Private cluster support

Each type of network architecture supported by CDP has a unique set of tradeoffs among ease of setup, security, workloads (Experiences) supported, and so on.

Private Clusters provide a simple way to create a secure cluster, where the API server and the workloads themselves only rely on private IP addresses that are not accessible from the internet. Connectivity to the cluster from the CDP control plane is provided by the Cluster Connectivity Manager v2 (CCM v2). CCMv2 uses an agent running in the cluster, and an inverting proxy running on CDP, which creates a HTTPS tunnel between the workload and the control plane.