Cisco Container Platform

Cisco Container Platform is a turnkey, production-grade, extensible platform that enables you to deploy and manage multiple Kubernetes clusters. It runs on 100% upstream Kubernetes. Seamless container networking, enterprise-grade persistent storage, built-in production-grade security, integrated logging, monitoring, and load balancing are the key benefits of Cisco Container Platform.

Cisco Container Platform provides authentication and authorization, security, high availability, networking, load balancing, and operational capabilities to effectively operate and manage Kubernetes clusters. Cisco Container Platform also provides a validated configuration of Kubernetes and can integrate with underlying infrastructure components such as Cisco UCS, Cisco HyperFlex, and Cisco ACI. You can use HyperFlex or VMware on UCS without HyperFlex, as the storage solution for Cisco Container Platform.

Using the Cisco Container Platform web interface, you can create Kubernetes clusters on which you can deploy containerized applications. The clusters are created on the infrastructure provider platform.

The two user personas in Cisco Container Platform are as follows:

  • The Administrator persona, which is associated with the Administrator role.

  • The User persona, which is associated with the User role.

This chapter contains the following topics:

Administrator Workflow

The following table lists the workflow for Cisco Container Platform administrators.

Task

Related Section

Access the Cisco Container Platform web interface using Administrator credentials.

Accessing Cisco Container Platform Web Interface

Set up the Cisco Container Platform infrastructure configuration.

Setting Up an ACI Profile

Configure Cisco Smart Software Licensing for your Cisco Container Platform instance.

Configuring Cisco Smart Software Licensing

Manage the Cisco Container Platform infrastructure configurations using which clusters are created.

Managing Cisco Container Platform Infrastructure Configuration

Create Kubernetes clusters.

Creating Clusters on vSphere

Creating AWS EKS Clusters

Creating OpenStack Clusters

Creating AKS Clusters

Add users, assign appropriate roles, and associate the new users to the Kubernetes clusters that you have created.

Managing Users and RBAC

Monitor Kubernetes clusters.

Monitoring Health of Cluster Deployments

Monitoring Logs from Cluster Deployments

Manage Kubernetes clusters using the Kubernetes Dashboard.

Managing Kubernetes Clusters

Manage the lifecycle of Kubernetes clusters by scaling or upgrading the clusters.

Scaling Clusters on vSphere

Upgrading Clusters on vSphere

Scaling AWS EKS Clusters

Upgrading AKS Clusters

User Workflow

The following table lists the workflow for developers assigned with the User role.

Task

Related Section

Access the Cisco Container Platform web interface using user credentials.

Accessing Cisco Container Platform Web Interface

Monitor Kubernetes clusters that are assigned to the user.

Monitoring Health of Cluster Deployments

Monitoring Logs from Cluster Deployments

Manage the assigned Kubernetes clusters using the Kubernetes Dashboard or CLI.

Managing Kubernetes Clusters

Deploy applications on the assigned Kubernetes clusters.

Deploying Applications on Kubernetes Clusters

Accessing Cisco Container Platform Web Interface

Before you begin

Ensure that the prerequisite configurations for integrating ACI with Cisco Container Platform are complete.

For more information, see the following documents:

  • ACI Integration Requirements section of the Cisco Container Platform Installation Guide

  • Planning and Prerequisites section of the Cisco ACI and Kubernetes Integration page

Ensure that you have powered on the installer VM on vCenter. The URL of the installer appears on the vCenter Web console.

Procedure

Step 1

Obtain the URL to access the Cisco Container Platform web interface from the vCenter Web console.

Step 2

Access the URL using your web browser. 

https://<Cisco Container Platform IP Address>
Note 

We recommend that you use the Chrome, Safari, or Firefox browser to access the URL.
Step 3

Log in to the web interface as an admin user using the passphrase given during the Cisco Container Platform installation.

Tenant Cluster with ACI Deployment

With an ACI deployment, each tenant cluster is required to have its own routable subnet. The node VLAN, pod subnet, and multicast subnet range should not overlap between clusters. Cisco Container Platform ensures that the VLAN and subnet do not overlap.

