Home / server / Questions / 993417
Accepted
Meghana B Srinath
Asked: 2019-11-27 21:14:18 +0800 CST

Master ipv4 CIDR configuration for private cluster in GCP

  • 772

I'm trying to create a private cluster in GCP as per the steps mentioned here: https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters

As per this, the ipv4 address for the master node is set to 172.16.0.32/28. I have also seen that the same CIDR blocks are used in many other examples as well. Is there a restriction that only this particular CIDR block should be used for master when configuring a GKE private cluster? If yes, then, can my VPC/subnets have a different range of CIDR , for ex, 10.1.0.0/16? As in, can the master node reside in one subnet and the nodes in a different subnet?

If there is no restriction on the master ipv4 address range, then can I use any RFC1918 range for this?

networking

1 Answers

  1. Best Answer

    The only restrictions, based on [1] public documentation, are:

    Restrictions

    Private clusters have the following restrictions:

    • ...

    • You cannot use a cluster master, node, Pod, or Service IP range that overlaps with 172.17.0.0/16.

    • ...

    Limitations

    Private clusters have the following limitations:

    • Each private cluster you create uses a unique VPC Network Peering.

    • Each VPC network can peer with up to 25 other VPC networks.

    • The size of the RFC 1918 block for the cluster master must be /28.

    • While GKE can detect overlap with the cluster master address block, it cannot detect overlap within a shared VPC network.

    So basically you can use any private ip range that does not violates any of the rules stated before.

    [1] https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#limitations

    • 1