I have been getting queries , around Objects networking. Networking requirement is pretty simple for Objects but when it comes to fine tuning network for your new production deployment, there are few aspects we can consider.
I did covered some networking aspect in this post, but I thought to write entire series on this. Please let me know if you have any further feedback on this.
Configuring DNS server in Prism Central Or IPAM network:
All the Objects services are containerised and are downloaded during deployment from the central Nutanix repository. Deployment workflow is driven from Prism Central, so it must reach to the internet in order to download all required Objects images. Make sure you configured DNS server on Prism Central before initiating the deployment.
During the Objects deployment, Microservice platform will be deployed and it will be used for Objects service deployment. Microservice platform has multiple components in order to support Objects service. These infra components uses secure shell protocol to communicate among themselves which requires reverse DNS resolution. Make sure you configure a valid DNS server while creating your IPAM network on underlying AOS cluster which you will use for the Objects deployment.
Deciding on the domain name: Should I use my corporate domain name Or use subdomain name Or create new one?
Objects does not have any restriction on using domain name or subdomain name. For Example, you can use domain.com or sub.domain.com, whichever is more relevant to you.
But any domain or subdomain you choose, should be dedicated to Objects deployment. This means that you should not use that domain or subdomain to host any other service but Objects. During deployment Microservice platform deploys its own internal DNS server for internal service communication. This DNS server is not exposed to any other entity outside of Microservice platform. And it uses the domain name which you specified on the deployment UI to configure its internal DNS service.
If you use the existing domain name for Objects deployment, then that may create conflicts while resolving internal services on Microservice platform.
Today, only one domain name per Prism Central is supported. Domain name provided during the first Objects deployment will be used for all the subsequent Objects deployment on the Prism Central. This can not be changed.
Q: How many IPs do I need in IPAM network:
One of the prerequisites for Objects deployment is to have an IPAM network on your AOS cluster. Below chart gives you a quick info on how many VMs will be created post Objects deployment (based on Objects deployment size).
| Deployment Size | Num Objects Nodes deployed | Num of Load Balancers deployed |
|---|---|---|
| Small | 3 | 2 |
| Medium | 4 | 3 |
| Large | 5 | 4 |
| Custom | 1-n (10vCPUs per node) | 1-4 |
From the above table, you can see Small deployment will create at least 5 VMs, and all these VMs will get one IP address from VLAN given for *Internal Access Network*. So keeping at least 7 IPs in your IPAM IP Pool should be good .
Similarly, for Medium deployment, you should have at least 9 IPs, and for Large deployment, you should have at least 11 IPs.
If you select Custom option during deployment and plan to deploy lets say 16 Node cluster, then you should see 16 Objects nodes and 4 load balancers deployed. In this case, you should keep around 22 IPs in the IP pool.
Apart from these IPs, deployment wizard asks you for 6 static IPs which should be outside of the IP Pool you configured in IPAM network but these IPs should be part of the same vlan. IPs given for “Internal Access IPs” will be used by critical infra services to achieve high availability and other 4 IPs will be given to Objects load balancers.
