Link a cluster on a dedicated server to other products

Link a cluster on a dedicated server to other Selectel products

A global router is used to configure network connectivity between the cluster on the dedicated server and other Selectel products. When you create a cluster on a dedicated server, a global router is automatically created. This is a service router that connects the dedicated server and the cloud platform resources required for the Managed Kubernetes cluster to function.

The process of setting up network connectivity depends on whether you are using other global routers:

if you're not already using a global router, you can link products using a service global router;
If you already have a global router network in your account, you can Connect products through global router interconnection.

You can see the list of routers in control panels: from the top menu, press Products and select Global router. The service global router is called <cluster_name>-l3vpnwhere <cluster_name> — cluster name.

Link products using the service global router⁠

Connect networks and subnets to the global router to each VLAN and project whose products and services are to be aggregated. For VMware-based clouds You can only add networks and subnets via technical support.
Write routes on the devices.

1. Connect networks and subnets to the global router⁠

Dedicated server
Cloud platform

Use for a dedicated or hosted server.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

В control panels from the top menu, press Products and select Global router.
Open the router page → tab Networks. The service global router is called <cluster_name>-l3vpnwhere <cluster_name> — cluster name.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a product Dedicated servers.
Select pool.
Select VLAN. If you want to create a network up to the internal segment (Q-in-Q), specify its tag, a number from 2 to 4094. If there is already a network up to the VLAN, be sure to specify the Q-in-Q segment of this VLAN.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and private subnet mask. You can enter a new subnet or an existing private subnet of the server if it is not already added to any of the global routers in the account. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- range 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router.
If you have specified a Q-in-Q tag, make sure that customized Q-in-Q. When configuring, use the subnet you specified in step 9.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels from the top menu, press Products → Global router → router page → Network map.

For your information

If the cloud platform network is connected to a global router, you can only manage it on the global router page.

Use for a cloud server, Managed Kubernetes cluster node, or cloud database cluster.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

Connect a new network
Connect existing network

В control panels from the top menu, press Products and select Global router.
Open the router page → tab Networks. The service global router is called <cluster_name>-l3vpnwhere <cluster_name> — cluster name.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a product Cloud platform.
Select pool.
Select project.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and subnet mask. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels from the top menu, press Products → Global router → service global router page → Network map.

Verify that the network has not yet been added to any of the account's global routers. В control panels from the top menu, press Products → Cloud servers → Network → tab Private networks → check that there is no tag in the network card Global router.
Verify that the subnet meets the conditions:
- belongs to the private address range according to RFC 1918: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network;
- is at least /29, as three addresses will be occupied by Selectel network equipment;
- does not overlap with other subnets added to this router: the IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router.
В control panels from the top menu, press Products and select Cloud servers.
Go to the section Network → tab Private networks.
On the menu networks select Connect to a global router.
Select a service global router. The service global router is called <cluster_name>-l3vpnwhere <cluster_name> — cluster name.
For each of the network subnets, enter the IP address that will be assigned to the router, or leave the first available address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network. The last two free subnet addresses will be reserved as service addresses.
Click Connect. Do not close the window until you see the message that the network is connected. After that, in the control panel:
- the network will appear in section Selectel Global Router on the page of the router you connected it to;
- в section Cloud servers → Network → on the tab Private networks the network will be tagged Global router.

2. Prescribe routes on the devices⁠

Write routes from the cluster to all devices on the network and from all devices on the network to the cluster.

Dedicated server, cloud based on VMware
Cloud platform

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network configuration file:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the data block of the desired network interface, add a route:
```
routes:
  - to: <ip_address>/<mask>
    via: <gateway>
```
Specify:
- <ip_address>/<mask> — the subnet to which you want to route, specifying the mask, e.g. 192.168.0.0/28;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block, for example:
```
routes:
- to: 192.168.0.0/28
    via: 172.16.0.1
- to: 192.168.1.0/28
    via: 172.16.0.1
```
Save the file.
Check the settings:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

Connect to the server.
Open the network configuration file:
```
vi  /etc/network/interfaces
```
At the end of the data block of the corresponding network interface, add the desired route:
```
up route add -net <ip_address> netmask <mask> gw <gateway>
down route del -net <ip_address> netmask <mask> gw <gateway>
```
Specify:
- <ip_address> — the subnet you want to route to, e.g. 192.168.0.0;
- <mask> — the subnet mask to which you want to route, e.g. 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block.
Save the file.
Restart the network:
```
sudo /etc/init.d/networking restart
```

