how to get service_cidr and pod_cidr in aws

[pieterlange]

You should know this as it's a required (though possibly defaulted) parameter in whatever tool you use to bootstrap your cluster.

Your API server is probably started with a --service-cluster-ip-range= parameter. The overlay network should have the pod IP space.

[hd-deman]

@pieterlange but, the docs say that its required https://github.com/pieterlange/kube-openvpn/blob/master/docs/variables.md

[pieterlange]

Yes, they are required but it is highly dependent on your cluster configuration. I can't possibly go into every configuration, but here are some pointers on how to find your IP ranges:

Obtain the cluster service cidr by looking at your kubernetes API server startup parameters and look for the --service-cluster-ip-range argument. This should contain your service CIDR. To get you started: kubectl get pods -n kube-system kube-apiserver-ip-172-20-33-73.eu-west-1.compute.internal -o json | jq .spec.containers[].command.

Obtaining the pod IP space depends on your cluster overlay network tool. Look at the configuration variables for your overlay network. For calico, look at the CALICO_IPV4POOL_CIDR environment variable for one of your calico node pods.