Unlike other CNI, an ACI tenant cluster requires two VLAN subinterfaces, one for the Node VLAN, and another for the Infra VLAN. As shown in the following figure, Cisco Container Platform assigns unique Node VLAN IDs. You need to assign a unique Infra VLAN ID for clusters during cluster creation.

When creating a tenant cluster with ACI, you need to select an ACI profile. Cisco Container Platform uses the ACI profile to allocate the VLAN, pod subnet, service subnet, and multicase subnet.

In addition to the ACI profile, you also need to set a Routable CIDR, which is a pre-configured routable CIDR at your router.

The following figure describes the IP address allocation from the routable CIDR range.

Example:

For more information on creating tenant clusters, see Creating Clusters on vSphere.

For more information on the ACI and CNI plugin, see the latest documentation on Cisco ACI and Kubernetes Integration.

Setting Up an ACI Profile


Note
This topic applies to an ACI environment. In a non-ACI environment, the IP address range of the default VIP pool must be expanded to include the additional VIPs for tenant clusters. For more information, see Managing Networks.

When you log in to Cisco Container Platform for the first time, you need to configure the Cisco Container Platform initial setup using the Cisco Container Platform Setup wizard.

Procedure

Step 1

On the Welcome page, click START THE SETUP.

Step 2

In the ACI Credentials screen, specify information such as IP address, username, and passphrase of the APIC instance, click CONNECT, and then click NEXT.

Step 3

In the ACI Configuration screen, perform these steps:

  1. In the NAMESERVERS field, enter the IP address of all the DNS servers that the ACI fabric can access.

  2. From the VMM DOMAIN drop-down list, choose the Virtual Machine Manager Domain (VMMD) that you want to use.

  3. In the INFRASTRUCTURE VLAN ID field, enter the VLAN number for layer 2 networking.

  4. From the VRF drop-down list, choose the Virtual Routing and Forwarding (VRF) IP address.

  5. From the L3OUT POLICY NAME drop-down list, choose the ACI object for allowing external internet connectivity.

  6. From the L3OUT NETWORK NAME drop-down list, choose the external network that is reachable through the L3OUT object.

  7. From the AAEP NAME drop-down list, choose an Attachable Access Entity Profile (AAEP) name to associate the VMM domain with an AAEP.

  8. In the STARTING SUBNET FOR PODS field, enter the starting IP address of the pod subnet.

    The IP addresses for the pods are allocated from the pod subnet.

  9. In the STARTING SUBNET FOR SERVICE field, enter the starting IP address of the service subnet.

    The IP addresses for services are allocated from the service subnet.

  10. In the CONTROL PLANE CONTRACT NAME field, enter the name of the contract that is provided by the endpoint group of the control plane.

    This setting allows traffic from the control plane cluster to the tenant cluster.

  11. In the NODE VLAN START ID field, enter the starting VLAN ID of the node network.

    The IP addresses for the VLAN are allocated from the node network.

  12. In the NODE VLAN END ID field, enter the ending VLAN ID of the node network.

    Note 
    Ensure that you configure two VLANs for each cluster.

  13. In the OPFLEX MULTICAST RANGE field, enter a range for the Opflex multicast.

  14. Click CONNECT.

Step 4

In the Summary screen, verify the configuration, and then click FINISH.

For more information on adding, modifying, or deleting an ACI profile, see Managing ACI Profile.

For more information on integrating Cisco Container Platform with ACI, see Cisco ACI and Kubernetes Integration.

Viewing Version and License Information

To view the version and license information of the product:

Procedure

Step 1

Log in to the Cisco Container Platform web interface.
Step 2

Click the Welcome drop-down list in the top-right corner of the title bar.

The version and license information are displayed.

Changing User Interface Language

The user interface language is the language in which the page titles, menus, dialog boxes, and error messages are displayed on the web interface.

To change the user interface language:

Procedure

Step 1

Log in to the Cisco Container Platform web interface.

Step 2

Click the Welcome drop-down list in the top-right corner of the title bar.

Step 3

In the LANGUAGE area, choose English or Japanese as the user interface language.

The user interface language on the web interface is changed.