Connect to the server.
Create and complete a file to configure static routes:
```
echo "<ip_address>/<mask> via <gateway>" >> /etc/sysconfig/network-scripts/route-<eth_name>
```
Specify:
- <ip_address>/<mask> — the subnet to which you want to route, specifying the mask, e.g. 192.168.1.0/28;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <eth_name> — the name of the corresponding LAN interface.
If you need to add multiple routes, specify them in one command. Specify each route on a new line, for example:
```
echo "192.168.0.0/28 via 172.16.0.1
192.168.1.0/28 via 172.16.0.1" >> /etc/sysconfig/network-scripts/route-eno2
```
Restart the network:
```
systemctl restart network
```

Connect to the server via RDP or through KVM console.
Add the required routes one at a time:
```
route -p ADD <ip_address> MASK <mask> <gateway> METRIC <x>
```
Specify:
- <ip_address> — the subnet you want to route to, e.g. 192.168.0.0;
- <mask> — the subnet mask to which you want to route, e.g. 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <x> — parameter defining the priority of the specified gateway, 1 is the highest priority.

Link products through global router interconnection⁠

1. merge global routers⁠

Make sure that the subnets of the routers to be merged do not overlap — the IP addresses of each subnet must not overlap with the IP addresses of other subnets. For a list of subnets, see control panels: from the top menu, press Products → Global router → router page → tab Networks.
Create a ticket. In the ticket, specify the IDs of the global routers that you want to merge. The router IDs can be copied to control panels: from the top menu, press Products → Global router → router page → copy the ID under the router name.
Wait for a response in the ticket that the global routers have been merged.

2. Prescribe routes on the devices⁠

Write routes from the cluster to all devices on the network and from all devices on the network to the cluster.

Dedicated server, cloud based on VMware
Cloud platform

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network configuration file:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the data block of the desired network interface, add a route:
```
routes:
  - to: <ip_address>/<mask>
    via: <gateway>
```
Specify:
- <ip_address>/<mask> — the subnet to which you want to route, specifying the mask, e.g. 192.168.0.0/28;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block, for example:
```
routes:
- to: 192.168.0.0/28
    via: 172.16.0.1
- to: 192.168.1.0/28
    via: 172.16.0.1
```
Save the file.
Check the settings:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

Connect to the server.
Open the network configuration file:
```
vi  /etc/network/interfaces
```
At the end of the data block of the corresponding network interface, add the desired route:
```
up route add -net <ip_address> netmask <mask> gw <gateway>
down route del -net <ip_address> netmask <mask> gw <gateway>
```
Specify:
- <ip_address> — the subnet you want to route to, e.g. 192.168.0.0;
- <mask> — the subnet mask to which you want to route, e.g. 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block.
Save the file.
Restart the network:
```
sudo /etc/init.d/networking restart
```

Connect to the server.
Create and complete a file to configure static routes:
```
echo "<ip_address>/<mask> via <gateway>" >> /etc/sysconfig/network-scripts/route-<eth_name>
```
Specify:
- <ip_address>/<mask> — the subnet to which you want to route, specifying the mask, e.g. 192.168.1.0/28;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <eth_name> — the name of the corresponding LAN interface.
If you need to add multiple routes, specify them in one command. Specify each route on a new line, for example:
```
echo "192.168.0.0/28 via 172.16.0.1
192.168.1.0/28 via 172.16.0.1" >> /etc/sysconfig/network-scripts/route-eno2
```
Restart the network:
```
systemctl restart network
```

Connect to the server via RDP or through KVM console.
Add the required routes one at a time:
```
route -p ADD <ip_address> MASK <mask> <gateway> METRIC <x>
```
Specify:
- <ip_address> — the subnet you want to route to, e.g. 192.168.0.0;
- <mask> — the subnet mask to which you want to route, e.g. 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <x> — parameter defining the priority of the specified gateway, 1 is the highest priority.

Link a cluster on a dedicated server to other Selectel products

Link products using the service global router⁠​

1. Connect networks and subnets to the global router⁠​

2. Prescribe routes on the devices⁠​

Link products through global router interconnection⁠​

1. merge global routers⁠​

2. Prescribe routes on the devices⁠​

Link products using the service global router⁠

1. Connect networks and subnets to the global router⁠

2. Prescribe routes on the devices⁠

Link products through global router interconnection⁠

1. merge global routers⁠

2. Prescribe routes on the devices⁠