATGW** ). **NATGW** acts as a relay station, allowing VMs to connect to the K8S cluster without needing a Public IP. With GreenNode, we recommend you use Pfsense or Palo Alto as a NATGW for your Cluster. Pfsense will help you manage incoming and outgoing network traffic (inbound and outbound traffic) effectively, ensuring network security and access management. Besides, using Private Node Group will help you control applications in the cluster more securely, specifically you can limit control plane access rights through the Whitelist IP feature.
When you create a **Public Cluster with Public/Private Node Group** , the VKS system will:
22
22
23
23
* To enhance the security of your cluster, we have introduced the private cluster model. The Private Cluster feature helps make your K8S cluster as secure as possible, all connections are completely private from the connection between nodes to the control plane, the connection from the client to the control plane, or the connection from nodes to products. Other services in GreenNode such as: vStorage, vCR, vMonitor, GreenNode APIs,...Private Cluster is the ideal choice for **services that require strict access control, ensuring compliance with security regulations and data privacy**.
24
24
25
-
## 3. Comparison between using Public Cluster and Private Cluster <ahref="#id-3.-so-sanh-giua-viec-su-dung-public-cluster-va-private-cluster"id="id-3.-so-sanh-giua-viec-su-dung-public-cluster-va-private-cluster"></a>
25
+
## 3. Multi-AZ Cluster
26
+
27
+
A **Multi-AZ Cluster** deploys the Control Plane across **multiple Availability Zones (AZs)**, ensuring **High Availability (HA)** for your cluster. If one AZ experiences an outage, the Control Plane continues to operate normally thanks to redundant instances in other AZs.
28
+
29
+
* Multi-AZ is **not** a separate cluster type — it is a **Control Plane Availability** option (Single-AZ or Multi-AZ) that can be combined with both **Public Cluster** and **Private Cluster**.
30
+
* When choosing Multi-AZ, the VPC must have DNS enabled and you need to select at least 2 subnets from 2 different AZs for the Control Plane.
31
+
* See details at [Multi-AZ Control Plane](clusters/multi-az-control-plane.md).
32
+
33
+
{% hint style="info" %}
34
+
**Relationship between Public/Private Cluster and Single-AZ/Multi-AZ:**
35
+
36
+
These are **2 independent dimensions of choice**:
37
+
***Public/Private**: about network accessibility
38
+
***Single-AZ/Multi-AZ**: about Control Plane availability (HA)
39
+
40
+
Combine these options to suit your needs:
41
+
42
+
| Combination | Suitable for |
43
+
| --- | --- |
44
+
| Public Cluster + Single-AZ (default) | Dev/Test, apps that don't require HA |
45
+
| Public Cluster + Multi-AZ | Production needing HA + easy access |
46
+
| Private Cluster + Single-AZ | High security, Dev/Test |
47
+
| Private Cluster + Multi-AZ | Production with highest security + HA |
48
+
{% endhint %}
49
+
50
+
## 4. Comparison between using Public Cluster and Private Cluster
26
51
27
52
Below is a comparison table between creating and using Public Cluster and Private Cluster on the VKS system:
Copy file name to clipboardExpand all lines: Vietnamese/vks/mo-hinh-hoat-dong.md
+28-1Lines changed: 28 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,7 +28,34 @@ Khi bạn khởi tạo một **Private Cluster với Public/ Private Node Group*
28
28
29
29
***
30
30
31
-
## 3. So sánh giữa việc sử dụng Public Cluster và Private Cluster
31
+
## 3. Multi-AZ Cluster
32
+
33
+
**Multi-AZ Cluster** là tùy chọn triển khai Control Plane trên **nhiều Availability Zone (AZ)**, đảm bảo **High Availability (HA)** cho cluster của bạn. Khi một AZ gặp sự cố, Control Plane vẫn tiếp tục hoạt động bình thường nhờ các instance dự phòng tại các AZ khác.
34
+
35
+
* Multi-AZ **không phải** là một loại cluster riêng biệt — đây là tùy chọn về **Control Plane Availability** (Single-AZ hoặc Multi-AZ) có thể kết hợp với cả **Public Cluster** và **Private Cluster**.
36
+
* Khi chọn Multi-AZ, VPC phải bật DNS và bạn cần chọn tối thiểu 2 subnet thuộc 2 AZ khác nhau cho Control Plane.
37
+
* Tham khảo chi tiết tại [Multi-AZ Control Plane](clusters/multi-az-control-plane.md).
38
+
39
+
{% hint style="info" %}
40
+
**Mối quan hệ giữa Public/Private Cluster và Single-AZ/Multi-AZ:**
41
+
42
+
Đây là **2 chiều lựa chọn độc lập**:
43
+
***Public/Private**: về khả năng truy cập mạng (network access)
44
+
***Single-AZ/Multi-AZ**: về độ sẵn sàng của Control Plane (HA)
45
+
46
+
Kết hợp các lựa chọn này để phù hợp với nhu cầu của bạn:
47
+
48
+
| Kết hợp | Phù hợp cho |
49
+
| --- | --- |
50
+
| Public Cluster + Single-AZ (mặc định) | Dev/Test, ứng dụng không yêu cầu HA |
51
+
| Public Cluster + Multi-AZ | Production cần HA + dễ truy cập |
0 commit comments