May 20, 2020 By Brandon Palm 2 min read

IBM Cloud Kubernetes Service has recently released new functionality to help prevent subnet overlap in VPC Generation 2 compute.

When you create a community Kubernetes cluster, you can use custom subnets for the pod and service IP ranges in your cluster. This custom subnet’s integration is now enhanced to prevent the pod subnet and existing subnets for worker nodes from overlapping in your VPC Generation 2 infrastructure.

What are the benefits of this functionality? 

VPC environments can encompass more than just Kubernetes clusters. For example, you might have VMs that are allocated on existing subnets in a VPC. When you create a cluster in that same VPC, this functionality ensures that the subnets for your worker nodes do not overlap with those existing subnets and that your pods can properly contact resources on those existing subnets.

This will also allow certain performance improvements to IBM Cloud Kubernetes Service subnet routing in the future.

Default pod and service subnets

When you provision a new VPC Gen 2 cluster and use the default pod and service subnets, logic is in place to automatically allocate a non-overlapping subnet to be used for pod IP addresses.

For example, in the first cluster that you create in a Gen 2 VPC (unless there are existing worker subnets already allocated), these are the new default pod and service subnets:

  • Pod subnet: 172.17.0.0/18
  • Service subnet: 172.21.0.0/16

When you create a second cluster in that VPC, these are the default pod and service subnets:

  • Pod subnet: 172.17.64.0/18
  • Service subnet: 172.21.0.0/16

Note that in the second cluster, the pod subnet that is allocated is the next available non-overlapping /18 subnet. The service subnet range remains the same.

Custom pod and service subnets

When you provision a new VPC Gen 2 cluster and bring your own pod and service subnets, the same non-overlapping subnet logic is in place to detect and prevent subnets from overlapping between clusters in your Gen 2 VPC.

If you plan to have a cluster with a lot of pods, you should consider having a custom pod subnet that is /16 or /17 to make sure that the cluster does not run out of pod IPs.

While the IBM Cloud Kubernetes Service will try to mitigate subnet overlaps, you still have to make sure when creating additional subnets in your VPC that it doesn’t overlap existing IBM Cloud Kubernetes Service pod or service subnets in that VPC.

More documentation

Please visit our official documentation for more information about VPC subnets.

Contact us

If you have questions, engage our team via Slack by registering here and join the discussion in the #general channel on our public IBM Cloud Kubernetes Service Slack.

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters