All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Plan CIDR blocks for a cluster

Last updated:2021-05-11 10:41:31

When you create a Kubernetes cluster on Kingsoft Cloud, you must plan the cluster, pod, and Service CIDR blocks for the cluster. This topic describes the function of each CIDR block in a Kubernetes cluster deployed in Kingsoft Cloud VPC, and how to plan the CIDR blocks.

CIDR blocks in a Kubernetes cluster

Cluster CIDR block: the CIDR block of the VPC where the cluster resides. Nodes in the cluster are assigned IP addresses in this CIDR block. You can select a subnet in the VPC as the node network of the cluster. For more information about Kingsoft Cloud VPC, see VPC and subnet.

Pod CIDR block: the CIDR block from which IP addresses are assigned to pods in the cluster. You can customize three private CIDR blocks and use them as the pod CIDR block. KCE automatically allocates a 24-bit CIDR block to each KEC instance in the cluster. A KEC instance assigns IP addresses in this CIDR block to pods on the instance.

Service CIDR block: the CIDR block from which IP addresses are assigned to Services in the cluster. The Service IP addresses can be used only in the cluster.

Relationships among the cluster, pod, and Service CIDR blocks

  1. In a cluster, the cluster, pod, and Service CIDR blocks must not overlap with each other.
  2. In a VPC, the pod CIDR blocks of different clusters must not overlap with each other, but the Service CIDR blocks of different clusters can overlap with each other.

Plan the CIDR blocks

This section describes how to plan the CIDR blocks for a Kubernetes cluster in typical scenarios.

Scenario 1: one VPC and one Kubernetes cluster

The cluster CIDR block was specified when the VPC was created. When you create the Kubernetes cluster, make sure that the pod and Service CIDR blocks do not overlap with the CIDR block of the VPC.

Scenario 2: one VPC and multiple Kubernetes clusters

You can create multiple Kubernetes clusters in a VPC. Based on the network model of KCE, KCE automatically configures a route for a pod in the VPC route table, so that packets between pods and between pods and nodes are forwarded based on the VPC routes. The pod CIDR blocks of the clusters in the VPC must not overlap with each other, but the Service CIDR blocks of the clusters can overlap with each other.

Scenario 3: two connected VPCs

Peering is required to connect two VPCs. For example, VPC1 (10.0.0.0/16) and VPC2 (172.16.0.0/16) are connected by using Peering. To create a Kubernetes cluster in VPC1, make sure that the pod CIDR block of the cluster do not overlap with the CIDR blocks of VPC1 and VPC2. A Kubernetes cluster can be created in VPC2 in a similar way.

On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback