alex-dabija
commented
2 years ago The service CIDR is configurable. Please, see my comments on the Configurable pod CIDR issue.
Closed alex-dabija closed 2 years ago
alex-dabija
commented
2 years ago The service CIDR is configurable. Please, see my comments on the Configurable pod CIDR issue.
alex-dabija
commented
2 years ago List of service CRs with their IPs:
❯ kubectl get services -A -o wide
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default kubernetes ClusterIP 172.16.0.1 <none> 443/TCP 3h44m <none>
giantswarm chart-operator ClusterIP 172.16.189.153 <none> 8000/TCP 3h37m app.kubernetes.io/instance=chart-operator,app.kubernetes.io/name=chart-operator
kube-system cert-exporter-daemonset ClusterIP 172.16.189.180 <none> 9005/TCP 3h33m app.kubernetes.io/instance=cert-exporter,app.kubernetes.io/name=cert-exporter-daemonset
kube-system cert-exporter-deployment ClusterIP 172.16.53.214 <none> 9005/TCP 3h33m app.kubernetes.io/instance=cert-exporter,app.kubernetes.io/name=cert-exporter-deployment
kube-system cert-manager-controller ClusterIP 172.16.168.75 <none> 9402/TCP 3h30m app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cert-manager
kube-system cert-manager-webhook ClusterIP 172.16.10.10 <none> 443/TCP 3h30m app.kubernetes.io/component=webhook,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cert-manager
kube-system coredns ClusterIP 172.16.0.10 <none> 53/UDP,53/TCP,9153/TCP 3h42m k8s-app=coredns
kube-system ebs-csi-controller ClusterIP 172.16.168.109 <none> 8610/TCP 3h33m app=ebs-csi-controller
kube-system external-dns-monitoring ClusterIP None <none> 7979/TCP 3h30m app=external-dns
kube-system kiam-agent ClusterIP None <none> 9620/TCP 3h27m app=kiam,component=kiam-agent
kube-system kiam-server ClusterIP None <none> 9620/TCP,6443/TCP 3h27m app=kiam,component=kiam-server
kube-system kube-state-metrics ClusterIP 172.16.173.251 <none> 8080/TCP 3h30m app.kubernetes.io/instance=kube-state-metrics,app.kubernetes.io/name=kube-state-metrics
kube-system metrics-server ClusterIP 172.16.185.7 <none> 443/TCP 3h30m app=metrics-server
kube-system net-exporter ClusterIP 172.16.32.44 <none> 8000/TCP 3h30m app=net-exporter
kube-system node-exporter ClusterIP 172.16.251.50 <none> 10300/TCP 3h33m app.kubernetes.io/instance=node-exporter,app.kubernetes.io/name=node-exporter
kube-system vertical-pod-autoscaler-recommender ClusterIP None <none> 8942/TCP 3h26m app.kubernetes.io/component=recommender,app.kubernetes.io/instance=vertical-pod-autoscaler,app.kubernetes.io/name=vertical-pod-autoscaler-app
kube-system vertical-pod-autoscaler-updater ClusterIP None <none> 8943/TCP 3h26m app.kubernetes.io/component=updater,app.kubernetes.io/instance=vertical-pod-autoscaler,app.kubernetes.io/name=vertical-pod-autoscaler-app
kube-system vertical-pod-autoscaler-webhook ClusterIP 172.16.140.105 <none> 443/TCP,8944/TCP 3h26m app.kubernetes.io/component=admission-controller,app.kubernetes.io/instance=vertical-pod-autoscaler,app.kubernetes.io/name=vertical-pod-autoscaler-app
Story
-As a cluster operator, I want to configure the cluster's service CIDR in order to ensure that workloads running on the cluster can communicate with systems running in other peered VPCs or onprem networks.
Background
Customers need more control over the IP ranges used by their infrastructure in order to ensure that workloads running in different VPCs or data centers can talk to each other. The service CIDR must not overlap with any potential destination IP outside the cluster.
Resources