Creating a Cluster

You can create managed Kubernetes clusters for the deployment of your containerized applications. OKS enables you to start Kubernetes clusters with a predefined configuration and pre-installed essential services, so that you do not have to manage unnecessary deployments.

Creating a Cluster Using Cockpit

  1. In the Projects dashboard, click the name of the project in which you want to create a cluster.
    The project details panel appears.

  2. Click IconAddFull Create Cluster.
    The CREATE CLUSTER dialog box appears.

  3. Select the desired control plane sizing and click Next.

    For more information about control plane sizing, see Control Planes.

    The General Settings selection screen appears.

General Settings

  1. In the Name field, type a name for your cluster.

    The name must be unique and must contain between 1 and 40 alphanumeric characters and/or dashes (-). The name must start with a lowercase letter and must not end with a dash.

  2. From the Kubernetes version list, select one of the supported versions of Kubernetes.

    Existing clusters are not automatically upgraded to new Kubernetes versions. When a new version is supported by OKS, you need to manually upgrade your clusters. For more information, see Updating a Cluster > Upgrading the Kubernetes Version.

  3. (optional) In the Description field, type a description for the cluster.

  4. Check or uncheck the Disable API termination box:

    • If the box is checked, you cannot delete the project through the API.

    • If the box is unchecked, you can delete the project through the API.

  5. Click Next.
    The Network selection screen appears.

Network

  1. (optional) Enable or disable the Enable multi-Subregion button:

    • Enable the button to create a multi-Subregion cluster.

    • Disable the button to create a cluster in a specific Subregion, and select the Subregion where to deploy the control plane.

      Only high availability control plane can be deployed in a multi-Subregion cluster.

  2. (optional) If you want to define custom CIDR ranges:

    1. Switch on Edit IP range.

    2. In the Pods IP rang field, type the IP range to allocate for pods, in CIDR notation.

    3. In the Service IP range field, type the IP range to allocate for service (ClusterIP) addresses, in CIDR notation.

    4. In the Cluster’s DNS service IP, type the IP to assign to the cluster’s DNS service, in CIDR notation.

      This option is recommended for experienced users only.

      The minimal accepted prefix length is /23.

  3. In the Allowed IP addresses field, type one or more IPs allowed to access the cluster.

    Click Add my IP to add your current IP.

    If you’re using a VPN, the detected IP is your VPN’s IP. In that case, type your machine’s local IP manually.

  4. Click Next.
    The Summary screen appears.

Summary

  1. Review the settings you have specified for the cluster.

  2. Click Create.
    The cluster is created.

Creating a Cluster Using OKS CLI

Before you begin:

To create a cluster, use the cluster create command following this syntax:

Request sample: Creating a multi-Subregion cluster
$ oks-cli cluster create \
    --cluster-name NAME_OF_CLUSTER \
    --project-name NAME_OF_PROJECT \
    --admin "my-ip" \
    --version VERSION_NUMBER \
    --control-plane "cp.3.masters.small"
Request sample: Creating a single Subregion cluster
$ oks-cli cluster create \
    --cluster-name NAME_OF_CLUSTER \
    --project-name NAME_OF_PROJECT \
    --admin "IP_ADDRESS_1/CIDR_IP_ADDRESS/CIDR" \
    --version VERSION_NUMBER \
    --control-plane "cp.3.masters.small" \
    --zone 2b

This command contains the following options that you need to specify:

  • (optional) admin: The public IPs or CIDRs allowed to access the cluster at admin-level, separated by commas. If not specified, the cluster is not accessible.

    Private (RFC 1918) ranges such as 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 are not allowed (422 ValidationError).

    You can use the special value my-ip to automatically add your current IP to the list.

  • (optional) cidr-pods: The IPv4 CIDR range to allocate for pod IPs, /16 by default (10.91.0.0/16). The minimal accepted prefix length is /23.

  • (optional) cidr-service: The IPv4 CIDR range to allocate for service (ClusterIP) addresses, /16 by default (10.92.0.0/16). The minimal accepted prefix length is /23.

    • The CIDRs for your project, pods, and service must not overlap (409 ResourceConflict error).

    • IPv6 CIDRs are not supported (422 ValidationError).

  • cluster-name: The name of the cluster, with a maximum length of 40 alphanumeric characters and dashes (-). This name must start with a lowercase letter and must not end with a dash. It must be unique within the project.

  • (optional) control-plane: The desired control plane sizing. By default, cp.3.masters.small. For more information, see Control Planes.

    Only high availability control planes can be deployed in a multi-Subregion cluster.

  • (optional) cp-multi-az: Enables the multi-Subregion control plane option, to create a multi-Subregion cluster. This option is enabled by default for high availability control planes, if the Region contains at least three Subregions.

  • (optional) description: The description of the cluster you want to create.

  • (optional) disable-admission-plugins: The list of admission plugins from the default list that you want to disable.

  • (optional) disable-api-termination: The ability to delete the cluster through the API. If true, cluster deletion is disabled. If false, it is enabled.

  • (optional) dryrun: Provides an overview of the operations performed by the command without actually running it. You can use this as a safety measure to review the impact of a command before executing it.

  • (optional) enable-admission-plugins: The list of additional admission plugins you want to enable on the cluster. For more information about the admissions plugins, see the Kubernetes documentation.

  • (optional) filename: The name of the definition file that you want to create the cluster from.

  • (optional) output: The output format for the response (json | yaml). By default, the response format is JSON. The file generated with the cluster definition can be edited and applied by using the -f --filename …​ command.

  • (optional) project-name: The name of the project in which you want to create the cluster.

  • (optional) quirk: Advanced keys and parameters to pass to the control panel of the project. This option is required for feature requests.

  • (optional) tags: The tags that you want to apply to cluster nodes.

  • (optional) version: One of the supported versions of Kubernetes. For more information about the supported versions, see About OKS > Kubernetes Versions Support.

  • (optional) zone: The Subregion in which you want to deploy the cluster’s control plane.

You can display all the available options using the cluster create command following this syntax:

$ oks-cli cluster create --help

The CreateCluster command returns the following elements:

  • project_id: The ID of the project this cluster belongs to.

  • id: The Universally Unique Identifier (UUID) of the cluster.

  • name: A unique name for the cluster within the project.

  • description: An optional description of the cluster.

  • cp_multi_az: If true, multi-Subregion deployment is enabled for the control plane. If false, it is disabled.

  • cp_subregions: The Subregions on which the control plane components are deployed.

  • version: The Kubernetes version deployed for the cluster. For more information, see GetKubernetesVersions.

  • cni: The Container Network Interface (CNI) used in the cluster.

  • admin_lbu: If true, load balancer administration is enabled for cluster management. If false, it is disabled.

  • admission_flags: The configuration of the Kubernetes admission controllers.

    • disable_admission_plugins: The list of admission plugins that are disabled.

    • enable_admission_plugins: The list of admission plugins that are enabled.

    • applied_admission_plugins: The list of admission plugins that are currently applied to the cluster.

  • cidr_pods: The CIDR block of the Kubernetes pods' network.

  • cidr_service: The CIDR block of the Kubernetes services' network.

  • cluster_dns: The IP of the cluster’s DNS service.

  • tags: The tags that are applied to cluster nodes.

  • auto_maintenances: The configuration of the automated maintenance windows.

    • minor_upgrade_maintenance: The maintenance window configuration for minor Kubernetes upgrades.

      • enabled: If true, a maintenance window is enabled.

      • duration_hours: The duration of the maintenance window, in hours.

      • start_hour: The starting time of the maintenance window, in hours.

      • week_day: The weekday on which the maintenance window begins.

      • tz: The timezone for the maintenance window.

    • patch_upgrade_maintenance: The maintenance window configuration for patch Kubernetes upgrades.

      • enabled: If true, a maintenance window is enabled.

      • duration_hours: The duration of the maintenance window, in hours.

      • start_hour: The starting time of the maintenance window, in hours.

      • week_day: The weekday on which the maintenance window begins.

      • tz: The timezone for the maintenance window.

  • control_planes: The control plane sizing of the cluster.

  • admin_whitelist: The list of CIDR blocks or IP addresses allowed to access the cluster via the Kubernetes API.

  • statuses: The status information of the cluster.

    • created_at: The timestamp when the cluster was created.

    • deleted_at: The timestamp when the cluster was deleted (if applicable).

    • updated_at: The timestamp when the cluster was last updated.

    • status: The status of the cluster.

    • available_upgrade: Any available version of Kubernetes for upgrade (if applicable).

  • disable_api_termination: If true, cluster deletion through the API is disabled. If false, it is enabled.

Result sample
{
    "project_id": "877295ad-171c-4f9a-86c5-d45c8b2321fe",
    "id": "5e5b232c-b7de-4cc0-9296-faa006b8bd25",
    "name": "NAME_OF_CLUSTER",
    "description": "",
    "cp_multi_az": false,
    "cp_subregions": [
        "2a"
    ],
    "version": "1.32",
    "cni": "cilium",
    "admin_lbu": false,
    "admission_flags": {
        "disable_admission_plugins": [],
        "enable_admission_plugins": [],
        "applied_admission_plugins": [
            "ClusterTrustBundleAttest",
            "LimitRanger",
            "RuntimeClass",
            "ServiceAccount",
            "CertificateApproval",
            "ResourceQuota",
            "PodSecurity",
            "Priority",
            "NamespaceLifecycle",
            "DefaultIngressClass",
            "PersistentVolumeClaimResize",
            "ValidatingAdmissionPolicy",
            "StorageObjectInUseProtection",
            "CertificateSigning",
            "DefaultStorageClass",
            "MutatingAdmissionWebhook",
            "CertificateSubjectRestriction",
            "TaintNodesByCondition",
            "DefaultTolerationSeconds",
            "ValidatingAdmissionWebhook"
        ]
    },
    "cidr_pods": "10.91.0.0/16",
    "cidr_service": "10.92.0.0/16",
    "cluster_dns": "10.92.0.10",
    "tags": {},
    "auto_maintenances": {
        "minor_upgrade_maintenance": {
            "enabled": true,
            "duration_hours": 1,
            "start_hour": 12,
            "week_day": "Tue",
            "tz": "UTC"
        },
        "patch_upgrade_maintenance": {
            "enabled": true,
            "duration_hours": 1,
            "start_hour": 12,
            "week_day": "Tue",
            "tz": "UTC"
        }
    },
    "control_planes": "cp.mono.master",
    "admin_whitelist": [
        "1.2.3.4/32",
        "5.6.7.8/32"
    ],
    "statuses": {
        "created_at": "2025-01-01T00:02:00.000000Z",
        "updated_at": "2025-01-01T00:02:00.000001Z",
        "status": "pending",
        "available_upgrade": ""
    },
    "disable_api_termination": false
}

You can use the cluster list command to check the cluster’s status. Your cluster is created when its status changes to ready.

Related Pages

Corresponding API Method