# Cluster Requirements

Subsalt provides [Terraform](https://www.terraform.io/) templates for each of the major Kubernetes cloud providers to make it easy to set up compatible clusters. The Terraform templates are accessible through [Subsalt's CLI tool](/product/subsalt-managed/installation-guide.md#install-the-subsalt-cli).

### Cluster resource requirements

* Subsalt runs on Kubernetes v1.32+, and can be deployed in multiple configurations depending on your needs. Multiple components can be deployed in a single cluster, or across multiple clusters.
  * We follow Kubernetes [release support lifecycle](https://kubernetes.io/releases/) for the versions of Kubernetes that we aim to support.
* Subsalt must have cluster-level permission to add operators at installation time.
* Below are tables that note the minimum requirements for node pools configured in each cloud environment.

### Microsoft Azure AKS

<table data-full-width="true"><thead><tr><th width="125.671875">Name</th><th width="137.546875">Node count</th><th width="228.62890625">Recommended instance type</th><th width="296.5625">Taints</th><th>Labels</th></tr></thead><tbody><tr><td>common</td><td>2 <br>(fixed)</td><td>Standard_E16s_v3</td><td></td><td>subsalt.io/node-purpose=common</td></tr><tr><td>serving</td><td>0-1<br>(auto-scaling)</td><td>Standard_NV12ads_A10_v5</td><td>nvidia.com/gpu=present:NoSchedule</td><td>subsalt.io/node-purpose=serving, subsalt.io/has-gpu=true</td></tr><tr><td>pipelines_cpu</td><td>0 - 4 <br>(auto-scaling)</td><td>Standard_E16s_v3</td><td>subsalt.io/node-purpose=pipelines:NoSchedule</td><td>subsalt.io/node-purpose=pipelines, subsalt.io/has-gpu=false</td></tr><tr><td>pipelines_gpu</td><td>0 - 3 <br>(auto-scaling)</td><td>Standard_NC8as_T4_v3</td><td>nvidia.com/gpu=present:NoSchedule</td><td>subsalt.io/node-purpose=pipelines, subsalt.io/has-gpu=true</td></tr></tbody></table>

### Amazon Web Services (AWS) EKS

<table data-full-width="true"><thead><tr><th width="134.06640625">Name</th><th width="129.78515625">Node count</th><th width="155.8046875">Recommended instance type</th><th>Taints</th><th>Labels</th></tr></thead><tbody><tr><td>common</td><td>2 <br>(fixed)</td><td>r6a.4xlarge</td><td></td><td>subsalt.io/node-purpose=common</td></tr><tr><td>serving</td><td>0-1 <br>(auto-scaling)</td><td>g5.xlarge</td><td>nvidia.com/gpu=present:NoSchedule</td><td>subsalt.io/node-purpose=serving, subsalt.io/has-gpu=true</td></tr><tr><td>pipelines_cpu</td><td>0 - 4 <br>(auto-scaling)</td><td>r6a.4xlarge</td><td>subsalt.io/node-purpose=pipelines:NoSchedule</td><td>subsalt.io/node-purpose=pipelines, subsalt.io/has-gpu=false</td></tr><tr><td>pipelines_gpu</td><td>0 - 3<br>(auto-scaling)</td><td>g5.4xlarge</td><td>nvidia.com/gpu=present:NoSchedule</td><td>subsalt.io/node-purpose=pipelines, subsalt.io/has-gpu=true</td></tr></tbody></table>

Assuming you're using EC2 autoscaling groups for cluster autoscaling the following tags will also need to be set (assumes recommended instance types).

{% hint style="info" %}
CPU and Memory values should be set to between 85-90% of the actual instance type's resource values to account for Kubernetes system pods.
{% endhint %}

#### **Serving node pool**

<table><thead><tr><th width="560.61328125">Key</th><th>Value</th></tr></thead><tbody><tr><td>k8s.io/cluster-autoscaler/node-template/resources/cpu</td><td>3</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/resources/memory</td><td>14G</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/resources/nvidia.com/gpu</td><td>1</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/taint/nvidia.com/gpu</td><td>present:NoSchedule</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/label/subsalt.io/has-gpu</td><td>true</td></tr></tbody></table>

#### **Pipelines (CPU) node pool**

<table><thead><tr><th width="559.0234375">Key</th><th>Value</th></tr></thead><tbody><tr><td>k8s.io/cluster-autoscaler/node-template/resources/cpu</td><td>14</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/resources/memory</td><td>116G</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/taint/subsalt.io/node-purpose</td><td>pipelines:NoSchedule</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/label/subsalt.io/node-purpose</td><td>pipelines</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/label/subsalt.io/has-gpu</td><td>false</td></tr></tbody></table>

#### **Pipelines (GPU) node pool**

<table><thead><tr><th width="565.48828125">Key</th><th>Value</th></tr></thead><tbody><tr><td>k8s.io/cluster-autoscaler/node-template/resources/cpu</td><td>14</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/resources/memory</td><td>56G</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/resources/nvidia.com/gpu</td><td>1</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/taint/nvidia.com/gpu</td><td>present:NoSchedule</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/label/subsalt.io/node-purpose</td><td>pipelines</td></tr><tr><td>k8s.io/cluster-autoscaler/node-template/label/subsalt.io/has-gpu</td><td>true</td></tr></tbody></table>

### Networking

#### Ingress

Subsalt requires that the cluster has an [Ingress controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/) support for web access.

There are two hosts to configure, one for the web portal and one for authentication management. They should take the form `portal.subsalt.acme.com` and `auth.subsalt.acme.com`.

[A Record's](https://www.cloudflare.com/learning/dns/dns-records/dns-a-record/) for each host should be configured in your DNS provider to point at the ingress IP address.

A certificate (TLS/SSL) should be [added to the Ingress resource](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) that accounts for both hosts. The Subsalt Helm Chart comes with [cert-manager](https://cert-manager.io/) by default which can be configured to provision the certificates and their secrets automatically.

#### Load balancer

Subsalt requires [Service (Load Balancer)](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer) support for the [query endpoint](/retrieving-data/running-queries.md) to serve synthetic data.

An [A Record](https://www.cloudflare.com/learning/dns/dns-records/dns-a-record/) should be configured in your DNS provider to point at this load balancer's IP address.

### Other

If your team uses another Kubernetes provider (IBM, DigitalOcean, etc), please reach out and we can find a way to support your deployment.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.subsalt.io/product/subsalt-managed/cluster-requirements.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.