Subnets and Pods
Some subnets are reserved by Kubernetes and can prevent proper cluster deployment if you unknowingly configure DKP so that the Node subnet collides with either the Pod or Service subnet.
Ensure your subnets do not overlap with your host subnet because they cannot be changed after cluster creation. If you need to change the Kubernetes subnets, you must do this at cluster creation.
The default subnets used in DKP are:
spec:
clusterNetwork:
pods:
cidrBlocks:
- 192.168.0.0/16
services:
cidrBlocks:
- 10.96.0.0/12
In Konvoy, the default pod subnet is 192.168.0.0/16, and the default service subnet is 10.96.0.0/12. If you wish to change the subnets you can do so with the following steps:
Generate the YAML manifests for the cluster using the
--dry-run
and-o yaml
flags, along with the desireddkp cluster create
command:CODEdkp create cluster preprovisioned --cluster-name ${CLUSTER_NAME} --control-plane-endpoint-host <control plane endpoint host> --control-plane-endpoint-port <control plane endpoint port, if different than 6443> --dry-run -o yaml > cluster.yaml
To modify the service subnet, add or edit the
spec.clusterNetwork.services.cidrBlocks
field of theCluster
object:CODEkind: Cluster spec: clusterNetwork: services: cidrBlocks: - 10.0.0.0/12
To modify the pod subnet, edit the
Cluster
and calico-cniConfigMap
resources:Cluster: Add or edit the
spec.clusterNetwork.pods.cidrBlocks
field:CODEkind: Cluster spec: clusterNetwork: pods: cidrBlocks: - 172.16.0.0/16
ConfigMap: Edit the
data."custom-resources.yaml".spec.calicoNetwork.ipPools.cidr
field with your desired pod subnet:CODEapiVersion: v1 data: custom-resources.yaml: | apiVersion: operator.tigera.io/v1 kind: Installation metadata: name: default spec: # Configures Calico networking. calicoNetwork: # Note: The ipPools section cannot be modified post-install. ipPools: - blockSize: 26 cidr: 172.16.0.0/16 kind: ConfigMap metadata: name: calico-cni-<cluter-name>
When you provision the cluster, the configured pod and service subnets will be applied.