Enable private clusters

This feature is currently locked behind a feature flag and has not been released as GA (general availability) yet. Open a ticket with STACKIT Support to request access for your organization or project.

Read the Private clusters section under Networking to understand what private clusters are and how they fit into the overall architecture.

Prerequisites

Before you can enable private clusters in SKE, ensure your setup meets the following requirements:

• Your project must be part of an SNA before you can set cluster accessScope: "SNA".
• Routing tables must be enabled for your SNA.
• A public DNS server must be used for the network that your SKE cluster is deployed in.

Configuration

Currently, private clusters can only be enabled via CLI:

Via CLI

1. Generate and fetch a basic cluster configuration using the STACKIT CLI.

2. Modify the following part of the configuration to enable the private cluster feature:

   {
     "network": {
       ...
       "controlPlane": {
         "accessScope": "SNA"
       }
     }
   }

3. Use the following command to create a private SKE cluster using the modified configuration:

   stackit ske cluster create -p <PROJECT_ID> <CLUSTER_NAME> --payload @cluster-configuration.json

You can now utilize your private SKE cluster.